💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › PHRACK › PHRACK47 captured on 2022-06-12 at 13:58:35.
View Raw
More Information
-=-=-=-=-=-=-
==Phrack Magazine==
Volume Six, Issue Forty-Seven, File 1 of 22
Issue 47 Index
___________________
P H R A C K 4 7
April 15, 1995
___________________
"Mind The Gap"
This issue is late, so is my tax return, but I have a lot of excuses for
both.
Lots of things have happened since last issue. I've been hassled by the
police for publishing Phrack. I've been to the Pyramids at Giza and
the tombs in the Valley of the Kings. I've been to London several times
and met spies from MI5 and GCHQ. I watched almost everyone I know get busted.
I went to check out NORAD and then skiied Breckenridge. And I quit my job
at Dell Computers after almost 3 years.
Unemployment is great. One of the best things about it is sleeping till noon.
On the other hand, one of the worst things about it is that you sleep until
noon. It's been interesting anyway. I've been doing a lot of reading: price
evaluation of the forensic chemistry section of the Sigma Chemicals catalog,
the rantings of Hunter S. Thompson, the amazing cosmetic similarities between
International Design Magazine and Wired, Victor Ostrovsky's Mossad books, every
UNIX book ever written, every book on satellite communications ever written,
and hundreds of magazines ranging from Film Threat to Sys Admin to Monitoring
Times to Seventeen. Lord knows what I'll do with this newfound wealth of
information.
Anyway, amongst all this, I've been trying to get things organized for
Summercon this June 2,3,4 in Atlanta Georgia. One of the other factors in
the delay of Phrack was the hotel contract, so I could include full conference
details in this issue. By the way, you are all invited.
Wait a minute, someone said something about busts? Yes. There were busts.
Lots of them. Raids upon raids upon raids. Some local, some federal. Some
Justice, some Treasury. You probably haven't read of any of these raids,
nor will you, but they happened. It has always been my policy not to
report on any busts that have not gained media coverage elsewhere, so
I'm not going to go into any details. Just rest somewhat assured that
if you haven't been raided by now, then you probably won't be. (At least
not due to these particular investigations.)
People, if we all just followed one simple rule none of us would ever
have any problems: DO NOT HACK ANYTHING IN YOUR OWN COUNTRY. If you are
German, don't hack Germany! If you are Danish, don't hack Denmark! If you
are Australian, don't hack Australia! IF YOU ARE AMERICAN, DON'T HACK
AMERICA!
The last controversy surrounding this issue came at the last possible
second. In the several years that I've been publishing Phrack, we've
revieved all kinds of files, but remarkably, I've never really recieved
any "anarchy" files. However, in the last several months I've been inundated
with files about making bombs. There were so many coming in, that I really
couldn't ignore them. Some of them were pretty damn good too. So I figured,
I'll put several of them together and put in ONE anarchy file as a kind of
tongue-in-cheek look at the kind of stupidity we have floating around
in the underground.
Then the bomb went off in Oklahoma City.
Then Unabomb struck again.
Then the politicos of the world started spouting off about giving the
federal law enforcement types carte blanche to surveil and detain people
who do things that they don't like, especially with regards to terrorist
like activites.
Normally, I don't really give a damn about possible reprocussions of my
writing, but given the political climate of the day, I decided that
it would really be stupid for me to print these files. I mean,
one was REAL good, and obviously written by someone who learned "British"
English in a non English-speaking country. I mentioned my concerns to
an individual who works with the FBI's counter-terrorism group, and was
told that printing the file would probably be the stupidest thing I could
possibly do in my entire life...PERIOD.
So the file is nixed. I really feel like I'm betraying myself and my
readership, for giving into the underlying political climate of the day, and
falling prey to a kind of prior-restraint, but I really don't need the grief.
I'm on enough lists as it is, so I really don't need to be the focus of
some multi-jurisdictional task-force on terrorism because I published
a file on how to make a pipe bomb over the Internet. (Hell, I'm now even
on the Customs Department's list of ne'er-do-wells since someone from Europe
thought it would be funny to send me some kind of bestiality magazine
which was siezed. Thanks a lot, asshole, whoever you are.) Obviously, the
media think the net is some kind of hotbed for bomb-making info, so I'm
usually the first to satisfy their most warped yellow-journalistic
fantasies, but not this time.
I really hate what I see coming because of the mess in Oklahoma. If
the American government does what I suspect, we will be seeing
a major conservative backlash, a resurgence of Hoover-esque power in the
FBI, constitutional amendments to limit free speech, and a bad time
for everyone, especially known-dissenters and suspicious folk like
yours truly. Be very afraid. I am.
But anyway, enough of my rambling, here is Issue 47.
-------------------------------------------------------------------------
READ THE FOLLOWING
IMPORTANT REGISTRATION INFORMATION
Corporate/Institutional/Government: If you are a business,
institution or government agency, or otherwise employed by,
contracted to or providing any consultation relating to computers,
telecommunications or security of any kind to such an entity, this
information pertains to you.
You are instructed to read this agreement and comply with its
terms and immediately destroy any copies of this publication
existing in your possession (electronic or otherwise) until
such a time as you have fulfilled your registration requirements.
A form to request registration agreements is provided
at the end of this file. Cost is $100.00 US per user for
subscription registration. Cost of multi-user licenses will be
negotiated on a site-by-site basis.
Individual User: If you are an individual end user whose use
is not on behalf of a business, organization or government
agency, you may read and possess copies of Phrack Magazine
free of charge. You may also distribute this magazine freely
to any other such hobbyist or computer service provided for
similar hobbyists. If you are unsure of your qualifications
as an individual user, please contact us as we do not wish to
withhold Phrack from anyone whose occupations are not in conflict
with our readership.
_______________________________________________________________
Phrack Magazine corporate/institutional/government agreement
Notice to users ("Company"): READ THE FOLLOWING LEGAL
AGREEMENT. Company's use and/or possession of this Magazine is
conditioned upon compliance by company with the terms of this
agreement. Any continued use or possession of this Magazine is
conditioned upon payment by company of the negotiated fee
specified in a letter of confirmation from Phrack Magazine.
This magazine may not be distributed by Company to any
outside corporation, organization or government agency. This
agreement authorizes Company to use and possess the number of copies
described in the confirmation letter from Phrack Magazine and for which
Company has paid Phrack Magazine the negotiated agreement fee. If
the confirmation letter from Phrack Magazine indicates that Company's
agreement is "Corporate-Wide", this agreement will be deemed to cover
copies duplicated and distributed by Company for use by any additional
employees of Company during the Term, at no additional charge. This
agreement will remain in effect for one year from the date of the
confirmation letter from Phrack Magazine authorizing such continued use
or such other period as is stated in the confirmation letter (the "Term").
If Company does not obtain a confirmation letter and pay the applicable
agreement fee, Company is in violation of applicable US Copyright laws.
This Magazine is protected by United States copyright laws and
international treaty provisions. Company acknowledges that no title to
the intellectual property in the Magazine is transferred to Company.
Company further acknowledges that full ownership rights to the Magazine
will remain the exclusive property of Phrack Magazine and Company will
not acquire any rights to the Magazine except as expressly set
forth in this agreement. Company agrees that any copies of the
Magazine made by Company will contain the same proprietary
notices which appear in this document.
In the event of invalidity of any provision of this agreement,
the parties agree that such invalidity shall not affect the validity
of the remaining portions of this agreement.
In no event shall Phrack Magazine be liable for consequential, incidental
or indirect damages of any kind arising out of the delivery, performance or
use of the information contained within the copy of this magazine, even
if Phrack Magazine has been advised of the possibility of such damages.
In no event will Phrack Magazine's liability for any claim, whether in
contract, tort, or any other theory of liability, exceed the agreement fee
paid by Company.
This Agreement will be governed by the laws of the State of Texas
as they are applied to agreements to be entered into and to be performed
entirely within Texas. The United Nations Convention on Contracts for
the International Sale of Goods is specifically disclaimed.
This Agreement together with any Phrack Magazine
confirmation letter constitute the entire agreement between
Company and Phrack Magazine which supersedes any prior agreement,
including any prior agreement from Phrack Magazine, or understanding,
whether written or oral, relating to the subject matter of this
Agreement. The terms and conditions of this Agreement shall
apply to all orders submitted to Phrack Magazine and shall supersede any
different or additional terms on purchase orders from Company.
_________________________________________________________________
REGISTRATION INFORMATION REQUEST FORM
We have approximately __________ users.
Enclosed is $________
We desire Phrack Magazine distributed by (Choose one):
Electronic Mail: _________
Hard Copy: _________
Diskette: _________ (Include size & computer format)
Name:_______________________________ Dept:____________________
Company:_______________________________________________________
Address:_______________________________________________________
_______________________________________________________________
City/State/Province:___________________________________________
Country/Postal Code:___________________________________________
Telephone:____________________ Fax:__________________________
Send to:
Phrack Magazine
603 W. 13th #1A-278
Austin, TX 78701
-----------------------------------------------------------------------------
Enjoy the magazine. It is for and by the hacking community. Period.
Editor-In-Chief : Erik Bloodaxe (aka Chris Goggans)
3L33t : No One
News : Datastream Cowboy
Busted : Kevin Mitnick
Busty : Letha Weapons
Photography : The Man
New Subscribers : The Mafia
Prison Consultant : Co / Dec
James Bond : Pierce Brosnan
The Man With the
Golden Gums : Corrupt
Good Single/Bad Album : Traci Lords
Thanks To : Voyager, Grayareas, Count Zero, Loq, J. Barr,
Onkel Ditmeyer, Treason, Armitage, Substance,
David @ American Hacker/Scrambling News Magazine,
Dr. B0B, Xxxx Xxxxxxxx
Special Thanks To : Everyone for being patient
Kiss My Ass Goodbye : Dell Computer Corporation
Phrack Magazine V. 6, #47, April, 15 1995. ISSN 1068-1035
Contents Copyright (C) 1995 Phrack Magazine, all rights reserved.
Nothing may be reproduced in whole or in part without written
permission of the Editor-In-Chief. Phrack Magazine is made available
quarterly to the amateur computer hobbyist free of charge. Any
corporate, government, legal, or otherwise commercial usage or
possession (electronic or otherwise) is strictly prohibited without
prior registration, and is in violation of applicable US Copyright laws.
To subscribe, send email to phrack@well.sf.ca.us and ask to be added to
the list.
Phrack Magazine
603 W. 13th #1A-278 (Phrack Mailing Address)
Austin, TX 78701
ftp.fc.net (Phrack FTP Site)
/pub/phrack
http://www.fc.net/phrack.html (Phrack WWW Home Page)
phrack@well.sf.ca.us (Phrack E-mail Address)
or phrackmag on America Online
Submissions to the above email address may be encrypted
with the following key : (Not that we use PGP or encourage its
use or anything. Heavens no. That would be politically-incorrect.
