💾 Archived View for gemini.spam.works › mirrors › textfiles › groups › PHONELOSERS › pla031.txt captured on 2023-01-29 at 15:06:45.

View Raw

More Information

⬅️ Previous capture (2020-11-01)

-=-=-=-=-=-=-

??????????????????????????????????????????????????????????????????????????????
????? ??????? p h o n e      l o s e r s     o f     a m e r i c a ????? ? ???
?                                   Present                                  ?
?                           Acidflux's Story Time Hour                       ?
??????????????????????????????????????????????????????????????????????????????
?                           Completed On May 16, 1995                        ?
??????????????????????????????????????????????????????????????????????????????
  
Once upon a time (around March I think) a local sysop challenged me to 
crack his friend's password on the local high school (Monte Vista, 
monte.mvhs.srvusd.k12.ca.us, running Ultrix v4.1). So I get in, get
root (sysop access), and look at the password file. Unix passwords are
scrambled with a one-way encryption method. Say your password is "fuckchop".
It's stored in the password file as "hdVcOLOsIcvLE". When you login to a 
unix system instead of decrypting the password it encrypts what you type
in and matches it with the stored encrypted password. So to crack passwords
you need a program such as CrackerJack that will go through a long list of
words (a password dictionary). I couldn't crack the guy's password so I 
deleted his account and told the local sysop there never was one 
(situation averted). So I make a few accounts, Bluesman gets on the system
and we start looking through people's mail (this is where that "Chia Pet" 
letter from Delirium Issue #4 came from) when suddenly a root account 
(chatter) starts paging me. Here's a log of the ntalk conversation with 
"Anirvan Chatterjee" (It's been formatted for the sake of reading):


[Connection established]

Me: May I help you?

An: chan? Elizabeth?

Me: Yes?
Me: Have we met?

An: This is Anirvan, I believe...

Me: Anirvan! How are you?

An: Oh fine...do you see me listed as "root"?

Me: Yes, why?

An: oh...I was doing some routine syadmin stuff, when I saw you logged in...

Me: 10:00pm on a friday night eh?

An: what else is there to do on a friday night?!

Me: Yeah, I guess you're right.

An: well, i have friends online i talk to, and then tere's other fun stuff to do...

Me: Yeah, I'm new to this, you know how that is.

An: of course...
An: where are you coming in from?
An: an online service? a commercial carrier?
An: ccnet's probab;ly t

Me: Yeah, I have an account on there, why?

An: where? I mean, what's your email address?
An: there...

Me: Scall@ccnet.com

An: coolness...
An: Geez....hate how those lines keep overlapping (type control-L t

Me: Yeah... say, doesn't it bother you in the slightest I have root?

An: say what?
An: you have root?
An: please explain..

Me: Well, I'm going to format your winchesters.
Me: Just business, nothing personal.

An: errr...who is this?

Me: Hehe, I'm just kidding! Internet humor.

An: errr, yes.
An: Charlie?

Me: What? This is Liz.

An: I'm sure.

Me: y0ur c0mput3r h4s b33n b0rd3d by th 3l33t3st 0f th3 3l33t!!@#$!!

An: that's so nice to know.

Me: r3sist3nc3 iz futil3!!

An: yay.
An: I'm so impressed.

Me: Wanna see a neat trick?

An: not really, so Charlie, 

[Connection closing. Exiting]

# removeuser chatter
Enter login name for user to be removed:  chatter
This is what the entry in /etc/passwd looks like:
chatter:.bplovnCwERio:337:15:Anirvan Chatterjee,CPR2,(510)837-7507,
:/u/students/chatter:/bin/csh
Is this the entry you wish to delete?  y
Working ...
User chatter removed.
Do you want to remove chatter's home directory,
all subdirectories and files (y/n)?  y
You should have backed up chatter's files if you do not wish to lose them.
Are you sure that you want to remove chatter's files (y/n)?  y
Deleting /u/students/chatter

.oOo.

Then I kill all his processes and change the root password. Again, 
situation averted. 10 minutes later he unmounts the drives.
The next morning he tells the computer lab who did it ("Acidflux, Bluesman
and Deadlocke [aka Silicon [)ragon]"... like I said, I made a few accounts 
while I was on) and that we hacked in to use thier link to the Lawerence 
Livermore Labs (local nuclear facility... anyone read The Cuckoo's Egg?). 
On top of that Bluesman logged in from a New York system so Anirvan starts 
talking like MOD was after his ass (This was in the California Bay Area BTW). 
That afternoon Anirvan gets a call from a Monte Vista freshman named 
Brett Nelson posing as _me_. He says "This is Acidflux, you will recieve a 
call at 9pm tonight" along w/ some veiled threats and whatnot. They 
recognized his voice and kicked him out of school (I think this story has a 
moral in it somewhere). A couple months later the system is back up and I 
find this article on Anirvan's Webpage (http://192.188.37.4/~anirvan):
  

"Beyond Wargames"
by Anirvan Chatterjee (`95)

   Net historians record the sudden increase in destructive net
   activities after the release of Wargames (the seminal cracker-as-hero
   movie, the tale of an antisocial nerdy 80s teen equipped with a modem
   who stumbles onto the secrets of a corrupt military establishment (see
   also, Sneakers)). Those were the days when cracker and darkside
   hackers were truly dangerous only to government and corporate America.
   Well, think again. While corporate network security has increased
   severalfold since then, the massive growth rate of the Internet won't
   be able to extend the same degree of protection to newcomers unable to
   obtain the best protection money can buy. I speak from experience,
   having gone through two such cases recently, both very close to home.

