💾 Archived View for aphrack.org › issues › phrack67 › 12.gmi captured on 2022-03-01 at 15:57:41. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
==Phrack Inc.== Volume 0x0e, Issue 0x43, Phile #0x0c of 0x10 |=-----------------------------------------------------------------------=| |=------------------=[ P H R A C K E R Z: Two Tales ]=-------------------=| |=-----------------------------------------------------------------------=| |=-------------------=[ Antipeace and The Analog Kid ]=------------------=| |=-----------=[ antipeace@phrack.org / analog_kid@phrack.org ]=----------=| |=-----------------------------------------------------------------------=| This is a tale of two hackers. Two souls lost in this world of bits. One tells a first hand tale of a hackers life. Another, gone mad from analyzing too many ltrace outputs, looks at the existence of Phrack Inc. from the outside. One wanted to be a hacker from childhood. The other had plans of being a rock star. None the less, here in this strange network of fibers, their paths collide and their stories are fused together. Who owns an idea when it is anonymous? Who is the arbiter of ethics, the individual hacker or the mass media? What good is a secret that cannot be shared? What defines an author if the author is anonymous? These are two stories from both hackers, fused together, as they struggle to answer such questions. It is a collage of segments from the two tales. ~~~ |=-----------------------------------------------------------------------=| |=----------=[ When I was a child I wanted to be one of them ]=----------=| |=-----------------------------------------------------------------------=| |=-------------------------=[ by Antipeace ]=--------------------------=| |=-----------------------------------------------------------------------=| --[ Contents 1 - Who the hell is it written for? 2 - Who they think we are 3 - We are not _so_ special 4 - The downside of a hacking life 5 - So in the end... --] ~~~ |=-----------------------------------------------------------------------=| |=-------------------=[ The tale of the phrack boys ]=-------------------=| |=-----------------------------------------------------------------------=| |=----------------------=[ by The Analog Kid ]=------------------------=| |=-----------------------------------------------------------------------=| --[ Contents 1 - A witch hunt begins 2 - What do people think they are? 3 - Are they so special? 4 - Why they must lurk in the shadows of publicity 5 - Of the indictment and the witch hunt 6 - A closing note 7 - Acknowledgments 8 - References --] ~~~ --( A witch hunt begins )-- by The Analog Kid "Neither have been charged ... they expect to at least be called as witnesses at the case of the Phrack Boys [1] April 0x5, 1990, 6:50 AM: On that day a hacker is born into this world. March 0x1, 1990, 6:30 AM: Secret service agents charge into the room of Phrack Inc contributor, The Mentor. Their guns are drawn and pointed at his head. March 0x1, 1990, 11:00 AM: Secret service agents complete their search and seizure of The Mentor's property. Agents prepare to raid the Mentor's work office [1]. April 0x5, 1990, 12:00 PM: The wheels are spinning busily at Phrack Inc. With key members under investigation by the federal government, rumors are rampant of the journal's demise. Remaining members of the underground bustle to assemble a new issue and quell the rumors. "Phrack will and can't ever die, the journal proclaims [2]. ~~~ --( Who the hell is it written for? )-- by Antipeace If I had to make a choice, I would say that the hacking papers which impressed me the most were the unusual ones and by "unusual" I mean dealing with subjects such as esotericism, philosophy, and ethics. Yes the kind of things that would bore you to death. It's not that I systematically prefer intellectual masturbation over coding but let's face the pathetic truth: though there are exceptions, good technical papers are rarer and rarer and information is shamelessly duplicated everywhere. Interestingly enough, papers written on a thinking or life experience basis are on a whole other scale. Being based on personal experience, they are intrinsically unique. There is no better example than the excellent article written by TAp in this issue. Believe me it kicks ass; you'll feel it deep down. Writing these kind of things is usually done with the hope that a message will be transmitted. I personally chose to write mine for the people who have no clue of what a hacker's true life really is. That may include kids willing to learn about our culture as well as those of you who just came across these words. If you ever thought that being a hacker was as cool as what's pictured in the movies, then please don't stop reading. This paper, is just a set of personal thoughts regarding the (unfinished) life of one (or more ?) hackers amongst thousands. Neither the best nor the worst. Just one of them. ~~~ --( What do people think they are? )-- by The Analog Kid Phrack Inc., an online journal created by the hacker community, represents the contemporary hacker community. Its articles are still well respected within academia and it is likely that some of its content draws from the academy. Although Phrack Inc. may seem devious to mainstream society on the surface, it serves a deeper purpose as a medium to freely distribute substantive technical information between an underground community of computer programmers. Functionally, Phrack Inc. is an outlet for the free discussion of software exploitation. During my freshman year of