T t 07-14-93 h h Issue #2 e e of ßßßßß ßßßßß ßß ßß ßßßßßß ßßßßßß ßßß ßß ßßßßß ßß ßß ßß ßß ßß ßß ßß ßßßß ßß ßß ßß ßßßßßßß ßßßßß ßßßßß ßß ßß ßß ßß ßß ßßß ßß ßß ßß ßß ßß ßß ÜÜ ßß ßß ßßßß ßß ßß ßß ßß ßßßßß ßß ßß ßßßßßß ßÛ ßßßßßß ßß ßßß ßßßßß s p n n s r o f o e w o c a l r i d e m a d a t o g t i f e i o o n & n f o r "He wanders, like a day-appearing dream, through the dim wildernesses of the mind; Through desert woods and tracts, which seem like ocean, homeless, boundless, unconfined." ---Percy Bysshe Shelley ASKiNews 2.0 an A.S.K.i. publication ASKi President: The White Ninja (WhiteNinja@AOL.COM) ASKi VP: WiLD CHiLD ASKiNews Editor: CRiMiNAL ASKiNews Distributor: Doc Hench . . ....................... ........ Index ........ ....................... . . 1. Comments from the editor... 2. ASKiNet/AquaNET Nodelist and Echolist 3. -=ðCrosstalkð=- 4. The Novice's Guide to Hacking! 5. BUSTED! What to do if you are arrested... 6. Cyberevolution!! 7. A Flame! 8. Beating Dial Locks and DTMF Recorders 9. Box of the Month: The Beige and Brown Boxes 10. Virus Corner -- The Theory of Self-Reproductive Software 11. On the Lighter Side.... 12. News from Cyberspace 13. Coming Soon 14. Laid Her ASKi Phile #1 Comments from the Editor Well, welcome to ASKi02... Nashville's one and only hacker zine! First, two apologies. One, SORRY about ASKi01!!! The thing was FILLED with horrid typos and grammatical errors... That is the last time I spell check a document at two in the morning!!! Two, SORRY this doc took a year to put together!!! Thanks to WC we finally got thing back on track... Well, here it is!! This should prove to all you fuckers that we are not dead and we still believe that information should be free... One bitch... WHY ONLY ONE COMMENT ABOUT ASKi01!?! I know someone read it and thought "THIS SUCKS!" I hope someone read it and thought "This rules!" It would be nice if both of your MENTIONED it!! Write me and tell me what you thought!! We would like to hold an ASKiFEST in the park in late July, give us some ideas... Oh, and to TN Governor's School... A. Why was I rejected, I must be one of the most qualified computer science high school students in the state... B. Why did you CS teacher tell members of the class that ASKi was a bunch of stupid kids who don't understand freedom of speech? The kinderfeindlichkeit (German, look it up) bigotries hinted at in that statement aside, when you made that statement we had just started to work on ASKi01!! We had never made a public statement concerning free speech!! We have gotten a lot of bad press from people who were mad at Lizard King, but he does not represent this organization and his statements do not reflect the official opinions of ASKi nor do they represent the opinions of its members! If you have a problem with me or my opinions, TALK TO ME ABOUT IT instead of talking about it behind my back! This brings me to MEDIATE... I'm not going to drudge up all the bull shit again... I just hope its all over with, and despite what was said, the people involved all know what REALLY happened... I would like to make another point... Mediate is a BAD idea... I believe there should be a Nashville Sysop's group, but I have a problem with people running a SysOp vengeance forum, and I posted the following in the Mediate forum... "...I think this is a fundamental problem with Mediate system. I'm not trying to tell you how to do anything, I just have a few suggestions and comments. In reality, Mediate doesn't mediate anything, in my opinion it serves as a revenge tactic for disgruntled SysOps. A SysOp is angry at a user so he goes into Mediate and tells everyone to lock him out! Everyone does so and the SysOp has gotten back at that person for whatever he or she might have done. That SysOp might have been lying, exaggerating, or making impossible assumptions, but the user has no chance to give his side of the story. There are no checks and balances. Things DO get out of hand.... I think that mediate should be open to all users, and the moment allegation are brought against a person, that person should be notified by the Mediate president so that he or she can defend him/herself. This is a fair and reasonable way to deal with problems in the BBS community. Otherwise, Mediate will remain a tool for revenge..." 'Nuff said... I was at Defcon last weekend and a lot of people present seemed interested in ASKi. However, many had one question. Why are you rehashing all the old shit? Because there isn't a PHVA mag out there designed for the new hacker... You need a lot of base knowledge to start hacking these days, and noone seems willing to provide that knowledge. I think the reason so many new phreaks get into CCs and Codes instead of more interesting and less damaging exploration is that the only people willing to deal with new people are the real fucking criminals... Information like this is quite different, it provides people with the option of exploring much more interesting topics non-maliciously. I'll write more about defcon next issue. Finally, this IS the Cyberpunk era!! Stop waiting for 2020 and get out there and live this exiting culture before its gone! The future won't be like the it is in the novels, it will be VERY different, Gibson and Sterling are describing the PRESENT (with all little boost in technology), and the time to act is now!!! LIVE THIS and enjoy it before its gone!!! Well, have phun! HACK OR DIE! The White Ninja ASKi Phile #2 ASKi/AquaNET Nodelist Cut Here ------------------------------------------------------------------------------- Zone,10,AquaNET_North_America,Nashville_TN,Doc_Hench,1-615-228-9698,9600,CM,XA ; Host,666,Middle_Tennessee_AquaNET,Nashville_TN,Doc_Hench,1-615-228-9698,9600,CM,XA Hub,100,Binary_Degeneration,Nashville_TN,Doc_Hench,1-615-228-9698,9600,CM,XA ,1000,Binary_Degeneration,Nashville_TN,Doc_Hench,1-615-228-9698,9600,CM,XA ,101,Crosspoint,Lebanon_TN,Todd_Andrews,1-615-443-3664,2400,CM,XA ,103,Mount_Olympus,Gallatin_TN,Thunder,1-615-451-0739,9600,CM,XA ,105,On-Line_Gamers_Clinic,Mt.Juliet_TN,The_Doc,1-615-754-0473,9600,CM,XA Pvt,107,The_Bandit's_Hideout,Nashville_TN,Bandit,-Unpublished-,9600,MO,XA Hub,200,The_Ninja's_Domicile,Brentwood_TN,The_White_Ninja,1-615-370-8805,9600,CM,XA ,2000,The_Ninja's_Domicile,Brentwood_TN,The_White_Ninja,1-615-370-8805,9600,CM,XA ,201,The_Virtual_Reality_BBS,Nashville_TN,Walter_Anderson,1-615-383-4643,9600,CM,XA ,203,Aces_High,Hermitage_TN,Red_Baron,1-615-885-5876,2400,CM,XA Hub,300,Post_Offis_][,Franklin_TN,Maverick,1-615-791-7595,9600,CM,XA ,3000,Post_Offis_][,Franklin_TN,Maverick,1-615-791-7595,9600,CM,XA ,301,Mondo_Gordo!,Franklin_TN,Reverend_Keith_A._Gordon,1-615-791-8050,2400,CM,XA ------------------------------------------------------------------------------- Cut Here ASKi/AquaNET Echolist ------------------------------------------------------------------------ Key: + Frequently used echos (large percentage of the messages) * Mandatory echos (must turn on) ! READ-ONLY ECHO ***** Fairly new echos that we need nodes to carry! -------------- AquaNet Echolist - As of 06/10/93 --------------- 1STAMNT +1st Ammendment Discussions ASKIGEN ASKI newsletter updates and ASKINEWS! COCOT_THRASH ***** Cocot thrashing at it's best! COUNTRY_BASH ***** Bash that country music white boy! CURRENT +Current events within AquaNET ELECTRON Electronics Forum FORSALE For Sale / Trade echo GENERAL +General Discussions on modeming and other topics JUSTICE +American Justice and the Legal System MODEMING BBS help and BBS Ads MST3000 Mystery Science Theatre 3000 Discussions MUSIK +Music, Movies, and Concerts NC-CO !*Network Coordinator Comments / News PHIL Philosophy and Religion POLITICAL_CHAT ***** Chatter and thrashing of the government! PROG Programmer's Corner Q-ZAR ***** +Q-Zar discussion echo REDNET Bitch out sessions present...REDNET SCIENCE Science and Technology Updates SWINGERS AquaNET's Luv Nest (USED) SYSOP AquaNET SysOp and Co-SysOp Discussions TESTECHO Testing echo for new AquaNet nodes UNDER +Computer Underground Discussions VIRTUAL Virtual Reality Discussions WHEELS Hot babes, cool cars, that's the life for me!! ZONE_10 *AquaNET Zone 10 news ans happenings ------------------------------------------------------------------------ List maintained by: Matt Coleman - AquaNET NEC - 10:666/1000 ------------------------------------------------------------------------ ASKi Phile #3 -=ðCrosstalkð=- Message #2718 - ÿLOCAL: To/From Sysop (Private) (Received) Date: 07-29-92 14:31 From: Jaxx To: THE WHITE NINJA Subject:: ASKi/ShadowNET ------------------------------------------------------------------------------- @PID: RA 1.11 2890 Hello! I've just re-started a BBS here in Crossville,...Just installed FD and have sent in my request to join Fidonet....Was wondering how one could join ShadowNET and ASKiNet and AquaNet? I agree totally with everything that was in the NewsLetter! Found it REFRESHING that there is a group started to help stop the right out censorship that's going on with BBS's and everywhere else! Also agree with your comments (except the part about no companies hiring anyone like ourselves, I got lucky and I'm now part of a MIS dept. with unlimited access to a modem and a budgeted amount for long-distance calls!) ANYWAY....Please leave me a message about the my questions... [=ûaxx=] Jaxx, Well, just send me your real name, BBS name, location, number, and whether your system will be able to accept mail anytime. I will confirm that your front end and mailer are working, and add you to the nodelist. Your system must be able to accept zipped mail and you must be willing to let the conferences go uncensored. Thanks for the comments to the newsletter. We hope you like issue 2! Congrats on the MIS job!! The White Ninja ASKi Phile #4 A Novice's Guide to Hacking... I have reprinted this file from Phrack 22 'cause I thought it would be of interest to most of Nashville's new Phreak community. Another recommended file for beginning phreaks or people who are just interested in forbidden knowledge is the Official Phreaker's Handbook, PKMAN.ZIP, available on many ASKi BBSs... ========================================================================= ==Phrack Inc.== Volume Two, Issue 22, File 4 of 12 +++++++++++++++++++++++++++++++++++++++++++++++++ | The LOD/H Presents | ++++++++++++++++ ++++++++++++++++ ` A Novice's Guide to Hacking- 1989 edition / ` ========================================= / ` by / ` The Mentor / ` Legion of Doom/Legion of Hackers / ` / ` December, 1988 / ` Merry Christmas Everyone! / `+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/ The author hereby grants permission to reproduce, redistribute, or include this file in your g-file section, electronic or print newletter, or any other form of transmission that you choose, as long as it is kept intact and whole, with no ommissions, deletions, or changes. (C) The Mentor- Phoenix Project Productions 1988,1989 512/441-3088 Introduction: The State of the Hack %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% After surveying a rather large g-file collection, my attention was drawn to the fact that there hasn't been a good introductory file written for absolute beginners since back when Mark Tabas was cranking them out (and almost *everyone* was a beginner!) The Arts of Hacking and Phreaking have changed radically since that time, and as the 90's approach, the hack/phreak community has recovered from the Summer '87 busts (just like it recovered from the Fall '85 busts, and like it will always recover from attempts to shut it down), and the progressive media (from Reality Hackers magazine to William Gibson and Bruce Sterling's cyberpunk fables of hackerdom) is starting to take notice of us for the first time in recent years in a positive light. Unfortunately, it has also gotten more dangerous since the early 80's. Phone cops have more resources, more awareness, and more intelligence than they exhibited in the past. It is becoming more and more difficult to survive as a hacker long enough to become skilled in the art. To this end this file is dedicated. If it can help someone get started, and help them survive to discover new systems and new information, it will have served it's purpose, and served as a partial repayment to all the people who helped me out when was a beginner. Contents %%%%%%%% This file will be divided into four parts: Part 1: What is Hacking, A Hacker's Code of Ethics, Basic Hacking Safety Part 2: Packet Switching Networks: Telenet- How it Works, How to Use it, Outdials, Network Servers, Private PADs Part 3: Identifying a Computer, How to Hack In, Operating System Defaults Part 4: Conclusion; Final Thoughts, Books to Read, Boards to Call, Acknowledgements Part One: The Basics %%%%%%%%%%%%%%%%%%%%% As long as there have been computers, there have been hackers. In the 50's at the Massachutes Institute of Technology (MIT), students devoted much time and energy to ingenious exploration of the computers. Rules and the law were disregarded in their pursuit for the 'hack.' Just as they were enthralled with their pursuit of information, so are we. The thrill of the hack is not in breaking the law, it's in the pursuit and capture of knowledge. To this end, let me contribute my suggestions for guidelines to follow to ensure that not only you stay out of trouble, but you pursue your craft without damaging the computers you hack into or the companies who own them. I. Do not intentionally damage *any* system. II. Do not alter any system files other than ones needed to ensure your escape from detection and your future access (Trojan Horses, Altering Logs, and the like are all necessary to your survival for as long as possible). III. Do not leave your (or anyone else's) real name, real handle, or real phone number on any system that you access illegally. They *can* and will track you down from your handle! IV. Be careful who you share information with. Feds are getting trickier Generally, if you don't know their voice phone number, name, and occupation or haven't spoken with them voice on non-info trading conversations, be wary. V. Do not leave your real phone number to anyone you don't know. This includes logging on boards, no matter how k-rad they seem. If you don't know the sysop, leave a note telling some trustworthy people that will validate you. VI. Do not hack government computers. Yes, there are government systems that are safe to hack, but they are few and far between. And the government has inifitely more time and resources to track you down than a company who has to make a profit and justify expenses. VII. Don't use codes unless there is *NO* way around it (you don't have a local telenet or tymnet outdial and can't connect to anything 800). You use codes long enough, you will get caught. Period. VIII. Don't be afraid to be paranoid. Remember, you *are* breaking the law. It doesn't hurt to store everything encrypted on your hard disk, or keep your notes buried in the backyard or in the trunk of your car. You may feel a little funny, but you'll feel a lot funnier when you when you meet Bruno, your transvestite cellmate who axed his family to death. IX. Watch what you post on boards. Most of the really great hackers in the country post *nothing* about the system they're currently working except in the broadest sense (I'm working on a UNIX, or a COSMOS, or something generic. Not "I'm hacking into General Electric's Voice Mail System" or something inane and revealing like that). X. Don't be afraid to ask questions. That's what more experienced hackers are for. Don't expect *everything* you ask to be answered, though. There are some things (LMOS, for instance) that a begining hacker shouldn't mess with. You'll either get caught, or screw it up for others, or both. XI. Finally, you have to actually hack. You can hang out on boards all you want, and you can read all the text files in the world, but until you actually start doing it, you'll never know what it's all about. There's no thrill quite the same as getting into your first system (well, ok, I can thinksavea couple of biggers thrills, but you get the picture). One of the safest places to start your hacking career is on a computer system belonging to a college. University computers have notoriously lax security, and are more used to hackers, as every college computer department ment has one or two, so are less likely to press charges if you should be detected. But the odds of them detecting you and having the personel to committ to tracking you down are slim as long as you aren't destructive. If you are already a college student, this is ideal, as you can legally explore your computer system to your heart's desire, then go out and look for similar systems that you can penetrate with confidence, as you're already familar with them. So if you just want to get your feet wet, call your local college. Many of them will provide accounts for local residents at a nominal (under $20) charge. Finally, if you get caught, stay quiet until you get a lawyer. Don't volunteer any information, no matter what kind of 'deals' they offer you. Nothing is binding unless you make the deal through your lawyer, so you might as well shut up and wait. Part Two: Networks %%%%%%%%%%%%%%%%%%% The best place to begin hacking (other than a college) is on one of the bigger networks such as Telenet. Why? First, there is a wide variety of computers to choose from, from small Micro-Vaxen to huge Crays. Second, the networks are fairly well documented. It's easier to find someone who can help you with a problem off of Telenet than it is to find assistance concerning your local college computer or high school machine. Third, the networks are safer. Because of the enormous number of calls that are fielded every day by the big networks, it is not financially practical to keep track of where every call and connection are made from. It is also very easy to disguise your location using the network, which makes your hobby much more secure. Telenet has more computers hooked to it than any other system in the world once you consider that from Telenet you have access to Tymnet, ItaPAC, JANET, DATAPAC, SBDN, PandaNet, THEnet, and a whole host of other networks, all of which you can connect to from your terminal. The first step that you need to take is to identify your local dialup port. This is done by dialing 1-800-424-9494 (1200 7E1) and connecting. It will spout some garbage at you and then you'll get a prompt saying 'TERMINAL= '. This is your terminal type. If you have vt100 emulation, type it in now. Or just hit return and it will default to dumb terminal mode. You'll now get a prompt that looks like a @. From here, type @c mail and then it will ask for a Username. Enter 'phones' for the username. When it asks for a password, enter 'phones' again. From this point, it is menu driven. Use this to locate your local dialup, and call it back locally. If you don't have a local dialup, then use whatever means you wish to connect to one long distance (more on this later). When you call your local dialup, you will once again go through the TERMINAL= stuff, and once again you'll be presented with a @. This prompt lets you know you are connected to a Telenet PAD. PAD stands for either Packet Assembler/Disassembler (if you talk to an engineer), or Public Access Device (if you talk to Telenet's marketing people.) The first description is more correct. Telenet works by taking the data you enter in on the PAD you dialed into, bundling it into a 128 byte chunk (normally... this can be changed), and then transmitting it at speeds ranging from 9600 to 19,200 baud to another PAD, who then takes the data and hands it