Maybe someone else is decrypting our mail for us on another machine
that isn't used for Phrack publication. Yeah, that's it. :) )
- * ENCRYPTED SUBSCRIPTION REQUESTS WILL BE IGNORED **
Phrack goes out plaintext...you certainly can subscribe in plaintext.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6
mQCNAizMHvgAAAEEAJuIW5snS6e567/34+nkSA9cn2BHFIJLfBm3m0EYHFLB0wEP
Y/CIJ5NfcP00R+7AteFgFIhu9NrKNJtrq0ZMAOmiqUWkSzSRLpwecFso8QvBB+yk
Dk9BF57GftqM5zesJHqO9hjUlVlnRqYFT49vcMFTvT7krR9Gj6R4oxgb1CldAAUR
tBRwaHJhY2tAd2VsbC5zZi5jYS51cw==
=evjv
-----END PGP PUBLIC KEY BLOCK-----
-= Phrack 47 =-
Table Of Contents
~~~~~~~~~~~~~~~~~
1. Introduction by The Editor 16 K
2. Phrack Loopback / Editorial 52 K
3. Line Noise 59 K
4. Line Noise 65 K
5. The #hack FAQ (Part 1) by Voyager 39 K
6. The #hack FAQ (Part 2) by Voyager 38 K
7. The #hack FAQ (Part 3) by Voyager 51 K
8. The #hack FAQ (Part 4) by Voyager 47 K
9. DEFCon Information 28 K
10. HoHoCon by Netta Gilboa 30 K
11. HoHoCon by Count Zero 33 K
12. HoHo Miscellany by Various Sources 33 K
13. An Overview of Prepaid Calling Cards by Treason 29 K
14. The Glenayre GL3000 Paging and Voice Retrieval System by Armitage 25 K
15. Complete Guide to Hacking Meridian Voice Mail by Substance 10 K
16. DBS Primer from American Hacker Magazine 45 K
17. Your New Windows Background (Part 1) by The Man 39 K
18. Your New Windows Background (Part 2) by The Man 46 K
19. A Guide To British Telecom's Caller ID Service by Dr. B0B 31 K
20. A Day in The Life of a Warez Broker by Xxxx Xxxxxxxx 13 K
21. International Scenes by Various Sources 39 K
22. Phrack World News by Datastream Cowboy 38 K
Total: 807 K
_______________________________________________________________________________
"Raving changed my life. I've learned how to release my energy blockages.
I've been up for forty-eight hours!"
John Draper (Capn' Crunch) in High Times, February 1995
"You never know, out in California, all them Cuckoo-heads."
Brad Pitt as Early in "Kalifornia"
"On the Internet you can have the experience of being jostled by a
urine-smelling bum."
Bill Maher - Politically Incorrect
==Phrack Magazine==
Volume Six, Issue Forty-Seven, File 2 of 22
- ****************************************************************************
Phrack Loopback
-----------------------------------------------------------------------------
G'Day,
You dont know who i am, and i appreciated that but i hope your read my little
note here and take it into consideration.
Ive been into the Australian Hacking Scene (if there is such a thing :-)
for only about 2years, but recenlty opened a h/p bbs here in Australia.
What i am writing and asking is if it is possilbe to place kinda an add of
some description in the next issue of phrack, something to the lines of:-
H/P bbs recently opened in Australia - JeSteRs BBS +61-7-ASK-AROUND
If your looking for some form of donation $ just let me know, if your
wondering is his guy a fed or something, mail DATA KING and speak to him, he
was one of the bbs first users and as you know he has written in the Int
Scene for the last too issues, but wont be in Issue #47 or i would have asked
him to place the advertisment in this report.
Regards, Jesta
[Cool! Nice to see there's BBSs still popping up overseas. It would be
nice if I had the number...hell, I'd even call... but oh well,
I suppose I (and all the Phrack readers) will just have to "ASK-AROUND"]
-----------------------------------------------------------------------------
Hi Erikb,
Last week you said you'd accept a bbs ad .. well here it is.
If you'd publish it in phrack i'd be most grateful!
A Gnu BBS!
1000's h/p Related texts
Phrack, CoTNo, B0W, cDc, NiA, CuD, Risks,Sphear,SCAM!,NeuroCactus
Conferences covering Unix/VMS/System Security/Phreaking
And absolutely no mention of "The Information Super Highway" anywhere!
+617-855-2923
tnx,
badbird
[I said I'd print the ad...and now I have.]
-----------------------------------------------------------------------------
ATTN: ALL COMPUTER WHIZ KIDZ..... I DESPARATELY NEED YOUR HELP!!!
Retired R.C.M.P officer formerly involved with priority levels of
electronic surveillance has informed me that my residential telephone
appears to have been compromised at a point other than inside or
immediately outside my residence.
After an intensive evaluation of the premises his conclusion was that
remote manipulation of the telephone company switch where my circuit
could be victim was the problem.
The main focus of this exercise is to show how one can infiltrate a
telephone company's network; remotely manipulate the company's switch;
process long distance calling;make it appear that the calls originated
from a particular site and then "fooling" the company's billing
mechanisms to invoice that particular location.
Is this physically possible? Bell Canada categorically denies this
possibility. I need proof! How is it done?
Please advise as soon as possible.
I'd sincerely appreciate any help, advise and/or information anyone out
there can offer in this particular situation.
Please leave a way to get in touch! If you prefer to remain unknown,
thanks a million, and rest assured that I WILL RESPECT and PROTECT you
anonimity.
Regards,
John P. Marinelli jmarinel@freenet.niagara.com
[My take on this is that with relative ease, someone could establish
call forwarding on a line, make it active to some remote location, and
call the original number numerous times, causing the owner of the
hacked line to be billed for all the calls to the forwarded location.
If anyone knows how to do this, STEP BY STEP on a DMS-100, please,
contact Mr. Marinelli to help him out with his court case. I don't
know a whole lot about NT equipment, so I don't know the
specifics of how this may have happened, only the generalities.
Wouldn't it be nice to have the Underground "HELP" someone out
for a change?]
-----------------------------------------------------------------------------
y0, Black Flag here... heres the info you told me to mail you about the
GRaP/H (Gainesville Regional Association of Phreakers and Hackers) meetingz
Gainesville, FL
1st + 3rd Saturday of the month, 4pm - ???
meet in The Loop on 13th Street
Black Flag will be casually carrying a 2600
look around, you'll see him.
[Well, looks like the Florida Hackers have a new place to congregate.
And so do the Florida FBI Field Offices. :) ]
-----------------------------------------------------------------------------
I was wondering where I could find any virus authoring tools for the PC,
Unix, or VMS.
[You can find Nowhere Man's Virus Creation ToolKit on BBSs around the
globe. Have you looked??? I've never heard of UNIX or VMS virus tools.
Do you know something I don't? Do you know how a virus works? ]
-----------------------------------------------------------------------------
Chris, found something you might like. Here's an ad from the latest
PHOENIX SYSTEMS catalog:
THE CALLER ID BLOCKER FIRST TIME AVAILABLE IN THE U.S.
By April, 1995 all telephone companies must deliver callers name and
telephone number to the caller ID system. The law prohibits any telephone
company from offering customers an option to permanently disable their line
from the ID system.
This means that even if you have an unlisted number, everyone you call will
now have your telephone number and name. Big brother is now one watching,
now he has your name and number. No more anonymous calls to the IRS, city
hall, real estate agents, car dealers, health department or anyone. Many
business professionals use their home telephone to return calls. Do you
want your patients and clients to have access to your home telephone number?
We are proud to bring you the unique ANONYMOUS 100. It installs on any
telephone in seconds and completely KILLS THE EFFECTS OF "CALLER ID"! Yes,
you can have your privacy back. The ANONYMOUS 100 is FCC approved and
carries a one year guarantee.
#1276...............................................................$69.95
Is it just me, or is this a load of bullshit? Didn't CA and TX both pass
laws to make CLID illegal in those states? I know that before MA would
allow it in the state, they told the telco that line blocking had to be
offered free (and it is, on per/call and permanent basis). Did the feds
pass this new law while I was sleeping, or is this company just playing on
paranoia (not the first time) and trying to make a buck?
Eric
[Well Eric, it looks to me that this is a nifty little box that waits for
voltage drop and immediately dials *67 before giving you a dialtone.
Woo Woo! $69.95! It certainly is worth that to me to not have to dial
3 digits before I make a call. All that wear and tear ruins the
fingers for typing. PFFFT....
About Caller-ID, well, it's legal just about every place I know of.
I'm sure there are a feel hold-outs, but offering per-line blocking for
individuals worried about privacy satisfied most Public Utility
Commissions. In fact, I think April 1 was the date that all Interconnects
were supposed to be upgraded to support the transfer of CLID information
over long distance calls. I don't think this has been turned on everywhere,
but the software is supposed to be in place.
*67. Don't dial from home without it.]
-----------------------------------------------------------------------------
This message serves a multifold purpose:
(these response/comments are in referance to Phrack Issue 46 - Sept 20 1994)
A)
A question was brought up concerning a Moterola Flip Phone and the user
inability to gain access to the programing documentation. I happen to
own (legally) a Motorola Flip Phone that I will assume to be the same and
I was not given the documentation either, though I have not tried asking
for it. I will call Motorola and ask for *my* rightful copy and foreward
my results (if I gain access) to phrack for proper distribution amoung
appropriate channels. If I do not gain access, I would appriciate to
hear from anyone who has (this should not be limited to simply the M.
Flip Phone, I have interests in all areas).
B)
Later in that issue (Sept 20, 1994) a list of university and colege
dialups were provided... I live in the 218/701 (right on the border) and
have a collection of them for addition to the list if you (or anyone
else) should so desire. I would post them now, but I have limited time
and have to dig to find them. I also have some numbers that some readers
may find of interest.
C)
My living in the 218/701 is the main reason for my writting. I used to
live 612 and knew a lot of people in the area, but now I am stuck here in
a little shit town (pop. 7000) where the cloest thing to a computer is
made by John Deere. I need to find someone in the 218 or 701 to work
with or meet... if you know anyone...??? The closest BBS is long
distance and even then it's crap... I would like to start my own, but who
the fuck would call? Who the fuck would I invite? My old H/P friends in
612 would, but I don't need the heat as they would all go through 950's
or some other method... I think you understand.
any help would be greatly appreciated By the way I could also use some
218/701 ANAC or CN/A... any help here?
Aesop
[In order:
a) Good luck with Moto. You'll need it.
b) Yes, I really still need your university dialups. Issue 48 will
have a much more complete list (I hope!)
c) If anyone knows any bbs'es in those area codes, please send
them in so I can pass along the info.
Other) For CNA information, just call your business office. They ALWAYS
help. Especially if you mention that CNA didn't have a current
record. :) ]
-----------------------------------------------------------------------------
To whom it may concern at phrack, I would like to subscribe to Phrack. I
didn't use PGP because :-
i. I never had any real need to
ii. I came across the document below while dinking around with gopher. I
would pretty much guess phrack knows about it already. If you do know about
it, could you tell me another way to ensure my mail privacy?
Thank you.
Xombi.
---------------------BEGIN E-MAIL DOCUMENT---------------------
This section is from the document '/email-lists/Funny'.
A lot of people think that PGP encryption is unbreakable and that the
NSA/FBI/CIA/MJ12 cannot read their mail. This is wrong, and it can be a
deadly mistake. In Idaho, a left-wing activist by the name of Craig Steingold
was arrested _one day_ before he and others wee to stage a protest at
government buildings; the police had a copy of a message sent by Steingold
to another activist, a message which had been encrypted with PGP and sent
through E-mail.
Since version 2.1, PGP ("Pretty Good Privacy") has been rigged to
allow the NSA to easily break encoded messages. Early in 1992, the author,
Paul Zimmerman, was arrested by Government agents. He was told that he
would be set up for trafficking narcotics unless he complied. The Government
agency's demands were simple: He was to put a virtually undetectable
trapdoor, designed by the NSA, into all future releases of PGP, and to
tell no-one.
