💾 Archived View for clemat.is › saccophore › library › ezines › textfiles › ezines › HWA › hwa-hn27.… captured on 2022-01-08 at 15:59:56.
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
==========================================================================
= <=-[ HWA.hax0r.news ]-=> =
==========================================================================
[=HWA'99=] Number 27 Volume 1 1999 July 31st 99
==========================================================================
[ 61:20:6B:69:64:20:63:6F:75: ]
[ 6C:64:20:62:72:65:61:6B:20:74:68:69:73: ]
[ 20:22:65:6E:63:72:79:70:74:69:6F:6E:22:! ]
==========================================================================
New mirror site, Stefan did a *very* nice job on this check it out,
http://www.alldas.de/hwaidx1.htm
HWA.hax0r.news is sponsored by Cubesoft communications www.csoft.net
and www.digitalgeeks.com thanks to p0lix for the digitalgeeks bandwidth
and airportman for the Cubesoft bandwidth. Also shouts out to all our
mirror sites! tnx guys.
http://www.csoft.net/~hwa
http://www.digitalgeeks.com/hwa
HWA.hax0r.news Mirror Sites:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.alldas.de/hwaidx1.htm ** NEW **
http://www.csoft.net/~hwa/
http://www.digitalgeeks.com/hwa.
http://members.tripod.com/~hwa_2k
http://welcome.to/HWA.hax0r.news/
http://www.attrition.org/~modify/texts/zines/HWA/
http://archives.projectgamma.com/zines/hwa/.
http://www.403-security.org/Htmls/hwa.hax0r.news.htm
SYNOPSIS (READ THIS)
--------------------
The purpose of this newsletter is to 'digest' current events of interest
that affect the online underground and netizens in general. This includes
coverage of general security issues, hacks, exploits, underground news
and anything else I think is worthy of a look see. (remember i'm doing
this for me, not you, the fact some people happen to get a kick/use
out of it is of secondary importance).
This list is NOT meant as a replacement for, nor to compete with, the
likes of publications such as CuD or PHRACK or with news sites such as
AntiOnline, the Hacker News Network (HNN) or mailing lists such as
BUGTRAQ or ISN nor could any other 'digest' of this type do so.
It *is* intended however, to compliment such material and provide a
reference to those who follow the culture by keeping tabs on as many
sources as possible and providing links to further info, its a labour
of love and will be continued for as long as I feel like it, i'm not
motivated by dollars or the illusion of fame, did you ever notice how
the most famous/infamous hackers are the ones that get caught? there's
a lot to be said for remaining just outside the circle... <g>
@HWA
=-----------------------------------------------------------------------=
Welcome to HWA.hax0r.news ... #27
=-----------------------------------------------------------------------=
We could use some more people joining the channel, its usually pretty
quiet, we don't bite (usually) so if you're hanging out on irc stop
by and idle a while and say hi...
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*** ***
*** please join to discuss or impart news on techno/phac scene ***
*** stuff or just to hang out ... someone is usually around 24/7***
*** ***
*** Note that the channel isn't there to entertain you its for ***
*** you to talk to us and impart news, if you're looking for fun***
*** then do NOT join our channel try #weirdwigs or something... ***
*** we're not #chatzone or #hack ***
*** ***
*******************************************************************
=-------------------------------------------------------------------------=
Issue #27
=--------------------------------------------------------------------------=
[ INDEX ]
=--------------------------------------------------------------------------=
Key Intros
=--------------------------------------------------------------------------=
00.0 .. COPYRIGHTS ......................................................
00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC .......................
00.2 .. SOURCES .........................................................
00.3 .. THIS IS WHO WE ARE ..............................................
00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?..........................
00.5 .. THE HWA_FAQ V1.0 ................................................
=--------------------------------------------------------------------------=
Key Content
=--------------------------------------------------------------------------=
01.0 .. GREETS ..........................................................
01.1 .. Last minute stuff, rumours, newsbytes ...........................
01.2 .. Mailbag .........................................................
02.0 .. From the Editor..................................................
03.0 .. l0pht releases AntiSniff - Press release.........................
04.0 .. Pixar to remake TRON?............................................
05.0 .. Meet the fed (zdtv:Defcon).......................................
06.0 .. Poulsen at DefCon................................................
07.0 .. Y2K Situation in Europe..........................................
08.0 .. Applied Maximum Internet Security................................
09.0 .. HPSBUX9907-100 CDE Leaves Current Directory in root PATH.........
10.0 .. Tiger vulnerability..............................................
11.0 .. Tattooman (Ken Williams) climbs back in the ring.................
12.0 .. UPDATE ON THE PACKET STORM WEB SITE SITUATION....................
13.0 .. Piracy is Big Business for Some .................................
14.0 .. Mitnick sentencing postponed again...............................
15.0 .. Military Reserves to be Used for Cyber Defense ..................
16.0 .. Kodak's new PROM copy-killer?....................................
17.0 .. Sandstorm Releases New Version of Phone Sweep ...................
18.0 .. Major FUD - US Under Attack by Russians..........................
19.0 .. BO2K and SMS, Which One is Evil? ................................
20.0 .. The Last True Hacker ............................................
21.0 .. One Russian ISP Standing Up to FSB ..............................
22.0 .. Gameboy steals cars, makes free fone calls.......................
23.0 .. Mitnick Retains High Profile Lawyer For State Case ..............
24.0 .. Back Orifice for Macintosh? .....................................
25.0 .. AOL Criminals Busted ............................................
26.0 .. Press Does Not Know What to Say About BO2K ......................
27.0 .. UCITA Moves Forward - Will Remove Vendor Liability...............
28.0 .. NSC Proposes FidNet - Infrastructure Protection or Surveillance Tool?
29.0 .. Local Cops Funded by IT Industry ................................
30.0 .. Two Arrested for Corporate Espionage ............................
31.0 .. Virus Infestations On the Rise ..................................
32.0 .. Granny Hacker from Heck visits Def Con parts 1 to 3..............
33.0 .. FidNet Causing Massive Confusion ................................
34.0 .. Lawmakers Want Drug Info Off the Net ............................
35.0 .. Reno Wants Inet Crypto Banned ...................................
36.0 .. CCC Camp Happens Next Weekend ...................................
37.0 .. Computer Criminal Busted in UK ..................................
38.0 .. Researching an attack (KeyRoot) by Mnemonic.......................
39.0 .. Win98 Security Issues A KeyRoot/gH Advisory by Mnemonic...........
40.0 .. WLDoTrans.asp allows CC retrieval A gH Advisory by Mnemonic.......
41.0 .. bad CGI scripts allow web access A gH Advisory by Mnemonic........
42.0 .. Can my firewall protect me? by Mnemonic...........................
43.0 .. How company specific programs can be used against the company by Mnemonic
44.0 .. Exploiting the netware bindery by Mnemonic........................
45.0 .. Tax Break for Key Escrow Crypto ..................................
46.0 .. NSA Claims Israel Attacking US ...................................
47.0 .. Jail Time for Users of Crypto ....................................
48.0 .. Office97 Users Ripe for the Picking ..............................
49.0 .. China Sends Pirate to Jail .......................................
50.0 .. MITNICK: FEDERAL GOVERNMENT MANIPULATED THE FACTS.................
51.0 .. ISPS ACCUSE CHINA OF INFOWAR......................................
52.0 .. PETERSEN INTERVIEW: TRADING CYBERCRIME FOR CYBERPORN..............
53.0 .. GHOSTS IN THE MACHINE.............................................
54.0 .. DATABASE PROTECTIONS OK-D.........................................
55.0 .. YET ANOTHER SITE SPITTING OUT PERSONAL INFO.......................
56.0 .. CALIFORNIA ADOPTS DIGITAL SIGNATURE LAW...........................
57.0 .. NEW AMMO AGAINST VIRUSES..........................................
58.0 .. DOE SECRETARY ORDERS SECURITY BREAK...............................
59.0 .. EU MEMBERS NOT FOLLOWING DATA-PROTECTION RULES....................
60.0 .. EXPERTS WARN ABOUT NEW Y2K-THREAT.................................
61.0 .. WILL YOUR CABLE MODEM CENSOR THE WEB?.............................
62.0 .. UNMASKING ANONYMOUS POSTERS.......................................
63.0 .. AOL Y2KFIX: A HOAX DISGUISED AS A HOAX?...........................
64.0 .. NO FBI SURVEILLANCE AFTER CRITICISMS..............................
65.0 .. FEDS CRACK DOWN ON Y2K FRAUD......................................
66.0 .. RED HAT DELIVERS LINUX E-COMMERCE SERVER..........................
67.0 .. HACKING IN 1999 ..................................................
68.0 .. Y2k crash test for Windows and DOS................................
69.0 .. CASSANDRA GOLD....................................................
70.0 .. BELL CANADA Y2k TEST..............................................
71.0 .. [RHSA-1999:025-01] Potential misuse of squid cachemgr.cgi ........
72.0 .. [RHSA-1999:022-03] New Samba pacakges available (updated).........
73.0 .. CERT� Advisory CA-99-10 Insecure Default Configuration on RaQ2 Servers
74.0 .. MS Security Bulletin: Patch Available for "Malformed Dialer Entry" Vulnerability
75.0 .. Senate asks for input into information infrastructure protection plan
76.0 .. FBI: beware outside Y2K workers...................................
77.0 .. HPSBUX9907-101 Security Vulnerability Software Distributor (SD)...
78.0 .. NSA spying on Americans? (who ya kidding??? of COURSE they are)...
79.0 .. AOL messaging policy might risk cable deals ......................
80.0 .. Study calls for reserve virtual IT warfare unit...................
81.0 .. CERT IN-99-04: Similar Attacks Using Various RPC Services.........
=--------------------------------------------------------------------------=
AD.S .. Post your site ads or etc here, if you can offer something in return
thats tres cool, if not we'll consider ur ad anyways so send it in.
ads for other zines are ok too btw just mention us in yours, please
remember to include links and an email contact. Corporate ads will
be considered also and if your company wishes to donate to or
participate in the upcoming Canc0n99 event send in your suggestions
and ads now...n.b date and time may be pushed back join mailing list
for up to date information.......................................
Current dates: Aug19th-22nd Niagara Falls... .................
Ha.Ha .. Humour and puzzles ............................................
Hey You!........................................................
=------=........................................................
Send in humour for this section! I need a laugh and its hard to
find good stuff... ;)...........................................
SITE.1 .. Featured site, .................................................
H.W .. Hacked Websites ...............................................
A.0 .. APPENDICES......................................................
A.1 .. PHACVW linx and references......................................
=--------------------------------------------------------------------------=
@HWA'99
00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE
OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO
WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT
(LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST
READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ).
Important semi-legalese and license to redistribute:
YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF
AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE
ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED
IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE
APPRECIATED the current link is http://welcome.to/HWA.hax0r.news
IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK
ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL
ME PRIVATELY current email cruciphux@dok.org
THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL
WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL
THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS:
I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE
AND REDISTRIBUTE/MIRROR. - EoD
Although this file and all future issues are now copyright, some of
the content holds its own copyright and these are printed and
respected. News is news so i'll print any and all news but will quote
sources when the source is known, if its good enough for CNN its good
enough for me. And i'm doing it for free on my own time so pfffft. :)
No monies are made or sought through the distribution of this material.
If you have a problem or concern email me and we'll discuss it.
cruciphux@dok.org
Cruciphux [C*:.]
00.1 CONTACT INFORMATION AND MAIL DROP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wahoo, we now have a mail-drop, if you are outside of the U.S.A or
Canada / North America (hell even if you are inside ..) and wish to
send printed matter like newspaper clippings a subscription to your
cool foreign hacking zine or photos, small non-explosive packages
or sensitive information etc etc well, now you can. (w00t) please
no more inflatable sheep or plastic dog droppings, or fake vomit
thanks.
Send all goodies to:
HWA NEWS
P.O BOX 44118
370 MAIN ST. NORTH
BRAMPTON, ONTARIO
CANADA
L6V 4H5
WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are
~~~~~~~ reading this from some interesting places, make my day and get a
mention in the zine, send in a postcard, I realize that some places
it is cost prohibitive but if you have the time and money be a cool
dude / gal and send a poor guy a postcard preferably one that has some
scenery from your place of residence for my collection, I collect stamps
too so you kill two birds with one stone by being cool and mailing in a
postcard, return address not necessary, just a "hey guys being cool in
Bahrain, take it easy" will do ... ;-) thanx.
Ideas for interesting 'stuff' to send in apart from news:
- Photo copies of old system manual front pages (optionally signed by you) ;-)
- Photos of yourself, your mom, sister, dog and or cat in a NON
compromising position plz I don't want pr0n. <g>
- Picture postcards
- CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250
tapes with hack/security related archives, logs, irc logs etc on em.
- audio or video cassettes of yourself/others etc of interesting phone
fun or social engineering examples or transcripts thereof.
Stuff you can email:
- Prank phone calls in .ram or .mp* format
- Fone tones and security announcements from PBX's etc
- fun shit you sampled off yer scanner (relevant stuff only like #2600 meeting activities)
- reserved for one smiley face -> :-) <-
- PHACV lists of files that you have or phac cd's you own (we have a burner, *g*)
- burns of phac cds (email first to make sure we don't already have em)
- Any and all telephone sounds/tones/beeps/trunk drops/line tests/etc in .ram etc format or .mp*
If you still can't think of anything you're probably not that interesting
a person after all so don't worry about it <BeG>
Our current email:
Submissions/zine gossip.....: hwa@press.usmc.net
Private email to editor.....: cruciphux@dok.org
Distribution/Website........: sas72@usa.net
@HWA
00.2 Sources ***
~~~~~~~~~~~
Sources can be some, all, or none of the following (by no means complete
nor listed in any degree of importance) Unless otherwise noted, like msgs
from lists or news from other sites, articles and information is compiled
and or sourced by Cruciphux no copyright claimed.
News & I/O zine ................. <a href="http://www.antionline.com/">http://www.antionline.com/</a>
Back Orifice/cDc..................<a href="http://www.cultdeadcow.com/">http://www.cultdeadcow.com/</a>
News site (HNN) .....,............<a href="http://www.hackernews.com/">http://www.hackernews.com/</a>
Help Net Security.................<a href="http://net-security.org/">http://net-security.org/</a>
News,Advisories,++ .(lophtcrack)..<a href="http://www.l0pht.com/">http://www.l0pht.com/</a>
NewsTrolls .(daily news ).........<a href="http://www.newstrolls.com/">http://www.newstrolls.com/</a>
News + Exploit archive ...........<a href="http://www.rootshell.com/beta/news.html">http://www.rootshell.com/beta/news.html</a>
CuD Computer Underground Digest...<a href="http://www.soci.niu.edu/~cudigest">http://www.soci.niu.edu/~cudigest</a>
News site+........................<a href="http://www.zdnet.com/">http://www.zdnet.com/</a>
News site+Security................<a href="http://www.gammaforce.org/">http://www.gammaforce.org/</a>
News site+Security................<a href="http://www.projectgamma.com/">http://www.projectgamma.com/</a>
News site+Security................<a href="http://securityhole.8m.com/">http://securityhole.8m.com/</a>
News site+Security related site...<a href="http://www.403-security.org/">http://www.403-security.org/</a>
News/Humour site+ ................<a href="http://www.innerpulse.com/>http://www.innerpulse.com</a>
News/Techie news site.............<a href="http://www.slashdot.org/>http://www.slashdot.org</a>
+Various mailing lists and some newsgroups, such as ...
+other sites available on the HNN affiliates page, please see
http://www.hackernews.com/affiliates.html as they seem to be popping up
rather frequently ...
http://www.the-project.org/ .. IRC list/admin archives
http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk
alt.hackers.malicious
alt.hackers
alt.2600
BUGTRAQ
ISN security mailing list
ntbugtraq
<+others>
NEWS Agencies, News search engines etc:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.cnn.com/SEARCH/
<a href="http://www.cnn.com/SEARCH/">Link</a>
http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0
<a href="http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0">Link</a>
http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack
<a href="http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack">Link</a>
http://www.ottawacitizen.com/business/
<a href="http://www.ottawacitizen.com/business/">Link</a>
http://search.yahoo.com.sg/search/news_sg?p=hack
<a href="http://search.yahoo.com.sg/search/news_sg?p=hack">Link</a>
http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack
<a href="http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack">Link</a>
http://www.zdnet.com/zdtv/cybercrime/
<a href="http://www.zdnet.com/zdtv/cybercrime/">Link</a>
http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column)
<a href="http://www.zdnet.com/zdtv/cybercrime/chaostheory/">Link</a>
NOTE: See appendices for details on other links.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm
<a href="http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm">Link</a>
http://freespeech.org/eua/ Electronic Underground Affiliation
<a href="http://freespeech.org/eua/">Link</a>
http://ech0.cjb.net ech0 Security
<a href="http://ech0.cjb.net">Link</a>
http://axon.jccc.net/hir/ Hackers Information Report
<a href="http://axon.jccc.net/hir/">Link</a>
http://net-security.org Net Security
<a href="http://net-security.org">Link</a>
http://www.403-security.org Daily news and security related site
<a href="http://www.403-security.org">Link</a>
Submissions/Hints/Tips/Etc
~~~~~~~~~~~~~~~~~~~~~~~~~~
All submissions that are `published' are printed with the credits
you provide, if no response is received by a week or two it is assumed
that you don't care wether the article/email is to be used in an issue
or not and may be used at my discretion.
Looking for:
Good news sites that are not already listed here OR on the HNN affiliates
page at http://www.hackernews.com/affiliates.html
Magazines (complete or just the articles) of breaking sekurity or hacker
activity in your region, this includes telephone phraud and any other
technological use, abuse hole or cool thingy. ;-) cut em out and send it
to the drop box.
- Ed
Mailing List Subscription Info (Far from complete) Feb 1999
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
ISS Security mailing list faq : http://www.iss.net/iss/maillist.html
THE MOST READ:
BUGTRAQ - Subscription info
~~~~~~~~~~~~~~~~~~~~~~~~~~~
What is Bugtraq?
Bugtraq is a full-disclosure UNIX security mailing list, (see the info
file) started by Scott Chasin <chasin@crimelab.com>. To subscribe to
bugtraq, send mail to listserv@netspace.org containing the message body
subscribe bugtraq. I've been archiving this list on the web since late
1993. It is searchable with glimpse and archived on-the-fly with hypermail.
Searchable Hypermail Index;
http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
<a href="http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html">Link</a>
About the Bugtraq mailing list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following comes from Bugtraq's info file:
This list is for *detailed* discussion of UNIX security holes: what they are,
how to exploit, and what to do to fix them.
This list is not intended to be about cracking systems or exploiting their
vulnerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.
Please refrain from posting one-line messages or messages that do not contain
any substance that can relate to this list`s charter.
I will allow certain informational posts regarding updates to security tools,
documents, etc. But I will not tolerate any unnecessary or nonessential "noise"
on this list.
Please follow the below guidelines on what kind of information should be posted
to the Bugtraq list:
+ Information on Unix related security holes/backdoors (past and present)
+ Exploit programs, scripts or detailed processes about the above
+ Patches, workarounds, fixes
+ Announcements, advisories or warnings
+ Ideas, future plans or current works dealing with Unix security
+ Information material regarding vendor contacts and procedures
+ Individual experiences in dealing with above vendors or security organizations
+ Incident advisories or informational reporting
Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq
reflector address if the response does not meet the above criteria.
Remember: YOYOW.
You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of
those words without your permission in any medium outside the distribution of this list may be challenged by you, the author.
For questions or comments, please mail me:
chasin@crimelab.com (Scott Chasin)
Crypto-Gram
~~~~~~~~~~~
CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses,
insights, and commentaries on cryptography and computer security.
To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a
blank message to crypto-gram-subscribe@chaparraltree.com.� To unsubscribe,
visit http://www.counterpane.com/unsubform.html.� Back issues are available
on http://www.counterpane.com.
CRYPTO-GRAM is written by Bruce Schneier.� Schneier is president of
Counterpane Systems, the author of "Applied Cryptography," and an inventor
of the Blowfish, Twofish, and Yarrow algorithms.� He served on the board of
the International Association for Cryptologic Research, EPIC, and VTW.� He
is a frequent writer and lecturer on cryptography.
CUD Computer Underground Digest
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This info directly from their latest ish:
Computer underground Digest��� Sun� 14 Feb, 1999�� Volume 11 : Issue 09
�����
��������������������� ISSN� 1004-042X
������ Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
������ News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
������ Archivist: Brendan Kehoe
������ Poof Reader:�� Etaion Shrdlu, Jr.
������ Shadow-Archivists: Dan Carosone / Paul Southworth
������������������������� Ralph Sims / Jyrki Kuoppala
������������������������� Ian Dickinson
������ Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
[ISN] Security list
~~~~~~~~~~~~~~~~~~~
This is a low volume list with lots of informative articles, if I had my
way i'd reproduce them ALL here, well almost all .... ;-) - Ed
Subscribe: mail majordomo@repsec.com with "subscribe isn".
@HWA
00.3 THIS IS WHO WE ARE
~~~~~~~~~~~~~~~~~~
Some HWA members and Legacy staff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cruciphux@dok.org.........: currently active/editorial
darkshadez@ThePentagon.com: currently active/man in black
fprophet@dok.org..........: currently active/IRC+ man in black
sas72@usa.net ............. currently active/IRC+ distribution
vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black
dicentra...(email withheld): IRC+ grrl in black
eentity ...( '' '' ): Currently active/IRC+ man in black
Foreign Correspondants/affiliate members
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Qubik ............................: United Kingdom
D----Y ...........................: USA/world media
HWA members ......................: World Media
Past Foreign Correspondants (currently inactive or presumed dead)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
N0Portz ..........................: Australia
system error .....................: Indonesia
Wile (wile coyote) ...............: Japan/the East
Ruffneck ........................: Netherlands/Holland
Please send in your sites for inclusion here if you haven't already
also if you want your emails listed send me a note ... - Ed
Spikeman's site is down as of this writing, if it comes back online it will be
posted here.
http://www.hackerlink.or.id/ ............ System Error's site (in Indonesian)
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*******************************************************************
:-p
1. We do NOT work for the government in any shape or form.Unless you count paying
taxes ... in which case we work for the gov't in a BIG WAY. :-/
2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news
events its a good idea to check out issue #1 at least and possibly also the
Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ...
@HWA
00.4 Whats in a name? why HWA.hax0r.news??
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Well what does HWA stand for? never mind if you ever find out I may
have to get those hax0rs from 'Hackers' or the Pretorians after you.
In case you couldn't figure it out hax0r is "new skewl" and although
it is laughed at, shunned, or even pidgeon holed with those 'dumb
leet (l33t?) dewds' <see article in issue #4> this is the state
of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you
up and comers, i'd highly recommend you get that book. Its almost
like buying a clue. Anyway..on with the show .. - Editorial staff
@HWA
00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Also released in issue #3. (revised) check that issue for the faq
it won't be reprinted unless changed in a big way with the exception
of the following excerpt from the FAQ, included to assist first time
readers:
Some of the stuff related to personal useage and use in this zine are
listed below: Some are very useful, others attempt to deny the any possible
attempts at eschewing obfuscation by obsucuring their actual definitions.
@HWA - see EoA ;-)
!= - Mathematical notation "is not equal to" or "does not equal"
ASC(247) "wavey equals" sign means "almost equal" to. If written
an =/= (equals sign with a slash thru it) also means !=, =< is Equal
to or less than and => is equal to or greater than (etc, this aint
fucking grade school, cripes, don't believe I just typed all that..)
AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21)
AOL - A great deal of people that got ripped off for net access by a huge
clueless isp with sekurity that you can drive buses through, we're
not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the
least they could try leasing one??
*CC - 1 - Credit Card (as in phraud)
2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's
CCC - Chaos Computer Club (Germany)
*CON - Conference, a place hackers crackers and hax0rs among others go to swap
ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk
watch videos and seminars, get drunk, listen to speakers, and last but
not least, get drunk.
*CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker
speak he's the guy that breaks into systems and is often (but by no
means always) a "script kiddie" see pheer
2 . An edible biscuit usually crappy tasting without a nice dip, I like
jalapeno pepper dip or chives sour cream and onion, yum - Ed
Ebonics - speaking like a rastafarian or hip dude of colour <sic> also wigger
Vanilla Ice is a wigger, The Beastie Boys and rappers speak using
ebonics, speaking in a dark tongue ... being ereet, see pheer
EoC - End of Commentary
EoA - End of Article or more commonly @HWA
EoF - End of file
EoD - End of diatribe (AOL'ers: look it up)
FUD - Coined by Unknown and made famous by HNN <g> - "Fear uncertainty and doubt",
usually in general media articles not high brow articles such as ours or other
HNN affiliates ;)
du0d - a small furry animal that scurries over keyboards causing people to type
weird crap on irc, hence when someone says something stupid or off topic
'du0d wtf are you talkin about' may be used.
*HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R
*HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to
define, I think it is best defined as pop culture's view on The Hacker ala
movies such as well erhm "Hackers" and The Net etc... usually used by "real"
hackers or crackers in a derogatory or slang humorous way, like 'hax0r me
some coffee?' or can you hax0r some bread on the way to the table please?'
2 - A tool for cutting sheet metal.
HHN - Maybe a bit confusing with HNN but we did spring to life around the same
time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper
noun means the hackernews site proper. k? k. ;&
HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html
J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d
MFI/MOI- Missing on/from IRC
NFC - Depends on context: No Further Comment or No Fucking Comment
NFR - Network Flight Recorder (Do a websearch) see 0wn3d
NFW - No fuckin'way
*0WN3D - You are cracked and owned by an elite entity see pheer
*OFCS - Oh for christ's sakes
PHACV - And variations of same <coff>
Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare
Alternates: H - hacking, hacktivist
C - Cracking <software>
C - Cracking <systems hacking>
V - Virus
W - Warfare <cyberwarfare usually as in Jihad>
A - Anarchy (explosives etc, Jolly Roger's Cookbook etc)
P - Phreaking, "telephone hacking" PHone fREAKs ...
CT - Cyber Terrorism
*PHEER - This is what you do when an ereet or elite person is in your presence
see 0wn3d
*RTFM - Read the fucking manual - not always applicable since some manuals are
pure shit but if the answer you seek is indeed in the manual then you
should have RTFM you dumb ass.
TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0
TBA - To Be Arranged/To Be Announced also 2ba
TFS - Tough fucking shit.
*w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions
from the underground masses. also "w00ten" <sic>
2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers)
*wtf - what the fuck, where the fuck, when the fuck etc ..
*ZEN - The state you reach when you *think* you know everything (but really don't)
usually shortly after reaching the ZEN like state something will break that
you just 'fixed' or tweaked.
@HWA
-=- :. .: -=-
01.0 Greets!?!?! yeah greets! w0w huh. - Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to all in the community for their support and interest but i'd
like to see more reader input, help me out here, whats good, what sucks
etc, not that I guarantee i'll take any notice mind you, but send in
your thoughts anyway.
* all the people who sent in cool emails and support
FProphet Pyra TwstdPair _NeM_
D----Y Dicentra vexxation sAs72
Spikeman p0lix
Ken Williams/tattooman of PacketStorm, hang in there Ken...:(
& Kevin Mitnick (watch yer back)
kewl sites:
+ http://www.securityportal.com/ NEW
+ http://www.securityfocus.com/ NEW
+ http://www.hackcanada.com/
+ http://www.l0pht.com/
+ http://www.2600.com/
+ http://www.freekevin.com/
+ http://www.genocide2600.com/
+ http://www.packetstorm.harvard.edu/ ******* DOWN ********* SEE AA.A
+ http://www.hackernews.com/ (Went online same time we started issue 1!)
+ http://www.net-security.org/
+ http://www.slashdot.org/
+ http://www.freshmeat.net/
+ http://www.403-security.org/
+ http://ech0.cjb.net/
@HWA
01.1 Last minute stuff, rumours and newsbytes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"What is popular isn't always right, and what is right isn't
always popular..."
- FProphet '99
+++ When was the last time you backed up your important data?
++ AGENT STEAL INTERVIEW
Justin Petersen tells CNN he now plans to begin a new life online, free of crime, with
an adult Web site. The interview airs on CNN Sunday and Monday at 8 p.m. ET and 10 p.m. PT.
++ INFOWARCON'99
by BHZ, Saturday 24th July 1999 on 10:26 pm CET
Infowar (www.infowar.com) announced this year's security gathering - InfowarCon '99.
It will be held in Washington from September 8th - 9th and: "Designed for
corporations, infrastructure firms, and finance, military, intelligence and law
enforcement organizations, InfowarCon '99 provides proven tactics for defending the
enterprise and infrastructures".
Thanks to myself for providing the info from my wired news feed and others from whatever
sources, also to Spikeman for sending in past entries.... - Ed
@HWA
01.2 MAILBAG - email and posts from the message board worthy of a read
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
02.0 From the editor.
~~~~~~~~~~~~~~~~
#include <stdio.h>
#include <thoughts.h>
#include <backup.h>
main()
{
printf ("Read commented source!\n\n");
/*
* Nothing much to say, I have a summer cold, (gak!) here's
* issue #27... start reading. :)
*
* hwa@press.usmc.net
*
*/
printf ("EoF.\n");
}
Congrats, thanks, articles, news submissions and kudos to us at the
main address: hwa@press.usmc.net complaints and all nastygrams and
mai*lbombs can go to /dev/nul nukes, synfloods and papasmurfs to
127.0.0.1, private mail to cruciphux@dok.org
danke.
C*:.
03.0 l0pht releases AntiSniff - Press release
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For Immediate Release
L0pht Heavy Industries Releases a Public Beta of Its
Revolutionary New AntiSniff Network Security Software
Boston, MA - July 22, 1999 - L0pht Heavy Industries, a world
renowned computer security think tank, today announced the public
beta release of its AntiSniff network security software, which can
detect attackers surreptitiously monitoring a computer network.
"AntiSniff is a whole new breed of network security tool, designed to
detect the attack patterns used in compromising a computer
network, instead of merely being reactive to already known
vulnerabilities.", said Dr. Mudge, Chief Scientist at L0pht Heavy
Industries.
AntiSniff, which operates on both Windows NT and UNIX operating
systems, will detect remote computers that are packet sniffing, that
is, monitoring all network communications.
In a recent survey, three-quarters of U.S. corporations, government
agencies, financial institutions and universities reported suffering
financial losses due to computer security breaches. Some of these
attacks have become quite famous, such as the successfull attacks
against the Senate & FBI webservers. Other attacks, however, don't
get any media attention, and are far worse than the defacement of a
web site. These attacks involve the invasion of government and
corporate secrets, and personal privacy. Many of these attacks rely
on packet sniffing to penetrate deep into a computer network.
Network communication can be likened to large group of people
standing together in a room and talking. When people talk to each
other, others nearby have the ability to listen in. When computers
communicate over networks, they normally only listen to
communications destined to themselves. However, they also have
the ability to enter promiscous mode, which allows them to listen to
communications that are destined to other computers.
When an attacker successfully compromises a computer, they install
what is known as a packet sniffer, a tool that puts the computer into
promiscuous mode, thus allowing them to monitor and record all
network communications. The private information they gather, such
as account names, passwords, credit cards, and even e-mail, is then
used to compromise other computers. This is how, from one weak
computer in a computer network, many computers, and the
information they contain can be compromised. Until now, it has been
impossible for network administrators to remotely detect if computers
were listening in on all network communications.
L0pht Heavy Industries' AntiSniff stops all this, by giving network
administrators and information security professionals the ability to
remotely detect computers that are packet sniffing, regardless of the
operating system. Dr. Mudge explains, "AntiSniff works by running a
number of non-intrusive tests, in a variety of fashions, which can
determine whether or not a remote computer is listening in on all
network communications. Now it is impossible for an attacker who is
sniffing to hide."
Current network security tools, such as network scanners, work by
probing machines for software that contains bugs or software that's
misconfigured. Intrusion Detection Systems (IDS), work by finding
malicious signatures in network traffic. AntiSniff, on the other hand,
is the first of it's kind. It remotely detects the passive act of
eavesdropping on network communications. It will even detect
packet sniffers installed by a rogue insider who may have legitimate
administrative access to a machine, but still should not be monitoring
all network traffic.
The AntiSniff public beta is released for Windows NT, complete with a
fully featured graphical interface, report generating tools, and alarm
system. It is designed so that it can be used to quickly scan a
network or scan continuously, triggering alarms when a "packet
sniffing" machine is detected.
The beta version has been made available free to all who would like
to try it out. L0pht hopes to have the commercial release ready
within a few weeks. Retail and site license pricing have not yet been
determined.
To further the research of the security community as a whole, as
they have in previous products, L0pht will be releasing AntiSniff as a
UNIX command-line tool, complete with full source code.
For more information please contact AntiSniff@l0pht.com. The free
beta download and full documentation are available at
http://www.l0pht.com/antisniff/.
About L0pht Heavy Industries
L0pht Heavy Industries is a world renowned computer security think
tank. Founded in 1992 as a computer research facility, the L0pht has
grown into a leader in the field of computer security software. The
L0pht's products include L0phtCrack, the industry standard NT
password auditing tool. As a result of their innovative security
research, the L0pht has released dozens of computer security
advisories to the Internet community, warning of dangerous
vulnerabilities in today's most widely used software. Many at the
L0pht are considered top experts in the computer security field and
have appeared on numerous network news programs and
documentaries, as well as having testified about government
computer security for the U.S. Senate. Visit the L0pht's web site at
http://www.l0pht.com.
All trademarks and registered trademarks are the property of their
respective holders.
@HWA
04.0 Pixar to remake TRON?
~~~~~~~~~~~~~~~~~~~~~
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
Pixar Studios to remake Disney's Tron?
By Richard Barry, ZDNet (UK)
July 23, 1999 4:13 PM PT
URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2301037,00.html?chkpt=hpqs014
It set the scene for a generation of hi-tech sci-fi movies and, arguably, inspired some of the best
films of the genre. Tron, the legendary Disney movie loved by the thirty-something generation, is
rumored to be in the re-make room with some very serious backers, including Steve Jobs.
Jobs, on stage this week with the iBook, also has another day job, running Pixar Animation
Studios (Nasdaq:PIXR), maker of "Toy Story" and "A Bug's Life." According to one source,
Pixar may be working on a remake of the classic '80s sci-fi film.
The source, who asked not to be identified, said Pixar is trying to decide whether to remake the
original or create a sequel. It will begin work on the project once Toy Story II hits the theaters
November 24. John Lasseter, Toy Story's director, will head the production.
Lending fuel to the rumor, Lasseter has gone on record crediting Tron as the driving inspiration
behind Toy Story. He saw the film while working as an animator on Mickey's Christmas Carol
and had two best friends on the production team.
"It [Tron] was the future. It was the potential I saw in computer animation," Lasseter said.
A spokesperson for Pixar in Richmond, Calif., said she was not aware of any Tron projects, but if
it were to happen, it would likely be led by Disney. Disney owns 50 percent of Pixar. The
company did not return calls by press time.
@HWA
05.0 Meet the fed (zdtv:Defcon)
~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.zdnet.com/zdtv/cybercrime/features/story/0,3700,2293749,00.html
Phil Loranger, division chief for information assurance with the US
Army, speaks out about Def Con
Phil Loranger, the division chief for information assurance with the US Army,
was interviewed by CyberCrime analyst Alex Wellen while at Def Con. Here are
excerpts.
Why come to Def Con? "This is an important conference to anybody [who] attends.
It is a conference in which there is a lot of valuable and technical information
exchanged.
"There is an opportunity to meet some of the folks on the dark side, if you will,
to see some of their thinking.
"We've done this [for the] first time this year to put [on] a federal panel and get
[a] frank and honest exchange. ... To get some feelings from what the industry
considers to be some of the most elite people in the dark side of computer
security, if you will.
"We were invited to do a presentation and to participate in a panel."
Do you use hackers to check out your systems, to verify your vulnerablities?
"Hackers, by their very definition, are law breakers and criminals, and I don't see
why they should be rewarded, especially using taxpayer dollars.
"We have very talented people who have never broken the law and have struggled
very hard through [their] academic years; and those are the folks we want to bring
onto the payroll.
"This is not to say that the people we are addressing here today at this conference
are criminals. We are talking here in broad strokes saying that if you break into a
system you're a criminal."
How have you been received by attendees?
"I have been experiencing a very cordial interchange among the people we've met.
Meet the [Fed] panel was a less regulated environment, if you will. I think that it was
not as rowdy as I had imagined, and I was pleased about that.
"Isn't it wonderful that we're able to have conferences like this under our form of
government that says it's OK to not agree with the people on the platform?"
Will you return to Def Con next year?
"I see us reacting to invitations to these if there are more, absolutely.
"Where else can you come and have a member of the White House National Security Counsel,
a member of the Office of the Secretary of Defense for Investigation, and a member of the
military department stand there and interface with what I guess is considered
... we're considered to be their targets
and so forth."
@HWA
06.0 Poulsen at DefCon
~~~~~~~~~~~~~~~~~
My First Def Con
On finding decadence and dialogue in
the desert
By Kevin Poulsen July 14, 1999
I'm wandering through the hall outside the main conference room at the Alexis Park
Hotel, stepping gingerly over blue Ethernet cable while gripping a drink in
one hand, a cigarette in the other. Las Vegas is a nexus of many vices, crammed
into spurts of late-night binges and hangover mornings.
Last weekend it became an oasis of decadence and dialogue in a desert turned
to mud by a freak thunderstorm.
It's the seventh annual Def Con, the computer underground convention: my first.
Around me, a chaotic bazaar shows hackers of all shapes and sizes crowding
around tables stacked with underground publication, T-shirts, and chunks of
technology begging to be taken apart and reassembled. The younger attendees are
drowning in caffeinated drinks-- primarily Jolt cola, which was apparently stocked
by the hotel especially for this occasion.
"How is publicly releasing a hacking tool different from giving out guns to children?"
queries the voice behind the camera, aimed for a kill shot at my head.
Earlier in the day, The Cult of the Dead Cow made a flashy standing-room-only
presentation of Back Orifice 2000 -- a feature-packed but stealthy
remote-control utility for Windows-- and it's fast becoming a symbol for the
conference.
I don't know how to answer a question comparing a computer program to a
firearm, but when the voice rephrases, I offer my soundbite.
"Secrecy only helps the bad guys."
By my definition, everyone at Def Con is a good guy, except the handful of good
gals. The thousands of hackers, security consultants, outlaws, and scenesters from
around the world are laying bare their knowledge, and sometimes their flesh, to
each other and to the roving (and steadily increasing) glass eyes of news
organizations that they suspect just don't get it.
Even the cops tend towards openness, good-naturedly accepting their "I Am the
Fed" T-shirts when sharp-eyed hackers pick them from the crowd.
The Primo Stuff
The Dead Cow was the star of the show, but other highlights included the premiere
of a nine-minute teaser for Freedom Downtime, 2600 editor Emmanuel
Goldstein's work-in-progress about the legal travails of imprisoned hacker Kevin
Mitnick.
After seeing the trailer, Chaos Theory foresees Goldstein and his documentary
appearing at Cannes. You heard it here first.
Austin Hill, president of Zero Knowledge Systems Inc., described the workings of his
company's much-anticipated Freedom Net, an elaborate system intended to cloak the
online activities of privacy conscious netizens.
Hill wins my Golden Aphorism award (which I just invented) for his answer to law
enforcement's complaints that Internet anonymity makes their job harder:
"Policing is only easy in a police state."
Sessions at the conference covered public policy, tutorials on computer security and
lock-picking, a plethora of technical discussions, and games, such as Hacker
Jeopardy and a social engineering contest.
At night, hackers raved on the conference dance floor and partied in the suites.
And it's there, away from the rows of Linux boxes and laptops, and beyond the
reach of the blue cables, that the excesses of the Def Con nightlife evoke a
Hollywood party, circa 1985. Reclining next to the hot tub at a shindig in one of
the more spacious suites-- a vice, once again, in each hand-- someone offers me
a tiny Ziplock bag filled with white powder.
The illusion is dispelled when I read the warning label affixed to the bag. The
powder is 100 percent pure caffeine. Primo stuff at the hacker con.
Editor's Note: Kevin Poulsen was a
speaker at Def Con, and was on the team
that won Hacker Jeopardy, which also
included Jennifer Granick and Mark Lottor.
@HWA
07.0 Y2K Situation in Europe
~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Friday 23rd July 1999 on 1:17 pm CET
German Council of Trade and Industry published results of their testing about Y2K
compliance in German companies. It looks like just 45 percent of companies are
properly prepared for the new millennium. According to some IT professionals, year
2000 will be a year of bankruptcies. Western European countries are prepared for
Y2K, but there is always something to work around. Read the story on NY Times.
July 23, 1999
Europe Rides Bumpy Computer Road to
Year 2000
By EDMUND L. ANDREWS
HANOVER, Germany -- Perhaps fittingly, Germany's first real
scare about Year 2000 computer crashes came on a Friday the 13th.
It was March 1998, and most people here were greeting warnings about
Year 2000 failures with a lack of interest. It seemed like a trivial
problem, a matter of making sure that computer clocks would not
misread the year 2000 as 1900.
Then came the test at the Hanover city power company, organized by a
confident data processing manager in the spirit of public education, with
local media invited to watch. At first, everything seemed fine. But within a
few minutes after "midnight," the computer began spewing out thousands
of error messages. Then it froze up entirely, and the monitors went blank.
Hanover did not go dark. But for a
few minutes, it was impossible to
monitor the electric grid or to trace
equipment breakdowns. It took
seven months to eradicate all the
problems.
"I really thought it would be fine," said
Juergen Rehmer, the blue-jeans-clad manager who arranged the event.
"We had made a lot of changes already, and I was quite certain that a
full-system test wouldn't present any great difficulty."
Rehmer's test was a watershed. It disrupted a widespread complacency
about Year 2000 problems, and marked the first time that a German
power company had issued a warning.
At the time it occurred, the German government had yet to make its first
assessment of the Year 2000 problem. Surveys by insurance companies
showed that the vast majority of companies had not even begun to look
at their systems.
"The European view is that Anglo-American countries
are in kind of an hysterical mold," said Peter Eibert,
the Year 2000 coordinator at Ford Motor Co. of
Europe, based in Cologne.
Germany and many of Europe's most advanced
countries are racing to make up for lost time.
Corporations are pouring billions of dollars into
reprogramming computers. Government agencies
have set up hot lines. Industry associations hold
countless conferences, often invoking the image of
ticking time bomb.
They are making headway. Most experts are
increasingly confident that Europe is not likely to see
catastrophic failures. A Year 2000 trial involving
Europe's major banks went smoothly. Airlines and
airports, which recognized the danger long ago, say they are ready.
Nevertheless, many smaller companies and public institutions are running
out of time.
In a recent survey, the German Council of Trade and Industry found that
only 45 percent of companies were properly prepared. Hermes, a
German insurance company in Hamburg, estimates that 60 percent of
German companies still hadn't started a comprehensive program by last
fall.
"We believe there will be a substantially higher rate of bankruptcies in the
year 2000," said Walter Schmitt-Jamin, a managing director of Hermes.
A doubling of the usual bankruptcy rate, slightly less than one percent of
companies each year, is entirely possible, he added.
The readiness varies considerably across Western Europe. In Britain, the
Netherlands and much of Scandinavia, governments and corporations
jumped on the problem two years ago.
In Germany and France, government and business leaders were until
recently more lackadaisical. Poorer countries like Italy, Spain and
Portugal are struggling.
The formerly Communist nations of Central Europe and Russia are much
more seriously behind. LOT, the Polish national airline, announced
recently that it will ground about 70 flights on New Year's Eve out of
concern about Year 2000 breakdowns. The Russian government
recently reported that only one-third of the country's banks were ready.
Western European countries are well prepared in comparison. But they
also have more to worry about.
The 15 nations of the European Union, 11 of which have now adopted
the euro as a single currency, is an increasingly unified economy linked by
dense information networks.
There is a boom in the construction of cross-border fiber-optic
networks. Power companies buy and sell electricity over electronic
trading systems. Car manufacturers order from suppliers over computer
networks.
Yet when car manufacturers sent the worldwide suppliers detailed Year
2000 questionnaires in early 1997, most of the responses provided little
in the way of useful information.
That became a source of growing anxiety here in Germany over the next
year. Executives at General Motors' Opel subsidiary were startled to
discover that industrial robots they bought in 1997 still had Year 2000
glitches. By August 1998, Opel had decided to start sending its own
Year 2000 assessors on personal visits to key suppliers.
"The key was to ask questions that indicated whether the suppliers knew
what they were talking about," said Roger Aze, Opel's Year 2000
coordinator. "Do you have a person in charge of Y2K? Do you have a
program and a schedule?"
In the last several months, Opel started sending technical experts to its
most critical suppliers -- the ones whose own assembly lines are linked
directly by computer network to those of Opel and that deliver on a "just
in time" basis.
But Aze is still bracing for things outside their control: power disruptions
or problems further down the supply chains.
Power remains one of the biggest concerns. "The energy industry had
overslept," Rehmer said bluntly. It wasn't until July 1998 -- four months
after Hanover's surprising test failure -- that the German Association of
Electric Utilities advised members to "Start now!" on Year 2000
preparation.
Today, Year 2000 experts in Germany say severe disruptions are
unlikely but cannot be ruled out. As a result, many big industrial
manufacturers are scaling back production to insulate themselves for a
shock of an abrupt power disruption.
BASF AG, the chemical conglomerate based in Ludwigshafen, has
decided to shut a number of its systems on New Year's Eve so it can get
by on the electricity from its own on-site power plant.
So many manufacturers are reducing their power consumption on New
Year's Eve that the utility industry has begun to worry about disruptions
caused by an abrupt plunge in demand.
One of the key differences between European countries on Year 2000
issues is the degree to which governments became involved.
In Britain, Prime Minister Tony Blair has built up a huge program to
promote awareness and point companies toward solutions. Besides
drumming up publicity, the government fielded several thousand "bug
busters" to get out the word.
The Netherlands started a similar program, known as the Dutch
Millennium Platform, headed by Jan Timmer, the former chairman of
Philips Electronics NV. Timmer irked business groups by exhorting them
to act, but most now experts rank the Netherlands alongside the United
States and Britain as among the best-prepared countries.
By contrast, German leaders did not show much interest in the subject
until a few months ago. The government issued a tepid report one year
ago and a more thorough one this spring, and it only recently set up an
Internet site devoted to the issue.
Local governments have largely been quiet on the matter. In March, the
German weekly news magazine Focus published a survey indicating that
most German cities had not yet prepared themselves for problems.
According to the survey, carried out with the German Conference of
Cities, half the cities had yet to test their hospitals, and one-third had not
tested their mass transit systems.
The hospitals have had a rude awakening. Andreas Tecklenberg, director
of a 260-bed hospital in the north German town of Eutin, was dismayed
when only six out of 150 manufacturers gave him useful answers when he
sent them queries about Year 2000 problems.
Since then, he has started to get better information. At the moment, he
estimates, about one-third of the hospital's systems are "green" or ready;
about one-third are yellow, and one-third still red.
"The devices will have to be watched," Tecklenberg said. "But
fortunately, we can have people take over if equipment goes wrong."
At the German Heart Center in Berlin, which specializes in heart surgery,
administrators are avoiding elective surgery between Christmas and
January 3. It has also imposed a ban on holidays for most of the medical
and technical staff on New Year's Eve.
"If you look at this from the American standpoint, we all started late
here," acknowledged Marcus Werner, who coordinates the center's
Year 2000 planning.
Werner started his preparations in October and said he was now
reasonably confident about the hospital's medical equipment.
But like so many others, he worries about power. The hospital shares a
back-up generator with the University of Berlin, but he is still worried
about the software that will have to ration the relatively scarce electricity.
"What it comes down to is things you basically have no control over," he
said.
@HWA
08.0 Applied Maximum Internet Security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Friday 23rd July 1999 on 1:09 pm CET
Applied Maximum Internet Security, 3 day computer security seminar will be held in
Cardiff By The Sea (California) on August 16-18, 1999 and September 27-29, 1999.
ex-underground based instructors will cover the topics from essentials of TCP/IP, over
the usual hacking/cracking tools to attack strategies. The fee is $1,395 for 3 days.
@HWA
09.0 HPSBUX9907-100 CDE Leaves Current Directory in root PATH
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To: BugTraq
Subject: [support_feedback@us-support.external.hp.com: Security Bulletins Digest]
Date: Tue Jul 20 1999 13:58:28
Author: Patrick Oonk
Message-ID: <19990720135828.J6635@atro.pine.nl>
----- Forwarded message from HP Electronic Support Center <support_feedback@us-support.external.hp.com> -----
Date: Tue, 20 Jul 1999 04:45:18 -0700 (PDT)
Subject: Security Bulletins Digest
From: support_feedback@us-support.external.hp.com (HP Electronic Support Center )
To: security_info@us-support.external.hp.com
Reply-To: support_feedback@us-support.external.hp.com
Errors-To: support_errors@us-support.external.hp.com
HP Support Information Digests
===============================================================================
o HP Electronic Support Center World Wide Web Service
---------------------------------------------------
If you subscribed through the HP Electronic Support Center and would
like to be REMOVED from this mailing list, access the
HP Electronic Support Center on the World Wide Web at:
http://us-support.external.hp.com
Login using your HP Electronic Support Center User ID and Password.
Then select Support Information Digests. You may then unsubscribe from the
appropriate digest.
===============================================================================
Digest Name: Daily Security Bulletins Digest
Created: Tue Jul 20 3:00:02 PDT 1999
Table of Contents:
Document ID Title
--------------- -----------
HPSBUX9907-100 CDE Leaves Current Directory in root PATH
The documents are listed below.
-------------------------------------------------------------------------------
Document ID: HPSBUX9907-100
Date Loaded: 19990719
Title: CDE Leaves Current Directory in root PATH
-------------------------------------------------------------------------
**REVISED 01** HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #00100, 07 July 1999
Last Revised: 19 July 1999
-------------------------------------------------------------------------
The information in the following Security Bulletin should be acted upon
as soon as possible. Hewlett-Packard Company will not be liable for any
consequences to any customer resulting from customer's failure to fully
implement instructions in this Security Bulletin as soon as possible.
-------------------------------------------------------------------------
PROBLEM: The current directory is in the root user's PATH
after logging in using CDE.
PLATFORM: HP 9000 series 700/800 at HP-UX revision 10.X
DAMAGE: Increase in privileges..
SOLUTION: Modify /usr/dt/bin/Xsession until a patch is available.
AVAILABILITY: This advisory will be updated when patches are available.
CHANGE SUMMARY: HTML to text conversion instructions for script added.
-------------------------------------------------------------------------
I.
A. Background - The PATH environemnt variable is constructed from
several sources including dtsearchpath and scripts in
/etc/dt/config/Xsession.d/ and /usr/dt/config/Xsession.d/.
The resulting PATH contains the string "::" which will be
interpreted as the current directory. The root user should
not have the current directory in the PATH.
B. Fixing the problem - Since the PATH environment variable can be
affected by dtsearchpath and several scripts, the recommended
solution is to clean up the root user's PATH after is has been
created.