down to whatever computer or system it's connected to. Basically, the PAD allows two computers that have different baud rates or communication protocols to communicate with each other over a long distance. Sometimes you'll notice a time lag in the remote machines response. This is called PAD Delay, and is to be expected when you're sending data through several different links. What do you do with this PAD? You use it to connect to remote computer systems by typing 'C' for connect and then the Network User Address (NUA) of the system you want to go to. An NUA takes the form of 031103130002520 `___/`___/`___/ | | | | | |____ network address | |_________ area prefix |______________ DNIC This is a summary of DNIC's (taken from Blade Runner's file on ItaPAC) according to their country and network name. DNIC Network Name Country DNIC Network Name Country _______________________________________________________________________________ | 02041 Datanet 1 Netherlands | 03110 Telenet USA 02062 DCS Belgium | 03340 Telepac Mexico 02080 Transpac France | 03400 UDTS-Curacau Curacau 02284 Telepac Switzerland | 04251 Isranet Israel 02322 Datex-P Austria | 04401 DDX-P Japan 02329 Radaus Austria | 04408 Venus-P Japan 02342 PSS UK | 04501 Dacom-Net South Korea 02382 Datapak Denmark | 04542 Intelpak Singapore 02402 Datapak Sweden | 05052 Austpac Australia 02405 Telepak Sweden | 05053 Midas Australia 02442 Finpak Finland | 05252 Telepac Hong Kong 02624 Datex-P West Germany | 05301 Pacnet New Zealand 02704 Luxpac Luxembourg | 06550 Saponet South Africa 02724 Eirpak Ireland | 07240 Interdata Brazil 03020 Datapac Canada | 07241 Renpac Brazil 03028 Infogram Canada | 09000 Dialnet USA 03103 ITT/UDTS USA | 07421 Dompac French Guiana 03106 Tymnet USA | There are two ways to find interesting addresses to connect to. The first and easiest way is to obtain a copy of the LOD/H Telenet Directory from the LOD/H Technical Journal 4 or 2600 Magazine. Jester Sluggo also put out a good list of non-US addresses in Phrack Inc. Newsletter Issue 21. These files will tell you the NUA, whether it will accept collect calls or not, what type of computer system it is (if known) and who it belongs to (also if known.) The second method of locating interesting addresses is to scan for them manually. On Telenet, you do not have to enter the 03110 DNIC to connect to a Telenet host. So if you saw that 031104120006140 had a VAX on it you wanted to look at, you could type @c 412 614 (0's can be ignored most of the time). If this node allows collect billed connections, it will say 412 614 CONNECTED and then you'll possibly get an identifying header or just a Username: prompt. If it doesn't allow collect connections, it will give you a message such as 412 614 REFUSED COLLECT CONNECTION with some error codes out to the right, and return you to the @ prompt. There are two primary ways to get around the REFUSED COLLECT message. The first is to use a Network User Id (NUI) to connect. An NUI is a username/pw combination that acts like a charge account on Telenet. To collect to node 412 614 with NUI junk4248, password 525332, I'd type the following: @c 412 614,junk4248,525332 <---- the 525332 will *not* be echoed to the screen. The problem with NUI's is that they're hard to come by unless you're a good social engineer with a thorough knowledge of Telenet (in which case you probably aren't reading this section), or you have someone who can provide you with them. The second way to connect is to use a private PAD, either through an X.25 PAD or through something like Netlink off of a Prime computer (more on these two below). The prefix in a Telenet NUA oftentimes (not always) refers to the phone Area Code that the computer is located in (i.e. 713 xxx would be a computer in Houston, Texas). If there's a particular area you're interested in, (say, New York City 914), you could begin by typing @c 914 001 . If it connects, you make a note of it and go on to 914 002. You do this until you've found some interesting systems to play with. Not all systems are on a simple xxx yyy address. Some go out to four or five digits (914 2354), and some have decimal or numeric extensions (422 121A = 422 121.01). You have to play with them, and you never know what you're going to find. To fully scan out a prefix would take ten million attempts per prefix. For example, if I want to scan 512 completely, I'd have to start with 512 00000.00 and go through 512 00000.99, then increment the address by 1 and try 512 00001.00 through 512 00001.99. A lot of scanning. There are plenty of neat computers to play with in a 3-digit scan, however, so don't go berserk with the extensions. Sometimes you'll attempt to connect and it will just be sitting there after one or two minutes. In this case, you want to abort the connect attempt by sending a hard break (this varies with different term programs, on Procomm, it's ALT-B), and then when you get the @ prompt back, type 'D' for disconnect. If you connect to a computer and wish to disconnect, you can type @ and you it should say TELENET and then give you the @ prompt. From there, type D to disconnect or CONT to re-connect and continue your session uninterrupted. Outdials, Network Servers, and PADs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% In addition to computers, an NUA may connect you to several other things. One of the most useful is the outdial. An outdial is nothing more than a modem you can get to over telenet -- similar to the PC Pursuit concept, except that these don't have passwords on them most of the time. When you connect, you will get a message like 'Hayes 1200 baud outdial, Detroit, MI', or 'VEN-TEL 212 Modem', or possibly 'Session 1234 established on Modem 5588.' The best way to figure out the commands on these is to type ? or H or HELP -- this will get you all the information that you need to use one. Safety tip here -- when you are hacking *any* system through a phone dialup, always use an outdial or a diverter, especially if it is a local phone number to you. More people get popped hacking on local computers than you can imagine, Intra-LATA calls are the easiest things in the world to trace inexpensively. Another nice trick you can do with an outdial is use the redial or macro function that many of them have. First thing you do when you connect is to invoke the 'Redial Last Number' facility. This will dial the last number used, which will be the one the person using it before you typed. Write down the number, as no one would be calling a number without a computer on it. This is a good way to find new systems to hack. Also, on a VENTEL modem, type 'D' for Display and it will display the five numbers stored as macros in the modem's memory. There are also different types of servers for remote Local Area Networks (LAN) that have many machine all over the office or the nation connected to them. I'll discuss identifying these later in the computer ID section. And finally, you may connect to something that says 'X.25 Communication PAD' and then some more stuff, followed by a new @ prompt. This is a PAD just like the one you are on, except that all attempted connections are billed to the PAD, allowing you to connect to those nodes who earlier refused collect connections. This also has the added bonus of confusing where you are connecting from. When a packet is transmitted from PAD to PAD, it contains a header that has the location you're calling from. For instance, when you first connected to Telenet, it might have said 212 44A CONNECTED if you called from the 212 area code. This means you were calling PAD number 44A in the 212 area. That 21244A will be sent out in the header of all packets leaving the PAD. Once you connect to a private PAD, however, all the packets going out from *it* will have it's address on them, not yours. This can be a valuable buffer between yourself and detection. Phone Scanning %%%%%%%%%%%%%% Finally, there's the time-honored method of computer hunting that was made famous among the non-hacker crowd by that Oh-So-Technically-Accurate movie Wargames. You pick a three digit phone prefix in your area and dial every number from 0000 --> 9999 in that prefix, making a note of all the carriers you find. There is software available to do this for nearly every computer in the world, so you don't have to do it by hand. Part Three: I've Found a Computer, Now What? %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% This next section is applicable universally. It doesn't matter how you found this computer, it could be through a network, or it could be from carrier scanning your High School's phone prefix, you've got this prompt this prompt, what the hell is it? I'm *NOT* going to attempt to tell you what to do once you're inside of any of these operating systems. Each one is worth several G-files in its own right. I'm going to tell you how to identify and recognize certain OpSystems, how to approach hacking into them, and how to deal with something that you've never seen before and have know idea what it is. VMS - The VAX computer is made by Digital Equipment Corporation (DEC), and runs the VMS (Virtual Memory System) operating system. VMS is characterized by the 'Username:' prompt. It will not tell you if you've entered a valid username or not, and will disconnect you after three bad login attempts. It also keeps track of all failed login attempts and informs the owner of the account next time s/he logs in how many bad login attempts were made on the account. It is one of the most secure operating systems around from the outside, but once you're in there are many things that you can do to circumvent system security. The VAX also has the best set of help files in the world. Just type HELP and read to your heart's content. Common Accounts/Defaults: [username: password [[,password]]] SYSTEM: OPERATOR or MANAGER or SYSTEM or SYSLIB OPERATOR: OPERATOR SYSTEST: UETP SYSMAINT: SYSMAINT or SERVICE or DIGITAL FIELD: FIELD or SERVICE GUEST: GUEST or unpassworded DEMO: DEMO or unpassworded DECNET: DECNET DEC-10 - An earlier line of DEC computer equipment, running the TOPS-10 operating system. These machines are recognized by their '.' prompt. The DEC-10/20 series are remarkably hacker-friendly, allowing you to enter several important commands without ever logging into the system. Accounts are in the format [xxx,yyy] where xxx and yyy are integers. You can get a listing of the accounts and the process names of everyone on the system before logging in with the command .systat (for SYstem STATus). If you seen an account that reads [234,1001] BOB JONES, it might be wise to try BOB or JONES or both for a password on this account. To login, you type .login xxx,yyy and then type the password when prompted for it. The system will allow you unlimited tries at an account, and does not keep records of bad login attempts. It will also inform you if the UIC you're trying (UIC = User Identification Code, 1,2 for example) is bad. Common Accounts/Defaults: 1,2: SYSLIB or OPERATOR or MANAGER 2,7: MAINTAIN 5,30: GAMES UNIX - There are dozens of different machines out there that run UNIX. While some might argue it isn't the best operating system in the world, it is certainly the most widely used. A UNIX system will usually have a prompt like 'login:' in lower case. UNIX also will give you unlimited shots at logging in (in most cases), and there is usually no log kept of bad attempts. Common Accounts/Defaults: (note that some systems are case sensitive, so use lower case as a general rule. Also, many times the accounts will be unpassworded, you'll just drop right in!) root: root admin: admin sysadmin: sysadmin or admin unix: unix uucp: uucp rje: rje guest: guest demo: demo daemon: daemon sysbin: sysbin Prime - Prime computer company's mainframe running the Primos operating system. The are easy to spot, as the greet you with 'Primecon 18.23.05' or the like, depending on the version of the operating system you run into. There will usually be no prompt offered, it will just look like it's sitting there. At this point, type 'login '. If it is a pre-18.00.00 version of Primos, you can hit a bunch of ^C's for the password and you'll drop in. Unfortunately, most people are running versions 19+. Primos also comes with a good set of help files. One of the most useful features of a Prime on Telenet is a facility called NETLINK. Once you're inside, type NETLINK and follow the help files. This allows you to connect to NUA's all over the world using the 'nc' command. For example, to connect to NUA 026245890040004, you would type @nc :26245890040004 at the netlink prompt. Common Accounts/Defaults: PRIME PRIME or PRIMOS PRIMOS_CS PRIME or PRIMOS PRIMENET PRIMENET SYSTEM SYSTEM or PRIME NETLINK NETLINK TEST TEST GUEST GUEST GUEST1 GUEST HP-x000 - This system is made by Hewlett-Packard. It is characterized by the ':' prompt. The HP has one of the more complicated login sequneces around -- you type 'HELLO SESSION NAME,USERNAME,ACCOUNTNAME,GROUP'. Fortunately, some of these fields can be left blank in many cases. Since any and all of these fields can be passworded, this is not the easiest system to get into, except for the fact that there are usually some unpassworded accounts around. In general, if the defaults don't work, you'll have to brute force it using the common password list (see below.) The HP-x000 runs the MPE operating system, the prompt for it will be a ':', just like the logon prompt. Common Accounts/Defaults: MGR.TELESUP,PUB User: MGR Acct: HPONLYG rp: PUB MGR.HPOFFICE,PUB unpassworded MANAGER.ITF3000,PUB unpassworded FIELD.SUPPORT,PUB user: FLD, others unpassworded MAIL.TELESUP,PUB user: MAIL, others unpassworded MGR.RJE unpassworded FIELD.HPPl89 ,HPPl87,HPPl89,HPPl96 unpassworded MGR.TELESUP,PUB,HPONLY,HP3 unpassworded IRIS - IRIS stands for Interactive Real Time Information System. It originally ran on PDP-11's, but now runs on many other minis. You can spot an IRIS by the 'Welcome to "IRIS" R9.1.4 Timesharing' banner, and the ACCOUNT ID? prompt. IRIS allows unlimited tries at hacking in, and keeps no logs of bad attempts. I don't know any default passwords, so just try the common ones from the password database below. Common Accounts: MANAGER BOSS SOFTWARE DEMO PDP8 PDP11 ACCOUNTING VM/CMS - The VM/CMS operating system runs in International Business Machines (IBM) mainframes. When you connect to one of these, you will get message similar to 'VM/370 ONLINE', and then give you a '.' prompt, just like TOPS-10 does. To login, you type 'LOGON '. Common Accounts/Defaults are: AUTOLOG1: AUTOLOG or AUTOLOG1 CMS: CMS CMSBATCH: CMS or CMSBATCH EREP: EREP MAINT: MAINT or MAINTAIN OPERATNS: OPERATNS or OPERATOR OPERATOR: OPERATOR RSCS: RSCS SMART: SMART SNA: SNA VMTEST: VMTEST VMUTIL: VMUTIL VTAM: VTAM NOS - NOS stands for Networking Operating System, and runs on the Cyber computer made by Control Data Corporation. NOS identifies itself quite readily, with a banner of 'WELCOME TO THE NOS SOFTWARE SYSTEM. COPYRIGHT CONTROL DATA 1978,1987.' The first prompt you will get will be FAMILY:. Just hit return here. Then you'll get a USER NAME: prompt. Usernames are typically 7 alpha-numerics characters long, and are *extremely* site dependent. Operator accounts begin with a digit, such as 7ETPDOC. Common Accounts/Defaults: $SYSTEM unknown SYSTEMV unknown Decserver- This is not truly a computer system, but is a network server that has many different machines available from it. A Decserver will say 'Enter Username>' when you first connect. This can be anything, it doesn't matter, it's just an identifier. Type 'c', as this is the least conspicuous thing to enter. It will then present you with a 'Local>' prompt. From here, you type 'c ' to connect to a system. To get a list of system names, type 'sh services' or 'sh nodes'. If you have any problems, online help is available with the 'help' command. Be sure and look for services named 'MODEM' or 'DIAL' or something similar, these are often outdial modems and can be useful! GS/1 - Another type of network server. Unlike a Decserver, you can't predict what prompt a GS/1 gateway is going to give you. The default prompt it 'GS/1>', but this is redifinable by the system administrator. To test for a GS/1, do a 'sh d'. If that prints out a large list of defaults (terminal speed, prompt, parity, etc...), you are on a GS/1. You connect in the same manner as a Decserver, typing 'c '. To find out what systems are available, do a 'sh n' or a 'sh c'. Another trick is to do a 'sh m', which will sometimes show you a list of macros for logging onto a system. If there is a macro named VAX, for instance, type 'do VAX'. The above are the main system types in use today. There are hundreds of minor variants on the above, but this should be enough to get you started. Unresponsive Systems %%%%%%%%%%%%%%%%%%%% Occasionally you will connect to a system that will do nothing, but sit there. This is a frustrating feeling, but a methodical approach to the system will yield a response if you take your time. The following list will usually make *something* happen. 1) Change your parity, data length, and stop bits. A system that won't respond at 8N1 may react at 7E1 or 8E2 or 7S2. If you don't have a term program that will let you set parity to EVEN, ODD, SPACE, MARK, and NONE, with data length of 7 or 8, and 1 or 2 stop bits, go out and buy one. While having a good term program isn't absolutely necessary, it sure is helpful. 2) Change baud rates. Again, if your term program will let you choose odd baud rates such as 600 or 1100, you will occasionally be able to penetrate some very interesting systems, as most systems that depend on a strange baud rate seem to think that this is all the security they need... 3) Send a series of 's. 4) Send a hard break followed by a . 