After reading this, you may think of using an earlier version of
PGP. However, any version found on an FTP site or bulletin board has been
doctored. Only use copies acquired before 1992, and do NOT use a recent
compiler to compile them. Virtually ALL popular compilers have been
modified to insert the trapdoor (consisting of a few trivial changes) into
any version of PGP prior to 2.1. Members of the boards of Novell, Microsoft,
Borland, AT&T and other companies were persuaded into giving the order for
the modification (each ot these companies' boards contains at least one
Trilateral Commission member or Bilderberg Committee attendant).
It took the agency more to modify GNU C, but eventually they did it.
The Free Software Foundation was threatened with "an IRS investigation",
in other words, with being forced out of business, unless they complied. The
result is that all versions of GCC on the FTP sites and all versions above
2.2.3, contain code to modify PGP and insert the trapdoor. Recompiling GCC
with itself will not help; the code is inserted by the compiler into
itself. Recompiling with another compiler may help, as long as the compiler
is older than from 1992.
[Well, uh, gee, I think the fact that this document came from
/email-lists/Funny speaks for itself. I'm satisfied with PGP
for security, but then again, I don't have a lot of information that
I'm so petrified that I need to keep it encrypted, or that I send
out in email that I don't care if anyone sees.
To put aside some of your fears, I personally feel that PGP is ok.
If the trilateral commission wants your info, they will beat it out
of you with sticks, with the help of several multi-jurisdictional
task-forces for Federal law enforcement, while you are under the influence
of incredibly terrifying and long-lasting hallucinogenic drugs.
Don't worry.]
-----------------------------------------------------------------------------
Here is a BBS Ad for your next issue:
BBS Name: The King's Domain
Sysop: Ex-Nihilo
Speeds: 1200-14,400
BBS Type: Remote Access 2.02+
Phone #: 208-466-1679
THe BBS has a good selction of "Hood" files... (hacking/phreaking/anarchy)
journals such as cDc, Phrack, ATI and more... also a good selection of
BBS files which include Doors and Utilities... primarily RA accessories,
but not exclusively... supports rip graphics and is online 24 hrs a day
[Yet another ad! Is this the rebirth of BBS-dom?]
-----------------------------------------------------------------------------
[Editor's Note: I got a letter asking me about how to credit card
merchandise. I replied that I didn't agree with carding, and that
if the reader really wanted something, he/she should get a job and buy it.
This is the response I got.]
What the fuck? All I wanted was a fucking decent reply. Get a job, huh?
You know, I thought if you were to talk to one of these supposed
"computer hackers" you could get some usefull information. Get a job, that
rich coming from someone like you.
When there's something you want...take it...without using your money.
Maybe sometime I'll be able to takl to a hacker not some fucking
hypocritical computer geek
[Editor's Note: I replied to this letter by stating that carding had nothing
to do with hacking, that it was out and out stealing, and although
we had published articles about it in Phrack, I wasn't going to help anyone
do it, and that he/she should try to contact the authors of various
carding articles directly. This is the response that got.]
Come on now "Chris", you can do better than that, can't you?
Stealing? Who's the thief here, eh? See, when I wake up in the morning,
I don't have to worry about secret service, police, or any sort
of military shit being in my apartment. I don't get busted for doing stupid
things like stealing phone calls off fucking 900 numbers. I think I
know exactly why you don't card anything - because you're too fucking stupid
or don't even have the balls to do it. Fuck, you'd expect someone like
yourself to have different views about being a thief. Well, I guess it
takes a certain kind of person to hack into shit like you, but why this
person would start flame wars and otherwise just be a total fuckup, I don't
know. Or, maybe it's just the singular person I'm talking too, yeah, that's
probably i...there probably are other, BETTER, hackers who aren't as
fucking arrogant as you.
Well, have fun with your hands and PLAYGIRL's, you fucking little punk-ass
faggot.
And tell your mother that I won't let this affect our relationship.
Punk
aj276@freenet3.carleton.ca
[This is the future of the computer underground??]
-----------------------------------------------------------------------------
BBS AD:
System is called CyberSphincter (playing off of the current word trend of
cyber). The number is 717-788-7435. The NUP is 0-DAY-WAR3Z!!!
Modem speeds of 14.4 and lower, with no ANSI. Sysop is Ha Ha Ha.
It's running renegade (we know it can be hacked and I've done it already),
but we seem to believe in honor among thieves, so try to control yourself on
that.
-=strata=-
[ANOTHER AD!]
-----------------------------------------------------------------------------
Hey Erik B...
I'm the remote sysop at the Digital Fallou BBS in 516. Just recently,
we've been getting a rash of ld callers. A day or two ago, a guy with
the handle "Digi-Hacker" applied. His application looked good, execpt that
he stated his alter handle was "Eric Bloodaxe" and that he was the editor
of Phrack. Now, any lame ass could just "say" that, and we don't want any
liars on board. :) So we decided to go right to you thru email. Did you
apply? If so, cool. If this isn't you, that guy is gonna most assuredly
be deleted..
[Well, I hate to say it, but I don't have time to do much of anything
anymore. I certainly don't call bbses with any regularity. I
do have accounts on SECTEC and UPT, but that's it. I may call some
in the future, but for the most part I don't have any time. If someone
calls up a bulletin board and applies as "Erik Bloodaxe" it isn't me.
(Anyone saying they are Eric Bloodaxe MOST CERTAINLY isn't me. :) )
Anyone running BBSes may want to take note of this, so they don't get
swindled into giving "elite" access to some pretender. You can
always email phrack@well.com and ask me if I have applied to your
bbs. ]
-----------------------------------------------------------------------------
Chris,
I know you don't know me, but I figured you of all people could help me,
and give me an answer quickly.
I just got my phone bill, and on the last page is a page from some
company calling themselves Long Distance Billing Co., Inc. It has
one call "Billed on behalf of Northstar Communication" It is a call from
somewhere in FL, for 13 minutes, costing 51.87. I called LD Inc, and they
said the call was a collect call made from Northstar Comm, and that
my only recourse was to write a letter to Northstar. Needless to say, I
did not accept the collect call, I don't know anyone in 813. I called
NYNEX, and they said I should write to Northstar and LD INC, but didn't
seem to know anything about either company. They guy I talked to said it
was real strange that LD INC didn't give me a number to call at
Northstar, since most of this type of thing is handled by phone. I'm
beginning to wonder exactly how relieable this LD INC company is, who
Northstar is, and most of all who called and how the hell the call was
supposedly accepted by my phone. This is all the info I know:
BILLED ON BEHALF OF NORTHSTAR COMMUNICATION
1. SEP 18 923PM COL CLEARWATER FL 813-524-5111 NC 13:00 51.87
--From my phone bill
Northstar Communication
3665 East Bay Drive
Suite 204-192
Largo, FL 34641
--From LD INC
Long Distance Billing Co., Inc.
1-800-748-4309
--From NYNE phone bill.
If you can think of anything I can do, I;d be really greatful. I don't
have $50 to throw away on a call I never got, and I don't have the
resources you do to try and figure out who the hell these people are.
[It looks to me like you got fucked by someone in Florida using a COCOT
payphone. It's kind of odd that NYNEX couldn't help you more...but anyway,
I wouldn't pay it.
What I suspect happened was that somsone used one of those handy COCOT
services where the operators are incredibly stupid and allow calls
to be accepted when the "calling party" says "YES" to allow a 3rd party or
collect call, rather than the party being called. This happened to me at
my previous work extension by New Yorkers using the ENCORE service (even
though all our lines were listed to refuse 3rd party and collect calls.)]
-----------------------------------------------------------------------------
I've been having some trouble with the law, so all my notes are stashed at
a friend's casa at the moment. Can you recommend a good lawyer to defend me
for allegedly hacking some government computers? I've got a good crim def
guy working with me right now assisting me guring questioning from Special
Agents, but I will need someone that has experience if I get indicted.
[If you are facing computer crime charges, you are definately in
a world of hurt. There are very few computer crime-savvy lawyers
practicing in the World. The only thing I can suggest is that
you call EFF, CPSR or EPIC and ask them if they know of any
lawyers in your area that they can refer you to. None of these
groups will help you directly, except under EXTREME circumstances, and
only if you have been falsely accused, or have had rights violated.
If you are guilty, and the cops have any evidence, you are going to be
convicted.
Remember Baretta? "If you can't do the time, then don't do the crime."]
-----------------------------------------------------------------------------
Dear Chris,
You probably don't remember me, but we corresponded about 3 years
ago as part of my PhD research. I was at Edinburgh University
at the time and am not at UMIST in Manchester (British equivalent of MIT).
The reson I'm writing is that I was awarded my PhD last March, and for one
reason and another I've been sidetracked into a completely different field
of research - the British National Health Service and the various ways
computers are being used in it.
I tried getting a publisher interested in the thesis, but with little luck.
I also sent it to Jim and Gordon at CuD on disk for them to stick it on
archive, but they had problems with the formatting of it and don't seem to
have got round to archiving i.
If you're interested I'd be quite happy to send a couple of disks to you
and you can spread it around as you want. It just seems a shame for the people
on the net not to get a look at it. It's dressed up in airy-fairy sociological
language - but there's still lots in it that I think would be of interest to
people on the net. I saw your interview in CuD, and I agree with you about
most of the books written on the CU. Mine has its faults but it's got less
biographical data and more issue-oriented stuff.
Anyway, get in touch and let me know if I can find a good home for my magnum
opus.
Take care and a belated thanks for all the time you spent in helping me with
the PhD.
Best Wishes,
Paul Taylor
School of Management
UMIST
[Paul:
Congrats on your PHD, and continued success at UMIST!
I'm putting your thesis up on the Phrack WWW page so that more
people can get a look at it!
Thanks for sending it!]
-----------------------------------------------------------------------------
I read your article on hacking the French among other foreign governments.
Sounds pretty fun, just for kicks the other night I did a search of all the
computers I could get at in China. One of them was a national power grid
computer. Sounds like it could be fun to play with huh? The "They Might Kill
Us" part will tend to turn some people off, but not me.
[WOW! A National Power Grid Computer! In China! Gee. How many times
have you seen Sneakers? Take the tape out of your VCR, slowly run
a rare-earth magnet over it and set it on fire.
On the other hand, if you were at least partally serious about the
hacking for America, keep your eyes open.]
-----------------------------------------------------------------------------
Erikb,
Regarding your article in Phrack 46, we here in Columbus would
just like to say that everything except for the Krack Baby's phone number,
which long since went down, and the Free Net template, is total and utter
bullshit. The Columbus 2600 meetings were NOT started by Fungal Mutoid, he
is just responsible for a much larger turnout since about September (94), and
whoever wrote that has obviously not been to a Columbus meeting recently.
The Columbus 2600's have been here for quite a while, but bacause the H/P
scene consists of 15 people AT THE MOST, many of which haven't the time to
attend, the turnout is almost always low. I believe the most that have ever
shown up to a meeting is 10, which dwindled to 8 or so before the
meeting was officially half-over. Nobody knows who wrote the article which
you printed, although no one has been able to contact Fungal Mutoid to ask him.
Just thought we'd clear a few things up, and to those that don't give two
flying shits, we're sorry to have to bring this into a E-mag as great as
this.