**REVISED 01**
Note: This file is in HTML format. If you are editing
the text version from a mailing the line below:
for (i=1; i<=n; i++) {
must be changed. Replace the characters between
the second "i" and the "=n" with the single "less than"
character (ascii 0x3c).
The line will then read:
for (i=1; iX=n; i++) {
where X stands for the "less than" character.
In /usr/dt/bin/Xsession just before this:
# ###########################################################################
#
# Startup section.
Add this:
###################### Clean up $PATH for root ##########################
if [ "$USER" = "root" ]
then
Log "Clean up PATH for root user"
Log "Old PATH = $PATH"
PATH=`echo $PATH | awk '
{
# Remove elements from PATH that are
# (a) "."
# (b) ""
# (c) blank
#
gsub (" ",":", $0) # Substitite ":" for each blank
n = split ($0, path, ":") # Split into elements with ":" as delimiter
first = 1 # To suppress leading ":" in new PATH
for (i=1; i<=n; i++) {
len = length(path[i])
dot = index(path[i], ".")
dot_only = 0
if ((len == 1) && (dot==1)) {
dot_only = 1
}
# print element if it is not "" and not "."
if (!(len==0) && !(dot_only==1)) {
if(first != 1) {
printf (":") # if not first element, print ":" in front
}
printf ("%s",path[i])
first = 0
}
}
}
END { printf ("\n") }'`
Log "New PATH = $PATH"
fi
###################### End - Clean up $PATH for root ####################
C. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP Electronic Support Center via electronic
mail, do the following:
Use your browser to get to the HP Electronic Support Center page
at:
http://us-support.external.hp.com
(for US, Canada, Asia-Pacific, & Latin-America)
http://europe-support.external.hp.com (for Europe)
Login with your user ID and password (or register for one).
Remember to save the User ID assigned to you, and your password.
Once you are in the Main Menu:
To -subscribe- to future HP Security Bulletins,
click on "Support Information Digests".
To -review- bulletins already released from the main Menu,
click on the "Search Technical Knowledge Database."
Near the bottom of the next page, click on "Browse the HP
Security Bulletin Archive".
Once in the archive there is another link to our current Security
Patch Matrix. Updated daily, this matrix categorizes security
patches by platform/OS release, and by bulletin topic.
The security patch matrix is also available via anonymous ftp:
us-ffs.external.hp.com
~ftp/export/patches/hp-ux_patch_matrix
D. To report new security vulnerabilities, send email to
security-alert@hp.com
Please encrypt any exploit information using the security-alert
PGP key, available from your local key server, or by sending a
message with a -subject- (not body) of 'get key' (no quotes) to
security-alert@hp.com.
Permission is granted for copying and circulating this Bulletin to
Hewlett-Packard (HP) customers (or the Internet community) for the
purpose of alerting them to problems, if and only if, the Bulletin
is not edited or changed in any way, is attributed to HP, and
provided such reproduction and/or distribution is performed for
non-commercial purposes.
Any other use of this information is prohibited. HP is not liable
for any misuse of this information by any third party.
________________________________________________________________________
-----End of Document ID: HPSBUX9907-100--------------------------------------
----- End forwarded message -----
--
Patrick Oonk - PO1-6BONE - patrick@pine.nl - www.pine.nl/~patrick
Pine Internet B.V. PGP key ID BE7497F1
Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://www.pine.nl/
-- Pine Security Digest - http://security.pine.nl/ (Dutch) ----
Excuse of the day: Police are examining all internet packets in
the search for a narco-net-traficer
[ (application/pgp-signature) ]
@HWA
10.0 Tiger vulnerability
~~~~~~~~~~~~~~~~~~~
To: BugTraq
Subject: tiger vulnerability
Date: Tue Jul 20 1999 09:37:39
Author: Ellen L Mitchell
Message-ID: <199907201437.JAB12684@net.tamu.edu>
-----BEGIN PGP SIGNED MESSAGE-----
A vulnerability in one of the scripts used by the unix security tool
Tiger has been discovered and a patch issued.
Tiger is a public domain package developed and maintained by Texas A&M
University, used for checking security problems on a Unix system. Due
to lack of checking, a local user can craft a command in such a way
that he may have the command executed with the privileges of the
process running Tiger (usually root).
While no known compromises have occurred due to this vulnerability,
it is recommended that the patch be applied if you run tiger.
Patches for tiger have been issued and are available at
ftp://net.tamu.edu/pub/security/TAMU/
Thanks to Michel Miqueu and Philippe Bourgeois of CERT-IST for
reporting the problem.
Ellen
- --
Ellen Mitchell
Network Group
Texas A&M University
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBN5SI2vjlKRxZFQKVAQGm2wQAqfJWT1nW5A3odbYWa+yvUYjRBkACBVac
hslPIEtX8xVTOgrsHVK5ugT3lD0jz6jQc2DVkIhp89dS4st/+GrFu6ikcg2PaN1x
a7YfqnpYxjRQuTEL9mVG67tyCvsxmOpzv/aTWwEd9AJofRbCUdWK1ruBe2P6Vd2s
B/BdszrqfbI=
=nyA0
-----END PGP SIGNATURE-----
@HWA
11.0 Packet Storm Working on Corporate Sponsorship
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.hackernews.com/
contributed by xripclaw
Ken Williams has posted a statement saying that Packet
Storm Security is not dead. He is currently working on a
deal with a corporate sponsor that will allow him to have
a professionally maintained site with full staff of security
experts, administrators, and web designers. We look
forward to new developments.
Tattooman
http://frey.rapidnet.com/~tattooman/
12.0 UPDATE ON THE PACKET STORM WEB SITE SITUATION
---------------------------------------------
hey,
i've been working very hard with numerous corporate entities
to try to get the web site back up and online as soon as possible.
everything is looking very good now, and i hope to have the site
back up and better than ever RSN (Real Soon Now). hopefully, the
site will be run and hosted by a professional security firm (to be
named at the appropriate time), and the new site will be more
professionally maintained by a full staff of security experts,
administrators, and web designers. with a very substantial amount
of corporate funding, the new Packet Storm Security will be a
completely revamped site with more features, more updates, more
bandwidth, more of everything.
news and updates will be posted here as soon as i get confirmation
of the new plans, and contracts are signed.
-- Ken Williams, Sat Jul 24 16:34:45 EDT 1999
everything is looking very good and i hope to have great news to
post in the next couple of days.
-- Ken Williams, Mon Jul 26 22:12:07 EDT 1999
Contact Info
------------
tattooman@genocide2600.com
jkw@rage.resentment.org
jkwilli2@unity.ncsu.edu
PGP Keys
--------
Keys with ASCII Blocks, Fingerprints, and IDs
http://www4.ncsu.edu/~jkwilli2/
Keys with ASCII Blocks, Fingerprints, IDs, and Certificates
http://www.keyserver.net:11371/pks/lookup?template=netensearch%2Cnetennomatch%2Cnetenerror&search=jkwilli2&op=vindex&fingerprint=on&submit=Get+List
@HWA
13.0 Piracy is Big Business for Some
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.hackernews.com/
contributed by PJ
Churning out thousands of copies at a time for sale in
the US and abroad, Southern California is now the home
of the software counterfeiter.
LA Times
http://www.latimes.com/HOME/BUSINESS/UPDATES/lat_piracy990725.htm
Who pays to arrest the pirates? Intel, Hewlett Packard,
and others are funding public police forces. Evidently it
is perfectly legal to grant local police departs hundreds
of thousands of dollars so that they arrest the people
you want them to. The police say there is no conflict of
interest.
LA Times
http://www.latimes.com/HOME/BUSINESS/UPDATES/lat_piracy990726.htm
LA Times
http://www.latimes.com/HOME/BUSINESS/UPDATES/lat_piracy990725.htm
Pirates of the High-Tech Age
Southern California is now home to a sophisticated breed of criminals who,
lured by high profits and low penalties, make and sell counterfeit computer
software.
By P.J. HUFFSTUTTER, TINI TRAN and DAVID REYES, Times Staff Writer
Southern California is becoming the national base for counterfeiters
who make bogus software that looks so good even computer
experts can't tell the difference.
Once a problem confined to Asia and Latin America, high-quality fake
CD-ROMs made here are showing up for sale in foreign countries, on
Internet sites and even in some retail stores like Fry's Electronics.
Authorities have seized nearly $200 million in counterfeit software in
dozens of cases in Southern California over the past three years.
The disks are manufactured by a new
breed of multicultural gangs who operate
somewhat like legitimate software
companies. Lured by high profits and low
penalties, these criminals work cooperatively
with each other, often "outsourcing" different
aspects of the operation to business partners
in order to save time and money.
"The irony of all this is the counterfeiters
are mimicking us," said Chris Chapin,
manager of intellectual property enforcement
for video game publisher Electronic Arts Inc.
in Redwood City. "They are our worst
business rivals."
Feeding off the nation's growing number
of PC-owners, the counterfeiters are
supplying consumers with hot new products such as video games, tax
programs and business tools. Software pirates can replicate, for as little as
50 cents, disks holding programs that computer companies price at
hundreds of dollars.
"Look, I can make more money off this than my lawyer can defending
me," said one self-described pirate, nicknamed "hax3rz," who was selling
illegal copies of top-selling video games on the Internet. "If they want it,
I'll sell it."
Southern California "is the capital for pirated [software] products in
North America," said Nancy Anderson, senior attorney for Microsoft
Corp.'s anti-piracy group. "Not Silicon Valley. Not New York. Not Texas.
Not Washington. Here."
High-tech piracy flourishes amid the anonymous industrial parks in the
San Gabriel Valley cities of Walnut, Diamond Bar, City of Industry and
Rowland Heights. Investigators have raided one business park in Walnut
so many times that police have dubbed it "Pirates' Cove." But operations
are also found elsewhere in the region.
Earlier this year, in what industry experts describe as the nation's
largest-ever software counterfeiting bust, Westminster police and the FBI
arrested a dozen people and shut down an alleged piracy scheme with $60
million worth of fake Microsoft software sitting on a warehouse floor in
the city of Paramount.
Atul Sowmitra Dhurandhar, a
51-year-old native of India, and his wife
were accused of money laundering and
running the operation that for four years
allegedly churned out counterfeit
CD-ROMs from plants in three
Southern California counties. They
pleaded not guilty, and their trial begins
in Los Angeles federal court this week.
Like computer executives tapping
personal contacts for deals, Dhurandhar
allegedly used friends to create a business network: a convicted Chinese
counterfeiter, who obtained a commercial CD-ROM replicator to copy the
disks; a Mexican national, who is allegedly a Mexicali state judicial police
officer, to smuggle product across the border; and another Mexican to
hire illegal immigrants to run the CD replicator.
But even as police break up the operations, the software industry still
cannot get the public to support its plight.
There is little widespread sympathy
when a corporation such as
Microsoft--which is worth more than
$500 billion--complains that it loses
hundreds of millions of dollars a year to
piracy.
The wealthy upper class traditionally
is seen by the masses as the enemy, said
Robert Kelly, professor of society and
criminal justice at the City University of
New York. In the past, it was oil barons
and railroad tycoons. Today, notes Kelly,
Microsoft head Bill Gates is the bad guy.
"Fake software is not seen as a
threat to the public good," said Alfred
Blumstein, a public policy professor at
Carnegie Mellon University.
Despite software companies
aggressively lobbying politicians and
spending millions of dollars on
anti-piracy advertising campaigns, the
laws remain relatively soft on
counterfeiters. The result: people who
pirate millions of dollars' worth of software often receive only probation.
"It's cheap, it's easy and there's almost no risk," said Sgt. Marcus
Frank of the Westminster Police Department, who lead the Dhurandhar
investigation. "If you were a criminal, wouldn't you do it?"
The Key to Success: Networking
Frank said the Dhurandhar investigation peaked last fall, when
undercover officers staked out warehouses in Paramount, watching as a
stream of truck drivers loaded pallets stacked high with fake Microsoft
goods.
The ringleaders had
allegedly been shipping an
estimated 15,000 fake
Microsoft disks a month
nationwide and overseas. By
early February, police and the
FBI had enough evidence to
get a search warrant and raid
the operation.
Officers burst inside a
warehouse one rainy
afternoon and surprised six
immigrant workers, who were
busy printing counterfeit
Microsoft user manuals. Here
and at nearby facilities, investigators found top-of-the-line CD-ROM
duplication equipment, high-speed printing presses and rows of
bookbinding and shrink-wrapping machines.
Piles of phony warranty cards spilled out of nearby crates. Sixty
million dollars' worth of boxed, shiny silver compact disks, all sporting the
Microsoft logo, towered over the officers.
And tucked off in a corner, police say, was the investigative mother
lode: files stuffed with Dhurandhar's business documents and checkbooks.
The paperwork mapped out an elaborate counterfeiting network,
according to police, and gave investigators leads on the scheme's money
trail.
Dhurandhar, his wife Mamta--who faces the same charges as her
husband--and their attorneys have declined to discuss the case. Ten other
suspects will join them at trial this week.
Prosecutors say the Dhurandhar case is a textbook example of a
modern software counterfeiting operation, where professional networking
is the key to success. Someone knows someone with the machinery to
copy the disks. Someone else knows of a print-shop owner willing to
churn out bogus user manuals.
Police say the players in the Southland's growing software piracy
industry range from legitimate shop owners to street thugs to U.S.-based
Asian gangs, such as the Wah Ching and Black Dragons, to savvy
businessmen of all nationalities willing to run a wide-scale operation.
Instead of a crime "family" with workers of one ethnicity answering to
a boss, these software gangs operate as independent agents with no
specific loyalties. Where traditional crime outfits work to improve the
power and dominance of their family, these alliances of counterfeiters end
when the job is done.
"If you're a Crip, you're always a Crip," said Det. Jess Bembry, an
expert in Asian organized crime with the Los Angeles Police Dept. These
cases are different because "if it benefits them [financially], warring
groups will stop fighting to make money together."
Like computer executives sealing million-dollar agreements with a
handshake, the ancient Chinese rite of guanxi (pronounced gwan-shee) is
the unspoken social glue that defines interactions in some Asian societies.
For legitimate businessmen throughout the world, guanxi means a
person's social rapport is his key currency in the corporate world.
It also is a philosophy that, say police, allows accused software
counterfeiters such as the Dhurandhars to build a large manufacturing
enterprise.
Dhurandhar allegedly used several of his businesses, including a Long
Beach print shop called Digital Colors, as fronts for the secret operation.
Heavily tinted windows shielded the workers and gave no clue as to what
was being manufactured inside. By day, the firm was a legitimate printing
business, according to court documents. By night, it allegedly was a
full-scale counterfeiting and assembly plant.
Digital Colors, according to police investigators and the documents
they seized, was one hub in a manufacturing labyrinth. Companies in the
San Gabriel Valley handled the assembly work. Distributors in Los
Angeles and Westminster hawked the goods, which included French,
Portuguese and English versions of such bestsellers as Windows 95 and
Windows 98, Microsoft's computer operating systems.
In Long Beach, Digital Colors made the boxes, which were stored in
Paramount warehouses, one of which housed a $1.5-million CD-ROM
replicator that is as big as a high school classroom.
Finished products allegedly were boxed, shrink-wrapped and sold to
mid-level distributors. They, in turn, sold the fakes to other software
distributors. Some products were loaded on trucks and hauled across the
country, say police. Other goods were taken to Los Angeles International
Airport, flown to Northern California and later shipped overseas.
Ultimately, the disks allegedly were hawked at swap meets, over the
Internet and at small retail shops in the U.S., Canada, Europe and South
America.
How much money the counterfeiters actually made still is unclear, said
assistant U.S. attorney Stephen Larson,
who is prosecuting the case.
Court documents allege that the Dhurandhars used an elderly relative's
bank account, and other accounts with Bank of America and Bank of
Orange County, to launder at least $3.5 million in cash from sales of the
fake software products.
Profits allegedly were funneled into nearly $5 million worth of
residential and commercial properties across Southern California, including
a $2.7-million, Spanish-style home in Palos Verdes Estates perched above
Lunada Bay, according to state property records and court documents.
The Dhurandhars could step through their French doors and enjoy an
expansive view of the ocean and Catalina Island.
Federal and state authorities seized the properties and arrested the
Dhurandhars in June at their home. Police say that Atul Dhurandhar was
watering his lawn, and had $20,000 cash in his pocket, when they arrested
him.
A neighbor, when asked about the Dhurandhars, responded: "We
never see them. They keep to themselves."
Asian Economic Woes Intensify Piracy
The piracy of intellectual property--whether software or music, film or
pharmaceuticals--has flourished worldwide for decades. The rise of
Southern California as a counterfeiting center is a more recent
phenomenon.
The other hotbed of software counterfeiting is Asia, where the threat
of punishment is relatively low. In legitimate retail shops in Thailand last
year, more than 80% of all computer software sold to consumers was
pirated, according to the U.S. Trade Representative's office.
Last year's Asian economic collapse intensified piracy. Asian police
and U.S. federal investigators say formerly legitimate optical disc
producers--the companies that manufacture CD-ROMs for software
firms in Asia--are now moonlighting as software counterfeiters.
Among the offerings in Asian black markets: Microsoft's business
software package, Office 2000 Premium, which retails for nearly $8,700
in the United States. A week before Office 2000 debuted last month,
shoppers who visited open-air markets in Hong Kong and Singapore
picked up pirated versions for $20.
Like their counterparts in the drug trade, software counterfeiters are
well financed and mobile. When Hong Kong officials began cracking
down on piracy in 1995, pirates relocated their manufacturing facilities to
mainland China and nearby Macau, where there are fewer police
agencies tracking copyright violators.
Piracy also increased in Southern California. The U.S. Customs
Department has tracked a steady increase in the value--and number--of
high-tech counterfeit goods it seized this decade leaving the country.
Although pirated movies and music get media attention, they made up only
2% of all compact disks customs seized in the U.S. last year.
Kathlene Karg, director of anti-piracy operations for the Interactive
Digital Software Association, said pirates are attracted to the U.S. market
because they can charge more.
"That's why they're starting to make and distribute their stuff in the
U.S. The risk might be greater, but so are the potential profits," she said.
The fakes made here are harder to detect. For one thing, say
manufacturers, they look great. Counterfeits sold overseas rarely come in
anything more elaborate than a plastic sleeve.
Americans, however, prefer to buy nicely packaged goods, and pirates
can charge more if consumers are convinced they're buying
authentic--though drastically discounted--software. Fake versions of
Office 2000, similar to those selling for $20 in Singapore, can be found on
at least one Internet site for $175. The difference? A user's manual, a
warranty card and a shrink-wrapped box. All fake, of course.
"Nearly everything [counterfeit] of ours that we're seeing being made
in Southern California is retail-ready," said Anne Murphy, an attorney with
Microsoft's anti-counterfeiting team. "That's a big threat to our business
because people think they're buying the real thing."
In fact, high-grade counterfeits are starting to show up in mainstream
stores such as Fry's Electronics, industry sources say. The San Jose
Police Department's high-tech crime unit in the past year has investigated
several such cases.
Police officers said that small batches of bogus goods, sold to the chain
through independent distributors, had been discovered in inventory at
various Fry's stores. Officials at San Jose-based Fry's declined to
comment.
Investigators won't say whether some consumers had bought fakes.
Noting that investigations are ongoing, police also refused to identify the
stores that carried the goods, or to disclose what kind of software was
counterfeited.
Even if the people who made the bogus product are caught, the
consequences could be minor. But the downside for consumers could be
serious.
Counterfeit software could be a copy of an early--and flawed--version
of the real thing. It could include viruses that could destroy a person's
computer data. And manufacturers refuse to fix fake goods.
Federal penalties for counterfeiting are relatively low. If convicted, a
person can be sent to prison for up to five years for software
counterfeiting. But most software pirates avoid serious punishment and
usually serve less than three years, according to officials at the U.S.
Attorney's office.
Though a federal statute--the Digital Millennium Copyright
Act--enacted late last year allows for more serious financial penalties and
jail terms, the law remains relatively untested.
To date, federal and local prosecutors have focused largely on those
accused of running major counterfeiting operations and laundering money,
such as the Dhurandhars. Federal money laundering charges have a much
stronger legal bite--a minimum of 10 years in prison--than counterfeiting,
said Assistant U.S. Attorney Larson, who is chief of the department's
organized crime strike force in Los Angeles.
"It takes me longer to build a case than the time they end up spending
in jail," grumbled Det. Jess Bembry, an expert in Asian crime with the Los
Angeles County Sheriff Department. "It's ridiculous."
Few consumers sympathize when Microsoft or other large software
firms complain about counterfeiters. The Redmond, Wash.-based
behemoth is the world's most valuable corporation and has continually
exceeded Wall Street's profit expectations. Last week, Microsoft said its
fiscal fourth-quarter profits jumped 62%, with earnings for the period
climbing to a record $2.2 billion.
Microsoft has fought piracy since 1976, when Bill Gates wrote his
now-famous "Homebrew" open letter to computer hobbyists. The missive
chastised computer users and called them "thieves" for not paying to use
the operating software, known as BASIC.
Some critics say that software firms fuel piracy by charging too much
for their products, but the companies argue that the prices are set to
recoup costs of developing and marketing new programs and make a
profit.
"Counterfeiting is stealing. We don't benefit by it. We don't cause it,"
said Murphy, the corporate attorney for Microsoft.
There are three categories of software piracy. "Warez" is the Internet
underground community where users gather at little-known online trading
posts to swap files. In license infringement piracy, an individual or
organization loads a software program onto multiple computers and
doesn't pay the manufacturer for each installation. Finally, there is
counterfeiting--the practice of taking a program, burning a copy of it onto
a disk and selling the CD-ROM for a profit.
American willingness to buy counterfeit disks terrifies software firms,
which have not convinced the public that downloading a $300 business
computer program is as unethical as stealing a $300 leather coat.
In fact, the lack of public outrage has so emboldened the criminal
sector that consumers sometimes shop for counterfeit brands.
Take, for example, the Players, a Malaysian crime syndicate known
for making fake console video games. Their products, which are sold
throughout Asia and on the Internet, sport a small "Players" logo on the
jewel case. This logo also is burned on the game disk itself--often in place
of the icon for Sony Corp., the legitimate game publisher.
"When it comes to money, morality gets put aside," said Frank of the
Westminster Police Department. "Welcome to the new age of
international relations."
_ _ _
Times staff writer Rone Tempest in Hong Kong contributed to this
report.
LA Times
http://www.latimes.com/HOME/BUSINESS/UPDATES/lat_piracy990726.htm
Tech Firms Pay Police Agencies to Fight Cyber Crime
Law enforcement: Intel funds sheriff's unit that chases computer pirates.
Some fear conflict of interest.
By P.J. HUFFSTUTTER, Times Staff Writer
Gander through the headquarters of the Sacramento County Sheriff
Department's high-tech team and see what cops call the "ideal
model" for fighting cyber crime in an age of shrinking budgets.
Fluorescent lights cast a
jaundiced pall over the worn
office cubicles, the frayed
fabric pinned in spots with
tacks. On each desk sits a
computer, confiscated from a
crime scene and still sporting
an evidence tag.
Windbreakers with the team
logo are a luxury.
Then there are the things
visitors don't see.
Like the $10,000 body
wire Intel Corp. bought for
the unit to use in undercover
stings. Or the corporate jet Hewlett-Packard Co. used to fly officers to
Silicon Valley, and the tens of thousands of dollars the computer firm
spent for the team's travel expenses--flights, hotels, meals--when a recent
case took officers out of town.
Tired of being ripped off by high-tech criminals, some of America's
most powerful computer companies are fighting back with a relatively
simple approach: Subsidize the local police.
From inside pilferage and brazen heists to Internet piracy and industrial
espionage, digital crime in the United States cost computer hardware and
software companies about $3 billion last year.
Authorities, who concede they are barely making a dent in the
problem, insist they don't have the staff, resources or public support to
tackle the overwhelming number of complaints.
But the computer companies do. Corporate largess ranges from a
$100,000 annual grant from Intel that pays for police salaries in Oregon to
Motorola Corp. and several other major PC firms donating $10,000 each
to an annual fund to help underwrite the Austin (Texas) Police
Department's cyber team.
This controversial practice has divided the law enforcement
community between those who embrace the help and those who insist it is
a means of buying justice.
It also underscores a nationwide dilemma: How can local police
departments protect the high-tech sector--and the jobs and tax revenue it
provides--if there isn't enough money to handle such cases?
While investigating the Hewlett-Packard case, members of the
Sacramento Valley Hi-Tech task force traveled nationwide, at company
expense, to serve search warrants, arrest suspects and confiscate
evidence.
Before federal criminal charges were filed, however, Hewlett-Packard
filed a civil fraud suit against a company in San Diego believed to be tied
to the $500-million scheme. Hewlett-Packard used evidence gathered, in
part, in the officers' travels to resolve its suit and ultimately obtain a
stipulated judgment in its favor for $900,000.
"When companies are directly paying for travel, investigations or
salaries, I think that's a very dangerous line that quickly crosses into a
conflict of interest," said former FBI Agent Joe Chiaramonte, president of
the San Jose chapter of the High Technology Crime Investigation Assn., a
trade group.
But police Sgt. Tom Robinson, who heads up the Hillsboro, Ore.,
computer unit, sees it differently: "Frankly, any department that's not
[accepting such grants] is missing the boat."
Advocates such as Robinson insist the money represents the key to
winning the war on cyber crime, and is a small investment for the
multinational companies.
"If you're inferring that we're paid off, that's not right," said
Sacramento County Sheriff's Sgt. Michael Tsuchida. "I'll eat your dinner,
sleep in your hotel and still arrest you if you're breaking the law."
'We All Realized We Needed Each Other'
Traditionally, many corporations have shied away from revealing too
much to law enforcement to avoid drawing public attention to internal
troubles. But as computer piracy grows, companies today are much more
willing to seek help from police agencies.
Catching such criminals has long been the bailiwick of federal
prosecutors, as tech-savvy criminals rarely stay within the neat confines
of city limits when committing fraud on the Internet or stealing computer
components.
But federal law prevents prosecutors and the FBI from taking
corporate contributions to pay for salaries or travel expenses, and limits
the use of evidence collected by private investigators.
State laws, however, have created a much broader gray area for local
police. As a result, some local agencies rely on corporate handouts.
When losses mounted from armed robberies at computer chip plants in
Austin in the early '90s, the city's high-tech companies decided to finance
a private nonprofit group to train officers to deal with the problem.
Through the Austin Metro High Tech Foundation, firms including IBM
and Dell Computer Corp. annually donate up to $10,000 each for
investigators' training, travel and equipment.
In return, businesses--including Applied Micro Devices, National
Instruments and Motorola Corp.--say they expect law enforcement to
treat computer crime as seriously as drugs and gang violence.
Because Texas law restricts direct corporate contributions to
particular police units, the funds are managed and distributed through the
Austin Community Foundation, a nonprofit entity.
"[The companies] can tell us what equipment we can or can't buy, but
they can't tell us what to do with the cases," said Police Sgt. Robert
Pulliam, who runs the department's five-person computer crime team.
"We all realized we needed each other."
This circle of financial interdependence has evolved slowly, from a
long-standing tradition of police getting information from private
investigators hired by the corporations.
Companies typically approach police when they have enough evidence
to back up a search warrant, said Los Angeles County Deputy Dist. Atty.
William Clark, who prosecutes many trademark cases.
Law enforcement then assembles the case. The corporate
investigators often serve as experts, helping to identify fake products or
explain the workings of stolen technology.
Microsoft is the most aggressive technology firm when battling thieves,
police say. In Hong Kong, the company runs its own stings, setting up
fake storefronts as a means of gathering evidence, sources say.
In the United States, Microsoft employs a security force of more than
200 people, some of them former law enforcement officers, who
investigate cases and package the evidence, which they hand over to
authorities for prosecution.
"As a matter of policy, we don't pay law enforcement to do their jobs,"
said Anne Murphy, a corporate attorney with Microsoft's
anti-counterfeiting group. "In certain cases, Microsoft has provided
financial support for operating expenses for investigations."
In 1997, the software giant approached the Los Angeles County
Sheriff's Department and offered to help pay for a sting operation.
The price? About $200,000 to purchase printing equipment from
suspected software counterfeiters, and give officers the tools needed to
create an undercover print shop.
The department declined.
"It's not about the money. It's about how the public perceives the
money and how it's being used," said Det. Jess Bembry, who worked for
the department's Asian Organized Crime unit at the time. "When defense
attorneys start screaming, all anyone cares about is avoiding the
perception of impropriety."
The rich scent of wet soil and warm grass wafts across Hillsboro, a
bedroom community of Portland, Ore., that has traded its agricultural roots
for a future in high-tech manufacturing. This town of 68,000 more than
doubles in population during weekdays, as workers flood into the
catacomb of industrial facilities that have sprung up throughout the city's
rolling hills.
As Oregon's largest private employer, Intel's influence is pervasive. In
blue-collar Hillsboro, it is difficult to distinguish the line between corporate
philanthropy and corporate influence.
At the Hillsboro Chamber of Commerce, a small plaque that reads
"Intel Room" is affixed outside the door of the center's main meeting
room--in honor of the company paying to furnish the small space.
Though the town represents Oregon's largest high-tech hub, city
managers have set aside only 2.7% of the Hillsboro Police Department's
annual $9.2-million budget for its seven-person computer crime team.
There's no need to commit more, city officials say, because Intel
catches the shortfall: $100,000 a year, which pays the salary of one of the
police officers and some expenses, according to a 1996 city memorandum
of understanding obtained by The Times. Additionally, Intel purchased one
officer's car, and helped pay for the team's offices, computer
workstations, telephones and fax machines.
Of all 231 cases Hillsboro's high-tech team has tackled between 1995
and April 30 of this year, about 41% involve Intel in some way. As of
April, about one-fifth of the nearly $210 million the unit recovered is tied
to Intel complaints.
Police say the grant, which is permitted by Oregon state law, has not
swayed their focus. Investigators attribute the case ratio to black-market
demand for fake Intel computer chips and the company's size.
"This may not be the ideal way for us to do business, but at least we're
trying to do something about these crimes," said Police Sgt. Robinson,
whose team includes members of the FBI and the U.S. attorney's office.
"Without us, the criminals run rampant and impact everyone--the
companies and the community," he said.
Intel executives insist that their "nontraditional approach" of working
with police is legitimate and harmless. It is, they say, merely part of a
companywide philosophy to invest in the communities where employees
live and work--not a means of gaining police protection.
"It'd be dead wrong to criticize the police unless we could make a
contribution," said Chuck Mulloy, a corporate spokesman for Intel.
Other cities are modeling their efforts after Hillsboro. Chandler, Ariz.,
which has several Intel manufacturing and assembly centers, plans to
pattern its own nascent computer team after Hillsboro.
Such partnerships can hurt the police if companies stop paying, say
critics. That's a concern in Hillsboro, where city officials admit there are
no guarantees that the Intel grant won't disappear.
"The police don't want to hear this, but if we lose the Intel grant, we'll
default on the high-tech crime unit," said David Lawrence, Hillsboro's
assistant city manager. "We'll have to go back to what we had before,
which wasn't much."
Inside a bland concrete warehouse on the edge of Sacramento's city
limits, the Sacramento Valley Hi-Tech unit is the quintessential modern
police model for fighting computer crime. The task force was created in
1995 and draws officers from 16 enforcement agencies.
The team's diverse membership--officers from different jurisdictions
who possess varied skills--is the key to its strength.
"These guys have the best reputation among law enforcement," said
L.A. County Sheriff's Det. Bembry. "They do amazing things with very
few financial resources."
Each agency pays for its officers' salaries, equipment and vehicle. But
the departments don't feed into the team's general operating budget, which
is zero, said Sgt. Tsuchida, who runs the unit.
By comparison, the department's narcotics team receives at least
$55,000 a year for similar costs.
"We serve at least 50 search warrants a year," Tsuchida said. "We
couldn't get the $150 a person to get the training to make sure everyone
does it the same way. That's a safety concern."
The financial slack is often covered by local technology companies,
which contribute seized assets and occasionally kick in for travel and
other expenses, Tsuchida said.
"If the companies don't pay, we can't investigate" some out-of-town
cases, said Sacramento County Sheriff's Lt. Jan Hoganson, who
commands the unit. "We can't afford it."
Cost was a factor in the recent Hewlett-Packard software theft case,
which investigators say has links extending from the Central Valley to
Southern California, the Pacific Northwest and Central America.
Bill Conley, president of US Computer Corp. in Redmond, Wash., is
one of several people Sacramento's unit arrested in conjunction with the
case. The charges, of possessing stolen H-P goods, were later dropped,
but Conley insists the case was tainted.
"It was the Hewlett-Packard people--not the Redmond police, not the
Sacramento cops--who led the whole thing, who took employees off and
threatened to take them to jail," said Conley, 41.
Police, prosecutors and Hewlett-Packard officials scoff at Conley's
claim, and cite other types of white-collar crimes, such as insurance fraud,
which routinely relies on the private sector for enforcement help. And
Sacramento's Hoganson insists his team's focus is unbiased, they say,
noting that of the 285 cases the team investigated in 1998, only 16 were
tied to companies that are members of the unit's steering committee.
But the California Supreme Court takes the issue seriously. In a 1996
trade secrets case, the court upheld the disqualification of a Santa Cruz
County district attorney because the office had accepted more than
$13,000 from a Scotts Valley software company, Borland International.
The money was used to hire a computer expert to determine whether
a former executive had taken proprietary information to a rival firm,
Symantec Corp.
Police and prosecutors say the Hewlett-Packard case is different
because the corporation's involvement did not influence their decision to
file criminal charges.
"I don't see [it] as a conflict, because you're giving law enforcement
the money--not the district attorney's office," said Robert Morgester, a
deputy attorney general for the state attorney general's office who helped
create and fund the Sacramento team.
California legislators are trying to offset the money pinch, by rolling out
a $1.3-million state grant to be divided among three task forces:
Sacramento, San Jose and Los Angeles/Orange County. In addition, the
governor's office has set aside an additional $1 million for the same
purpose.
Investigators say that although the grant helps, it's still not enough.
"That money is already spent on training, hiring new people and getting
my guys new computers," Tsuchida said. "We're not breaking any laws
now, so why should we change what we're doing?"
Copyright Los Angeles Times.
14.0 Mitnick sentencing postponed again...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.zdnet.com/zdnn/filters/bursts/0,3422,2302198,00.html
Monday; Jul26th 10:46a
Mitnick sentencing postponed again
The sentencing of convicted hacker Kevin Mitnick was postponed for a second time today.
The government is asking for Mitnick to be responsible for restitution on the order of $1.5 million,
while the defense is asking for payments on the order of $5,000, based on his projected earnings
potential during his supervised release. He will not be able to use a computer during that three
year-period. More details to follow. --ZDNN staff
@HWA
15.0 Military Reserves to be Used for Cyber Defense
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Sarge
The Reserve Component Employment Study 2005,
commissioned by Defense Secretary William Cohen, has
concluded that Reserve units are probably the best
choice to help secure military systems. The study says
that members of a this new unit could work remotely
and should be recruited from high-tech sectors of the
civilian population. (Hmmmm, maybe I should reenlist?)
Federal Computer Week
http://www.fcw.com:80/pubs/fcw/1999/0726/fcw-newsreserve-07-26-99.html
JULY 26, 1999
Study calls for reserve virtual IT warfare unit
BY DANIEL VERTON (dan_verton@fcw.com)
A year-long study completed last week by a senior panel of Defense
Department officials recommended an unprecedented expansion in the role the
reserves play in national defense, including the formation of a virtual
cyberdefense unit to protect the nation's critical infrastructure.
The study, Reserve Component Employment Study 2005, was initiated in April
1998 at the request of Defense Secretary William Cohen and concluded that the
reserves are "particularly well-suited to homeland defense missions." In addition,
the study called for the formation of a "joint [reserve component] virtual
information operations organization" and tasked various senior-level DOD
organizations to complete a "proof of concept" study for creating the unit by
June 30, 2000.
The new reserve cyberdefense unit "would consist of individuals with
information technology skills who could perform their duties from dispersed
locations rather than working as a single consolidated unit at a specific training
center," the report said. To accomplish their mission of protecting various critical
infrastructure nodes, the unit would communicate from existing reserve centers
and other DOD facilities across the country that have access to the Secret
Internet Protocol Routing Network.
To form the new unit, the study recommended looking for reserve members in
regions of the country where high concentrations of IT skill already exist.
In addition, the study suggested that the reserves consider recruiting
high-tech-savvy people from the civilian sector, requiring them to join the
reserves for a specific number of years in exchange for high-tech training
provided by DOD.
Establishing a "virtual organization" also would go a long way toward solving the
department's problem of retaining personnel with critical IT skills and may allow
DOD to reduce its reliance on external contractor support, the report said. "A
'virtual organization' [also] could support the Joint Task Force [for] Computer
Network Defense," the report said. Cohen established the JTF-CND in
December 1998 to monitor and take defensive actions against hackers and other
unauthorized users who try to penetrate DOD networks.
Rick Forno, a security officer for Network Solutions Inc. and the former senior
security analyst at the House of Representatives' Information Resources
Security Office, said the report's recommendation to use the reserves for cyber
defense "is a great idea" and represents one of DOD's more innovative
initiatives. "I'm thrilled that DOD is looking to go outside the box on the
Info-Protect/InfoCorps idea in the reserve components," said Forno, who
proposed a similar idea to DOD a year ago. However, "it comes down to
endorsement and support from senior leadership [whether or not] they let this
organization function as intended," he said.
Anthony M. Valletta, vice president of C3I systems for SRA Federal Systems
and former acting assistant secretary of Defense for command, control,
communications and intelligence, said the concept of using the reserves in this
manner is one that the intelligence community has proven works.
"When we did this with the intelligence community, it worked extremely well,"
Valletta said. "We have a lot of expertise in the reserves that we need to take
advantage of."
The main challenge facing the reserve cyberdefense corps idea, according to
Valletta, is training and equipping the reserves to carry out the mission. "We
have to keep up with the technology, and the reserves have to have the latest
capabilities," Valletta said. "That is a major change of philosophy in terms of
equipping the reserves."
However, the idea of establishing a JTF for Homeland Defense also is an idea
that some groups, particularly civil liberties organizations, may question.
"The main issue is the Posse Comitatus Act and the limits on military activity
within the U.S.," said Mark Lowenthal, former deputy assistant secretary of
State for intelligence and now a member of Valletta's C3I consulting team at
SRA. "If it is limited to what are clearly DOD facilities, then there should be no
problem," he said. "If it steps over that line, then there are some legal issues that
have to be addressed."
Other recommendations contained in the report include using the reserves as
part of a Joint Task Force headquarters for Homeland Defense, which would
work with the Federal Emergency Management Agency and other civil
authorities to coordinate responses to attacks involving nuclear, chemical and
biological weapons, and increasing the use of smart card technology to reduce
delays in processing reserve members for active-duty assignments.
@HWA
16.0 Kodak's new PROM copy-killer?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
Kodak Introduces CD-PROM, Claims to Thwart Pirates
contributed by WareZ dud3
Kodak has introduced a new CD technology it calls
CD-PROM or CD-Programable Read Only Memory. It
combines the standard CD with a small section of CDR
that will contain specific information about the machine
the software is registered to. Kodack claims this will
stop piracy in its tracks. (It might stop the warez dudes
from trading the latest version of Duke Nuke 'Em but it
will do nothing to stop the professionals.)
Express News
http://www.expressnews.com/pantheon/news-bus/sheron-tech/2504rkodak_7-25nz.shtml
Kodak develops anti-hacker
CD
Format is computer-specific, aims to foil
non-customers
By Don Sheron
EXPRES-NEWS SCIENCE/TECHNOLOGY WRITER
Software pirates have a new technological hurdle ahead of
them. Kodak has developed a way to make CD programs
more secure from hackers and unlicensed users.
It's a customized CD called the CD-PROM (Compact
Disc-Programmable ROM). This includes the standard
write-once feature of commercial software, but the
CD-PROM also includes a recordable feature that
identifies a particular computer to the CD.
"There's a lot of enthusiasm for this technology," said Bruce
Ha, senior research associate at the Eastman Kodak Co. of
Rochester, N.Y. "It's a format that people have been
talking about for the past 10 years now."
The new hybrid technology allows software manufacturers
to produce low-cost CD-ROMs with the ability to add
CD-R (recordable) information. CD-PROM works like a
normal CD software product, but using the software
requires start-up information specific to the licensed
consumer.
For instance, many software CDs require a registration
code to unlock some or all of the program's features. To
get the registration code, consumers can register their
software online with the software manufacturer. To thwart
Internet hackers, the CD-PROM will match the registration
code with the licensed software, thus keeping hackers from
using an illegal copy of the software.
Similarly, a CD-PROM is designed to work on software
shipped with a specific computer. The CD-PROM can be
set up to read only the BIOS information on the computer
with which it was shipped. The BIOS (basic input/output
system) loads and executes the computer's operating
system, such as Windows 98.
"So (Microsoft) Office or any other program that comes
bundled with that computer cannot be shared by anyone
else," Ha said.
But making a CD-PROM has been difficult.
A normal CD contains data embedded into "pits" that are
pressed into the platter. The platter is then covered by an
aluminum reflective layer and a protective plastic coating.
On a CD-R, a single groove is pressed into the platter
instead of pits. An organic dye is added for recording new
information onto the platter. A reflective layer of gold or
silver covers the dye, and then the CD gets a protective
coating.
Some manufacturers have tried to add both pits and
grooves onto a CD. But they have had problems with the
disc being read properly. This can occur when the ROM
reader switches to the recordable writer, or because the
speed of the laser light reading the CD changes when it
goes through different materials on the platter.
To get around this, Kodak decided to use a single,
continuous groove pressed into the platter. The master disc
is designed to make the CD reader think that the groove
actually contains a series of pits.
Kodak is using the CD-PROM for its Picture CD product.
Ha says no failures have been noticed after beta testing
20,000 discs in photo labs.
Saturday, Jul 24,1999
@HWA
17.0 Sandstorm Releases New Version of Phone Sweep
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Brian
Sandstorm Enterprises has released a new version of its
$998 war dialing program called 'Phone Sweep' It does
have at least one cool feature, auto recognition of over
200 remote systems. Ummm, thanks but I'd rather have
the free, non-hardware copy protected, Tone Loc.
Excite News
http://news.excite.com/news/bw/990721/ma-sandstorm
PhoneSweep
http://www.sandstorm.net/phonesweep/
Tone Loc - toneloc.zip
http://www.l0pht.com/~oblivion/blkcrwl/telecom/toneloc.zip
Tone Loc Utilities
http://www.l0pht.com/~oblivion/blkcrwl/telecom/toneutil.zip
Sandstorm Enterprises Announces Single Call Detect -- Advanced Telephone Scanning
Technology to be Incorporated Into New Release of PhoneSweep
Updated 10:45 AM ET July 21, 1999
Most Significant Development in Wardialing Since the Movie "War Games"
CAMBRIDGE, Mass. (BUSINESS WIRE) - Sandstorm Enterprises Inc., an information security tools company, has released an
enhanced version of its PhoneSweep telephone scanner, incorporating "Single Call Detect" to dramatically speed scans. Additional
features in PhoneSweep release 1.1 include an increase in the number of target systems recognized, to more than 200, and
enhancements to the tool's brute force testing mode.
PhoneSweep is intended for use by security professionals to audit corporate telephone systems for vulnerabilities, such as
undocumented modems tied to internal networks. PhoneSweep works like a computer criminal's "war dialer," and Sandstorm has
found an enthusiastic market for PhoneSweep among security professionals who had been using such "hackerware" for lack of a
commercially-developed and supported alternative. "A surprising number of corporations, and even Federal agencies, have been
using hacker tools like ToneLoc to carry out their telephone scans," said Dr. Ross Stapleton-Gray, Sandstorm's Vice President for
Government Relations. "There's a certain irony -- and recklessness -- in relying upon unsupported, undocumented software to
secure mission- or national security-critical networks."
Single Call Detect allows PhoneSweep to determine if a telephone is answered with a voice, a second dial tone, a fax machine, or
a data modem with a single call. The determination is made in less than five seconds, speeding the scanning process. "Dialing
numbers and waiting for the modems to synchronize or time out, while simple, is neither efficient nor particularly effective," said
James Van Bokkelen, Sandstorm's president. "Single Call Detect allows PhoneSweep to skip rapidly from number to number,
ending a call as soon as a voice, busy or second dial tone is detected, and completing the average scan in less than half the time."
The speed and accuracy afforded by Single Call Detect also reduces any inconvenience to organizations being scanned, as
PhoneSweep promptly releases connections upon encountering a live or recorded voice.
In developing PhoneSweep, Sandstorm worked with security expert Peter Shipley, who has scanned several million phone lines in
the San Francisco Bay area. Shipley's research has shown unsecured "back doors" at hundreds of sites -- including government
and commercial systems -- that allowed full control to any caller without first asking for a username and password. Sandstorm has
used Shipley's results to train its recognition engine, and Shipley has used PhoneSweep's recognition system to categorize and
tabulate the results of his project.
Originally released last October, PhoneSweep is in use by both security departments and independent auditors at hundreds of sites
in North America and overseas. PhoneSweep customers include both large and small companies, Federal and state governments
and the military.
PhoneSweep customers with current support contracts will all receive automatic upgrades to release 1.1. PhoneSweep Basic
($980) supports a single modem and up to 800 phone numbers per scanning profile. PhoneSweep Plus ($2800) supports four
modems for simultaneous scanning, and 10,000 number profiles. PhoneSweep Plus8 ($5600) supports eight modems with 10,000
number profiles. Sandstorm Enterprises will be exhibiting at the 8th USENIX Security Symposium, August 23-26 in Washington
D.C.
PhoneSweep(TM) and Single Call Detect (TM) are trademarks of Sandstorm Enterprises Inc.
Further details on PhoneSweep and "Single Call Detect" are available on the product Web site, at http://www.phonesweep.com
Contact: Sandstorm Enterprises Inc. In Boston, MA Dick Guilmette, (617) 426-5056 dickg@sandstorm.net or In Washington, DC Dr. Ross
Stapleton-Gray, (703) 685-5197 rsgray@sandstorm.net
@HWA
18.0 Major FUD - US Under Attack by Russians
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by dis-crete
This article is so filled with FUD (Fear Uncertainty and
Doubt) and so many unconfirmable statements it makes
me ill. The few facts that are present are old and the
rest is there to scare the hell out of you. I'd still like to
talk to the guy who claims his print job was redirected.
He won't answer my emails.
The London Times
http://www.the-times.co.uk/news/pages/sti/99/07/25/stifgnusa03003.html?999
The Australian
http://www.theaustralian.com.au/world/4161044.htm
-=-
The London Times
http://www.the-times.co.uk/news/pages/sti/99/07/25/stifgnusa03003.html?999
Cyber assault: Clinton wants
an extra $600m to combat
threats such as Moonlight
Maze
Russian hackers steal US weapons secrets
by Matthew Campbell
Washington
AMERICAN officials believe Russia may have stolen some of
the nation's most sensitive military secrets, including weapons
guidance systems and naval intelligence codes, in a concerted
espionage offensive that investigators have called operation
Moonlight Maze.
The intelligence heist, that could cause damage to America in
excess of that caused by Chinese espionage in nuclear
laboratories, involved computer hacking over the past six
months.
This was so sophisticated and well co-ordinated that security
experts trying to build ramparts against further incursions
believe America may be losing the world's first "cyber war".
Investigators suspect Russia is behind the series of "hits"
against American computer systems since January. In one
case, a technician trying to track a computer intruder watched
in amazement as a secret document from a naval facility was
"hijacked" to Moscow from under his nose.
American experts have long warned of a "digital Pearl Harbor"
in which an enemy exploits America's reliance on computer
technology to steal secrets or spread chaos as effectively as
any attack using missiles and bombs.
In a secret briefing on Moonlight Maze, John Hamre, the
deputy defence secretary, told a congressional committee: "We
are in the middle of a cyber war."
Besides military computer systems, private research and
development institutes have been plundered in the same
operation. Such institutes are reluctant to discuss losses, which
experts claim may amount to hundreds of millions of dollars.
"We're no longer dealing with a world of disgruntled
teenagers," said a White House official, referring to previous
cases of computer hacking in which pranksters have been
found responsible for incursions. "It is impossible to overstate
the seriousness of this problem. The president is very
concerned about it."
The offensive began early this year, when a startling new
method of hacking into American computer systems was
detected. A military computer server near San Antonio, Texas,
was "probed" for several days by hackers who had entered the
system through an overseas site on the internet.
Dozens of infiltrations ensued at other military facilities and
even at the Pentagon in Washington. When research
laboratories also reported incursions using the internet
technique, officials realised that a "cyber invasion" was under
way.
"There were deliberate and highly co-ordinated attacks
occurring in our defence department systems that appeared to
be coming from one country," said Curt Weldon, chairman of a
congressional committee for military research and
development. "Such a thing has never happened before. It's
very real and very alarming."
Even top secret military installations whose expertise is
intelligence security have been breached. At the Space and
Naval Warfare Systems Command (Spawar), a unit in San
Diego, California, that specialises in safeguarding naval
intelligence codes, Ron Broersma, an engineer, was alerted to
the problem when a computer print job took an unusually long
time.
To his amazement, monitoring tools showed that the file had
been removed from the printing queue and transmitted to an
internet server in Moscow before being sent back to San
Diego. "It turned out to be a real tough problem for us," he told
a private computer seminar last month.
It is not clear precisely what information was contained in the
stolen document. Beyond its role in naval intelligence, Spawar
is also responsible for providing electronic security systems for
the Marine Corps and federal agencies. It is suspected that
several other intrusions had gone undetected.
Oleg Kalugin, a former head of Soviet counterintelligence now
resident in Maryland, said such facilities were prime targets for
Russian intelligence. He said the Federal Agency for
Government Communications and Information, a former KGB
unit that specialises in electronic eavesdropping, was certain to
be exploiting the internet for spying on America. "That's what
they're good at," he said.
America's high-precision technologies, including weapons
guidance systems, are of particular interest to a country such
as Russia where economic woes have prompted crippling
cutbacks in funding for military research. "Russia is quite good
at producing technology but can't afford to finance the
research," said Kalugin. "It's easier to steal it."
The computer assaults have given fresh impetus to measures
ordered by Clinton more than a year ago to protect the
country's electronic infrastructure. Alerted to the threat of
Moonlight Maze, the president has called for an extra $600m to
help fund a variety of initiatives, including an infrastructure
protection centre in the FBI to gauge the vulnerability of
computer systems to attack.
He has ordered the military to develop its own information
warfare capabilities to respond to such attacks. But Weldon,
describing dependence on computer systems as "the Achilles
heel of developed nations", said this is not enough. He is
advocating the creation of a unit in the Pentagon under a senior
commander to oversee the defence of computer systems.
According to other experts, America has been so preoccupied
with beating the Y2K (year 2000) or millennium bug - a
programming problem that could paralyse computers on the
first stroke of the new year - that its military, scientific and
commercial communities have neglected the overall security of
their computer systems.
At the same time, the huge number of systems being
overhauled to make them Y2K-compliant has heightened the
risk of infiltration.