   Everybody probably knows about the cracker intrusion into Monte
   Vista's computer network. (You don't? The Reader's Digest Condensed
   Book editionI was online at Monte Vista from home on a Friday night
   when I saw someone else, a friend of mine, logged in too. I tried to
   "talk" to her online, but she didn't respond. So I was doing some
   routine system maintenance, when I saw a strange call to talk from
   someone logged in as the system operator--but I was the system
   operator. Oh well, I ignored it, until my friend finally agreed to
   talk to me. She seemed rather confused, didn't understand who I was. I
   tried asking her what she was planning to do this weekend. Suddenly,
   she burst into a rant along the lines of "I am elite! I broke into
   your system! Hahaha!" By this time, I'd realized that "she" was
   somebody who had broken in under that account, and broken into the
   system operator's account. We did some online jousting, (by now I had
   Charlie Hsu, speaking voice, advising me on the fax line) until I
   managed to remotely shut down the Monte Vista network, but only to
   find that he'd deleted my account, my email, my projects, my web
   page--everything. Talk about playing the martyr for my system. (Yes,
   yes, the proper authorities have been contacted, and they're working
   hard, trying to catch the evildoers.) Anyway, there's my story. Now
   you can laugh at it.)

   But after all that, who to blame? The cracker, certainly, but also the
   cluelessness of the newbie system administrators (including yours
   truly) who just didn't know enough to implement current and effective
   security measures. That, and insecure usage habits on the part of so
   many equally clueless users ignoring even the most simple warnings
   about password security (a computer network is only as strong as its
   weakest password). As long as the Internet keeps expanding at such
   furious rates and the age, maturity, education, training, and
   all-around cluefulness of the average user keeps declining, this will
   keep growing as an issue.

   Net.access is getting easier and easier to obtain, and security
   measures from many established, otherwise clueful net.folks are being
   correspondingly toned down to fit the minimal effort/maximum personal
   gain philosophy of many coming online for the first time (the same
   type of people who will break every point of net.courtesy to get
   information, rather than checking documentation, FAQs (Frequently
   Asked (and Answered) Question lists), or contacting their local system
   administrator). (For example, Microsoft Bob's password protection will
   automatically let you change it if you guess incorrectly three times
   in a row--even a four-year-old could get past that kind of
   protection!)

   I found out very recently that my Internet carrier's security could be
   easily compromised, not online, but through what crackers call "social
   engineering"--by breaking in through their customer support. January
   31, someone posing as the cracker who broke into Monte Vista called my
   house and left me a voice message instructing me to wait for a call at
   9:00 p.m. if I wanted to recover my password. I tried dialing into my
   account, and found my password to be invalid--someone had changed it!
   Of course, I didn't believe that the caller was who he claimed to be
   for a second--he had pronounced my name correctly. Nobody ever
   pronounces my name correctly after having only seen the spelling, so I
   knew it had to be someone who knew me. And who had something against
   me. I listened to the message again (the idiot had done me a huge
   favor by leaving a long snippet of his voice digitally recorded for me
   to listen to again and again) when I realized who it was--an annoying
   Monte Vistan I'd busted and kicked off the Monte Vista network a few
   months ago, for some truly unsavory activities he'd gotten into, all
   the system rules he'd violated. I contacted my Internet carrier's
   support staff, and hooked up with a rather clueful administrator, who
   traced the breakin. I was informed that someone calling in from the
   local dial-in node had accessed my account (when I had been hours away
   from the nearest modem), and deleted all the files in it. Damn! Damn!
   Damn!

   As we retraced the cracker's steps, we found that the [please
   substitute a handful of your favorite explicit pejoratives here] had
   unsuccessfully tried to access my account at 11:00 a.m. (why wasn't he
   at school during 4th period? note network knowledge has little
   correlation with common sense, intelligence, or academic achievement),
   then spoke to someone on the support staff between then and 1:00 p.m.,
   convincing them that he was me. Then the "helpful" support staff
   changed my password for "me," as soon as the intruder was able to
   pronounce my name correctly, and give them my phone number and
   address. Once he had BS'ed his way past their safeguards, he then
   asked them to change "his" password for him, as he had "forgotten" it.
   Devious little [choose your own again], eh? Then a little before 1:00
   p.m., and again at 1:40, p.m. he logged in under my account, with the
   new (now changed) password. He went through all my files. Then he
   deleted everything: my saved mail, my notes, my projects, my backups.
   And as if that wasn't enough, he then proceeded to browse through
   through my email. By this time in the conversation with the tech
   admin, I was seething. Luckily for me, the guy was able to restore
   most of my files and mail from system backups made the Friday before.
   So I didn't lose too much, but that's beside the point. I felt so
   violated. Nobody should be able to go through my email and files,
   reading and deleting at will, invading my privacy; there's a world of
   difference between system operators doing routine checks, and
   intruders breaking in as part of some sick revenge fantasy. So I
   registered several "secure" codewords with the support staff (my
   mother's maiden name, etc.) that they would have to get from anyone
   calling for support under my name. And that was that.