college I stumbled upon a Phrack Inc. article from time to time, but never realized the site's importance until my sophomore year. I was enrolled in a graduate class and the professor used the web site as a reference in class one day. When discussing the use of the web-site with him after class, the professor was immediately intrigued that I was familiar with the site. He told me that, in his opinion, the contributors of Phrack Inc. were just as intelligent as those in academia, and that sometimes it was good to have publications that were more direct and less formal than their academic counterparts. In addition, an in depth knowledge of computer software and hardware is required, with references to assembly code, operating systems, glibc, gdb, and the dynamic linker strewn throughout the articles. The site is also respected by security professionals within the IT community, who use it as a tool to track the latest hacking methods [3]. Phrack, as a publication, creates an outlet for these hackers to express themselves and reveal their values to the public. ~~~ --( Who they think we are )-- by Antipeace The way we humans are generally perceived is really important to most of us as there is always an implicit resulting judgment. With the notable exception of psychos, most of us are probably willing to be seen as we 'truly' are, or in other words as we 'believe' ourselves to be, and not as we seem to be. As being hackers is part of our identity, it's only natural to feel concerned about how this secret part of our personality is seen by society. This brings the question of how hackers are perceived by people in general. Though there are notable exceptions, people usually see us as movies/books and magazines/TV shows describe us. Various fictional hackers are pictured in cyberpunk science fiction ('Matrix'), action movies ('Live Free or Die Hard'), caper films ('Sneakers') and more generally in many fictional stories. However compared to them, we average hackers from the real world are forced to admit that we're not that great: - we do not hack into satellites on a daily basis - we do not own OpenGL maps of buildings allowing us to control lights, elevators and doors at will - at some point encryption, passwords and firewalls may be troublesome even for us ;) Of course weak minds may be abused in the process and assume as a result that hackers are, at some point, what a typical Bruce Willis movie is showing them: wizards. Should we feel angry about it? Certainly not because this is fiction and everything is allowed. Now things are different when it comes to media. Who ever criticized the journalists? Not me, nor you, with high probability. Almost everybody was or will be the witness of a false claim (or of an obvious speculation) from a journalist in his lifetime. The problem is that taking into account the almost unlimited number of profiles in the audience, that's itself a hint pointing out that mistakes are frequent. What is obviously not correct for you may appear correct for me, and vice versa. Now what's interesting is that it gives us an idea about how fucked up a media outlet (newspaper, web site, TV show) may be regarding a particular area (such as security but not only). I believe there are two cases to consider: - Technical publications and/or computer literate media - Mass media aimed at the general public Regarding the first case, my personal belief is that this is two sided. Either the provided information is good or it's total bullshit. People who care are doing quality and not useless shit. From this point of view, popularization is the worst kind of information. Under the pretext of simplifying things for people, every kind of approximation appears to be allowed. Of course, publication being associated with sales and/or ratings, if something can be exaggerated to impress even more, why not? Why would journalists try to understand and care about their subject? After all the target is a mass audience. So if 2 or 3 people were mad, who would give a shit about it? I've hated journalists for a long time for what I thought to be their incompetence. I later learned about the dramatic conditions they're living in: precarious employment and the necessity to write ever more for a low salary. Journalism changed and now I hate journalists for their lack of professionalism. You may argue that one needs to live but I would answer back that nothing justifies intellectual prostitution. If a person is clever enough to have that kind of job, other jobs should be possible as well. Now coming back to us, how could we be correctly understood / represented in these conditions? Sadly, bad journalism is often mass journalism which makes things even worse as people (including around you) will always be influenced. Trying to change their way to see things is already a lost cause. As a hacker you will have to learn to live with bullshit all around you. It may be tough but the only important thing is to have independent self-esteem, not relying on the judgement of others. A good psychologist would even tell you that it's necessary for personal construction... ~~~ --( Are they so special? )-- by The Analog Kid Why then are these hackers cast in such an antagonistic light by the media, if the contributors to journals such as Phrack are mainly thinkers? Given that Phrack's content is as substantial and intellectual as an academic journal, why is its community cast in such an antagonistic light? Morally, Phrack Inc. is in a gray area. The site itself does not engage in or promote illegal activity, however the information