5) Type a series of .'s (periods). The Canadian network Datapac responds to this. 6) If you're getting garbage, hit an 'i'. Tymnet responds to this, as does a MultiLink II. 7) Begin sending control characters, starting with ^A --> ^Z. 8) Change terminal emulations. What your vt100 emulation thinks is garbage may all of a sudden become crystal clear using ADM-5 emulation. This also relates to how good your term program is. 9) Type LOGIN, HELLO, LOG, ATTACH, CONNECT, START, RUN, BEGIN, LOGON, GO, JOIN, HELP, and anything else you can think of. 10) If it's a dialin, call the numbers around it and see if a company answers. If they do, try some social engineering. Brute Force Hacking %%%%%%%%%%%%%%%%%%% There will also be many occasions when the default passwords will not work on an account. At this point, you can either go onto the next system on your list, or you can try to 'brute-force' your way in by trying a large database of passwords on that one account. Be careful, though! This works fine on systems that don't keep track of invalid logins, but on a system like a VMS, someone is going to have a heart attack if they come back and see '600 Bad Login Attempts Since Last Session' on their account. There are also some operating systems that disconnect after 'x' number of invalid login attempts and refuse to allow any more attempts for one hour, or ten minutes, or sometimes until the next day. The following list is taken from my own password database plus the database of passwords that was used in the Internet UNIX Worm that was running around in November of 1988. For a shorter group, try first names, computer terms, and obvious things like 'secret', 'password', 'open', and the name of the account. Also try the name of the company that owns the computer system (if known), the company initials, and things relating to the products the company makes or deals with. Password List ============= aaa creation innocuous really ada create jester rebecca academia daniel johnny remote adrian danny joseph rick aerobics dave joshua reagan airplane deb judith robot albany debbie juggle robotics albatross deborah julia rolex albert december kathleen ronald alex desperate kermit rosebud alexander develop kernel rosemary algebra diet knight roses alias digital lambda ruben alpha discovery larry rules alphabet disney lazarus ruth ama dog lee sal amy drought leroy saxon analog duncan lewis scheme anchor easy light sex andy eatme lisa shark arrow edges maggot sharon arthur erenity magic shit asshole elizabeth malcolm shiva athena ellen mark shuttle atmosphere emerald markus simon bacchus engine marty simple badass engineer marvin singer bailey enterprise master single banana enzyme maurice smile bandit euclid merlin smiles banks evelyn mets smooch bass extension michael smother batman fairway michelle snatch beauty felicia mike snoopy beaver fender minimum soap beethoven fermat minsky socrates beloved finite mogul spit benz flower moose spring beowulf foolproof mozart subway berkeley football nancy success berlin format napoleon summer beta forsythe network tape beverly fourier newton target angerine fred osiris taylor bumbling friend outlaw telephone cardinal george oxford temptation carmen gertrude pacific tiger carolina gibson painless toggle caroline ginger pam tomato castle gnu paper toyota cat golf password trivial celtics golfer pat unhappy change gorgeous patricia unicorn charles graham penguin unknown charming gryphon pete urchin charon guest peter utility chester guitar philip vicky cigar hacker phoenix virginia classic harmony pierre warren coffee harold pizza water coke harvey plover weenie collins heinlein polynomial whatnot comrade hello praise whitney computer help prelude will condo herbert prince william condom honey protect cookie horse pumpkin cooper imperial willie include puppet winston ingres rabbit rascal I hope this file has been of some help in getting started. If you're asking yourself the question 'Why hack?', then you've probably wasted a lot of time reading this, as you'll never understand. For those of you who have read this and found it useful, please send a tax-deductible donation of $5.00 (or more!) in the name of the Legion of Doom to: The American Cancer Society 90 Park Avenue New York, NY 10016 ******************************************************************************* References: 1) Introduction to ItaPAC by Blade Runner Telecom Security Bulletin 1 2) The IBM VM/CMS Operating System by Lex Luthor The LOD/H Technical Journal 2 3) Hacking the IRIS Operating System by The Leftist The LOD/H Technical Journal 3 4) Hacking CDC's Cyber by Phrozen Ghost Phrack Inc. Newsletter 18 5) USENET comp.risks digest (various authors, various issues) 6) USENET unix.wizards forum (various authors) 7) USENET info-vax forum (various authors) Recommended Reading: 1) Hackers by Steven Levy 2) Out of the Inner Circle by Bill Landreth 3) Turing's Man by J. David Bolter 4) Soul of a New Machine by Tracy Kidder 5) Neuromancer, Count Zero, Mona Lisa Overdrive, and Burning Chrome, all by William Gibson 6) Reality Hackers Magazine c/o High Frontiers, P.O. Box 40271, Berkeley, California, 94704, 415-995-2606 7) Any of the Phrack Inc. Newsletters & LOD/H Technical Journals you can find. Acknowledgements: Thanks to my wife for putting up with me. Thanks to Lone Wolf for the RSTS & TOPS assistance. Thanks to Android Pope for proofreading, suggestions, and beer. Thanks to The Urvile/Necron 99 for proofreading & Cyber info. Thanks to Eric Bloodaxe for wading through all the trash. Thanks to the users of Phoenix Project for their contributions. Thanks to Altos Computer Systems, Munich, for the chat system. Thanks to the various security personel who were willing to talk to me about how they operate. Boards: I can be reached on the following systems with some regularity; The Phoenix Project: 512/441-3088 300-2400 baud Hacker's Den-80: 718/358-9209 300-1200 baud Smash Palace South: 512/478-6747 300-2400 baud Smash Palace North: 612/633-0509 300-2400 baud ************************************* EOF ************************************* ========================================================================= ASKi Phile #5 BUSTED!!!!! You've been arrested! Life sure sucks now, don't it? Nope. This is where you get to have more phun while learning a lot about the reason that your government is NOT your friend. "Live in fame or die in flame" -- Mack First off, remember: no hero stuff here. They are probably wearing bullet proof vests, arrive in bunches of 20, and carrying heavy artillery. Even if it's only one redneck, they all still suffer from having a severe trigger finger. There is no reason to get roughed up, bruised, or shot. The Attitude You need to have the attitude. Use your head, control your emotions, and keep your mouth shut at all times. Remember that they will give rewards to stoolies, so don't even discuss anything outside of chitchat like local politics, news, or weather. Okay, second. You are not a young punk pain in the ass. You're not a hero; you're not anything. You are a farm boy from Kentucky and you're downright DUMB. You're kind and work with everybody as much as possible, but stubborn. You apologize and call everyone sir and generally kiss ass whenever possible. Why? Because you look stupid and easy to take advantage of. Remember keeping your mouth shut? This is the easiest way to do just that. Don't ever ask them for anything. Don't grovel. You are in control of yourself; they are only in control of the situation. Your complaints will go on report and give them satisfaction. Remember "Miranda"? Well, those rights apply at ALL times. There is no requirement to read them to you in a whole bunch of special exceptions, so just assume that they've been read to you anyways. They WILL appear compassionate and sympathetic, but they are really robotized. They are totally impervious to all reason, logic and common sense. Once you got the basic rules down, the rest of the procedure is just one big game, except that the stakes are kind of high. Don't sweat it if you can, but chances are that you're going to be sweating a lot just because the first time you ever play in a quarter million dollar poker game, the numbers get to you. Quarter million? If you're going to be in the dungeon for say 10 years, you could probably make about $25,000 a year easily. And that's after the government takes out their share of something close to half. So you're actually going to be playing for a quarter million dollars even if it's only five years. Not only that, but once you've been to jail once, all of your subsequent employers will be harder to get and possibly pay less. But this is not a game you would normally show up for. Usually, someone else volunteers you in. Still not convinced? Well, let's take some numbers (old numbers but proportions are right). From the official 1977 IRS figures, 8,391 persons qualified for priority treatment (were investigated). 3,408 were recommended for prosecution. Of those lucky winners, only 1,636 were indicted by grand juries. 247 of those were convicted after trial and less than half ever served time in jail. At that time, there were also approximately 90 million income tax filers (out of a total population of 210 million). And we're not talking about one of the roughest, nastiest teams in the American Legal League, in most cases. The Rules of the Game Okay, the point of the game is to get over the goal line. It's just like football (and if you try to tempt them, they really will sack the quarterback just because they are sadistic people). Here's what they score points for. Getting you to admit anything. Getting you to incriminate yourself. Intimidating you. Getting you to skip procedural details. There's only one problem with these simple details: they are all professional players and you're just an amateur team. That's why the game is rigged in your favor intentionally. But unless you're a professional gambler, you wouldn't even know it. Here's what you score points for. Getting them to admit anything. Getting them to perjure themselves. Getting them to foul (not follow the rules). Giving them as much frustration and anxiety as possible. Making them lose in front of their friends (they all have bad sportsmanship problems). Making them lose in front of the press. I can't possibly go over all the rules. There are entire libraries full of rules. And you thought pro-football was bad! But, there are certain basics of the game. If you understand those, you're way ahead. Getting a Basic Rule Book If you want to actually buy a rule book, I know of one good one that costs about $20. It is mostly for civil (law suits) procedure, but he covers the differences between civil and criminal pretty well and how to adapt. Brown's Lawsuit Cookbook The Brown Carburetor Co., Inc. P.O. Box 89 Draper, Utah 84020 Don't get the "sequel" that he advertises. It's just a book of forms and not much use except for the two page excerpt at the end that talks about RICO, if you don't know anything at all about RICO. Mike Brown's specialty is getting people out of prison, so he might be useful later on, too. The place he has vast expertise in is Terre Haute in Indiana, which is not a pretty place to spend an all expenses paid government vacation at. For one thing, the other tourists and the tour guides are absolutely lousy. Levels of Play There are a bunch of levels of play. You will probably be like most people and perhaps never even get to the higher levels, like the appeals process. But unless you do something really stupid and get shot, you are pretty much guaranteed to make it through the first few levels. Remember the ways to score points. The more points you score, the better your chances of winning. There are some bonus points built in, too, like getting a judge get kicked off the field for a personal foul (easier than you think, but most lawyers are scared silly to even try to do anything like that). 1. Arrest. 2. Initial Questioning. 3. Booking. Bonus Rounds: more questioning and pretrial services. 4. More Questioning. 5. Arraignment. Bonus Round: Evidentiary Hearing. Bonus Round: Administrative Hearing (automatic in a traffic case; otherwise rare). Bonus Round: Grand Jury Indictment. 6. Trial. 7. Sentencing. 8. Appeals (pretrial services, trials, and sentencing). Hopefully, you can make it to at least some bonus rounds. Getting an evidentiary hearing is relatively easy, for instance. And at that round, there are some points that you can pick up, but you can also get some point multipliers that will make scoring in the actual trial worth more points. There are also no absolutes. This is just a thumbnail sketch. Some levels can be skipped or added in. Some levels can be skipped because of mistakes you make. It is possible, for instance, to petition for a writ of prohibition (an order from a more powerful judge telling his underling to stop doing something to you) and go through a pseudo-appeals stage. Some levels can happen completely by mail instead of in person (this is very common at the appeals level). But, this basic list of levels is usually good enough. As you get better, you should have no problems finding some of the bonus levels, like the writs (a writ is an order from a judge which carries a lot of weight) levels. Questioning Okay, for now, let's go over the basic format to answering questions. Officer: Generic Question. You: "Sir, can you please tell me if my answer to that question is mandatory or voluntary?" 1. Officer: "Voluntary." You: "Then I choose not to volunteer." 2. Officer: "Mandatory." You: "Sir, what will you do to me if I don't answer?" 2a. Officer: "We'll kick the shit out of you." You: "My answer is XXX under threat of bodily harm, coercion, etc." or perhaps "I refuse to answer on the grounds that I may incriminate myself." or perhaps "Show me the law, statute, case, or whatever it is that makes it mandatory and then I'll answer." This is a matter of personal taste; if you can take the punishment, go for it. It depends on the situation. 2b. Officer: "You won't get out of here until you answer." They know it. You know it. So what? You'll eventually go to trial and the judge will either have to force your answers to be a condition of your release (this is appealable usually) or order you to do so (which is a violation of the 5th amendment and which gives you the power to recuse the judge so fast he won't know what happened since he's now a party to the case by getting evidence on the record). It really depends on whether or not you want to give in to them. Remember, the whole point here is to attempt to act cooperative while refusing to say anything if you can help it. This is true at every stage of the game. There are lots of different times where they will try to question you. Even other prisoners may be sent in to try to get you to talk if you're important to them and you're being a tough nut to crack. So keep acting stupid. Ask for meaningful assistance of counsel to help you understand the question. Volunteer for nothing. After all, don't all the lawyers tell you that only THEY can understand legal procedure? Okay, there is a special case for judges. Remember, judges have to be impartial. With a judge, when he asks you for information, such as what your name is, you say: "Sir, are you attempting to enter evidence on the record because you are a party to the case?" This question REALLY pisses them off. If they say no, then don't volunteer information. If they say yes, then they can't judge the case anymore. Another appropriate question is, "Your honor, are YOU the accusing party? Then who is the accusing party? I want to face my accusers as required by the constitution." Here's an example of what happened once: "No, Sir. I just need to know who you are so I can proceed with this case. And since when I asked for the accused party, you answered, then if you are not the accused party then you are interfering with this court and I will find you in contempt." The right response to this sort of nastiness is just to say something like, "Sir, It is the job of the accusing party to identify the accused party; however, if you wish, you can call me Peter Pan for purposes of identification until the accusing party clears this matter up." A better way is not to get into this situation. When you are called, stand and ask if the accusing party is present. And the judge better not respond! Otherwise, you just stand there and when the bailiff orders you to walk forward or whatever, you just say, "I'm sorry if I'm in the wrong place, Sir. Your bailiff here ordered me to come forward." This is part of jurisdiction. Jurisdiction is necessary for a court to have control over a case. There are lots of ways they can get it; when you plead guilty or not guilty, or when they get all 7 elements. Number 1 is positive identification of the accused party. Accused must be properly identified; identified in such a fashion there is no room for mistaken identity. The individual must be singled out from all others; otherwise, anyone could be subject to arrest and trial without benefit of "wrong party" defense. Almost always the means of identification is a person's proper name, BUT, any means of identification is equally valid if said means differentiates the accused without doubt. (There is no constitutionally valid requirement you must identify yourself) For stop and identify (4th Amendment) see Brown v. Texas, 443 US 47 and Kolender v Lawson, 461 US 352. Arrest Remember all the things you read about Mirandizing you first? Forget it. As long as they can get you to admit anything, they can use it against you, regardless of whether or not you've been mirandized. They will probably put the cuffs on too tight. And they will handcuff you. Don't complain. Don't ask your kidnappers for anything. You're the one in control here, not a wimp. Act like it. Be respectful, though. Don't act better than them or they'll take it out on you (all cops have deep fears of being inferior to anybody). Your complaints will go in their report. Don't give them any satisfaction! Do not answer any questions at all. Demand to get meaningful assistance of counsel and counsel of choice, since it is your right to have these at EVERY important stage, including the arrest itself. Just try to be as cooperative as possible physically (there is no reason to get the shit kicked out of you here) because it's not going to be worth your effort to resist. Besides, that will give them a reason to kick the shit out of you that they can use in court. As far as the actual mirandizing, when they ask if you understand, just say the truth. Say "No. I need counsel to help me understand, Sir." You may get lucky. They might give you waist chains or leg irons. If this happens, wear them with pride! Hardly anybody gets that kind of treatment anymore and it means you're really special. Show them off to the other prisoners, to any police you meet, the public, everybody! Booking They will ask for your name? Are you waiving rights if you answer? Yep! Aside from that, you could be waiving jurisdiction. Remember how to answer these questions.."Sir, is the answer to that question voluntary or mandatory?" What about mug shots and fingerprints. They will give those back if you're not guilty, right? Yes, they'll give you the originals, but you can be sure they've made copies. In Davis v. Mississippi, they stated that fingerprints and other personal identification essentially work like property. They need a search warrant to get them. Arraignment Before you are arraigned, they will probably keep you in a holding cell until you're talkative. They will send a pre-trial services representative to try to get you to tell them your life history. This is the same routine as booking. Don't answer anything. At arraignment, the magistrate or judge will read the complaint, information, or indictment against you and ask if you understand it. He is supposed to inform you of your right to assistance of counsel, that you are not required to make any statements, and that any statement may be used against you. The whole point of this procedure is only to tell you what you have been charged with and to make sure you don't understand it. So answer truthfully and say "No" if you still don't have counsel. He may also ask you how you plead. In this case, you may wish to say that "The accused stands mute." If you make a plea of any sort, you could be giving them jurisdiction. You could also say that "Since the defendant cannot understand the charges, the defendant stands mute." The judge will say "I will enter a not guilty plea for you." Say loud and clear, "I object! Let the record show that the accused stands mute." Then the judge will start asking you personal questions. Shut up. Keep the voluntary/mandatory routine up. Now, the prosecutor or judge or cop is going to absolutely have a conniption and throw a tantrum because you won't answer their questions. Let them carry on. In Federal courts, 18 USC 1342 sets release with the least amount of restrictions unless there is some legitimate reason on which the court can justify the imposition of restrictions greater than what would reasonably assure your appearance. In state courts, the situation is similar. Okay, now after the government demands something more than your own recognizance or an unsecured cash bond, then say loud and clear something like, "Please put on record the fact that the government has demanded that I be placed under the