Alarmed by the theft of military documents whisked to Russia,
American officials argue that the country should brace itself
for other, equally disturbing forms of information warfare that,
in theory, could bring the country to its knees.
China, Libya and Iraq are developing information warfare
capabilities and, according to one White House official, "we
see well-funded terrorist groups that also have such
capabilities".
A series of war games conducted by experts last year
revealed that the world's greatest superpower could be at the
mercy of a handful of determined computer hackers paralysing
airports, markets and military systems with a few taps on a
computer laptop.
Suspicions that Russia is responsible are based partly on the
involvement of Moscow-based internet servers in some
attacks. But experts caution that evidence of a Russian hand in
the operation may not signal a Kremlin connection.
"It could turn out to be Russian organised crime," said one
expert. "And they could be acting as a front for the intelligence
community."
Ironically, the Russians are pressing for an international treaty
to freeze information warfare. "We cannot permit the
emergence of a fundamentally new area of international
confrontation," Sergei Ivanov, the former Russian foreign
minister, wrote in a letter to Kofi Annan, the United Nations
secretary-general in October.
Subsequently, Russia's relations with America have reached
their lowest ebb since the cold war because of Nato's
intervention in Yugoslavia. Relations with China have also
suffered. An offensive in cyberspace may be their one way of
retaliating without getting into a shooting war.
The Australian
http://www.theaustralian.com.au/world/4161044.htm
US losing cyber war to Russian hackers
From MATTHEW CAMPBELL of The Sunday Times in Washington
26jul99
US officials believe Russia may have stolen some of Washington's most
sensitive military secrets, including weapons guidance systems and
naval intelligence codes, in an espionage offensive that investigators
have called Operation Moonlight Maze.
The intelligence action, whose damage to the US could exceed that
caused by Chinese espionage in nuclear laboratories, involved computer
hacking in the past six months.
The operations were so sophisticated that security experts trying to
build defences against further incursions believe the US may be losing
the world's first cyber war.
Investigators suspect Russia is behind the series of hits against US
computer systems since January. In one case, a US technician trying to
track a computer intruder watched in amazement as a secret document
from a naval facility was hijacked to Moscow from under his nose.
In a secret briefing on Moonlight Maze, deputy Defence Secretary John
Hamre told a congressional committee: "We are in the middle of a cyber
war."
Besides military computer systems, private research and development
institutes have been plundered, US officials say. Such institutes are
reluctant to discuss losses, which experts claim amount to hundreds of
millions of dollars.
"It is impossible to overstate the seriousness of this problem. The
President is very concerned about it," a White House official said.
The offensive began early this year, when a startling new method of
hacking into US computer systems was detected.
A military computer server near San Antonio, Texas, was infiltrated for
several days by hackers who had entered the system, through an
overseas site on the Internet.
Dozens of security violations ensued at other military facilities, and
even at the Pentagon, the US military headquarters in Washington.
When research laboratories also reported Internet incursions, officials
realised a cyber invasion was under way.
"There were deliberate and highly co-ordinated attacks occurring in our
defence department systems that appeared to be coming from one
country," said Curt Weldon, chairman of the congressional committee
for military research and development.
"Such a thing has never happened before. It's very real and very
alarming."
Even top-secret military installations, whose expertise is intelligence
security, have been breached.
At the Space and Naval Warfare Systems Command in San Diego,
California, which specialises in safeguarding naval intelligence codes,
engineer Ron Broersma was alerted to the operation when a computer
print-out took an unusually long time.
To his amazement, monitoring checks showed the top-secret file had
been removed from the printing queue and transmitted to an Internet
server in Moscow before being sent back to San Diego.
Alerted to the threat of Moonlight Maze, President Bill Clinton has called
for an extra $US600 million ($923 million) to fund a variety of security
initiatives, including an infrastructure protection centre in the FBI to
gauge the vulnerability of computer systems.
The White House has ordered the US military to develop its own
information warfare capabilities. US officials warn other forms of
electronic attack could potentially bring the country's military to its
knees.
China, Libya and Iraq are developing information warfare capabilities.
And one White House official says: "We see well-funded terrorist groups
that also have such capabilities."
@HWA
19.0 BO2K and SMS, Which One is Evil?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by maierj
We missed this last Friday but Jim Louderback, over at
ZD Net has some interesting comments regarding SMS
and BO2K. Last week cDc challenged MS to recall SMS.
cDc says that SMS has the same feature set as BO2K,
and since BO2K is being classified as a Virus/Trojan then
SMS must be one to. Jim asks the question just what is
a virus anyway?
ZD Net
http://www.zdnet.com/zdnn/stories/comment/0,5859,2300632,00.html
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
Virus identity beginning to blur
By Jim Louderback, ZDTV
July 23, 1999 10:49 AM PT
URL: http://www.zdnet.com/zdnn/stories/comment/0,5859,2300632,00.html
So what is, or what is not a virus? That question took an interesting turn last week.
The kind folks over at Cult of the Dead Cow launched a counter-attack at Microsoft. Their new
Back Orifice product, which allows remote monitoring and administration of computers over a LAN
or the Internet, has come under fire from many quarters. Because after a surreptitious install it is
virtually undetectable by the end user, many are calling it a Trojan Horse.
But a Trojan Horse is actually a program that calls itself one thing, but turns out to be something
else. Unless a hacker or cracker developed a seemingly benign program that secretly installed Back
Orifice's Server, it's just a program that does some powerful and possibly nasty things.
But Microsoft and others have been bashing Back Orifice. Symantec included Back Orifice server
detection in their Anti-Virus product. And up on Microsoft's security site, they're calling Back
Orifice 'malicious' -- primarily because it "Includes stealth behavior that has no purpose other than to
make it difficult to detect."
But apparently that old stone and glass-house adage applies here. Microsoft's own Systems
Management Server (a.k.a. SMS) happens to have features surprisingly 'malicious' -- just like Back
Orifice. SMS, in fact, does let you remotely control a user's PC without the client being aware of it.
Apparently Microsoft included this feature at the request of their customers.
It should come as no surprise that some Microsoft actions could be characterized as malicious.
Actually it's refreshing to have them finally admit it. And I got a good chuckle when the Cult of the
Dead Cow issued a press release challenging Microsoft to recall SMS. And it's folly to assume that
Symantec would scan for SMS in Norton AntiVirus, along with Back Orifice.
But it still raises the question of what is a virus. That feature is a useful tool when respected
software vendor Microsoft sells it for many hundreds of dollars. But when a company calling
themselves, "the most influential group of hackers in the world" includes that same feature, and gives
it away for free, suddenly it's a virus.
But that's not all. It seems that many PC vendors have been shipping an ActiveX control that
unknowingly opens up a user's system to rape and pillage. The HP version of the control allows an
e-mail to automatically download a program locally, install it and run it. The SystemWizard Launch
ActiveX control can be executed from an Outlook or Outlook Express client. According to Pharlap
CEO Richard Smith, similar versions of this control are shipped on many major computer systems
(but not all of them -- my IBM ThinkPad is safe). For more information on this topic, head over to
www.tiac.net/users/smiths/acctroj/index.htm.
So is the SystemWizard Launch ActiveX control a virus? Well it certainly has some elements of a
Trojan horse. It sits on your PC, looking benign, until someone executes it in the right way. And it
can severely compromise your security -- this is a perfect way to deliver Back Orifice or SMS, for
instance. Should Symantec's Norton Anti-Virus scan for this control as well? Or should you just turn
ActiveX off in your browser?
I'm not sure I have an answer, but these lines are going to continue to blur. And as we connect more
and more devices up the Internet, including phones, appliances and set-top boxes, "malicious"
programs will have even more fertile ground to spread. And man, I'd hate to have my freezer
infected with a virus.
@HWA
20.0 The Last True Hacker
~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by found on slashdot
So what exactly is a 'hacker'. Do the ethical hackers in
the IBM ads count? Is Richard Stallman, as Steven Levy
called him, the last true hacker? What about Linus Torvalds?
Boston Globe
http://www.boston.com/dailyglobe2/206/business/Scientists_and_hackers+.shtml
ECONOMIC PRINCIPALS Scientists and hackers
By David Warsh, Globe Staff, 07/25/99
If the essence of politics is to be found in the shifting meaning of words,
then few words carry a more interesting charge these days than
''hacker.''
For example, as one of a series of recent ads, IBM Corp. has been parading a
photograph of employee Nick Simicich, ''Ethical Hacker.'' Flowing-bearded,
fish-shirted, felt-hatted, granny-glassed, Simicich is described as a ''paid
professional paranoid.''
His job: to determine whether software systems are susceptible to hackers.
His distinction: He protected the electrical power infrastructure in the United
States from ''cyber-jackers bent on misdirecting electricity with bogus
information.''
So much for the limits of the current definition of hacker: the principled
tester-of-limits vs. the high-tech saboteur.
But if you listen carefully to the leading innovators in computer systems, you
realize that the applicability of the term is expanding rapidly.
Consider the story of how Linus Torvalds, and not Richard Stallman of the
Massachusetts Institute of Technology, came to pose the chief threat to the
world's first centibillionaire, Bill Gates.
Stallman would seem to be the hacker par excellence - ''the last true hacker,''
as author Steven Levy called him in his famous book. Even though it was
Harvard College that he entered in 1970, it was down the street at MIT that
Stallman found his spiritual home. There he imbibed deeply the peculiar
sensibility that is one of MIT's enduring contributions to computer culture.
He rendered a small jewel of a hack of one sort a few years ago when he
posted an official-looking sign on the spot that serves as the Wellesley
terminus of the shuttle bus that has connected Wellesley College and MIT
since the mid-1960s.
Barbedall Square, it read. At the MIT end of the line, of course, is Kendall
Square. (It helps to say them out loud.)
Such is the world of an MIT hacker: high-spirited, clever, accomplished, and,
just possibly, but not necessarily, oriented to the occasional countercultural
prank. According to Stallman, the use of ''hacker'' to mean ''security breaker''
is mass media confusion. Hackers themselves, he says, use the word to mean
''Someone who loves to program and enjoys being clever at it.''
Stallman's significance goes far beyond a few practical jokes, however. It was
in 1981 that a little start-up company known as Symbolics Inc. hired away
most of the staff of MIT's Artificial Intelligence Lab and set them to work
writing proprietary software.
At about the same time, Digital Equipment introduced its new VAX
computers, with brand-new proprietary operating systems. The community of
pioneering software sharers that had grown out of the Model Railroad Club at
MIT suddenly collapsed.
So Stallman did a historic thing. Instead of joining the proprietary world, he set
out to make a free, shareable operating system that would work on any
computer and run any program. There would be none of the nondisclosure
agreements that characterized the nascent software industry.
Stallman dubbed his ambitious project the GNU system.
But first there would have to be tools. His first big achievement was EMACS,
a compiler and text editor that rendered possible more ambitious programming.
Other programs followed.
All were freely made available to others under the ''copyleft'' license Stallman
and his friends devised to keep the underlying source code open - that is, to
protect the right of other users to know and modify the basic code.
Stallman's Waterloo was the operating system's ''kernel,'' the core part of the
operating system where memory is allocated among all the other programs:
scheduling, signalling, device input/output, and so on.
When Stallman turned his shoulder to the task in 1990, the dogma among
computer scientists in cutting-edge American universities such as MIT was
that something called a ''microkernel'' would be required to make a truly
portable system. A microkernel would be a kind of coded general theory of all
computer architectures; it would be required before such a system could run
on any hardware.
Cut to Helsinki in 1991. A young Finnish graduate student named Linus
Torvalds, comfortably outside the circuits of grant-supported American
computer science research, decided to try an alternative approach - a
''monolithic kernel,'' simpler, but far faster and already relatively
well-understood. ''I am a pragmatic person,'' Torvalds has written. '' ... I didn't
have to aim for such a lofty goal. I was interested in portability between real
world systems, not theoretical systems.''
So Torvalds read up on the systems in use, in search of common denominators
between them. Once he had a design for a certain task - for memory
management, say - that would be on the most popular chips, he put it out to an
extensive list of correspondent hackers to see how it could be improved. At
first it was written to suit just one architecture: the Intel 386.
Gradually a kernel emerged that could control the most popular
microprocessors - the 68K, the Sparc, the Alpha and the Power PC. Torvalds
then combined his kernel with a good bit of the GNU programs Stallman and
his friends had written, and presto! The operating system that has become
known as Linux - similar in spirit to AT&T's Unix system but not based on it -
was ready to be distributed and more or less continually improved.
And because it had been written - hacked - by an impassioned graduate
student in Finland and a relentless code warrior in Cambridge and a few
hundred collaborators for their individual satisfaction and shared use, it was
available to others for free. And in the last 10 years the project originally
envisaged by Stallman and Torvalds and a handful of others has grown into a
credible threat to Windows NT - the Microsoft operating system with its
secret proprietary source code on which rests Bill Gates' most basic hopes for
the 21st century.
''Linux today has millions of users, thousand of developers, and a growing
market,'' Torvalds has written in ''Open Sources: Voices from the Open
Source Revolution,'' the O'Reilly & Associates anthology from which this
account is drawn. ''I'd like to say I knew this would happen, that it's all part of
the plan for world domination.
''But honestly this has all taken me a bit by surprise. I was much more aware
of the transition from one Linux user to one hundred Linux users than the
transition from one hundred to one million.''
And the point? Simply that the neatly barbered and quietly circumspect
Torvalds is every bit as much a hacker as Stallman - a fact the flamboyant
Stallman readily concedes.
So what is a hacker, after all? Eric Raymond offers this definition in the third
edition of his New Hacker's Dictionary: ''A person who enjoys exploring the
details of programmable systems and how to stretch their capabilities, as
opposed to most users, who prefer to learn only the minimum necessary.''
Torvalds' success suggests that even that definition may be too narrow.
Remember, it was only 150 years ago that thinkers and wordsmiths of all sorts
were trying to agree on a term that could apply equally to all the different sorts
of intellectuals who had emerged from the precincts of philosophy and natural
history. It seemed clear these new professionals shared an ethic. Their
methods and goals were unfamiliar and, quite possibly unique. They even
admitted women to their ranks!
In the England of the 1830s, it took a decade before the term ''scientist''
emerged and won common acceptance.
This story ran on page G01 of the Boston Globe on 07/25/99.
� Copyright 1999 Globe Newspaper Company.
@HWA
21.0 One Russian ISP Standing Up to FSB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Arik
ISP Bayard-Slavia Communications is refusing to go
along with SORM-2 (System of Efficient Research
Measures 2). In a supposed effort to reveal tax evaders
and other criminals SORM-2 gives Russia's Federal
Security Service (FSB) the right to look into private
e-mail without a warrant. SORM-2 calls for ISPs to
install special listening equipment to keep its ISP
license. Bayard-Slavia is the only ISP we have heard of
that is refusing to go along with these provisions.
Information Week
http://www.techweb.com/wire/story/TWB19990726S0003
Russian ISP Refuses To Spy On Customers
(07/26/99, 6:35 a.m. ET)
By Marina Moudrak, Data Communications
At least one Russian ISP is refusing to go along
with a directive that lets the government spy on
customers -- and it's paying the price.
The directive is known as System of Efficient
ResearchMeasures 2 (SORM 2), and it gives Russia's
Federal Security Service (FSB) the right to look into
private e-mail without a warrant, under the pretense of
sniffing out tax dodgers and corruption.
It also calls for ISPs to pay for surveillance equipment in
their servers and a link to FSB headquarters in Moscow.
But ISP Bayard-Slavia Communications is refusing to go
along with SORM-2, and now the government is taking
action.
According to Bayard-Slavia director general Nail
Murzakhanov, the FSB tried to shut down the ISP by
withdrawing its license and challenging its right to
frequencies used for its satellite connection to Moscow.
Eventually, it found a way to freeze the ISP's bank
account so it couldn't pay for the satellite connection at
all.
"We will never help the FSB implement illegal
shadowing," Murzakhanov said. "We're the first ISP to
struggle against illegal information collection.
Unfortunately, we're also likely to become the first to be
destroyed because of insubordination."
@HWA
22.0 GameBoy Steals Cars and Makes Free Calls
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by doc
A GameBoy, GameBoy Pocket, or GameBoy Color has
software available with the ability to turn your GameBoy
into a RedBox (Toll Fraud Device) This software has
been around for a while. These GUI based applications
allow you use you GameBoy to make free long distance
calls, crack answering machine passwords, and just use
it as a tone dialer. Well the new GameBoy Color has an
interesting feature, an IR port. As mentioned on HNN
and elsewhere a few months ago there are vehicles that
use IR as a locking mechanism. With currently available
software you can now teach your GameBoy various IR
codes including those to unlock vehicles. Wondering
how you get these programs into your GameBoy? Well,
Nintendo recently lost the court case against the
person making and selling GameBoy ROMS which makes
it real easy to transfer files around. Another example of
how it is not the tool that is malicious but the user.
Ratb0y's Homepage
http://homepages.go.com/~ratb0y/gameboy.htm
@HWA
23.0 Mitnick Retains High Profile Lawyer For State Case
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Ryan
Kevin Mitnick's sentencing for the Federal charges he
has already pleaded guilty to was delayed again
yesterday. In the meantime Kevin has retained well
known defense attorney Tony Serra, to handle his state
charges. This is a expose that does a decent job of
giving a broad over view of the legal side of the Kevin
Mitnick case.
Cal Law - Tony Serra Profile
http://www.callaw.com/weekly/feata726.html
Wired- Sentencing Delayed
http://www.wired.com/news/news/politics/story/20953.html
-=-
The Hacker and the Toker
With the L.A. district attorney's office on his case, Kevin Mitnick hopes
Tony Serra will help him beat the rap
By Paul Elias , Omar Figueroa and Carolyn Hagin
Tony Serra doesn't use a computer. He has never surfed
the Net. On the whole, he'd rather sit in front of the fire with
some 19th century American literature and enough marijuana
to stone an elephant.
The famous San Francisco defense lawyer is your basic
hash-smoking Luddite.
"My wife has a computer," he says. "She's on it every night.
I can't get her off the fucking thing."
It's no surprise then, that Serra has never defended anyone
accused of a computer crime. He hasn't even come close in
his 37-year legal career. "I do dope and murder, man," he
says. "That's all I've done my entire life." As in defending the
likes of Proposition 215, Black Panther Huey Newton and
Ellie Nesler, the woman convicted of gunning down her
child's molester.
Serra once offered to defend Ted Kaczynski -- the king of
the Luddites -- by invoking Kaczynski's anti-technology
views. The Unabomber readily accepted the offer but a
judge wouldn't allow it.
But all of that was before Kevin Mitnick, the most revered
martyr of hackerdom, placed a collect call to Serra's office
last month looking for pro bono representation.
Mitnick is the most notorious member of an emerging class
of cybercriminals. Over the last decade, he has faced three
federal prosecutions for hacking into other people's
computers and related charges, and is now facing a case in
state court.
Luckily for Mitnick -- and for Serra -- the hacker's call was
fielded by one of two bright acolytes who work in Serra's
office, housed on a pier along the San Francisco waterfront.
The two young lawyers then fiercely lobbied Serra to take
the case, a single count of computer hacking that's being
prosecuted by L.A. District Attorney Gil Garcetti's office.
The charge was actually filed seven years ago, but Mitnick
has yet to be arraigned. "Tony wasn't very excited about it at
first," recalls Omar Figueroa, the 28-year-old lawyer who
talked to Mitnick first.
But when Figueroa and colleague Carolyn Hagin, 27,
explained to Serra that the case was bigger than a mere
fraud case -- that it came complete with a big counterculture
community that knows how to get good press and involved a
new civil rights frontier -- Serra relented. But with one
proviso: Figueroa and Hagin would have to do all of the
pretrial work, then give Serra a crash course in technology
on the eve of trial. It's an arrangement that suits everybody
just fine. "I've always had an interest in cybercrime," says
Hagin. "It's part of our generation."
Now even the 64-year-old Serra, who knows far more about
Tibetan prayer flags and Native American rituals than he
does about HTML and encryption, says he's looking forward
to going to trial. "I view this as a political case," he says.
Indeed, political cases are Serra's specialty, and he is the
poet laureate of defense attorneys who successfully cast
their clients as victims of oppressive government forces.
"Political case" is also code for "good ink."
Serra said the same thing about the Mendocino County
murder trial of Eugene "Bear" Lincoln, a Native American
who was accused of killing a white deputy sheriff during a
shoot-out on a reservation in 1995.
Press coverage was extensive and mostly favorable as Serra
successfully turned the tables on Mendocino County
prosecutors and sheriffs -- and the entire power structure of
the area -- by arguing that Native Americans had suffered
centuries worth of abuse and discrimination. An all-white
jury acquitted Lincoln in 1997, believing he acted in
self-defense.
Word of Serra's victory circulated through the state's jails
and prisons. Mitnick, along with much of the inmate
population, was impressed by Serra's work on that case, and
it reportedly prompted him to call Serra as his own case
neared trial.
Kevin Mitnick may not hold a college degree, but he is
certainly no Luddite.
Long before the Internet became a household staple and
years before Yahoo and bandwidth emerged as
commonplace jargon, the self-taught Mitnick was a
cyberspace juvenile delinquent.
At 17, Mitnick spent three months in L.A.'s Juvenile
Detention Center for destroying Pacific Bell computer data.
Two years later, in 1983, University of Southern California
campus police arrested Mitnick while he was sitting at a
computer in the school's terminal room, attempting to break
into a Pentagon computer. He spent six months in a
California Youth Authority prison after that arrest. But his
two brief stints behind bars as a teen-ager seemed only to
embolden him as an adult.
Instead of using his computer skills for gainful employment,
Mitnick couldn't shake his compulsion to hack. All of the
myriad profiles of Mitnick available online paint him as the
quintessential computer geek motivated not by money but by
the ability to access highly sensitive information for the hell
of it. He just couldn't resist the siren song of forbidden
access.
In 1987, he was arrested and convicted by a state court of
stealing software from a software company and sentenced
to 36 months of probation. Two years later, he pleaded guilty
in federal court to breaking into a Digital Equipment Corp.
computer, after which Los Angeles U.S. District Judge
Mariana Pfaelzer sentenced him to a year in a prison and six
months of therapy to combat his computer "addiction."
In 1992, while Mitnick was working at the Tel Tec Detective
Agency, the FBI -- suspecting that he was illegally using a
commercial database system -- launched yet another
investigation into his activities. Pfaelzer soon issued an arrest
warrant for Mitnick, who was charged with one count of
hacking and one count of violating the terms of his 1989
probation. But when federal authorities showed up to arrest
him, Mitnick had vanished, and a two-year, high-tech
cat-and-mouse game with his pursuers began. He ultimately
made the FBI's most-wanted list.
At one point, in late 1992, investigators from the California
Department of Motor Vehicles almost caught Mitnick.
Someone using a valid law enforcement requestor code
called the DMV and requested that a photo of a police
informer be faxed to a number in Studio City. The number
turned out to be a Kinko's copy center, and Mitnick was
seen leaving the store with the fax. But Mitnick spotted the
investigators, dropped the fax and outran them.
Federal authorities finally arrested Mitnick in February 1995
in Raleigh, N.C., after an extensive manhunt, which had
been fueled by front-page coverage in The New York Times
.
He quickly agreed to plead guilty to violating his probation
and to a new hacking charge filed by federal prosecutors in
Raleigh and was sentenced to 22 months in prison. He was
soon transferred to the Federal Detention Center in Los
Angeles, where he faced 25 more counts of hacking and
illegal copying of information during digital break-ins of
companies, including Sun Microsystems Inc.
In March of this year, he cut a plea bargain with federal
prosecutors that requires him to serve an additional year in
federal custody. In theory, he could move into a halfway
house as early as next month to finish out his sentence.
Though he pleaded guilty to the high-tech crimes against Sun
and others, Mitnick claims he didn't share the information
with anybody. Prosecutors and the victimized companies
claim that $150 million worth of their research and
development has been ruined.
The government, though, is asking the court to order Mitnick
to pay a more modest $1.5 million in restitution. But Mitnick's
court-appointed lawyers, led by Donald Randolph of Santa
Monica's Randolph & Levanas, contend that Mitnick caused
little, if any, actual damage. They're arguing for a $5,000
fine. Pfaelzer has scheduled a hearing on the subject for July
26.
Bespectacled and pudgy, Mitnick now uses his abundant
nervous energy to review the case against him. He spends
most of his waking hours poring over court documents and
constantly calling his attorneys to discuss his case. "He
reviews his case in detail," says Hagin, of Serra's office.
"He's an extremely intelligent guy."
Once Mitnick settles his federal affairs, he still has to
contend with the L.A. DA's single charge of computer fraud
for allegedly duping the DMV to fax him the informer's
photo.
It is that charge that may prevent him from getting into a
halfway house to serve out the rest of his federal sentence.
No bail in the state case, no halfway house. In fact, Mitnick
fears prosecutors will try to have him moved from the
federal jail to the dreaded county jail.
"We've been waiting to prosecute him for five years," says
L.A. Deputy District Attorney Larry Diamond, who brushes
off criticism that the state charge and the $1 million bail
amount to overkill. "Because he wants to finish his [federal]
sentence in a halfway house," an unsympathetic Diamond
retorts, "Kevin wants special treatment."
In fact, argues Diamond, Mitnick has been receiving special
treatment since Pfaelzer first put him on probation in 1989
for hacking. The 25-year veteran of the DA's office is
unimpressed with just about every aspect of Mitnick's case.
He dismisses Mitnick as "just another case" and Serra as
"just another defense attorney." As for his view of Pfaelzer:
"She's coddled 'poor Kevin' from day one."
Diamond also rejects the argument that the bail is excessive
-- the bail schedule calls for $25,000 -- saying Mitnick has
been a "notorious fugitive."
But Diamond reserves his harshest criticism for the federal
prosecutors on the Mitnick case. "The real story here," he
growls during a telephone interview from his Van Nuys
office, "is how the U.S. attorney gave this case away."
To begin with, Diamond believes Mitnick shouldn't even be
appearing in front of Pfaelzer, but rather in a federal court in
North Carolina because that's where he was arrested back
in 1995. Not only was he charged with violating his probation
but he was indicted by a Raleigh grand jury on 25 fresh
charges of hacking, wire fraud and theft of intellectual
property.
Mitnick cut a quick plea deal with Raleigh prosecutors so he
could be transferred back to L.A. to face yet another set of
hacking charges. The Southern California case was also
disposed of with a plea deal, which Mitnick entered in
March. "It's bizarre," Diamond says of the federal
proceedings. "Completely bizarre."
L.A. Assistant U.S. Attorney David Schindler, who handled
Mitnick's latest federal case, has heard it all before. In fact,
he's getting blasted from both sides of the Mitnick issue.
Critics such as Diamond say he's gone too soft on Mitnick.
Meanwhile, a growing number of young computer nerds
protest that Mitnick is a political prisoner who has done little
-- if anything -- illegal, and is relentlessly being pursued by
different sets of prosecutors. Even if he did all the things that
he has done, the theory goes, he's already received the
harshest punishment ever for hacking. Pro-Mitnick
protesters are pleading their case on numerous Web sites.
But Schindler, who has been locking up hackers since 1991,
says Mitnick got the same prison sentence he would have
received had he gone to trial. "What we gave away [with the
plea bargain] was the right to argue for an upward
departure" in Mitnick's sentence, says Schindler, referring to
a prosecutor's ability to seek a longer prison term than the
one called for in federal sentencing guidelines.
Schindler concedes that Mitnick's sentence is the longest that
he has seen during the years he's been prosecuting hackers.
Kevin Poulsen, another infamous hacker that Schindler
prosecuted, received a 51-month sentence. He was also
ordered to pay about $100,000 in restitution.
When all is said and done, Mitnick will have been sentenced
to 68 months in federal custody, may yet do state time, and
may also be ordered to pay several times the restitution
Poulsen did. And as for Diamond's forum-shopping charge,
Schindler says, "Mitnick begged us to transfer him to L.A."
That J. Tony Serra has taken Kevin Mitnick's case goes to
show how ubiquitous this Internet thing has become. The
Digital Age has truly affected all segments of society if it has
touched an aging radical lawyer like Serra, who has his
marijuana prescribed by a doctor and who's known for
driving rusting junkers around town, only to abandon them on
the street the minute they finally give out on him.
His association with Mitnick will certainly make him and his
associates extremely simpatico with all of hackerdom. That
crowd is facing increased government scrutiny as the
Department of Justice continues to dedicate more money
each year to fighting cybercrime. "This was our first case
relating to computers," says Santa Monica defense attorney
Gregory Vinson, who is assisting Randolph with Mitnick's
federal case. "It's an area we are going to develop more."
U.S. Attorney General Janet Reno has asked Congress to
give the Justice Department's computer crimes and
intellectual property division an additional $120 million to fight
cybercrime next year. Other agencies -- federal and local --
are beefing up their cybercrime forces as well.
"If someone would have told me two years ago that I would
be prosecuting Internet fraud, I seriously would have laughed
in their face," Jay Perlman, deputy chief of the Securities and
Exchange Commission Office of Internet Enforcement, said
recently at a cybercrime symposium in Virginia.
In the wake of several Mitnick-inspired hack jobs on
government Web sites in the past year, a federal
multi-agency task force has been formed in Dallas
specifically to fight hackers. The task force has issued 16
warrants in 12 jurisdictions, but has yet to charge anyone
with a crime. "So far, cybercrime has mostly been a federal
effort," says Jennifer Granick, a San Francisco criminal
defense attorney who is carving out a nice niche for herself
as a computer crime specialist. "But the locals are getting
increasingly involved, too."
By 2005, it's predicted that one billion people worldwide will
be on the Internet, and prosecutors expect the number of
cybercrime cases will rise accordingly.
A closer look makes it clear that Serra and Mitnick have
more in common than not. Both stand out as countercultural
icons for their peers. Serra is a hero to every hippie who
went to law school, while Mitnick appeals to disaffected
youths who are known as hackers, crackers and high-tech
poseurs. Both have inspired the creation of Hollywood
movies. James Woods played a Serra-like character in
1989's True Believer while Mitnick's life goes on the big
screen next month in Takedown , which chronicles the
manhunt for him.
So it's not a stretch to imagine Serra representing more
hackers and others accused of computer crimes down the
line.
But first, he's got to learn how to use a computer -- or at
least speak the language. "I don't even know any of the
terminology," he says. "I'm organic, man."
Tony Serra
He hasn't even spoken with Mitnick yet. Instead, it's been
Figueroa and Hagin who have been answering Mitnick's
daily telephone calls. Truth is, this is really their case. Sure,
Serra will handle the trial and all the big hearings such as a
motion to dismiss. And it will be Serra pushing the David
versus Goliath angle and garnering all of the press.
But it's Figueroa and Hagin who will do the heavy lifting,
such as wheedling discovery out of Diamond and handling
Mitnick's bail appeal. That's the way it works in Serra's
office, and the two young lawyers are appreciative.
Both have been attorneys for less than a year and probably
would not have landed work on such a high-profile case --
albeit for expenses only -- if not for Serra. He says he'll give
them a chance to examine witnesses if Mitnick's case gets to
trial.
Both appear ready. Serra always seems to have smart
neophyte lawyers in orbit around his office. Figueroa
graduated from Stanford Law School while Hagin is a
product of the University of San Francisco School of Law.
Both gained invaluable experience as clerks to Serra when
they rented a house in Ukiah during the Bear Lincoln trial,
during which they wrote many of the case's motions.
They also appear smart enough to ignore Serra's complaints
of high-technology ignorance. "Tony pretends to be mystified
by computers," says Figueroa. "But he's not. He'll be ready
for trial."
Paul Elias is a reporter at The Recorder ,a San Francisco affiliate of California Law Week .
Wired- Sentencing Delayed
http://www.wired.com/news/news/politics/story/20953.html
More Delays for Mitnick
by Douglas Thomas
3:00 a.m. 27.Jul.99.PDT
The sentencing hearing for convicted cracker Kevin Mitnick was postponed for a fourth time Monday
and rescheduled for 9 August.
US District Judge Marianne Pfaelzer issued a continuance because of scheduling conflicts, according
to a court clerk.
Mitnick pleaded guilty on 26 March to five counts of a 25-count federal indictment and two related
counts from a Northern California indictment. His plea agreement resulted in a 54-month prison sentence,
making Mitnick eligible to be released into a halfway house pending Pfaelzer's approval and
permission from the State of California.
A pattern of delays has plagued the case from its onset. What remains to be determined in Mitnick's
sentencing is the judgment for restitution which Pfaelzer has made clear she will issue. The government
contends that Mitnick should be forced to repay US$1.5 million dollars in damages to the victim companies.
In the pre-sentence investigation report, Mitnick's attorneys said their client is unable to pay anywhere
near that amount and should only be required to repay about $5,000.
Mitnick had already spent more than four years behind bars at the Los Angeles Metropolitan Detention Center.
At the original hearing in March, sentencing was delayed until 14 June. That hearing was again continued to
12 July, when attorneys were unable to reach an agreement about the terms of restitution. The judge was
unprepared to rule, due to a last minute filing by the government to which the defense was unprepared to respond.
Mitnick Fans Await Denouement
by Douglas Thomas
3:00 p.m. 13.Jul.99.PDT
LOS ANGELES -- Kevin Mitnick's allies rallied here Monday, as the cracker's expected prison term is still up in the air.
Mitnick's sentencing hearing was attended by a number of computer hackers, fresh from Las Vegas where they had attended the annual DefCon
hacker meeting.
Defense attorney Donald Randolph spoke to a gathering of a dozen or so hackers in the hallway. "It was nice to see some friendly faces," he said,
and thanked them for their continued support.
That support was much needed after US District Judge Marianne Pfaelzer had been particularly tough on both attorneys Monday, comparing them to
bickering kids. She went so far as to call the government's motion to sanction attorney Randolph for the release of several letters from victim
companies "childish."
The current sentencing proceedings mark the climax to what has been a years-long campaign in the hacker community.
Hackers have focused their attention on the case, launching Web sites like kevinmitnick.com, protests reaching as far as Moscow, and Web site
defacements to draw attention to what they see as Mitnick's unjust prosecution and a violation of his Constitutional and civil rights.
Kevinmitnick.com tracks media coverage of the case, and offers information, commentary, and online versions of most of the court filings. Other
activists have printed "Free Kevin" bumper stickers and T-shirts, and some have proposed relatively mainstream money-making ventures to help
contribute to Mitnick's legal defense fund.
While the activists continually grouse over media coverage of the Mitnick case, citing inaccurate or misinformed accounts, they have also learned
the importance of working to provide the press with accurate information.
Particularly infuriating to hackers are claims that Mitnick has been accused or convicted of stealing credit card information (he hasn't), that he has
appeared on either the America's Most Wanted TV program or on the FBI's "Ten Most Wanted List" (neither is true), or that he has threatened
national security by breaking into NORAD (also not true).
The importance of these media reports and mis-characterizations were driven home last week when a municipal court judge in Van Nuys, CA set
Mitnick's bail for his upcoming state case at $1 million dollars, based primarily on media coverage of Mitnick's hacking exploits.
Judge Pfaelzer barred Mitnick from the hearing, and wondered "when do newspaper stories count as evidence in a court of law?"
Many hackers have challenged the court's decisions, ranging from the denial of a bail hearing to a four-year pre-trial incarceration. They charge
that the court has repeatedly denied requests for access to court information considered vital to Mitnick's defense.
Although the government's goal has been to "send a message" to hackers about the severity of these crimes and to demonstrate their willingness
to prosecute them, hackers appear to be receiving a different message.
One hacker said Monday that the court is doing little to deter him, and instead is, in effect, telling him "be more careful, don't get caught."
Another hacker, Kerry Zero, said the government's agenda in this case is to set a foundation which "makes it easier to prosecute hackers in the
future."
Not surprisingly, many supporters painted Mitnick as the victim in the case. They said that the financial damages being claimed are overstated, and
that no adequate explanation has been offered for why Mitnick was held for so long without a trial or bail.
"All this talk about protecting the victim -- Kevin is the victim in this case," said one hacker, who asked not to be identified.
After the hearing, three hackers, Teklord, Bonq, and Sig9, all expressed deeper concerns about the case.
For Teklord, the result was one of dismay. "I'm confused about the government," he said. "The system is supposed to protect people and it's failing
us."
Bonq expressed a similar confusion. "I don't know who to trust." And after watching the hearing, Sig9 said he had "lost a lot of respect for the
system."
For many hackers, the Mitnick case has been a civics lesson in how the system works.
Biff Macki, a hacker who has followed the Mitnick case for some time thinks the lesson is pretty clear-cut. "If the government wants you, they'll get
you, no matter what," he said.
The problem, he says, is in the system itself.
"[The US government has] millions of dollars to spend and it is impossible to organize an adequate defense on 15 minutes of collect calls a day from
federal prison."
@HWA
24.0 Back Orifice for Macintosh?
~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Nick
SecureMac.com has a story about TakeDown Suite 2.5,
a backdoor program similar to the original Back Orifice.
Once installed the application allows someone to
remotely administer the machine. This is similar
functionality to Back Orifice, which only works under
windows. TakeDown Suite operates by installing an
invisible extension into the system folder, when the
machine next reboots it is vulnerable. Now where is that
idiot that said Macs where secure?
Secure Mac
http://www.securemac.com/
25.0 AOL Criminals Busted
~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Lamer
After sending out bogus emails to AOL customers asking
for credit card numbers two teenagers where able to
get 900 people to cough them up. With about a 2%
return rate on the emails they sent out the pair started
to use the credit card numbers. They bought computer
equipment that they later sold on eBay and sold the
numbers in chat rooms. The Department of Justice and
FBI, both worked on the case but would not reveal how
the two had been caught. (I am glad the author did not
call these two 'hackers')
APB Online
http://www.apbonline.com/911/1999/07/23/netcredit0723_01.html
AOL USERS DUPED BY TEENS,
COPS SAY
Hundreds Sent Credit Card Numbers in Response to E-Mails
July 23, 1999
By Valerie Kalfrin
SACRAMENTO, Calif. (APBNews.com) -- Two teenagers who police
say illegally accessed America Online and wrote e-mails pretending to
represent the company duped about 900 people into giving them their
credit card numbers, authorities said today.
Dino Dagdagan, 18, of Carson and a 17-year-old home-schooled
Sacramento student are charged with felony possession of access to
credit accounts and other crimes.
The two allegedly sent out thousands of e-mails to America Online
customers, claiming there was a problem with their accounts and
asking the subscribers to visit a Web site to correct matters, officials
said.
Fake Web site
But the Web site, too, was a fake, set up
to glean the unsuspecting customers'
credit card numbers, said Sgt. Rick
Gibson, a spokesman for the Sacramento
County Sheriff's Department.
"People should call the company and
make sure it's a true communication and
a real Web site," Gibson told
APBNews.com today. "Out of every
10,000 e-mails they sent out, about 200 customers would give them
information."
The 17-year-old allegedly traded or sold the numbers in Internet chat
rooms while Dagdagan allegedly used the credit card accounts to buy
computer equipment, which he then sold via the online auction site
eBay, Gibson said.
Task force tracks down suspects
Customers alerted police to the scam about a month ago when they
noticed purchases on their credit card bills that they had not made,
police said. A Northern California multi-agency task force, including
computer-crimes experts from the Department of Justice and FBI,
helped track down the youths, Gibson noted, although he would not go
into specifics.
"We have ways of doing things," he said.
The juvenile, who was released to his parents' custody last week, is
accused of obtaining the illegal access to the Sterling, Va.-based
Internet service provider, officials said.
Dagdagan, who is free on $10,000 bond, also faces possession of
stolen property and an additional computer-crimes charge. He's due to
be arraigned July 28 in a Lynwood court.
America Online's corporate headquarters did not return a phone call
seeking comment today.
@HWA
26.0 Press Does Not Know What to Say About BO2K
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Weld Pond
The number of articles that are showering accolades
onto BO2K is amazing. Ok, maybe they aren't all that
positive, but at least neutral and not claiming it is a
trojan/virus. Some people still aren't getting the full
picture but at least this is progress.
InformationWeek
http://www.informationweek.com/745/45iujl.htm
InternetView:
Pariah's Software Has Value
By Jason Levitt
xcept for its peculiar name and seemingly sinister authors, Back
Orifice 2000, the recently released remote administration software for
the Windows and Windows 2000 platforms, might be considered a
contender in any comparative product review. Instead, it's a pariah,
demonized because it's been misused by some Internet villains, and
ignored because its authors don't appear to have day jobs. Yet this
software is deserving of closer attention, if only because it's high-quality
programming released as free software under the GNU Public License.
Sure, there's reason enough not to trust the software--the employees of
the virtual vendor that created it, the Cult of the Dead Cow, won't reveal
their real names. Nevertheless, BO2k doesn't look so bad stacked up
against mainstream commercial competitors such as Symantec's
pcAnywhere, Compaq's Carbon Copy, and Artisoft's CoSession
Remote.
Am I advocating the use of dangerous software on your LAN? Absolutely
not. But I don't think BO2k should be dismissed because the authors
have a political agenda. Even Jason Garms, Microsoft's lead product
manager for Windows NT security, concedes BO2k does "little different
from what legitimate remote-control software can do." So what is
Microsoft's objection? According to Garms, it's that BO2k is "designed
to be stealthy and evade detection by the user." This is a reasonable
objection, and it's the primary reason it's difficult to take the software
seriously as an end-user product. Such software is easy to abuse,
especially when it's free and comes with complete source code.
The Cult's "Minister of Propaganda," who goes by the name "Deth
Vegetable," is the first to admit the cult is no fan of Microsoft, and, in
fact, one reason for BO2k's existence is to convince Microsoft to "finally
implement a security model in their Windows operating system." I would
prefer Microsoft engineer a new operating system (see Internet Zone),
but revamping the Windows security model to create a secure system
would be nearly as much effort. Even open-source pundit Eric Raymond
agrees that "BO2k exposes the fact that the so-called `security' of
Windows is a bad joke."
It's easy to see that free software that can control PCs remotely will be
abused. But BO2k will ultimately help more than hinder, by revealing the
inadequacies of the Windows security model and providing useful
source code for developers.
@HWA
27.0 UCITA Moves Forward - Will Remove Vendor Liability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Evil Wench
The National Conference of Commissioners on Uniform
State Laws (NCCUSL) is likely to endorse the Uniform
Computer Information Transactions Act (UCITA). This
isn't a federal law but a law that will be passed around
to all the states to enact individually making it even
harder to defeat. The proposal will allow software
manufacturers to sell software that is broken with no
liability, even if they knew it didn't work. It gives
vendors the right to disable software remotely without
prior authorization from the customer. It would prevent
reverse engineering and place a gag order on anyone
who said anything bad about a product.
ComputerWorld
http://www.computerworld.com/home/print.nsf/all/990726B6A6
InfoWorld- UCITA Summary
http://www.infoworld.com/cgi-bin/displayStory.pl?/features/990531ucita_home.htm
-=-
UCITA is going to hurt you if you don't watch out
By Dan Gillmor
07/26/99 All IT managers have their share of horror stories in
dealing with software and the companies that sell it -- buggy
products, slow response by vendors and so on. But if some
proposed legislation becomes law around the U.S., your
worries may just be starting.
By the time you read this, the National Conference of
Commissioners on Uniform State Laws (NCCUSL) is likely to
have endorsed the Uniform Computer Information
Transactions Act (UCITA). This legislation is high on the
software industry's wish list, because it would tilt the balance
of power to vendors -- and away from users.
Even if the mounting opposition somehow persuades the
commissioners to back off, recent history shows that the
software industry won't give up. This issue isn't going away,
no matter what happens at the commissioners meeting this
week in Denver.
A variety of reputable consumer and professional
organizations oppose this proposal -- among them, the
Federal Trade Commission, the Association for Computing
Machinery, the Association for Information Management and
Consumers Union. Here are some of their objections:
o Sellers could legally disclaim any obligation to sell
products that work. They would be legally immune even
if they knew about defects before the sale and
deliberately failed to disclose the defects, no matter how
serious.
o In the event of a dispute, a vendor could disable a
customer's software remotely, even if that totally
disrupted the customer's business. The seller would have
a unilateral right to decide that the customer was
violating the terms of the contract; a buyer would have
to take the vendor to court in response.
o Reverse engineering, used by security experts to
examine software, could be prohibited, increasing the risk
that buggy products and viruses would go undetected.
o A vendor could prohibit a user from publicly commenting
on the quality or performance of a product. In other
words, if it didn't work, you couldn't tell your colleagues
at other companies or vice versa.
UCITA is itself a backup plan. The industry's original strategy
was to get a rewrite of the Uniform Commercial Code, the
system designed to ensure uniform laws dealing with
commerce. But when the American Law Institute -- the
NCCUSL's co-drafter of Uniform Commercial Code proposals
-- listened to the opponents and backed away from the idea,
the software companies persuaded the NCCUSL to push
ahead with UCITA anyway. (For more history and information,
check out a detailed account at www.infoworld.com/ucita at
the Web site of Computerworld's sister publication Infoworld.)
If the commissioners endorse UCITA, the proposed law would
move into state legislatures around the nation this year.
Whatever happens, the industry's relentless pursuit of this
legislation should be a wake-up call to other IT people.
Get ready to fight this legislation in your statehouses. Whether
it's UCITA or something else, the software barons won't stop
pushing against your rights. Stay on your guard, or you'll
regret it.
-=-
InfoWorld- UCITA Summary
http://www.infoworld.com/cgi-bin/displayStory.pl?/features/990531ucita_home.htm
May 31, 1999
UCITA: Summary information
UCITA and the issues that revolve around it are extremely complex. It raises many thorny problems of which the wisest of the wise would have
trouble striking a fair balance, and its potential consequences in the electronic-commerce world of the future is surely any mortal's prediction.
Yet the process by which it could become the law of the land is obscure, convoluted, and highly legalistic, making it difficult for everyone who
has a stake in what it says to have input into its development.
The purpose of this page is to provide some background and resources for those who want to understand UCITA better and for those who want
to find a way to have their voice heard. I obviously have my own point of view on the act and what I think it means for InfoWorld readers -- as
I've said, I've gone from being naively optimistic about the chances for the law helping software customers to deeply concerned that it will only
make things worse, and you can certainly learn why I feel that way here. But there's more than enough sources of information for you to make
up your own mind and to decide what you want to do about it.
This site includes:
a brief explanation of what UCITA is and how the process works
a background piece from Ed Foster on why he thinks UCITA is important to software customers
links to InfoWorld stories and columns on UCITA and Article 2B
a list of the top dozen issues opponents of UCITA are concerned about
There are also a number of other Web sites that can provide you with all the details on the numerous issues involved in the 2B draft. The de
facto clearinghouse for legal briefs and position papers from all sides in the process is the "Guide to the Proposed Law on Software
Transactions" provided by Carol A. Kunze at http://www.2bguide.com/. This guide also provides further background on the UCC, reports that
have appeared in the press about 2B and links to the current draft. Two recent papers posted there which do a good job of summarizing the
opposing views on UCITA are the NCCUSL leadership's defense of the move from 2B to UCITA at http://www.2bguide.com/docs/nuaa.html
and a rebuttal by law professor Jean Braucher at http://www.2bguide.com/docs/0499jb.html.
Many sites about Article 2B have not yet been updated to reflect the change to UCITA. Two Web sites that have a great deal of background
information on consumer-related issues in the draft (few of which have changed to any substantial degree) are Ralph Nader's Consumer Project
on Technology site at http://www.cptech.org/ucc/ and the site of "Bad Software" author and attorney Cem Kaner at
http://www.badsoftware.com.
What you can do
With the July meeting where UCITA will be up for approval by the NCCUSL commissioners fast approaching, readers must act quickly if they
are to influence the outcome. One simple thing you can is to sign our e-mail petition, which reads as follows:
"In light of the concerns previously expressed over proposed UCC Article 2B by a variety of interest groups, and the lack of time such groups
have had to study and respond to its new reincarnation as a uniform act, the undersigned urge the National Conference of Commissioners on
Uniform State Laws to not approve the Uniform Computer Information Transactions Act at this time."
If you agree, "sign" the petition by sending an e-mail to us at ucita@infoworld.com with any additional comments you'd like to make and your
name, title, company, city, and state. The results will be presented to the NCCUSL commissioners in Denver to help demonstrate to them that
the concern about UCITA is widespread.
An even more effective step is to write directly to the NCCUSL commissioners who represent your state. The Society for Information
Management has urged its membership to do this, and InfoWorld readers could make a big difference by adding their voices to that of SIM's
members. To get the list of commissioners for your state, along with a draft letter you can customize, visit SIM's site at
http://www.simnet.org/public/programs/issues/ucccode.html.
It's not too early to make sure your state legislators and the governor also are aware of your concerns about UCITA. While we won't know until
the end of July whether UCITA will be approved for distribution to the state legislatures, that's where the fight will move next if the
commissioners OK it. Even if they reject UCITA, there is a possibility that "rogue" versions of the law will be introduced in some states in any
case. So the more aware those in your state's government are of the controversial nature of UCITA, the better.
@HWA
28.0 NSC Proposes FidNet - Infrastructure Protection or Surveillance Tool?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Weld Pond
A draft prepared by the National Security Council last
month, calls for a sophisticated software system to
monitor activities on nonmilitary Government networks
and a separate system to track networks used in crucial
industries like banking, telecommunications and
transportation. This system is to be called FidNet or the
Federal Intrusion Detection Network. The effort is
intended to alert law enforcement officials to attacks
against the nation's Infrastructure. Opponents are
saying that this could become a building block for a
surveillance infrastructure with great potential for
misuse.
NY Times
http://www.nytimes.com/library/tech/99/07/biztech/articles/28compute.html
July 28, 1999
U.S. Drafting Plan for Computer
Monitoring System
By JOHN MARKOFF
The Clinton Administration has developed a plan for an extensive
computer monitoring system, overseen by the Federal Bureau of
Investigation, to protect the nation's crucial data networks from
intruders.
The plan, an outgrowth of the Administration's anti-terrorism program, has
already raised concerns from civil liberties groups.
A draft prepared by officials at the National Security Council last month,
which was provided to The New York Times by a civil liberties group,
calls for a sophisticated software system to monitor activities on
nonmilitary Government networks and a separate system to track networks
used in crucial industries like banking, telecommunications and
transportation.
The effort, whose details are still being debated within the Administration,
is intended to alert law enforcement officials to attacks that might cripple
Government operations or the nation's economy.
But because of the increasing power of the nation's computers and their
emerging role as a backbone of the country's commerce, politics and
culture, critics of the proposed system say it could become a building block
for a surveillance infrastructure with great potential for misuse.
They also argue that such a network of monitoring programs could itself be
open to security breaches, giving intruders or unauthorized users a vast
window into Government and corporate computer systems.
Government officials said the changing nature of military threats in the
information age had altered the nature of national security concerns and
created a new sense of urgency to protect the nation's information
infrastructure.
"Our concern about an organized cyberattack has escalated dramatically,"
Jeffrey Hunker, the National Security Council's director of information
protection, who is overseeing the plan, said Tuesday. "We do know of a
number of hostile foreign governments that are developing sophisticated
and well-organized offensive cyber attack capabilities, and we have good
reason to believe that terrorists may be developing similar capabilities."