on Phrack Inc. is published in a very open way; Phrack Inc. does not assume responsibility for what the criminal underground may do with their information. More formal research communities would consider it moral etiquette to have security holes fixed before publishing them. Phrack Inc.'s tendency to publish information with no forewarning is a testament to the group's valuation of free information and an uncontrollable side effect of its association with the hacking underground. Most Phrack releases have a GPG key included with the introduction [4]. This is not a feature commonly seen in academic or professional articles. Functionally there is an important reason to have an encryption key, it allows the articles to be submitted securely (if the e-mail is intercepted the contents could not be read), preserving the identity of the author. This highlights the controversial nature of what is discussed in the hacker community, as well as the members' valuation of anonymity. By remaining anonymous they feel able to safely continue the free flow of information, which is the ultimate goal of Phrack Inc. The free flow of information at Phrack allows one to learn a-lot about the hackers who submit articles to it. Their values, their personality, and their intellectual curiosity is spread all throughout the articles. ~~~ --( We are not _so_ special )-- by Antipeace Having earlier outlined my disagreement with the common beliefs, now is the time to share my own vision. IMHO no one is born designated to become a "hacker" some day. I don't know if there are predispositions (maybe our insane curiosity or the urge to understand things?) but I would say that being a hacker is essentially about acquiring a hacking mindset. Now that being said, let's see what a hacker truly is. Intellect --------- Though movies and medias sometimes describe hackers as genius (see "Hackers" with the cute Angelina Jolie for example ;) who for some reason are shown proficient with computers, reality is a bit different. Sorry to destroy the myth but the average hacker is just an intellectual. Of course, there are true geniuses amongst us but the fundamental difference lies in the willingness to exploit our brain as much as possible in order to ask the essential questions as well as to find the appropriate answers. There is usually no need to be brilliant to impress people with hacking. Let me make an analogy to magicians. Even the simplest tricks are amazing for people who don't know how they are working. Things are the same in hacking. Daily life hacking is probably more about using thousands of cheap tricks but people are not aware of that. Since this kind of cheap hacking has visible consequences for the masses, hackers are falsely assumed to be the geniuses described in movies. Personality ----------- Most hackers are computer 'freaks' able to spend hours in front of their screen in order to solve a particular problem. In a way, hackers are geeks and there are thousands of them. That said, it must be added that they have this unusual characteristic growing with time: the obsessional will to discover incoherency, mistakes (having impacts in security or not) in everyday life. As I said, a hacker is probably not smarter than you, but he/she is way more focused. What may be cool at first sight is sometimes heavy to carry. Imagine yourself analyzing everything. Not only is that painful for others (friends, coworkers, family, lovers) to have this kind of person around but it can also be troublesome for you. Indeed you will sometimes be mad because of all these daily pieces of nonsense that ordinary people do not notice. Probably because of that, some hackers assume that they are smarter than the rest of the world, sometimes internally thinking they are some House-like guy, and quickly develop unfortunate ego issues which are discussed later. Social profile -------------- Once again, it would be easy to draw quick conclusions based on collective imagery and again, there is no simple description as it's impossible to generalize. The social profile of individuals is a mix of both their personality and their evolution. Amongst the hackers I've met around the world, I can say that I've seen people who are: - socially isolated / barely capable of having a proper conversation - "normal" (taking into account the usual criteria) - extroverts always talking to everybody everywhere they go Personally I would say that I quickly understood that a social life was important, not to say necessary. Having natural tendencies to be an introvert, I've worked with myself to reach a stable equilibrium. Note that I try as much as possible not to mix my activities and my social life. The reason is simple: as I said, people around me are not able to understand (because of the lack of technical background) nor really willing to understand it (because of the prejudices coming from the media). Anyway this is not that bad, considering the security consequences of being a chatterbox. ~~~ --( Why they must lurk in the shadows of anonymity )-- by The Analog Kid Those who do choose to share their information generally publish under anonymous aliases so as to protect their true identity. Publishing articles under anonymous screen names is in stark contrast to academia, where the goal is to have as much information published with your name as possible. Part of why academia admires Phrack Inc. is that by retaining anonymity, its members are free to discuss topics at will without concern for "political fallout. Some of the authors of Phrack Inc. are listed as, "nemo, "huku, and "BSDaemon [5]. As a case study in this anonymous culture, the introduction of Phrack Inc. issue 66, contains a good-bye to a friend: "cliph [4]. No other information is given. I inadvertently stumbled across the identity of this Cliph while reading an article on a different web-site, which stated that, "This post is dedicated to Wojciech "cliph Purczynski. [6]. Even with the full name available, a search for information yields no clues as to what became of this individual. Multiple tributes to the individual known as "cliph show that within the hacker community there is respect and recognition to the most skilled members; this is not different than academia. The issue of using anonymous screen names is directly confronted at the end of the "Malloc DES-Maleficarum article, where the author comments on a quote by Eric S. Raymond who criticizes the use of such false names. The author confronts the reader with the question, "Is there some connection between our name and our skills, philosophy of life or our ethics in hacking [7]? The author -- intending to speak for the community as a whole -- argues that the means by which they identity themselves is a result of society's judgement on computer hackers and not a reflection of the people. It is interesting that an American, Eric Raymond, would place heavy emphasis on the personal ownership of ideas, a very American value. The Phrack Inc. community, undoubtedly as global as the Internet within which it exists, shows interest in expanding knowledge and the ideas of others, rather than taking personal ownership of static concepts. In its layout, Phrack Inc. exhibits a much more informal nature than formal publications. Consider for example, the previously mentioned article "Malloc DES-Maleficarum. The title is a clear allusion to the Malleus Maleficarum, a treatise on witches published in 1486 during the inquisition [8]. By invoking references to witchcraft the journal is again making light of the negative connotations society imposes upon it. The section headings too are of an unconventional nature: "The House of Mind, "The House of Prime, "The House of Spirit, "The House of Force, "The House of Lore, and "The House of Underground [7]. Article 5, "Backdooring Juniper Firewalls, also makes reference to movies in it sections headings, with titles such as "Netscreen of the Dead, and "28 Hacks Later [10]. The references to Medieval texts and creative naming schemes demonstrates a level of culture and sophistication (as well as humor) within the community. Although the space here would not allow for such discussion, the audience might stop for a moment and consider what it means to be an author, and whether a legal name is truly required to identify a work as one's own. In Michael Foucault's essay, "What Is an Author?, Foucault decrees that, "The author function is linked to the juridical and institutional system that encompasses, determines, and articulates the universe of discourses [12]. If this statement is accurate, then the function of the author at Phrack Inc. is to allow the free distribution of material that might otherwise be censored. The raids and indictment of founding Phrack Inc. members discussed at the beginning show the severe role that the global juridical system has in directing Phrack Inc's style of discourse. If "institutional [12] refers to the ad hoc rules of morality and ethics imposed by society, then this again forces the Phrack Inc. contributors into an anonymous universe of discourse, as society might forsake these contributors. Consider how a deep and publicized knowledge of controversial computer hacking methods might be a black mark on the reputation of any programmer applying for work with a large corporation. The need to protect ones identity, and avoid public recognition for their discoveries, is one of the downsides that comes with being a member of the hacker community. ~~~ --( The downside of a hacking life )-- by Antipeace Consider life in general. People are not always happy because they are bothered with random things such as the neighbor's dog always barking for nothing, their child having bad grades at school, etc. The modern world is full of stress and there is nothing to do but to bear it. Hacking certainly has cool aspects (though contrary to movies, in the end you won't get the girl after saving the world) but it also has side effects that are added to the current level of daily stress. Occasionally, you will be angry or anxious. You may even become paranoid at some point. This is mainly what I call the downside of the hacking life. The disclosure war ------------------ Well this is a hot topic. To simplify things for those who are unfamiliar, let's say that the hacking scene is divided in two groups of individuals: - people publishing (or willing to publish) bugs, exploits, papers - people who want to keep these things secret or at the very least within the underground Though clearly belonging to the second group, I won't try to convince you that disclosure is bad as the arguments for both sides are valuable. I just choose my side. However, I can tell you how this issue may affect you or your friends. If you are a so called 'black hat', then there is a good chance that you have developed techniques or exploits based on your own discoveries. Ten years ago, if you were smart/skilled enough, being innovative could bring you new kickass tools/exploits in a matter of hours or days at the very least. Things are a bit different nowadays and the required time for giving birth has increased a lot (though virtualization