Sincerely,
H.P. Hovercraft and
the Columbus H/P Gang
[Thanks for the letter. Like I always say, I can only report and print what
I'm told or what is sent to me. I don't live anywhere but Austin, TX, so
I don't know the intimacies of other areas. Thanks for sending in your
comments though!]
-----------------------------------------------------------------------------
Haiku
Operator hi
who is it that sets my phone
on redial and tone
gives me rest in times
great stress lays its head on my
leads me into joy
cosmos and mizar
give evidence and homage
to your greatness, why
logon/password
on your very first try shall
succeed, as always
oh, A T and T
while great, holds non to the great
power that NYNEX
gives access to in
glee, awaitnig, cautiously,
for signs of entry
illicitly thus
strives to maintain control of
the ESS switch,
not comprehending
that control is simply gained
by a single call
to some stupid yet
revered operator who
believes you in charge
gives out system pass
with some small feat of trick'ry
PAD to PAD, too, works
sounding of the baud
with modem and coupler
connection is made
who is to question
the incidence of this fault
or acknowledge it
security's words
false threats followed by arrest
on illegal grounds
hackers, phreakers grieve
free the unjustly accused
give them freedom to
ROAM with cellular
phones place to place with no charge
test the system's worth
find holes, detect bugs
run systems by remote, yea,
to explore, to seek,
to find a network
of free bits and bytes unharmed--
innocently seen.
who doesn't know that
Bell or Sprint or MCI
would never approve--
believe in 'puter crime,
toll fraud, "access devices,"
free calls to Denmark
Information is
power is imperative
proprietary
please, spare me the grief
accusations being thrown
of phone co. crashes
are fiction unleashed
to the ignorant public
eye to make blame, fear
all phr/ackers, but all
have had their days and faded
into the past, why
must ignorant block
the free flow of knowledge found
angry sysops abound
secret service rais
hoisting games, computers, phones
never to be re-
turned hackers, phreakers
working for government, spies,
lies, deception, all
to walk free while friends
spend years in jail for simply
battling for some change
knowledge is NOT free
equipment costing milliions,
simply cannot pay
the cost for systems
of signal switching; no on e
wants to harm, just try
to use our knowledge
in a constructive way and
look around for things
which further know-how
of packet switching, ANI,
proctor tests and tones
which make little sense
and why is it there, what are
all the test lines for?
central office trash
provides some clues, while phone calls
get angry response
to inquiries re:
loops and lack of barriers,
COCOT carriers
who overcharge cause
frustraton, must be helped
end overbilling
unfairness is only
people not understanding
nor comprehending
that what we do is
NOT always fraud, vengeance or
deceitful reasons
bu for love of the
systems, curiosity's
overwhealming need
to be met and to
feel accomplished, proud, to
do and know something
WELL crackers abound
pirates do multiply, spread
wavez of warez cross coasts
and foreign countries
virus creators seeking
escape, growth, freedom
not for destruction
but for change, to press limits
to find that which makes
us whole, complete, and
accomplished at crossing
the barriers that
bound conventional
people in dead-end jobs with
little self-esteem.
hacking, phreaking, it
is an art form, and a quest
for endless reaches
to seek, to explore, to
realize and accomplish, to
take chances and live
not for rules and laws
but for what things should be but
will not come to pass.
--kyra
[Uh oh, we're getting pretty literary here. I can see it now:
Phrack Magazine. For the Sensitive Hack/Phreak.
Interesing poem tho...]
-----------------------------------------------------------------------------
Dear Editor of Phrack Magazine;
Ok Erik (mr. editor), there is also a poem that I have written for Wei.
"Thinking of Ding Wei"
(C) 1994, 1995 Oliver Richman.
Come here, let me tell you something,
How I hide my love for Wei Ding:
By forgetting all my thinking!
When in my mind Wei's heart I see..
I want to tell her "wo ai ni",
So her and I will always be.
Her mind is pure, like pretty Jade..
She makes me want to give her aid.
I know that her love will not fade.
My patience tries to move the sea.
But can I deny you and me?
I want our hearts to set us free.
I really love you, dear Ding Wei,
I think about you every day.
Tell me, what more can I say?
[What's this? Another Poem? A tribute of Love for some chick named Wei?
Holy Lord. We need to get some codes or credit cards or something in here
to offset this burst of "Heartfelt Emotive Print." ]
-----------------------------------------------------------------------------
the other day upon the stair
i met a man who wasn't there
he wasn't there again today
i think he's from the CIA
[NOW THIS IS MY KIND OF POETRY! SHORT, SIMPLE, AND FUNNY.
WHATEVER HAPPENED TO BENNETT CERF???]
-----------------------------------------------------------------------------
As a former AOLite and definite wannabe, and having d/l the log of
the Rushkoff/Sirius hypechat, I could tell from the beginning that it
would be just as you reviewed _Cyberia_ as being. Every other word
Rushkoff used was Cyberia or Cyberians. As lueless and vulnerable to hype
as I was, I couldn't help but stand back and listen to all the shit with a
grin. In the same not, I ran into David Brin on AOL as well, and managed
to get a correspondence goig with him. He was on discussing all the
research he did on the "Net" and about the papers he was delivering, and,
most importantly (of course), his upcoming BOOK about the Internet and
privacy. At the time, still under the glossy spell of Wired (which I still
find interesting) and the hype, I was eager to offer him an interview
proposal, which I would have published in Wired if at all possible.
Dr. Brin knew less than *I* did about the Internet. I can sum up most of
these people's vocabularies in one word: "BLAH." They may as well
reiterate that syllable ad infinitum--it amounts to the same thing.
[WOW!
Hey Cyber-guy, thanks for the super-cyber email. As we cruise along this
InfoBanh, exiting in Cyberia, it takes a diligent cyberian like you
to keep things in check!
Sorry bout that. I was overcome with a minor brain malfunction that
reduced my IQ to that of Douglas Rushkoff. Doesn't it all make you want
to puke?
I heard that yesterday on the soap opera "Loving" some character was hacking
into food companies to steal recipes. A month or so back, on "All My
Children" (The only soap I watch...but I'm embarrassed to say I watch it
religiously), Charlie & Cecily were dorking around on the Internet, and
sent each other email after reading notes they each left on alt.personals.
The world is coming to an end.]
-----------------------------------------------------------------------------
Yo erikb:
yo dewd. eye am so paranoid, my t33th are rattling.
what dewd eye dew?
yew are the god of the internet.
how dew eye stop the paranoia?
please print answer in next phrack.
thanx.
m0fo
[Your Acid will wear off in a few hours. Don't worry. Enjoy it.
The CIA does.
If it doesn't go away in a few days, there are some nice men in
white lab coats who will be glad to help you out.
How do you stop the paranoia? Your answer: Thorazine!]
-----------------------------------------------------------------------------
This is Nemo Kowalski speaking (aka Paolo Bevilacqua).
I just discovered Phrack at the young age of 31. ;-)
Well, I like it a lot, at least like I enjoyed doing real
things here in Europe, alone and with DTE222, years ago.
I'm going to write something about the first anti-hacker operation
in Italy, "Hacker Hunter," in which, incidentally, I got busted.
Do you think your some of the old stories from altger and Itapac
can be of interest to your readers?
To Robert Clark:
I read "My Bust" and I liked it. I'm not a native english speaker,
but I think it was well-written, plus principally, I felt a pleasant
"reader sharing writer's experiences" sensation that can separate a good
reading from pure BS. This is expecially true since I've been busted here
in Italy, and I've learned that things are more similar around the
western world than I would have thought.
The only thing I can't share is your Seattle experience. Maybe the dichotomy
good druge/bad drugs has a different meaning for you?
Respect,
Nemo
[Nemo:
Please write as much or as little as you like about the busts in
Italy! We have an article this issue about Italy, but any further
insights into your experiences, esspecially regarding how busts
are carried out in other countries would be greatly appreciated by
our readers!
I look forward to reading whatever you can put together!]
-----------------------------------------------------------------------------
Chris,
As a relative neophyte to hacking, one of the problems I come up with a
lot is identifying systems I locate scanning. So, I was wondering if Phrack,
or any other zine, had ever published a concise guide to clues to
help identify unknown systems. If so, could you please let me know what
mag, and what issue.
One last thing, are there any internet sites with info of interest to hackers?
I know about eff.org and freeside.com and a few others, but nothing really
intriguing...any suggestions?
[You will find a good start to identifying strange systems, and in
locating sites of interest to hackers in the #Hack FAQ we've printed
in this issue. ]
-----------------------------------------------------------------------------
For Phrack news, Darkman was busted in Winnipeg City, Canada, for various
reasons, but since I knew him personally I wanted to add my two cents.
For the record, he was busted for warez and porn as well as hacking into the
UoManitoba, and I heard his wife left him because he spent too much time
pirating on IRC. He was about 38. He could read fluently in Russign, and
I remember one night we discovered some secret KGB documents from the 50's,
real science fiction thriller stuff, and he read it to me.
Akalabeth
[It's a drag that your friend was busted, and knowing the Canadian
government, the porn part was probably pretty minor shit in a worldly
sense.
I'm kinda intrugued by the "KGB Documents" you found. Uh, were these on
the net? Did you have a cyrillic character set loaded? How did you
read these documents? Were they on paper?
SEND THEM TO PHRACK! :) ]
-----------------------------------------------------------------------------
Top 10 Reasons Why I Should Get My Subscription FREE:
(1) I'm a programmer/Analyst for an electric utility company in Texas
(ahh, come on - I'm a fellow Texan!)
(2) I've read Phrack for years (loyalty scores points - right?)
(3) I've been involved with compuers since GOD created the PC
(I began in late 70's-early 80's).
(4) I'm *not* a narc (shh, don't tell anybody.)
(5) I *may* have a record (but if I do, it's for minor kind of stuff -
I'm basically a nice guy).
(6) I don't like the telephone company (you have to admit they're amusing
though.)
(7) I know how to get around on the 'net (can't you tell - I have an AOL
account <g>.)
(8) I'm a good source of info regarding all types of mainframe and PC
programming.
(9) PLEASE....
(10) I'll quit writing dumb letters and trying to be funny.
[David Letterman is in the background throwing up as I'm typing
Don't quit your day job...but I'll send you Phrack anyway. :) ]
-----------------------------------------------------------------------------
Hey Chris,
I just read your thing in Phrack abou the US being attacked by our so
called "allies" and I agree with you 110%! I do believe that we should start
some sort of CyberArmy to fight back. I don't think that our government
would mind, unless we crashed an economy that they were involved with or
something, but hell, they fuck with us, let's fuck with them. And you were
saying about phone costs, isn't it possible to just telnet or something over
there? And why stop at fighting back against our information agressors, why
not fight back against other countries that our government is too chickenshit
to fight against? Cuba comes to mind. Well, I hope you reply or something, I
really like Phrack, I try to get it whenever I can manage, but I don't
have an internet address where I can get files. Keep up the good work.
[Yet another volunteer for the US Cyber Corp! By God, I'll have
an army yet. :) ]
-----------------------------------------------------------------------------
==Phrack Magazine==
Volume Six, Issue Forty-Seven, File 2a of 23
- ****************************************************************************
Phrack Editorial
What you are about to read is pure speculation on my part. Do not take
this to be 100% fact, since most of it is hypothesis. But it sure will
make you think twice. "Ever get the feeling you're being cheated?"