   Yes, yes, the cracker, a (now "former"?) Monte Vista student, has been
   caught and arrested, for his numerous ugly computer-related crimes
   (physical theft of computer equipment is a rather silly idea if you
   want to stay on the good side of the law), and I have the oddest
   feeling I may have seen the last of him. But it's not the [yet another
   pejorative here] himself I'm so concerned about, as much as the trend
   he's running on. Online interaction has become so easy and widespread
   that it seems as if anybody with something against you could take
   action against you. And the more business that we conduct online, the
   more dangerous it is (I've purchased several items directly on the
   Internet over the course of the last year, using unencrypted credit
   card numbers--dangerous, I know.) From mailbombings and anonymous
   flames, canceled postings, forged mail or postings, to outright
   electronic intrusion, almost anything is possible. Take Kevin Mitnick,
   the recently captured master cracker who infiltrated sites in the
   hundreds, from the accounting records of Netcom (the nation's largest
   Internet Service Provider, and very possibly the least-liked (for its
   anarchic administration and dumbed-down service)) to the Well,
   arguably the coolest and most respected Service Provider in America,
   the home of the Net's "cultural elite" (synonymous with its technical
   elite). News reports say his breakins weren't "personal." God help
   anybody who pissed him off. Interestingly enough, at least three
   movies about the Internet are now filming. One of these is The Net,
   about someone who's very identity is tampered with when police,
   credit, and other identity records are all altered. As technically
   improbable as the plot is, the concept is definitely sound (recall the
   case of the vengeful phone phreaker who rerouted his parole officer's
   home phone to a (900) sex number). This stuff doesn't just happen to
   other people. Let the netizen beware. Tough times lie ahead.

   An aside: Don't let this article scare you into not getting online.
   Accessing the Internet is a fabulous experience, and not akin to war
   as my words might lead you to believe; it just requires some common
   sense. As long as you have your wits about you, and aren't afraid to
   turn to manuals or your friendly neighborhood system administrator for
   help, you'll be OK. Interested in getting online? Do ask me, or
   someone else with online experience for help. I love helping people,
   but I'd much rather be able to help someone before s/he actually
   commits her time and money to problematic, expensive commercial
   networks.


.oOo. 

Then I find this followup letter:


   Dear Geek-meister:

   Enjoyed your latest issue. A couple of philosophical and technical
   notes you may wish to ponder:

   (1) Re: Anirvan's tome on Internet security, There's a consistent
   assumption that the crackers he describes in the article are male. How
   did the author know? Did "he" write about hunting giraffes? Use locker
   room humor (actually, I've heard enough qualifying material from
   females during stints at MV to dispel any such assumption)? How many
   readers just read along and assumed, along with the author, that the
   "perp" wears pants (oops), make that Jockeys (nope) boxers? (yikes),
   buttons left over right (okay, I think).

   My purpose here is not to pick on AC--indeed, I think his energy,
   intellectual curiosity and considerable erudition in publishing
   Paradox are really laudable. I just think we should all ferret out,
   consider and overcome creeping sexism wherever we find it.

.oOo.

Sorry if this has been more self-glorifying than informative but after 
seeing Anirvan's side of the story I had to type this up. I'm going to
go have a coke and a smile so I'm ending the story here. Watch out
for that creeping sexism.
                                            -Acidflux

[Enclosed is a GIF of Anirvan that Acidflux uploaded to me so you all can see
 what the poor victim looked like. For those of you who haven't, read the 
 Delirium Mags! Available at the PLA Texas Line. -RedBoxChiliPepper]

??????????????Contact?The?Phone?Losers?Of?America?Nearest?You!????????????????
?  Voice:                            ? Data:                                 ?
?  512-370-4680 PLA Voicemail System ? 618-797-2339 PLA BBS Illinois Line    ?
?????????????????????????????????????? 512-883-7543 PLA BBS Texas Line       ?
? U.S. Mailing Address:              ? 512-851-8317 Sonic Youth Systems      ?
? Phone Losers Of America            ?????????????????????????????????????????
? P.O. Box 3642                      ? FTP Site: FTP.FC.NET                  ?
? Corpus Christi, TX 78463           ? directory pub\deadkat\incoming\PLA    ?
?                                    ? (Thanks to Disorder & Deadkat!)       ?
??????????????????????????????????????????????????????????????????????????????