As part of the plan, networks of
thousands of software monitoring
programs would constantly track
computer activities looking for
indications of computer network
intrusions and other illegal acts.
The plan calls for the creation of a
Federal Intrusion Detection Network,
or Fidnet, and specifies that the data it
collects will be gathered at the
National Infrastructure Protection Center, an interagency task force
housed at the Federal Bureau of Investigation.
Such a system, to be put fully in place by 2003, is meant to permit
Government security experts to track "patterns of patterns" of information
and respond in a coordinated manner against intruders and terrorists.
The plan focuses on monitoring data flowing over Government and national
computer networks. That means the systems would potentially have
access to computer-to-computer communications like electronic mail and
other documents, computer programs and remote log-ins.
But an increasing percentage of network traffic, like banking and financial
information, is routinely encrypted and would not be visible to the monitor
software. Government officials argue that they are not interested in
eavesdropping, but rather are looking for patterns of behavior that suggest
illegal activity.
Over the last three years, the Pentagon has begun to string together entire
network surveillance systems using filters that report data to a central site,
much as a burglar alarm might be reported at the local police station.
Officials said such a system might have protected against intrusions
recently reported in computers at the Bureau of Labor Statistics, which
produces information like the consumer price index that can affect the
performance of the stock market.
The draft of the plan, which has been circulated widely within the
executive branch, has generated concern among some officials over its
privacy implications. Several officials involved in the debate over the plan
said that the situation was "fluid" and that many aspects were still not final.
The report is vague on several crucial points, including the kinds of data to
be collected and the specific Federal and corporate computer networks to
be monitored. The report also lacks details about the ways information
collected in non-Governmental agencies would be maintained and under
what conditions it would be made available to law enforcement personnel.
Government officials said that the National Security Council was
conducting a legal and technical review of the plan and that a final version
is to be released in September, subject to President Clinton's approval.
The plan was created in response to a Presidential directive in May 1998
requiring the Executive Branch to review the vulnerabilities of the Federal
Government's computer systems in order to become a "model of
information and security."
In a cover letter to the draft Clinton writes: "A concerted attack on the
computers of any one of our key economic sectors or Governmental
agencies could have catastrophic effects."
But the plan strikes at the heart of a growing controversy over how to
protect the nation's computer systems while also protecting civil liberties --
particularly since it would put a new and powerful tool into the hands of the
F.B.I.
Increasingly, data flowing over the Internet is becoming a vital tool for law
enforcement, and civil liberties experts said law enforcement agencies
would be under great temptation to expand the use of the information in
pursuit of suspected criminals.
The draft of the plan "clearly recognizes the civil liberties implications," said
James X. Dempsey, staff counsel for the Center for Democracy and
Technology, a Washington civil liberties group, "But it brushes them away."
The draft states that because Government employees, like those of many
private companies, must consent to the monitoring of their computer
activities, "the collection of certain data identified as anomalous activity or
a suspicious event would not be considered a privacy issue."
Dempsey conceded the legal validity of the point, but said there was
tremendous potential for abuse.
"My main concern is that Fidnet is an ill-defined monitoring system of
potentially broad sweep," he said. "It seems to place monitoring and
surveillance at the center of the Government's response to a problem that
is not well suited to such measures."
The Federal Government is making a concerted effort to insure that civil
liberties and privacy rights are not violated by the plan, Hunker said.
He said that data gathered from non-Government computer networks will
be collected separately from the F.B.I.-controlled monitoring system at a
separate location within a General Services Administration building. He
said that was done to keep non-Government data at arm's length from law
enforcement.
The plan also has drawn concern from civil libertarians because it blends
civilian and military functions in protecting the nation's computer networks.
The draft notes that there is already a Department of Defense "contingent"
working at the F.B.I.'s infrastructure protection center to integrate
intelligence, counterintelligence and law enforcement efforts in protecting
Pentagon computers.
"The fight over this could make the fight over encryption look like nothing,"
said Mary Culnan, a professor at Georgetown University who served on a
Presidential commission whose work led to the May 1998 directive on
infrastructure protection.
"The conceptual problem is that there are people running this program who
don't understand how citizens feel about privacy in cyberspace."
The Government has been discussing the
proposal widely with a number of industry
security committees and associations in recent
months.
Several industry executives said there is still reluctance on the part of
industry to directly share information on computer intrusions with law
enforcement.
"They want to control the decision making process," said Mark Rasch, vice
president and general counsel of Global Integrity, a company in Reston,
Va., coordinating computer security for the financial services industries.
One potential problem in carrying out the Government's plan is that
intrusion-detection software technology is still immature, industry
executives said.
"The commercial intrusion detection systems are not ready for prime time,"
said Peter Neumann, a computer scientist at SRI International in Menlo
Park, Calif., and a pioneer in the field of intrusion detection systems.
Current systems tend to generate false alarms and thus require many
skilled operators.
But a significant portion of the $1.4 billion the Clinton Administration has
requested for computer security for fiscal year 2000 is intended to be spent
on research, and Government officials said they were hopeful that the
planned effort would be able to rely on automated detection technologies
and on artificial intelligence capabilities.
For several years computer security specialists have used software
variously known as packet filters, or "sniffers," as monitoring devices to
track computer intruders. Like telephone wiretaps, such tools can be used
to reconstruct the activities of a computer user as if a videotape were
made of his computer display.
At the same time, however, the software tools are routinely misused by
illicit computer network users in stealing information such as passwords or
other data.
Commercial vendors are beginning to sell monitoring tools that combine
packet filtering with more sophisticated and automated intrusion detection
software that tries to detect abuse by looking for behavior patterns or
certain sequences of commands.
@HWA
28.0 Feds Get Gov Employees to Sign Away Rights
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Evil Wench
Intelligence Authorization Act has been passed by the
Senate, this new bill will give federal law enforcement
new powers to search government computers belonging
to individuals who have access to classified information.
The bill requires employees who need access to
classified information to sign a waiver allowing law
enforcement officials to "access information stored in
computers used in the performance of government
duties." (They can't take your rights away but now
they can get you to sign them away.)
Federal Computer Week
http://www.fcw.com/pubs/fcw/1999/0719/web-intell-7-23-99.html
JULY 23, 1999 . . . 15:05 EDT
Intelligence bill grants feds new computer security
powers
BY DANIEL VERTON (dan_verton@fcw.com)
The Senate this week voted unanimously to pass the fiscal 2000 Intelligence
Authorization Act, which would provide federal law enforcement officials new
authority to search government computers belonging to individuals who have
access to classified information.
The new computer security provision comes in the wake of reports of espionage
by China at the nation's nuclear laboratories and was part of a larger effort by
the Senate Select Committee on Intelligence to improve government
counterintelligence procedures.
According to Sen. Richard C. Shelby (R-Ala.), chairman of the Senate Select
Committee on Intelligence, the bill requires employees who need access to
classified information to sign a waiver allowing law enforcement officials to
"access information stored in computers used in the performance of government
duties." The provision is aimed specifically at enhancing the FBI's ability to
investigate cases of possible espionage sooner rather than later.
The thorny issue of granting access to government computers for the purposes
of investigating wrongdoing came into the limelight last month when officials at
the Defense Threat Reduction Agency allegedly attempted to access the
computer belonging to a senior technology trade advisor as he testified before
Congress [FCW, July 19, 1999].
"This provision is intended to avoid the problems we have seen with the FBI's
reluctance to access 'government' computers without a warrant in the course of
an espionage investigation," Shelby said. "There should be no question that
investigative agencies may search the computer of an individual with access to
classified information."
@HWA
29.0 Local Cops Funded by IT Industry
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Arik
Pulling from the LA Times article that we linked to on
Monday, the UK Register runs a story on how local US
Police departments are legally accepting large grants
from IT firms in exchange for going after pirates.
Companies such as Intel and Hewlett-Packard offer cash
and other perks to local law enforcement agencies while
they work on cases beneficial to the corporation. Local
Police agencies see nothing wrong with this. (Why hire
private detectives when you can just hire the local
police force.)
The UK Register
http://www.theregister.co.uk/990727-000017.html
Posted 27/07/99 3:57pm by Tim Richardson
US police funded by IT giants
Hi-tech companies are paying out thousands of dollars to hard-up police departments in the
US to help combat computer-related crime.
According to a report in the LA Times, Intel regularly slips police departments in Oregon
$100,000 a year to help pay the wages of a few law enforcement professionals.
It's also more than happy to part with $10,000 to kit out the odd sheriff's department with a
wire-tap or two.
Then there's Hewlett-Packard which is more than happy to let police officers use its
corporate jet if it helps catch a computer villain.
Snag is, some people think this is an abuse of the system. They claim these firms are
"buying justice" in their bid to crackdown on computer crime which reportedly cost the US
$3 billion last year.
But one outspoken officer told the LA Times that such allegations were way out of line.
"If you're inferring that we're paid off, that's not right," Sgt Michael Tsuchida of the
Sacramento County Sheriff's Office told the LA Times.
"I'll eat your dinner, sleep in your hotel and still arrest you if you're breaking the law," he
said.
It's nice to know that the judgement of the boys in blue is not swayed by a few greenbacks.
In a way, the hacks at The Register are no different. They swan off on fancy
all-expenses-paid press trips, get taken out to swanky restaurants -- and still manage to
dish the dirt about their hosts.
The Register -- eating the hand that feeds IT. �
@HWA
30.0 Two Arrested for Corporate Espionage
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by operand
Interactive Connections, now known as Screaming
Media, has had two former employees arrested on
Tuesday on charges they allegedly broke into its
computer system and stole secret business plans. If
convicted, they face a possible maximum prison term of
five years. They allegedly copied various proprietary
files and software belonging to Interactive Connections.
It is unknown what they then did with the information.
Wired
http://www.wired.com/news/news/politics/story/20966.html
Turkey-Day Crackers Arrested
Reuters
2:10 p.m. 27.Jul.99.PDT
Two former employees of Interactive
Connections, now known as Screaming
Media, were arrested on Tuesday on
charges they allegedly broke into its
computer system and stole secret
business plans.
Ira Lee, 29, and Zissis Trabaris, 31, who
had worked as software developers at
the company, were each charged in
federal court in Manhattan with one
count of unlawful and unauthorized
computer intrusion. If convicted, they
face a possible maximum prison term of
five years.
Interactive Connections provides news
filtering and distribution services, mostly
for Web sites. Its clients include America
Online and Sun Microsystems, federal
prosecutors said.
According to the complaint, the alleged
crime occurred after the defendants'
employment at Interactive Connections
ended and shortly after The Wall Street
Journal ran a favorable article about the
company. The newspaper reported that
the company was backed by James
Robinson, former chief executive of
American Express Co.
The defendants allegedly entered
Interactive's computer system from Lee's
home computer on 25 November, the
night before Thanksgiving. They allegedly
stayed on the system for about four
hours into Thanksgiving morning and
copied various proprietary files and
software belonging to Interactive and
then transferred the information to
various computers that the two men
controlled, the complaint charged.
Copyright 1999 Reuters Limited.
@HWA
31.0 Virus Infestations On the Rise
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by TurTleX
Computer virus infection rates have doubled since 1998
and quadrupled since 1997 according to a report
released by ICSA. The survey was based on responses
from tech departments at 300 U.S. corporations and
government agencies.
Newsweek
http://www.newsweek.com/nw-srv/tnw/today/cs/cs02mo_1.htm
ICSA
http://www.icsa.net/
-=-
Newsweek
http://www.newsweek.com/nw-srv/tnw/today/cs/cs02mo_1.htm
TUESDAY, July 27, 1999
Stopping the Spread
Are computer viruses becoming an epidemic? A recent survey conducted
by ICSA.net, a company that provides computer security information to
corporations, reports that computer virus infection rates have doubled since
1998 and quadrupled since 1997. Based on responses from tech
departments at 300 U.S. corporations and government agencies, the survey
also finds a comparable increase in costs. "The cost of having viruses, given
the frequency of when you get them and what happens after you get them,
is more than doubling every year," Peter Tippett, chairman of ICSA.net, told
Newsweek.com. "We can't conclude that anything has happened that will
prevent things from becoming twice as bad next year," he adds.
One reason for the rise in infections are rates of transmission, which have
dramatically increased in the past several years. Between 1980 and 1995
computer viruses were transmitted primarily via floppy disks, usually taking
a year or more to become prevalent. By 1995, macro viruses�which
primarily live in MS Word or Excel documents and spread via file
sharing�had decreased that time to a few months. The most recent
generation, dubbed "'Net-enabled" or "communications-enabled" viruses, use
the Internet or e-mail to replicate, and can reach epidemic proportions within
days. These new viruses could represent the greatest threat thus far.
The solution, Tippett says, is to use anti-virus programs and tools correctly.
The survey reported that 83 percent of the companies surveyed had
anti-virus software on 90 percent of their computers, but often failed to use
it properly. For example, 40 percent of those companies used "periodic
scanning" on desktops�scanning for viruses once a day, for example, or
every time the system restarts�instead of enabling anti-virus programs'
full-time background scanning functions. Doing the latter, Tippett advises,
increases the chance of discovering the virus before it spreads unknowingly
to the next victim. Other advice: protect servers, gateways anddesktops,
and update anti-virus programs often. � Laura Fording
@HWA
32.0 Granny Hacker from Heck visits Def Con parts 1 to 3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From AntiOnline
http://www.antionline.com/cgi-bin/News?type=antionline&date=07-12-1999&story=CMDC1.news
Granny Hacker From Heck Visits Def Con
Thursday, July 15, 1999 at 16:29:59
by Carolyn Meinel - Writing For AntiOnline
July 1, 1999. A staffer from Loompanics calls to say that the Def Con
convention staff has ordered them to not sell my "The Happy Hacker: A
Guide to Mostly Harmless Hacking" (http://happyhacker.org/buyhh.html)
at their upcoming computer criminal soiree.
This means war! How can I best stick it to the Def Con d00dz? Oho,
their web site (http://www.defcon.org) is advertising a Bastard Operator
from Hell (BOFH) (http://www.rangsoc.demon.co.uk/bofh_last.htm)
contest. A true BOFH should run a computer with all sorts of tantalizing
services. Build something that looks like an eight year old could break in.
Then the attacker runs exploit after exploit against the box. And every
attack mysteriously SCREWS UP!!! Muhahaha. By offering a prize for
the best victim computer, the Def Con guys hops to get better targets
for the hackers playing Capture the Flag.
Amarillo, TX, July 6 and 7, I'm out there with Happy Hacker Wargame
director Vincent Larsen and wargame admin Jon to put together our
BOFH entry: Fangz. Ah, yes, Fangz, an Intel box running Red Hat Linux
(at least that's what any port scanner would tell you, snicker). It runs ftp,
pop3, smtp, a DNS server, telnet with a guest account with no
password, guest access to vi and a C compiler; and a Lithium Quake
server with back doors in place. Ahem, every service is working
according to the RFCs, but not quite running the way hackers would
expect:):)
OK, let's get this straight. All I did was provide the hardware and use
the Hacker Wargame to test various iterations of Vincent and Jon's
Process Based Security (http://www.sage-inc.com) modifications to
Red Hat Linux. Red Hat is a hacker's paradise. A clean install of the
latest version has over 200 ways to break into it. Vincent and Jon's
version of Red Hat, however, would make the BOFH himself proud.
That's why I decided against entering a FreeBSD or OpenBSD system.
They have pretty good security, too. But they don't TORMENT hackers
the way Process Based Security does.
At sunrise Friday morning, July 9, I caught a ride on the Happy Hacker
Godfather's King Air business jet, along with him and Jon. Also there
was this giant Texan on board. I asked him, "You look like a bodyguard.
You look like you could pick up someone by the neck and hold him out
at arm's length."
"I'm an interior decorator. That's my story and I'm sticking with it."
Nine AM we are on site at the Alexis Park hotel. We stagger along with
Fangz, a monitor, laptop, my favorite Ethernet hub, my crummy backup
Ethernet hub, lots of spare 10BASE-T cabling, tools, and duct tape just
in case I need to tape anyone to the wall.
A Def Con "goon" (security guard) helps us out by taking us to the head
of the registration line. Who should be handling, um, exceptional cases
such as ourselves but Pete Shipley. As his mouth drops with surprise to
see us Happy Hacksters out in force, he fails to flash his copyrighted
vampire fangs. Now these are very important, copyrighted vampire
fangz, er, I mean, fangs. Shipley's lawyer actually sent several letters to
the publisher of my Happy Hacker book claiming that Shipley had gotten
a copyright on wearing vampire fangs, so the guy on the cover of my
book wearing fangs owed Shipley royalties. Or something like this.
Anyhow, the publisher, being a hacker himself (Dr. Mark Ludwig),
decided to have a little fun with Shipley. In the second edition he blotted
out Shipley's fanged features with a green blob reading "hey man get my
face off this cover."
Anyhow, I think Mark using Shipley's copyrighted fangs on my book
cover is why Shipley can't wear fangs any more. That must be what got
Shipley to being such a major enemy of mine. After all, my lady BOFH
personality ought to win the adulation of hackers everywhere. LART,
LART, who has the LART?;^)
(http://www.winternet.com/~eric/sysadmin/lart.1m.html)
Shipley swears it isn't because I hacked him at Def Con 3 in front of
dozens of witnesses (see Granny Hacker from Heck). Oh, yes, if you
are a reporter, contact me and I'll give you phone numbers for two of
those witnesses.
Well, that fangless Shipley just about ruined my day. What next, would
Cult of the Dead Cow's (http://cultdeadcow.com) Deth Vegetable trash
can his Mr. T bust and prance on stage in a business suit?
We got Fangz set up pretty quickly. All I did was some physical stuff.
Meanwhile, Jon changed the gateway, DNS server and IP address
himself because there are some interesting twists to Fangz. Then he
spent the next few hours waiting for the Capture the Flag/BOFH
contest to start by changing a few more things on Fangz, like the
process control tables for the "mv" and "cat" commands. Oh, you say
you never heard of Red Hat Linux "process control tables"? Muhahaha.
Then... Priest pays me a visit. Priest. He's a tall middle aged guy whose
trademark is the loud Hawaiian shirts and shorts he wears at every Def
Con. At Def Con 5 he won his "I am the Fed" T-shirt by showing off an
FBI badge. Of course I believe everything I see.
"Carolyn," he gestures to me. He sidles up close and whispers, "I left the
agency a few weeks ago. An Internet startup in California offered me a
chance to get rich. I have a nondisclosure agreement for you.
Interested?"
Of course I like to get rich, too. I sincerely believe that Internet startups
like to offer FBI agents tons of money. "Sure."
Meanwhile the Capture the Flag/BOFH game has finally gotten started.
Less than 100 of the 3,600 Def Con attendees have signed up to play
the game. What? Less than one hundred? I ask several players. They all
say there are perhaps only 200 people at Def Con who actually know
how to break into computers. The rest? Feds, narcs, groupies, and
fakes. And BOFHs:):)
Suddenly people start shouting. I turn to see a man prancing on top of a
table next to the Penguin Palace booth. He is naked except for an
extremely tiny g-string. It's a good thing his genitals are tiny enough to fit
into it. Then he pulls on his jeans and leads a parade of drooling
teenagers out of the room.
A tiny waisted bleached blonde with braless boobs in a spaghetti string
shirt prances over to some Capture the Flag players. Not only is each
boob the size of her head, they are powered by antigravity devices.
From time to time she pulls up her shirt and sticks her naked boobs into
the faces of the players. They keep on shooing her off -- "We're trying
to hack, dammit!"
(to be continued: groupies get drunk and laid; Feds, narcs and Cult of the
Dead Cow urge code kiddies to hack more government Web sites so
Congress will boost the Information Warfare budget from $1 billion to
$1.4 billion; fangz LARTs hackers; Michael Schiffman beefs up his
muscles with a bicycle pump; Shipley remains fangless; Priest attempts
an entrapment scheme; and Granny Operator from Heck gets into
trouble.)
Granny Hacker Visits Defcon - Part 2
Wednesday, July 21, 1999 at 0:49:12
by Carolyn Meinel - Writing For AntiOnline
Let�s see, where was I. Oh, yes, the lady with the giant breasts
powered by antigravity machines is trying to distract people playing the
Capture the Flag game against the Bastard Operator from Hell
contestants. All the BOFHers are unscathed so far. I�m standing next to
my box, every now and then checking to make sure at least a half dozen
people have spawned shells in the guest ac count. I want Fangz to get a
real workout! And who should sidle over but Priest, the giant guy in the
buzz cut sandy hair and loud Hawaiian shirt who says he is �no longer
with the agency.� Out of the corner of his mouth he mutters to me, �Dis
has been committing too many felonies. If Dis doesn�t watch out, he will
go to jail.�
Dis. That�s one of the two or three hundred handles Brian Martin uses,
but who knows, lots of other hackers may use it, too. Or maybe Priest
just keeps on confusing Dis with Mitnick or someone like that. I mutter
right back, �It�s not clear to me that Dis is committing any felonies.�
Hoo, boy, now this is getting interesting. First Priest hints that he can
make me rich, then he appeals to my presumed desire for revenge. Lots
of people assume that since I am Brian Martin�s number one obsession
(as seen at http://attrition.org), that I must hate him. Au contraire! Today
is honesty day, no more kidding around. Martin is my public relations
man, working overtime year after year to make sure everyone has heard
of and buys my book, The Happy Hacker. By publicizing his fictional
accounts of how I hacked 303.org and sekurity.org and let us NOT
FORGET the New York Times, Martin has persuaded countless
teenagers that I am a brilliant evil genius granny.
Oh, while we are on the topic of honesty, Priest just emailed me to
advise that he just might sue me for the first installment of Granny
Hacker from Heck Goes to Def Con. Let�s see, what are his exact
words, �I have to talk to my lawyer about a lawsuit...I at no time
represented my self as an FBI agent nor did I ever display a 'badge' at
Defcon 5 to get a Fed t-shirt. Further, at no time did I aproach you with
an offer of employment or a commentary on what my orgainzation was
doing.� Hmmm, another man from an alternate universe. I think his
alternate universe is at http://www.exo.com, phone them up and they
will give you a truly amazing shell account from which you can entertain
yourself with the file permissions of the other users.
Let�s see if I have this straight. Priest, a fictional entity who ran Def
Con 7, and who has variously claimed to be an FBI agent and involved
in a get rich quick Internet startup scheme, is trying to figure out how to
sue the Granny Hacker from Heck for a humorous article that has lots
of witnesses. If you have any leads on this man�s true identity, or want
to add to reports of who this man has claimed to be from time to time,
please contact me at 505-281-9675. �Don�t pay attention to the man
behind the curtain...�
Now, back to our regularly scheduled programming, Friday July 9. Jon
takes a turn guarding Fangz, our Bastard Operator From Hell
contestant. I go to the main ballroom to catch the first round of �Spot the
Fed.� I pass a room out of which rock music booms. There are fog
machines, spotlights waving about. I notice more young women than I
had ever before seen at a Def Con, mostly beautiful, dancing with
hackers in that party room. More gorgeous women lounge in the
hallway, awkwardly flirting and beckoning. Are they hoping to marry the
next Bill Gates? They certainly don�t have the look of Las Vegas
prostitutes, not even the lady with the antigravity boobs. There�s
intelligence in those eyes. I briefly think of Tracy Baldwin, a new FBI
agent, who came to Albuquerque for her first assignment out of
Quantico. Baldwin�s young, beautiful, tense like a coiled spring. Some of
these women in the hallway remind me of her.
Oh, yes, last November I gave Baldwin a hard time when she tried to
convince me she might arrest me if I didn�t take a lie detector test about
whether I hacked the New York Times. So now she gets to put up with
being in a Granny Hacker story.
In the ballroom, Priest is on stage with a microphone. He booms out,
�To win your �I spotted the Fed� T-shirt, you have to identify someone
who carries a badge and has the power to arrest. Informers don�t count.
You know how you spot an informer, don�t you? He�s someone who
was raided and got back out on the street within 24 hours.�
That made me think. A story in Forbes magazine last January had
reported that the FBI had raided Brian Martin -- yet had not arrested
him. According to an employee of the Internet Service Provider Martin
uses (Inficad), not long thereafter �We were served a subpoena by the
Fed's to perform certain actions on the attrition box co-located at our
facility. As we do with all law enforcement matters we complied, and
they performed what was required and permitted under the subpoena.�
Many in that room know about Martin�s FBI raid. Some in that room
remember Priest claiming to be a Fed. Why would a Fed, even an
ex-Fed (if Priest was telling me the truth) be trying to publicly finger
Martin as a supposed informant? All in good fun, I�m sure.
A young man sitting next to me leans over. �Who is this Priest guy? He
seems to be running Def Con.�
I dunno, maybe being a ficticious character is his profession.
###
Near midnight I am hovering over a laptop and hear a voice booming,
�You. We�re closing down for the night. Out. Now.� I look up and see a
knot of hackers scurrying for the nearest exit, behind them Priest playing
the role of Nazi SS man. He swivels, points with outstretched arm at the
next nearest group. �You. Out. Now.� He strides to another group.
�You. Out. Now.�
I am amazed. Aren�t hackers supposed to be anti-authoritarian? Isn�t
herding hackers like herding cats? Not here.
Oops, I�m wrong. A departing group breaks up and scatters rather than
making it to the exit. Priest catches on within seconds. He points them
out one by one: �I told you, out. Now.�
When he has cleared the room of all but those of use playing the hacker
war game, he comes over to us, now relaxed.
I gesture at Fangz. �I don�t want to leave until everyone else is out of
the room. I worry about physical sabotage of my Bastard Operator from
Hell entry.�
�No problem.�
He lets me be the last non-staff person out.
###
Saturday morning. July 10, 1999. I�m waiting by the pool for the con to
reopen. A swarthy fellow speaks. �Carolyn, I�m a friend of Zyklon.�
�Can you tell me just why, when he hacked the White House Web site,
he called me a crack whore?�
�I�ll ask. By the way, I have your Happy Hacker book. Loved it.�
I can�t resist plugging my book. Buy out the latest printing, folks, and
maybe I�ll shut up. Maybe not:)
###
The hacking game is in full swing. A dumpy little fellow comes over to
me. �Hi, remember I called you on the phone? I�m a reporter from
Rolling Stone. Can you tell me why so many hackers hate you so much?
They won�t ever tell me why, they just say �Carolyn sucks.��
�They don�t all hate me, just some noisy ones. Why don�t you talk to
these young people?� I introduce him to a group of teenage boys who
have clustered around me to get hints about my entry in the game:
�Fangz.� Stuff like I tell them to use the pasv command to make its ftp
server work. Sorry, Fangz is a little primitive, but the fewer features on
its services, the harder it is to hack. Hey, give us credit, it�s RFC
compliant and at least we don�t force players to use tftp, or cut and
paste stuff through a terminal emulation program!
The teens crowd around the reporter. �Tell people most hackers are
good guys! We don�t commit crime! We make the Internet a better
place!� they chorus.
A tall, thin young man in skinhead garb and haircut walks up and hands
me a flyer. It is about the new Web site, �Netcriminals.org.� It has a
fake dossier on me, along with fake dossiers for several other people.
Skinhead asks, �Do you know who I am?�
I shake my head.
He gives a tight grin. �Netmask.�
Netmask. It is the first time we have met in real life, yet over the years
he has occasionally sent me demented, obscene, yet humorous emails.
Some people might say he must be my kind of guy, but ask my fellow
choir memebers at St. Luke, I�m just a sweet old lady.
Anyhow, Netmask and I had spoken once on the phone, or perhaps I
should say, had spoken once that he had admitted to being Netmask. His
erotic fantasies remind me of the man, or group, that has done major
damage to almost every Internet Service Provider I had ever used:
GALF. Netmask�s Web site -- 303.org -- features pictures of his 303
gang mowing down aspen trees with machine guns, dancing around a
table covered with exotic guns, firebombing a car, and at one time it
included instructions that presumably were meant as a humorous parody
on instructions on how to molest children (under cocksoldier.com, hosted
on the same box). They live near the Columbine school district near
Denver.
Netmask runs the kind of gang that could make reporters go nuts for a
chance to interview him. I can see the headline, �Goth gun and bomb nut
hackers run rampant in Columbine school district.� But I will resist the
temptation to write lurid stuff about them, just check out
http://www.303.org for yourself, if it is still up.
Just before Def Con, Netmask had emailed me, �You up for a little
hacker death match with me on friday? (at con)�
I replied, �Sure on death match, if you'll talk with me afterward. My aim
might be off, I'm used to beating up outlaw horses with well-aimed
kicks, the half ton class opponent is kinda exhilarating. Haven't sparred
with a human in a long time. Dunno why humans are afraid of me :):)� I
was just kidding, I swear! I just give wild horses �love taps� when they
attack me, is all.
Hacker Death Match. That consists of putting on bulky foam rubber
�sumo suits� and trying to knock each other down or out of the ring.
Netmask had emailed back, �Im gonna pass on this actually.... Keeps
me out of the media.. and keeps you less in the media..�
Just now I am wearing karate shoes. It�s my Deadly Granny outfit.
Make muggers quake in their boots when they see me. Netmask is
staring at them. The karate shoes, I mean. His martial art is kick boxing.
He looks up. We stare at each other awhile. Then I lean forward within
six inches of his face and whisper, �The reason I respect you, is you
aren�t a crybaby like the others.�
He ducks and rushes off.
###
Two PM. I had gotten press credentials earlier that day from an elderly
oriental man so I could get into the front row with a tape recorder to
cover the Cult of the Dead Cow. They are about to introduce their new
program to enable people to break into computers: Back Orifice 2000.
Priest gets up on stage to announce their imminent arrival. A voice
shouts out, �There have been a lot of naked people here. Isn�t that
against the law?�
Priest laughs. �This is Las Vegas.�
Another voice shouts, �What happens to the people who are running
around naked?�
Priest points at him. �They get laid!�
The audience roars with laughter.
Priest continues, �We have a treat for you tonight, live rock music.�
Priest leaves the stage to cheers.
The lights dim, then go out. From big speakers on stage come sounds of
a storm, mooing of cows and an adult voice ordering a kid over and over
again to put the cows in the barn. The mooing gradually grows ominous,
then ridiculously loud.
Rock music breaks out as two spotlights shine on each side of the stage.
They project the logo of the Cult of the Dead Cow -- a cow skull in
black against a white cross. The logos rotate. In the center of the stage
a video projects themes of cattle interspersed with intimidating images
from Nazi and Maoist social realistic art. Then, to cheers, the Cult of the
Dead Cow gang enters from right stage, hurling glowing disks out to the
audience. Nineteen of the twenty cult members prance, slouch and/or
stagger up on stage. In front of them, their master of ceremonies leaps
about in a ratty white fur coat, synthetic fur chaps, a belt made of
handcuffs, doing a sick parody of a Pentecostal preacher, grabbing his
crotch, making obscene jokes, and leading the audience in chants of
(him)�Dead!� (audience) �Cow! (him) �Kiss! (audience) �Ass!� The
rising lights reveal a parody of church vestments, banners with a
Christian cross with the dead cow symbol in the center hanging on each
side of the stage.
He raises both hands over his head, palms toward the audience. �Every
eight year old can hack shit! Hacking to save the world! Just don�t get
fucking busted! And use a fucking spell checker!� Long cheering and
laughter come from the crowd.
�And now, the man who wrote Back Orifice 2000 -- Dildog!�
Dildog describes the features as if it is merely a �remote administration
tool� as he calls it, raising snickers from the crowd. He uses LCD
projectors from both a �client� (attacker) and �server� (victim)
computer to show how BO2000 hides itself. When he shows the option
to disable the victim mouse and keyboard and allow the attacker�s
mouse and keyboard to control the victim, the crowd cheers.
They end the show with a man in red lace tights, shorts and red pasties
held on with duct tape (who looks like a near terminal AIDS victim)
shimmying across the stage while Deth Vegetable -- a gigantic
sumo-style man in shorts -- smashes computers and a monitor with an
electric guitar, the Master of Ceremonies waving his hands and
screaming as he fires roman candles from a tube he clenches with his
thighs against his crotch.
Afterwards I go back to the press room to check for schedule changes.
Somehow I have the premonition that Brian Martin�s talk �fakes walk
among us� may be rescheduled. David Akin of the Canadian publication
�National Post� approaches me as I am leaving and asks �Why do so
many hackers hate you? They won�t tell me anything specific. Basically
they just say �Carolyn sucks.��
Just then a disheveled man in an Attrition.org black T-shirt strides up
yelling, �Get out of here. Only press are allowed here.�
�I have a press pass.� I show it to him.
�You aren�t a legitimate reporter! Get out of here.�
�How many FUCKing hundreds of magazine articles do I have to write
before you admit I am a reporter?� Oops, I said a bad word. I�m
mortified.
�We�ll consider you a reporter when you write real information!�
�Real information! Your Attrition.org site is full of libel!�
Just then the woman in charge of the press room, followed by several
reporters, comes out and yells at me, �The conference staff says you
are not a reporter. Give back your press pass. Now.�
Akin turns to them, �You can�t do this! You can�t pull a reporter�s
credentials just because you don�t like what he or she writes!�
Somehow Priest materializes. �Come with me, I have some information
for you.� We go into a deserted room. Chairs are stacked high. I can�t
believe I am actually thinking this, but the first thing that comes to mind
is that this will make a great scene for the �Granny Hacker Sticks it to
the FBI� movie.
Priest breaks the spell. �The press room incident. It never happened.�
�What?�
�We are explaining it to the reporters. They understand it was no big
deal. You will never speak of this incident again.�
�No way.�
Puzzlement flashes across his face. He must be realizing that his
nondisclosure agreement ploy has failed. �If you talk to a reporter about
this, I will throw you out of the con. You *will* tell them it never
happened.�
�One problem. I don�t lie.� I begin to tremble. �I ... have ... my ...
integrity.� Priest rubs his chin. I glare at him. He takes a deep breath.
Time for a different ploy. �You don�t have to worry about Attrition.org.
We have discredited them with the media. Brian Martin is on his way
out.�
I look at him, head tilted, puzzled.
�A few months ago Brian Martin tried to get me fired.�
�Uh, huh.�
�We were talking on Internet Relay Chat. On condition of
confidentiality. He sent a transcript of the conversation to my boss. Got
me in major trouble.�
�All he did was violate confidentiality? Sheesh, he didn�t alter the
transcript?�
�He altered the transcript. Fortunately I had my version burned into a
CD-ROM. Also, two others had eavesdropped on our chat and burned
their transcripts to CD-ROM, too. Ours all agreed.�
I nodded. Yeah, right. How come there are always so many fantastic
stories revolving around Brian Martin and Attrition.org? We ought to
nominate attrition.org for a Hugo award at the next World Science
Fiction Convention. Or is Priest the one who deserves the Hugo? Priest
continues. �I want Martin behind bars. You know he was busted for the
New York Times hack. Then immediately released. He�s now an
unpaid informant.�
I let out a long breath. If Priest is telling the truth -- a BIG assumption --
Martin is now too valuable for the agency to expend. �I�ve heard that
Martin is ops (moderator) on three Global Hell IRC channels. So was he
the one who got Zyklon busted for the White House hack?�
Priest shrugs.
�Is he informing on Global Hell?�
He throws up his hands. �We have so much on our plates we can�t even
pay attention to Global Hell.�
�But they claim to be the ones hacking so many of those government
Web sites.�
�You have no idea of what we are contending with.�
Internet startup. Get rich. Yeah, right, I hate it when people forget to
stick to their stories. I reply, �I have a problem with your informant. I
had to shut down our Happy Hacker IRC server when Martin got on it.
It is my opinion that he may have been encouraging kids to commit
crime. I am not operating a breeding ground for crime. I�m not going to
bring Happy Hacker IRC back up until I get a more reliable group of
moderators.�
�Contributing to the delinquency of minors is a crime. Bring your IRC
server back up and we can get Martin behind bars.�
�How?�
�Your network is located in Texas. Under Texas state law, even though
Martin and any kid he involves in crime are both out of state, if
discussions about committing a crime happened on a computer within
Texas, that�s conspiracy. They�ll extradite both parties.�
�I can�t do that. I will not expend some teenager to put Martin behind
bars. I will not bring up our IRC server until I can make sure we can
keep the criminals off.� And, I thought, not until we can keep FBI agent
provocateurs out.
�So, am I going to have to kick you out of the conference?�
�My publisher would be overjoyed. Great publicity. Believe it or not, two
independent groups have approached me about doing a movie. Getting
kicked out would be a GREAT dramatic device.� Oh, man, I can almost
taste the Granny Hacker from Heck movie!
�But what do you want?�
�I want to stay. I want to see if Fangz can win the Bastard Operator
from Hell contest. But even if it does, I presume the conference
organizers will come up with an excuse to deny us the prize.�
�Yes, but at least you will know you won.�
When I return to the game, I see someone at the console of Fangz.
�Excuse me, that�s my computer. The rules say you have to hack it
remotely, not from console.�
�I was just checking to see whether it was broken.� He goes back to
messing with the console of the computer next to Fangz, his entry in the
Bastard Operator from Hell contest. A fat man with disheveled black
hair and ragged beard and sloppy clothes joins him. The disheveled man
slides a CD-ROM into the drive. They are violating the rules by
changing their operating system. Again.
A little later I see Priest walking by. I run over and hail him. �Excuse
me, what is your real name?�
He pauses in mid stride, looking so off balance I wonder if he might fall.
His mouth flaps open and shut. Finally he sputters, �You must be
kidding.�
�I thought it was worth a try.�
He falls back into his fast stride and disappears into the crowd. Poor
Priest, he doesn�t realize yet that he has just persuaded an investigative
reporter, yes, the Granny Reporter from Heck, to learn everything she
can about him, stuff like his .bash_history (real hackers use tcsh) and
maybe even his real name.
###
To be continued: Jon�s lightning reflexes keep Joltcan.c exploit from
DOSing Fangz; Michael Schiffman beefs up his muscles with a bicycle
pump; fat guy who keeps on changing the operating system for his
BOFH entry howls with rage about how mean and nasty Fangz is when
people try to break in (recorded in real-audio, to be available from this
web site); Granny Hacker from Heck gets into trouble, but a giant
Texan interior decorator rescues her.
Granny Hacker Visits Def Con - Part 3
Thursday, July 22, 1999 at 0:01:12
by Carolyn Meinel - Writing For AntiOnline
Saturday, July 10, 1999. After dinner, I return to take a turn guarding
Fangz. Jon points to a stain on the linen covering the table where Fangz
sits. �Someone tried to kill it by pouring a can of Jolt at the keyboard.
Also, the power has been turned off four times since you left. They are
getting ugly.� He laughs. �I let someone reboot into single user mode as
root. He changed the root password to �crackwhore.� He was pissed
when he rebooted and couldn�t get into root over the network.�
Oh, yes, I knew what that was all about. He had set it up so root from
console couldn�t write to the password file. We both snicker. Then I
grow sober thinking of the hazards of people frequently turning off our
power. The operating system we use can sometimes be destroyed if the
power goes off while a file is being written to the disk. Kernel panic!
Some hackers gather around me talking about the latest Web site hacks.
They say the Defcon.org site is down because someone defaced it with
parodies of the Antionline and Happy Hacker web sites. I didn�t do it!
Honest! Um, John, what about you?
They have an even better story about why Martin�s Attrition.org site is
down for Def Con. Somehow the title of the index.html page changed to
�Temple of Hate.� That�s what Antionline�s John Vranesevich and I
like to call it. Then, mysteriously, just after it sprouted the �Temple of
Hate� slogan, Attrition.org went down.
(Later Martin explained that his webmaster had changed the name on
purpose, that it wasn�t hacked, honest! And, just by coincidence, a hard
drive failed right after the �Temple of Hate� headline went up. Just by
coincidence, as soon as they got Attrition.org up again, they decided to
change the headline to �We are the people our parents warned us
about.� I didn�t do it! I swear! Repeat after me, �Hacking Web sites is
childish.� Besides, why would I hack my own publicist?)
At fifteen minutes before 10 PM, Priest comes in to shut down the
room. �You. Out. Now.� Hackers meekly file to the doors.
I go to my hotel room at the Hard Rock hotel across the street, and
change into a short red velvet dress and black tights. This is for the
formal �Black and White� ball, then sashay back to the Alexis hotel. I�m
glamorous granny now, honest!
In the lobby, two of the Trumpbour brothers greet me. They thank me
for bringing our Happy Hacker Wargame team and some computers to
their Summercon hacker gathering a month previously. �Def Con has a
bad atmosphere. We like to keep our con pleasant.�
I thank them for keeping alive the ideal of true hacking. Folks, if you go
to just one hacker con next year, try Summer Con. It's run by real
hackers, people who use their real names, not a bunch of fictitious
characters such as Priest. Speak of the devil, Priest walks by just now
dressed like a priest. I flash him my winningest smile, but he acts like he
doesn�t see me.
I begin walking through the lobby toward the Def Con ballroom. A voice
behind me yells, �Carolyn! Why did you tell the FBI that I hacked the
New York Times?�
I turn and see a man so muscular that he looks like a bicycle pump has
inflated him. By contrast, his narrow head sits on a skinny neck. He is
wearing a tank top that shows off his tattoos. His muscles quiver with
what I suspect might be rage. Behind and beside him is a crowd of kids
that look like they average fourteen years of age. They goggle at us like
spectators at a bull fight.
I scan the group. I don�t recognize any of them. �Excuse me, but I don�t
believe we have met.�
Mr. Steroids says, �We have met. Several times. Think.�
I scratch my head, rub my chin. I simply can�t think of having ever met
anyone who gives the impression of being seriously pumped on steroids.
I study his face. Steroids shouldn�t change that too much. Still doesn�t
ring a bell. �Give me a hint.�
�You know me. You told the FBI I hacked the New York Times.�
I wonder if the FBI had tried to force him to become an informant. Did
some agents do to him exactly what they did to me, claiming to have
evidence that they really didn�t have? When they came after me for
supposedly hacking the New York Times, I had told them to, um
�fword� themselves. Seriously, I am against computer crime and am
happy to help the FBI catch criminals. But I refuse to be an undercover
informant and I oppose the use of undercover informants.
OK, time for major soapbox speech here. IMNSHO, our taxpayer
money should not fund the FBI to run around encouraging computer
crime all in the name of some undercover operation. But, then, maybe
I�m just paranoid. Maybe the FBI doesn't run Def Con. Maybe it is
mere coincidence that Jeff Moss, who bills himself as the man who
owns the Def Con conferences, is a full-time employee of Secure
Computing, Inc. To be exact, the registration for Defcon.org reads:
DEF CON (DEFCON-DOM)
2709 E. Madison
Seattle, WA 98112
Domain Name: DEFCON.ORG
Administrative Contact, Technical Contact, Zone Contact:
Moss, Jeff (JM27) jm@DEFCON.ORG
206-626-2526 (FAX) 206-453-9567
Billing Contact:
Moss, Jeff (JM27) jm@DEFCON.ORG
206-626-2526 (FAX) 206-453-9567
Maybe it is coincidence that the Secure Computing web site claims that
it �is the market share leader in providing network perimeter security to
the U.S. Federal government.�
(http://www.securecomputing.com/C_Bg_Hist_FRS.html) Maybe the
whole Priest thing is just a guy having mostly harmless Vogon fun by
being a fictitious FBI agent.
I�m wondering if the FBI really had told Mr. Steroids I had provided
evidence against him. Is this how their Quantico academy teaches FBI
agents to nullify recalcitrant reporters? Run around questioning, raiding
and arresting people and telling them I provided the evidence? For once
I�m dead serious here. Besides Mr. Steroids, Pete Shipley and his
dis.org gangmates Ph0n-E and Cyber say the FBI has questioned them
at length about allegations the FBI claimed I had made against them. Do
you know what it feels like to have weird looking guys trembling with
anger accusing me of getting them in trouble with the FBI? But then
again, maybe the FBI isn�t doing anything of the sort and all these guys
are just making up these stories.
Anyhow, you�re tired of my rant, so let�s get back to the story. Serious
mode off. Humor mode on.
Steroids reaches into his jeans pocket and pulls out a battered wallet.
�OK, I�ll give you a hint. Look at this.� He shows me his driver�s
license, trembling in his hand. It says �Michael Schiffman.� His buddies
draw closer, menacing. Er, as menacing as a gaggle of 13 through 15
year olds can get. Darn, I�m not wearing my karate shoes. They are
staring at my 38 D bosom instead.
I put on my best politician smile. �Michael Schiffman, nice to meet you!�
Now I know who he is, a man better known as �Route� or �Daemon9.�
He got mad at me long ago when I told my Happy Hacker mailing list
that I opposed his hacker ezine, �Phrack.� In my opinion, he encourages
people to commit senseless digital vandalism.
�Why did you tell the FBI that Modify and I hacked the New York
Times?�
I thought fast. I could remember telling the FBI�s Tracy Baldwin that it
was my opinion that there was only a 2% chance that Michael
Schiffman could have been part of Hacking for Girliez. I had thought
that was my way of debunking the idea he was involved. I figure it
won�t do any good to tell him about the 2% bit, he�s too mad to grasp
nuances just now.
I reply, �The FBI told me that *I* hacked the New York Times.�
Schiffman puffs out a breath. He looks like an impatient school teacher
waiting for a slow student to get the right answer. OK, a psychotic
teacher with steroid poisoning. He�s shaking. �Why did you tell them we
did it?�
�Modify hack the New York Times? Now that�s ridiculous. Why would
I say that to the FBI? He couldn�t hack his way out of a paper bag.�
Schiffman and company begin shouting, �Modify can so hack,� �Crack
whore,� and other brilliant intellectual observations.
I brilliantly retort, �I don�t have to listen to this.� Would they jump me?
Was I about to be mobbed by children while not wearing karate shoes? I
figure I am safer acting like they could not be any threat than by taking
a martial arts defensive stance.
I turn on my heel and walk away..
I enter the main ballroom at midnight -- time for Hacker Jeopardy to
start. This is a takeoff on the TV quiz show, �Jeopardy.� To get to the
empty seats on the far side of the ballroom, I walk around the back. In
the middle of the back row I see a familiar face: Modify and three
others are standing on their chairs. Are they trying to be noticed? As I
pass them, Modify hands me a business card reading �Attrition.org --
We don�t play well with others.� Oh, yes, isn�t that a line from the
movie �Hackers�? Does this mean they are trying to get a movie deal,
too, something like �How Attrition.org Stuck it to Priest (whoever the
heck he is)�? The guy standing on the chair next to Modify hisses at me,
�You�d better watch out.�
I stop to look over the guy who hissed at me. Yes, it must be Brian
Martin. It has to be. He is standing next to Modify, his bosom buddy.
But Martin, once buff, showing off his muscles with a tight T-shirt at
previous Def Cons, has wasted away. He�s downright skinny now.
Some two inches of his hairline has balded. The man is only 25 or 26, I
think. Are those wrinkles on that sagging, emaciated face? Is that a
stoop to his shoulders? The pressure of being my publicist, dealing with
that non-hack of his attrition.org web site, and Priest�s attempts to brand
him a narc and discredit him with journalists must be wearing him down.
Priest tromps up on stage. �Is there anyone who needs to do anything
before the game starts?�
A transvestite prances up to Priest, clad in a tiny sheath evening dress.
Someone throws the girlie a condom. S/He lifts his/her skirt to reveal a
red sequined jock strap that appears to be rather full, and inserts the
condom in it. S/He wriggles off stage, a pied piper leading a gaggle of
boys out of the ballroom.
###
Sunday morning some dazed-looking guys are lounging by the pool. One
is the fellow who is managing the entry in the Bastard Operator from
Hell contest that sits to the right of Fangz. I walk over and give him a
cheery hello. He and his comrades start howling, �Your computer is
stupid. It�s broken. It sucks.�
I ask, �Why?�
�Because it�s yours.�
�Because the C compiler is broken.�
I say, �Other people have compiled programs on it. Why can�t you?�
�Because they fixed the compiler.�
I say, �That�s called hacking.�
###
Later that morning, there is great cheering as the Ghetto Hackers break
into one computer, then another, then get �half a hack� on a third. At 1
PM the game is called to a close. Ghetto Hackers have won the
�Capture the Flag� part of the contest. Of the remaining nine computers,
the winner in the Bastard Operator from Hell is, in theory, to be
awarded to whomever had been running the most services. That, I hope,
means Fangz. I notice a crowd gathering. Priest is there. I ask him, �Is it
OK to take down our equipment now?� He nods. Jon and I began taking
the system apart, unplugging the Ethernet hub, power, etc.
A kid from the Penguin Palace booth comes over and begins
interviewing me on tape. �Carolyn, your box finished the game without
being rooted. Does this mean you�re elite?�
�No, it just means Fangz didn�t get rooted.�
The fat, disheveled guy with the box next to Fangz begins shouting,
�You didn�t get rooted because the hackers here are no good. They
didn�t root my box and it had plenty of holes.�
I reply, �You mean the Ghetto Hackers are no good? That�s not a fair
comparison, you kept on changing your operating system from console.�
�I cheated? I had FreeBSD on it for twelve hours! People did so have
plenty of time to try to break in!�
�Are you saying the Ghetto Hackers are no good?�
He rubs his chin, thinking this one over. As I watch him, I suddenly
realize who he is. Bluto, from the Popeye cartoons. Aha, I have pierced
yet another hacker identity. Finally Bluto looks me in the eye and yells,
�You cheated! Your box broke the rules! You have to be able to
remotely administer it! That�s the rules of the game!�
I look bewildered. �Wait, I distinctly heard them say you are *allowed*
to administer it remotely, and forbidden to administer it from the console.
They didn�t say we were *required* to do remote administration.�
I realize a crowd has gathered. Shipley is among them. Bad sign. A
skyscraper of a man looms to my right. It�s the giant Texan interior
decorator. He holds a keyboard menacingly in his right hand, staring
down Bluto. Good sign.
Bluto yells again, �Can you remotely administer this box? Answer me
now!�
�Well, um, er, it doesn�t have secure shell, we have to telnet in to do
anything.� I�m embarrassed.
�Prove it! Create an account now!�
�But we just took the system down...�
�Prove it! Prove it!�
Priest looms behind Bluto. He�s staring into my eyes. �That�s it,
Carolyn. We just used up our last chit at this hotel. Last night some
fucking idiot tried to steal their golf cart. One more incident and they
close down the con. You. Out. Now.�
I can hardly hear Priest for the shouting of Bluto, who is leaning awfully
close and waving his arms. I make out strangled sounds like �non RFC
services ... broken C libraries...� The Penguin Palace kid is still tape
recording. The giant Texan interior decorator is still leaning over the
table wielding Fangz� keyboard like a weapon, in the face of Bluto. I
hear a voice shouting, �It�s not fair, she isn�t causing the disruption.�
Priest hisses at the kid with the recorder, �If you publish it, I�ll sue you.�
Then he stares at me. �You. Out. Now.�
I get this sinking feeling. �Does this mean otherwise you will strap us
into chairs to listen to your Vogon poetry?�
A guy in a Def Con Goon shirt hisses, �Resistance is futile.�
Priest�s eyes glaze over as he recites, �Or I will rend thee in the
#dc-stuff channel, see if I don�t!�
My mind comes up with a �don�t panic� scenario. �Actually I quite like
your poetry.�
Priest�s mouth flaps open and shut. �You do? Tell me more.�
�Er, ... interesting rhythmic devices...�
The giant Texan interior decorator springs to my defense.