unreasonable bond restrictions of XYZ merely because I choose to exercise my right to remain silent." Some of the bond restrictions they may want (which are listed in 18 USC 1342..find out the equivalent for the state) are distance of travel, curfew, psychiatric testing, or even weekly reporting. These are all considered unreasonable except with extra circumstances (like you jumped bond before). Object and state "Please put on record that the no reason was given for the bond restriction of XYZ and the accused objects." The judge will most likely make submission of your prints and pictures a condition of your release. If you don't give in, you'll sit in jail. Some of the booking questions will be about your physical description. The rest will be personal or about your family; these are out of line. This much should get you at least through the first 3-4 days of the standard arrest procedure and have heaps of procedural errors lined up for "arguing technicalities" or appeals. ASKi Phile #6 Sup!!! This is an ASKI Special Release.... My research paper... You might find this interesting, you might think it's complete BS, I really couldn't care less. A few people were interested in reading this so I thought I'd put it out. The first section is a little flat, but it's good info. I think there are some real parallels here, anyway it makes you think... Have Phun.... Tom Cross AKA The White Ninja -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Campaign of Terror By Tom Cross "Cyberpunk, an unholy alliance of the technical world with the underground of pop culture and street level anarchy (Elmer-Dewitt 59)." Bruce Sterling's graphic definition of America's newest counter-culture conjures up images of street gangs attacking each other with the high- tech weaponry of the 21st century. Oddly enough, this is quite close to the way many people view today's teenage computer hackers. Evil criminals out to destroy man kind... This romantic view of the computer hackers has caused the entire electronic community to be attacked by government, law enforcement, religious institutions, corporations, and concerned citizens groups. Driven by a false view of hackers as an evil scourge of society, they have driven the electronic community into a corner. In the past there has been another group of "criminals and outcasts" in America who had been attacked by society. These were the colonists living in the British American Colonies, and when they fought back, thousands died and a new nation was forged. This new nation would grow to become the most powerful nation in the world. Events occurring now on the electronic frontier pose frighting similarities to the events surrounding the American revolution. Before describing the world of computer hackers, and the parallels that can be drawn to historical events, it is best to begin with a history of the American Revolution. Many of the people who came to America were out casts from British society. Many followed alternative religions and wanted to escape the established Church of England. Others were criminals who had been sent to America as punishment. There were also adventurers and speculators, who wanted to find fortune and success on the American frontier. Whatever their reason, many British citizens ended up living in America, and these citizens saw themselves as British people (Klose 20 - 21). The American Colonies were mercantile colonies. They were established to profit Britain, to provide raw materials for Britain, and to provide a market for British goods. The British government set up laws that would protect this mercantile policy, and that would ensure profit for the mother country. However, the colonists were selective about which laws they followed. If a law wasn't beneficiary to them, they ignored it. The British government accepted this, and because of political graft, competition with other nations, and the want for good relations between the colonies and the mother country, violations of English trade laws were often ignored. Britain was following a policy a salutary neglect. However, generation after generation, American colonists began feeling less and less like British citizens. When Britain established itself as the dominate world power, and no longer needed salutary neglect, the colonists were not happy (Midgley 43). Between the years of 1724 and 1741, a new generation of kids was born. Historian David Fischer describes these kids as a generation that grew up in a time when age was a person's most respected value, and grew old in a time when it was best to young. They were "heavy drinkers, daring pioneers, and angry orators attracted to high risk and decisive action." They alarmed the older colonists with their rebellious actions and their lack of education. As John Adams put it, "We have not men fit for the times. We are deficient in genius, in education, in travel, in fortune - in everything. I feel unutterable anxiety." Many were disappointed with the new generation, as they were poor and uneducated in comparison to their elders, but they were adventurous, brave, an hateful towards control. They also felt little connection to Britain, and had gained military experience and a sense of freedom when they fought the French and Indian War without British assistance. These traits made them a perfect generation to rebel against the British government, especially at a time when the British government was trying to step up it's control (Howe 212 - 214). In 1763 the first conflicts between the British government and the colonists began to erupt. The British government was thousands of miles away from America, and thus was unresponsive to American needs. This resulted in a series of laws which greatly angered the Americans. The first of these was the declaration of the proclamation line. This was a line between the American colonies and the Indian territories, and it was intended to protect both the colonists and the Indians from conflict. However, thousands of colonists had already planned to move into the territory west of the proclamation line, and many were already there. The colonists had already invested time and money into moving across the line, and the proclamation angered them. Next, the Sugar Act was passed, this act placed a duty on molasses and sugar. The British also ended their policy of salutary neglect with a series of actions that clamped down on laws the colonists had been violating for generations; a vice admiralty court was established to try tax evaders who had previously been treated sympathetically by colonial courts, bond for shippers was raised, tax collectors for the colonies could not live in England, and tax officials were given writs of assistance (blanket search warrants). Another final action by the British government which brought protest was the passing of the Stamp Act. The Stamp Act required that stamps be bought and placed on about 50 paper documents from legal documents to newspapers. This law was not only a direct tax without representation, but it was an attack on freedom of speech. The colonists would react quickly and in some cases, violently (Midgley 46). James Otis called for a protest meeting to be held in New York City (Midgley 47). Letters were sent out to all of the colonies, and in October the Stamp Act Congress met (Midgley 47). Massachusetts, South Carolina, Rhode Island, Connecticut, New Jersey, Delaware, New York, Pennsylvania, and Maryland were represented (Midgley 47). The Congress protested taxation without representation, and stated that only their legislatures could levy taxes (Midgley 47). Some of the protests were more violent. A few days after the Congress let out, a boycott on British goods was established (Midgley 47). This boycott was enforced by drunken mobs of liberty generation youths, twenty, and thritysomethings who called themselves the "Sons of Liberty." The "Sons of Liberty" forced merchants and printers to work without using stamps, burned court houses and tax collection offices, tarred and feathered tax collectors, and generally caused as much physical damage to those buying or selling stamps as possible (Tyne 163 - 172). Three weeks before the stamp act was passed, riots began in Boston (Tyne 166). "An effigy of Andrew Oliver, the nominated stamp distributor, later forced to resign that office, was swung all day on the 'Great Tree,' and after dark an 'amazing' multitude shouting 'liberty, property, and no stamps,' bore the image an a beir, through the State House and under the very chamber where sat the Governor and Council. With the debris of the demolished stamp office they made a funeral pyre for the execrated effigy. Twelve days later the mob sacked the home of the customs officer, burned the vice- admiralty records, gutted the mansion of Lieutenant Governor Hutchinson, beating down the very partition walls, wrecking the furniture, and defacing family plate and portraits (Tyne 166)." Despite these highly rebellious actions, the British government was sympathetic. Only one, the Major of Artillery, wanted to "cram the stamps down the throats of the people." The government, instead, tried to keep the peace without being overly oppressive. Many people disagreed with this stance, and thought that the government should have "nipped the spirit of sedition in the bud," however, the British listened to the American requests and the Stamp Act Congress. In the end, the law was repealed (Tyne 163 - 172). The Americans had won their first victory, but soon events would have them fighting again. With the repeal of the Stamp Act, Parliament issued a second order, the Declaratory Act. The Declaratory Act stated that Parliament could make any law that would hold the colonies and Britain together. It effectively refuted all arguments the Americans had made concerning taxation. The colonists ignored it, but the opinions of the colonists and the opinions of the British government were beginning to split. Parliament then passed the Quartering act. This act was an attempt to deal with the over-crowding of troops in New York City by requiring that the colony provide housing. This often meant shacking soldiers up with private citizens at the citizen's expense. The Americans resented this greatly, and many raised "liberty poles" in protest. A third act which brought American and British relations to a boil again was the Townshend Acts. These were a set of import taxes on glass, tea, lead, paint, and paper. These taxes would spur a resistance movement against the British that would eventually lead to war! A few Americans started a communication campaign. Two sets of letters were spread across the colonies, building opposition towards the laws and anger towards the British. The first was John Dickinson's, "Letters from a Farmer." These papers stated that Parliament could only levy an import duty for the purpose of trade control, not for revenue. These papers were widely read and widely accepted. The second set was Samuel Adam's Circular Letters. These were a series of statements renouncing taxation without representation. The Massachusetts House adopted them and sent them across the colonies. They proposed that the colonies form a unified effort to fight British oppression. The British declared the letters seditious, but they were officially adopted by four other colonies. These letters communicated the angers against the British to the people of the colonies. They agreed with what was being said, and growing opposition to Britain began to build in America. Tea time was a custom in both Britain and America (Bailey 97). In fact, Approximately 1 million people drank tea twice a day (Bailey 97). Tea was almost as essential to Americans a bread and water, and a tax on it was inexcusable. The Americans were in a rebellious mood, and in 1768 a boycott began in Boston and spread all across the colonies in only a few months (Midgley 48). Colonial merchants were not to buy items taxed under the Townshend Act (Midgley 48). Although the boycott did not bring much harm to British merchants, the government decided to listen to the American demands (Midgley 48). A new Prime Minister came into power and repealed the Townshend Acts (accept for the tax on tea) (Midgley 48). The Quartering Act also expired and was not renewed (Midgley 48). Because of these actions many Americans dropped the boycotts, and there was period of quiet for three years. However, there was a train of incidents that kept the revolutionary ball rolling (Midgley 48). The first was the Boston Massacre, which occurred a few months before the Townshend Acts were repealed (Midgley 48). Bostonians and British soldiers were not on friendly terms, and when a heated argument broke out between a British sentry and an American civilian, a crowd of people gathered and joined in (Midgley 48). When the crowd pressed toward the soldiers and started throwing rocks and snow balls, the soldiers became confused and frightened, and they opened fire (Midgley 48). Five were killed (Midgley 48). This incident raised a great deal of anger against the British in America. Sensationalistic rumors and news reports led people to believe that the Americans had done nothing wrong and that the British had just murdered them (Bailey 98). Massacre Day was observed in Boston until 1776 (Bailey 98). The second event was the Gaspee incident (Midgley 48). Americans attacked the British revenue ship Gaspee, chased it's crew to shore, and burned it (Midgley 49). The third was the establishment of the Committees of Correspondence (Midgley 49). This was an intercolonial propaganda campaign (Midgley 49). These Committees sent protests of British oppression all over the colonies for everyone to read (Midgley 49). This intercolonial communication network further forwarded the cause of revolution by making people aware of the colonist's claims, and encouraging people to join the cause (Midgley 49). The events that lead up to the American revolution reached their climax when the British offered an exemption from the tea tax, and thus a monopoly on tea, to the British East India Tea Company. Colonial merchants feared for their lively-hood and reacted very violently. People boycotted tea and tea ships were burned all over the colonies. In Boston a group of colonists disguised themselves as Indians and raided three tea ships. They dumped 342 cases of tea valued at $70,000 out into the harbor. In response to these actions Britain clamped down hard. A set of laws were passed that became know in America as the Intolerable Acts. These acts shut down the Boston harbor, moved all trials of British officers to England, removed the Massachusetts House's right to elect the upper council members, banned town meetings, blocked colonial expansion with Quebec, reinstated the quartering act, and removed the governor of Massachusetts. In protest the Americans began the First Continental Congress. A year later the first shot would be fired, America was at war with Britain (Midgley 49-50). The cyberpunk counter-culture consists of a group of young people who are obsessed with technology. They dress in black clothing, and surround themselves with video games and computers, techno music and raves, smart drugs and virtual realities, fringe science and science fiction, and, of course, computer hackers (Elmer-Dewitt 58 - 65). These cyberpunks have a lot in common with the liberty generation on the 1700's (Howe 212). A combination of neglect and resentment from self- interested Baby Boomers and declining school systems resulted in today's "Generation X" turning out a lot like the liberty generation (Howe 55 - 81). Todays kids are rebellious, adventuresome, and brave, sometimes to the point were they fall off the edge. Suicide rates are at the highest level ever recorded (Howe 83), and in the drug filled city war zones of America, a Generation Xer's life expectancy is lower than that in Bangladesh (Howe 120). America's school system has declined, and many Generation Xers have learned a lot more on their own than in the classroom (Howe 69 - 81). Their parents are quick to place ridicule and blame on them for the fact that they do not have all of the academic knowledge of their elders (Howe 17 - 27). However, they have learned what is needed to solve practical problems, and their business and information management skills are often far better than that of their parents (Howe 80). It is important to note that these are things they taught themselves, not things they were shown in a classroom. One group of Generation Xers who spend their time trying to teach themselves in areas their school has failed with are computer hackers. Computer hackers, skilled computer geniuses who would spend days awake at the screen, typing out a new program, existed as early as the 1960's at MIT. However, today's computer hackers, who are similar in their behavior, find their roots from another group of Baby Boomer engineering students, the Phone Phreaks. Phone Phreaks experimented with the phone network, using electronics to avoid being charged for telephone calls (Claugh 12). The most powerful electronics device used for this purpose was the blue box (Clough 15). The telephone company based their entire network on a set of tones called multi-frequencies (Clough 13). They published these tones in a technical journal in 1954, and before long engineering students all over the country were using them to explore the phone network (Clough 13). The Blue Box gave a user control of all of these tones, and thus control over the entire world wide network (Clough 16). "They found a labyrinth of electronic passages and hidden sections within the Bell network, and they started charting this unknown territory. Then they realized they were looking at the inside of an enormous electronic system, that Ma Bell was really just a giant computer linking terminals - or telephones - with switches and wires and loops all across the country. It was an actual place, though it only existed at the end of a phone receiver. It was a nearly limitless electronic universe accessible by dialing numbers on a phone (Clough 12)." It was 1961 before Bell even knew what was going on (Clough 12). They tried to stop it, but phreaks could just go out to a pay phone leaving Bell with no way of tracking them down (Clough 16). A series of laws were passed locally and federally in the 60's and 70's in order to stop phone theft, but most were unenforceable, and some, such as a law making it illegal for people to posses information relating to phone systems, were so restrictive that they were ruled unconstitutional. Although there were occasional arrests, generally of well known and popular phreaks, the phone phreak world under went it's own period of salutary neglect. Bell didn't become extremely active in stopping phreaking until the mid 80's, when it became plausible again. The Phone Phreak world had it's hey day in the early 70's (Hafner 19). After that time the phreaks had a new interest, building personal computers (Clough 27). In 1976 two phone phreaks who had been building and selling Blue Boxes for cash out of their parents garage, built a personal computer (Clough 29). When they showed it to their local computer club, the members loved it and a few placed orders (Clough 30). The two phone phreaks were Steve Jobs and Steve Wozniak, and they had just founded Apple Computer Corp. (Clough 29). The PC revolution that these two phone phreaks started would revolutionize business, education, and entertainment (Clough 33). By 1993 there would be over 130 million PCs in use world wide, and PCs would have reached about 35% of all homes in industrialized nations (Clough 33). The PC revolution would also come full circle and revolutionize the world of computer hackers and phone phreaks. In 1978 Ward Christensen and Randy Suess hooked a computer up to a telephone line in order to provide a sort of messaging service for the members of their computer club. They had created the first computer bulletin board system or BBS. These computer BBSs would explode in the coming years. By 1993 there would be over 12 million people using computer BBSs (Telebits 20). As Phone Phreaks turned their interests to PCs and eventually into computer hacking, they found they could use these BBSs to communicate. In the eighty's a new generation of computer hackers and phone phreaks, kids who had gotten a computer for Christmas and had found it more interesting than school and an escape from their parents, would be using BBSs to talk to friends all over the country. Computer hackers have a need for forbidden knowledge, and when one called a BBS, he found thousands of other kids who had the same interest. They wanted to learn things that noone else knew, they wanted to be able to do things that were beyond the understanding of ordinary people. On BBSs they found knowledge about phone systems and computer networks that noone else in the world knew. They were experimenting with things that even their parents didn't understand. Growing up in the 70's and 80's they saw all the corruption and problems in government, business, and all other aspects of adult life. They were liberating technology from this corrupt world and using it to learn. There had always been people who wanted to learn things noone else understood, but never before had thousands of these people been networked across a nation, and never before had these people been so intense in their need for forbidden knowledge that they were willing to completely cut themselves off from society inorder to obtain it. The BBSs were a hacker's fantasy world, a place were, for once, information was free, money wasn't everything, and adults didn't have all the answers (Sterling 43 - 85). Hackers weren't violating many laws with the knowledge they had obtained. Sure they knew a few things they weren't supposed to know and they accessed a few computers they weren't supposed to be on, but they were learning and they weren't causing much harm (Sterling 62 - 63). However, much like the colonists in the late 1700's, hackers ignored any law which did not serve their mission of free information (Howe 201). They also delved into other kinds of forbidden information, such as lock picking, bomb construction, drug mixing, military tactics, and murder (Sterling 79 - 80). This fact may seem alarming, but few of the hackers were actually using this information (Sterling 80 - 81). They were just interested in it because it was rare and fun knowledge (Sterling 80 - 81). "Stuffing gunpowder into a booby trapped flashlight, so as to blow the arm off your high school vice principal, can be a thing of dark beauty to contemplate. Actually committing assault by explosives will earn you the sustained attention of the federal Bureau of Alcohol, Tobacco, and Firearms (Sterling 81)." However, this information did attract the attention of parents, and eventually, law enforcement. Pressure was building on law enforcement to act, and they did. However, few law enforcement officers would be willing to raid a bunch of kids because they wanted to know things they weren't supposed to (Sterling 63). Thus a large number of rumors started spreading across law enforcement agencies and news media that a Bulletin Board System was a "tool of Satan (Rosenberger 57)," "a dark switchboard where sneaky misfits can hatch all manner of secret and illicit schemes (Rose 27)." These rumors became more popular as "Computer Terrorists" appeared in the news more and more often, and they eventually escalated to ridiculous and dangerous levels. Eventually it got to the point where law enforcement agents were out chasing ghosts, and reporters were telling parents how their kids could be tapping in to vile things such as pornography, computer viruses, cults, snuff software, the president's e-mail, and phone numbers for evil organizations like the NRA (Rosenberger 57). Some law enforcement agents actually thought deterring pedophilia was a major objective of any police program concerning BBSs (Rose 27). There was even a concerned parent's group that formed to lobby for a law banning children under the age of 18 from using BBSs (Hults). Things had gotten completely out of hand. "Police want to believe that all hackers are thieves. It is a tortuous and almost unbearable act for the American justice system to put someone in jail because they want to learn things which are forbidden for them to know. In an American context, almost any pretext for punishment is better than jailing people to protect certain restricted kinds of information. Nevertheless, policing information is part and parcel of the struggle against hackers (Sterling 63)." "...computer bulletin boards are hangouts of a new generation of vandals. These precocious teenagers use their electronic skills to play hide-and-seek with computer and telephone security forces (Colossus)." "There are very serious negative consequences surrounding the use of modems and computers in our society. Because of this, all children under the age of 18 should be prohibited from using a computer in connection with a modem or that is connected to any computer service (Hults)." "According to Fresno Police Detective Frank Clark, 'your child can be in real danger from pedophiles, rapists, satanic cultists and other criminals known to be actively engaged in computer conversation. Unwittingly, naive children with a natural curiosity can be victimized; emerging healthy sexual feelings of a child can be subverted into a twisted, unnatural fetish affecting youth during a vulnerable time in their lives (Hults).'" Much like the colonists in the late 1700's, the computer underground's salutary neglect ended with a tough crackdown on freedom and rights. The law enforcement agents were told to seize everything and they did. Standard procedure was to seize every possibly related piece of electronics equipment or printed document, partly because many law enforcement agents were computer illiterate and didn't know what they were looking for, and partly because many law enforcement agents believe that hackers are sinister and quite capable of hiding evidence anywhere (Sterling 213 - 216). The first such raid was a raid on the "414 gang" who attracted media attention for nine days in 1982 (Sterling 87). Since that time the raids would become more and more common until 1990 when they would reach their climax. During just three days in 1990 about 42 computers and 23,000 floppy disks were seized (Sterling 156 - 159). The warrants that were issued have been compared to the writs of assistance in colonial times, not to mention the Salem witch hunts. The government went in, took everything it could find, walked out, and came back in about 2 years. Every raid became another horror story. "Three years ago in 1990, January 19 was a Friday. It was 4 days after AT&T shut down for 9 hours during Martin Luther King's birthday, it was the day the USSS served a Federal search warrant at the Zeta Beta Tau fraternity house at the University of Missouri-Columbia. I was the intended and actual victim as Special Agents Tim Foley and Barbara Golden, accompanied by Reed Newlin (Southwestern Bell security), and officers from the University police and the University's administrative office tore through my room with a legal license written so broad that they could have walked off with TV, VCR, and refrigerator. Desperately searching for traces of the public 911 information and copies of Phrack Magazine, the SS came up empty, but not before they had completely harassed and intimidated me. As the raid began, the University police physically restrained me even though I made no attempt to stop them nor did they have any reason to believe I would respond violently. I asked to see their warrant and they went inside. Unlike other USSS raids in 1990 there were no guns were drawn... but I suppose that the presence of some 30+ witnesses cramming the halls watching them, probably helped the agents keep it holstered as well. Eventually, I was allowed to seat myself on the floor outside my room where I could partially see and hear what the agents were doing and saying. They went right to work, starting with jotting down the serial numbers of every electrical device in the room to check and see if it was stolen property. I wasn't worried about that. All of my school books and notebooks for class were checked for illegal information. After noticing a book about law schools on my shelf, the agents had themselves a good laugh about how I would never have that option when they were through with me. Agent Foley was prepared to remove my entire audio compact disc collection as evidence (of what I have no idea), until Agent Golden informed him that I could not use them in my Apple IIc 5 1/4 inch floppy drive (instead she told him I could have used them in a 3 1/2 inch drive). (They were both wrong...) Copies of the Phrack subscriber list were taken along with a notebook containing newspaper clippings about Robert Morris and other noteworthy people and incidents relating to computers. The SS decided that reading the Wall Street Journal and saving some articles was at the least suspicious, if not a felony. (Among hundreds of other names and Internet addresses, the subscriber list contained an entry for an individual who was an employee for Steve Jackson Games.) And then the telephone rang... I began to get up when the police forced me back down. Agent Foley noticed the commotion and remarked 'They'll call back!' And that is when the answering machine clicked on. The agents chuckled since they knew they were about to hear a private message being delivered to me. It was like they were wiretapping without a warrant. The caller didn't identify himself. He didn't need to. It was my co-editor, desperately trying to find out what was happening and letting me know his intention to drive to Columbia that evening. After the ceiling tiles had been lifted, the furniture moved away from the walls, the mattress flipped, and the carpet pulled up, the agents decided to leave (believe it or not they completely ignored the bottle of Barcardi that was sitting in there). As I plead with them not to take my Apple computer, Agent Foley declined to speak with me unless I was Mirandized again. I decided a Q&A session would be inappropriate at this time so I declined. But before he left, Foley informed me that I was not under arrest, but I was going to jail for violating the Computer Fraud & Abuse Act of 1986, for the illegal Interstate Transportation of Stolen Property, and for Wire Fraud. On February 6, 1990 (18 days later) I was indicted (Neidorf)." "The crusaders got creative, and contacted some government agency concerned with family and heath matters. They obtained some kind of order from this agency directing the BBS sysops, a married couple, to shut down their BBS or face being judged unfit parents and having their children taken away (Rose 27)!" "On January 30th, the FBI served a search warrant on Rusty & Eddies BBS, and essentially trucked it away - an estimated $200,000 worth of computing equipment (Files from the FBI - Bulletin Boards and Badges 31)." "...the FBI alluded to the fact that if the system came back up, they could, under law, seize Jay's father's house. His father asked Jay to move out of the premises (Files from the FBI - Bulletin Boards and Badges 33)." "On the morning of March 1 - a Thursday - twenty-one-year-old University of Texas student (Chris Goggins)... was wakened by a police revolver leveled at his head (Sterling 138)." "Standard computer-crime search warrants lay great emphasis on seizing written documents as well as computers - specifically including photocopies, computer printouts, telephone bills, address books, logs, notes, memoranda, and correspondence. In practice this has meant that diaries, gaming magazines, software documentation, nonfiction books on hacking and computer security, sometimes even science- fiction novels have all vanished out the door in police custody. A wide variety of electronic items have been known to vanish as well, including telephones, televisions, answering machines, Sony Walkmans, desktop printers, compact disks, and audiotapes (Sterling 159)." The computer community, much like the colonists, also received financial attacks. The first of these was an attempt by Southwestern Bell to charge business telephone rates to all owners of BBSs in Texas. The passage of this law by the Public Service Commission in Texas, and the resulting war to get the rate change repealed, shut down almost all the BBS activity in Texas for three years. Southwestern Bell and other local telephone companies across the country tried similar stunts, and one telephone company even went so far as to design a device which could detect if a customer was using his phone with a computer, automatically raise his rates, and tack a $100 service charge onto his bill. In New York the state legislature tried to pass a tax on the distribution of shareware, a common BBS function which is generally done free of charge. The FCC also got into the act, considering many "modem taxes" but never passing any of them. These attacks added greatly to the growing frustration and anger that was brewing. Not all the hackers were innocent, and not all the BBSs were clean, but the law enforcement agents made a number major constitutional and civil rights violations which raised tensions further still. Beside the constitutional questions that were raised concerning the items that were seized in the raids, the government made a number of First Amendment violations. A bulletin board system is a medium of communication, much like a magazine, and seizing a BBS brings up questions concerning the system operator's free speech rights. Generally raids on publishers have special controls placed on them, but these controls were not followed during raids on BBSs. Furthermore, the government raided a magazine publisher and a role playing game publisher because they believed that these two businesses were going to publish information on how to hack into the 911 emergency telephone system. The notion the hackers might be hacking into emergency phone services and the fact that the telephone company claimed that the information they were going to publish was worth $80,000, set the press on fire with sensationalistic stories. In the end the document turned out to be worth only $13, but the damage to the First Amendment rights, finances, and privacy of the raided individuals was done (Sterling 99 - 153). In November, 1992, a meeting of hackers in Washington was broken up by security forces who claimed to be working for the United States Secret Service. This raid brought many questions as to the hackers' right to freedom of assembly, especially when the United States Secret Service denied the incident and was later proven to be lying (2600 43). In the end the government only got a handful of convictions, but destroyed many lives in the process. By 1990 BBSing had become a world wide industry with millions of participants (Telebits 20). These people were greatly insulted and angry at the way their hobby was being defamed by the press and the government. They were not criminals! They were not stealing property or selling drugs! They were just communicating with their computers! "Liberty poles" went up all over the BBS community, messages telling police and government employees to keep out, that they were not wanted there. Some BBSs held rallies to defend sysops who's systems had been seized (Files from the FBI - Bulletin Boards and Badges 33). The hackers were a little more determined in their struggle. Some wrote angry manifestos, defending hacking and freedom of information (Sterling 85). Others directly attacked anyone they perceived as an enemy, disconnecting their phone service or damaging their credit ratings (Colossus). A legal organization called the Electronic Frontier Foundation formed to fight for realistic interpretation of the Constitution as it applies to computer communication (Sterling 249). This organization would fight and win legal battles in the name of computer users who had wrongly been attacked by the government. "Committees of Correspondence" became the main form of computerized protest, as dozens, possibly hundreds of electronic magazines, white papers, and editorials filled the electronic frontier. These documents, like the press reports, were often sensationalistic, but they often contained more truth than the press and the government were willing to offer. Communication became the main form of protest for a world built on communication. "Another one got caught today, it's all over the papers. 'Teenager Arrested in Computer Crime Scandal', 'Hacker Arrested after Bank Tampering'... Damn kids. They're all alike. But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world... Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me... Damn underachiever. They're all alike. I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. 'No, Ms. Smith, I didn't show my work. I did it in my head...' Damn kid. Probably copied it. They're all alike. I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me... Or thinks I'm a smart ass... Or doesn't like teaching and shouldn't be here... Damn kid. All he does is play games. They're all alike. And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. 