💾 Archived View for gemini.spam.works › mirrors › textfiles › phreak › PHREAKING › termsdoc.hac captured on 2022-06-12 at 17:48:02.
-=-=-=-=-=-=-
COMPUTER PHREAKING
$$$$$$$$$$$$$$$$$$$
One of the most pressing needs in all
computers systems is computer security.
The penetration of a computer system
can cause devastating losses. These
losses include losses in personal pri-
vacy,equiptment,capability,money,time
and opportunity. monetary losses due to
computer-related crime and who you talk
to. compare this amount to the $50 mil-
lion lost per year due to armed bank
robberies. The trend towards distribu-
ted systems present many new possibili-
es for security and privacy violations.
Computer criminals are becoming more
and more sophisticated and learned in
their practice. According to the FBI,
only about 1% of all computer crimes
are ever discovered, and those discov-
ered,less than 5% leads to convictions.
Failures in some computer systems can
cause world war,economic collapse,
nuclear power plant meltdown,or massive
blackouts! These failures can be caused
by many factors. One major factor is
the purposeful or accidental byproduct
of a computer crime. Computer crimes
average 30 times more $ than others.
Computer crime or"phreaking" as a crime
category is no doubt the most lucrative
and least risky of all crimes category
Little of it is reported on the news,
and those cases reported are generally
the more amateurish attempts.
"PHREAKING" is what a "phreak" does. In
the 1960s, groups of "hippies,""radical
," etc., bored with the middle and
upper class successes of their families
,engaged in wild,daring,and dangerous
activities. These activities included
"ripping-off" (originally a hippie term
) Ma Bell by making free long distance
and pay phone calls,using homebuilt,
handheld Blue and Red boxes,respectiv-
ly. These perpetrators became known as
"PHONE FHREAKS", and later, as "PHREAKS
". Their publication, TAP , founded by
Abbie Hoffman and others,operated from
Room 603 147 w.42nd St. NYC,NY, until
burglarized and burned out in 1983.
As the 1980s arrived, Ma Bell consider-
aly tightened security, and Red and
Blue boxes., phreaking has apparently
leveled off. The primary phone phreak-
ing objective today is credit card
fraud. One lady was recently billed
$109,000 for 15,000+ credit card calls
in one month using her credit card
number, which,apparently, someone had
overheard her say. Ma Bell readjusted
her bill to $47.00!
With the increasing popularity of small
microcomputers,particulary the portable
and transportable kinds,communications
between computers systems using modem/
phone hook-ups have also increased.
Hundreds of computer Bulletins Boards
(BBS) now flourish all over the count-
ry. These permit computerists to use
their computers to post messages and
software accessible by those permitted
to use the BB(which may include the
general public or limited to some type
of club,business or other special arr-
angement).
Most of the computer phone traffic is
legal, but much of it is questionable,
and some clearly illegal. The primary
purpose of some BBs is to transfer
information of mostly illegal appli-
cation, such as credit card numbers,
passwords, copyrighted software, etc.,
and to put people in contact with each
other withe like questionable or ille-
gal intentions. Along with the in-
creased use of BBs to facilitate
criminal activity, is the increased
activity of some people to use this
information, and to develop their own,
to penetrate systems not intended for
their use.
The FBI and other legal authorities,
and Ma Bell security are more closely
scrutinizing the activities of BBs.
BBs have been raided and shut down.
Sting operations have been set up.
Suspected BBs are regularly monitored
while nearly all others are periodi-
cally examined to gain intelligence
on phreakers, and those associated with
underground radical organizations.
The Red and Blue Box Phreaker of
yesterday has evolved into the Compu-
ter Phreaker of today. He is daring,
intelligent and knowledgeable. He may
be reckless, or cool and systematic.
He is generally young, single, white,
male, middle class, secure, highly
intelligent and a good student. The
term, "whiz" is often used to describe
him.