�Counterpoints ... the surrealism of the underlying metaphor...�
A dreamy smile softens the lumpy surface of Priest�s face. �So what
you�re saying is I write poetry because underneath my mean callous
heartless exterior I really just want to be loved?�
�Yes, yes!� the giant Texan interior decorator and I urge him.
�No, well, you�re both completely wrong, I just write poetry to throw my
mean callous heartless exterior into sharp relief. You. Out. Now.�
As we exit the hotel, walking by the pool, Priest trots up and tries to
draw me aside. �We need to speak privately.�
I think for a minute. Maybe he has reconsidered. Maybe he just wants
me to sign that nondisclosure agreement after all and make me rich. Or
could it be, shudder, more Vogon poetry? I gesture at Jon and the giant
Texan interior decorator. �We can speak with them here.�
�No, this is private.�
�Then we can�t talk.�
Jon, the giant Texan interior decorator and I pile into our rental car
which the Happy Hacker Godfather has managed to materialize. Shipley
is leaning into the window to snap one last picture of me. His lips part in
a snarl. No fangs. I flash him a smile.
Postscript: Just as I had anticipated, Priest rescheduled Brian Martin�s
�Fakes Walk Among US� talk. To be exact, he rescheduled it to
dev/null (�device null� for you non-Unix wizards). Martin refused to
take the affront passively. He gathered a handful of people by the pool
side to recount his stories about Antionline�s John Vranesevich and me.
He may win this year�s Hugo yet.
Want to find out why fictitious characters variously claiming to be with
the FBI or a hot Internet startup recite Vogon poetry at me? See
http://happyhacker.org for our �mostly harmless� instructions on how to
break into computers. Happy hacking, and watch out for us grannies
from heck! Oh, I almost forgot. Buy my book, The Happy Hacker: A
Guide to Mostly Harmless Computer Hacking. Resistance is futile.
Granny Hacker vs. "Bluto" via RealAudio:
The Granny Hacker From Heck and "Bluto" go head to head by the
pool:
http://www.antionline.com/RealMedia/CarolynvsBluto.ram
Granny Hacker From Heck Book Plug:
Does your local bookstore say they have to special order The Happy
Hacker? You don't want to wait several weeks to get it through
Amazon.com? You can get the book fast for only $35. For US
customers, this will include Priority 2nd day delivery. Send your check of
money order for $34.95 (this includes shipping and handling) made out to
Happy Hacker, 4 Fawn Rd., Cedar Crest NM 87008.
@HWA
33.0 FidNet Causing Massive Confusion
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Space Rogue
There seems to be a lot of confusion around this new
plan, proposal, draft or whatever it is regarding FidNet.
This new Federal Intrusion Detection Network is
designed to protect the nation's infrastructure from
cyber attack. HNN has only been able to find parts of
the document and have not read all 170 pages of it but
from what we have found this network would actually
be run by the GSA and not the FBI, it would only
monitor government owned systems, and there is a
provision for privacy concerns. This document is not
finalized nor has it been officially released, until then
this plan needs to be closely watched. (At least the
government is doing something other than executing
stupid search warrants.)
Center For Democracy & Technology - Contains Transcripts of Parts of the Report
http://www.cdt.org/policy/terrorism/fidnet/
ZD Net
http://www.zdnet.com/zdnn/stories/news/0,4586,2304083,00.html
MSNBC
http://www.msnbc.com/news/294532.asp
ZDNet;
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
U.S. backs off private monitoring
By Maria Seminerio and Margaret Kane, ZDNN
July 28, 1999 2:26 PM PT
URL:
With criticism rolling in from all quarters, U.S. government officials on Wednesday backed away
from a controversial plan to monitor private-sector networks for hacking activity.
The proposed Federal Intrusion Detection Network (FIDNET) plan, details of which were revealed
by the New York Times Wednesday, has been in the works for at least a year, a National Security
Council spokesman told ZDNN. The proposal for the government to monitor critical systems for
security breaches arose out of concerns about the growing vulnerability of government computer
networks and sensitive private-sector networks to hackers, the spokesman said. (The NSC advises
the president on national security issues.)
But in spite of indications in a government document on the plan obtained by
the Center for Democracy and Technology -- which indicates that private
networks would also be watched -- the NSC spokesman denied that there is
any plan for the surveillance of private online data.
The document outlining details of the plan says the FIDNET monitoring system
would cover "critical government and ultimately private-sector information."
Information gathered about network security breaches within one of the plan's
three "pillars" -- the Department of Defense computer network, other federal
networks and private sector networks -- "would also be shared with the other
two pillars," according to the document.
The document coalesces with comments made by Jeffrey Hunker, senior
director for critical infrastructure at the National Security Council, at the Black
Hat Security Conference in Las Vegas earlier this month. "We depend on
systems that were never meant to protect data from an organized threat," he told ZDNN. "The truth
of the matter is that you all [the industry] own the systems that are going to be the target. It is not
the federal government systems."
However, in an interview with ZDNN, Jim Dempsey, senior staff counsel at CDT, said: "We feel
the government should spend its resources closing the security holes that exist, rather than to watch
people trying to break in," Jim Dempsey, senior staff counsel at CDT, said in an interview.
In spite of assurances from government officials that any monitoring would be largely automated,
somewhere down the line a person would have to step into the process, Dempsey said -- and this is
where such a system could be abused.
The government document detailing the plan acknowledges that "trained, experienced analysts" will
have to step in to determine the nature of any suspected security breaches.
Looking for 'anomalous activities'
But the NSC spokesman said the government does not plan to monitor private networks or read
e-mail messages, but rather to "look for anomalous activities" such as evidence of denial of service
attacks on military and other government networks.
This was little comfort to civil libertarians and other high-tech industry watchers, who blasted the
plan as an Orwellian attack on privacy.
"I think this is a very frightening proposal," said Barry Steinhardt, associate director of the American
Civil Liberties Union, in an interview. "The FBI has abused its power in the past to spy on political
dissenters. This type of system is ripe for abuse," Steinhardt said.
"I think the threats (of network vulnerability) are completely overblown," said David Sobel, general
counsel at the Electronic Privacy Information Center, in an interview. The perceived security threat
is leading to "a Cold War mentality" that threatens ordinary citizens' privacy, Sobel said.
"The most serious concern about this is that it could move us closer to a surveillance society," said
Ed Black, president of the Computer and Communications Industry Association, in an interview. "It's
critical that if they do this, they should not retain any of the information that is gathered."
ZDNN's Robert Lemos contributed to this report.
-=-
MSNBC
U.S. backs off private monitoring
Under attack for its �Cold War mentality,� the U.S. denies it plans to
monitor private networks
By Maria Seminerio and Margaret Kane
ZDNN
July 28 � With criticism rolling in from all quarters,
U.S. government officials on Wednesday backed
away from a controversial plan to monitor
private-sector networks for hacking activity
THE PROPOSED FEDERAL INTRUSION Detection
Network (FIDNET) plan has been in the works for at least a
year, a National Security Council spokesman told ZDNN.
The proposal for the government to monitor critical systems
for security breaches arose out of concerns about the
growing vulnerability of government computer networks and
sensitive private-sector networks to hackers, the spokesman
said. (The NSC advises the president on national security
issues.)
But in spite of indications in a government document on
the plan obtained by the Center for Democracy and
Technology � which indicates that private networks would
also be watched � the NSC spokesman denied that there is
any plan for the surveillance of private online data.
The document outlining details of the plan says the
FIDNET monitoring system would cover �critical government
and ultimately private-sector information.� Information
gathered about network security breaches within one of the
plan�s three �pillars� � the Department of Defense
computer network, other federal networks and private sector
networks � �would also be shared with the other two
pillars,� according to the document.
�We feel the government should spend its resources
closing the security holes that exist, rather than to watch
people trying to break in,� Jim Dempsey, senior staff counsel
at CDT, said in an interview.
In spite of assurances from government officials that
any monitoring would be largely automated, somewhere
down the line a person would have to step into the process,
Dempsey said � and this is where such a system could be
abused.
The government document detailing the plan
acknowledges that �trained, experienced analysts� will have
to step in to determine the nature of any suspected security
breaches.
But the NSC spokesman said the government does not
plan to monitor private networks or read e-mail messages, but
rather to �look for anomalous activities� such as evidence of
denial of service attacks on military and other government
networks.
This was little comfort to civil libertarians and other
high-tech industry watchers, who blasted the plan as an
Orwellian attack on privacy.
�I think this is a very frightening proposal,� said Barry
Steinhardt, associate director of the American Civil Liberties
Union, in an interview. �The FBI has abused its power in the
past to spy on political dissenters. This type of system is ripe
for abuse,� Steinhardt said.
�I think the threats (of network vulnerability) are
completely overblown,� said David Sobel, general counsel at
the Electronic Privacy Information Center, in an interview.
The perceived security threat is leading to �a Cold War
mentality� that threatens ordinary citizens� privacy, Sobel
said.
�The most serious concern about this is that it could
move us closer to a surveillance society,� said Ed Black,
president of the Computer and Communications Industry
Association, in an interview. �It�s critical that if they do this,
they should not retain any of the information that is
gathered.�
@HWA
34.0 Lawmakers Want Drug Info Off the Net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by St0n3r
First it was bomb making information; now it is drug
making information. The dominoes are falling. Sen. Orrin
Hatch, R-Utah, is sponsoring a large
anti-methamphetamine bill, one section of which may
ban this type of information from the Internet.
Nando Times
Better grab the information now while you still can.
Textfiles.com - via Attrition.org
http://www.attrition.org/~modify/texts/mirrors/textfiles.com/drugs/
Secrets of Methamphetamine Manufacture; Including Recipes for Mda, Ecstacy, and Other Psychedelic
Amphetamines - Via Amazon.com
http://www.amazon.com/exec/obidos/ASIN/1559501448/thehackernewsnet
The Construction and Operation of Clandestine Drug
Laboratories - via Amazon.com
http://www.amazon.com/exec/obidos/ASIN/1559501081
@HWA
35.0 Reno Wants Inet Crypto Banned
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Arik
Janet Reno, Attorney General for the United States, has
called for an outright ban on the distribution of
cryptography on the internet. She made statements to
this effect in a letter she sent last May to German
Federal Secretary of Justice Herta Daeubler-Gmelin. The
attorney general's comments take her recent
congressional testimony against the Security and
Freedom through Encryption (SAFE) Act, H.R. 850, one
step farther.
Telepolis- German
http://www.heise.de/tp/deutsch/inhalt/te/5117/1.html
Newsbytes
http://www.newsbytes.com/pubNews/99/134030.html
JYA.com
http://jya.com/reno-ban.htm
Newsbytes;
Reno Calls For Ban Of Encryption Products On The Net
By Staff, Newsbytes
WASHINGTON, DC, U.S.A.,
28 Jul 1999, 5:16 PM CST
Attorney General Janet Reno, long-known for her opposition to the export of strong encryption products, has called for an
outright ban of the distribution of such software via the Internet, according to a German publication.
The German magazine Telepolis printed what it said was a letter Reno sent last May to German Federal Secretary of
Justice Herta Daeubler- Gmelin. The letter calls for the addressing of "risks posed by electronic distribution of encryption
software."
"Although the Wassenaar Nations have now reached agreement to control the distribution of mass market encryption
software of certain cryptographic strength," Reno wrote, "some Wassenaar Nations continue not to control encryption
software that is distributed over the Internet, either because the software is in the `public domain' or because those nations
do not control distribution of intangible items."
"While I recognize that this issue is controversial, unless we address this situation, use of the Internet to distribute
encryption products will render Wassenaar's controls immaterial," Reno concluded in the letter.
The 1996 Wassenaar Arrangement restricts the export of high-tech equipment that can be used for military purposes to
countries of proliferation concern, like Iran, Iraq and Libya.
Reno's letter came as a "thank you" to Daeubler-Gmelin's and Germany's efforts to "achieve a fair resolution on encryption
products" at a Wassenaar plenary session last December.
(Note: Translation of the letter provided by NY Architects, http://jya.com )
Reno's proposal, if enacted eventually, would mean the end of Internet-enabled distribution of all software products using
encryption, including highly popular Web browsers from companies like America Online's Netscape and Microsoft. Any
communications products using encryption would also be banned from Internet distribution.
The attorney general's comments take her recent congressional testimony against the Security and Freedom through
Encryption (SAFE) Act, H.R. 850, one step farther.
SAFE's intent is to allow the widespread availability of strong encryption for export. Specifically, the bill would relax the
White House's controls on encryption export policy, and would make strong encryption products available in the US mass
market available for export. H.R. 850 would also extend the relaxation of policies to other encryption-related computer
products.
In testimony earlier this month before the House Armed Services Committee, Reno restated an earlier claim that while
encryption provides many important benefits to society, "the good of society requires narrow exceptions to this normal
expectation of privacy."
Reno also predicted crime prevention would become much more difficult if the bill is passed, because the process to
unscramble encrypted messages without the recovery key would be very complex.
"That, to me, is an unacceptable result, and we must not allow it to happen," Reno added.
Reno also asked for support and funding of a centralized technical resource - "a `Technical Support Center,'" as Reno called
it - within the Federal Bureau of Investigation (FBI). Such a center would support federal, state and local law enforcement in
developing tools and techniques to respond to public threats caused by terrorists and criminals who use encryption.
Reported By Newsbytes.com, http://www.newsbytes.com .
17:16 CST
-=-
JYA.com
http://jya.com/reno-ban.htm
27 July 1999. Thanks to CS-H and Telepolis. Translation by JYA with Systran.
Source: http://www.heise.de/tp/deutsch/inhalt/te/5117/1.html
TELEPOLIS, 27 July 1999
The USA urges ban of encryption products on the Internet
Janet Reno pressures Herta D�ubler-Gmelin
By Christiane Schulzki-Haddouti
The Federal Cabinet ended the smoldering uncertainties in the German encryption policy at the beginning of June with publication of five key points. However, the
encryption debate is not ended. In the next year a further Wassenaar round of negotiations will be on the table. The US is already trying now to persuade changes in
positions. For the US the liberal export politics of the Europeans is a thorn in the eye. It therefore tries to close the last gaps.
At the end of May US Attorney General Janet Reno requested in a letter (below) that Federal Secretary of Justice Herta D�ubler-Gmelin control distribution of coding
software which is becoming common "over the Internet." In addition it also positions "Public Domain" products. Reno's view is that the "use of the Internet to distribute
encryption products will render Wassenaar's controls immaterial." At the end of year 2000 the Wassenaar agreement is to be negotiated; it regulates among other things
the export of encyption products. Until then the USA wants with the 33 Wassenaar member states to develop a broad consent.
It is strange that the letter was addressed to the Federal Department of Justice and not to the Federal Ministry for Economic Affairs, which, together with the Federal
Ministry of the Interior, is responsible for encryption policy. The Americans probably well-know that the responsibilities are distributed within the German Federal
Government. Therefore it is to be accepted that they figure a discussion with the Ministry of Justice has a larger chance of success.
The Federal Department of Justice did not want to confirm to Telepolis the existence of the letter. From the outside the ministry it means, however, it already has given
several letters of the same request. It is now working on a letter in reply. However, it is not well-known whether the answer to Reno's unjustified demand is to fail. Arne
Brand of the virtual local association of the SPD is annoyed about the "concealment policy" of the Federal Government:
"a cover broad I nevertheless only over a thing out, if I do not have an own point of view, but me the line of others to attach would like".
Encryption export policy as politico-economic instrument
Also, Hubertus Soquat, adviser in the Federal Ministry for Economic Affairs, did not want to confirm the existence of the letter; he nevertheless referred Telepolis to
the basis of the encyryption benchmark figures adopted by the cabinet as clearly a position: "possibly the demand" the American placed into that the area to adjust in the
future also encryption products in the "Public Domain" category to counter German encryption policy, which is based on the free availability of encryption products.
The free availability covers the range from development up to use by the user. The Federal Government cannot therefore meet "possible American demands." Soquat is
convinced of the fact that "encryption export policy is being handled as a politico-economic instrument of the USA, at least."
Thomas Roessler, spokesperson of the "Foerdervereins information technology and society " (FITUG), sees the Reno letter as an attempt to keep "electronic interception
capabilities of American and allied authorities in force for as long as possible." He says that such export control would have absurd consequences:
"A computer journal, which contains a supplement CD-ROM on free cryptographic software, might not be sold at the kiosk anymore, or only by license to
certain foreign customers. Also the publication of free cryptographic software for general access over the Internet would no longer be easily possible."
Besides, says Roessler, already the 1998 results of negotiation would contradict which cryptographic mass market software to export control, the actual purpose of the
Wassenaar agreement. This consists of contributing "to regional and international security and stability as transparency and larger responsibility with the transfer by
conventional weapons and dual-use goods and - technologies promoted and thereby destabilizing accumulations of such - goods and weapons are prevented." Besides
"bona fide" civilian transactions are not to be obstructed. Roessler:
"Today, the use of strong cryptography is the best course of action, it interacts with the controlled transactions obviously in bona fide civil transactions.
The conception that an internationally destabilizing imbalance of military strength can be caused by free or mass market available encryption software, is "absurd."
Reno's letter has to do nothing with the avowed goals of the Wassennaar agreement, "however, but with the attempt to keep in force the electronic surveillance
capabilities of American and allied authorities," says Roessler.
Based on information of the "Electronics Frontiers Australia " (EFA) the export of "Public Domain" crypto software is already now forbidden in Australia, the USA,
New Zealand, France and Russia, since these states do not use "the general software note" of the Wassenaar agreement. A reason is not well-known the EFA. Ingo
Ruhmann of the "forum computer scientist inside for peace and social responsibility " (FifF) regards the attempt of Reno to subject encyption systems of stronger control
as "thoughtless handling of essential fundamental rights of democratic states."
Already it is now foreseen that the "general software note" will play a central role in the Wassenaar preliminaries. An avowed goal of the USA is to prevent the
download of encryption programs over the Internet. Also the treatment of "Public Domain" encryption software will be a topic. Still there are arguments about the
definition of the term "Public of Domain." The Wassenaar agreement describes it as software which was made available "without restrictions on its further distribution."
From a legal view it designates, however, goods, which are free from copyright rights. Critically: According to the wording it is sufficient to exclude a further spread on
CD or without documentation so that a software no more than is not regarded "into the public domain." Is looked for now a definition for a product, which is everyone
accessible and freely available.
Source: http://www.heise.de/tp/deutsch/inhalt/te/5117/2.html
Federal Secretary of Justice Herta D�ubler-Gmelin at the end of May
Dear Minister D�ubler-Gmelin:
I wish to thank you and your Government for your efforts to achieve a fair resolution regarding multilateral export controls on encryption products at the recent
Wassenaar plenary session on December 2-3, 1998. While no Nation, including the United States, was completely satisfied, I think we made significant progress toward
a regime that can support the interests of national security and public safety in the face of the challenges posed by the increasing use of encryption internationally. Given
the divergent cryptography policies that the Wassenaar Nations have supported in the past, and the continuing controversy that cryptography policy continues to
generate, that 33 Nations managed to find common ground augurs well for our future ability to find solutions that satisfy the divergent needs of privacy, electronic
commerce, national security, and public safety.
Much work remains to be done. In particular, I believe we must soon address the risks posed by electronic distribution of encryption software. Although the Wassenaar
Nations have now reached agreement to control the distribution of mass market encryption software of certain cryptographic strength, some Wassenaar Nations
continue not to control encryption software that is distributed over the Internet, either because the software is in the "public domain" or because those Nations do not
control distribution of intangible items. While I recognize that this issue is controversial, unless we address this situation, use of the Internet to distribute encryption
products will render Wassenaar's controls immaterial.
I look forward to our continuing discussions on these and other issues. And again, thank you for your past and future considerations of these issues.
Sincerely, Janet Reno
Source is the editors at JYA
@HWA
36.0 CCC Camp Happens Next Weekend
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by TurTleX and tacscan
In an open field next to a lake near Altlandsberg,
outside Berlin, Germany several thousand people are
expected to gather under tents with their computers.
The Chaos Computer Club Camp will be taking place next
weekend. Along with things like a 34MBit Internet link,
discussions on cryptography and the Linux Death Match
one of the scheduled events may be underwater lock
picking.
Industry Standard
http://www.thestandard.net/articles/display/0,1449,5672,00.html?home.tf
Computer World
http://www.computerworld.com/home/news.nsf/all/9907272hackhol
HNN Cons Page
http://www.hackernews.com/cons/cons.html
Industry Standard;
July 27, 1999
Chaos Club Takes Hackers on
Holiday
By Mary Lisbeth D'Amico
MUNICH � Hackers looking to get away from
it all and at the same time hone their skills,
will set up tents in a field near Berlin next
week as part of a three-day event
sponsored by Germany's premier hacker
group, the Chaos Computer Club.
"Nerds, hackers and phreaks from around the
world," as the club calls them, are gathering
Aug. 6 through 8 in Altlandsberg, near Berlin,
where they will split their time between
partying, swimming in a nearby lake and
engaging in contests that test their hacking
prowess.
The club will provide electricity and Ethernet
access in every tent. A special network will
be set up so users can practice and hook up
to the Net.
Although press is allowed, journalists must
be on their best behavior, the club says.
Reporters must pay like everyone else, must
wear a badge clearly identifying themselves,
may not take pictures and may only quote
those who consent to be interviewed.
Pre-registration is already closed for the
event, according to the club Web site, but
those that show up with 150 marks (US$82)
can try their luck. The grounds can
comfortably fit between 1,500 and 2,000
people.
Business visitors � defined by a club
publication as anyone who is "rich or working
for a company or government that wants
you at the camp because there is a lot to
learn or you have a certain commercial
interest," are asked to pay 1,500 marks
(US$820). Spaces remain for this type of
participant.
The camp will be divided into theme villages
� including lock picking, cryptography and
re-engineering � where participants can
choose the topic that most interests them.
A typical event will be the Linux
Deathmatch, a real-time hacking competition
in which teams of one to three players will
try to hack one another.
Participants can also propose their own
topics to the event's sponsors. One group
has also announced a "Hack the NT"
contest, and the lock-pickers' project is
even eyeing "underwater lock picking in the
lake nearby."
Mary Lisbeth D'Amico writes for the IDG
News Service
-=-
Computer World
http://www.computerworld.com/home/news.nsf/all/9907272hackhol
37.0 Computer Criminal Busted in UK
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by tacscan
A UK man has been arrested and released on bail for
allegedly breaking into the computers of the
CurrantBun.Com Web site. The arrest was conducted by
members of the Computer Crime Unit based at New
Scotland Yard. CurrantBun.com is the portal of Britain's
most popular newspaper, The Sun. After the break-in
the personal information of over 50 people was
distributed via the internet.
The Register
http://www.theregister.co.uk/990726-000006.html
Posted 26/07/99 1:57pm by Tim Richardson
Man arrested over alleged hacking offence
A 19-year-old man has been arrested in connection with the alleged hacking of a Web site
owned by a Wapping-based business premises.
The man -- who has not been named by police -- was arrested last Wednesday and
released without charge. He was bailed to appear at Holborn Police Station in October
pending further investigations.
It is understood the arrest was part of a special operation conducted by the Computer
Crime Unit based at New Scotland Yard.
Last month the CurrantBun.Com Web site was hacked and the personal details of 50
people were published on the Net.
CurrantBun.com is the portal of Britain's most popular newspaper The Sun which is based
at Wapping, London.
David Habanec claimed responsibility for the alleged break-in at CurrantBun.com.
At the time he made no secret that he was responsible and went out of his way to court
publicity over the alleged intrusion.
He even published details of how he carried out the breach of security.
In an exclusive interview with The Register Habanec said he did it to gain notoriety among
the Internet community. He also alleged it was part of a revenge attack against
Cheshire-based ISP Telinco, the company that provides the network for CurrantBun.Com.
�
@HWA
38.0 Researching an attack (KeyRoot)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.pure-security.net/
____ ______ __ ___ _____ ____ __________
/ / / ___/ \ \/ / / \ / \ ____ /___ ___/
/ /__ / /__ \ / / <> / / __ \ / \ / /
/ ___/ / __/ / / / _/ \ / / __ \ / /
/ \ / /__ / / / /\ \ \____/ \ / \ \
/__/\__\ \_____/ /__/ \_/ \__\ \____/ \__\
http://www.weownyourlives.forever
RESEARCHING AN ATTACK by Mnemonic
xkyller@hotmail.com
7/27/99
=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-==-=-=-=
KeyRoot KeyRoot KeyRoot KeyRoot KeyRoot KeyRoot
=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-==-=-=-=
Contents:
01 - Intro
02 - Web browsing
03 - Port scanning
04 - Determing the method of penetration
05 - Making the attack
06 - Ok that's it
=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-==-=-=-=
Shouts to GRiDMAN for suggesting the topic to me
=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-==-=-=-=
01 - Intro
I don't know why it wasn't obvious for me to write about it earlier.
Although I'm sure the major audience that will continue reading after the
intro are script kiddies, I thought about it for a while and decided to go
ahead with releasing it. This white paper is geared towards people who want
to single out a system and make an organized attack. Rather than attacking
a random system you found to be exploitable to a certain security flaw. I
hope I can be of some help to new security professionals or other hacker-type
people or anyone else who breaks into systems. When you plan on breaking
into someone else's system just plan on paying the consequences if you get
caught. If you don't want to get caught take the necessary precautions.
You still might get caught.
=-=-=-=-=-=-=-=-=-=
02 - Web browsing
After you know what system you're attacking you have to get some
general information about the system like what platform are they running,
what applications, things like that. A lot of times you can do this just
by looking through their site. As you look through the take note of what
it's running like if it says what operating system, what web server,
firewall, administrative tools, or CGI scripts and remember what versions
are being used either. The difference between version 1.0 and 3.0 can be
the difference between a possible attack and no attack. FTP or telnet
banners could also reveal information about the system.
=-=-=-=-=-=-=-=-=-=
03 - Port scanning
Port scanning is always a good idea whether you know anything at
all about the system or not. The results of a port scan can in many
cases show you what operating system is being run. For example a Unix
machine wouldn't be running NetBIOS and an NT machine wouldn't be running
mountd. In addition to this, what Internet applications are being run
provides different ways you can break in. Like if you know that the
system is Linux and is running qpop or nlock or some other exploit-able
program then there's a possibility that you can penetrate the system that
way. You should keep a temporary log of all port scanning that you do so
that you can use the information when you actually make your attack. Here
is an example of a very short port scan:
KeyRoot Port Scanner (KeyScan) v1.0 by Mnemonic
Scanning ip address 127.0.0.1 on ports 21, 23, 56
Scan started 3/6/2020 1:08 am
127.0.0.1
21
23
Scan completed 3/6/2020 1:10 am
KeyRoot owns you
I just scanned three ports on my local machine. Two of these ports were
open (21 and 23). I can pretty much assume that I am running FTP and telnet.
Other types of scans can determine what applications are being run on
specific ports.
=-=-=-=-=-=-=-=-=-=
04 - Determining the method of penetration
Now you should know just about everything you need in order to make
an attack. When you know what the system is running you basically know what
it's vulnerable to. You can run some publicly-available exploit, write your
own exploit, or use publicly-known attacks to penetrate the system. In many
instances a system may be running programs that are exploitable only when
you have an account on the system. If that's the case you're going to need
to get a shell some how like guessing someone's password or something like
that. Rooting the system means you have complete control over it. You have
administrator rights.
=-=-=-=-=-=-=-=-=-=
05 - Making the attack
Ok so now you know how to attack the system go do it. In most cases
when you're attacking a someone you need to be running the same platform as
they are. This isn't the case with null connections or with platform-to-
anotherplatform exploits.
=-=-=-=-=-=-=-=-=-=
06 - Ok that's it
Ummmm... yeah... peace to all my bro's in on EFNet. NtWaK0 and
MostHateD and everyone else.
=-=-=-=-=-=-=-=-=-=
KeyRoot: living your life for you
=-=-=-=-=-=-=-=-=-=
07 - KeyScan.c
-----cut-----
/* KeyScan.c by Mnemonic is just a very simple port scanner
____ ______ __ ___ _____ ____ __________
/ / / ___/ \ \/ / / \ / \ ____ /___ ___/
/ /__ / /__ \ / / <> / / __ \ / \ / /
/ ___/ / __/ / / / _/ \ / / __ \ / /
/ \ / /__ / / / /\ \ \____/ \ / \ \
/__/\__\ \_____/ /__/ \_/ \__\ \____/ \__\
For Linux/FreeBSD
*/
#include <netdb.h>
#include <netinet/in.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#define p0rt putaportnumberherethatyouwanttocheck
int x, s;
char *str = "KeyScan v1.0 by Mnemonic";
struct sockaddr_in addr, spoofedaddr;
struct hostent *host;
int openthesock(int sock, char *target, int port) {
struct sockaddr_in blah;
struct hostent *he;
bzero((char *)&blah, sizeof(blah));
blah.sin_family=AF_INET;
blah.sin_addr.s_addr=inet_addr(target);
blah.sin_port=htons(port);
if ((he = gethostbyname(target)) != NULL) {
bcopy(he->h_addr, (char *)&blah.sin_addr, he->h_length);
}
else {
if ((blah.sin_addr.s_addr = inet_addr(server)) < 0) {
perror("gethostbyname()");
return(-3);
}
}
if (connect(sock,(struct sockaddr *)&blah,16)==-1) {
close(sock);
return(-4);
}
return;
}
void main(int argc, char *argv[]) {
printf("\n\nKeyRoot Port Scanner (KeyScan) v1.0 by Mnemonic\n\n");
printf("Scanning ip address ", target, " on port ", p0rt);
printf("\n\nScan started about five seconds ago hehehehe");
printf("\n\n", target);
if ((s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) {
printf("\n\nScan completed\n\n");
printf("KeyRoot owns you");
exit(-1);
}
openthesock(s, argv[1], p0rt);
printf("\n ", p0rt);
printf("\n\nScan completed\n\n");
send(s,str,strlen(str));
usleep(100000);
close(s);
printf("KeyRoot owns you");
}
-----cut-----
@HWA
39.0 Win98 Security Issues A KeyRoot/gH Advisory
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
*****************************************
/ \
/ \
/ Mnemonic Presents \
/ Win98 Security Issues \
/ A KeyRoot/gH Advisory \
/ \
/ \
*****************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Win98 Security Issues
7/16/99
Mnemonic and gH
www.pure-security.net
xkyller@hotmail.com
KeyRoot Information Security
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Contents
1 - Abstract
2 - Root
3 - TCP/IP
4 - Encryption
5 - Permissions
6 - Conclusion
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1 - Abstract
As much as I like Win98 it is totally insecure. Programs in the root directory can
allow remote web access. This could mean to browse your system files with possibly
read and write permissions, upload and download files, remotely execute code, and
whatever else you can think of. If your system has important files on it then you could be
in trouble. The Access Controls in Win98 are misleading and can allow an attacker to
access your hard drive with read/write permissions unpassworded. Also there is no
encryption scheme between the network components so basically anyone can sniff your
passwords and whatever else you type, and improper permissions allow trojan horses to
carry out instructions with no restrictions. All of these security issues have the potential
of giving an attacker remote administration over your Win98 system. The possibilities
that come with that are endless. This advisory goes over several security problems in the
Win98 operating system. I think you�ll be interested reading it. Have fun!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2 - Root
In Windows we have what is called the root directory. This is C:\WINDOWS.
Files in the root directory can carry out system-wide processes that may be compromising
to the security of the system. Explorer.exe has been exploited in past versions to allow
remote access to Win95/98 over the web. In fact any program in the root directory has
the potential of being exploited. Sometimes programs are written without security in
mind or maybe the programmers look over parts of the code and don't realize there's a
problem. There could be a buffer overflow or a poorly written function that allows
remote browsing of databases. If you store medical or other personal information like
credit card numbers, addresses, or company documents then this is obviously a concern.
Nobody wants to wake up one morning and see that their fifteen-page paper that was
suppose to be released tomorrow has been downloaded by a teen hacker. Windows 98
fails to incorporate security necessary to prevent these types of attacks. The only thing I
can recommend at this time is that you download a free commercial firewall that's been
released by a respectable company other than Microsoft.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
3 - TCP/IP
Many of today's Windows '98 users want to share files with other computers on
their existing network. One of the easiest ways to do this is using the TCP/IP protocol.
All the user has to do is go to settings in the start menu, control panel and when Explorer
opens up, click on the network icon. When the network config folder opens there will be
a list of what network components have been installed. Just one click on TCP/IP and
then Add.. File and print sharing.. OK and it's done. The thing most people don't realize
when setting up shares is that they don't stop to think or don't realize that people other
than the intended people can also access these shares and without a password. They
assume that the password will be the same as their Windows logon password. Well they
assumed wrong. Windows '98 provides poor configuration for networks which leaves
them succeptible to attack to anyone on the Internet or on the network. For example if I
were on a network and new the ip address of the computer running shares I would open
an MSDOS window and:
C:\>net use p: \\targetip\ipc$
The command completed successfully.
C:\>net view \\targetip
Shared resources at \\targetip
Share name Type Used as Comment
-------------------------------------------------------------------------------
ADMIN$ Disk Remote Admin
C$ Disk C Drive
D$ Disk D Drive
IPC$ IPC Remote IPC
NETLOGON Disk Logon server share
HPLaser4 Printer HP LaserJet 4si
The command completed successfully.
Basically what I just did was create a null connection with the IPC$ share and view what
shares were on the network. Now I can map to any of these shares like C$ and browse
them with read/write permissions. What this means is that I can take a look at any file on
the system. The access control features of Windows 98 are poorly set up and make
misconfiguration of NetBIOS easy. To learn more about NetBIOS check out The NT
Wardoc by Rhino9.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
4 - Encryption
You would think that in cooperation with the network components of Windows
98 that there would be some sort of encryption between host and client but there's not. If
you do in fact have a password set on your shares any attacker who is sniffing the
network can see you typing in your username and password in cleartext. Win98 provides
no prevention of this.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
5 - Permissions
In the Windows environment there are no permissions on files by default. The
potential of what someone might do with access to all of the files that are a part of the
Windows 98 operating system is risky. They could also download a program which may
be a virus or a trojan horse that executes instructions without any restrictions. This can't
be good for anyone. Your Windows 98 computer is at risk of being compromised
because Microsoft didn�t pay attention and didn�t do a clean job.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
6 - Conclusion
Although Win98 provides excellent point-and-click features it is far beyond not
being secure. Since the update from Win 95 to Win 98 Microsoft has failed to improve
the system as far as security is concerned. There is absolutely no protection at all. If
that�s what you�re looking for in an operating system Windows is not the way to go.
Switch to Unix or something. Basically that�s all you can do. Microsoft continues to
downplay the security concerns of Windows 98 as I write this. I don�t think anyone�s
addressed all of these issues in one informative advisory before so I decided to. I hope
you�ve enjoyed this advisory! Keep tabs on gH and me and KeyRoot.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Brought to you by KeyRoot and gLobaL heLL.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@HWA
40.0 WLDoTrans.asp allows CC retrieval A gH Advisory by Mnemonic
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
*****************************************
/ \
/ \
/ Mnemonic Presents \
/ WLDoTrans.asp allows CC retrieval \
/ A gH Advisory \
/ \
/ \
*****************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WLDoTrans.asp allows CC retrieval
7/14/99
Mnemonic and gH
www.pure-security.net
xkyller@hotmail.com
KeyRoot Information Security
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1 - Abstract
Although there is client authentication and usually encryption
between client and server, WLDoTrans.asp shows credit card information
as clear text in hidden form fields. This can be retrieved by anyone
local to the machine by viewing the page's source. If an attacker
gets hold of the credit information they can buy things with your
card. I hope you like the advisory.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2 - What is WLDoTrans.asp?
WLDoTrans.asp is a secript used in a lot of online shopping.
Basically it checks to see if the info a user enters in an ordering
form is valid. It allows a users to purchase something like a hat or
a t-shirt or anything else in the online market. When the user enters
the information it gets encrypted before going to the server so that
no one can intercept it and read it. This is suppose to allow for
secure online shopping. However, as you will see, things aren't
always secure as the little "you are in a secure area" boxes tell us.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
3 - Description
Although ordering forms usually encrypt the information before
sending it off to the server it's not secure. Once the info reaches
WLDoTrans.asp it gets decrypted in order to check and see if it's
valid. When WLDoTrans.asp loads and you view the source you can see
in clear text the credit information you entered. This includes the
card type, the full credit card number, the expiration date, and the
full name on the card. The line with the credit card should look like
<INPUT TYPE="HIDDEN" NAME="CARDNUM" VALUE="cardnumber">
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
4 - Impact
Although the script is not accessible to anyone remotely, any
time you step away from the
computer there's nothing keeping someone from walking up to it and
doing as they please. Even after you log out of an online shopping
area, an attacker can press the "back" buttonin your web browser until
they reach WLDoTrans.asp. All they have to do is view the source of
the page and boom there it is. With your credit card number, type,
and full name they can order anything they want to anywhere. It
doesn't even have to be to them. They could decide to put you in debt
and buy a plane. An attacker could easily run your credit card out
and give you bad credit. You probably wouldn't even notice anything
until you receive a bill for $800,000 or until someone says "sorry,
this card is no good".
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
5 - What to do about it
The most obvious way to fix the problem is to encrypt the
hidden form fields (HFFs) which contain the credit card information.
This is very easy and affordable and allows WLDoTrans.asp to function
normally. Well encryption requires decryption on the server side and
encryption on the web page side. Basically this would allow you to
encrypt the hidden values before they're submitted to WLDoTrans.asp.
When WLDoTrans.asp loads it is imperative that it displays only the
encrypted values or risk retrieval of the credit card information.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Brought to you by KeyRoot and gLobaL heLL.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@HWA
41.0 bad CGI scripts allow web access A gH Advisory by Mnemonic
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
*****************************************
/ \
/ \
/ Mnemonic Presents \
/ bad CGI scripts allow web access \
/ A gH Advisory \
/ \
/ \
*****************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
bad CGI scripts allow web access
7/14/99
Mnemonic and gH
www.pure-security.net
xkyller@hotmail.com
KeyRoot Information Security
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1 - Abstract
Many CGI scripts today accept hidden values that aren't correct. When an attacker
enters a value other than what is expected the script behaves weird and sometimes will allow the
retrieval of passwords, credit card information, or system browsing. Basically that's it.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2 - Description
More than half of all websites today are dependent on some sort of CGI script. This
could be to admin a system over the www, edit something, login, or make a payment. Many of
these scripts are written by an inexperienced programmer or one who is unconcerned about the
security of the site. Their reliance on faulty programs is a big security problem. What happens
most of the time is that a user inputs something to the script and the script doesn't check to see if
the value is an acceptible value. For example, here's a form from a system I was checking out a
little while ago:
<FORM METHOD=POST ACTION="http://www.server.com/cgi-bin/faultyscript">
<INPUT NAME="member" TYPE=hidden VALUE="">
<INPUT NAME="membername" TYPE=hidden VALUE="myaccount">
<INPUT NAME="authentication" TYPE=hidden VALUE="abMBIV9v/bcdo">
<INPUT NAME="passwd" TYPE=hidden VALUE="">
<INPUT NAME="fulladdress" TYPE=hidden VALUE="http://www.server.com/blahblah">
<INPUT NAME="subdirectory" TYPE=hidden VALUE="">
<INPUT NAME="email" TYPE=hidden VALUE="">
<INPUT NAME="diskspace" TYPE=hidden VALUE="">
<INPUT NAME="extras" TYPE=hidden VALUE="">
<INPUT NAME="timestamp" TYPE=hidden VALUE="907100341">
<INPUT NAME="extlist" TYPE=hidden VALUE="">
<INPUT NAME="blah" TYPE=hidden VALUE="The name of the faulty script">
<INPUT NAME="filename" TYPE=hidden VALUE="index.html">
...
<INPUT TYPE="submit" NAME="operation" VALUE="Save and Continue Editing">
...
With this example, the form came with my account. However, when I simply change the
hidden form named "membername" from the value of my account name to the value of any other
account name including the root and webmaster accounts. When the page was loaded with the
value "webmaster" replacing my account all I did was click save and a new page loaded with the
webmaster account's password smack dab in the middle. This kind of attack can work on any
system running a CGI script. All that has to happen is a kid willing to take two or three minutes
out of his boring life and think.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
3 - Impact
All this goes to show is that CGI scripts sometimes do weird things when they receive an
input that they don't recognize. This could mean retrieval of account passwords, credit card
information, or browsing the system and opening files. The impact of this problem is pretty deep.
If an attacker can get the webmaster's password they have total control over that site. The
attacker can open, alter, and delete files. They can delete or add users, change the content of the
main webpage, and basically do anything to the system. If the attacker gets credit card
information they can buy anything on someone else's credit card information and your system
could be held responsible. Also if the attacker can browse the system's files they can retrieve the
passwd file or some other file that can lead to root access. Basically it's not a good idea to have
vulnerable CGI scripts at all.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
4 - What to do about it
There only thing you can really do about this is to go back and look over the source to all
of your CGI scripts and make sure there are checks in all of the right places. There can't be any
place where an attacker can enter false data and have the script accept it. If you're at all worried
that someone might try to exploit you then it's a good idea and it's easy. Take a few minutes
during lunch while you're drinking a Cherry Pepsi and eating a Philly Sub to make corrections.
Well that's it for this advisory. I hope you've enjoyed reading it as much as I enjoyed writing it.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Brought to you by KeyRoot and gLobaL heLL.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@HWA
42.0 Can my firewall protect me? by Mnemonic
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
Can my firewall protect me? by Mnemonic
7/7/99
KeyRoot
Everytime I look through a computer magazine or search the Internet, I see an advertisement
for a firewall. "Your solution to hackers" many of them boast. By calling a product a firewall,
vendors fool a lot of companies into buying something they don't know what it does, or something
that won't help them at all. A firewall is software that filters incoming and outgoing connections to
a system. It also monitors all server requests and the activity of the system's users on the Internet.
Although a company may feel safe running a firewall, they're still at a high risk of being attacked.
The firewall may very well protect against Denial of Service (DoS) attacks, and basic attempts at
gaining root, or supervisor, access on the system, many firewalls actually increase the risk of attack
rather than adding protection. If a firewall is improperly setup, it may allow remote access to even
the most stupid of hackers. Additionally, the firewall may have its own problems without the help
of an under-practiced administrator.
It may contain a buffer overflow, for example, in the source code. Or it may have some
other problem which allows remote execution of files. The problem is today's security standards
are no higher than a sign that says "back off" on a fence post. When a hacker knows that a system
is running a firewall, they quickly check around to see what kind of firewall in order to exploit it.
He doesn't get worried and try the next system that looks vulnerable. I know this from my own
experience.
A few days ago, I broke into a system, with permission of course, that boasted no kid could
break into it. It was running NT 4.0, IIS 4.0, Remote Access, some Cisco Router, and MIP 2.0.
The system was actually vulnerable to several publicly-available exploits that led to admin-level
access. The firewall did nothing to prevent the attacks.
If you would like to protect your system, the best way is to keep up on all of the latest
attacks and how to protect yourself against each one individually. This method is much more
affective than buying something that could actually weaken your security instead of providing a
shield. If you'd like to get in touch with me I'm Mnemonic and I'm usually an op in #Legions on
EFNet. Go check out RootFest or something.
@HWA
43.0 How company specific programs can be used against the company by Mnemonic
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
How company-specific programs can be used against the company
6/30/99
Mnemonic
xkyller@hotmail.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
So you're sitting at your computer, drinking a Pepsi, reading your new magazine,
whatever, and you decided to read this paper because it sounded cool. Well.. it is. No no, I
mean it is but that's not the point. There are so many companies out there that depend on the
Internet to do business. Whether their business is marketing, communication, or video games, the
company's systems are in use by people who aren't always on-site. Many times a programmer
will be hired to create programs that are made to carry out purposes that are specific to the needs
of the company. This opens up a big security risk. If the program is configured incorrectly, or
used in a way other than it was designed for, the program could behave iradically and give the user
supervisor access. The purpose of this paper is to show how an attacker would exploit one of
these programs, not how to eliminate the risk. However, in knowing the means of penetration, you
should be able to design programs that will adamantly protect against tcp/ip based intrusions.
Read over this paper carefully, and learn a thing or two. If you have any suggestions or comments
feel free to contact me.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Contents:
1) Who's at risk?
2) Why it is a problem
3) How the programs are exploited
4) Why anyone would want to attack a company
5) Conclusion
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
1 - Who's at risk?
There are a lot of companies out there and a lot of different work fields. It's hard to
narrow it down to only a handful that are at risk, because everyone is at risk. Everyone that uses
the Internet on a day-to-day basis that is. Any company that does online banking or that deals
with any type of exchange of information or requires off-site use of their systems is at risk. For
example, Booking Inc. might be set up in Saint Mary, Maryland and have an employee named
Bob in Miami, Florida. Suppose Bob needs to access Booking's server to update the information
about an airline that was suppose to arrive in a few weeks. Bob needs to replace it with
information on another airline that will be arriving in its place, but he's nowhere near Booking Inc.'s
location. The solution is to provide Bob with an easy way to do his job from where he is: the
Internet. Booking Inc. hires a programmer to write them a software suite that will allow Bob to
connect to Booking's system and update certain things in a certain way. This is the way most
companies today think, but it's not a good way of thinking.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
2 - Why it is a problem
The problem with this solution is that someone not employed by the company can use the
same means of access as Bob to access the company's database. This isn't a good idea because
from there, the attacker can flaunt around as if he were a part of your company. He could make
transactions in the company's name, change schedules, or any number of things that would cost the
company anywhere from nothing to thousands of dollars. No company can afford to leave their
information that open. Access to the database doesn't mean just looking around. It means the
ability to change things and go unnoticed. Many times a user will alter something that may pass
without question until that something is called on. Then it really has an impact on the company.
Too many companies don't realize there is a problem until it is too late, so I'm telling you now. If
your company runs its own software there's a good chance that it is vulnerable to attack.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
3 - How the programs are exploited
Since each program is different, there are obviously more ways to exploit the programs
than I can mention here. Although, I will go over one of the most common methods of program
exploitation. It is called a buffer overflow. A buffer is an area shared by software that can be
called upon to recount things. It temporarily saves necessary data. This is where a program is
designed to accept data, assign it a value, and store that value, that data, in a buffer. A buffer can
only hold a certain amount of data. When a program receives an amount of data that is more than
the buffer can handle, the program will not function properly. This is called a buffer overflow. The
program will give the attacker privileges equivalent to that of its owner. For example, the program
may be "owned" by the supervisor. That is, it can perform tasks with supervisor-equivalent
privileges. Let's suppose that the software Booking Inc. has given Bob is called Doober, and that
the host side of Doober has these lines:
char flightnm[168]
printf("Change flight number to?\n", flightnm);
strcpy(flightnm);
The problem is that flightnm can only hold data up to 168 bytes and doesn't check to see if the
input will fit in the buffer. If Doober is owned by the supervisor, then an attacker could exploit
Doober with a program that would input a string greater than 168 bytes. This would easily give
the attacker supervisor rights. Here's another example:
char buffer1[1024];
char buffer2[1024]
...
memset(buffer1, 1, sizeof(buffer1));
memset(buffer2, 2, sizeof(buffer2));
...
memcpy(buffer2, buffer1, sizeof(buffer2));
If, however, you want to fix the problem, you can just add a line to make sure the input fits:
...
memcpy(buffer2, buffer1, sizeof(buffer2));
if ((buffer2 != 1024) && (buffer2 > 1024) && (buffer1 != 1024) && (buffer1 > 1024)) {
printf("That was too big\n");
exit(1);
}
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
5 - Conclusion
If your system is running company-specific software, I more than believe that you're
vulnerable to attack. I advise review the source code to all programs, and defining the type of
access that the program has to the system. Bob from Booking Inc. may need to update airline
information, but not the method of payment the airline's customers are using. So play it safe and all
that jazz. If you have any comments or suggestions or if shx.c for SunOS doesn't compile right
(I've used shx.c for BSD don't e-mail me about that), I'm Mnemonic at xkyller@hotmail.com.
Peace out.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Legions of the Underground
http://www.legions.org
Keen Veracity
http://www.underzine.com
KeyRoot
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
@HWA
44.0 Exploiting the netware bindery by Mnemonic
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From www.pure-security.net
*****************************************
/ \
/ \
/ Mnemonic Presents \
/ Exploiting the NetWare Bindery \
/ A KeyRoot Advisory \
/ \
/ \
*****************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Exploiting The NetWare Bindery
7/4/99
Mnemonic and KeyRoot Information Security
we'll get a webpage to go here
xkyller@hotmail.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For those of you who follow my stuff in Keen Veracity, some of the material in this advisory
is repeated material from previous releases. This advisory should be accurate for versions of
NetWare up to and including NetWare 3.x
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1 - Abstract
For a long time, NetWare has been doing very poorly in the security field. Even with the
many tools released by various people to bring to light NetWare's weaknesses, Novell
continues to ignore the existance of its problems until the details of an attack have been released
to the public. As a wannabe admin and a repetitive Pepsi drinker, I think it is necessary for me
to release my research on NetWare security. The problem now is that the NetWare bindery is
openly accessible to any NetWare user. This means to my password, your password, and that
idiot in the office next to you's password.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2 - The NetWare Bindery
NetWare's bindery is basically memory sectioned off for use of NetWare proccesses. It's
a database where NetWare keeps information about the network resources and users that
many function groups use to store and retrieve information. Each file server on a network
system has its own bindery, and thus its own group of known objects. The NetWare bindery
can best be compared to the Force. It binds the galaxy together. Yeah..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
3 - Description
There are actually two things I want to discuss here. The first is getting the password for
someone else's account, and the other is getting the password for the account you're on.
They're two seperate things. Now check it out:
NetWare represents each shared application, printer, or a logged-in user as an object in
the bindery. Each object has identifying characteristics, known as properties. Properties are
dependant on objects which have these attributes:
OBJECT ID
OBJECT NAME
OBJECT TYPE
OBJECT FLAG
OBJECT SECURITY
PROPERTIES FLAG
These are the properties attributes:
OBJECT ID
PROPERTY NAME
PROPERTY FLAGS
PROPERTY SECURITY
VALUES FLAG
The property name is a character string of up to 16 characters, including the null terminator.
Propery names have the same restrictions on the use of characters as object names.
The property flags are stored as a one-byte field. They indicate whether the property is
static or dynamic, and whether it is an item or a set. Sets are lists of object IDs which are
interpreted by NetWare. Item properties are unformatted binary fields stored in 128-byte
segments which are interpreted by applications or NetWare APIs.
Any user can retrieve the 128-byte segment which represents an object's password, and
then convert this binary string into clear text. The user first calls GetObjectData() to get the
name of the object. This function uses ScanBinderyObject() to populate a structure of type
OBJECT. There are two ways of identifying objects. You can use the OBJECT ID or the
OBJECT NAME and OBJECT TYPE. The last element is a dummy with all fields cleared to
0. Here the user calls GetUserAndApplicationData() to retrieve the password. For example:
...