and generalization of scripting languages helped a lot). If you consider remote exploits targeting C programs, it takes so much time to find and exploit bugs that the cost of doing so is now insane. Now imagine that you've been working on a particular bug for weeks / months. How would you react if some guy were to publish it as a full disclosure? Oh you would be angry, and you may even be willing to kill him. The fact that the bug may have been leaked or that the guy releasing may not have understood the bug properly would only exacerbate your feelings. The ring of trust ----------------- What ever hacking activities you have, there is little doubt that you won't remain alone. Socially speaking, at some point you will try to be part of a community or part of a group because: - you will want to find people able to understand what you are doing - you will want to share information This will bring the unavoidable question of the amount of trust that you can place in fellow hackers. Ironically this is a security problem and as such it must be solved before exchanging anything. Practically speaking, we all make the same mistake at least once: we trust and we are betrayed. (---------------------------------) He that has eyes to see and ears to hear may convince himself that no mortal can keep a secret. If his lips are silent, he chatters with his fingertips; betrayal oozes out of him at every pore. Sigmund Freud (---------------------------------) Amongst the consequences of information leaks, I've personally been the witness of the two following sad things: - Busts. Never forget that there may be people leaking information to the government agencies amongst us. While it's true that most people will unintentionally leak, some of them may be directly working for the gov either because they got busted themselves and had no choice but to cooperate or because they were the enemy from the very beginning. Also one piece of advice, do not make the mistake of assuming that your friends will be mute once caught, we're only human beings. - 0day leaks. Fortunately it happens more often than the previous case. Whenever you see the price of bugs (or of the exploits), you can imagine how much of a temptation it can be to sell them if you are some jackass. But how would the asshole get the information? I came up with a theory. Because of the very nature of our research, I believe that the more innovative/kickass/time-consuming it is, the more likely you will be to share the information with at least someone else. It's just like owning some big secret that you can't share with anyone. Now consider the analogy of a pebble being thrown on the surface of a pond. Each time the pebble hits the surface, waves propagate. If the pebble is the information then the waves are the leak. One strike may induce countless waves: your 0day is condemned to death. Now a personal message for my fellow hackers. If you want to avoid these pinches on your chest when your precious bugs are disclosed, there is only one thing to do: stop crying over your loss and next time shut the fuck up. Nothing else is working, you should know that. This trust must be placed with time. I would also recommend the GPG chain of trust model. It's not flawless (and far from it, believe me) but it may be a good alternative. It will allow you to release the tension of having to always keep things to yourself, and yet doing it in a 'controlled' way... Ego and acknowledgment ---------------------- It usually takes time to be mentally strong. No matter how smart people are, they will have ego issues at some point in their hacking life. The problem is that ego is responsible for the urge for acknowledgment that push people to: - disclose security flaws & exploits - publish and display themselves more than required in conferences - spend time on IRC / ML explaining to the world how cool they are Don't get me wrong, this is not a complaint against disclosure. Some people choose to disclose bugs and/or techniques out of their own free will. This is their choice and I respect that. Now things are different when your mind is fucked because of your increasing ego. Like I said, everyone in our community is fucked at some point in his life, loses common sense and ends up doing stupid things. Of course, I'm no exception as I've done things I'm not proud of years ago. While this ego thing is supposed to be a short period in your life (people grow up), it seems that part of the security circus definitely lost itself. Drugs & alcohol --------------- To tell you the truth I have no real explanation about our insane alcohol consumption. I guess this is just part of the culture. Whenever you see your friends, you have to drink and with time, you'll drink more and more often (though not as much as .pl guys, damned crazy drunken bastards ;>). However while your physical (kidney) tolerance increases with time, the vicious side effect of alcohol will remain: while drunk you will be more likely to leak information. My advice: if you have little control over yourself, do not heavily drink with unknown people. Amongst fellow hackers, most drug users that I know tried many things out of curiosity and a willingness to experiment, which are both part of their hacker nature. They also take drugs to enhance their creativity or their ability to concentrate. As such, drugs may have a positive impact on your hacking. I doubt I will ever see a hacker amongst high level athletes ;-) ~~~~ --( Of the indictment and the witch hunt )-- by The Analog Kid So then what of Phrack Inc.? If not academic or