-----------------------------------------------------------------------------
So...Mitnick was busted.
There certainly are some really odd things regarding the whole mess,
especially with regards to the "investigating" being done by
a certain heretofore unheralded "security" professional and
a certain reporter.
One of the first oddities was the way the Mitnick saga suddenly
reappeared in the popular media. In February, and seemingly out of
nowhere, the ever diligent John Markoff entered the scene with the
a groundbreaking story. (Of course this is meant to be sarcastic as
hell.) Markoff's story dealt with a near miss by federal authorities
trying to apprehend Mr. Mitnick in Seattle about 5 months prior.
Now, if nothing else happened in the whole Mitnick saga, I never would
have given this a second thought, but in light of what followed,
it really does seem odd. Why would someone write about a subject that
is extremely dated of no current newsworthiness? "Our top story tonight:
Generalissimo Francisco Franco is still dead."
To be fair, I guess Markoff has had a hard on for Mitnick for ages.
Word always was that Mitnick didn't really like the treatment he got
in Markoff's book "Cyberpunk" and had been kinda screwing with him for
several years. (Gee, self-proclaimed techie-journalist writes something
untrue about computer hackers and gets harassed...who would have thought.)
So it really isn't that odd that Markoff would be trying to stay abreast
of Mitnick-related info, but it certainly is odd that he would wait
months and months after the fact to write something up.
But wait, a scant month and a half later, Mitnick gets busted! Not
just busted, but tracked down and caught through the efforts of a
computer security dude who had been hacked by Mitnick. Breaking the
story was none other than our faithful cyber-newshawk, John Markoff.
"Tsutomo Shimomura, born to an American mother and a Japanese father,
thus becan life as he was destined to live it...going in several
directions at once. A brilliant neurosurgeon, this restless young man
grew quickly dissatisfied with a life devoted solely to medicine.
He roamed the planet studying martial arts and particle physics,
colelcting around him a most eccentric group of friends, those
hard-rocking scientists The Hong Kong Cavaliers.
"And now, with his astounding jet car ready for a bold assault on the
dimension barrier, Tsutomo faces the greatest challenge of his turbulent
life...
"...while high above Earth, an alien spacecraft keeps a nervous watch on
Team Shimomura's every move..."
Wait a minute...that's Buckaroo Banzai. But the similarities are almost
eerie. Security dude by day, hacker tracker by night, ski patrol
rescue guy, links to the NSA! WOWOW! What an incredible guy! What an
amazing story!
But wait! Let's take a closer look at all of this bullshit, before it
becomes so thick all we can see is tinted brown.
Shimomura was supposedly hacked on Christmas Eve by Kevin Mitnick, which
set him off on a tirade to track down the guy who hacked his system.
Supposedly numerous IP tools were taken as well as "millions of dollars
worth of cellular source code."
First off, Shimomura's TAP is available via ftp. Modified versions of this
have been floating around for a while. I suppose it's safe to assume that
perhaps Tsutomo had modified it himself with further modifications (perhaps
even some of the IP/localhost spoofs that the X-consortium guys were
playing with, or maybe other tricks like denial of service and source-routing
tricks...I don't really know, I don't have any such thing authored by
Shimomura.)
Secondly, what is all this cellular source code? And why did Shimomura have
it? Could it be that this is really just some kind of smokescreen to make
it seem like Mitnick did something bad? For those of you who don't know,
Tsutomo is friends with Mark Lottor (yes, the OKI experimenter, and CTEK
manufacturer.). They have been friends for some time, but I don't know
how long. Lottor used to be roommates with, lo and behold, Kevin Poulsen!
Yes, that Kevin Poulsen...the guy who before Mitnick was the "computer
criminal de jour." Poulsen and Mitnick were no strangers.
It wouldn't be too much of a stretch of the imagination to think that
those files were really ROM dumps from phones that Lottor had given
Shimomura. It also wouldn't be too much of a stretch to imagine that
Mitnick knew Tsutomo, and decided to go poke around, pissing off
Tsutomo who knew that he'd been violated by SOMEONE HE ACTUALLY KNEW!
(It sure does piss me off much more to get fucked over by someone I know
rather than a complete stranger.)
Woah. If any of that is true, what strange bedfellows we have. But wait,
it gets better...
Enter John Markoff. Markoff and Tsutomo have obviously known each other for
a while. I don't know where they met...but I know they were together
at Defcon, maybe at Hope, and probably at the Tahoe Hacker's conference
a few years back. (I'd have to go back and look over the group
photos to be certain.)
Markoff already has a stake in the Mitnick story, since it was his book,
"Cyberpunk" that really gave ol' Kevin some coverage. Now, if Markoff knew
that Mitnick had hacked Tsutomo (from Tsutomo's own mouth), then certainly
any journalist worth his salt would see possibilities. Gee, what a great
concept! A colorful computer security guy tracks down one of the world's
most wanted hackers! What a great story! Remember that Stoll Guy?
But in order to get the book publishers really hot, it would take some more
press to rejuvinate interest in the Mitnick story. So the first story,
months after the fact, is printed.
Meanwhile, Tsutomo is supposedly tracking down Mitnick.
How does one track down a hacker? The legal (and really annoyingly hard way)
is to work with other system administrators and establish a trail via
tcp connects and eventually back to a dialup, then work with phone companies
to establish a trap and trace (which usually takes two or three calls) and
then working with local police to get a warrant. Somehow Tsutomo seemingly
managed to avoid all this hassle and get a lot done by himself. How?
Well, the Air Force OSI managed to track down the British Datastream Cowboy
by hacking into the systems he was hacking into the Air Force from. This is
the easy way. Hmmm.
I know with a good degree of certainty that Markoff's and Tsutomo's little
escapades pissed off a great many people within law enforcement, but I don't
know exactly why. If they WERE bumbling around stepping on FBI toes
during the course of their litle hunt, certainly the FBI would have
threatened them with some kind of obstruction of justice sentence if they
didn't stop. Did they?
Well before any of this had begun, Mitnick had been hacking other places
too. Guess what? He happened to hack CSCNS, where a certain ex-hacker, Scott
Chasin, runs the security side of things. I remember well over a year ago
talking to Chasin about a hacker who had breeched CNS. Discussing his
methods, we thought it must be Grok, back from the netherworld, since he
was so skilled. The hacker also made claims of being wireless to avoid
being traced. (This also fit into the Grok modus operandi...so we just
assumed it was indeed Grok and left it at that.) Chasin told the hacker
to get off of CNS, and that he could have an account on crimelab.com, if
he would only use it for mail/irc/whatever, but with no hacking, and on
the agreement that he would leave CSCNS alone.
The agreement was made, but went sour after only a few weeks when the mystery
hacker began going after CSCNS again. The Colorado Springs FBI was called
in to open an investigation. This was ages ago, but of course, field agencies
rarely talk.
Back in the present, Tsutomo goes to help out at the Well, where
a certain admin (pei) was having problems with intruders. This is the
same pei who a few months earlier told Winn Schwartau "The Well has no
security!" Which Winn reported in his newsletter. (This of course came after
Winn's account on the Well was reactvated by an anonymous person who
posted several messages about Markoff and signed them "km." DUH!)
So somehow, Tsutomo gets trace information leading back to a cell site in
North Carolina. How does a private citizen get this kind of information?
Don't ask me! My guess is that the feds said, give us what you know,
help us out a bit and don't get in our way. In return, one can surmise
that Tsutomo (and Markoff) got to glean more info about the investigation
by talking with the feds.
So, Mitnick gets busted, and Tsutomo got to ride around in a car with
a Signal Strength Meter and help triangulate Mitnick's cellular activity
to his apartment. Woo woo!
After all is said and done, Tsutomo has single handedly captured Mitnick,
John Markoff breaks the story on the FRONT PAGE of the New York Times, and
every other computer reporter in America continually quotes and
paraphrases Markoff's story and research as "God's Own Truth."
Mitnick, on the other hand, gets blamed for:
1) hacking Tsutomo
2) hacking the Well
3) hacking Netcom to get credit cards
4) hacking CSCNS
5) hacking Janet Reno's Cell Phone
6) hacking motorola
7) conversing with foreign nationals
etc..
Let's look at some these charges:
1) Mitnick was not the first (or only) to hack Tsutomo. The San Deigo
Supercomputer Center is a target for a lot of people. It's a major
Internet center, and there are all kinds of goodies there, and the
people who work there are smart guys with nice toys. Sorry, but
Mitnick is the scapegoat here.
2) Mitnick was not the first, last, or most recent to hack The Well.
Like Pei said, "The Well Has No Security." I know this first hand,
since I have an account there. I don't raise a stink about it,
because I pay by check, and my email is boring.
3) Mitnick was not the person who got the Netcom credit card file.
That file floated around for quite some time. He might have had
a copy of it, but so do countless others. Sorry. Wrong again.
4) Mitnick was in CNS. He was not the only one. Thanks for playing.
5) The thought that Mitnick could reprogram a MTSO to reboot upon
recognizing a ESN/MIN pair belonging to one specific individual
would require that he had hacked the manufacturer of the MTSO, and
gotten source code, then hacked the cellular carrier and gotten
a full database of ESN/MIN information. Both of these things have
been done by others, and Mitnick certainly could have done them too,
but I doubt he would have gone to that much trouble to call attention
to his actions.
6) Motorola, like EVERY other big-time computer industry giant has been
hacked by countless people.
7) Mitnick reportedly had dealings with foreign nationals, especially
one "Israeli" that set the CIA up in arms. Well, sure, if you get on
IRC and hang out, you are probably going to talk to people from other
countries. If you hang out on #hack and know your stuff, you will probably
end up trading info with someone. But, playing devil's advocate,
perhaps the person you might be talking to really isn't a 22 year old
Israeli student. Maybe he really is a 40 year old Mossad Katsa working
in their computer center. Was Mitnick Jewish? Would he do "whatever
it takes to help the plight of Jews worldwide?" Could he have been
approached to become one of the scores of sayanim worldwide? Sure.
But probably not. He'd be too hard to call on for the favors when they
would be needed by Mossad agents. So, I have some doubts about this.
Less than a month after the whole bust went down, Markoff and Tsutomo
signed with Miramax Films to produce a film and multimedia project
based on their hunt for Mitnick. The deal reportedly went for
$750,000. That is a fuckload of money. Markoff also gets to do a book,
which in turn will become the screenplay for the movie. (Tsutomo
commented that he went with Miramax "based on their track record."
Whatever the fuck that means.)
Less than a month and they are signed.
Looks to me like our duo planned for all this.
"Hey Tsutomo, you know, if you went after this joker, I could write a book
about your exploits! We stand to make a pretty penny. It would be
bigger than the Cuckoo's egg!"
"You know John, that's a damn good idea. Let me see what I can find.
Call your agent now, and let's get the ball rolling."
"I'll call him right now, but first let me write this little story to
recapture the interest of the public in the whole Mitnick saga. Once that
runs, they publishers are sure to bite."
Meanwhile Mitnick becomes the fall guy for the world's ills, and
two guys methodically formulate a plot to get rich. It worked!
Way to go, guys.