GLOBAL int GetUserAndAppInfo(char *argv[], int nMaxArgs, OBJECT *pObject)
{
strcpy(aop->obj.szObjectName, argv[nMaxArgs - 2])'
aop->obj.wObjectType = OT_APPLICATION;
strcpy(aop->szPassword, argv[nMaxArgs - 1]);
fread(&szPassword, sizeof(int), 1, inpf);
printf("\nThe password for that account is ", szPassword, "\n");
}
The second thing I want to discuss is the retrieval of the password for the account that
you're on. To do this we use functions in the Connection Services. So we can call
GetConnectionNumber() to get the number that the file server has assigned to this workstation's
connection. Then we call GetConnInfo() to get the name of the user among other information
including the password. Take a look:
...
void GetMyAccountPassword(char *argv[], int nMaxArgs, OBJECT *pObject)
{
FS_CONNECTION_INFO *pFSConnInfo;
pFSConnInfo = GetConnInfo(GetConnectionNumber());
if (pFSConnInfo == NULL)
return -1;
/* this is where the user info is now */
*pObject = pFSConnInfo->fsLoggedObject.obj;
free9pFSConnInfo);
strcpy(aop->obj.szObjectName, argv[nMaxArgs - 2]);
aop->obj.wObjectType = OT_APPLICATION;
strcpy(aop->szPassword, argv[nMaxArgs -1]);
fread(&szPassword, sizeof(int), 1, inpf);
printf("\nThe password for the account you're on is ", szPassword, "\n");
}
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
4 - Impact
Wow. I shouldn't even have to go over this section. If your network is running NetWare
and you have private data of any sort on the network, your data is succeptible to the will of the
attacker. The severity of this attack is only as big as the system that is affected. A hacker may
decide to get the password to the supervisor account if the supervisor is logged in. If that
happens, the hacker will have complete control of every computer on the NetWare network.
The hacker may decide to change or delete your data, or nothing at all.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
5 - What to do about it
There is actually nothing that any of us can do about this right now. We can't deny people
access to the NetWare bindery or monitor their queries of it. The best thing to do right now is
to switch to something more secure until the problem is fixed in a later version of NetWare. It
would be wise to presume that it works on all versions of NetWare.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Legions Interactive
http://www.legions.org
Keen Veracity
http://www.underzine.com
RootFest 2K
http://www.rootfest.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@HWA
45.0 Tax Break for Key Escrow Crypto
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Code Kid
H.R. 2617, a bill sponsored by Porter Goss (R-Florida),
seeks to amend the Internal Revenue Code of 1986 to
allow a tax credit for development costs of encryption
products with plain text capability without the user's
knowledge. This will give companies a great monetary
incentive to create weak crypto. (It will also allow
people to find out what publicly traded companies took
advantage of this tax break, so you will know which
products to avoid.)
The Federal Register
http://thomas.loc.gov/cgi-bin/query/D?r106:1:./temp/~r106TNpQz3:e0:
<link expired, couldn't locate a follow up...>
Wired
http://www.wired.com/news/news/politics/story/21014.html
A Tax Break for Snoopable Code
by Declan McCullagh
3:00 a.m. 30.Jul.99.PDT
WASHINGTON -- If anyone in Washington
qualifies as an ardent foe of encryption,
it's congressman Porter Goss (R-Florida).
Two years ago, the chairman of the
House Intelligence committee tried to
make it a crime to distribute
privacy-protecting software, such as PGP
or recent versions of Netscape Navigator
and Internet Explorer.
The plan failed, but Goss didn't give up.
On Wednesday, he and the panel's
ranking Democrat introduced a bill to
jump-start the US market for encryption
products with backdoors that would
support government surveillance.
The "Tax Relief for Responsible Encryption
Act" gives companies a 15 percent tax
break on the costs of developing
government-snoopable encryption
products.
Such products might support key
recovery -- in which a copy of the secret
key needed to unlock scrambled data is
placed within reach of law enforcement
-- or "other techniques."
"This legislation offers a way out of the
stalemate between those who view
commerce and national security as an
'either-or' proposition," Goss said in a
statement.
Goss and 22 other House members also
sent a letter to President Clinton asking
him to organize a "summit" of industry
executives and government officials to
extract an agreement on encryption
regulation.
"It has become evident that your
leadership on this issue is vital to resolve
the equally legitimate interests of law
enforcement, national security, privacy,
and industry.... We believe that without
your personal involvement on this issue
now, our national security and public
safety will suffer serious and needless
consequences," the legislators said.
Law enforcement groups and their allies in
the Clinton administration have long
pressed for snoopable encryption
products, complaining that a parade of
undesirables -- such as pedophiles, drug
smugglers, and money launderers -- might
use crypto to communicate in secret.
But the idea of the government
subsidizing potential privacy invasions
doesn't appear to be wildly popular.
"I think the government's role is to
protect the individual liberties of its
citizens -- they should be giving
companies incentives to strengthen
encryption," said Jennifer DePalma, a
graduate fellow at the Institute for
Humane Studies at George Mason
University in Arlington, Virginia.
"They should let the free market continue
to put an emphasis on protecting people's
privacy," she said.
For its part, the House Permanent Select
Committee on Intelligence is insisting that
it's pushing a voluntary approach.
The committee members have abandoned
their hope for a ban on unapproved
encryption software, a source said. The
administration has pushed for a key
recovery scheme, whereby law
enforcement would gain access to
"plaintext," or unencrypted, information.
But the market has rejected such
options.
"Mandatory recoverability is a
nonstarter," a committee staff member
said. "Law enforcement doesn't need us
to mandate access to plaintext
domestically."
"The congressman does not want to
mandate recovery of encryption
products. He wants to encourage
products that have societal benefits," a
spokesman for Goss said.
The committee last week said in a report
that a bill to roll back some export
restrictions on encryption products would
harm children while protecting "criminals
and international thugs."
"Child pornographers could distribute their
filth unimpeded," the report said.
"Pedophiles could secretly entice the
children of America into their clutches.
Drug traffickers will make their plans ...
without the slightest concern that they
will be detected. Terrorists and spies can
cause unspeakable damage without even
the possibility of being stopped before it
is too late."
Rep. Julian C. Dixon (D-California) is
cosponsoring the measure, HR 2616.
@HWA
46.0 NSA Claims Israel Attacking US
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Turtlex
Evidently there are not enough government computer
security agencies. The NSA's new National Security
Incident Response Center issued a warning last week
regarding attacks originating from a machine inside
Israel. The 'attacks' appeared to be numerous port
scans of government and military computers. (Love the
acronym NS-IRC, hehehe.)
The Washington Times
http://www.washtimes.com/news/news3.html
White House says IPI
system not aimed at U.S.
By Ben Barber
THE WASHINGTON TIMES
White House spokesman David Leavy
on Thursday adamantly denied a new
International Public Information (IPI)
system would be directed at American
audiences.
IPI is a secret Clinton administration
program to control public information
disseminated by the departments of State and
Defense and intelligence agencies.
It is meant to "influence foreign audiences
in a way favorable to the achievement of U.S.
foreign-policy objectives," according to a draft
IPI charter obtained by The Washington
Times.
But critics claim that IPI will be used for
domestic propaganda.
White House says information
system not aimed at U.S.
By Ben Barber
THE WASHINGTON TIMES <cont'd>
White House spokesman David Leavy on Thursday
adamantly denied a new International Public Information
(IPI) system would be directed at American audiences.
IPI is a secret Clinton administration program to control
public information disseminated by the departments of State and
Defense and intelligence agencies.
It is meant to "influence foreign audiences in a way favorable
to the achievement of U.S. foreign-policy objectives," according
to a draft IPI charter obtained by The Washington Times.
But critics claim that IPI will be used for domestic
propaganda.
-- Continued from Front Page --
"That is totally inaccurate," Mr. Leavy said. "The IPI
initiative is designed to better organize the government and the
instruments we have to support our public diplomacy, military
activities and economic engagement overseas. There is no
impact on the domestic press."
Mr. Leavy said that U.S. information officials at home and
abroad serve different functions.
"There are officers who work with the media in the United
States and officers who support the U.S. policy overseas. They
are totally separate. They are totally different functions," Mr.
Leavy said.
But a former deputy chief of the U.S. Information Agency
(USIA) under three presidents said he fears the IPI plan would
mean U.S. propaganda aimed at foreigners would be used to
influence American elections.
Gene Kopp, who served under Presidents Nixon, Ford and
Bush, said the elections of President Kennedy and President
Carter were directly influenced by leaks of USIA foreign
public-opinion polls showing a decline in U.S. prestige abroad.
"I am concerned this could happen again under the IPI plan,"
said Mr. Kopp, currently a Washington lawyer. "The
administration is transferring all assets, except broadcasting, to
State, where they will not be separated in any way. It will be
very difficult to separate what is disseminated in the United
States and overseas."
He said that the opportunity for abusing the system will be
great.
"The temptation to spin this stuff in a partisan way will be
very strong -- probably irresistible," he said. "The other ominous
feature is that this includes the intelligence agencies. They are in
the business of misinformation. God only knows where that
goes."
New allegations emerged Thursday that the Clinton
administration has been trying to control how American news
organizations cover foreign affairs, at least since the Bosnia
peacekeeping mission in 1996.
According to a former government official, who insisted on
anonymity, the White House created a Strategic Planning
Directorate, which used the State Department and USIA to
pressure American reporters into favorable coverage of the U.S.
troop deployment in Bosnia-Herzegovina.
It came into being just prior to the 1996 presidential election.
"I heard them talk about it in conference telephone calls
--how they had to control the media out there, the bureau chiefs,
because if the Republicans picked this up [the Clinton
administration] would be exposed as having no foreign policy,"
said the former government official.
Shortly after President Clinton won re-election in 1996, the
administration announced that U.S. troops would not be home by
Christmas, as promised. Today, nearly three years later, some
7,000 U.S. troops remain in Bosnia.
"The U.S. public wanted to know how long American troops
had to be there," said the ex-official. "The Clinton people said
'only one year,' and [that] they would be home in December,
after the election. But everyone knew the only way to keep the
warring sides apart was robust international and American
presence."
This former official said this was widely discussed.
"In the conference calls, they openly discussed how they had
to prevent American journalists from discussing this," he said.
The source said that USIA officials and National Security
Adviser Samuel R. Berger tried to convince American editors
not to publish accounts by their reporters who wrote that Bosnia
was unsafe for Americans, that Muslim extremists were a
threat, and that the warring sides would never be pacified.
Ivo Daalder, who was a staffer on the National Security
Council at the time, said discussions had no ulterior motives.
Mr. Daalder, who is now at the Brookings Institution, said the
talks among the USIA, National Security Council and other
agencies "had the sole purpose of making sure they share
information among them, and when the U.S. government speaks
to the outside world, it does so in a coordinated manner."
Mr. Daalder said "there was no deliberate campaign
designed to put out false information prior to the 1996
presidential election."
He said that USIA did increase staffing and efforts to
convince American reporters in Bosnia of the administration's
perspective in September, prior to the Bosnian elections.
@HWA
47.0 Jail Time for Users of Crypto
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Code Kid
The Electronic Communications Bill, proposed in Britain,
could send users of encryption products to jail for up to
two years. Basically if you send encrypted mail to
someone who is being investigated by the police the
police can ask you for your keys. If you refuse you
could get up to two years in jail. Tip off the person who
received the encrypted message and get five years.
CNN
http://www.cnn.com/TECH/computing/9907/29/ukencrypt.idg/index.html
Use encryption, go to jail?
July 29, 1999
Web posted at: 11:11 a.m. EDT (1511 GMT)
by Douglas F. Gray
LONDON (IDG) -- Encryption users
could face up to two years in prison
for refusing to hand over the keys to
their code, according to Britain's
proposed Electronic Communications
Bill.
The bill is causing concern among
privacy advocates and opposition
parties, who say the bill gives law
enforcement wide-reaching power
over private Internet communications.
Most aggravating, the bill calls for a
possible two years in prison for
anyone refusing to turn over the
encryption key or the message in
plain text to law-enforcement
officials. It also calls for a five-year
prison term for tipping off senders
that they are being investigated,
according to Caspar Bowden,
director of the London-based
Foundation for Information Policy
Research.
Even discussing an investigation in public, such as complaining about alleged
abuses of law enforcement to the media, may also be punishable by
imprisonment, said Bowden. "Let's say that someone under investigation sends
me a message with encryption that can only be decrypted by the receiver. The
authorities come to me and tell me that they are investigating someone, but
won't tell me who, so they ask for all my private keys," Bowden said. Refusing
this request from the authorities could get him two years in prison, said
Bowden.
In such a case, the authorities would have all of Bowden's private keys,
enabling law enforcement to read all encrypted correspondence that was sent
to him. Bowden would then have no choice, he said, because by informing
anyone of this, and asking them to change their key, he would break the
"tipping off" clause of the bill and in turn and face five years imprisonment.
"I can't complain to the newspaper, otherwise
it's five years in jail. All I can do is go to a
secret tribunal," Bowden said. He's not joking:
The tribunal is five judges, only two have to
participate, and only one has to lay the
groundwork, he added.
Bowden feels that the entire bill needs to be
re-examined by the U.K.'s Department of
Trade and Industry. "We would like to see the
Electronic Communication Bill be about
e-commerce, which is what they said; the
law-enforcement section doesn't even belong
in it," he added.
There is also another method of hiding
messages, called steganography. It's not really
clear to commentators such as Bowden
whether or not steganography is covered by
the bill. With steganography, users can
"sprinkle an encrypted message" into a
photographic format, such as JPEG, or a
music format such as MP3, both of which are very popular online. In actuality,
the message does not necessarily need to be encrypted, just concealed within
the file, according to Bowden.
Although the bill does not mention technologies such as steganography,
Bowden speculated that the authorities could enforce regulations in those
cases by proving that there was a reason to search, such as the existence of a
steganography program on the suspect's computer.
Douglas F. Gray writes for the IDG News Service.
@HWA
48.0 Office97 Users Ripe for the Picking
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Space Rogue
A hole in the Jet 3.51 driver (ODBCJT32.DLL) leaves
users vulnerable to attack. Such an attack would leave
the system in such a state that the attacker could
execute shell commands and give full control over your
machine to the bad guy. Microsoft has verified the
problem and is working on a security bulletin, in the
mean time they recommend users upgrade to Jet 4.0.
MSNBC
http://www.msnbc.com/news/295385.asp
Hole opens Office 97 users to hijack
Vulnerability in popular Microsoft suite could allow malicious coder
to take control of computers without victim knowing
By Mark Stevenson
MSNBC
July 30 � A vulnerability in Microsoft Office 97 can
allow malicious code contained in an Excel 97
worksheet hidden in a Web page or sent in e-mail
to take control of online computers without the
victims� being aware, Microsoft confirmed
Thursday evening
THE VULNERABILITY IS CONTAINED in the Jet
3.51 driver (ODBCJT32.DLL) that was shipped with the
popular Office 97 software suite.
(Microsoft is a partner in MSNBC.)
Juan Carlos G. Cuartango, a Spanish Web developer
who has discovered other important security holes, reported
the problem to the NTBugTraq mailing list Thursday
afternoon. Later Thursday, the Microsoft Security Team
confirmed the bug in a posting to the same list.
�If you open a malicious Excel worksheet implementing
this vulnerability it will send shell commands to your operating
system (Windows NT, 95 and 98 are all affected) that can:
(infect) you (with) a virus, delete your disks, read your files,�
Cuartango said in his posting to the list. ��(T)he worksheet
will get full control over your machine.�
The Microsoft posting said the company is preparing to
release a security bulletin dealing with the vulnerability.
Shortly before 5 a.m. ET Friday, the bulletin had not
appeared on the Microsoft Office Update site or the
Microsoft security site.
�We�ve verified that this vulnerability in Jet 3.51 does
exist, and urge all customers who are using Jet 3.51 to
upgrade to Jet 4.0,� the Microsoft mail to NtBugTraq said.
�This vulnerability should be taken seriously. Office 97 users
in particular should consider immediately upgrading their
database driver to Jet 4.0, as Jet 3.51 is installed by default in
Office 97. Office 2000 users do not need to upgrade, as
Office 2000 installs Jet 4.0 by default.�
An Excel worksheet that contains code to take
advantage of the vulnerability could be hidden in a frame on a
Web page or sent in an e-mail. As long as the worksheet
contained no macros, there would be no indication to the user
who visited the Web page or opened the e-mail that any code
had been executed, Cuartango reported. If the file is sent in
e-mail, the recipient must be on-line to be affected,
Cuartango said. He recommended not opening documents
you are not expecting to receive and going off-line before
opening e-mail.
If the worksheet were instead sent as an attachment to
e-mail, the recipient could avoid ill effects by not opening the
attachment.
@HWA
49.0 China Sends Pirate to Jail
~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Code Kid
In what is believed to be the first jail sentence for
piracy in China, a man has been sentenced to four years
in jail and fined US $2,400. The name of the company or
the software was not mentioned.
Wired
http://www.wired.com/news/news/politics/story/21003.html
China Jails a Software Pirate
Reuters
2:45 p.m. 29.Jul.99.PDT
BEIJING -- China has sentenced a man to
four years in jail in what is believed to be
the country's first criminal case involving
software piracy, state media reported
Thursday.
A court in the eastern city of Hangzhou
fined and sentenced Wang Antao for
selling a slightly modified version of a
company's software without permission,
the China Daily said.
Wang would have to pay 20,000 yuan
(US$2,400) in fines and 280,000
($33,800) in compensation to the
company, which was not identified.
The newspaper said it was the first such
case in China, which has struggled to
combat rampant piracy, fearing it will
impede the growth of its nascent
software industry.
A study released this month by the US
Business Software Alliance and Software
& Information Industry Association found
that 95 percent of China's newly installed
business software in 1998 was pirated.
Software piracy cost China $1.2 billion in
1998 -- more than in any other Asian
nation, according to the report.
@HWA
50.0 MITNICK: FEDERAL GOVERNMENT MANIPULATED THE FACTS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Saturday 31st July 1999 on 7:00 pm CET
Did the US government manipulate the facts on the subject of Kevin Mitnick? He and
his attorneys say so and are asking a federal judge to unseal a court filing that they
claim proves this. Full story below.
http://www.zdnet.com/zdnn/stories/news/0,4586,2306704,00.html
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
Mitnick: 'I was never a malicious person'
By Kevin Poulsen, ZDNN
July 30, 1999 4:36 PM PT
URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2306704,00.html?chkpt=zdnnstop
Kevin Mitnick and his attorneys are asking a federal judge to unseal a court filing that they claim
proves the government was guilty of misconduct while building its case against the hacker. The
goal, says Mitnick in a rare interview, is to clear his name.
"At the beginning of this case the federal government manipulated the facts to allege losses that
were grossly inflated," Mitnick said in a telephone interview Thursday night from the Los Angeles
Metropolitan Detention Center. "Hopefully, if the court considers this motion and rules upon its
merits, it will clear me publicly of the allegations that I caused these significant losses."
The motion, filed by defense attorney Don Randolph on July 22, is the latest conflict in a case
that's remained unusually acrimonious, considering that both sides reached a plea settlement in
March. Under the terms of the agreement, Mitnick pleaded guilty to seven felonies and admitted
to penetrating computers at such companies as Motorola (NYSE:MOT), Fujitsu and Sun
Microsystems, (Nasdaq:SUNW) and downloading proprietary source code. On Aug. 9, he's
expected to be sentenced to 46 months in prison, on top of the 22 months he received for cell
phone cloning and an earlier supervised release violation.
Mitnick vexed by 'snowball effect'
The only sentencing issue left unresolved is the amount of money Mitnick will owe his victims.
Prosecutors are seeking $1.5 million in restitution -- a modest figure compared to the more than
$80 million the government quoted to an appeals court last year, when it successfully fought to
hold the hacker without bail. That figure, though no longer promulgated by
prosecutors, vexes Mitnick, who sees a "snowball effect" of bad press that
began with a 1994 front-page article in the New York Times.
"Because of this assault that was made upon me by John Markoff of the New
York Times, then the federal government grossly exaggerating the losses in
the case and the damages I caused, I have a desire to clear my name,"
Mitnick said. "The truth of the matter is that I was never a malicious person. I
admit I was mischievous, but not malicious in any sense."
Markoff reported on Mitnick for the New York Times, and went on to
co-author Tsutomu Shimomura's book, "Takedown: The Pursuit and Capture
of America's Most Wanted Computer Outlaw -- By The Man Who Did It,"
slated as an upcoming movie from Miramax. Markoff's portrayal of Mitnick,
and the profit it ultimately earned him, has been the subject of some criticism from Mitnick's
supporters, and raised eyebrows with a handful of journalists.
Markoff's most enduring Mitnick anecdote is the story that the hacker cracked NORAD in the
early 1980s, a claim that was recycled as recently as last May by another New York Times
reporter. "I never even attempted to access their computer, let alone break into it," Mitnick said.
"Nor did I do a host of allegations that he says I'm guilty of."
For his part, Markoff says of the NORAD story: "I had a source who was a friend of Kevin's who
told me that. I was not the first person to report it, nor the only person to report it."
Government collusion?
The July 22 motion filed by Mitnick's attorney accuses the government of coaching victim
companies on how to artificially inflate their losses. The filing is based on documents Randolph
subpoenaed from Sun, which show that shortly after Mitnick's February 1995 arrest, the FBI
specifically instructed Sun to calculate its losses as "the value of the source code" Mitnick
downloaded, and to keep the figure "realistic."
Following the FBI's advice, Sun estimated $80 million in losses based on the amount they paid to
license the Unix operating system. Six other companies responded, using software development
costs as the primary calculus of loss. The total bill came to $299,927,389.61, significantly more
than the $1.5 million the government says Mitnick inflicted in repair and monitoring costs, and theft
of services and the $5 million to $10 million both sides stipulated to for purposes of sentencing.
"At the beginning of this litigation, the government misrepresented to the federal judiciary, the
public and the media the losses that occurred in my case," Mitnick said.
To Randolph, it all smacks of collusion. "What comes out from the e-mails that we have, is that the
so-called loss figures solicited by the government were research and development costs at best,
fantasy at worst," he said. "I would classify it as government manipulation of the evidence."
However, prosecutor David Schindler dismissed Randolph's claims as "silly and preposterous."
"What would be inappropriate is to tell them what dollar amount to arrive at. In terms of the
methodology, in terms of what is to be included in loss amounts, that direction is something we
often provide because we're aware of what components are allowable under law, and which
components are not," he said.
Schindler said development costs are a valid indicator of victim loss, but acknowledges that
putting a dollar figure on software can be difficult.
Mitnick claims cover-up
Mitnick and his attorney both say there's more to the story, but they can't talk about it. At
Mitnick's last court appearance on July 12, the judge granted a government request that any filings
relating to victim loss be sealed from the public.
"As much as the government would like to, you can't take the recipe for ice and file it under seal
and have it become confidential," said Mitnick, who, along with his attorney, is challenging the
confidentiality of the loss information, and asking for the motion to be unsealed.
Mitnick claims he smells a cover-up. "The government should not be permitted to bury the truth of
the case from the public and the media by seeking and obtaining a protective order to essentially
force me to enter a code of silence," he said.
"Our only concern, as it has been from day one, is the protection of the victims of Mitnick's
crimes," prosecutor Schindler said. "Why Mitnick and his lawyers want to continue to harass,
embarrass and abuse them remains a mystery to us, but it's something that we will continue to
oppose vigorously."
Although the software costs are no longer being used against his client, Randolph claimed that by
"manipulating the loss figures," the government raises the issue of whether even the more modest
$1.5 million calculation is accurate. In the sealed motion, he's seeking an evidentiary hearing to
explore the matter, and asking that Mitnick be released on a signature bond pending that hearing.
And if Mitnick winds up owing money anyway? "We're asking for sanctions that the government
pay the restitution," Mitnick said, "and that the judge recommend that I be immediately designated
to a halfway house for the government's misconduct in this case."
Excerpt of the Sun documents are available on the Free Kevin Web site, maintained by members
of a tireless grass-roots movement that's protested the hacker's imprisonment for years. "I'd like to
sincerely thank all my friends and supporters for all the support they've given me over this long
period of time," Mitnick said. "I'd like to thank them from my heart."
Kevin Poulsen writes a weekly column for ZDTV's CyberCrime.
@HWA
51.0 ISPS ACCUSE CHINA OF INFOWAR
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Saturday 31st July 1999 on 1:30 am CET
Two Canadian ISPs claim they've traced DoS attacks on their network back to
Chinese government offices in Beijing and now accuse "Chinese government crackers
with a political agenda" as Wired puts it. The attacks are thought to be motivated
because of the ISPs hosting sites of the, last week in China outlawed, Falun Gong
religious group. Full story below.
http://www.wired.com/news/news/politics/story/21030.html
ISPs Accuse China of Infowar
by Oscar S. Cisneros
12:00 p.m. 30.Jul.99.PDT
Two Canadian ISPs said Friday that their networks were attacked this week by Chinese government crackers with a political agenda.
"The hack attempts I could trace [originated with] Chinese government offices in Beijing," said Eric Weigel, director of Bestnet Internet, a Hamilton,
Ontario-based ISP.
Weigel said he suspected that the "denial of service" attack, which ended at 4 a.m. EST Friday, was motivated by his organization's hosting a Web
site for a religious group outlawed in China.
"I know the Chinese government doesn't like the Falundafa Gong religion. They've arrested some people, but I don't know if anybody's been shot."
The Chinese government last week banned the "wheel of law," or Falun Gong, sect, stating that the group corrupted people's minds, disrupted
social order, and sabotaged stability. The nation's state-run television network launched a negative media blitz against Falun Gong.
The group, which claims more than 2 million members, advocates meditation and exercise. In April, in a protest at Beijing's Zhongnanhai leadership
compound, more than 10,000 Falun Gong members demanded protection for their religion. The government responded by destroying more than a
million of the sect's books, tapes, and CDs.
If Weigel's hunch is correct, that fury has now extended into the world of the Internet.
"The Chinese government didn't even phone me up and say, 'Please remove this site,'" Weigel said. "That's pretty rude."
Weigel said he traced the hack attacks back to the Beijing Application Institute for Information Technology and the Information Center of Xin An
Beijing.
The attackers used two common techniques to take on Bestnet and Nebula Internet Services, a smaller ISP in the nearby town of Burlington: They
attempted to penetrate the ISPs' systems and also to flood their servers with incomplete requests for data -- a technique that overwhelms a Web
server such that it is unable to serve up a Web site (in this case, Falun Gong's).
Neither effort was successful at Bestnet, Weigel said. But the denial of service attack did thwart Nebula Internet Services, which hosted Falun
Gong's site until last week.
"They didn't have enough bandwidth to handle them, plus they're using a Windows machine," said Weigel. "I couldn't even copy the site using FTP
-- they had to physically bring the files on a hard drive."
Nebula's owner, Greg Alexander, said that the attacks started a month ago and coincided with media reports of a government crackdown on the
sect.
"The Chinese government has called the Falun Gong an enemy of the state and so we assumed that it's the Chinese government," he said. "They
actually swamped our lines for two days -- we were maxed right out."
Alexander also said a US Department of Transportation official contacted him to ask about an attack on a server at the Federal Aviation
Administration. The unnamed official told him that the "probe" of the FAA's server originated from one of Nebula's machines. Alexander added that
the specific IP address was at the time assigned to Falun Gong.
"We didn't have control of our own IP address," he said.
The Department of Transportation could not be reached for comment late Friday afternoon. Alexander speculated that if someone made the attack
look as if it originated from Falun Gong's IP address, they did so to make "the US government think that these people are bad people."
Reuters contributed to this report.
@HWA
52.0 PETERSEN INTERVIEW: TRADING CYBERCRIME FOR CYBERPORN
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Saturday 31st July 1999 on 0:30 am CET
Recently released hacker and FBI informant Justin Petersen, in an "exclusive
interview" with CNN and Time, is claiming to leave behind a life of cybercrime to go
into the cyberporn business. CNN will air the interview on Sunday and Monday at 8
pm ET and 10 pm PT. ZDNet.
http://www.zdnet.com/zdnn/stories/news/0,4586,2306588,00.html
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
Hacker turning to a life of porn
By Joel Deane, ZDNN
July 30, 1999 3:02 PM PT
URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2306588,00.html?chkpt=zdnnstop
Former hacker and FBI informant Justin Petersen is back in the news -- claiming that he is leaving
behind a life of cybercrime to join the cyberporn business.
CNN and Time is promoting an "exclusive interview" with Petersen, who gained notoriety for
informing on hackers Kevin Mitnick and Kevin Poulsen, and was recently released from prison
after spending time in custody for parole violations.
According to a CNN press release, Petersen talks at length about his life as a "high-tech thief" and
Internet pioneer, saying he was "trolling around on the information superhighway when it was just a
dirt road." Petersen has multiple convictions for computer crimes, including an attempted
electronic bank heist.
But Petersen tells CNN he now plans to begin a new life online, free of crime, with an adult Web
site. The interview airs on CNN Sunday and Monday at 8 p.m. ET and 10 p.m. PT.
@HWA
53.0 GHOSTS IN THE MACHINE
~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Friday 30th July 1999 on 5:30 pm CET
Fact: PCs come with dangerous security holes. One of the major problems still is the
scripting ability of machines, the ability to run applets and all of this in combination
with the Web represent some serious security and privacy issues of which the
regulare home user is not always aware of. And it doesn't stop there. This article
discusses this with some examples and quotes from major manufacturers. Read it
below.
http://www.wired.com/news/news/technology/story/20995.html
Ghosts in the Machine
by Chris Oakes
3:00 a.m. 30.Jul.99.PDT
When Richard Smith bought a new Compaq Presario last Friday, he suspected there might be a few holes in the security of the computer's Internet
software.
Sure enough. Within ten minutes of booting up the PC, Smith had flushed out the software equivalent of an assassin for hire.
"I think this is one of the worst problems I've ever seen," said Smith, who has made a side-career during the last year of sniffing out major software
holes.
Compaq had granted its Internet software potent capabilities. A clever Web page or email message could put out an electronic hit on an unwitting
Presario owner using a software demon that comes in the guise of an applet.
The applet, called "SpawnApp," was installed by Compaq on its Presario line of PCs as part of its customer service applications.
While Compaq intended to streamline customer support over the Net using handy Web tools -- Internet Explorer 4 and Java applications -- the
company unwittingly put its customers at risk.
"All you need is a little bit of JavaScript to misuse the control. They've left it wide open, so you can run anything. You can give a delete command
that deletes everything in the [Windows] My Documents directory."
"Anybody can use it because [Compaq's] told the world it's a safe thing."
SpawnApp is a bridge, launching any DOS or Windows application. With simple coding, a rogue programmer could access the Java applet from the
Net to launch any application on the computer. Programmers could use the applet to mess up some data -- perhaps nab some files and email
messages, or change the PC's security settings for further breaches.
The problem is apparently the tip of an iceberg that may plague more PCs than even manufacturers know. These ghosts in the software machine
only get noticed when people like Smith do some digging. Companies often don't respond in force to alarms until the media spreads the word.
Smith said he wasn't the first to arrive on the scene of the dangerous applet. Another programmer, Frank Farance, originally discovered the applet
in November 1998, and yet the problem remained.
Smith turned up a similar vulnerability on Hewlett-Packard's Pavilion line of PCs only a week earlier. HP moved quickly and provided a fix; Compaq is
considering doing the same.
With or without fixes, Smith sees the trend as a dangerous one.
"If you take HP and Compaq together, they're in the top three or four manufacturers in the United States. They've both been shipping machines for
a year which have pretty big openings ... So you've got some pretty big players messing up here."
Compaq "signed" its applet, which is a standard security function meant to indicate the program's tasks were designed by the company and
therefore safe to execute. But because further steps weren't taken, anyone could misuse the potentially dangerous set of functions, Smith said.
Compaq confirmed that under some scenarios, the user may not see any warning if their browser or email program were to encounter malicious code
that invokes the applet.
"Compaq is looking at the possibility of updating [the system software] so that something like this could not occur," said Jim Ganthier, director of
engineering for Presarios.
He called the actual exploitation of the security hole highly unlikely, however.
Smith said a simple solution to the problem is to delete the .REG (registry) file that makes Compaq a trusted publisher. That file can be found by the
name CERTREG.REG, he said.
Smith contends the security hole is the latest -- and most serious -- in a growing legacy of dangerous knotholes in standard-issue PC software.
Other holes have largely centered on potential access to personal data, such as Microsoft's extraction of hardware-tracking ID numbers during the
Windows registration process.
Smith and others have also turned up a myriad JavaScript and ActiveX vulnerabilities that can crack a PC's file directories by way of Netscape
Navigator or Internet Explorer.
Smith considers the latest example severe because of the ability to launch any application on the PC -- without the user ever noticing.
So with all these dangers -- caught only when a programmer like Smith pays close attention -- what are the prospects for security in a networked,
e-commerce age?
The current chain of events -- discovery, disclosure, and company reaction -- is the best, according to free marketeer Justin Matlick, author of
Governing Internet Privacy: A Free Market Primer.
"The best solution is going to let privacy-conscious consumers and organizations ferret these problems out and force the companies or industries to
respond," Matlick said. "I think that the free market is much more responsive to these concerns than regulation could ever hope to be."
If that means consumers can expect only a certain level of security on the computers they buy, so be it.
"It's more important to me to use the product than it is to protect my privacy -- up to a certain level," Matlick said.
Brooke Partridge, electronic support programs manager for Hewlett-Packard, agrees.
"We're not going to sell a lot of computers if people are worried about whether or not our systems allow access to their information. Really there is
an inherent economic incentive."
Trust the market to find and fix holes in time? Nay, industry regulation is the only fix, if you ask electronic privacy advocate Jason Catlett.
"That's completely wrong. There are far too few people paying attention to this to bring even a hundredth of the incidents to the attention of the
media -- or even the companies themselves."
The public has a right to a baseline standard of behavior that's determined by the best principles, Catlett argues.
"All that's needed is a simple private right of action for individuals." For example, a PC customer should have the right to go after a company for
US$500 if his data is exposed by negligence, he said.
"That simple economic incentive would make a lot of companies clean up their act. That's exactly one of the risks that they should have as a
routine part of their engineering."
Nancy Wong of the Critical Infrastructure Assurance Office said information technology moves too fast for regulations.
"There are so many different ways of opening up systems and inserting vulnerabilities unknowingly that it's very difficult to say that government
regulation is going to be able to address that.
"One of the reasons why I believe it's [a reactive situation] right now is because people really aren't thinking about security on an ongoing basis, or
making systems secure at the same time they install systems."
Meanwhile, Peter Neumann, a scientist with SRI International and a consultant to the President's Commission on Critical Infrastructure Protection,
said Smith's findings are not news -- and only a fraction of the story.
"Computer security is an oxymoron -- it doesn't exist. It's a joke. There's no way of fixing it short of producing new operating systems."
Neumann predicts that e-commerce will fall on its face when massive dollar transactions begin to depend on the security of today's inadequate
networked PCs. For true network security, airtight components like encryption must be built into any Internet computer, Neumann said.
"When millions or trillions of dollars [are] going down the tube, people will start paying attention."
But according to Compaq's Ganthier, all this worrying is overblown. Vulnerabilities are one thing; actual exploitation is another.
"There's a whole bunch of if-then-else statements in there. To me it's like the Intel processor's serial numbers -- nobody's actually been able to
demonstrate [an exploit]."
Software sleuth Smith said Ganthier's argument is true enough, but only for the time being.
"I've been looking at virus stuff for a while, but it's only been since the beginning of 1999 that virus writers have been exploiting email. Yet the
capabilities have been there for three or four years."
Everyday sabotage exploits may be just down the road in a cyber-crime future.
"We just can't say," Smith said. "But we just need to close them up. There are a lot of vulnerabilities out there -- we just can't say which one is
the one that will be used."
@HWA
54.0 DATABASE PROTECTIONS OK-D
~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Friday 30th July 1999 on 3:00 am CET
A bill which is supposed to give providers of database information a weapon against
electronic pirates and hackers got approved by a House panel yesterday. The bill
gives the FTC the authority to prevent people from obtaining and distributing
databases without permission and gives disseminators of real-time stock market
information the right to sue hackers and pirates for that same offense. Full story below.
http://www.news.com/News/Item/0,4,39929,00.html?st.ne.fd.tohhed.ni
Commerce subcommittee OKs database protections
By Bloomberg News
Special to CNET News.com
July 29, 1999, 3:15 p.m. PT
WASHINGTON--A House panel approved a bipartisan bill to give providers of database information such as mortgage
rates or stock quotes a weapon against electronic pirates and hackers.
The measure, passed on voice vote by the Telecommunications, Trade, and Consumer Protections Subcommittee, gives the
Federal Trade Commission authority to prevent people from obtaining and distributing databases without permission.
A section of the bill, approved last week by the same committee, gives stock exchanges and other disseminators of real-time
stock market information the right to sue hackers and pirates.
"This bill would, for the first time ever, create a federal stop sign to database privacy," said Rep. Tom Bliley (R-Virginia), who
sponsored the bill. "But just as important, the bill will continue to protect consumers' access to information."
A coalition of database owners, including financial data compilers, Internet companies, universities, and libraries, has lobbied in
favor of the Bliley bill. Bloomberg, the parent company of Bloomberg News, has testified in favor of the bill.
"[The bill] represents another arrow...you can seek if your information has been illegally pirated," said Skip Lockwood, coordinator
of the Digital Futures Coalition, a lobbying firm that represents the shared interests of the educational and research communities
and the computer industry.
Support for an alternative bill
The New York Stock Exchange, the National Association of Realtors, and other owners of large databases have championed
another bill with broader information protections.
That bill, sponsored by Rep. Howard Coble (R-North Carolina), has passed the full Judiciary Committee and is awaiting
consideration by the full House. The Coble bill affords a wider range of legal protection to database compilers than the Bliley bill,
said Edward Miller, policy analyst for the National Association of Realtors.
Coble's bill allows database creators to go after pirates through the courts, while the Bliley bill puts the FTC in charge of policing
piracy on most databases. The FTC bureaucracy could bog down attempts by real estate agencies to go after hackers who steal
their listings, Miller said.
In addition, the Bliley bill's definition of "database" could allow pirates to take substantial portions of information with no
consequences, he said.
"To us, [the Bliley Bill] looks like they have provided a textbook on how to pirate data and do it legally," Miller said. "It's just the
wrong approach."
Internet companies such as Yahoo and Lycos and financial data companies such as Bloomberg oppose Coble's bill because they
say it gives too much protection to companies that compile information, such as the NYSE. They also think it will concentrate
ownership of facts in the hands of a few, Lockwood said.
"With Coble's bill, there's nothing through the Internet pipelines. There's nothing to pass around," Lockwood said. "You are going
to allow a few large owners of mass amounts of information to lock out everybody else."
Digital signatures
The telecommunications subcommittee also unanimously approved legislation today to give electronic signatures the same legal
validity as those penned in ink. The bill would allow e-commerce and trades to take place online without requiring handwritten
signatures for documentation.
The electronic signatures bill doesn't set a standard for what types of technology would be acceptable as "signatures." While
electronic pens, fingerprint scanners, and iris scanners are all currently available, legislators said they didn't want to stifle the
technology by setting a standard before the electronic signatures industry had fully developed.
Last week, the subcommittee added an amendment to the electronic signatures bill allowing the Securities and Exchange
Commission to still require some records filed with the agency to be signed by hand.
If the Commerce Committee approves the subcommittee's two bills, they will be submitted to the full House.
Copyright 1999, Bloomberg L.P. All Rights Reserved.
@HWA
55.0 YET ANOTHER SITE SPITTING OUT PERSONAL INFO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Friday 30th July 1999 on 2:20 am CET
An adult Web site is, due to a malconfiguration, spitting out the names, addresses,
emails and credit card numbers of nearly 1000 of its members to anyone with a Web
browser. This story also once again proves some people's unwillingness to put some
effort in security, "I had informed them about this security issue ... but for some
reason they needed to have ... [the site set up that way]." Story below.
http://www.wired.com/news/news/culture/story/21001.html
Italian Smut Site Left Unzipped
by James Glave
2:45 p.m. 29.Jul.99.PDT
An adult Web site run by the man who launched the career of Italian porn queen Cicciolina is showing more than just cheek.
It's also revealing the names, addresses, emails, and credit card numbers of nearly 1,000 of its members.
The site, Diva Futura, is configured in such a manner that several databases containing confidential user information can be easily accessed by
anyone with a Web browser.
Diva Futura is owned by Italian porn king Riccardo Schicci, who last November was jailed in Italy on charges of running a prostitution racket. He is
widely credited as the man who brought the porn movie industry to Italy.
"As soon as I figured out that was [Schicci's] site, I smelled something bad and figured out that I wanted to get away," said a former Diva Futura
member, now a student of European Studies at a Washington DC university.
"I was so stupid and I was right," said the man, who spoke on condition of anonymity. "I did this thing two years ago when this kind of stuff was
starting, and now I don't leave my credit card in any adult sites."
Schicci was released from prison soon after he was incarcerated. Efforts to reach Diva Futura's current site administrators were unsuccessful and
the page remained vulnerable as of Friday morning.
Until recently, Web Creations, a New Jersey Web development firm, hosted the site.
But the man listed as the site administrator in the Internet Network Information Center database said that the site's current owner had not paid the
firm's past-due bill. Anil Gurnani said that the site's owners have moved the operation elsewhere.
Gurnani told Wired News in an email, "This site is maintained by the client."
He said that the site's technicians knew of the security issue and insisted on leaving the site configured that way. "I had informed them about this
security issue ... but for some reason they needed to have ... [the site set up that way]."
"This utter and complete lack of respect for private financial data is beyond reprehensible," said the Australian Web site developer who discovered
the problem. "It is wildly reckless, and I find it inexcusable," he said in an email directed to the site's administrators.
Responding to an email query, one member of the site said that e-commerce is still not widespread in Italy. The member, who lives in Pavia, Italy,
said in broken English that he hoped the site would be fixed soon, but took the whole matter in stride.
"What can I say?" he wrote. "Me and my friends a night still surfing on the Net, and we seek that URL ... you know who the Italians are ... geek ...
really attracted about sex and so on, so I put my [card] number [on] the Net."
An examination of the site's data reveals that between December 1997 and June 1998, the site handled approximately US$22,000 worth of
membership transactions.
As a member of the European Union, Italy is a signatory to the Data Protection Directive, a series of rules that protect the personal data of
European consumers.
Article 17 of the directive compels companies to secure the personal data of their customers, though specific enforcement measures are left to the
discretion of each member nation.
Diva Futura hosts images from Italian adult magazines Diva Futura, Bamby, Fans Club, and Le Aventure di Eva Henger. It also features streaming
video, chat, and many images of Ilona Staller, more commonly known as Cicciolina.
Agence France Presse last fall reported that in 1989 Riccardo Schicci spent time in prison for shooting a hard-core porno film on a public beach.
Editor's Note: This story has been corrected. The original article incorrectly stated that Riccardo Schicci was once married to Cicciolina. Wired
News regrets the error.
@HWA
56.0 CALIFORNIA ADOPTS DIGITAL SIGNATURE LAW
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Friday 30th July 1999 on 1:30 am CET
Gov. Gray Davis yesterday signed a bill into a California law which allows contracts
with electronic signatures to count as legal documents. The new law applies to firms
doing business in California and their customers in all 50 states, according to a
statement released by one of the bill's sponsors ETrade Group Inc. Read more.
http://www.computerworld.com/home/news.nsf/all/9907294dig
Calif. adopts digital-signature law
By Kathleen Ohlson
California brokerage firms may enter into contracts with
their customers through digital signatures, rather than
filling out a pile of paperwork.
Gov. Gray Davis yesterday signed into California law a
bill that allows contracts with electronic signatures to
count as legal documents, according to a statement
from ETrade Group Inc., one of the sponsors of the bill.
The new law applies to firms that conduct business in
California and their customers in all 50 states, ETrade
said.
The Menlo Park, Calif.-based brokerage plans to use
digital signatures to open and transfer customer account
information, as well as add new privileges, such as
margin agreements, ETrade said. The company doesn't
know which digital signature technology it will use, but
expects to use digital signatures "sometime in 1999,"
said Tim Alban, a spokesman for ETrade.
Gomez Advisors' John Robb said while brokerages may
sign up customers faster, they will have to overcome a
few obstacles. There isn't any good digital signature
technology available now for such applications, and
digital signatures are currently not widely adopted, Robb
said. Adopting digital signatures is a "state-by-state
battle," since brokerages need to register in each state
individually. However, this law is a "good first step," he
added.
Online brokerages will benefit if they can automate more
account processing and keep costs down, Robb said.
@HWA
57.0 NEW AMMO AGAINST VIRUSES
~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Friday 30th July 1999 on 1:00 am CET
When Melissa hit, a lot of companies just pulled the plug on their (e-mail) servers,
losing a lot of money because of this. This is definately not the way to go in the future
according to the security branch which is shown in the latest network security
products. A more proactive way of working is needed and that's just what these new
products claim to bring you. ZDNet.
http://www.techweb.com/wire/story/TWB19990729S0019
More Ammunition Used In Fight Against Viruses
By David Drucker, InternetWeek
Jul 29, 1999 (2:40 PM)
URL: http://www.techweb.com/wire/story/TWB19990729S0019
In hindsight, IT managers weathered the Melissa virus pretty well. Even so, theirdefensive tactics were less than optimal.
"A lot of people just disconnected [their e-mail servers], and that can't happen in the future," said Hurwitz Group analyst Diana Kelley. "The pulling-the-plug option is
going to mean a huge loss of business, so being more proactive is going to be the way to go."
The latest network security products are designed just for that purpose.
Trend Micro is readying version 3.0 of ScanMail for Exchange, which includes tools to block unwanted file traffic until vendor patches are delivered.
When a virus outbreak begins, antivirus vendors usually design patches specifically for the new virus and distribute them to customers within a few hours. But the
delay can be long enough to significantly stall operations.
"What we've learned from Melissa is that companies can't wait until we come up with a pattern file," said Dan Schrader, Trend Micro's vice president for new
technology.
ScanMail for Exchange 3.0 includes the eManager plug-in, a set of content-filtering controls that let users block files based on details such as file type, file name, or
specific wording within messages.
David Shaffer, IT manager at Power Construction, began using ScanMail a year ago when his company implemented Microsoft Exchange for its mail system. He
said he believes the new features in version 3.0 will help him act faster the next time a major virus hits.
"This gives us a way to respond in those critical three or four hours before a patch can be released, without shutting down internal or external mail," Shaffer said.
Network Associates is also juicing up its virus-protection software. The updated version of GroupShield for Exchange can detect previously unknown viruses
without raising excessive false alarms, the company said. The software uses so-called double heuristic technology, which detects new viruses by monitoring virus-like
behavior. It is available now.
According to a study on virus prevalence recently released by ICSA.net (formerly known as the International Computer Security Association), the rate of virus
infections is doubling every year. The study found that a 1,000-person company experiences about 80 virus incidents per month.
"espite good antivirus products, it's clear that the risk is growing," said ICSA.net chairman Peter Tippett.
The speed with which viruses are spreading is the biggest danger, Tippett said.
"It used to take a year or two for a virus to become predominant," he said. "Now it takes a day or two for Net-enabled viruses to spread. Users now have very little
time to prepare."
Trend Micro's ScanMail for Exchange 3.0 is scheduled to ship Aug. 15. The software is priced at $5,000, without the eManager plug-in, for up to 250 users; the
plug-in is an additional $1,250 and can be purchased for previous versions.
Network Associates' GroupShield for Exchange is available as a one-year subscription for 250 to 500 users, at a price of $29 per node, or $19 per node for 5,000
or more users.
@HWA
58.0 DOE SECRETARY ORDERS SECURITY BREAK
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Thursday 29th July 1999 on 11:00 pm CET
Energy Secretary Bill Richardson will today announce a department-wide work
stoppage. This in order to focus more on and increase employee awareness about
security issues. This is the third security stand-down this year since the China-affair
(China allegedly stole US secrets on nuclear warheads and neutron bombs). Yahoo
Dailynews.
http://dailynews.yahoo.com/headlines/ts/story.html?s=v/nm/19990729/ts/nuclear_spying_2.html
Thursday July 29 12:03 AM ET
Energy Secretary Orders Security Training
By Tabassum Zakaria
WASHINGTON (Reuters) - Energy Secretary Bill Richardson will announce Thursday a department-wide work stoppage to focus on security issues in August as
another step to increase employee awareness since the China spying scandal hit the nuclear labs.
The nuclear weapons research laboratories have been the focus of security concerns after a congressional report said China stole U.S. secrets on seven nuclear
warheads and the neutron bomb. China has repeatedly denied those allegations.
The labs have already had two security stand-downs this year in which work stopped so employees could focus on security issues, and will be exempt from the
August action.
Every employee must realize ``that every job carries with it a security obligation,'' Richardson said.
``I'm ordering this action to ensure that (the Energy Department) is doing everything possible to protect America's secrets and sensitive technologies,'' he said.
Richardson has taken other steps such as creating a ''security czar'' position within the department and hiring a retired four-star general to fill it.
The Energy Department has been criticized as having an unwieldy bureaucracy that did not pay enough attention to security concerns raised in past years.
And some members of Congress want broader change and have proposed restructuring the Energy Department so the nuclear weapons programs are separated into
a semi-autonomous agency within the department. Others have called for totally removing the nuclear programs from the department which considers the labs its
``crown jewels.''
Energy Department sites with classified national security activities, excluding the labs, will stop routine work activities on Aug. 3 to participate in a daylong security
training.
Those sites include the Nevada Test Site, the Y-12 Plant in Oak Ridge, Tennessee, the Kansas City Plant, and the Pantex operation in Amarillo, Texas.
By the end of August all other Energy Department facilities, including those that conduct unclassified work, will participate in a similar stand-down.
Topics for non-classified areas will include computer network security, responsibilities for hosts of foreign visits, export control regulations, computer hackers and
disgruntled employees.
@HWA
59.0 EU MEMBERS NOT FOLLOWING DATA-PROTECTION RULES
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Thursday 29th July 1999 on 10:30 pm CET
The European Commission is proceeding with infringement proceedings against nine
member states because of their failure to comply with the data-protection directive
that took effect last October. The member states have received a two month delay to
comply with the directive before an official complaint will be made to the
Luxembourg-based Court of Justice. Full story.
http://www.computerworld.com/home/news.nsf/all/9907294eudata
(Online News, 07/29/99 11:43 AM)
Most EU states not following
data-protection rules
By Elizabeth de Bony
BRUSSELS -- The European Commission is
proceeding with infringement proceedings against nine
member states of the European Union for failing to
comply with the data-protection directive that took effect
last October, the Commission announced today.
The Commission has given France, Luxembourg, the
Netherlands, Germany, the U.K., Ireland, Denmark,
Spain and Austria two months to comply with the
directive. Failure to meet this deadline will prompt the
Commission to proceed with the final stage of EU
infringement proceedings involving a complaint to the
Luxembourg-based Court of Justice.
Condemnation by the Court of Justice can lead to the
imposition of fines.