The term "Computer Phreaking" is stead-
ily evolving from misusing a microcom-
puter and Ma Bell to penetrate other
computer systems ala WAR GAMES, to a
generalized term to cover all crimes
in which a computer is programmed to
act as an accomplice. Today, the bulk
of computer phreaking is done by offi-
cers and employees of the Government,
financial institutions, and large cor-
porations for themselves or the insti-
tution which employs them, with little
or no associaion with whiz kids, long
distance phone calls and BBs.
DISCLAIMER: While every attempt has
been made to provide correct and com-
plete information, we do not assume
responsibility for any errors or omis-
sions. We assume no liability whatever
for loss or damage caused directly or
indirectly, or alleged to be caused by
the information found herein. COMPUTER
PHREAKING is printed as is, and is
printed for educational and entertain-
ment purposes only. We do NOT recom-
mend, suggest or encourage any illegal
use of computers.
TERMINOLOGY
The following terms are used here:
ACCOUNT: Refers to savings, checking,
credit, debit, inventory or general
ledger account.
ATM: Automated or Automatic Teller
Machine. A computerized cash dispen-
ser/acceptor used to replace a bank
clerk. One inserts an encoded debit
card into the ATM's slot to initiate
the transaction.
BB: Computer Bulletin Board. Func-
tions similarly to other bulletin
boards except that access is made by
computers via phone/modem hook-ups.
DATA: Data in the generalized sense
to include numerical data, messages and
text. May be raw data or processed
data (information).
EFTS: Electronic Fund Transfer System
A gerneralized term that refers to all
computerized banking operations invol-
ving the communication of financial
information from one point to another.
Although EFTS has come to mean many
diverse electronic automation projects,
it usually denotes ATMs,POSs, Automated
Clearing Houses, and a type of national
banking or money settlement and clear-
ing function.
FILE: A Computer File, which may be a
computer program routine or data file.
A data file is any computer file which
is not a routine of program.
INSTITUTION: Refers to financial
instutions, large corporations, govern-
ment, and other businessess which rely
upon computers.
KEY DATA: Refers to a data file
record descriptor, such as name, ad-
dress, account number, transaction
number(ex. banking, Social Security #,
VA #, etc.), part number, sales iden-
titifier, department number, applicable
discount rate, account number, vendor
identifier, account type, privileges,
activity status, expiration or monthly
closing date, etc.
OS: Computer Operating System- the
master software which manages and
supervises computer operation. A
UTILITY is a program used to perform
frequent operations required by the OS
and-or application programs, such as
spooling, printer dump, file conversion
etc. An APPLICATION PROGRAM is a pro-
gram designed for a specific user
application, such as a game, wordproc-
essor, general ledger, etc.
PAYMENT: Refers to a payroll, divi-
dent, interest, commission, loan, rent,
installment, account deposit, annuity,
pension, disability, welfare, unemploy-
ment compensation, insurance, Social
Security, etc. payment.
PERPETRATOR: Refers to one who
perpetrates an action or crime, and
includes all his accomplices and
accessories.
POS: Point of Sale terminal. An ATM
device used in stores to enter, verify
and debit the cost of purchases.
TARGET: Refers to the person (in the
objective sense) targetted by the com-
puter crime. The target may be a cus-
tomer, client, patron, vendor, contrac-
tor, employee, employer, pensioner,
stockholder, taxpayer, salesman,
patient, welfare recipient, disability
recipient, etc. Usually, Target refers
to the victim, but not always. Depen-
ding upon use, it may refer to an
accomplice, or refer to one who neither
gains nor loses by the crime but whose
participation is required.
TRANSACTION: Refers to the transfer
of money between accounts or between an
account and a person. It also refers
to adding and deleting a data file, or
changing a data file which ultimately
affects the transfer of money.
CRIME-RELATED TERMS
The following terms are defined in con-
text to their relationship to computer
crime.
ACCESS NUMBER: An Access Number is a
secret phone, extension, account or
project number used to access a compu-
ter or program.