==Phrack Magazine==
Volume Six, Issue Forty-Seven, File 3 of 22
// // /\ // ====
// // //\\ // ====
==== // // \\/ ====
/\ // // \\ // /=== ====
//\\ // // // // \=\ ====
// \\/ \\ // // ===/ ====
PART I
------------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Phrack Magazine and Computer Security Technologies proudly present:
The 1995 Summer Security Conference
SSSS U U M M M M EEEEE RRRR CCCC OOOO N N
S U U MM MM MM MM E R R C O O NN N
SSS U U M M M M M M M M EEE RRRR C O O N N N
S U U M M M M M M E R R C O O N NN
SSSS UUUU M M M M EEEEE R R CCCC OOOO N N
"SUMMERCON"
June 2-4 1995 @ the Downtown Clarion Hotel in Atlanta, Georgia
This is the official announcement and open invitation to the 1995
incarnation of Summercon. In the past, Summercon was an invite-only
hacker gathering held annually in St. Louis, Missouri. Starting
with this incarnation, Summercon is open to any and all interested
parties: Hackers, Phreaks, Pirates, Virus Writers, System Administrators,
Law Enforcement Officials, Neo-Hippies, Secret Agents, Teachers,
Disgruntled Employees, Telco Flunkies, Journalists, New Yorkers,
Programmers, Conspiracy Nuts, Musicians and Nudists.
LOCATION:
The Clarion Hotel is located in downtown Atlanta, 9 miles from
Hartsfield International Airport and just a few blocks from the
Peachtree Center MARTA Station.
Considering the exorbitant expenses involved with attending other
conferences of this type, Rooms at Summercon are reduced to
$65 per night for Single or Double Occupancy
The Clarion Hotel Downtown, Courtland at 70 Houston St., NE,
Atlanta, GA 30303
(404) 659-2660 or (800) 241-3828 (404) 524-5390 (fax)
No one likes to pay a hundred dollars a night. We don't expect you
to have to. Spend your money on room service, drinks in the hotel bar,
or on k-rad hacker t-shirts. Remember: Mention that you are attending
Summercon in order to receive the discount.
DIRECTIONS
75/85 Southbound - Exit 97 (Courtland). Go 3 blocks south on Courtland
then turn left on Houston (John Wesley Dobbs Ave.)
20 East - Exit 75/85 North at International. Turn Left on Courtland at
Houston Ave. NE. (aka. John Wesley Dobbs Ave. NE.)
20 West - Exit 75/85 North at International. One block to Courtland
and right at Houston Ave. NE. (John Wesley Dobbs Ave. NE.)
Atlanta Airport Shuttle - The Express Bus that leaves from Atlanta's
International Airport will drop you off at many hotels in the downtown
area, including the Clarion. The shuttle should be no more than 12
dollars. Fares may be paid at the Airport Shuttle in the Ground
Transportation area of the Airport Terminal.
MARTA - The Metropolitan Atlanta Rapid Transit Authority (MARTA), is a
convenient and inexpensive way to negotiate most of the Atlanta area.
Take the MARTA train from the Airport to the Peach Tree Center Station.
Walk three blocks down Houston to the intersection of Houston and
Courtland. The MARTA fare will be roughly 2 dollars.
Taxis - The average cab fare from Atlanta's Airport to the downtown area
is roughly 30 dollars.
CONFERENCE INFO
It has always been our contention that cons are for socializing.
"Seekret Hacker InPh0" is never really discussed except in private
circles, so the only way anyone is going to get any is to meet new people
and take the initiative to start interesting conversations.
Because of this, the formal speaking portion of Summercon will be
held on one day, not two or three, leaving plenty of time for people
to explore the city, compare hacking techniques, or go trashing and
clubbing with their heretofore unseen online companions.
The "Conference" will be held on June 3rd from roughly 11:00 am until
6:00 pm with a 1 hour lunch break from 1:00 to 2:00.
NO VIDEO TAPING WILL BE ALLOWED IN THE CONFERENCE ROOM. Audio Taping
and still photography will be permitted.
CURRENT LIST OF SPEAKERS:
Robert Steele - Ex-Intelligence Agent, Founder and CEO of Open Source
Solutions (a private sector intelligence firm)
Topic: Hackers from the Intelligence Perspective
Winn Schwartau - Author of "Information Warfare" and "Terminal Compromise",
Publisher of Security Insider Report, and noted security
expert
Topic: Electromagnetic Weaponry
Bob Stratton - Information Security Expert from one of America's largest
Internet service providers
Topic: The Future of TCP/IP Security
Eric Hughes - Cryptography Expert and founding member of the "Cypherpunks"
Topic: Cryptography, Banking, and Commerce
Annaliza Savage - London-based Director/Producer
Topic: Discussion of her documentary "Unauthorized Access"
(Followed by a public screening of the film)
Chris Goggans - Editor of Phrack Magazine and Summercon M.C.
Topic: introductions, incidentals and a topic which is sure
to culminate in an international incident.
(Other Speakers May Be Added - Interested parties may contact scon@fc.net)
COSTS
Since other cons of this type have been charging from 25 to 40 dollars
entry fees, we are only charging 10 dollars. Yes, that's correct,
TEN (10) dollars in US currency. Money is far too scarce among the
hacker community to fleece everyone for money they will probably need
to eat with or pay for their hotel rooms.
WHAT TO DO IN ATLANTA:
To attempt to make everyone's stay in Atlanta more exciting, we are
contacting local establishments to arrange for special discounts and/or
price reductions for Summercon attendees. Information will be handed
out regarding these arrangements at the conference.
Atlanta is a happening town.
Touristy Stuff Party Time
The World of Coca-Cola Buckhead
Underground Atlanta The Gold Club
Georgia Dome (Baseball?) (Countless Other Clubs and Bars)
Six Flags
CONTACTING SUMMERCON SPONSORS
You can contact the Summercon sponsors by several means:
E-mail: scon@fc.net
WWW: http://www.fc.net/scon.html
Snail Mail: Phrack Magazine
603 W. 13th #1A-278
Austin, TX 78701
If deemed severely urgent, you can PGP your email with the following PGP
key:
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6
mQCNAizMHvgAAAEEAJuIW5snS6e567/34+nkSA9cn2BHFIJLfBm3m0EYHFLB0wEP
Y/CIJ5NfcP00R+7AteFgFIhu9NrKNJtrq0ZMAOmiqUWkSzSRLpwecFso8QvBB+yk
Dk9BF57GftqM5zesJHqO9hjUlVlnRqYFT49vcMFTvT7krR9Gj6R4oxgb1CldAAUR
tBRwaHJhY2tAd2VsbC5zZi5jYS51cw==
=evjv
- -----END PGP PUBLIC KEY BLOCK-----
See you in Atlanta!
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQCVAwUBL4mMEaR4oxgb1CldAQE5dQP+ItUraBw4D/3p6UxjY/V8CO807qXXH6U4
46ITHnRJXWfEDRAp1jwl+lyavoo+d5AJPSVeeFt10yzVDEOb258oEZkIkciBnr7q
mUu563/Qq67gBsOWYP7sLdu3KEgedcggkzxtUzPxoVRVZYkHWKKjkG1t7LiT3gQ5
uRix2FrftCY=
=m/Yt
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
UNAUTHORIZED ACCESS
"Unauthorized Access [is] a documentary that tells the story of the
computer underground from our side, it captures the hacker world
from Hamburg to Los Angeles and virtually everywhere in between."
2600 The Hacker Quarterly
Computers are becoming an integral part of our everyday existence.
They are used to store and send a multitude of information, from
credit reports and bank withdrawals, to personal letters and highly
sensitive military documents. So how secure are our computer
systems?
The computer hacker is an expert at infiltrating secured systems,
such as those at AT&T, TRW, NASA or the DMV. Most computer systems
that have a telephone connection have been under siege at one time
or another, many without their owner's knowledge. The really good
hackers can reroute the telephone systems, obtain highly sensitive
corporate and government documents, download individual's credit
reports, make free phone calls globally, read private electronic
mail and corporate bulletins and get away without ever leaving a
trace.
So who are these hackers? Just exactly WHAT do they do and WHY do
they do it? Are they really a threat? What do they DO with the
information that they obtain? What are the consequences of their
actions? Are hackers simply playing an intellectual game of chess
or are hackers using technology to fight back and take control of
a bureaucratic system that has previously appeared indestructible?
Unauthorized Access is a documentary that demistifies the hype and
propaganda surrounding the computer hacker. Shot in 15 cities
and 4 countries, the film hopes to expose the truths of this subculture
focusing on the hackers themselves.
Unauthorized Access is a view from inside the global underground.
For a PAL (European) copy send a cheque/postal order for 15 British
Pounds or $25 for NTSC (American) standard to:
Savage Productions
Suite One
281 City Road
London EC1V 1LA
------------------------------------------------------------------------------
ACCESS ALL AREAS
Hacking Conference
1st - 2nd July, 1995
(Saturday & Sunday)
King's College, London, UK
-------------------------------WHAT-IT-IS---------------------------------
The first UK hacking conference, Access All Areas, is to be run in London
later this year. It is aimed at hackers, phone phreaks, computer security
professionals, cyberpunks, law enforcement officials, net surfers,
programmers, and the computer underground.
It will be a chance for all sides of the computer world to get together,
discuss major issues, learn new tricks, educate others and meet "The
Enemy".
-------------------------------WHERE-IT-IS--------------------------------
Access All Areas is to be held during the first weekend of July, 1995 at
King's College, London. King's College is located in central London on
The Strand and is one of the premier universities in England.
-----------------------------WHAT-WILL-HAPPEN-----------------------------
There will be a large lecture theatre that will be used for talks by
computer security professionals, legal experts and hackers alike. The
topics under discussion will include hacking, phreaking, big brother and
the secret services, biometrics, cellular telephones, pagers, magstrips,
smart card technology, social engineering, Unix security risks, viruses,
legal aspects and much, much more.
Technical workshops will be running throughout the conference on several
topics listed above.
A video room, equipped with multiple large screen televisions, will be
showing various films, documentaries and other hacker related footage.
The conference facilities will also include a 10Mbps Internet link
connected to a local area network with various computers hanging off of it
and with extra ports to connect your laptop to.
------------------------------REGISTRATION--------------------------------
Registration will take place on the morning of Saturday 1st July from
9:00am until 12:00 noon, when the conference will commence. Lectures and
workshops will run until late Saturday night and will continue on Sunday
2nd July from 9:00am until 6:00pm.
----------------------------------COST------------------------------------
The price of admission will be 25.00 British pounds (approximately US $40.00)
at the door and will include a door pass and conference programme.
-----------------------------ACCOMMODATION--------------------------------
Accommodation in university halls of residence is being offered for the
duration of the conference. All prices quoted are per person, per night
and include full English breakfast. (In British pounds)
SINGLE TWIN
WELLINGTON HALL 22.00 16.75
Special prices for British and Overseas university students, holding
current student identification, are also available - please call King's
Campus Vacation Bureau for details.
All bookings must be made directly with the university. They accept
payment by cash, cheque and credit card.
To making a booking call the following numbers...
KING'S CAMPUS VACATION BUREAU
Telephone : +44 (0)171 351 6011
Fax : +44 (0)171 352 7376
----------------------------MORE-INFORMATION------------------------------
If you would like more information about Access All Areas, including
pre-registration details then please contact one of the following...
Telephone : +44 (0)973 500202
Fax : +44 (0)181 224 0547
Email : info@phate.demon.co.uk
------------------------------------------------------------------------------
D I S T R I B U T E W I D E L Y
*****FIRST CALL FOR PAPERS*****
InfoWarCon '95
A 2 Day International Symposium
on Information Warfare
September 7-8, 1995
Stouffer Concourse Hotel
Arlington, VA
Presented by:
National Computer Security Association
Winn Schwartau and Interpact, Inc.