The data-protection directive took effect on Oct. 25,
1998, and establishes a common regulatory framework
for data transmission that aims to ensure both a high
level of privacy for the individual and the free movement
of personal data within the EU. Provisions also limit the
transfer of personal data to countries outside the EU that
respect similar standards of data protection.
These provisions have led to more than two years of
negotiations between the EU and the U.S. over whether
the U.S. data-protection standards -- which depend
largely on voluntary self-regulation -- meet the directive's
standards. These discussions are continuing, but the
fact that nine of the 15 member states have not even
complied with the directive has taken much of the
urgency out of these trans-Atlantic talks.
To date only Greece, Portugal, Sweden, Italy, Belgium
and Finland have fully implemented the directive.
@HWA
60.0 EXPERTS WARN ABOUT NEW Y2K-THREAT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Thursday 29th July 1999 on 10:10 pm CET
Two of the government's top computer security experts said today at a hearing on
Y2K and cyberterrorism before a US Senate Committee that some programmers
hired to fix Year 2000 problems may be quietly installing malicious software codes to
sabotage companies or gain access to sensitive information after the new year. More.
http://dailynews.yahoo.com/headlines/ap/technology/story.html?s=v/ap/19990729/tc/y2k_threats_3.html
Thursday July 29 12:22 PM ET
Experts Warn of New Y2K Threat
By TED BRIDIS Associated Press Writer
WASHINGTON (AP) - Two of the government's top computer security experts said today that some programmers
hired to fix Year 2000 problems may be quietly installing malicious software codes to sabotage companies or gain access to sensitive
information after the new year.
The alarms were sounded at a hearing on the ``Y2K glitch'' and cyberterrorism before the Senate Committee on the Year 2000 Technology Problem.
``Many of these (rogue programmers) have no security clearance, do not work for the government, and yet they have access to critical systems that if sabotaged
could wreak havoc to our financial institutions and our economy,'' said Sen. Christopher Dodd, D-Conn., the committee's vice chairman.
A recent analysis by the Gartner Group predicted electronic thefts worth at least $1 billion, noting that the computer networks of financial institutions, corporations
and governments handle transactions worth $11 trillion annually.
Michael Vatis, director of the FBI's National Infrastructure Protection Center, said experts hired by U.S. companies to fix their computers could secretly program
``trap doors'' - ways to let them gain access later - or add malicious codes, such as a logic bomb or time-delayed virus that could disrupt systems.
``While systems have been and will continue to be extensively tested, the probability of finding malicious code is extremely small,'' agreed Richard Schaeffer, director
of the Defense Department's Infrastructure and Information Assurance program.
Neither expert suggested the possible scope of the problem.
Schaeffer said problems are complicated by the New Year's rollover, when some computers programmed to recognize only the last two digits of a year may mistake
2000 for a full century earlier.
``It may be difficult to distinguish between a true Y2K event and some other anomaly caused by a perpetrator with malicious intent,'' Schaeffer said.
Both experts said the risks were exacerbated by the amount of software repaired by companies overseas. Vatis called the situation ``a unique opportunity for foreign
countries and companies to access, steal from or disrupt sensitive national and proprietary information systems.''
Vatis recommended that companies thoroughly check the backgrounds of companies they hire for software repairs. He also said they should test for the existence of
trap doors after the repairs, possibly even hiring teams to try to electronically crack into their own networks.
The latest warnings come on the heels of new disclosures about White House plans to create a government-wide security network to protect the nation's most
important computer systems from hackers, thieves, terrorists and hostile countries.
The 148-page proposal from the Clinton administration describes building an elaborate network of electronic obstacles, monitors and analyzers to prevent and watch
for potentially suspicious activity on federal computer systems.
Sen. Robert Bennett, R-Utah, said today that the scope of the Y2K problem shows that a successful attack on a computer system - such as the network that
controls the traffic lights or subway in New York - ``could have as much impact on the economy as if somebody actually dropped a bomb.''
Civil liberties groups complain that the security tools also would make possible unprecedented electronic monitoring, especially because of the increasingly
widespread use of computers by the government in almost every aspect of its citizens' daily lives.
The White House defended the proposal.
``We are very concerned about protecting privacy rights,'' said Clinton's national security adviser, Sandy Berger. ``But there is also a privacy right in not having
hostile entities attack systems. We're not only talking about 17-year-old kids in their basement. We're talking about governments that we know are developing
systems to get access to our computer systems.''
The first 500 intrusion monitors would be installed on nonmilitary government computers next year, according to a draft copy of the proposal obtained by The
Associated Press. The full system would be completed by May 2003.
The plan also suggests ways to convince private companies to monitor their corporate computer networks and share information about threats. But it said explicitly
that the government will not force companies to permit federal monitoring of their systems.
@HWA
61.0 WILL YOUR CABLE MODEM CENSOR THE WEB?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Thursday 29th July 1999 on 4:30 pm CET
According to marketing materials from Cisco Systems cable companies can make
use of certain features in Cisco products to behind the scenes slow down and limit
access to selected Web sites. A Cisco spokesperson said the technology is
available to phone companies, satellite firms and major Internet service providers to
protect customers. Protect them from what? Offensive content or the competition of
the provider? Read the whole article.
http://www.pcworld.com/pcwtoday/article/0,1510,12034,00.html
From PC World Online
Will Your Cable Modem Censor the Web?
Consumer groups balk at Cisco back-end equipment that can limit access to selected sites.
by Reuters
July 29, 1999, 4:34 a.m. PT
A leading supplier of Internet gear for the cable industry is touting products to allow cable companies to block or restrict consumers from reaching any Web site they
choose, drawing sharp criticism from public advocacy groups.
The revelations comes at a critical juncture for the industry, which is spending billions of dollars to roll out high-speed Internet service over cable lines while fighting national
and local efforts to regulate their fledgling new product.
The industry has so far blunted the calls for regulation in all but two cities across the country, in part by committing to allow their customers to reach easily any Web site
anywhere on the Internet, whether owned by a cable company or not.
Putting the Brakes on Rival Sites
But according to marketing materials from Cisco Systems, the top maker of computer networking equipment, cable companies will be able to work behind the scenes with
sophisticated software included in Cisco products to slow down and limit access to selected Web sites.
Without fully cutting off access to unaffiliated sites, the technology allows a cable company to make such destinations appear much more slowly on customers' computers
than preferred sites, Cisco claimed in brochures distributed at a recent cable convention in Chicago.
Consumer Groups Call for Regulation
"This is the owner's manual that they're providing to the cable industry to monopolize the Internet," said Jeff Chester, executive director of the Center for Media Education.
The non-profit Washington group, along with Consumers Union, the Consumer Federation of America and the Media Access Project, sent a letter Thursday to the Federal
Communications Commission calling for regulation of cable Internet services.
The FCC has so far decided to monitor closely the cable Internet market of less than one million subscribers, compared with almost 40 million going online over ordinary
phone lines.
The latest controversy appeared unlikely to change many minds at the agency.
"We share the same goals as the consumer groups and we believe that there should be an open system as well," said Debra Lathen, head of the agency's cable bureau.
"Where we diverge is how you get there. We believe the market is going to mandate--to require--an open system."
"We will be very watchful; that is our obligation," Lathen added.
Thanks, But No Thanks
AT&T, whose ExciteAtHome Internet provider has used some Cisco products, pledged not to use the features to discriminate against other Web sites.
"We are not in the content-management business; we're in the network management business," said spokesman Mark Siegel.
Asked if AT&T would utilize the Cisco products to limit access to any Web sites, Siegel replied: "No, we don't do that."
Cisco On the Defensive
A Cisco spokesperson said the same technology was made available to all players, including phone companies, satellite firms and major Internet service providers.
"This is consistent with Cisco's open standards philosophy and commitment to competition in the marketplace," spokesman Tom Galvin said. "This technology was
designed with customers in mind who clearly want tools to protect against offensive content such as hate or obscene material."
Cisco's marketing materials cited clearly commercial uses of the software, giving as an example a "push" Web site, which automatically downloads fresh news or other
information to a customer's computer at set intervals.
"You could restrict the incoming push broadcasts as well as subscribers' outgoing access to the push information site to discourage its use," Cisco's brochure said. "At
the same time, you could promote and offer your own partner's services with full-speed features to encourage adoption of your services while increasing network efficiency."
Copyright � 1998 Reuters Limited
@HWA
62.0 UNMASKING ANONYMOUS POSTERS
~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Thursday 29th July 1999 on 1:30 pm CET
A new legal trend can be seen nowadays now attorneys more and more often use
subpoenas to unmask the identities of anonymous posters to online discussion
forums. Anyone can use that method in hopes of finding out the identity of an
"anonymous" poster, it's a lot harder to defend yourself against it and then there are
the other implications. Are certain groups trying to "chill" free speech? Read more
about it here.
http://www.wired.com/news/news/politics/story/20983.html
Unmasking Anonymous Posters
Oscar S. Cisneros
3:00 a.m. 29.Jul.99.PDT
A new legal trend has privacy advocates up in arms: Attorneys are using subpoenas to unmask the identities of anonymous posters to online
discussion forums. And the people whose identities are at stake rarely have the chance to fight back.
Anonymous posters can seek to quash the subpoena and preserve their anonymity, said David Sobel, general counsel for the Electronic Privacy
Information Center. But first, they have to have notice that the subpoena has been served.
See also: Not-So-Privileged Info
Without notice, "there's no one in the picture that's ready to challenge the subpoena and bring it before a judge," he said.
Since subpoenas in civil lawsuits typically do not require a judge's stamp of approval, Sobel is concerned that individuals and companies are filing
bogus lawsuits just to peel back the veil on a user's alias.
"Anyone can file a lawsuit," Sobel said. "You get a lawyer. You file a lawsuit against John Doe. And suddenly you have the authority to issue a
subpoena."
Under their terms of service, many forum operators and ISPs promise not to divulge their users' personal information unless requested by a
subpoena or court proceeding, Sobel said. But not all forum operators provide notice when a subpoena has been served.
Although it's not written into their terms of service agreements, both America Online and Microsoft's MSN let users know about pending subpoenas,
Sobel said. "At least the subscriber has a fighting chance. At least they know what's going on."
Other forum operators -- notably Yahoo -- don't provide user notice. That's raised the ire of privacy advocates like Sobel and prompted users to
erect a discussion group about the topic in one of Yahoo's forums.
"When people start to get the awareness that Yahoo is doing nothing to protect their privacy, that's going to start affecting their traffic," Sobel
said.
Les French moderates a Yahoo discussion board for "Anonymous Yahoo message posters who are being sued." French started the forum after a
former employer used a subpoena to reveal the identities behind his and other users' anonymous posts.
"They went down to court, filed a lawsuit, and subpoenaed Yahoo. They didn't send any notice to their users," French said.
"In my case, Yahoo provided them information which enabled [the company] to trace me back to Compuserve. And Compuserve, without notifying
me, just turned over all the information in my account, including my credit card numbers. The only thing they didn't get was the password to my
account."
Yahoo could not be reached for comment. But an attorney for the company who brought suit against French said that the company is well within
its rights to unmask anonymous posters.
French and the other targets of the suit "essentially mixed fact with fiction" when describing the company online, said Stephan Pearson, assistant
general counsel for Itex Corporation. Portland, Oregon-based Itex manages the records of bartering transactions between companies.
"We made the decision to unmask the identities of people who we thought were making defamatory statements about Itex Corporation," Pearson
said.
French said that Itex has a different motivation: silencing criticism of the company's many business foibles. He said Itex has been beset by
difficulties, including shifts in leadership, an ongoing Securities and Exchange Commission investigation, and being de-listed from the Nasdaq stock
exchange for failing to file an annual report in 1998.
"I believe the reason Itex filed the suit was to chill speech -- free speech -- there on Yahoo's boards," French said, adding that financial discussion
boards are one way to keep companies honest, and remind the board of directors that investors are watching their every action.
Pearson disagreed.
"Our action is a defamation-of-business kind of action and defamation has never been protected speech," he said. Some defendants named in the
suit after they were unmasked were dropped from it when it was determined that their comments didn't harm the company in an illegal way, he
added.
Regardless of the outcome of French and Itex's suit, privacy experts are worried the trend will only escalate without additional protections for
consumers.
EPIC's Sobel drew into question not only Yahoo's practices, but TrustE's as well. TrustE awards seals to Web pages and companies who adhere to
their strict privacy policy standards.
How can TrustE grant Yahoo a privacy seal when the company coughs up personal information without providing notice of a subpoena to users,
Sobel asked.
"It's not part of our program to require that they do put the user on notice of a subpoena," said Paola Benassi, TrustE spokeswoman. "If it becomes
an issue, we'll definitely see what makes the most sense."
Benassi defended Yahoo's privacy policy because she said it gives users notice that their information will be given out when Yahoo is served with a
subpoena. She speculated that one cause for the lack of subpoena notice may be the volume of subpoenas, and the fact that many users are likely
to set up accounts with false information.
Privacy advocates remain concerned.
"I think the word is rapidly spreading in the legal community that this is a great way to get information," said Sobel. "I think it is only matter of time
before it becomes the norm in divorce cases -- the possibilities are endless."
@HWA
63.0 AOL Y2KFIX: A HOAX DISGUISED AS A HOAX?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Wednesday 28th July 1999 on 11:50 pm CET
A hoax disguised as a hoax warning is making its rounds around AOL users. It
describes a fake "America Online Year 2000 Update" called Y2KFIX.EXE and
allegedly fools users into giving up information on their accounts and credit cards.
According to Symantic Y2KFIX.EXE doesn't match the characteristics of any known
viruses. AOL also denies the existence of such an update. Story below
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
AOL users hit by unusual hoax
By Matthew Broersma, ZDNN
July 27, 1999 3:44 PM PT
URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2303536,00.html
A new hoax is making the rounds of AOL users, posing -- confusingly enough -- as a hoax
warning.
The message, which seems to be sent by a concerned AOL (NYSE:AOL) user, describes a fake
"America Online Year 2000 Update" called Y2KFIX.EXE. The fake message allegedly fools
users into giving up information on their accounts and credit cards. But no such fake update exists.
"There is currently no virus that has the characteristics ascribed to Y2KFIX.EXE," wrote Motoaki
Yamamura of Symantec, in a briefing on Symantec's AntiVirus Research Center. "It is a sham,
meant only to panic new or inexperienced computer users."
Hoaxes thrive on the Internet like nowhere else, since it is so easy to pass along authentic-seeming
messages without eliciting a closer examination. As outlined on the Department of Energy's
"Internet Hoaxes" page, previous Internet frauds have involved everything from Blue Mountain
Cards' greeting cards to a supposed tax on e-mail.
Message sounds real
The Y2KFIX prank is especially perplexing because there are, in fact, many schemes designed to
trick people into revealing their AOL passwords or other personal information.
"It sounds absolutely plausible," said AOL spokesman Rich D'Amato.
The "AOL Year 2000 Update" hoax e-mail even includes a copy of the scam
message it is supposedly warning against. This begins, "Hello, I am Richard
Brunner of the AOL TECH Team and we have recently finished work on this
project which is the AOL Year 2000 Update."
This message is said to include an attachment called Y2KFIX.EXE, which,
when executed, causes a fake AOL billing window to pop up, asking users
for their names and credit card numbers, among other information.
"It looks very legit. It says your billing cycle was up and they need more info," the hoax e-mail
warns.
Layers of deception
AOL representatives say users can double-check the reality of scams at the service's
"Neighborhood Watch" section.
"This is a rumor perpetuating a hoax pretending to be a virus," D'Amato commented. "Plato
wouldn't even accept that as poetry."
The same trick e-mail also warms about a "flashing IM," or instant message, that will automatically
steal your password unless you "sign off immediately." But AOL said that not only is the "flashing
IM" a hoax, it isn't technically possible.
@HWA
64.0 NO FBI SURVEILLANCE AFTER CRITICISMS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Wednesday 28th July 1999 on 11:15 pm CET
The US Government has decided to not to blindly go through with a plan to create two
broad, FBI-controlled computer monitoring systems to protect the nation's key data
networks. Critics were afraid that the plan could lead to a surveillance infrastructure
with grave potential for misuse. Some inquiries are now first more at place. ZDNet.
--------------------------------------------------------------
This story was printed from ZDNN,
located at http://www.zdnet.com/zdnn.
--------------------------------------------------------------
U.S. backs off private monitoring
By Maria Seminerio and Margaret Kane, ZDNN
July 28, 1999 2:26 PM PT
URL:
With criticism rolling in from all quarters, U.S. government officials on Wednesday backed away
from a controversial plan to monitor private-sector networks for hacking activity.
The proposed Federal Intrusion Detection Network (FIDNET) plan, details of which were
revealed by the New York Times Wednesday, has been in the works for at least a year, a
National Security Council spokesman told ZDNN. The proposal for the government to monitor
critical systems for security breaches arose out of concerns about the growing vulnerability of
government computer networks and sensitive private-sector networks to hackers, the spokesman
said. (The NSC advises the president on national security issues.)
But in spite of indications in a government document on the plan obtained by
the Center for Democracy and Technology -- which indicates that private
networks would also be watched -- the NSC spokesman denied that there is
any plan for the surveillance of private online data.
The document outlining details of the plan says the FIDNET monitoring
system would cover "critical government and ultimately private-sector
information." Information gathered about network security breaches within
one of the plan's three "pillars" -- the Department of Defense computer
network, other federal networks and private sector networks -- "would also
be shared with the other two pillars," according to the document.
The document coalesces with comments made by Jeffrey Hunker, senior
director for critical infrastructure at the National Security Council, at the Black Hat Security
Conference in Las Vegas earlier this month. "We depend on systems that were never meant to
protect data from an organized threat," he told ZDNN. "The truth of the matter is that you all [the
industry] own the systems that are going to be the target. It is not the federal government systems."
However, in an interview with ZDNN, Jim Dempsey, senior staff counsel at CDT, said: "We feel
the government should spend its resources closing the security holes that exist, rather than to
watch people trying to break in," Jim Dempsey, senior staff counsel at CDT, said in an interview.
In spite of assurances from government officials that any monitoring would be largely automated,
somewhere down the line a person would have to step into the process, Dempsey said -- and this
is where such a system could be abused.
The government document detailing the plan acknowledges that "trained, experienced analysts" will
have to step in to determine the nature of any suspected security breaches.
Looking for 'anomalous activities'
But the NSC spokesman said the government does not plan to monitor private networks or read
e-mail messages, but rather to "look for anomalous activities" such as evidence of denial of service
attacks on military and other government networks.
This was little comfort to civil libertarians and other high-tech industry watchers, who blasted the
plan as an Orwellian attack on privacy.
"I think this is a very frightening proposal," said Barry Steinhardt, associate director of the
American Civil Liberties Union, in an interview. "The FBI has abused its power in the past to spy
on political dissenters. This type of system is ripe for abuse," Steinhardt said.
"I think the threats (of network vulnerability) are completely overblown," said David Sobel,
general counsel at the Electronic Privacy Information Center, in an interview. The perceived
security threat is leading to "a Cold War mentality" that threatens ordinary citizens' privacy, Sobel
said.
"The most serious concern about this is that it could move us closer to a surveillance society," said
Ed Black, president of the Computer and Communications Industry Association, in an interview.
"It's critical that if they do this, they should not retain any of the information that is gathered."
ZDNN's Robert Lemos contributed to this report.
@HWA
65.0 FEDS CRACK DOWN ON Y2K FRAUD
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by Thejian, Wednesday 28th July 1999 on 10:30 pm CET
US regulators (read: Federal Trade Commision) yesterday took action against a
Canada-based company that allegedly sold phony Y2K credit card protection against
Y2K-related problems. This is said to be a first in a series of Y2K-fraud prevention by
the FTC. The case was settled with $ 100.000 fine. Wired.
http://www.wired.com/news/news/business/story/20980.html
Feds Crack Down on Y2K Fraud
Wired News Report
8:10 a.m. 28.Jul.99.PDT
US regulators took action Wednesday against a company that allegedly sold phony Y2K credit card protection packages through a large-scale
telemarketing effort.
The Federal Trade Commission said the company, Canada-based NCCP Ltd., pretended to represent customers' credit card companies, and offered
plans to cover theft of cards and special packages to protect against Y2K-related problems. However, the so-called packages contained only
adhesive stickers, the FTC said.
FTC officials said Wednesday's action was its first enforcement measure concerning a Y2K-related fraud.
As part of an agreement with regulators, NCCP agreed to pay US$100,000 to settle charges that they falsely represented a credit card protection
program.
--
ETrade embraces UK: Online broker ETrade opened its fifth international enterprise Wednesday by launching an online investing Web site in the
United Kingdom.
The company opened ETrade UK in partnership with Electronic Share Information. The joint venture is the first Internet-only broker to receive
regulatory approval in the UK, the companies said in a statement.
The introductory rate for online transactions is ?.95 (about US$24).
ETrade said the new Web site is only a step in its plan to gird the globe with an electronic trading network. The company's first four sites outside
the United States are in Canada, Australia, France, and Sweden.
@HWA
66.0 RED HAT DELIVERS LINUX E-COMMERCE SERVER
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by dev, Wednesday 28th July 1999 on 10:10 pm CET
Red Hat, a maker of Linux open source software, introduced an e-commerce server
package Tuesday that's designed to move small businesses more quickly onto the
Internet. The product combines Red Hat's Linux 6.0 and Apache Web server.
Integrated into the e-commerce server is RSA Data Security's 128-bit encryption
engine. Read more on the interesting combination of open source software and
business solutions here.
Red Hat Delivers Linux E-Commerce Server
By Eileen Colkin, InformationWeek
Jul 27, 1999 (5:25 PM)
URL: http://www.techweb.com/wire/story/TWB19990727S0026
Red Hat, a maker of Linux open source software, introduced an e-commerce server package Tuesday that's designed to move small businesses more quickly onto
the Internet. The Red Hat Linux E-Commerce server combines Red Hat's Linux 6.0 open source operating system, which supports up to four processors with
symmetric multiprocessing configuration, with the Apache Web open source server. Integrated into the e-commerce server is RSA Data Security's 128-bit
encryption engine.
The server package includes Red Hat's Linux 6.0 applications CD, containing applications such as Star Division's StarOffice, which offers word processing,
spreadsheet, graphic design, presentation, HTML editor, e-mail/news reader, event planner, formula editor, and other applications. The CD also features IBM's
ViaVoice voice-recognition software and Applix's Applixware for Linux, a full-office suite including a developer bundle.
Also included in the server package is an e-commerce directory with offerings such as HP's WebQoS, which lets users prioritize Web server traffic based on
business criteria, electronic shopping-cart software from MiniVend, and a credit card processing engine from CCVS.
As part of the Apache Web server, the Apache ASP module offers multiplatform development, while the Apache DAV module lets users edit, manage, and publish
Web pages from the desktop without going through FTP. A Netscape Roaming Module lets the Apache server also act as a Netscape Roaming Access server.
Available immediately, the Red Hat Linux E-Commerce Server can be purchased on the Red Hat site or at retail sites for$149. Additional support packages are
also available.
@HWA
67.0 HACKING IN 1999
~~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Monday 26th July 1999 on 4:42 pm CET
Our new Special Report, written by anonymous, gives you a retrospective on the past
year's underground happenings. "What is a hacker these days? Someone who uses a
web browser to hack remote systems? Or is a hacker still defined as it was originally.
Hacking is mostly about gaining access to a remote system, not showing off that you
outsmarted an admin". You can read about security bugs, hack groups and incidents
that marked 1999, in our Special Report entitled Hacking in 1999 | The Current State
of Hacking.
Hacking in 1999 | The Current State of Hacking.
Major Exploits released in 1999
In 1999, many things have happened, the allaire cold fusion bug has been widely
advertised and put to use, many servers were compromised by using it, if
you look to allot of the website defacement mirror sites, almost all were done
by the cold fusion method. Yet another easy bug has been released in 1999
by eEye Digital Security Team, this bug was for the Microsoft IIS server, and
again many people have used this method to make a name for themselves.
After looking at exploits like this, it makes you wonder what a hacker is these
days? Someone who uses a web browser to hack remote systems? Or is a
hacker still defined as it was originally. Hacking is mostly about gaining
access to a remote system, not showing off that you outsmarted an admin.
Major Incidents that have Affected the 'Scene'
The first major incident the busting of Eric Burns AKA Zyklon. When companies
pressed lawsuits against him for thousands of dollars because he broke into their
servers.Up to now he is still not allowed to touch a computer I assume.
The second incident was the raiding of members of the well known group gH a.k.a
global Hell. An approximate 19 people were raided if not more, not only from
gH but from other groups such as Level Seven, team spl0it, milw0rm and
IL(Iron Lungs) from HcV/Legion2000 and forpaxe.
Kevin Mitnick was screwed around 2+ times, with them changing his court
date around continuously and him now having to owe 1 mil.
Read more about it at 2600, also support the FREE KEVIN movement.
Just recently, a few incidents have happened as a result of John Veransevich
otherwise known as JP from AntiOnline. First, Attrition makes a good
accusation that JP indeed funded a hacker known as 'so1o' to deface the
Senate Government website for him just to make a breaking news story
(Although, I am not accusing him of doing this, because it was never
proven). Another thing you notice about the "Anti Network" is the AntiCode
website, which claims to be "the only place you need" for all of your
exploits/network/security tools and utilities. But in reality this site is nothing
more than an archive compiled from other known sites and the code ripped
by AntiOnline it's self. Second MAJOR incident was when JP shut down a
popular IRC server. And the third, probably most devastating to the
underground community, was when JP caused Packetstorm Security to
shut down, all of Ken Williams files were deleted forever, his work ruined.
Not to mention many other things. You can read all those other things at :
http://www.attrition.org/negation/index2.html
A few conventions have passed, such as Defcon, Defcon is probably the most
recognized of all hacker conventions, this year some major things happened
at this convention, they had a line-up of great speakers, Carolyn P. Meinel
showed up and was not allowed in because she was accused of not being a
'real' reporter (which I will not comment on), and shortly into the Defcon
convention, their website was defaced by the very well know coding group
known as ADM. Also Rootfest and the Blackhat Briefings have recently
passed by.
Who has showed up?
Many new groups and individuals have showed up in 1999 up to now. To mention a
few. and give a decent description of them and their actions + skills.
Groups
Forpaxe - Forpaxe showed up in early 99, they have been responsible for hitting a
record number of .edu domains also quite a few .gov/.mil and numerous others. They
are well known to all hackers and media. A member of the past groups Legion2000
and HcV was a part of this group in the beginning, Iron Lungs, which later got raided
by the FBI. Now it appears to just be 2 individuals (m1crochip/in0de) which they state
on all of their webpage defacements. They do what they do for a reason, so they are
a decent group of individuals as far as I am concerned.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/forpax.html
Goat Security - This organization is a definite mentionable, everybody knows and
remembers the goat team, it consisted of members of gH, HcV and I think even a few
from LoU. They defaced a good amount of websites and made a widely known name
for themselves. They definitely knew what they were doing, not like all of the CF(cold
fusion) kiddies you see around these days.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/goat.html
gH (global Hell) - Possibly the most world wide known hacker group and most
media exposed, gH defaced allot of high profile websites such as Macweek,
Peoples Court, The Main Army Page and the Whitehouse. Many members
were later raided by FBI agents due to the defacing of the Whitehouse
website. They have skill and as far I saw it a very good team of people. This
group will always be remembered.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/gh.html
Level Seven - This crew was responsible for numerous defacements, it is rumored
also and stated on some of their defacements that members of this group were a part
of gH (global Hell) and got raided. This group was another group that hacked for a
decent reason. Mentionable mostly because of their tie-ins with gH. None the less
they are a good group.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/l7.html
Stonehenge Crew - Not very much to say about this group other than they have a
purpose for what they do. They always have a reason for defacing a website they hit.
They have done around 14 webpage defacements. It is rumored they are also 'tight'
with the known group gH. This is another good group.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/henge.html
Keebler Elves - Well, this group is probably the most skilled up to now in 1999.
Many skilled individuals, coders and hacker alike in it, from what is said at least.
They are best known for their hacks of the Department of Education, Virgin
Records and the Monmouth Army Base. Probably has done the most
recognized sites in 1999. And I wouldn't be surprised if they continue to hack
big time names. This group deserves allot of respect. Why? Because they
aren't like the rest.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/keebler.html
HFD (Hacking for Drunks) - This is another group well known for it's choice of sites
to deface. Probably most well recognized for their 20th Century Fox International,
Gibson and Blair Witch website hacks. They seem to have a good sense of
humor and have done some entertaining defacements. Very good group. But
name/logo kind of ripped from HFG(Hacking For Girls).
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/hfd.html
bl0w team - A good Brazilian hackers group, consisting of 5 individuals, best noted
for their 2600.co.uk and Telemar hacks. They do it all for an adequate reason
and do not give up. I think there patriotism is admirable. They also seem to
have a good amount of skill dealing with Solaris/NT systems.
Mirrors of their Website Defacements
http://www.attrition.org/mirror/attrition/bl0w.html
INDIANHackers/EHA/Ant1 S3cur1ty Tskf0rc3/MST(Moscow Security Team)
Nothing special, not really even worth the time, they did a 'few' sites and were never
heard from again. None of them had really any reason for defacing websites other
than to make themselves look big. Ant1 S3cur1ty Taskf0rc3 did a few with reason,
but it was rare with these 4 groups.
Mirrors of all the groups defacements :
[INDIANHackers]
http://www.attrition.org/mirror/attrition/ndian.html
[EHA]
http://www.attrition.org/mirror/attrition/eha.html
[Ant1 s3cur1ty taskf0rce]
http://www.attrition.org/mirror/attrition/asc.html
[MST]
http://www.attrition.org/mirror/attrition/mst.html
-end-
Individuals
zo0mer - Hit allot of government/military systems and banks. But it appears he
removes data from the boxes after he is done. What would be labeled a malacious
script kiddie cracker.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/zoom.html
p0gO - Probably best known for his defacing of Time Warner San Diego. Not to
mention his mass hack, he appears to have good skills, also is recognized
for his association with irc.psychic.com.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/pogo.html
Xoloth1 - Well known hacker from the Netherlands. Hit some well known porn sites
and what would appear to be his spotlight defacement Pentagon.co.yu. Xoloth
hacks for all the rite reasons.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/xoloth.html
v00d00 - First showed up on the scene doing a hack for Psychic, shortly after
doing defacements when he was part of the group Defiance it appears. He
appears to hack for the freedom of Kevin Mitnick AKA Condor and against
war, racism and allot of problems that happen in the world these days. He
does it for a good cause. That is all there is to say.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/v00.html
Mozy - Started hacking for irc.psychic.com, later went individual, noted to be good
friends with several known hackers. His defacements are quite humorous if you ask
me. Keep it up.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/mozy.html
dr_fdisk^ - Extremely well known Spanish hacker and for being in the group Raza
Mexicana. Most well known for compromising such sites as Nic.bo and
HBO, Latin America. Another hacker that does it for the freedom of Kevin
Mitnick and many other reasons.
Mirror of all his/her hacks
http://www.attrition.org/mirror/attrition/fdisk.html
There are other individuals I missed and they all deserve respect and to be noticed, I
didn't for get them because I dislike them, just because this part of the article has
gone far enough.
What was hit?
Aside from all the no-name sites that were hacked. In 1999 there has been several
HIGH PROFILE web defacements. Below is a list with a link to the defaced site,
provided by Attrition.
- Klu Klux Klan
- LOD Communication
- 200cigarettes Movie
- Whitepride
- No Limit Records
- Hotbot Search Engine
- Summercon
- eBay
- Coca Cola (BE)
- US Senate
- HBO, Latin America
- The White House
- Army Main Site
- and so many more....
Why do they do it?
MOST of the time it is to make a name and become known/noticed, but on some
occasions people do it for a reason, to prove faulty security, to protest against a
certain problem in the world or a personal dispute.
Well that pretty much covers 1999. Most of the remembered parts up to now
anyways.
Thanks allot,
I prefer to remain anonymous.
Sites to check out :
Rootshell,
http://www.rootshell.org
Attrition,
http://www.attrition.org
HNN
http://www.hackernews.com
OSAll
http://www.aviary-mag.com
Written by anonymous for HNS (www.net-security.org)
@HWA
68.0 Y2K crash test
~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Sunday 25th July 1999 on 2:21 pm CET
Y2K Crash Test (Windows 95/98 version) collects information about your hardware,
programs, Windows settings, and data files, tests their functionality during various
dates known to cause problems with non-Y2K compliant files, displays
comprehensive results, and allows you to print them.
Download the program here (1.07Mb): http://www.net-security.org/dload/y2k/nocrash3.exe
Screenshot: http://www.net-security.org/dload/y2k/nocrash.jpg
Y2K TEST FOR DOS
by BHZ, Sunday 25th July 1999 on 2:14 pm CET
Y2K TEST for DOS is a millennium bug diagnostic and repair utility used to test how
a PC will handle year 2000 dates and beyond. The included fix restores year 2000
compliance by installing a device driver that compensates for non-compliant real-time
clocks, thereby fixing BIOS bugs including the Award 4.50G BIOS problem. Just to
note it is updated version of the program we wrote about earlier.
Download the program here (560kb). http://www.net-security.org/dload/y2k/y2kdos.zip
Screenshot. http://www.net-security.org/dload/y2k/y2kdostest.gif
69.0 CASSANDRA GOLD
~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Sunday 25th July 1999 on 3:11 am CET
Cassandra GOLD is new trojan detection and removal program that could be run on
windows 95 and windows 98 operating systems. It currently can find 25 trojans
NetBus 2.0
NetBus 1.7
NetBus 1.6
BackOrifice 1.20
Masters Paradise 9.7
Deep Throat 1.0
Deep Throat 2.0
Deep Throat 3.0
GirlFriend 1.35 (Old)
GirlFriend 1.35 (New)
WinCrash 1.03
WEB EX 1.2
Telecommando
NetBus 2.01
SubSeven 1.5
GateCrasher 1.2
COMA
HACK99
Hack-a-Tack
Millenium
NetSpy 2.0
OpC BO v2.0
Spying King
BladeRunner
NetSphere
Download Cassandra GOLD US edition or http://www.net-security.org/dload/Cassandra-US.zip
Cassandra GOLD Swedish edition. http://www.net-security.org/dload/Cassandra-SE.zip
Homepage - http://www.win32software.com.
@HWA
70.0 BELL CANADA Y2K TEST
~~~~~~~~~~~~~~~~~~~~
From http://www.net-security.org/
by BHZ, Saturday 24th July 1999 on 11:05 pm CET
Bell Canada (www.bell.ca), telephone operator in Canada was working hard on
preparing new Y2K-ready system, and yesterday they transferred 7500 customer to
the new system. It all worked good for 3 hours, but then the system crashed. So
those "lucky ones" couldn't use their phone services for couple of hours, until it was
all fixed.
@HWA
71.0 [RHSA-1999:025-01] Potential misuse of squid cachemgr.cgi
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Fri, 30 Jul 1999 11:08:07 -0400
From: Bill Nottingham <notting@redhat.com>
To: redhat-watch-list@redhat.com
Cc: linux-security@redhat.com
Subject: [linux-security] [RHSA-1999:025-01] Potential misuse of squid cachemgr.cgi
---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Potential misuse of squid cachemgr.cgi
Advisory ID: RHSA-1999:025-01
Issue date: 1999-07-29
Updated on:
Keywords: squid cachemgr.cgi connect
Cross references:
---------------------------------------------------------------------
1. Topic:
cachemgr.cgi, the manager interface to Squid, is installed by
default in /home/httpd/cgi-bin. If a web server (such as apache)
is running, this can allow remote users to sent connect() requests
from the local machine to arbitrary hosts and ports.
2. Bug IDs fixed:
3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures
Red Hat Linux 5.2, all architectures
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Red Hat Linux 6.0:
Intel:
ftp://updates.redhat.com/6.0/i386/squid-2.2.STABLE4-5.i386.rpm
Alpha:
ftp://updates.redhat.com/6.0/alpha/squid-2.2.STABLE4-5.alpha.rpm
Sparc:
ftp://updates.redhat.com/6.0/sparc/squid-2.2.STABLE4-5.sparc.rpm
Source packages:
ftp://updates.redhat.com/6.0/SRPMS/squid-2.2.STABLE4-5.src.rpm
Red Hat Linux 5.2:
Intel:
ftp://updates.redhat.com/5.2/i386/squid-2.2.STABLE4-0.5.2.i386.rpm
Alpha:
ftp://updates.redhat.com/5.2/alpha/squid-2.2.STABLE4-0.5.2.alpha.rpm
Sparc:
ftp://updates.redhat.com/5.2/sparc/squid-2.2.STABLE4-0.5.2.sparc.rpm
Source packages:
ftp://updates.redhat.com/5.2/SRPMS/squid-2.2.STABLE4-0.5.2.src.rpm
7. Problem description:
A remote user could enter a hostname/IP address and port
number, and the cachemgr CGI would attempt to connect to that
host and port, printing the error if it fails.
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh <filename>
where filename is the name of the RPM.
Alternatively, you can simply disable the cachemgr.cgi,
by editing your http daemons access control files or
deleting/moving the cachemgr.cgi binary.
9. Verification:
MD5 sum Package Name
--------------------------------------------------------------------------
80d527634fc8d8d2029532a628b3d924 squid-2.2.STABLE4-5.i386.rpm
65d18747148d7e3dae4249fe65c18c6b squid-2.2.STABLE4-5.alpha.rpm
734f84b949752fe39b5e58555210ff51 squid-2.2.STABLE4-5.sparc.rpm
02a93b0b1985f8d5c77eb8f3e8981eeb squid-2.2.STABLE4-5.src.rpm
175b42cc4b603242fbb95e345c14963c squid-2.2.STABLE4-0.5.2.i386.rpm
f8dfc1198e32c645ed57769a44f3aa6d squid-2.2.STABLE4-0.5.2.alpha.rpm
2e11f629d2f15af8442d6b724ea4d020 squid-2.2.STABLE4-0.5.2.sparc.rpm
0ea1522539d2aebf298881571253e13d squid-2.2.STABLE4-0.5.2.src.rpm
These packages are PGP signed by Red Hat Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp <filename>
10. References:
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
@HWA
72.0 [RHSA-1999:022-03] New Samba pacakges available (updated)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Thu, 29 Jul 1999 14:26:26 -0400
From: Bill Nottingham <notting@redhat.com>
To: redhat-watch-list@redhat.com
Cc: linux-security@redhat.com
Subject: [linux-security] [RHSA-1999:022-03] New Samba pacakges available (updated)
---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: New samba packages for Red Hat Linux 4.2, 5.2, 6.0
Advisory ID: RHSA-1999:022-02
Issue date: 1999-07-22
Updated on: 1999-07-29
Keywords: samba smbd nmbd security
Cross references:
---------------------------------------------------------------------
Revision History:
1999-07-23: Fix 'Conflicts with' section about smbmount with 2.0/2.2
kernels.
1999-07-29: Add note about %postun of Red Hat Linux 6.0 samba release.
1. Topic:
Samba 2.0.5a has been released. Among the fixes in this release
are several security issues present in previous Samba releases.
2. Bug IDs fixed:
1321 2557 2625 2779 2923 2982 3715
3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures
Red Hat Linux 5.2, all architectures
Red Hat Linux 4.2, all architectures
4. Obsoleted by:
5. Conflicts with:
The smbmount code shipped with Samba 2.0 is only compatible
with the Linux 2.2 kernel, so it has not been built for
the Red Hat Linux 4.2 and 5.2 releases. If smbmount
support for the 2.2 kernel is needed under Red Hat Linux
4.2 or 5.2, the source RPM can be rebuilt with the following
command line (RPM version 3.0 is required):
rpm --define "KERN22 yes" --rebuild samba-2.0.5a-<release>.src.rpm
The samba package shipped with Red Hat Linux 6.0 (samba-2.0.3-8)
has an erroneous post-uninstall script. If this package is upgraded
to the errata release, it could cause /var/log/samba and
/var/lock/samba to be missing. It is recommended that users
of samba under Red Hat Linux 6.0 uninstall the previous release
using 'rpm -e samba' before installing the errata release.
6. RPMs required:
Red Hat Linux 6.0:
Intel: ftp://updates.redhat.com/6.0/i386/
samba-2.0.5a-1.i386.rpm
samba-client-2.0.5a-1.i386.rpm
Alpha: ftp://updates.redhat.com/6.0/alpha/
samba-2.0.5a-1.alpha.rpm
samba-client-2.0.5a-1.alpha.rpm
Sparc: ftp://updates.redhat.com/6.0/sparc/
samba-2.0.5a-1.sparc.rpm
samba-client-2.0.5a-1.sparc.rpm
Source: ftp://updates.redhat.com/6.0/
samba-2.0.5a-1.src.rpm
Red Hat Linux 5.2:
Intel: ftp://updates.redhat.com/5.2/i386/
samba-2.0.5a-0.5.2.i386.rpm
samba-client-2.0.5a-0.5.2.i386.rpm
Alpha: ftp://updates.redhat.com/5.2/alpha/
samba-2.0.5a-0.5.2.alpha.rpm
samba-client-2.0.5a-0.5.2.alpha.rpm
Sparc: ftp://updates.redhat.com/5.2/sparc/
samba-2.0.5a-0.5.2.sparc.rpm
samba-client-2.0.5a-0.5.2.sparc.rpm
Source: ftp://updates.redhat.com/5.2/
samba-2.0.5a-0.5.2.src.rpm
Red Hat Linux 4.2:
Intel: ftp://updates.redhat.com/4.2/i386/
samba-2.0.5a-0.4.2.i386.rpm
samba-client-2.0.5a-0.4.2.i386.rpm
Alpha: ftp://updates.redhat.com/4.2/alpha/
samba-2.0.5a-0.4.2.alpha.rpm
samba-client-2.0.5a-0.4.2.alpha.rpm
Sparc: ftp://updates.redhat.com/4.2/sparc/
samba-2.0.5a-0.4.2.sparc.rpm
samba-client-2.0.5a-0.4.2.sparc.rpm
Source: ftp://updates.redhat.com/4.2/
samba-2.0.5a-0.4.2.src.rpm
7. Problem description:
Several security issues were present in earlier samba releases.
- a denial-of-service attack could be performed against nmbd.
- a buffer overflow was present in the message service in smbd
(not enabled by default under Red Hat Linux)
- a race condition was present in smbmnt that could cause problems
if installed setuid root (it is not installed setuid root by
default under Red Hat Linux 6.0, and is not present under Red
Hat Linux 4.2 or 5.2)
Thanks go to Olaf Kirch (okir@caldera.de) for discovering the
security holes, as well as the Samba team.
8. Solution:
Install the updated RPMs, and restart the affected services by
running:
/etc/rc.d/init.d/smb restart
For each RPM for your particular architecture, run:
rpm -Uvh <filename>
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name
--------------------------------------------------------------------------
5167d97fb2f0949991555a3b8e86d509 samba-2.0.5a-1.i386.rpm
969d609925bc09f9c113907124828dc6 samba-client-2.0.5a-1.i386.rpm
d8091f3fa0aeda8febf3553d5b92f53f samba-2.0.5a-1.alpha.rpm
99f334ef87347877d1b79d4801044547 samba-client-2.0.5a-1.alpha.rpm
58b1afe4c81028435e6cad1325d4bbee samba-2.0.5a-1.sparc.rpm
6e3939fcebba7ace639b766b1cf36cab samba-client-2.0.5a-1.sparc.rpm
5c87d78148a8a224e5f89e5dce9af1ae samba-2.0.5a-1.src.rpm
6ce227464edc1e79cf4433ede6d18c05 samba-2.0.5a-0.5.2.i386.rpm
0f8d4c9606af2fd809c55a6dd3f9beae samba-client-2.0.5a-0.5.2.i386.rpm
cb51e889747ed1786996323863f64868 samba-2.0.5a-0.5.2.alpha.rpm
f82cfb4807fa9399005a03d6dd65dca5 samba-client-2.0.5a-0.5.2.alpha.rpm
d56551d53be6928556bb58517f265e9f samba-2.0.5a-0.5.2.sparc.rpm
371f7de9553d9c86c4b62d2a92c84bf0 samba-client-2.0.5a-0.5.2.sparc.rpm
e411e3c19d19ab89d35e834c7d379589 samba-2.0.5a-0.5.2.src.rpm
c5d267fc6b47a84f0571f0ce1a7a15aa samba-2.0.5a-0.4.2.i386.rpm
3d07e39245cdc5d8aa0ba8d50e6178f1 samba-client-2.0.5a-0.4.2.i386.rpm
f3db3e6f607afbd861610570154fd19d samba-2.0.5a-0.4.2.alpha.rpm
7972cf576734d1b006258a8ca02c80ff samba-client-2.0.5a-0.4.2.alpha.rpm
c44a4c13f171f31686d91da3b8370311 samba-2.0.5a-0.4.2.sparc.rpm
a6c235a206349e347dfe35ac0064d901 samba-client-2.0.5a-0.4.2.sparc.rpm
0c326cb2a2b0964026d286fb5f6b8079 samba-2.0.5a-0.4.2.src.rpm
These packages are PGP signed by Red Hat Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp <filename>
10. References:
<19990721023513Z12865037-4222+1570@samba.anu.edu.au>
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
@HWA
73.0 CERT� Advisory CA-99-10 Insecure Default Configuration on RaQ2 Servers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CERT� Advisory CA-99-10 Insecure Default Configuration on RaQ2 Servers
Originally released: July 30, 1999
Source: CERT/CC
See also: Cobalt Networks Security Announcement
Systems Affected
Cobalt Networks RaQ2 single rack unit Internet servers
I. Description
A vulnerability has been discovered in the default configuration of Cobalt Networks RaQ2 servers that allows remote users to install arbitrary software packages to
the system. RaQ2 servers are configured with an administrative webserver to process remote requests to manage the unit. Systems installed with the default
configuration have insufficient access control mechanisms to prevent remote users from adding arbitrary software packages to the system using this webserver.
A document published by Cobalt Networks describes the vulnerability and solutions in more detail:
http://www.cobaltnet.com/support/security/index.html
II. Impact
Any remote user who can establish a connection to an administrative port on a vulnerable RaQ2 server can install arbitrary software packages on the server. This
access can then be used to gain root privileges on the system.
III. Solution
Configure your Systems to Guard Against this Vulnerability
Install the patches provided by Cobalt Networks:
http://www.cobaltnet.com/patches/RaQ2-Security-1.0.pkg (For RaQ2 servers)
http://www.cobaltnet.com/patches/RaQ2J-Security-1.0.pkg (For Japanese versions of the RaQ2 system)
The CERT/CC wishes to thank Cobalt Networks for their assistance in developing this advisory.
This document is available from: http://www.cert.org/advisories/CA-99-10-cobalt-raq2.html.
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT personnel answer the hotline 08:00-20:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S.
holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key. If you prefer to
use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/.
To be added to our mailing list for advisories and bulletins, send email to cert-advisory-request@cert.org and include SUBSCRIBE your-email-address in the subject of
your message.
Copyright 1999 Carnegie Mellon University.
Conditions for use, disclaimers, and sponsorship information can be found in http://www.cert.org/legal_stuff.html.
* "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office
NO WARRANTY
Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon
University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a
particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any
warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Revision History
July 30, 1999: Initial release
@HWA
74.0 MS Security Bulletin: Patch Available for "Malformed Dialer Entry" Vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Microsoft Security Bulletin (MS99-026)
--------------------------------------
Patch Available for "Malformed Dialer Entry" Vulnerability
Originally Posted: July 29, 1999
Summary
======
Microsoft has released a patch that eliminates a security vulnerability in the Phone Dialer accessory in Microsoft� Windows NT�. The
vulnerability could be used to run arbitrary code in a user�s security context on Windows NT systems.
Frequently asked questions regarding this vulnerability can be found
at http://www.microsoft.com/security/bulletins/MS99-026faq.asp
Issue
====
Dialer.exe has an unchecked buffer in the portion of the program that processes the dialer.ini file. This vulnerability could be used to run arbitrary
code via a classic buffer overrun technique.
The circumstances of this vulnerability require a fairly complicated attack scenario that limits its scope. Dialer.exe runs in the security context of
the user, so it would not benefit an attacker to simply modify a dialer.ini file and run it, as he or she would not gain additional privileges. Instead,
the attacker would need to modify the dialer.ini file of another user who had higher privileges, then wait for that user to run Dialer.
Although the unchecked buffer is present in all versions of Windows NT 4.0, the attack scenario would result in workstations that have dial-out
capability being chiefly at risk. The FAQ discusses this in greater detail.
Affected Software Versions
=========================
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Enterprise Edition
Microsoft Windows NT Server 4.0, Terminal Server Edition
Patch Availability
=================
Windows NT Server; Windows NT Server 4.0, Enterprise Edition; and Windows NT Workstation 4.0:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/
NT40/hotfixes-postSP5/Dialer-fix/
Windows NT Server 4.0, Terminal Server Edition:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/
nt40tse/hotfixes-postSP4/Dialer-fix/
NOTE: Line breaks have been inserted into the above URLs for readability.
More Information
===============
Please see the following references for more information related to this issue.
Microsoft Security Bulletin MS99-026: Frequently Asked Questions, http://www.microsoft.com/security/bulletins/MS99-026faq.asp.
Microsoft Knowledge Base (KB) article Q237185,
Dialer.exe Access Violation with Phone Entry more than 128 Bytes, http://support.microsoft.com/support/kb/articles/q237/1/85.asp. (Note:
It may take 24 hours from the original posting of this bulletin for the KB article to be visible; however, a copy will be immediately available in
the patch folder.)
Microsoft Security Advisor web site,
http://www.microsoft.com/security/default.asp.
Obtaining Support on this Issue
==============================
This is a fully supported patch. Information on contacting Microsoft Technical Support is available at
http://support.microsoft.com/support/contact/default.asp.
Acknowledgments
==============
Microsoft acknowledges David Litchfield of Arca Systems for discovering this vulnerability and reporting it to us.
Revisions
========
July 29, 1999: Bulletin Created.
--------------------------------------------------------------------------
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY
DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO
THE FOREGOING LIMITATION MAY NOT APPLY.
� 1999 Microsoft Corporation. All rights reserved. Terms of Use.
@HWA
75.0 Senate asks for input into information infrastructure protection plan
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.fcw.com/pubs/fcw/1999/0726/web-plan-7-29-99.html
JULY 29, 1999 . . . 18:15 EDT
Citing privacy concerns, Senate asks for input into
information infrastructure protection plan
BY DIANE FRANK (diane_frank@fcw.com)
The Senate today urged federal officials to brief Congress on a Clinton
administration plan to protect the federal information infrastructure from
cyberattacks. The request followed stories this week in the general press that
inaccurately reported that the draft plan would have the FBI monitor
interactions with government computers.
During a hearing of the Senate Special Committee on
the Year 2000 Technology Problem, Sen. Bob
Bennett (R-Utah) and Sen. Christopher Dodd
(D-Conn.) both called for the draft plan to be released
to Congress and asked for a closed briefing within the
next few weeks.