professional in nature, can it be dismissed as merely the mischievous work of hooligans? Certainly the technical expertise and respect the journal has gained within academia and the professional world shows that this work is not easily dismissed as trivial. What of its ethics then? What really is the genre and purpose of Phrack Inc.? On July 23, 1990 the trial of Craig Neidorf, the 19 year old pre-law student who founded Phrack Inc. out of a desire to exercise free speech, began. Neidorf was indicted on 10 felony counts carrying a maximum penalty of 65 years in prison, primarily related to the theft of a proprietary Bell South document claimed to be worth $23,000. After the defense demonstrated that the information Neidorf was accused of stealing could be obtained from Bellcore by calling a 800 number and paying a $13 fee, the government was forced to drop all charges to avoid utter embarrassment [11]. On the surface the actions of Craig Nedorf seemed sinister and criminal in nature. The facts of the case however, showed the below the surface were innocent intentions mislabeled by the institutions of society. Although society may view Phrack Inc. as devious and criminal, what really lies behind the facade is a journal of credible intellectual material that, while coming from a different culture, rivals that of academia. The members of this community all have their own unique experiences and views and we can learn a lot about society and the flow of information by listening to what these people have to say. ~~~ --( So in the end... )-- by Antipeace When I was a child I wanted to be one of them, I wanted to be a hacker. More than two decades later, not only have I finally fulfilled this dream but I have also gathered enough experience to analyze the impact that it has had on my life. Clearly it brought me a lot. Not only have I met the most fascinating people of my life, but it gave me this feeling that no matter how fucked things could be around us, I would always be able to see through it. However living a hacker's life wasn't harmless as I experimented with a few unpleasant things, which even now still have (minor) impacts on my life. Without a doubt, the more you experiment, the stronger you become. That's why I will never regret having chosen this path. I wrote this paper as an anonymous author (ego issues being mostly behind me at the time of writing) with the hope that people interested in the underground culture would read it. I tried to focus on the more interesting points. There is a lot more that could be developed as I only threw a few ideas around, sometimes exclusively mine, sometimes shared by fellow hackers and friends. ~~~ --( A Closing Note )-- by The Analog Kid And so two stories, from two hackers, have been fused in time and presented to you here at Phrack Inc. We hope you learned something about the culture One story was written by a hacker speaking of his own life; the other was a story hoping to analyze the hacker culture, and Phrack's place in discourse, on a large scale. We hope you learned something about who these "hackers" seen in media references are, what they believe, and what drives them. ~~~ --( Acknowledgments )-- by The Analog Kid First I give a tip of the hat to Rutty for teaching me how to write, and still teaching me to write years later. To Roadie for teaching me how to write, skipping town, and never teaching me how to write again. To Bearz for showing me how to work outside the box. And to Ziggy for condensing whole paragraphs of mine into single sentences. :) Without L.A. this paper would have lacked much of its direction, and in fact the W.C. made substantial contributions. Finally, thanks to al1c3_c00p3r for helping me to polish the final product. ~~~ --( Acknowledgments )-- by Antipeace To my friends... Special fuck to kingc0pe and his fellow cockroaches. ~~~ --( References )-- by The Analog Kid [1] Phreak_Accident. (2010, September 21) Phrack World News: Issue XXXI, Part Three. [Online]. Available: http://phrack.org/issues.html?issue=31&id=10#article [2] DH. (2010, September 21) Intro to Phrack 31. [Online]. Available: http://phrack.org/issues.html?issue=31&id=1#article [3] W. Sturgeon. (2010, September 21) Long-lived Hacker Mag Shuts Down. [Online]. Available: http://news.cnet.com/Long-lived-hacker-mag-shuts-down/2100- 7349_3-5783383.html [4] The Circle of Lost Hackers. (2010, September 16) Introduction. [Online]. Available: http://phrack.org/issues.html?issue=66&id=1#article [5] (2010, September 16) Phrack Authors. [Online]. Available: http://phrack.org/authors.html [6] B. Hawkes. (2010, September 19) Linux Compat Vulns (part 2). [Online]. Available: http://sota.gen.nz/compat2/ [7] blackngel. (2010, September 15) Malloc DES-Maleficarum. [Online]. Available: http://phrack.org/issues.html?issue=66&id=10#article [8] (2010, September 18) The Malleus Maleficarum. [Online]. Available: http://www.malleusmaleficarum.org/ [9] L. Highsmith. (2010, September 19) Linux Kernel Heap Tampering Detection. [Online]. Available: http://phrack.org/issues.html?issue=66&id=15#article [10] Graeme. (2010, September 19) Netscreen of the Dead: Developing a Trojaned Firmware for Juniper ScreenOS Platforms. [Online]. Available: http://phrack.org/issues.html?issue=66&id=5#article [11] D. Denning, "The United States Vs. Craig Neidorf: a Debate on Electronic Publishing, Constitutional Rights and Hacking." Communications of the ACM, 1991. [12] M. Foucault, The Foucault Reader, P. Rainbow, Ed. Vintage, 1984. [13] (2010, September 26) Phrack Magazine. [Online]. Available: http://phrack.org/