Robert Steele and OSS, Inc.
CONFERENCE OVERVIEW:
The Information Warfare Conference (InfoWarCon) is our third
international conference dedicated to the exchange of ideas,
policies, tactics, weapons, methodologies and defensive posture
of Information Warfare on a local, national, and global basis.
InfoWarCon will bring together international experts from a broad
range of disciplines to discuss and integrate concepts in this
rapidly evolving field. Attendees will intensely interact with
the speakers and presenters as well as each other to increase
each other's understanding of the interrelatedness of the topics.
While there are many interpretations of Information Warfare by
different groups, the current working definition we employ is:
Information Warfare is the use of information and informa
tion systems as weapons in a conflict where information and
information systems are the targets.
Information Warfare is broken down into three categories, and
InfoWarCon speakers and attendees will interactively examine them
all:
Class I: Personal Privacy. "In Cyberspace You Are Guilty
Until Proven Innocent." The mass psychology of information.
Privacy versus stability and law enforcement.
Class II: Industrial and Economic Espionage. Domestic and
international ramifications and postures in a globally
networked, competitive society.
Class III: Global Information Warfare. Nation-state versus
Nation-state as an alternative to convention warfare, the
military perspective and terrorism.
THE CONFERENCE
The conference is designed to be interactive - with extensive
interaction between all participants. The preliminary contents
and discussions will focus on:
- What is Information Warfare?
- What Are the Targets?
- Protecting the Global Financial Infrastructure
- Military Perspectives on InfoWar
- InfoWar Vs. Non-Lethal Warfare
- Defending the U.S. Infrastructure
- The Intelligence Community and Information
- Open Source Intelligence
- The Psychology of Information
- Privacy Balances
- Information As the Competitive Edge
- International Cooperation
- Denial of Service
- Cyber-Terrorism
- Offensive Terrorism
- Offensive InfoWar Techniques
- Defensive InfoWar Postures
- Education and Awareness Training
- Corporate Policy
- Government Policy
- Global Policy
- Espionage
- Export Controls of Information Flow
- The Legal Perspective
- The New Information Warriors
Plenary sessions will accommodate all attendees, while break-out
sessions will provide more intimate presentations and interactiv
ity on topics of specific interests.
SUBMISSIONS:
Submission for papers are now be accepted. We are looking for
excellent speakers and presenters with new and novel concepts of
Information Warfare. You may submit papers on the topics listed
above, or on others of interest to you, your company or govern
ment.
We welcome innovative thought from the private sector, the gov
ernment (civilian, military and intelligence) and the interna
tional community. Submissions must be received by May 1, 1995,
and notification of acceptance will occur by June 1, 1995.
Please submit 2-3 page presentation outlines to:
winn@infowar.com.
All submissions and the contents of InfoWarCon '95 will be in
English. If you must submit a hard copy: Fax: 813.393.6361 or
snail mail to: Interpact, Inc. 11511 Pine St., Seminole, FL
34642
All submissions and presentation should be unclassified, as they
will become Open Source upon submission and/or acceptance.
SPONSORS:
The Information Warfare Symposium is currently choosing sponsors
for various functions.
Continental Breakfast, Day 1 and Day 2
Morning Coffee Break, Day 1 and Day 2
Lunch, Day 1 and Day 2
Afternoon Coffee Break, Day 1 and Day 2
Cocktail Party, Day 1
Each Corporate or Organizational sponsor will be included in all
promotional materials and Symposium function. For more infor-
mation, contact Paul Gates at the NCSA. Voice: 717.258.1816 or
email: 747774.1326@Compuserve.com.
EXHIBITS:
Limited space is available for table-top displays for commercial
or governmental products, services, educational or other promo
tion. For further information, contact Paul Gates at the National
Computer Security Association. 717.258.1816
REGISTRATION:
Payment made BEFORE July 1, 1995:
( ) $445.00 NCSA Member/OSS Attendee
( ) $545.00 All others
Payment made AFTER July 1, 1995:
( ) $495.00 NCSA Members/OSS Attendees
( ) $595.00 All others
( ) I'M INTERESTED, but would like more information sent to the
address above. Please include a free copy of your 32 page
"Information Security Resource Catalog".
( ) I'd like to know more about NCSA on-site training, security
audits and consulting services. Please have someone give me
a call.
MAIL OR FAX TO:
National Computer Security Association
10 South Courthouse Avenue
Carlisle, PA 17013
Phone 717-258-1816 or FAX 717-243-8642
EMAIL: 74774.1326@compuserve.com
CompuServe: GO NCSAFORUM
Winn Schwartau Interpact, Inc.
Information Security & Warfare
V:813.393.6600 F:813.393.6361
Email: Winn@Infowar.Com
------------------------------------------------------------------------------
Ed Cummings, also known to many in cyberspace as "Bernie S" was arrested
on March 13th, 1995 for 2 misdemeanors of possession, manufacture and sale
of a device to commit Telecommunications fraud charges. He is being held in
Delaware County Prison in lieu of $100,000.00 Bail. His story follows.
On the evening of the 13th Bernie S. received a page from his mail drop.
Some people he knew from Florida had stopped in at his mail drop thinking
it was his address. They were looking to purchase several 6.5 Mhz Crystals.
These crystals when used to replace the standard crystal in the RADIO SHACK
Hand Telephone dialer, and with some programming, produce tones that trick
pay phones into believing they have received coins. These are commonly
referred to as "red boxes" and got their name from an actual red box pulled
from a pay phone in the late seventies by some curious person.
Ed Cummings met these people at a local 7-11 (which 7-11?) where he was
to sell the widely used electronic timing crystals for roughly $4 a piece.
The purchaser only had two twenty dollar bills and Ed Cummings no change.
Ed Cummings went into the 7-11 to get some change to make the transaction.
A police officer noticed a van parked in the parking lot of the 7-11 with
more several African Americans inside. As Ed was leaving the 7-11 he noticed
fifteen police cars pulling into the parking lot of the 7-11.
Next thing he knew the police were asking him if they could `rifle`
through his car. He said no. Moments later as he was talking to a Detective
and noticed another police officer going through his car. He asked the officer
to stop. They did not, in all the police confiscated a few hundred 6.5Mhz
crystals (which he resells for roughly $4 a piece) and a large box of 100
dialers. The police told him they would get back to him, and he could have
his electronics back if the contents of the bag were legal. In the contents
of the seized items was one modified dialer, that a customer returned after
modification explaining that it did not work, a broken red box.
The next day Ed `Bernie S.` Cummings was over at a friend`s house working
on their computer when eight to ten plain clothed armed men burst into the
house and ordered him and his friends to freeze. They cuffed him and took him
to a holding cell (what jail?). There he was left without a blanket or jacket
to sleep with in the cold cell.
That evening the Secret Service had been called in when someone figured
out what the dialers and crystals would do when put together. The
United States Secret Service found his home and entered it, while they were
questioning him.
The next morning at his arraignment he was finally told of the charges
he was being held upon. They were Two misdemeanor Charges of manufacture,
Distribution and Sale of devices of Telecommunications Fraud. and Two Unlawful
use of a computer charges. His bail was automatically set to $100,000.00
because Ed Cummings refused talk with the police without his attorney present.
The Secret Service presented to the judge a 9 page inventory of what
they had found in his home. On that inventory there 14 computers. 2 printers.
more Boxes of bios chips for the systems he worked with. Eprom burners which
the Federal Agents had labeled "Cellular telephone chip reprogramming adapters"
Eproms are used in everything from Automobile computers to personal computers.
They also confiscated his toolbox of screw drivers, wire clippers and other
computer oriented tools he used for his consulting job.
The Judge dropped the Two unlawful use of a computer charges due to
the fact that the evidence was circumstantial and the county had no actual
evidence that Ed had ever used the computers in question.
As of 3/27/1995 Ed Cummings is still in Delaware County Prison
awaiting his trial. His trial has not yet been scheduled and Ed will most
likely not raise the One Hundred Thousand Dollars needed to be released on
bail.
------------------------------------------------------------------------------
"Don't believe the hype." - Public Enemy, 1988
This file's purpose is to clear up any misconceptions about the recent
situation that has come upon the sociopolitical group known as KoV.
As it stands now, (10:55 PM EST on 1/29/95), NO ONE has been busted for
ANYTHING. We have received several tip-offs from private sources regarding
a supposed "FBI investigation" of our group that is purported to be active
at this very minute. However, with the exception of a few VERY suspicious
incidents and coincidences, there has been NO HARD EVIDENCE thus far about
ANYONE getting busted for ANYTHING. So while we are EXTREMELY concerned for
the integrity of our innocence, we must stress that nothing has gone down.
Yet.
We have very good reason to believe that a few of those among us are about
to be charged with various false accusations by a local university. However
the current mental state of the person in charge of this charade is also in
question. Therefore it would be logical to assume nothing. The conflicting
tip-offs, rumors, warnings and threats that we have received make it even
more difficult to get a clear picture of exactly what is going on. We have
heard so many things from so many different sources, both credible and
questionable, that we would be hard-pressed to give an accurate evaluation
of the current state of things.
What we can say for sure, however, is that KoV officially died on Monday,
January 23, 1995, along with its communications network, KoVNet. This
promises to be a great loss to the open-minded and sociopolitical community
as well as the free-thinkers and activists who supported us so generously.
Our reasons for disbanding the group were many, but the foremost was in
light of the current situation we are facing.
Consider this last obstacle our final, stalwart stand against the evils of
AmeriKKKan government and its various greedy, capitalistic agencies.
From the moment of KoV's conception, they have publicly sought to destroy
us; to silence our questioning of authority, to oppress our free-thinking
minds, and to close off our intellectual channels of communication. They
have even gone so far as to stalk us in public places. 'Tis a shame indeed.
If you have any questions or if you wish to contact us for any reason,
you may email sgolem@pcnet.com with the subject or header of "ATTN: KoV".
I will try to post further updates of this saga to CiPNet, ThrashNet,
QuantumNet, InsanityNet, ScumNet, FizzNet, NukeNet and any others I can.
We would appreciate any support that other h/p, art or political groups can
lend us. Until then, my friends...
-Lord Valgamon, Malicious Intent, Onslaught, Leland Gaunt & the rest of KoV
------------------------------------------------------------------------------
What happens when you are caught beige boxing.
by Rush 2
Yeah yeah, I'm the only one. But here is a generally interesting
description of everything to getting caught to arraignment.
Well about 5 months ago i needed to set up a conference really quick..
it was about 12:00 (never knew there was a 10:00 pm curfew in that area)
and went to a 25 pair box at this local strip mall. Well I was out there
the box was already open and I was just about to start testing pairs to
see which was connected and what wasn't.
All of a sudden, i hear this loud screeching sound of a car coming
to a skid from doing about 90mph. I turned and saw that typically dirty
squad car about to hit me.. you know the car, mud and dust on the tires
and body, coffee and smudge marks all over the windshield. i got on my
bike and started to run. Now the thing is I COULD have gotten away.. the
pathetic excuse for a cop had run not more than 10 yards after me and
decided that I was a threat so he pulled his handgun and yelled. I saw
this and thought it would be wiser to stop than get shot.