The National Plan for Information Systems Protection is being developed by the
Critical Infrastructure Assurance Office (CIAO), the National Infrastructure
Protection Center (NIPC), and other high-level officials and groups within the
government. It is based on the critical infrastructure protection plans from
agencies and industry required by Presidential Decision Directive 63 and was
originally scheduled to be sent to Congress and the president this fall, according
to John Tritak, director of the CIAO.
Published stories based on a copy of the June 7 draft of the plan that was
leaked to a public interest group raised several concerns that the senators felt
Congress should know more about, including privacy issues surrounding the
monitoring inherent in the proposed Federal Intrusion Detection Network
(FIDnet).
"The issues, and specifically the FIDnet proposal reported by the [New York]
Times, should be the subject of oversight by the Congress, which has yet to
receive an official copy of the plan," Bennett said. "I am confident, given the
timing of today's hearing, that a copy of the national plan will be forthcoming
and that the oversight process can begin."
Mail questions to webmaster@fcw.com
Copyright 1999 FCW Government Technology Group
76.0 FBI: Beware outside Y2K workers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(Online News, 07/29/99 11:43 AM)
FBI: Beware outside Y2K workers
By Patrick Thibodeau
WASHINGTON -- Private companies that have used outside
firms to complete year 2000 repair work are running the risk
that their systems have been compromised, a top Federal
Bureau of Investigation official warned a congressional
committee today.
Michael Vatis, a deputy assistant director at the FBI and
director of the National Infrastructure Protection Center, said
he is concerned that Y2K contractors, both foreign and
domestic, have used the Y2K remediation process to install
malicious code.
Vatis said the FBI doesn't have "concrete indications" that
any group is planning to "to engage in unlawful intrusions" at
the New Year. But the FBI is nonetheless expecting trouble,
he said in testimony prepared for today's hearing by the
U.S. Senate's Special Committee on the Year 2000
Technology Problem.
Y2K contractors could compromise systems by installing
trap doors, obtaining root access, implanting malicious
code or mapping systems with the intent of selling
information to economic competitors or foreign intelligence
agencies.
Those with the motives and the means to compromise
systems include foreign governments for information
warfare purposes, as well as those engaged in industrial
espionage, terrorism or organized crime, said Vatis.
The FBI expects to see increased and possibly violent
activities among certain domestic groups. For instance, the
coming of the millennium requires Christian Identity
adherents to prepare for the "Second Coming of Christ" by
taking violent action against their enemies. That kind of
activity raises the possibility there could also be an increase
in activity in the cyberworld, Vatis said in his testimony.
Given "the vulnerabilities [that] could be implanted in critical
systems," said Vatis, "it is imperative that the client
companies do as much as possible to check the
background of the companies doing their remediation work,
oversee the remediation process closely, and review new
code as closely as possible and remove any extraneous
code."
Moreover, Vatis advised companies to create "red teams" to
try to crack their software and determine if trap doors exist.
@HWA
77.0 HPSBUX9907-101 Security Vulnerability Software Distributor (SD)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HP Support Information Digests
===============================================================================
HP Electronic Support Center World Wide Web Service
---------------------------------------------------
If you subscribed through the HP Electronic Support Center and would like to be REMOVED from this mailing list, access the HP
Electronic Support Center on the World Wide Web at:
http://europe-support.external.hp.com
Login using your HP Electronic Support Center User ID and Password. Then select Support Information Digests. You may then
unsubscribe from the appropriate digest.
===============================================================================
Digest Name: Daily Security Bulletins Digest
Created: Mon Jul 26 15:00:02 METDST 1999
Table of Contents:
Document ID Title
--------------- -----------
HPSBUX9907-101 Security Vulnerability Software Distributor (SD)
The documents are listed below.
-------------------------------------------------------------------------------
Document ID: HPSBUX9907-101
Date Loaded: 19990725
Title: Security Vulnerability Software Distributor (SD)
-------------------------------------------------------------------------
HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #00101, 26 July 1999
-------------------------------------------------------------------------
The information in the following Security Bulletin should be acted upon as soon as possible. Hewlett-Packard Company will not be liable for any
consequences to any customer resulting from customer�s failure to fully implement instructions in this Security Bulletin as soon as possible.
-------------------------------------------------------------------------
PROBLEM: Buffer overflows in Software Distributor (SD) commands.
PLATFORM: HP9000 Series 700/800 running HP-UX 10.XX, and 11.00,
plus SD OpenView/ITA on other specific vendor platforms.
DAMAGE: Users can gain increased privileges.
SOLUTION: Apply the appropriate patch noted below.
AVAILABILITY: All patches are available now.
-------------------------------------------------------------------------
I.
A. Background
A serious defect has been identified in the HP-UX SD filesets SW-DIST.RUPDATE SW-DIST.SD-AGENT SW-DIST.SD-CMDS.
B. Fixing the problem - Install the applicable patch:
SD-UX version B.10.10 on HP-UX release 10.01, 10.10: PHCO_15205
SD-OV version A.01.01 on HP-UX release 10.01, 10.10: PHCO_15205
SD-UX version B.10.20 on HP-UX release 10.20: * PHCO_15206
SD-OV version A.01.02 on HP-UX release 10.20: * PHCO_15206
HP-UX release 10.24: PHCO_19120
HP-UX release 11.00: * PHCO_18183
NOTE: There will be no patches for 10.00 nor 10.30.
From http://ovweb.external.hp.com, retrieve the following:
SDOV version A.01.02 for NT 3-4X: SDOV_00005
SDOV version A.01.00 sparcSUN 4.1: SDOV_00006
SDOV version A.01.00 sparcSOL 2.3: SDOV_00007
SDOV version A.01.00 sparcSOL 2.4: SDOV_00008
SDOV version A.01.00 sparcSOL 2.5: SDOV_00009
SDOV version A.01.00 AIX 3.2: SDOV_00010
SDOV version A.01.00 AIX 4.1: SDOV_00011
SDOV version A.01.00 AIX 4.2: SDOV_00012
SDOV version A.01.00 SNI5.42: SDOV_00013
NOTE: For HP OpenView IT/Administration (ITA) version 3.10 or lower,
please apply the SD-OV patches to all the managed nodes AFTER the installation of the ITA agent.
Older, obsolete versions of Software Distributor which are not listed above are vulnerable to this security problem. There are no patches
available nor will any be created for these versions. If you are using one of these, you should upgrade to a newer version. These older
versions may have been installed as standalone HP OpenView Software Distributor products, or as part of HP OpenView IT/Administration
products.
For SD-UX version A.02.01 and newer, do not apply this patch.
This "just released" A.02.01 version does not have the security problem and customers **should not** attempt to apply a patch to
this version. A.02.01 applies to HP-UX 11.00 & 10.20, to Solaris 2.5/2.6, and to AIX 4.2/4.3.
For questions concerning SD-OV issues related to this bulletin #101,
send e-mail to: SDOV@security.hp.com
C. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP Electronic Support Center via electronic mail, do the following:
Use your browser to get to the HP Electronic Support Center page at:
http://us-support.external.hp.com
(for US, Canada, Asia-Pacific, & Latin-America) http://europe-support.external.hp.com (for Europe)
Login with your user ID and password (or register for one).
Remember to save the User ID assigned to you, and your password.
Once you are in the Main Menu:
To -subscribe- to future HP Security Bulletins, click on "Support Information Digests".
To -review- bulletins already released from the main Menu, click on the "Search Technical Knowledge Database."
Near the bottom of the next page, click on "Browse the HP Security Bulletin Archive".
Once in the archive there is another link to our current Security Patch Matrix. Updated daily, this matrix categorizes security patches by
platform/OS release, and by bulletin topic.
The security patch matrix is also available via anonymous ftp:
us-ffs.external.hp.com
~ftp/export/patches/hp-ux_patch_matrix
D. To report new security vulnerabilities, send email to
security-alert@hp.com
Please encrypt any exploit information using the security-alert PGP key, available from your local key server, or by sending a message
with a -subject- (not body) of �get key� (no quotes) to security-alert@hp.com.
Permission is granted for copying and circulating this Bulletin to Hewlett-Packard (HP) customers (or the Internet community) for the
purpose of alerting them to problems, if and only if, the Bulletin is not edited or changed in any way, is attributed to HP, and provided such
reproduction and/or distribution is performed for non-commercial purposes.
Any other use of this information is prohibited. HP is not liable for any misuse of this information by any third party.
________________________________________________________________________
-----End of Document ID: HPSBUX9907-101--------------------------------------
@HWA
78.0 NSA spying on Americans?
~~~~~~~~~~~~~~~~~~~~~~~~
Big Brother Is Listening But Is He Breaking the Law When He Does It?
Some fear the United States� biggest spy
agency is using new technology to spy
illegally on Americans. (Thomas
Schmid/ABCNEWS.com)
By David Ruppe
ABCNEWS.com
N E W Y O R K, July 27 � Is Uncle Sam illicitly
reading your e-mail? Listening in on your
telephone calls? Scanning your faxes?
Some in Congress suspect advances in communications
technology in recent years may have enabled America�s
biggest, and most secret, spy agency, the National Security
Agency, to greatly increase its eavesdropping powers at the
expense of Americans� privacy.
But they can�t be sure without a thorough congressional
examination into the agency�s practices. And, they say, the
NSA has not yet provided all the information requested by
the House Select Intelligence Committee, which is looking
into the question.
That the National Security Agency intercepts
Americans� missives is clear. Observers point to the
agency�s practice of intercepting massive volumes of
communications through spy satellites and by listening to
commercial communications satellites, which inevitably
draws in the communications of U.S. citizens for whom the
agency has no court order.
�I have a problem with what the program appears to be
doing, and that is, invading the privacy rights of American
citizens without any reason, any court order, without any
reasonable cause, without any probable cause, almost a
dragnet invasion of privacy,� says Rep. Bob Barr, R-Ga.,
one of the NSA�s most outspoken critics.
Intercepting U.S. Communications
Government officials admit the NSA�s collection methods
do draw in communications made by U.S. citizens.
�Read the statute, the executive order, the legislative
history, and what you�ll find is the underlying assumption is
that you can�t avoid collecting U.S.-person information
incidentally if you are going to do foreign intelligence
collection,� says an official familiar with the agency.
The NSA maintains that it follows the laws and
procedures Congress approved in the 1970s and 1980s for
analyzing, retaining and disseminating that information,
which were designed to balance the agency�s needs for
gathering information with citizens� privacy rights as
guaranteed by the Constitution�s Fourth Amendment.
According to classified procedures described by
government officials, if the NSA incidentally obtains a
communication made by or to a U.S. citizen or organization
in the United States for which there is no warrant or court
order, the NSA can keep the message but must remove the
name of the citizen or company.
The law also includes an exception: The name of the
person can be retained in the message, included in analysis,
and disseminated within the government, the official familiar
with the agency notes, if NSA officials judge it is
�necessary to understand foreign intelligence information or
assess its importance.�
�There are always judgments: �Is it necessary to
understand the foreign intelligence requirements?� And
people have to make those difficult choices all of the time,�
the official says. �All I can tell you is, [they] err on the side
of caution.�
Limited Oversight
Still, critics say there is no way to be sure the NSA�s
judgments consistently respect citizens� rights unless the
congressional committees responsible for overseeing those
rights have full access to information on how the agency
applies the laws.
The chairman of the the House Select Intelligence
Committee, Rep. Porter Goss, R-Fla., has asked for all legal
opinions and guidance provided by the NSA�s legal office to
the agency. Such guidance, which is supplied to the NSA�s
operations employees and other decision-makers, could
show how the agency is applying the laws that restrict
collection of information on Americans.
Goss has not asserted that the NSA�s collection
activities are breaking the law. But he does seem concerned
� like Barr � that the agency, through its interpretation of
the laws, may be assuming greater powers �in light of the
enormous technological advances that have been made in
the past several years.�
The committee needs the information �to be sure the
NSA General Counsel�s Office was interpreting NSA�s
legal authorities correctly and that NSA was not being
arbitrary and capricious in its execution of its mission,� he
wrote.
The NSA�s General Counsel�s office has turned over
some of the legal guidance, but it has declined to surrender
all such communications, invoking, in a most unusual move,
executive privilege.
Unreasonable Request?
The fact that the NSA is not turning over all of the
requested information suggests Fourth Amendment rights
against unreasonable searches and seizures may be in
jeopardy, says Barr, a former CIA analyst who is not on the
committee. �It certainly raises that suspicion and it doesn�t
serve them well to do that.�
Barr�s suspicions seem to have found sympathy in the
House, which amended its Intelligence Reauthorization bill
with a provision by Barr that would require the NSA to
make an annual report explaining its interpretation of the
laws, including all materials showing its interpretation.
Intelligence Gathering Regulation in
America
1789 to 1966: Electronic surveillance basically was not
regulated.
1928: The Supreme Court rules in Olmstead vs. United
States that a wiretap on a phone did not violate Fourth
Amendment rights against search and seizure.
1934: Congress enacts the Federal Communications Act,
which prohibited the interception of any communications and
the divulgence of the contents of intercepted
communications by federal agents without a court order or a
warrant.
1966: The Supreme Court rules in Katz vs. United States
that basically all forms of eavesdropping require a warrant or
court order. It ruled the Fourth Amendment allows for the
protection of a person, not just a person�s property, against
illegal searches, so that whatever a citizen �seeks to
preserve as private, even in an area accessible to the public,
may be constitutionally protected.�
1968: Congress codifies the Katz decision. Establishes
requirements for obtaining a warrant, including
demonstrating probable cause to a court, and limits to
warrants. Sec. 2511 of the statute says warrants still are not
needed for foreign intelligence electronic surveillance and
national security surveillance.
1972: Supreme Court rules in 1972 that domestic security
cases are law enforcement cases, not foreign intelligence
cases, and so require a warrant to target a U.S. citizen. If
there is a connection to a foreign power or agent of a foreign
power then no court order is needed.
1975-1976: Church and Pike Committee investigations,
specially ordered by Congress, expose government
electronic surveillance collection, processing, retention, and
dissemination of information on U.S. citizens.
1976 & 1977: Senate, then House, creates Select
Intelligence Committee for overseeing activities of the U.S.
intelligence community.
1978: Congress passes Foreign Intelligence Surveillance
Act, that regulates foreign intelligence electronic
surveillance. It requires a special court order procedure to
authorize electronic surveillance for intelligence purposes on
targeted U.S. persons. Ensuing regulations, which are
classified, set out procedures for handling foreign
intelligence electronic surveillance.
The NSA�s position has been it has nothing to hide and has
no problem fulfilling requests for specific information. But as
last Thursday, the agency continued to view the
committee�s request for all legal opinions and discussions as
unreasonable.
�[They] have no problem providing information on any
subject,� says the government official familiar with the
agency, who explained the NSA�s position. �But there has
got to be some principle. The executive branch has to retain
some information.�
Turning over all legal guidance to the committee, the
official argued, would be an enormous task and might also
discourage employees from seeking the legal office�s advice
in the future.
�Cloak of Secrecy�
Goss, in a May committee report, rejected such arguments
out of hand, reminding the agency of its legal requirement to
furnish �any information or material concerning intelligence�
requested by the House and Senate intelligence committees.
The agency�s refusal to release information requested by
the committee could �seriously hobble the legislative
oversight process,� and would �result in the envelopment of
the executive branch in a cloak of secrecy,� he wrote the
chairman.
�Without access to such documents, Congress would be
left only with the �spin� the executive branch agency opted
to provide to the legislative branch,� Goss wrote.
Barr concurs.
�[NSA officials] are not the ones to tell the oversight
folks what they can see,� he says. �If they can, then there is
hollow oversight, and that�s arrogance.�
X-Files or Reality?
If you think suspicions of government eavesdropping on
Americans sounds more like the stuff of the TV show
X-Files than reality, you only have to go back to the 1970s
to be dissuaded.
Congressional hearings then revealed the NSA had
been engaging in serious abuses of U.S. citizens� Fourth
Amendment rights. In short, the agency had been
eavesdropping on hundreds of controversial American
figures who had nothing to do with foreign intelligence,
such as the Rev. Martin Luther King Jr., had delivered the
intercepted information to other agencies, and had kept
files on the figures.
Following the hearings, Congress in 1978 passed the
Foreign Intelligence Surveillance Act, restricting to a large
extent the spy agency�s ability to collect information on
Americans. The House and Senate Select Intelligence
Committees were created to oversee the agencies.
Few experts now believe the NSA could be doing
anything so serious today.
�If you ask me whether they are consciously ignoring all
of those restrictions, my best guess would be no,� says
Jeffrey Richelson, an intelligence analyst with the
nongovernmental, nonprofit National Security Archive. �This
is not the Vietnam War, this is not that period of time, and
Nixon is not president.�
James Bamford, author of the definitive book on the
NSA, The Puzzle Palace, agrees. �I don�t think it�s as big a
problem as some out there are pushing it,� he says.
�On the other hand, it has been 25 years since there�s
been a real hard-nosed congressional probe into
intelligence, so they could probably get away with quite a
bit at this point.�
According to an official familiar with the NSA, in the
1970s the agency abandoned practices designed to get
around the laws such as �reverse targeting.� Reverse
targeting occurred when an NSA employee purposely
conducted a search on an approved subject so that he
could collect information on a person for whom there was
no warrant.
�To talk about what NSA used to do in the 1960s and
1970s, conclude that�s what [they�re] doing now � is just
living in a dream world,� says the official. �That simply isn�t
reality.�
@HWA
79.0 AOL messaging policy might risk cable deals
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.news.com/News/Item/Textonly/0,25,39758,00.html
AOL messaging policy might risk cable deals
By Reuters
Special to CNET News.com
July 27, 1999, 3:25 a.m. PT
URL: http://www.news.com/News/Item/0,4,39758,00.html
America Online might back off efforts to block rival "instant messaging" services because the actions threaten to undermine its lobbying push to get access to high-speed
cable Internet lines, public policy analysts said yesterday.
Over the past few days, engineers at the No. 1 online service worked diligently to thwart efforts by Microsoft and Yahoo to allow consumers using their messaging
products to connect with AOL customers and accounts.
So-called instant messaging programs are used by tens of millions of Internet surfers to send and receive quick text messages that pop up immediately on the computer
screens of their online pals. AOL is by far the market leader, with more than 80 million users of its two instant messaging products.
AOL executives offered a variety of explanations for their efforts to block competitors' access, including that Microsoft had put the security and privacy of their
customers at risk--a charge Microsoft vehemently denied.
But analysts said that even if AOL was factually correct in some of its arguments, the moves would hurt the company's credibility on the cable open access issue where
it is pushing to have exclusive deals banned.
Cable companies have required customers buying high-speed net access over cable lines to also buy Internet services like email and Web page hosting from them. The
exclusive deals are unfair to other Internet service providers, AOL argues.
"Open is open," said Legg Mason Precursor Group analyst Scott Cleland, who has long predicted that AOL will ultimately prevail and gain access to cable high-speed
Internet services. "When you're denying consumers a choice of something, it looks bad in any case."
Online analyst Gary Arlen, president of Arlen Communications, predicted AOL's position on cable access would ultimately trump its decision to close up its instant
messaging product.
Cable companies like AT&T "will use AOL's instant messaging position as a defense," Arlen said. "Cable open access is truly the much bigger, longer-term issue. I don't
know how the IM deal is going to work but I think that one will get settled."
In fact, AT&T general counsel Jim Cicconi did just as Arlen predicted, issuing a statement calling AOL's moves "hypocritical and antithetical to the very ethos of the
Internet."
Some of AOL's supporters on the cable issue noted that cable was a regulated monopoly running on public property, as opposed to AOL's development of a software
product for the unregulated Internet. But few seemed eager to enter the instant messaging fray on the record.
Until recently, each of the various instant messaging products was a separate and incompatible communications tool, allowing contact only with others using the same
product.
Microsoft last week introduced a product called MSN Messenger that promised communications with people using AOL's instant messenger as well.
To make the feat possible, Microsoft's messenger software asked users for their AOL user name and password. The information was not sent to Microsoft but allowed
the Microsoft software to log users into AOL's network.
AOL then changed the way its network was set up so Microsoft users were blocked out. Microsoft responded with a quick fix and, after several rounds, Microsoft said
late yesterday that its newest version was communicating with AOL users.
"There's a right way and a wrong way," said AOL spokeswoman Ann Brackbill, defending her company's right to block MSN. "But without the right coordination and
standards, the privacy and security of consumers is going to be at risk."
AOL will support the development of a universal Internet standard for connecting all instant messaging software, Brackbill added.
"The only issue here is how the industry will work together to overcome the technical obstacles to interconnecting the various IM systems," she said.
Microsoft product manager Deanna Sanford said AOL had in the past declined to support such an industry-wide effort underway at the Internet Engineering Task
Force, a consensus-based standards writing body.
"Ultimately, it would be great if we could all support some standards," Sanford said. "It would be great if AOL would."
Story Copyright � 1999 Reuters Limited. All rights reserved.
@HWA
80.0 Study calls for reserve virtual IT warfare unit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.fcw.com/pubs/fcw/1999/0726/fcw-newsreserve-07-26-99.html
JULY 26, 1999
Study calls for reserve virtual IT warfare unit
BY DANIEL VERTON (dan_verton@fcw.com)
A year-long study completed last week by a senior panel of Defense
Department officials recommended an unprecedented expansion in the role the
reserves play in national defense, including the formation of a virtual
cyberdefense unit to protect the nation's critical infrastructure.
The study, Reserve Component Employment Study 2005, was initiated in April
1998 at the request of Defense Secretary William Cohen and concluded that the
reserves are "particularly well-suited to homeland defense missions." In addition,
the study called for the formation of a "joint [reserve component] virtual
information operations organization" and tasked various senior-level DOD
organizations to complete a "proof of concept" study for creating the unit by
June 30, 2000.
The new reserve cyberdefense unit "would consist of individuals with
information technology skills who could perform their duties from dispersed
locations rather than working as a single consolidated unit at a specific training
center," the report said. To accomplish their mission of protecting various critical
infrastructure nodes, the unit would communicate from existing reserve centers
and other DOD facilities across the country that have access to the Secret
Internet Protocol Routing Network.
To form the new unit, the study recommended looking for reserve members in
regions of the country where high concentrations of IT skill already exist.
In addition, the study suggested that the reserves consider recruiting
high-tech-savvy people from the civilian sector, requiring them to join the
reserves for a specific number of years in exchange for high-tech training
provided by DOD.
Establishing a "virtual organization" also would go a long way toward solving the
department's problem of retaining personnel with critical IT skills and may allow
DOD to reduce its reliance on external contractor support, the report said. "A
'virtual organization' [also] could support the Joint Task Force [for] Computer
Network Defense," the report said. Cohen established the JTF-CND in
December 1998 to monitor and take defensive actions against hackers and other
unauthorized users who try to penetrate DOD networks.
Rick Forno, a security officer for Network Solutions Inc. and the former senior
security analyst at the House of Representatives' Information Resources
Security Office, said the report's recommendation to use the reserves for cyber
defense "is a great idea" and represents one of DOD's more innovative
initiatives. "I'm thrilled that DOD is looking to go outside the box on the
Info-Protect/InfoCorps idea in the reserve components," said Forno, who
proposed a similar idea to DOD a year ago. However, "it comes down to
endorsement and support from senior leadership [whether or not] they let this
organization function as intended," he said.
Anthony M. Valletta, vice president of C3I systems for SRA Federal Systems
and former acting assistant secretary of Defense for command, control,
communications and intelligence, said the concept of using the reserves in this
manner is one that the intelligence community has proven works.
"When we did this with the intelligence community, it worked extremely well,"
Valletta said. "We have a lot of expertise in the reserves that we need to take
advantage of."
The main challenge facing the reserve cyberdefense corps idea, according to
Valletta, is training and equipping the reserves to carry out the mission. "We
have to keep up with the technology, and the reserves have to have the latest
capabilities," Valletta said. "That is a major change of philosophy in terms of
equipping the reserves."
However, the idea of establishing a JTF for Homeland Defense also is an idea
that some groups, particularly civil liberties organizations, may question.
"The main issue is the Posse Comitatus Act and the limits on military activity
within the U.S.," said Mark Lowenthal, former deputy assistant secretary of
State for intelligence and now a member of Valletta's C3I consulting team at
SRA. "If it is limited to what are clearly DOD facilities, then there should be no
problem," he said. "If it steps over that line, then there are some legal issues that
have to be addressed."
Other recommendations contained in the report include using the reserves as
part of a Joint Task Force headquarters for Homeland Defense, which would
work with the Federal Emergency Management Agency and other civil
authorities to coordinate responses to attacks involving nuclear, chemical and
biological weapons, and increasing the use of smart card technology to reduce
delays in processing reserve members for active-duty assignments.
@HWA
81.0 CERT IN-99-04: Similar Attacks Using Various RPC Services
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CERT� Incident Note IN-99-04
The CERT Coordination Center publishes incident notes to provide information about incidents to the Internet community.
Similar Attacks Using Various RPC Services
Thursday, July 22, 1999
Overview
We have recently received an increasing number of reports that intruders are using similar methods to compromise systems. We have seen
intruders exploit three different RPC service vulnerabilities; however, similar artifacts have been found on compromised systems.
Vulnerabilities we have seen exploited as a part of these attacks include:
CA-99-08 - Buffer Overflow Vulnerability in rpc.cmsd
http://www.cert.org/advisories/CA-99-08-cmsd.html
CA-99-05 - Vulnerability in statd exposes vulnerability in automountd
http://www.cert.org/advisories/CA-99-05-statd-automountd.html
CA-98.11 - Vulnerability in ToolTalk RPC Service
http://www.cert.org/advisories/CA-98.11.tooltalk.html
Description
Recent reports involving these vulnerabilities have involved very similar intruder activity. The level of activity and the scope of the incidents suggests that intruders
are using scripts to automate attacks. These attacks appear to attempt multiple exploitations but produce similar results. We have received reports of the
following types of activity associated with these attacks:
Core files for rpc.ttdbserverd located in the root "/" directory, left by an exploitation attempt against rpc.ttdbserverd
Files named callog.* located in the cmsd spool directory, left by an exploitation attempt against rpc.cmsd
Exploitations that execute similar commands to create a privileged back door into a compromised host. Typically, a second instance of the inetd daemon
is started using an intruder-supplied configuration file. The configuration file commonly contains an entry that provides the intruder a privileged back door
into the compromised host. The most common example we have seen looks like this:
/bin/sh -c echo 'ingreslock stream tcp wait root /bin/sh -i' >> /tmp/bob;/usr/sbin/inetd -s /tmp/bob
If successfully installed and executed, this back door may be used by an intruder to gain privileged (e.g., root) access to a compromised host by
connecting to the port associated with the ingreslock service, which is typically TCP port 1524. The file names and service names are arbitrary; they may
be changed to create an inetd configuration file in a different location or a back door on a different port.
In many cases, scripts have been used to automate intruder exploitation of back doors installed on compromised hosts. This method has been used to
install and execute various intruder tools and tool archives, initiate attacks on other hosts, and collect output from intruder tools such as packet sniffers.
One common set of intruder tools we have seen is included in an archive file called neet.tar, which includes several intruder tools:
A packet sniffer named update or update.hme that produces an output file named output or output.hme
A back door program named doc that is installed as a replacement to /usr/sbin/inetd. The back door is activated when a connection is received
from a particular source port and a special string is provided. We have seen the source port of 53982 commonly used.
A replacement ps program to hide intruder processes. We have seen a configuration file installed at /tmp/ps_data on compromised hosts.
Another common set of intruder tools we have seen is included in an archive file called leaf.tar, which includes serveral intruder tools:
A replacement in.fingerd program with a back door for intruder access to the compromised host
eggdrop, an IRC tool commonly installed on compromised hosts by intruders. In this activity, we've seen the binary installed as /usr/sbin/nfds
Various files and scripts associated with eggdrop, many of which are installed in the directory /usr/lib/rel.so.1
A replacement root crontab entry used to start eggdrop
It is possible that other tools and tool archives could be involved in similar activity.
In some cases, we have seen intruder scripts remove or destroy system binaries and configuration files.
Solutions
If you believe a host has been compromised, we encourage you to disconnect the host from the network and review our steps for recovering from a root
compromise:
http://www.cert.org/tech_tips/root_compromise.html
In many cases intruders have installed packet sniffers on compromised hosts and have used scripts to automate collection of the output logs. It may be the case
that usernames and passwords used in network transactions with a compromised host, or on the same network segment as a compromised host, may have
fallen into intruder hands and are no longer secure. We encourage you to address password security issues after any compromised hosts at your site have been
secured.
You should also review the state of security on other hosts on your network. If usernames and passwords have been compromised, an intruder may be able to
gain unauthorized access to other hosts on your network. Also, an intruder may be able to use trust relationships between hosts to gain unauthorized access
from a compromised host. Our intruder detection checklist can help you to evaluate a host's state of security:
http://www.cert.org/tech_tips/intruder_detection_checklist.html
We encourage you to ensure that your hosts are current with security patches or work-arounds for well-known vulnerabilities. In particular, you may wish to review
the following CERT advisories for suggested solutions:
CA-99-08 - Buffer Overflow Vulnerability in rpc.cmsd
http://www.cert.org/advisories/CA-99-08-cmsd.html
CA-99-05 - Vulnerability in statd exposes vulnerability in automountd
http://www.cert.org/advisories/CA-99-05-statd-automountd.html
CA-98.11 - Vulnerability in ToolTalk RPC Service
http://www.cert.org/advisories/CA-98.11.tooltalk.html
We also encourage you to regularly review security related patches released by your vendors.
This document is available from: http://www.cert.org/incident_notes/IN-99-04.html.
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT personnel answer the hotline 08:00-20:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S.
holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key. If you prefer to
use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/.
To be added to our mailing list for advisories and bulletins, send email to cert-advisory-request@cert.org and include SUBSCRIBE your-email-address in the subject of
your message.
Copyright 1999 Carnegie Mellon University.
Conditions for use, disclaimers, and sponsorship information can be found in http://www.cert.org/legal_stuff.html.
* "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office
NO WARRANTY
Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon
University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a
particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any
warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
@HWA
!=----------=- -=----------=- -=----------=- -=----------=- -=----------=-
O
0
o
O O O
0
-=----------=- -=----------=- -=----------=- -=----------=- -=----------=-
END of main news articles content... read om for ads, humour, hacked websites etc
-=----------=- -=----------=- -=----------=- -=----------=- -=----------=-
HWA.hax0r.news
AD.S ADVERTI$ING. The HWA black market ADVERTISEMENT$.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*****************************************************************************
* *
* ATTRITION.ORG http://www.attrition.org *
* ATTRITION.ORG Advisory Archive, Hacked Page Mirror *
* ATTRITION.ORG DoS Database, Crypto Archive *
* ATTRITION.ORG Sarcasm, Rudeness, and More. *
* *
*****************************************************************************
www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.freekevi
n.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnick.co
m www.2600.com ########################################ww.2600.com www.freeke
vin.com www.kev# Support 2600.com and the Free Kevin #.com www.kevinmitnick.
com www.2600.co# defense fund site, visit it now! . # www.2600.com www.free
kevin.com www.k# FREE KEVIN! #in.com www.kevinmitnic
k.com www.2600.########################################om www.2600.com www.fre
ekevin.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnic
k.com www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.fre
<a href="http://www.2600.com/">www.2600.com</a>
<a href="http://www.kevinmitnick.com></a>
+-----------------------------------------------------------------------------+
| SmoG Alert .. http://smog.cjb.net/ NEWS on SCIENCE |
| =================== http://smog.cjb.net/ NEWS on SECURITY |
| NEWS/NEWS/NEWS/NEWS http://smog.cjb.net/ NEWS on THE NET |
| http://smog.cjb.net/ NEWS on TECHNOLOGY |
+-----------------------------------------------------------------------------+
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* www.csoft.net webhosting, shell, unlimited hits bandwidth ... www.csoft.net *
* www.csoft.net www.csoft.net www.csoft.net www.csoft.net www.csoft.net *
<a href="http://www.csoft.net">One of our sponsers, visit them now</a> www.csoft.net
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.BIZTECHTV.COM/PARSE WEDNESDAYS AT 4:30PM EST, HACK/PHREAK CALL-IN WEBTV *
* JOIN #PARSE FOR LIVE PARTICIPATION IN SHOW CHAT OR THE WEBCHAT, AND WEBBOARD*
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.2600.COM OFF THE HOOK LIVE NETCAST'S TUES SIMULCAST ON WBAI IN NYC @8PM *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
//////////////////////////////////////////////////////////////////////////////
// To place an ad in this section simply type it up and email it to //
// hwa@press,usmc.net, put AD! in the subject header please. - Ed //
//////////////////////////////////////////////////////////////////////////////
@HWA
HA.HA Humour and puzzles ...etc
~~~~~~~~~~~~~~~~~~~~~~~~~
Don't worry. worry a *lot*
Send in submissions for this section please! .............
From: Tom Phoenix
Newsgroups: alt.humor.best-of-usenet
Subject: [comp.lang.pascal.delphi.databases] Re: Got Problems???
Date: 6 Nov 1996 07:01:42 GMT
Message-ID: <55pd4m$jvu@darkstar.ucsc.edu>
Originator: brian@cse.ucsc.edu
From: "Albert D. Cahalan"
Subject: Re: Got Problems???
Newsgroups: comp.lang.pascal.delphi.databases, comp.lang.pascal.delphi.misc
David Moles writes:
> Nathan Denny wrote:
>>
>> WHAT THE F**K!?!?!?
>>
>> Look at where that got posted! Like every development news group got
>> hit by that.
>>
>> Blam!
>>
>> Nate:SCHCATS!
>
> It's all over comp.sys, too.
Of course. They think all the computer hackers can't get a date.
Instant fix: gcc date.c -o date
All the way: gcc --entry
For orgasm: gcc -O
Even better: gcc -O2
Cruel: gcc -Wall
For old hackers: gcc -fno-strength-reduce
Transvestite: gcc -Wconversion
With toy: gcc -pipe
Man on top: gcc -traditional
In restroom: gcc -quiet
Explain how: gcc --verbose
With drugs: gcc --user-dependencies
Don't move: gcc -static
At Microsoft: gcc -shared
Side-by-side: gcc --profile
Mouth first: gcc --preprocess
Before drugs: gcc --prefix
With disease: gcc --no-warnings
With vibrator: gcc --machine
Foreigner: gcc --language
With chains: gcc --force-link
With AIDS: gcc --extra-warnings
Analism: gcc --dump
Remove lice 1st: gcc --debug
Talk about date: gcc --comments
Take control: gcc --assert
--
Moderators accept or reject articles based solely on the criteria posted
in the Frequently Asked Questions. Article content is the responsibility
of the submitter. Submit articles to ahbou-sub@acpub.duke.edu. To write
to the moderators, send mail to ahbou-mod@acpub.duke.edu.
-=-
Humour in UNIX Man Pages
Here are some excerpts from UNIX (specifically solaris 2.5, but also some other OSes
and some freeware packages) manpages and headerfiles. Probably a bit esoteric, so if you
do not find the stuff funny, don't worry..... Some are actually not for laughing, but they
make you cry or shout in anger.
man merge
BUGS
It normally does not make sense to merge binary files as if
they were text, but merge tries to do it anyway.
man diff
-h Does a fast, half-hearted job. It works
only when ...
man tar
... The directory portion of file (see dirname(1))
cannot exceed 155 characters. The file name portion
(see basename(1)) cannot exceed 100 characters.
man csh
NOTES
Words can be no longer than 1024 characters.
[And by the way: THIS IS REALLY TRUE! Solaris2.4:
(mege@iqe3)[~] setenv test `cat /usr/dict/words | head -1000`
(mege@iqe3)[~] csh
iqe3[mege] echo $test
Bus error
cool, huh?
]
/usr/local/sys/time.h
/*
* gettimeofday() and settimeofday() were included in SVr4 due to their
* common use in BSD based applications. They were to be included exactly
* as in BSD, with two parameters. However, AT&T/USL noted that the second
* parameter was unused and deleted it, thereby making a routine included
* for compatibility, uncompatible.
*
* XSH4.2 (spec 1170) defines gettimeofday and settimeofday to have two
* parameters.
*
* This has caused general disagreement in the application community as to
* the syntax of these routines. Solaris defaults to the XSH4.2 definition.
* The flag _SVID_GETTOD * may be used to force the SVID version.
*/
man top
BUGS
Don't shoot me, but the default for - I has changed once
again. So many people were confused by the fact that top
wasn't showing them all the processes that I have decided to
make the default behavior show idle processes, just like it
did in version 2. But to appease folks who can't stand that
behavior, I have added the ability to set "default" options
in the environment variable TOP (see the OPTIONS section).
Those who want the behavior that version 3.0 had need only
set the environment variable TOP to "-I".
man ps
pcpu The ratio of CPU time used recently to CPU time
available in the same period, expressed as a
percentage. The meaning of ``recently'' in this
context is unspecified. The CPU time available
is determined in an unspecified manner.
man chat
...
< snip >
...
COPYRIGHT
The chat program is in public domain. This is not the GNU
public license. If it breaks then you get to keep both
pieces.
man FvwmM4
NAME
FvwmM4 - the FVWM M4 pre-processor
...
AUTHOR
FvwmM4 is the result of a random bit mutation on a hard
disk, presumably a result of a cosmic-ray or some such
thing.
man ce_db_build
...
BUGS
...
Running ce_db_build on an empty ASCII file causes it to hang
indefinitely as though it were in an infinite loop.
Comment: Compare the time to fix this bug to the time required to write this
comment into the manpage....
cat /bin/clear
I really wonder how Microsoft sold this code to Sun Microsystems.....
#!/usr/bin/sh
# Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T
# All Rights Reserved
# THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF AT&T
# The copyright notice above does not evidence any
# actual or intended publication of such source code.
#ident "@(#)clear.sh 1.7 93/04/07 SMI" /* SVr4.0 1.3 */
# Copyright (c) 1987, 1988 Microsoft Corporation
# All Rights Reserved
# This Module contains Proprietary Information of Microsoft
# Corporation and should be treated as Confidential.
# clear the screen with terminfo.
# if an argument is given, print the clear string for that tty type
tput ${1:+-T$1} clear 2> /dev/null
-=-
10 Answers when asked about a bug
- I don't think that this is really a bug
- It would be too hard to implement right
- Fixing this would need a change in the documentation
- It wouldn't work right anyway
- This bug is too hard to track down
- This bug doesn't really interfere with normal use of the program
- Well, how do you think it should work?
- Why not fix it later?
- No program can be absolutely bug-free
- We'll fix that on the next major redesign
-=-
http://wwwhost.cc.utexas.edu/computer/vcl/bkreviews/bkcmcntd.html
The Computer Contradictionary, Stan Kelly-Bootle
Review written by Robert M. Slade.
The only two computer dictionaries worth having are both from MIT Press:
"The New Hacker's Dictionary" (cf. BKNHACKD.RVW), and this one. As news is
something that someone, somewhere, wants hushed up, so the only computer terms
of any importance are those that someone, somewhere, just made up. Everything
else is the perverted verbiage of a marketing department.
Where "Hacker's" (or TNHD) studies and stores the language of the anarchic technical
crowd, the Contradictionary deals with the jargon of those who work in DP,T, and
IS--those who truly understand MISmanagement. It is not intended to be a reference
work--Kelly-Bootle notes that the reader should determine the meaning of a word *before*
looking it up in this book--but a work of humour. Like all the best humour, of course,
it has strong points to make.
copyright Robert M. Slade, 1995 BKCMCNTD.RVW 950602
7 June 1999
Christine M. Henke, ACITS at UT Austin
@HWA
SITE.1 two sites this week
#1 From #feed-the-goats
http://www.pure-security.net/
SiteOps: ox1dation and mosthated
Just check it out... recent face lift looks good, i've lifted some text warez from
their archive for this issue. - Ed
#2
http://www.hack.gr/
SiteOp: ?
Straight from the site itself, check it out;
HACK.gr SERVER PROFILE
What is HACK.gr
HACK.gr is a greek Web Server, focusing its interest in security of
computer systems and networks. It is working experimentally since
November 1997 and is still (!) in pilot phase.
Who owns HACK.gr
The hack.gr domain and web server are owned and administered by Aris
Koxaras, Helias Fotopoulos and Costas Christoyannis. They are all
students of the Computer Engineering and Informatics Department, in
the Engineering School of the University of Patras and are working as
Unix system administrators in the Department.
Why HACK.gr - What hacker means
The term hacker, in computer terminology, is used for those who have
a deeper knowledge of the details of programmable systems. Jargon
Dictionary uses the following meanings:
- One who programs enthusiastically (even obsessively) or who
enjoys programming rather than just theorizing about
programming
- A person who is good at programming quickly
An expert at a particular program, or one who frequently does
work using it or on it
However, mainly due to the mass media, a negative meaning of the
word hacker is used to describe one who makes bad use of his
knowledge in order either to obtain access to anauthorised information
or to cause damage. Jargon Dictionary notes:
- [deprecated] A malicious meddler who tries to discover sensitive
information by poking around. The correct term for this sense is
cracker.
This use of the word by mass media, for cases of software piracy,
violation of intellectual rights, publishing of pornographic material and
cause of damages in computer systems is totally incorrect.
Content of HACK.gr
HACK.gr offers already an online magazine (HACK.gr Gazette), hosts
the web page of the Black Hole column of the .net magazine and news
from the greek demo scene. It offers a meta search engine for the
Greek cyberspace (MSE) and is working on mirroring of foreign web
sites, indices of documents and web pages for easy access to
information, fora creation etc. HACK.gr hosts pages of independent
sources, whose content is managed by specific rules, but does not
agree necessarily with the official thesis of HACK.gr.
Access to HACK.gr
HACK.gr does not offer shell access to people other than its
administrators. It only offers the capability of uploading web pages and
e-mail aliases to users, whose pages are hosted in the site. The
computer used is a Pentium with Linux Operating System, Apache Web
Server and QMail e-mail server. Network access is offered by Groovy
Net.
Friends and ennemies
HACK.gr was accepted with positive comments by system
administrators, journalists and many netsurfers. Long time before the
transition from the initial idea to its realisation, HACK.gr owners were
"urged" by big Internet Providers to come at hosting agreement. Server
hits turned out to be far more than expected, being more than 100,000
per month, though the server is still in pilot/experimental function.
However, some people are trying to "hush" HACK.gr and obscure its
image, attempting to charge it with cause of problems. Having perfect
cooperation with the involved Internet Providers, HACK.gr has
repeatingly shown responsible attitude and proved that it has nothing
to do with those intrigues. HACK.gr has helped various sites in security
matters and cooparated in various cases with "competitors", such as
the Next Crawler meta search engine.
- eentity
@HWA
H.W Hacked websites
~~~~~~~~~~~~~~~~
Note: The hacked site reports stay, especially with some cool hits by
groups like *H.A.R.P, go get em boyz racism is a mugs game! - Ed
* Hackers Against Racist Propaganda (See issue #7)
Haven't heard from Catharsys in a while for those following their saga visit
http://frey.rapidnet.com/~ptah/ for 'the story so far'...
From HNN rumours section http://www.hackernews.com/
see the archives section on HNN or attrition.org for copies of many of these
sites in their defaced form.
July 27th
MUSICIANS HACKED
by BHZ, Tuesday 27th July 1999 on 11:50 pm CET
One last article for me. Keebler elves hacked couple of musicians web sites. Sites
from following artists had been hacked - Gipsy Kings, Jewel, Tricky Daddy, Sugar
Ray, Stone Temple Pilots, Led Zeppelin and the official site of 3 tenors. You can find
mirrors of hacked sites on Attrition.
July 29th
From www.net-security.com
HIT2000 GETS DEFACED
by Thejian, Thursday 29th July 1999 on 10:00 pm CET
The dutch Hit2000 Con's Web site got hacked yesterday. An archive of the hack can
be found here. (Thanx to Pine Security Digest for the initial report)
http://members.xoom.com/_XOOM/testr12/index.html
http://www.attrition.org/
Latest cracked pages courtesy of attrition.org
[99.07.30] [PrestoChango] M (pvrc) Hypermart (pvrc.hypermart.net)
[99.07.30] [Bazil Brush] D3 Net (www.d3.net)
[99.07.30] [PhC] Qatar Net (QA) (www.qatar.net.qa)
[99.07.30] [Sistom] M Crystalg (www.crystalg.com)
[99.07.30] [LevelSeven] M Des Moines Metropolitan Transit Authority (www.dmmta.com)
[99.07.30] [HiP] Emerald Systems (www.emeraldsystems.com)
[99.07.30] [AntiChrist] Rahulcom (www.rahulcom.com)
[99.07.30] [AntiChrist] Rajeev Gandhi (www.rajeevgandhi.com)
[99.07.30] [AntiChrist] Royal Soft India (www.royalsoftindia.com)
[99.07.30] [AntiChrist] Ushauthup (www.ushauthup.com)
[99.07.30] [AntiChrist] India Made (www.indiamade.com)
[99.07.30] [AntiChrist] Insurvey (www.insurvey.com)
[99.07.30] [AntiChrist] Integral Pictures (www.integralpictures.com)
[99.07.30] [AntiChrist] Jeevanseva (www.jeevanseva.com)
[99.07.30] [AntiChrist] Omshiv (www.omshiv.com)
[99.07.30] [AntiChrist] Pankaj Group (www.pankajgroup.com)
[99.07.30] [AntiChrist] Pannatex (www.pannatex.com)
[99.07.30] [AntiChrist] PRG India (www.prgindia.com)
[99.07.30] [FL3M] K Marlboro Edu (rocket-science.marlboro.edu)
[99.07.30] [AntiChrist] Onsoft (www.onsoft.org)
[99.07.30] [AntiChrist] Adiam (www.adiam.com)
[99.07.30] [AntiChrist] Admanum (www.admanum.com)
[99.07.30] [AntiChrist] AD Techmission (www.adtpl.com)
[99.07.30] [AntiChrist] Always India (www.alwaysindia.com)
[99.07.30] [AntiChrist] Aqua Hundred (www.aquahundred.com)
[99.07.30] [AntiChrist] Big Ben India (www.bigbenindia.com)
[99.07.30] [AntiChrist] Classic Export (www.classicexport.com)
[99.07.30] [AntiChrist] Ezee Mart (www.ezeemart.com)
[99.07.30] [AntiChrist] Kapadia Group of Industries (www.glassageind.com)
[99.07.30] [AntiChrist] Inside Out Goa (www.insideoutgoa.com)
[99.07.30] [AntiChrist] Mothay (www.mothay.com)
[99.07.30] [AntiChrist] K Ronak Exports (www.ronakexports.com)
[99.07.30] [AntiChrist] Singhi (www.singhi.com)
[99.07.30] [AntiChrist] Stallen South Asia (www.stallenasia.com)
[99.07.30] [AntiChrist] Taps1 (www.tapsl.com)
[99.07.30] [AntiChrist] World Info Pages (www.worldinfopages.com)
[99.07.30] [FL3M] (redcom4) Navy (www.redcom4.navy.mil)
(www.drugs.com) ,,,,,,,,,,,,,,,,,,,,,,Drugs.com
(www.infocenter.com)..................Internet Broadcasting Corp
(www.bigfish.com).....................Big Fish Records
(www.gay.be)..........................Belgium Service des Gays
(www.markmaker.com)...................Mark Maker
(www.milleniumworldmarathon.com) .....Millenium World Marathon
(www.mz.iao.fhg.de) ..................Fraunhofer-Institut f�r Arbeitswirtschaft und Organisation (IAO),
Universit�t Stuttgart
(www.mpas.gov.br) ....................Minist�rio da Previd�ncia e Assist�ncia Social
(www.hazard.k12.ky.us) ...............Hazard School District
(www.northsalem.k12.ny.us) ...........North Salem School District
(www.paducah.k12.ky.us) ..............Paducah School District
(www.suckysucky.org)..................KRU
(www.calcoast.com)....................California Coast Online Network
(www.lyrikal.com).....................The Lyrikal Krew
(nazarenes.mckinney.tx.us)............Nazarenes Church of McKinney Texas
(www.haplo.org).......................Web site of Matthew Jones
More cracks...
and more sites at the attrition cracked web sites mirror:
http://www.attrition.org/mirror/attrition/index.html
-------------------------------------------------------------------------
A.0 APPENDICES
_________________________________________________________________________
A.1 PHACVW, sekurity, security, cyberwar links
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The links are no longer maintained in this file, there is now a
links section on the http://welcome.to/HWA.hax0r.news/ url so check
there for current links etc.
The hack FAQ (The #hack/alt.2600 faq)
http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html
<a href="http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html">hack-faq</a>
Hacker's Jargon File (The quote file)
http://www.lysator.liu.se/hackdict/split2/main_index.html
<a href="http://www.lysator.liu.se/hackdict/split2/main_index.html">Original jargon file</a>
New Hacker's Jargon File.
http://www.tuxedo.org/~esr/jargon/
<a href="http://www.tuxedo.org/~esr/jargon/">New jargon file</a>
HWA.hax0r.news Mirror Sites:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.alldas.de/hwaidx1.htm ** NEW **
http://www.csoft.net/~hwa/
http://www.digitalgeeks.com/hwa.
http://members.tripod.com/~hwa_2k
http://welcome.to/HWA.hax0r.news/
http://www.attrition.org/~modify/texts/zines/HWA/
http://archives.projectgamma.com/zines/hwa/.
http://www.403-security.org/Htmls/hwa.hax0r.news.htm
International links:(TBC)
~~~~~~~~~~~~~~~~~~~~~~~~~
Foreign correspondants and others please send in news site links that
have security news from foreign countries for inclusion in this list
thanks... - Ed
Belgium.......: http://bewoner.dma.be/cum/
<a href="http://bewoner.dma.be/cum/">Go there</a>
Brasil........: http://www.psynet.net/ka0z
<a href="http://www.psynet.net/ka0z/">Go there</a>
http://www.elementais.cjb.net
<a href="http://www.elementais.cjb.net/">Go there</a>
Canada .......: http://www.hackcanada.com
<a href="http://www.hackcanada.com/">Go there</a>
Columbia......: http://www.cascabel.8m.com
<a href="http://www.cascabel.8m.com/">Go there</a>
http://www.intrusos.cjb.net
<a href="http://www.intrusos.cjb.net">Go there</a>
Indonesia.....: http://www.k-elektronik.org/index2.html
<a href="http://www.k-elektronik.org/index2.html">Go there</a>
http://members.xoom.com/neblonica/
<a href="http://members.xoom.com/neblonica/">Go there</a>
http://hackerlink.or.id/
<a href="http://hackerlink.or.id/">Go there</a>
Netherlands...: http://security.pine.nl/
<a href="http://security.pine.nl/">Go there</a>
Russia........: http://www.tsu.ru/~eugene/
<a href="http://www.tsu.ru/~eugene/">Go there</a>
Singapore.....: http://www.icepoint.com
<a href="http://www.icepoint.com">Go there</a>
Turkey........: http://www.trscene.org - Turkish Scene is Turkey's first and best security related e-zine.
<a href="http://www.trscene.org/">Go there</a>
Got a link for this section? email it to hwa@press.usmc.net and i'll
review it and post it here if it merits it.
@HWA
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
� 1998, 1999 (c) Cruciphux/HWA.hax0r.news <tm> (R) { w00t }
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
[45:6E:64]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65]