AUTHENTICATION PROCEDURES: (See
section on this topic).
BODY SNATCHER: A Body Snatcher is a
program whish takes a file, and auto-
matically creates from it a Mutant. It
may or may not destroy the original and
rename the new one as the original.
BOMB: A Bomb is a program or program
function which fails because of bug(s).
BUG: 1) A program mistake or defect.
2) An electronic surveillance device,
wired or unwired.
BREAKAGE: Breakage is the bleeding-
off of small sums from numerous sources
such as accumulating all the roundoffs
from numerous savings accounts interest
computations. Each data file may lose
less than a penny but, in large banks,
the total breakage losses can amount
to $ Thousands per day.
CANDYMAN: A Candyman is a person who
compromises key computer, accounting
or purchasing personnel to obtain
intelligence critical to computer pene-
tration, usually with bribes of money
or sex.
CHEESEBOX: A Cheesebox is an elec-
tronic device which, upon receipt of
a certain phone number or data sequence
automatically switches a line to an
unauthorized line (perhaps to a Wire-
tap).
CHECKSUM: A Checksum is a sum derived
from a summation check usually without
regard to overflow. Checksums are very
effective in detecting random, natur-
ally caused errors but can be manipu-
lated to not detect fraud errors. To
minimize the probability of manipula-
tion, make the Checksum also depended
upon a key and-or random information.
Two types: 1) STANDARD CYCLIC REDUN-
DANCY CHECK (CRC): The message is
expressed as a polynymial, and is then
divided by a small, fixed polynomial,
"F". The remainder is the CRC. The
CRC is then appended to the transmitted
message. The combined message received
must be evenly divisible by "F" to be
correct. 2) MODULO ARITHMETIC SUM: The
results of a Modulo n operation.
CODE 10: A Code 10 is a procedure
instituted by credit and debit card
issuers to stop fraud. If a merchant
is suspicious of a customer, he calls
the card issuer for "verification."
While on the phone, he says the words
"Code 10." He is automatically hooked-
up to security, which asks him a set of
questions requiring only "yes" and "no"
answers.
COUNTERMEASURE: A Countermeasure is
a defensive technique used to detect,
prevent or expose crime.
CRASH: A Crash is similar to a Bomb
but generally refers to a major OS or
program failure. Also caused by power
failures.
DIVERSION: A Diversion is a secondary
activity used to divert attention away
from a crime or perpetrator. Examples
are staged crashes, program bugs, or
other criminal activity.
EARMARK: An Earmark is a character(s)
(ex. a non-printable character) used to
secretly identify files or data ele-
ments for special treatment. Earmarks
are used for fraud purposes. Earmarks
can also be used as a Countermeasure.
ENCRYPTION SCHEMES: To encrypt data
or text means to encode or encipher it.
Most savvy computer users do not rely
solely upon passwords and complex sign-
on procedures to protect their systems
and software. They can be too easily
guessed or compromised. The data or
text is encoded using a "key" designed
by the encoding scheme. The encoded
or encrypted message is then trans-
mitted. When it is received by an
authorized receiver, a "key" is used to
decode the data or text so that it is
again meaningful. Uncoded or decoded
data is called PLAINTEXT. Encoded
data is called CIPHERTEXT.
GODFATHER or BIG-BROTHER: A God-
father or Big-Brother is a Trojan Horse
which modifies the OS, or a utility
routine or program which performs an OS
function. When it is active, it takes
over the control of certain OS or
utility functions. The controlled
applications or utility program or
routine becomes a Zombie. The primary
illegal purpose of a Godfather is to
modify the function or programs without
changing the code in the programs them-
selves. Thus, the programs will oper-
ate as designed when the Godfather is
absent, but differently when it is pre-
sent. Godfathers can be designed to be
activated or deactivated by user entry
(ex. pressing a certain key combination
). EXAMPLE: A modification of the OS's
printer output routine to intercept
all printer outputs and to screen out
bogus transaction inputs. The OS code
is zapped to add an extra CALL or JUMP
routine(s), which diverts the proces-
sing of printer outputs to the perpe-
trator's Godfather code located else-
where in memory or on disk or tape.