Within 2 minutes at LEAST 10 squad cars had come to his aide.. i did
not know i was less than a half mile from a police station and they were
looking for a prowler in the general area. The police did the normal,
called me scum, asked me what i was doing, searched me until they were
satisfied... than picked me up and threw me in the car... the funny
thing was they didn't see my phone until they threw me into the back seat
and the cord fell out.. (they never saw the page of notes and 'naughty'
material in my pocket though it was about 4 inches thick and sticking out
that a blind man could see it.
Well they got me to the station and pried my info out, and called my
father... I came up with a good enough story about some made up user
who told me to go across the street and plug in.. then I was told I
would be dealt with in the next week... I did not receive anything for
three and a half months.
Once the time came for the arraignment (for a juvenile they called it
an intake). I got to go to the police station, sit for about 3 hours (as
if i thought they would be on time) until I waited for my probation
officer. Finally she got there and we proceeded to talk. She explained
all of the charges and my lawyer (interesting guy) laughed, I was being
charged with prowling (could be disputed I was on a public sidewalk and
there in that strip mall is a 24 hr laundry mat), loitering (again that
could be disputed), and attempted theft of services (though I NEVER even
plugged in).
After this was all said i spent the next hour talking with the lady
in private. I immediately found she had an interest in computers and was
having a problem with her home pc. So I easily changed the topic to my
fascination in computers and solved her problem with her computer, and
answered at least 50 questions about them. In the last 10-15 minutes of
the conversation all i could get from her were statements about how
impressed and how intrigued she was with me. She ended up giving me a
look (that was hard to judge but i am staying away from this chick) that
was either confusion or attraction, slipped me a card with her home phone
number and name and called back in my lawyer and parents.
Once they got back in, all that she really said was I was a great boy,
that she would like to see me do more with my time besides computers, and
that she was taking my sentence of 12 months formal probation with 300
hours of community service to 3 months of informal probation with 30
hours of community service. That and she said bell was asking her what
to do and she would tell them that it was a non issue since I did not
plug in and even if I had it would not be their concern unless I had
plugged in to the telco access part of the network interface.
Well I have yet to receive official record of having to perform
the community service or the probation but I called my probation officer
yesterday and said she wasn't putting the community service into the
punishment and it has been an equivalent amount of time to just say that
since I haven't gotten in trouble since she will count the probation as
already served. Luckily she based all other needs of me on the report
from a teacher, and with my luck she picked the one teacher, my computers
teacher, that no matter what I did or said would lie and say I didn't.
Thanks to erikb for publishing this, and greets to CXrank, paradox,
dark phiber, the fat cop (who spilled his coffee and box of donuts
coming after me) that made this all possible, and to everyone else.
-rush 2
http://www-bprc.mps.ohio-state.edu/cgi-bin/hpp/Rush_2.html
Look for My site, unforeseen danger soon to be on a 28.8 slip
and by the end of the summer on a 500k slip connect.
------------------------------------------------------------------------------
[Something found on IRC]
Danny Partridge Emmanuel Goldstein
(AKA Danny Bonaduce: (AKA Eric Corley:
a child star from the child-like publisher
"The Partridge Family" of 26oo magazine.
---------------------- ------------------
Hosts a boring local Hosts a boring local
radio program. radio program.
Quasi Celebrity Quasi Celebrity
Status among Status among
70's freaks telephone phreaks
Periods of Heavy Periods of Heavy
Drug Usage Drug Usage
Involved in Sex Involved in Sex
Scandal with Scandal with
another man another man
Last name is Friends with Phiber
"Bonaduce" Optik whose first
handle was "Il Duce"
Supplements incoming Supplements incoming
by doing desperate by doing desperate
local talk shows local talk shows
whenever he can. whenever he can.
------------------------------------------------------------------------------
Top 10 #hack fights that would be the coolest to see.
(And no, Ophie's not in it twice just because she's a girl...)
===========================================================================
10.) The D.C. Convention Center is Proud to Present: Hot-Oil Wrestling
featuring KL & TK.
9.) Ludichrist vs. GFM, to be resolved at the next convention, or, uh, the
one after that... or, uh...
8.) C-Curve and Elite Entity, "Who's who?"
7.) Ben Camp vs. Ben Sherman, "Particles of Novocain Everywhere."
(Or: "I'm totally numb, let me hug you!!!")
6.) Dan Farmer and Pete Shipley: "Whips vs. Chains"
5.) Grayarea vs. Netcom "No, *I* want root..."
4.) WWF Wrestling with Len and |al|.
3.) Ophie vs. Voyager, "Night of the Living Dead."
2.) Okinawa vs. Gail Thackery, "The Winner Gets Okinawa's Testicle."
and the number one #hack fight is
1.) Ophie vs. all the #hack guys, "10 Bucks on the Girl"
------------------------------------------------------------------------------
P A S S W O R D E N G I N E (for IBM PC's) by Uncle Armpit
+++++++++++++++++++++++++++++++++++++++++++++
The device driver code listed below provides a data stream of passwords.
The device driver approach was used to speed up the process
of cracking passwords on an incremental basis. The usual approach was
to generate the passwords to a file, then reading the file, etc..the device
driver approach circumvents these file storage problems, and others, such as
having enough free disk space and delays from disk i/o.
This driver operates completely in memory (approx. 0.5Kb)
How practical is this?
----------------------
This program would be very useful if you think you may know what strategy
the user/admin uses for picking out their passwords. Without eliciting some
sort of a strategy, forget it-- unless your desperate enough!!
A "strategy" could consist of any of these possible advantages--
1) default passwords (ie: SIN, student #, birth date, phone number...)
2) the mutation of a lUSERs' known password from another system
3) viewing the mark typing in most of their password with a couple
of unseen characters
4) etc...
---------------------------
With the sample device driver provided, passwords starting at
'aaaaaaa' and ending with 'zzzzzzz' will be generated. The length
of the password string can be modified by changing the length of
the password string itself (that is, the variable "number"). The
range of characters in the passwords can also be changed by
modifying the following two lines:
;hackdrv.sys
;.
;.
;
for ending character--
cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range
...and for starting character
cmp byte ptr [number+si],'a' ;starting char. in range
;
;----------------------
for instance, if you wished to generate numbers from "0000000" to
"9999999"
-change the ending character to:
cmp byte ptr [number+si],'9'+1
-starting character to:
cmp byte ptr [number+si],'0'
and "number" variable from 'aaaaaa' to '0000000' and then
recompile..
-----
..or in the third case, if u had observed a lUSER type in most of
their password, you may want to rewrite the code to limit the
search. IE: limit the keys to a certain quadrant of the keyboard.
Modify the code starting at "reiterate:" and ending at "inc_num
endp" for this.
=================================================================
/'nuff of this!/ How do I get things working?
-----------------------------------------------
Compile the device driver "hackdrv.sys", and the second program,
"modpwd.asm". Then specify the device driver inside config.sys
(ie: "c:\hackdrv.sys"). The code below was compiled with the a86
compiler, v3.03. Some modifications might be needed to work with
other compilers.
To use it in prgs like crackerjack, type in the following on the
command line:
c:\>jack -pwfile:<your password file here!> -word:hackpwd
------
If you had stopped a cracker program (eg: crackerjack) and want to
pick up from where you left off, run the program "modpwd.com".
This program can change HACKDRVs password through-
a) a command line argument (ie: "modpwd aabbbbe")
b) executing the program with no parameters (this method also
displays the current password in memory)
Happy Hacking,
Uncle Armpit
;-----------------------cut here--------------------------------
;Program HACKDRV.SYS
;
org 0h
next_dev dd -1
attribute dw 0c000h ;character device w/ ioctl calls
strategy dw dev_strategy
interrupt dw dev_int
dev_name db 'HACKPWD '
countr dw offset number
number db 'aaaaaa',0ah ;<----six characters, lower case
numsize equ $-number - 2
afternum:
;working space for device driver
rh_ofs dw ?
rh_seg dw ?
dev_strategy: ;strategy routine
mov cs:rh_seg,es
mov cs:rh_ofs,bx
retf
dev_int: ;interrupt routine
pushf
push ds
push es
push ax
push bx
push cx
push dx
push di
push si
cld
push cs
pop ds
mov bx,cs:rh_seg
mov es,bx
mov bx,cs:rh_ofs
mov al,es:[bx]+2
rol al,1
mov di,offset cmdtab
xor ah,ah
add di,ax
jmp word ptr[di]
cmdtab: ;command table
dw init ;0
dw exit3 ;1
dw exit3 ;2
dw ioctl_read ;3
dw do_read ;4
dw exit3 ;5
dw exit3 ;6
dw exit3 ;7
dw exit3 ;8
dw exit3 ;9
dw exit3 ;10
dw exit3 ;11
dw ioctl_write ;12
dw exit3 ;13
dw 5 dup (offset exit3)
ioctl_read:
push es
push bx
mov si,es:[bx+10h]
mov di,es:[bx+0eh]
mov es,si
push cs
pop ds
mov si,offset number
xor cx,cx
get_char:
lodsb
stosb
inc cl
cmp al,0ah
jz ioctl_rend
jmp get_char
ioctl_rend:
pop bx
pop es
mov es:[bx+012h],cx
mov cs:countr,offset number
jmp exit2
ioctl_write:
push es
push bx
mov si,es:[bx+010h]
mov ds,si
mov si,es:[bx+0eh]
mov cx,numsize+1 ;es:[bx+012h]
push cs
pop es
mov di,offset number
repe movsb
pop es
pop bx
mov cs:countr,offset number
jmp exit2
do_read:
push es
push bx
push cs
pop ds
mov si,[countr]
inc si ;word ptr [countr]
cmp si,offset afternum
jnz is_okay
mov si,offset number
call inc_num
is_okay:
mov [countr],si
mov di,es:[bx]+0eh
mov ax,es:[bx]+010h
mov cx, es:[bx]+012h
jcxz clean_up
mov es,ax
repe movsb
clean_up:
pop bx
pop es
jmp exit2
exit3: mov es:word ptr 3[bx],08103h
jmp exit1
exit2:
mov es:word ptr 3[bx],0100h
exit1:
pop si
pop di
pop dx
pop cx
pop bx
pop ax
pop es
pop ds
popf
retf
exit:
inc_num proc near
push si
mov si,numsize
reiterate:
inc byte ptr [number+si]
cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range
jnz _exit
mov byte ptr [number+si],'a' ;starting char. in range
dec si
cmp si,-1
jnz reiterate
mov byte ptr [number],01ah ;send EOF
_exit:
pop si
ret
inc_num endp
at_eof: ; the non-resident code starts here
initial proc near
push es
push cs
pop ds
push cs
pop es
mov si,offset number
mov di,offset tmpnum
cld
_again:
lodsb
cmp al,0ah
jz _nomorechars
stosb
jmp _again
_nomorechars:
mov si,offset msgend
mov cx,4
repe movsb
mov ah,09 ;print welcome message
mov dx,offset msg1
int 21h
pop es
ret
initial endp
init: call initial
mov ax,offset at_eof
mov es:[bx]+0eh,ax
push cs
pop ax
mov es:[bx]+010h,ax
mov cs:word ptr cmdtab,offset exit3
jmp exit2
msg1 db "Incremental Password Generator (c)1995",0ah,0dh
db "Written by Uncle Armpit",0ah,0dh,0ah,0dh
db "Starting at word ["
tmpnum db 10 dup (?)
msgend db "]",0a,0d,'