After the Godfather screens out all
bogus transactions, it returns control
back to the OS printer routine to
resume normal processing of output
data.
KEY: A Key is a sequence of charac-
ters, which are combined with data to
change Plaintext to Ciphertext or vice-
versa. Encoded data requires knowledge
of the key to decode. Many encoding
schemes are possible, the most pop-
ular methods use character substitu-
tions, matrix operations, the U.S.
Government's Data Encryption Standard
(DES), or Public Keys.
LAPPING: Lapping is a scheme in which
meticulous record keeping and time
management permits the phreaker to de-
select an existing target while selec-
ting a new one to minimize the risk of
discovery and identification.
LOGIC BOMB: A Logic Bomb is a Trojan
Horse which activates usually at a
certain date or time, and destroys
files, its host program or routine, and
usually itself. An interesting appli-
cation of Logic Bombs are in some com-
mercial software packages. Most people
do not want to spend $ Hundreds for a
program without actually applying it
themselves first. The problem is, once
you lend a program to a potential cus-
tomer to try out, how do you collect
payment for the program if the poten-
tial customer keeps it, and, how do you
guarantee that he won't pirate your
program? You install a Logic Bomb in
the program. After the stolen program
has been run for a certain amount of
time, the program destroys itself.
Once the program is paid for, the
programmer removes or deactivates the
Logic Bomb.
MOLE: A Mole is a spy for another
country, business or agency who infil-
trates an organization to steal natio-
nal security information, trade secrets
strategies, files, money, etc., or to
sabotage or create havoc.
MUTANT: A Mutant is created by a Body
Snatcher, and closely resembles another
file except for a few critical changes.
PASSWORD: A Password is a word or
phrase that must be correctly entered
into the computer for the computer to
allow access to programs and-or data
in the computer. Most computer secur-
ity schemes rely upon more than one
password to protect the system. There
are basically two types of passwords:
A. ACCESS PASSWORDS: Passwords which
level of access is dictated by assigned
Protection Levels or Attributes.
B. UPDATE PASSWORDS: Passwords which
permit the user "Total Privilege" in
the system. "Total Privilege" permits
the user to execute, read, write, re-
name and kill files.
PATCH or ZAP: A Patch is a software
modification, usually by using a
utility (ex. IBM'S SUPERZAP) to change
the actual bytes of program or data
stored on disk, tape or memory. Zaps
are used to implant Trojan Horses, and
to make other file changes.
PIRACY: Piracy is the theft of pro-
prietary software or data. Many com-
puter programmers now use sophisticated
protection schemes, both hardware and
software in nature, to protect their
software from unauthorized duplication.
These techniques, however, are overcome
by computer whizzes just about as fast
as new methods appear, and they prevent
authorized users from making needed
backups in case the original program
is destroyed.
The piracy of data from financial
and government data banks is largely
thwarted by the use of Passwords,
complex Encryption schemes, Security
Codes, Access Numbers, Authentication
procedures, and dedicated lines. Still
the piracy of data is widespread and
increasing. Whatever scheme is devised
by man to thwart penetration can also
be undone by man.
PROTECTION LEVELS or ATTRIBUTES:
Access Passwords are assigned Protec-
tion Levels. These are:
A. EXECUTE: Only permits the user to
execute a program, but not to read a
data file.
B. READ: Permits the user to execute,
AND to read data files.
C. WRITE: Permits the user to exe-
cute, read files, AND to write to data
files.
D. RENAME: Permits the user to exe-
cute, read, write, AND to rename files.
E. KILL or TOTAL PRIVILEGE: Permits
the user to execute, read, write, and
rename files AND to kill files.
Protection Levels are important be-
cause they allow you to assign access
capability based upon the need of the
user. For example, if a shipping clerk
needs to verify that an order was
placed, he should not have the power
to kill customer files.
PUBLIC KEY SYSTEMS: (See section on
this topic).
SCRAMBLER: A Scrambler is a device
which electronically scrambles data,
usually by frequency inversion, frequ-
ency hopping, bandsplitting, or time-
division multiplexing.
SECURITY CODE: A Security Code is an
identifier or combination used to
access a computer or program.
SHAKE or LOSE: To Shake or Lose is to
evade detection.
SILENT ALARM: A Silent Alarm is a
computer system protection scheme that
detects efforts to penetrate a computer
system - particulary trial-and-error
type efforts. Usually at least three
sign-on attempts are permitted before
an alarm is activated. Unknown to the
offender, the program enters a silent
trap or interrupt routine, and a sys-
tem alarm is activated. System and
security personnel, the phone company,
and-or law enforcement personnel are
then notified, usually but not always
immediatly. Also, "entrapment" pro-
cedures are activated to determine who
the offender is, and to record all that
transpires. These usually consist of a
phone trace and-or a "game" in which
the violator is "roped" into playing.
The "game" cleverly probes the perpe-
trator for indentifying information.
Of course, the alarm in not detectable
by the violator. The Milwaukee "414"
group was caught largely due to infor-
mation derived from a Silent Alarm
"game" in a California bank they
penetrated.
SMOE: Surreptious Methods of Entry.
The art of penetrating a computer
system without leaving a clue or evi-
dence.
SOLO ARTIST: A Solo Artist is a soph-
isticated criminal who words by him-
self.
TAP or WIRETAP: A Tap or Wiretap is
an unauthorized monitoring circuit
directly connected to a computer's
communications line.
TRAPDOOR: A Trapdoor is a Trojan
Horse which modifies an OS utility, or
applications program to permit the use
of an unauthorized Master Password(s)
to gain access. This second Password
penetrates by bypassing all other
Passwords and security schemes used
by the System - even after they've
been changed! Trapdoors are often
installed by programmers to ease the
development and troubleshooting of
programs, or to assure access to them
no matter who has them or how they are
used. In WAR GAMES it was the place-
ment of an easily guessed Trapdoor
routine (his son's name was used as the
password) by the eccentric program de-
signer that permitted easy penetration.
TROJAN HORSE: A Trojan horse is a
software routine which is insidiously
implanted in a program or routine.
When a certain combination of events
occur the Trojan Horse routine is
activated and performs a function(s)
alien or contrary to the true inten-
tion of the program. The "programming
events" may include the date, the
amount of time the program is run, a
data entry or combination of data
entries, the calling of a legitimate
routine or combination of routines, or
by certain keyboard entries. The
Trojan Horse is designed to periodi-
cally inspect for these "programming
events", and upon their occurrence,
to launch into special routines. Trojan
Horses are frequently used to defraud.
Examples of Trojan Horses are Logic
Bombs, Trapdoors and Godfathers.
For example, when the targeted com-
bination of programming events occur,
the Trojan Horse in a bank's savings
accounts program activates. It trans-
fers a huge quantity of money to
another account. It then changes or
erases both itself from the program
and the record of to whom the money
was transferred. The money literally
disappears with little or no trace!
Trojan Horses are usually difficult to
detect in program code, and to prevent.
How Destructive can Trojan Horses
be? The type of penetration depicted
in WAR GAMES is virtually impossible.
However, what if the Soviets penetrate
our missile systems and plant Trojan
Horses in the computer programs which
control the launching of our inter-
continental ballistic missiles? When
we try to launch these missiles against
the Soviet Union, the Soviet Trojan
Horses are activated, co-ordinates are
changed, and our missiles destroy our
own cities, or fail to launch! Were
the Korean Airline passengers a victim
of a Soviet Trojan Horse implanted in
the Inertial Guidance computers - the
same type of Inertial Guidance System
used in our jets and missiles??
ZOMBIE: A Zombie is a program con-
trolled by a Godfather.