'This is it... this is where I belong...' I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all... Damn kid. Tying up the phone line again. They're all alike... You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert. This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike ("Mentor")." "'Conference!' someone yelled as I put the phone to my ear. Then came a mind-piercing 'beep,' and suddenly my kitchen seemed full of hyperactive 15- year-olds. "You the guy who wrote the article in NEWSWEEK?" someone shouted from the depths of static, and giggles. "We're going disconnect your phone," one shrieked. "We're going to blow up your house," called another. I hung up. Some irate readers write letters to the editor. A few call their lawyers. Hackers, however, use the computer and the telephone, and for more than simple comment. Within days, computer "bulletin boards" around the country were lit up with attacks on NEWSWEEK's "Montana Wildhack" (a name I took from a Kurt Vonnegut character), questioning everything from my manhood to my prose style. "Until we get real good revenge," said one message from Unknown Warrior, "I would like to suggest that everyone with an auto- dial modem call Montana Butthack then hang up when he answers." Since then the hackers of America have called my home at least 2000 times. My harshest critics communicate on Dragonfire, a Gainesville, Texas, bulletin board where I am on teletrial, a video- lynching in which a computer user with grievance dials the board and presses charges against the offending party. Other hackers -- including the defendant -- post concurrences or rebuttals. Despite the mealtime interruptions, all this was at most a minor nuisance; some was amusing, even fun. FRAUD: The fun stopped with a call from a man who identified himself only as Joe. "I'm calling to warn you," he said. When I barked back, he said, "Wait, I'm on your side. Someone has broken into TRW and obtained a list of all your credit-card numbers, your home address, social-security number and wife's name and is posting it on bulletin boards around the country." He named the charge cards in my wallet (Colossus)." Although there are many small similarities between the American Revolution and Electronic Frontier, the most important parallel is the central theme of both conflicts. We have two groups who fear each other and lack a realistic understanding of what the other side feels. In the late 1700's a huge ocean separated America from Great Britain. The ocean meant that any news that arrived from the other side was always 3 months old, and it meant that each side had no way of relating to or understanding the needs of the other side. In 1993 the barrier is not one of distance and speed, but of technology. The Electronic Frontier is a futuristic world beyond the grasp and understanding of the majority of the population. The law makers are not part of this world, and it is quite difficult for them to become a part of it and to understand it. The same goes for the computer community. They live in their technical world every day and they cannot understand why most Americans are so confused when faced with this technology. They don't see themselves as a threat and they don't know why they are being oppressed. Each side will have to come to understand the other, and they will have to work with each other in order to find a solution. In the 1770's, had Great Britain tried to listened to colonists demands instead of cracking down on their law breaking, there probably wouldn't have been a revolution. America would have become it's own nation, as did the other British colonies over time, but it would have happened peacefully. Tensions continue to rise in the computer community. One of the most respected and possibly one of the most conservative members of the electronic community, Jack Rickard, editor of Boardwatch Magazine, called the government's crackdown on BBSs a treasonable "Campaign of Terror (Rickard 8 - 10)!" Hopefully the members of the electronic community and law enforcement will be able to see beyond their own sides of this conflict. If not, fears will escalate, tempers will rise, and there might just be a second American Revolution. Works Cited Bailey, Thomas A. & Kennedy, David M.. The American Pageant. 8th ed. Lexington, Massachusetts: D.C. Heath and Company, 1983. Clough, Bryan & Mungo, Paul. Approaching Zero. London: Faber and Faber, 1992. "Colossus." Published Electronically. Elmer-Dewitt, Philip. "Cyberpunk." Time. 8 February 1993: 58 - 65. "Files from the FBI - Bulletin Boards and Badges." Boardwatch. April 1993: 30 - 33. Hafner, Katie & Markoff, John. Cyberpunk. New York: Simon and Schuster, 1991. Howe, Neil and Strauss, Bill. 13thGEN Abort, Retry, Ignore, Fail. New York: Vintage Books, 1993. Hults, Ron. "Pedophilia, Computers, and Children." Phrack. Published Electronically. Jack the Ripper. The Official Phreaker's Manual. Published Electronically. "Lawsuit Filed Against Secret Service." 2600. Spring 1993, 43. Mentor, The. "The Conscience of a Hacker." Phrack. 8 January 1986: File 3, Published Electronically. Midgley, David A. & Lefton, Phillip. CBAT. 8th ed. New York: Barrons, 1990. Neidorf, Craig. "More Background on Steve Jackson Games Trial." Computer Underground Digest. 3 February 1993: File 2, Published Electronically. Rickard, Jack. "Editor's Notes." Boardwatch. April 1993: 8 - 10. Rose, Lance. "Legally Online." Boardwatch. November 1992: 26 - 32. Rosenberger, Rob. "Modems, Bulletin Boards and other tools of Satan." Computerworld. 3 May 1993: 57. Sterling, Bruce. The Hacker Crackdown. New York: Bantam Books, 1992. "Telebits." Boardwatch. April 1993: 19 - 20. Tyne, Van. The Causes og the War of Independence. New York: Peter Smith, 1951. ASKi Phile #7 A FLAME!!!! The following is a reprint from Phrack Loopback. I couldn't believe that Phrack didn't flame this fucker so I thought I'd do it myself. You'll see what I mean when you read the letter!!!! This asshole may have good intentions, but he, like so many before him, completely denies that fact that most people under 18 are HUMAN BEINGS, OF SOUND MIND AND BODY, CAPABLE OF MAKING LOGICAL DECISIONS!!!! Dear Phrack Staff, There are very serious negative consequences surrounding the use of modems and computers in our society. Because of this, all children under the age of 18 should be prohibited from using a computer in connection with a modem or that is connected to any computer service. Please read my attached news release and join me in spreading this message. -- Ron Hults - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - NEWS RELEASE March 18, 1992 PEDOPHILIA, COMPUTERS, AND CHILDREN If you have children in your home and a home computer complete with a telephone modem, your child is in potential danger of coming in contact with deviant and dangerous criminals. Using the computer modem, these unsavory individuals can communicate directly with your child without your knowledge. Just as importantly, you should be concerned if your child has a friendship with other youth who has access to this equipment in an unsupervised environment. Using a computer and a modem, your child can readily access community "bulletin boards" and receive sexually explicit and graphic material from total strangers who can converse with your children, individuals you quite probably wouldn't even talk with. The concern becomes more poignant when stated otherwise; would you let a child molester, murderer, or convicted criminal into your home to meet alone with your child? According to Fresno Police Detective Frank Clark, "your child can be in real danger from pedophiles, rapists, satanic cultists and other criminals known to be actively engaged in computer conversation. Unwittingly, naive children with a natural curiosity can be victimized; emerging healthy sexual feelings of a child can be subverted into a twisted, unnatural fetish affecting youth during a vulnerable time in their lives." It is anticipated that parents, when armed with the knowledge that this activity exists and awareness that encounters with such deviant individuals can result in emotional and psychological damage to their child, will take appropriate measures to eliminate the possibility of strangers interacting with their children via a computer. For Further Information, contact Ron Hults (209)498-4568 _______________________________________________________________________________ I could write a file as long as this 'zine thrashing this asshole but instead I'll just make a few simple points... 1. Lets see... What was it? 10 to 14 MILLION people using BBSs? Lets see... What was it? 2 to 4 cases of phedophelia on BBSs ever reported?? Gee, that's 1 in every 4 million!!!!! So, we should ban anything that is used by at least one phedopheliac per 4 million... I'd have a problem finding something that isn't used by one sicko per 4 million!!! Jesus!! 2. Does this guy use BBSs??? No, he doesn't!!! If he did he wouldn't hold such a fucked opinion of them... This guy has never used a BBS in his life!!! He has never seen a phedopheliac on a BBS!!! He DOESN'T KNOW WHAT HE'S TALKING ABOUT!!! And I'll bet if you trace that Cop's sources you come up with nothing, as everything the guy said was complete BS from start to finish! People who actually USE computer networks will tell you that it isn't even close to being that bad!!! 3. People under 18 are not that fucking ignorant!!!! Your kinderfiendlichkeit still hanging around from the 70's might tell you that we're all a bunch of stupid bothersome assholes but that is no way to write nation policy! Jesus, after growing up in a world filled with uncensored TV and radio where everything has to be war or sex, a world filled with drugs and drug wars, stupid hippies, rapists, kidnappers, thieves, street level anarchy, uncaring and careless adults, stupid, ignorant people, and high suicide rates, etc... you think we could avoid the 4 sickos roaming the matrix!!! JESUS! 4. Negative consequences from use of computers and modems in our society!? Yeah, compared to amazing positive consequences, the 4 sickos running around hardly constitute something to worry about... 5. If parents are really worried about it, why don't they pull the plug on their own kid instead of pulling the plug on EVERY kid! The rest of us should be allowed grow up learning and experiencing the information age without them. Let the ignorant fucks pay the price for their paranoia! FUCK YOU!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ASKi Phile #8 Beating DTMF recorders and dial locks... This is a neat little trick that every phone phreak should know. Pulse dialing is done by repeatedly breaking and reconnecting of the connection between your phone and the switch. Thus, you can pulse dial by hitting the hang-up key. However, the pulses must be quick (less than one second each), and you can't stop pulsing a number until you have finished (a pause tells the switch that your current number is finished you are about to send another number). Make one pulse for 1, two pulses for 2, and so on, with ten pulses meaning 0. Example, say I was dialing 911, I'd hit the hang-up key 9 times quickly, pause, hit it one time, pause, and then hit it again. Practice dialing your own telephone number from your house, it you get a busy signal you've got it! Besides being a great party trick ("Hey, I'll bet you $20 I can dial ANY telephone number without touching the key pad!!"), this has a few practical uses. We've all seen dial locks on phones. Many airports use them, often there are a few fones with area hotels on speed dial and the real dial locked, these make great victims 'cause you have an instant alibi for using the phone! Also, this will beat many cheep DTMF recorders (ie, this won't fool the DTR in ESS). They are used in hotels for billing and they record EVERY number you dial, including codes (This is why so many phreaks work in hotels!). You can use this method to dial numbers that will not show up on hotel records (They'll still know you made the call.). However, you could always try "If your records show no numbers be dialed, HOW COULD I HAVE MADE $102.57 IN PHONE CALLS!?!?" ASKi Phile #9 ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸ ³ ³ ³ The Beige/Bud/Razz/etc... Box and The Brown Box ³ ³ By The White Ninja with thanks to Switchblade ³ ³ ³ ³ "A true patriot must always be ready to defend ³ ³ his people against his government!" ³ ³ ³ ³ Call The Ninja's Domicile at +1.615.370.8805 ³ ³ ³ ÔÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ; The Beige Box is a very useful device that has gone by many different names in the past. Basically it is a line-man's handset. It allows you to, among other things, gain access to anyone's phone line and phreak all you want!!! The Phone Company ACTUALLY uses this technique to make calls when on the road... There are two main ways to build one of these and I will discuss them both. Note: Some of this will not work under ISDN. One cannot listen to an ISDN telephone call after the signals have left the NT-1 without a specially designed device which picks up the conversation without sending switching signals. I do not have the slightest fucking idea how one would go about building one of these, maybe you could rip shit out of an NT-1, but I don't have $500 to waste trying this!!!! NOTE: The situations described in this file are hypothetical, and the main intent of this file is to provide information on telecommunications. This file will teach you about phone line voltages, conferencing of conversations, and how the phone company's test sets can and are used. I do not recommend that you try anything in this file on anyone's line other than your own; it could shorten your life in the free world... 1 -- The Quick Way. Get a standard phone cord and rip one plug off. Then strip the ripped end (Radio Shack sells a nice device for doing this.) and hook up 2 alligator clips, one to the green wire (called the tip wire) and one to the red wire (called the ring wire). Then plug a phone into the other end (This may require a male to male coupler.) and your ready to go!! 2 -- The Best Way Go to Radio Shack and pick up a bag full of Red, Green, Black, and Yellow alligator clips (comes with 8, you only need 4), a Telephone Network Interface Box (A little beige (haha) box with 8 screws and a telephone wire coming out of it.), and some wire. Pop out the 4 tabs on the sides of the box and put one end of each alligator clip through the holes (use one of each color). The clips don't fit perfectly so you'll have to squeeze them in. Wire the red clip to one of the screws on the red terminal, the green clip to one of the screws on the green terminal, and so on for the other 2 colors. Plug your phone in and that's it! -- Note -- You can also plug a modem into these! -=How to use=- -- Attacking a Neighbor's Line -- Well, go out to your neighbor's house and find the little gray Bell box on the side or back wall near the power box. This is the real network interface box, it should have a bell logo on it. Open this up and you will see 1 of 2 things depending on how old their house is. 1 -- Older houses You'll see 5 screws, like this: * * * * * Plug your clips into the screws on the right (or on the left if the guy has 2 lines). If you don't get a dial tone try switching the clips. 2 -- Newer houses You'll seen 8 screws, 4 for line one and 4 for line 2 (line 2 screws will have no wires connected to them if the guy doesn't have a second line). You will also see 2 phone plugs. You can plug your phone directly into a phone plug or hook up the clips to the corresponding screws. -- Attacking a Junction Box -- This box can also be hooked up to a telephone junction box or can (the gray boxes that stick out of the ground and hang from telephone poles)(DON'T HOOK YOUR CLIPS UP TO A POWER CAN!!!). Get a 7/16ths hex driver and open one of these up. You will see a mass of cables all hooked up to some white terminals or screw sets. Hook your clips up and experiment until you get a dial tone. -- What to do -- Well, you can make all the LDs, 700, 900, Blue Box, and hack calls you want!! They will all be traced/charged to the line you are hooked up to. You can also listen in on all calls made to/from the line, or disable the line by hooking the screw for the red clip and the screw for the green clip together. (This is the same as putting the call on hold...) At a neighbors house you can set up all sorts of features including remote call forwarding (Lots of phun!!!!). Also, if you made the box the 2nd way, and the guy has 2 lines or you are at a junction box, you can get 3-way by Brown Boxing!! You also may want to hook this box up to your own phone line... Take the phone plug and plug it into one of your wall jacks. By hooking the green and red clips together, you can put the calling party on hold; rubbing the clips together produces fake line noise or a "bad connection." Hooking up a multi-meter or a vol meter will give you more info, use the following chart: On hook = 50 VDC, if less than this, your line could be bugged... Ring = Jumps between 1 and 50 VDC... Off hook = 1-13 VDC, depends on the type and number of phones off the hook, this is useful if you want to know if someone is eavesdropping on your conversation... When you pulse dial you break the connection and reconnect quickly. If you press the hook switch the voltage will go up until you let go. If you let the voltage reach 50 volts you will be disconnected. You can pulse dial by hand. All you have to do is repeatedly press the hook switch. However, it does take some practice to be able to dial well. This method can be used to defeat dial locks sometimes seen on phones in airports and the like... -=The Brown Box=- The Brown Box is a simple device that connects 2 lines to allow 3-way calling. First I will describe how to do this at your own home and then how to do it with the better Beige Box!!!!!! Go out and get a line splicer, the little box you plug into you wall jack to allow 2 phones to be hooked up to one plug. We will be using it in reverse, to allow 2 lines to be hooked up to one phone. Plug the male end (the one that is supposed to go to your wall jack) into the back of your phone. Then plug line 1 in and make a call. When the person answers, plug in line 2. You will hear a dial tone and either of you can dial!!!!! With the better Beige Box you need to wire the black terminal to the red terminal and the yellow terminal to the green terminal, making sure nothing shorts. Then, hook your clips up to line one and make a call. When the person picks up, hook your black clip to line 2 where you would normally put your red clip, and hook up the yellow where you would normally put the green. You'll get a dial tone. You can hook the terminals of more than one better Beige Box together to add more people to your call, but you will have to amplify the speech so that everyone can hear. ANARCHY IN '93!!!!! ----------------------------------------------------------------------- Anarchist's quickie -- Throw a coke in someone's freezer! ----------------------------------------------------------------------- ASKi Phile #10 The Theory of Self-Reproductive Software Many people still think the subject of viruses is taboo. Fueled by the media and led by self-righteous assholes who think they know something of computer science, everyone seems to think viruses are always evil!! There are now groups of IS dickheads who using threats and harassment to intimidate SysOps who spread viruses!!! Even PHRACK made a statement against the spread of virus info, calling it boring and dangerous. Well, I find viruses (and worms, etc...) very interesting and possibly very helpful. This section will be a chronicle of my own exploration into this subject. I will include source code examples, sometimes in B.A.S.I.C., but mostly in C, when I can. This issue I will be discussing helpful viruses and worms. When discussing the usefulness of reproductive code it is important first to define exactly what viruses, worms, and trojans are. Trojans are not self reproductive, they are standard programs that have a hidden function that is unknown to the user. They are often used to plant a virus or a worm in a unsuspecting host. A virus is a program that spreads through systems and networks by taking control of other programs and waiting for the user to execute them. This can often mean destroying the host program, but, in more powerful viruses, the host is left unharmed. A worm is a program that spreads on it's own accord, without the use of host programs. The worm creates child worms, and executes them before leaving them to spread farther. Although viruses and trojans can occur in almost any environment, worms normally only occur in multitasking systems where more than one worm can be running at one time. The idea of a reproductive program originated in the seventies in a book called "The Shockwave Rider" in which a hacker used an Internet style worm to crash the government's systems and thus, overthrow it. The first actual worms where helpful! Developed for LANs, one spread through the LAN looking for problems, another searched for open system room and worked on problems, letting the power go when something else wanted it. Worms such as these could be used in WANs and LANs for system maintenance and software upgrades. Imagine how quickly and easily a nodelist could be updated if a worm was sent out to deploy the new version, destroying itself once it's mission was accomplished! Another possibility is the anti-virus virus (or worm). This virus would spread through a system, infecting disks and connected systems whenever it can. Once on a disk, it would make sure it wasn't already infected, and if not, it would infect the most frequently run program on the disk, and then do a virus scan, killing any that it finds. This program could also do other maintenance on disks and would automatically add itself to any new disk added to the system. A program such as this could run through a LAN or WAN, doing maintenance and quickly getting onto other systems that are added in. John C. Dvorak proposed a info searching virus. This virus would go through the net looking for info on a specific topic and bring it back to the originating system, killing itself once it is finished. This virus would be of great help in today's internet, where there are literally thousands of gigs of data. With this program a search would take hours instead of weeks. The fourth possibility I am going to discuss is the possibility of soft-ICE (Incursion Counter-Electronics). Soft-ICE would not be able to kill a hacker, but it would be able to defend against him. ICE could monitor every account and look for suspicious activity. It could shut down accounts that are being attacked and, if on a net, it could shut down accounts on systems the hacker has gone through. It could even be deployed on a black balling mission. If someone's account has been hacked, the ICEworm could go through the net and tell other systems to shut down that account until the user has been notified. Finally, it is important to note the computer virus's power as an artificial life form. Everyone knows that computer viruses and worms are capable of self-reproduction, self-preservation, and in many cases, consumption and waste disposal. But did you know that they are capable of evolution and natural selection?! Imagine if a computer virus was designed to modify it's self randomly every 20th time it copied??? The virus would evolve after a few hundred generations and the new, better virus would eventually spread far beyond its ancestor, possibly even causing it's ancestor to become extinct! This virus would not be limited in the extent to which it could spread, and years after it's creation it might start forming intelligence!!! Thousands of years from now, if the virus kept up with technology, it might form emotions and even self awareness!! Artificial life is a very important and interesting science. The things it teaches us about the natural world are astounding, not to mention the excitement of creating our own LIVING organisms and species on a computer and seeing how the survive in their environment!!! Computer Viruses are a very important part of artificial life research. Despite what the anti-virus "experts" may have told you (while covering their own political asses), they are the first artificial life programs ever released out into the "wild" to inter-relate on their own. The potential for future use they have is almost unlimited. If their authors had added evolutionary processes to their code, many would have lost their damaging functions by now and would be gaining intelligence and defence mechanisms! Viruses in private experiments have evolved to amazing levels. Computer viruses as an artificial life form may eventually change how scientists look at the universe! Control the use and study of computer viruses, and you might prevent a revolutionary scientific discovery! Next edition I will be discussing overwriting viruses with some C source...I will be consulting Phalcom/Skism on some virii. They are the leading authorities in virus creation. ASKi Phile #11 The Lighter Side THE VAXORCIST ------------- (SCENE: Inside of a VAX computer room. CREDITS ROLL as the SYSMGR is sitting in front of the console terminal, typing. He pauses, picks up a small magnetic tape, walks over to a tape drive, mounts it, and returns to the console where he continues typing.) (There is a knock at the door. SYSMGR walks to the door and opens it, revealing USER.) USER: Any idea when the system will be up? SYSMGR: Well, I just installed version 5.0 of VMS, so I'm going to run some diagnostics on it overnight to make sure it works alright. Assuming everything goes alright, the system should be up first thing tomorrow morning. USER: Great. Thanks. (Exits) (SYSMGR closes the door and returns to the console.) ROD SERLING-LIKE VOICE: This is John Smith, Lawrence Technological University System Manager. In an effort to make his system the best it can be, he has just installed VMS Version 5.0 onto his VAX. But little does he know that the Version 5 documentation kit from Digital includes a one-way ticket to ... the VMS TWILIGHT ZONE! (ominous music - fade out) (Fade in. The SYSMGR scans the console for a moment, then turns, picks up his coat and walks to the door. He stops at the door for a moment, looking back at the big machine. Finally, he turns out the light and exits, closing the door behind him.) (Cut to the Console Terminal. We read the following as it is printed on the console terminal:) VMS V5.0 DIAGNOSTICS -- DIAGNOSTICS - PHASE 1 STARTING... DIAGNOSTICS - PHASE 1 FINISHED SUCCESSFULLY. DIAGNOSTICS - PHASE 2 STARTING... TESTING MICROCODE ... SUCCESSFUL TESTING DECNET ... SUCCESSFUL TESTING LICENSE MANAGEMENT UTILITY ... SUCCESSFUL TESTING SYSTEM SERVICES ... SUCCESSFUL TESTING HIGHLY EXPERIMENTAL AND COMPLETELY UNDOCUMENTED AI ROUTINE ... (Cut to view of the Tape in the Tape drive. The tape spins for a moment, and suddenly stops.) (Cut to view of the Machine Room. A fog has begun drifting across the floor, and the hardware is slowly being backlit by a pulsing red light. A peal of weird laughter cuts through the silence. A variety of bizarre things occur: A VT100 monitor sitting on a table slowly rotates 360 degrees; the tape drive opens and tape begins spewing out of it; slime begins pouring out of a disk drive; the line printer begins form-feeding like mad. These continue for several minutes, or for as long as we can keep them up. FADE OUT) (SCENE: Hallway outside of the computer room. SYSMGR walks up to the door and is met by USER.) USER: System going to be up soon? SYSMGR: (as he speaks, he tries to open the Machine room door, but the door is apparently stuck.) The diagnostics should be done by now, so we should be up in about 15 minutes... (he succeeds in opening the door, but is confronted by floor to ceiling magnetic tape. Tangled at about eye level is an empty tape reel. SYSMGR takes the reel and looks at it. CLOSE UP of the reel so we can read the label, which reads: VAX/VMS V5.0 DIAGNOSTIC KIT.) (to USER) ...give or take a few days.... (SCENE: View of TSR (Telephone Support Rep) from behind as she is sitting in a cubicle, a terminal in front of her. Beside her on the wall is a poster which reads "Digital Has It Now - But You Can't Have It". We can see the terminal, but we should not be able to read what is on it. She is wearing a headset.) TSR: Colorado Customer Support. What is your access number, please? SYSMGR VOICE: 31576 TSR: And your name? SYSMGR VOICE: John Smith. (Cut to SYSMGR standing beside his console. He his holding a phone to his head with his right hand, and holding a printout in his left which he is perusing while he talks on the phone.) TSR VOICE: And what operating system are you using? SYSMGR: VMS version 5. TSR VOICE: And is this a problem with the operating system or a layered product? (As the SYSMGR looks up from the printout, his eyes suddenly widen and he drops the printout and ducks. At that second, a disk platter flies through the air where his head just was. Slowly, SYSMGR stands up and looks to where the disk went. PAN BACK to reveal a stack of boxes with a disk embedded in one of them at neck height.) SYSMGR: (into the phone) Operating System. Definitely the Operating System. (Cut back to TSR sitting at her desk.) TSR: Can you describe the problem, please? (SYSMGR voice can now only be heard as mumbling) TSR: Yes... Tape drive spewing tape into the air... yes... Line printers printing backwards... yes... miscellaneous hardware flying through the air... uh huh... disk drives melting... yeah... strange voices coming from the CPU board... I see... yes. Is that all? (pause as she finishes typing at the terminal) Well, I'm afraid that that team is busy at the moment, can I have them get back to you? (CUT TO SCENE: MANAGER sitting behind a large desk in a plush office. DEVELOPER is pacing in front of him, hands behind his back.) (SUBTITLE: Meanwhile at Maynard...) MANAGER: So tell me! What the hell happened?! DEVELOPER: (turning to face MANAGER) It's a glitch, a fluke. A one in a billion chance. And it's not Development's fault. Not really. MANAGER: Then who's fault is it? DEVELOPER: We traced it back to the Software Distribution Center. It seems that there was a mixup and some of the code for the experimental AI routine was copied onto the distribution from the wrong optical disk. (He removes a CD from his jacket) This one, to be precise. MANAGER: And what's that? DEVELOPER: (reading the label) "Ozzy Osbourne's Greatest Hits". Normally, it wouldn't have made any difference, as the AI routine isn't used yet. But when they began running diagnostics, it hit the routine and the computer just sort of became a thing possessed. MANAGER: Wonderful. Were any other distributions affected? DEVELOPER: No, just Lawrence Tech's. MANAGER: Well, that's a relief. We've got to get them taken care of before anyone finds out. Can you imagine what Digital Review would do if they heard about this? DEVELOPER: We could always blame it on the Chaos Computer Group. MANAGER: No, we've already used that one. This calls for drastic action. (MANAGER picks up the phone and begins flipping through the rolodex) DEVELOPER: Who are you going to send? (CUT to the Rolodex so that we can read the cards. The first card reads: SYSTEM PROBLEMS - Ron Jankowski, x474 he flips to the next card: BAD SYSTEM PROBLEMS - Bob Candless, x937 he flips to the next card: REALLY BAD SYSTEM PROBLEMS - Michelle French, x365 he flips to the next card OUTRAGEOUSLY BAD SYSTEM PROBLEMS - Mike West, x887 he flips to the next card and taps the card with forefinger: SYSTEM FUCKED UP BEYOND ALL RECOGNITION - The VAXorcist, x666 (CUT to Machine Room. SYSMGR is standing by the console holding an RA60 disk cover and using it as a shield to defend himself from various pieces of hardware which are flying at him from off-camera. There is a knock at the door. Slowly, SYSMGR makes his way to the door and opens it. Standing there, backlit amidst outrageous amounts of fog is the VAXORCIST, wearing a trench coat and fedora, and carrying a briefcase.) VAXORCIST: (in a hushed voice) DEC sent me. I hear you're having some problems. (CUT to SYSMGR OFFICE, a small but pleasant office with posters on the walls and clutter on the desk. As the VAXORCIST enters, he removes his coat and hat, revealing a very techie outfit beneath. He is wearing a DEC badge.) SYSMGR: (Frantic) Problems? Problems?!? You could say I'm having some problems. 4.6 was fine. 4.7 was fine. I install 5.0 and all Hell breaks loose. The damn thing ate two of my operators this morning! VAXORCIST: Calm down, everything will be alright. I've dealt with situations like this before. SYSMGR: You have? VAXORCIST: Four years ago at an installation in Oregon, a programmer renamed his Star Trek program to VMB.EXE and copied it into the system directory. When the system was rebooted the next day it phasored the entire accounting department claiming that they were Klingon spies. There was a similar problem in Texas three years ago, and then, of course, there was the IRS fiasco that we're not allowed to talk about. But don't worry. These things can be fixed. Before I can help you, though, I have to ask you a few questions. (The VAXorcist opens his briefcase and removes a clipboard) Now, according to the report, the strange occurences began after you installed VMS Version 5, is that correct? SYSMGR: Yes, that's correct. VAXORCIST: Now, did you carefully read the Installation Guide for VMS Version 5? SYSMGR: (confused) Installation Guide? VAXORCIST: Yes, it should have come with the Release Notes. SYSMGR: (still confused) Release Notes? (SYSMGR begins rooting about on his disk, shifting papers around as if he might find them underneath) VAXORCIST: (annoyed) Yes, Release Notes. They should have come with your documentation upgrade. SYSMGR: (completely confused - looks up from his rooting through the papers on his desk) Documentation upgrade? VAXORCIST: (angry) YES! The Documentation upgrade for your VMS Documentation Set! SYSMGR: Documentation S...? Oh, you mean the grey binders? They're over there. (he points to the wall behind the VAXORCIST. The VAXORCIST turns and we see a closed glass-front bookcase packed with grey binders. A small red sign on the front of the bookcase reads: "IN CASE OF EMERGENCY, BREAK GLASS"). VAXORCIST: Right. This is going to be tougher than I thought. Let's go take a look at your system and see just how bad everything is. (CUT to the Machine Room. The room is neat and tidy and there is no sign that anything is wrong. The VAXORCIST enters the room with the SYSMGR behind him.) VAXORCIST: Everything looks okay to me. SYSMGR: Maybe it's hibernating. VAXORCIST: Unlikely. It's probably trying to lure us into a false sense of security. SYSMGR: Sounds like VMS alright. (VAXORCIST gives him a dirty look) VAXORCIST: I'm going to have to test it's power. This could get ugly, you may want to leave. (The SYSMGR shakes his head no. The VAXORCIST brings hiself up to full height in front of the VAX and points a finger at it) By the power of DEC, I expel thee from this system! (Clap of thunder) (CUT to door to the machine room. The SYSMGR is pulling a cart on which sits the VAXORCIST wrapped from head to toe in magnetic tape) SYSMGR: Any other bright ideas? VAXORCIST: Just shut up and get this damn stuff off of me. (CUT to SYSMGRs office) VAXORCIST: (Writing on the clipboard) Things look pretty bad. I think we're going to need a full-scale VAXorcism here. SYSMGR: Is there anything I can do to help? VAXORCIST: As a matter of fact, there is. We've got to incapacitate the VAX to keep it from causing any more damage until I'm ready to deal with it. Now, I've got some software here that will do that, but it's got to be installed. (VAXORCIST hands SYSMGR a tape) With that running, the CPU will be so bogged down, the VAX won't be able to harm anybody. SYSMGR: (Examining the tape) What is it? A program to calculate pi to the last digit? VAXORCIST: Better than that. It starts up All-in-1 with a 10 user load. (CUT to Hall outside of Computer Room. The VAXORCIST approaches the door. As the SYSMGR approaches the door, the VAXORCIST holds him back. VAXORCIST: I appreciate your help, but it won't be safe for you in there. SYSMGR: What? You're going in there to face that thing alone? You're nuts! VAXORCIST: Hey, it's my job. (VAXORCIST turns to the door) SYSMGR: Wait a minute. (VAXORCIST stops and turns around) You better take this with you. (SYSMGR removes a very large and very nasty looking gun from the inside of his jacket) VAXORCIST: (Smiling) No, I won't need that. I've got something more powerful. (VAXORCIST holds up a small guide-sized orange binder, opens it, and shows it to SYSMGR. CUT to closeup of the book which reads: "GUIDE TO VAX/VMS SYSTEM EXORCISM") (CUT to view of Machine room door as seen by the VAX. The VAXORCIST enters the room and stands in front of the VAX. CUT to view of the Machine Room showing the SYSMGR confronting the VAX) VAXORCIST: By the power of DEC, I command thee, Evil Spirit, to show thyself. VAX: Bugger off. VAXORCIST: (Shaken) What? VAX: I said Bugger off! Now get out of here before I core-dump all over you! VAXORCIST: (Recovered) Threaten me not, oh Evil one! For I speak with the power of DEC, and I command thee to show thyself! (A rumble is heard and again the VAX becomes backlit by red lights and a fog begins to roll across the floor. The VAX cabinet doors slowly creak open to reveal two small red lights in the dark cabinet which appear to be the creature's eyes) VAX: There. Happy? Now get out of here before I drop a tape drive on your private parts. VAXORCIST: (Opening the orange binder, he begins intoning SHUTDOWN.COM in gregorian chant. The VAX screams.) VAX: Stop that! Stop that! You, you DOS LOVER! Your mother manages RSX systems in Hell! (The VAXORCIST continues and the VAX screams again.) VAX: Stop it! (a large wad of computer tape is thrown at the VAXORCIST, apparently from the VAX). Eat oxide, bit-bucket breath! (The VAXORCIST continues and the VAX screams once more.) VAX: Mount me! Mount me! VAXORCIST: (finishing the intonation) And now, by the power of DEC, I banish thee back to the null-space from which you came! (The VAX screams and the scream fades to silence.) (CUT to the doorway of the Machine room, which now stands open. The VAXORCIST is once again wearing his trench coat and fedora.) SYSMGR: So it's over? VAXORCIST: (Putting his hat on) Yes, it's over. SYSMGR: (Shaking the VAXORCISTs hand) Thank God. Listen, thanks a lot. I don't know what we would have done without you. VAXORCIST: Hey, it's the least we could do. The Software Distribution Center should be sending you a patch tape in a week or two to patch out that AI routine and prevent this from happening again. Sign here. (he hands SYSMGR the clipboard, SYSMGR signs at the bottom and hands it back) Have a good one. (VAXORCIST leaves). (SYSMGR enters the machine room. Camera follows him in.) SYSMGR: (Calling to someone off-camera) Okay, you guys, let's get rolling. Get those backup tapes out. We've got a clean system again! (cheers are heard from off-camera. The SYSMGR leaves the picture, leaving only the VAX with it's cabinet doors still open in the picture. Slow zoom in to the LSI unit. Slowly, the LSI unit begins to emit a pulsing red glow) Submit your humorist column to The White Ninja on TND or WHITENINJA@AOL.COM ASKi Phile #12 ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ºNews from Cyberspaceº ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ By: The White Ninja and Wild Child -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Northern Telecom: Northern Telecom has announced a new software enhancement to its S/DMS SuperNode digital multiplexing system. This system will make it easier for people to access and use large bandwidth services such as video- conferencing, data communications and image processing over the public payphone network. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ISDN: The Public Service Commission has been giving Bell serious pressure in order to get ISDN rolling here in TN!!! It will be affordable, fully featured, and widely available here thanks to the PSC... The Ninja's Domicile (615) 370-8805, ASKi Headquarters, will be going ISDN and Multi-node soon! Possibly the first hack/phreak/phree speech BBS in the world with ISDN!!!! Notable names reviewing the PSC's ISDN legislation? Jerry Dunlap: Local Fidonet and Ournet hub and leader of the private ISDN for TN group! The EFF: 'Nuff said... The AARP: FUCK! They have just about nothing to do with ISDN, damnit! The guy who sweeps the floors at SCB's computer center on Franklin Road should review the damn laws before THEY do!!! Yes, these are the selfish assholes who's political clout keeps laws like the social security act alive!! Yes, Social security, that neat little law which has been engineered over the years by now elderly politicians so that the entire economy is rigged to pay for their caddies and condos!! Yes, this is the law that provides for a system which: A. Is the single largest expense in the USA's economy! Even bigger than the military!!!! B. Takes money from the country's largest generation (NOT the Baby Boom! Those born AFTER 1961, the 13th gen., are more numerous!) and gives it to it's smallest... Not to mention the fact that the country's largest generation is the poorest generation to live this century (before taxes!), and elderly, who, to put it bluntly, will be dead in 20 years, are one of the richest (before SS!!!) Jesus! C. Has enough money RIGHT NOW to PAY OFF the NATION DEFICIT, with enough LEFT OVER to help those few who really DO need their SS checks! D. Will be completely broke in 30 years, after the ones responsible for that are dead. These people's involvement is the only thing wrong with ISDN!!! We better hope that they don't decide to back a 10% tax on ISDN to (sob) give a little extra help (sob) to our (sob) senior citizens (sob). JESUS! Can't wait till '98!!!! Down with the AARP!!!! One point we think the PSC should be sure not to ignore is ease of use... Right now ISDN is a major PAIN to install!!! You have to be a phone phreak or a telco employee to understand the damn multi-page registration form! The hardware installation isn't for beginners either!! We are more than happy about the efforts to support ISDN in TN, but most people can't even wire in phone jacks and they would have a hell of a time trying to get this stuff done!! This definitely needs to be looked at soon, as five years from now BROADBAND with fiber will start to move and if we can't get ISDN going we can forget about it! We'll end up getting digital service from someone who has no idea what their doing (like the damn Cable company hahaha)... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 27th Amendment Thanks to Death Angel the 27th Amendment now has its own demo proclaiming phreedom of information in cyberspace! Supports VGA and Soundblaster! The demo should be found on all ASKi/AQUANET BBS. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 615 Apparently a few more people are moving into 615 than expected and SCB needs some exchanges, so... they are requiring that everyone dial 1-615 even when calling between class five switches in 615... (This doesn't apply to local calls)... I'm not quite sure how this is going to provide them with more numbers, but with ISDN coming soon (I.E. each line can have like 100 numbers attached to it...) methinks we can expect a new area code around here next year. Possibly 9 or 10 digit phone numbers will show up if this area becomes the national example for ISDN that everyone is pushing for... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ASKi We now have an ASKi member attending Def Con 1 out in Las Vegas! ASKiNews will give you the low-down on what goes on. Party on!! ASKiNews also has a member attending the Con in Europe in Aug. Be sure you will hear about it from us first! Here's the info for both cons! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= D E F C O N I C O N V E N T I O N D E F C O N I C O N V E N T I O N DEF CON I CONVENTION D E F C O N I C O N V E N T I O N >> READ AND DISTRIBUTE AND READ AND DISTRIBUTE AND READ AND DISTRIBUTE << Finalized Announcement: 6/12/1993 We are proud to announce the 1st annual Def Con. If you are at all familiar with any of the previous Con's, then you will have a good idea of what DEF CON I will be like. If you don't have any experience with Con's, they are an event on the order of a pilgrimage to Mecca for the underground. They are a mind-blowing orgy of information exchange, viewpoints, speeches, education, enlightenment... And most of all sheer, unchecked PARTYING. It is an event that you must experience at least once in your lifetime. The partying aside, it is a wonderful opportunity to met some of the celebrities of the underground computer scene. And those that shape its destiny - the lawyers, libertarians, and most of all the other There will be plenty of open-ended discussion on security, telephones and other topics. As well as what TIME magazine calls the "Cyberpunk Movement". Las Vegas, is as you might have guessed a great choice for the Con. Gambling, loads of hotels and facilities, cheap air fare and room rates. It's also in the West Coast making it more available to a different crowd than the former Cons have been. Your foray into the scene and your life will be forever incomplete if by some chance you miss out on DEF CON I. Plan to be there! WHO: You know who you are. WHAT: Super Blowout Party Fest, with Speakers and Activities. WHERE: Las Vegas, Nevada WHEN: July 9th, 10th and 11th (Fri, Sat, Sun) 1993 WHY: To meet all the other people out there you've been talking to for months and months, and get some solid information instead of rumors. DESCRIPTION: So your bored, and have never gone to a convention? You want to meet all the other members of the so called 'computer underground'? You've been calling BBS systems for a long time now, and you definitely have been interacting on the national networks. You've bullshitted with the best, and now it's time to meet them in Vegas! For me I've been networking for years, and now I'll get a chance to meet everyone in the flesh. Get together with a group of your friends and make the journey. We cordially invite all hackers/phreaks, techno-rats, programmers, writers, activists, lawyers, philosophers, politicians, security officials, cyberpunks and all network sysops and users to attend. DEF CON I will be over the weekend in the middle of down town Las Vegas at the Sands Hotel. Why Las Vegas? Well the West Coast hasn't had a good Convention that I can remember, and Las Vegas is the place to do it. Cheap food, alcohol, lots of entertainment and, like us, it never sleeps. We will have a convention room open 24 hours so everyone can meet and plan and scheme till they pass out. Events and speakers will be there to provide distraction and some actual information and experiences from this loosely knit community. This is an initial announcement. It is meant only to alert you to the time, dates and location of the convention. Future announcements will inform you about specific speakers and events. An information pack is FTPable off of the internet at nwnexus.wa.com, in the cd/pub/dtangent directory. The IP# is 192.135.191.1 Information updates will be posted there in the future as well as scanned map images and updated speaker lists. FINAL NOTES: COST: How you get there is up to you, but United Airlines will be the official carrier (meaning if you fly you get a 5% to 10% price reduction off the cheapest available fare at the time of ticket purchase) When buying airline tickets, call 1-800-521-4041 and reference meeting ID# 540ii. Hotel Rooms will cost $62 per night for a double occupancy room. Get your friends together and split the cost to $31. Food is inexpensive. The entertainment is free inside the hotel. Reference the DEF CON I convention when registering, as we have a block of rooms locked out, but once they go it will be first come, fist serve. Call 1-800-634-6901 for the reservations desk. The convention itself will cost $30 at the door, or $15 in advance. It pays to register in advance! Also it helps us plan and cover expenses! Mail checks/money orders/cashiers checks to: DEF CON I, 2709 East Madison Street, #102, Seattle, WA, 98112. Make them payable to: "DEF CON" we're not tring to make money, we will be tring to cover costs of the confrence room and hotel plus air fair for the speakers who require it. Don't bother mailing it a week in andvance, that just won't happen. Advanced registration gets you a groovy 24 bit color pre-generated name tag. Include with your payment the name you want listed, your association/group affiliation/bbs/whatever, email address, and/or bbs number for syops. Last day for the registrations to reach me will be July 1st. SPEAKERS: We have solicited speakers from all aspects of the computer underground and associated culture (Law, Media, Software Companies, Cracking Groups, Hacking Groups, Magazine Editors, Etc.) If you know of someone interested in speaking on a self selected topic, please contact The Dark Tangent to discuss it. FOR MORE INFORMATION: For initial comments, requests for more information, information about speaking at the event, or maps to the section where prostitution is legal outside Las Vegas (Just Kidding) Contact The Dark Tangent by leaving me mail at: dtangent@dtangent.wa.com on the InterNet. Or call: 0-700-TANGENT for conference information/updates and to leave questions or comments. Or Snail Mail (U.S. Postal Service) it to DEF CON, 2709 East Madison Street, #102, Seattle, WA, 98112. Future information updates will pertain to the speaking agenda. ------------------------------------------------------------------------------ Updates since the last announcement: >> The Secret Service is too busy to attend. >> New Media Magazine, Unix World and Robert X. Cringly have stated they will attend. >> We got a voice mail system working for comments and questions. >> We don't have enough $$$ to fly out the EFF or Phillip Zimmerman (Author of PGP) or Loyd Blankenship. >> Judi Clark will be representing the CPSR and a few other organizations ++ National Public Radio will cover the event ++ Mark Ludwig (Autor of the little black book of computer viruses and virus developements quartly will attend and hand out an award ++ Dan Farmer will be speaking on unix security developements Don't forget to bring a poster / banner representing any of the groups you belong to. I want to cover the conferece room walls with a display of all the various groups / people attending. (Break out the crayons and markers) ------------------------------------------------------------------------------ DEF CON I CONVENTION [PROPOSED SPEAKING SCHEDULE UPDATED 5.31.1993] Saturday the 10th of July 10am, Sands Hotel, Las Vegas INTRODUCTION Welcome to the convention *The Dark Tangent (CON Organizer) Keynote speaker Cyberspace, Society, crime and the future. To hack or not to hack, that is not the question *Ray Kaplan Civil Libertarians -CPSR Computer Privacy/1st Ammendment/Encryption Gender Rolls and Discrimination *Judi Clark -USC Comp. Law Legalities of BBS Operation, message content laws and network concerns. *Allen Grogan, Editor of Computer Lawyer 'The Underworld' -Networking Concerns of National Networking of CCi (Cyber Crime International) Network. *Midnight Sorrow. Corporations -Packet Switching SPRINT Concerns/security and the future MCI of packet switching. (*Jim Black, MCI Systems Integrity) Misc Common misbeliefs and rumors of the underground *Scott Simpson -Virtual Reality The law, and it's intersection with VR *Karnow -Virus Related Virus developements and concerns *Mark Ludwig (The little Black Book of Viruses) -Unix Security Future developements in unix security software, Qeneral Q&A on unix security *Dan Farmer -System Administrator Security Concerns of an Administrator *Terminus The 'Underworld' -Internet The security problems with Internet/Networks Overview of hacking *Dark Druid -Getting Busted The process of getting "busted" *Count Zero -How to be a nobody Hiding your identity in the high-tech future, or The payphone is your friend. *TBA-nonymous -The Prosecutors Their concerns/problems and Hacker Hunters suggestions for the 'underworld'/Q&A -The Media The effect of the media on public perceptions *Erik Bloodaxe / Phrack Magazine CONCLUSION General Q&A This itenerary is proposed, and topics and speakers will be marked as permanant once a confirmation is recieved. This is by no means the exact format of DEF CON I. Any Questions / Comments Contact: ftp nwnexus.wa.com /pub/dtangent for more info. dtangent@dtangent.wa.com Voice Mail 0-700-TANGENT (Must use AT&T, so use the equal access code if necessary) ------------------------------------------------------------------------------ [> DEF CON I and United Airlines Travel Arrangements <] United Airlines has been chosen as the official carrier for DEF CON I and is pleased to offer a 10% discount off the unrestricted BUA coach fare or a 5% discount off the lowest applicable fares, including first class. This special offer is available only to attendees of this meeting, and applies to travel on domestic segments of all United Airlines and United Express flights. A 5% discount off any fare is alsoavailable for attendees traveling to or from Canada in conjunction with your meeting. These fares are avaliable through United's Meeting Desk with all fare rules and restrictions applying. Help support the DEF CON I Confrence by securing your reservations with United Airlines. To obtain the best fares or schedule information, please call United's Specialized Meeting Reservations Center at 1-800-521-4041. Dedicated reservationists are on duty 7 days a week from 7:00 a.m. to 1:00 a.m. ET. Please be sure to reference ID number 540II. You or your travel agent should call today as seats may be limited. As a United Meeting attendee you qualify for special discount rates on Hertz rental cars. Milage Plus members recieve full credit for all miles flown to this meeting. Tickets will be mailed by United or you can pick them up at your local travel agency or United Airlines ticket office. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Hack-Tic presents: ------------------------------------------------------------------- H A C K I N G A T T H E E N D O F T H E U N I V E R S E ------------------------------------------------------------------- An 'in-tents' summer congress H U H? +------- Remember the Galactic Hacker Party back in 1989? Ever wondered what happened to the people behind it? We sold out to big business, you think. Think again, we're back! That's right. On august 4th, 5th and 6th 1993, we're organising a three-day summer congress for hackers, phone phreaks, programmers, computer haters, data travellers, electro-wizards, networkers, hardware freaks, techno-anarchists, communications junkies, cyberpunks, system managers, stupid users, paranoid androids, Unix gurus, whizz kids, warez dudes, law enforcement officers (appropriate undercover dress required), guerilla heating engineers and other assorted bald, long-haired and/or unshaven scum. And all this in the middle of nowhere (well, the middle of Holland, actually, but that's the same thing) at the Larserbos campground four metres below sea level. The three days will be filled with lectures, discussions and workshops on hacking, phreaking, people's networks, Unix security risks, virtual reality, semafun, social engineering, magstrips, lockpicking, viruses, paranoia, legal sanctions against hacking in Holland and elsewhere and much, much more. English will be the lingua franca for this event, although some workshops may take place in Dutch. There will be an Internet connection, an intertent ethernet and social interaction (both electronic and live). Included in the price are four nights in your own tent. Also included are inspiration, transpiration, a shortage of showers (but a lake to swim in), good weather (guaranteed by god), campfires and plenty of wide open space and fresh air. All of this for only 100 dutch guilders (currently around US$70). We will also arrange for the availability of food, drink and smokes of assorted types, but this is not included in the price. Our bar will be open 24 hours a day, as well as a guarded depository for valuables (like laptops, cameras etc.). You may even get your stuff back! For people with no tent or air mattress: you can buy a tent through us for 100 guilders, a mattress costs 10 guilders. You can arrive from 17:00 (that's five p.m. for analogue types) on August 3rd. We don't have to vacate the premises until 12:00 noon on Saturday, August 7 so you can even try to sleep through the devastating Party at the End of Time (PET) on the closing night (live music provided). We will arrange for shuttle buses to and from train stations in the vicinity. H O W ? +------- Payment: In advance only. Even poor techno-freaks like us would like to get to the Bahamas at least once, and if enough cash comes in we may just decide to go. So pay today, or tomorrow, or yesterday, or in any case before Friday, June 25th 1993. Since the banks still haven't figured out why the Any key doesn't work for private international money transfers, you should call, fax or e-mail us for the best way to launder your currency into our account. We accept American Express, even if they do not accept us. But we are more understanding than they are. Foreign cheques go directly into the toilet paper recycling bin for the summer camp, which is about all they're good for here. H A ! +----- Very Important: Bring many guitars and laptops. M E ? +----- Yes, you! Busloads of alternative techno-freaks from all over the planet will descend on this event. You wouldn't want to miss that, now, would you? Maybe you are part of that select group that has something special to offer! Participating in 'Hacking at the End of the Universe' is exciting, but organising your very own part of it is even more fun. We already have a load of interesting workshops and lectures scheduled, but we're always on the lookout for more. We're also still in the market for people who want to help us organize this during the congress. In whatever way you wish to participate, call, write, e-mail or fax us soon, and make sure your money gets here on time. Space is limited. S O : +----- > 4th, 5th and 6th of August > Hacking at the End of the Universe (a hacker summer congress) > ANWB groepsterrein Larserbos (Flevopolder, Netherlands) > Cost: fl. 100,- (+/- 70 US$) per person (including 4 nights in your own tent) M O R E I N F O : +------------------- Hack-Tic Postbus 22953 1100 DL Amsterdam The Netherlands tel : +31 20 6001480 fax : +31 20 6900968 E-mail : heu@hacktic.nl V I R U S : +----------- If you know a forum or network that you feel this message belongs on, by all means slip it in. Echo-areas, your favorite bbs, /etc/motd, IRC, WP.BAT, you name it. Spread the worm, uh, word. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Billy Idol What's the story on Idol's new album, CYBERPUNK? Well, apparently he always thought computers were for "nerds" until he read Neuromancer. This book turned his opinions completely around! He talked to Gibson and got online on the Well, he became interested in freedom of knowledge and information, and he is releasing this album as an expression of this new found counter-culture. However, as usual, whenever anyone in the main stream media tries to do anything relating the Cyberpunk subculture there are always a bunch of people who are pissed off about it. On usenet in the alt.cyberpunk newsgroup a bunch of people started flaming Idol 'cause they didn't think he was on the network or involved with computer science, they just saw him as someone trying to leech a few bucks off of the culture... Well, they were proven wrong when Idol did show up on the network and posted the following... > From: idol@well.sf.ca.us (William Broad) Newsgroups: alt.cyberpunk > Organization: The Whole Earth 'Lectronic Link, Sausalito, CA > > I've been cruising through alt.cyberpunk and feel compelled to respond > to the number of inaccuracies about me and my new album CYBERPUNK. > First of all, I would like someone to come forward and tell me exactly > when I called MYSELF a cyberpunk. I have never positioned myself as an > expert in this technology. Listen. I called it CYBERPUNK because I was > revved up by the DIY energy of the Gibson novels and the high-tech > underground. When I started making music in the '70s, the punk ethic > was to be able to play and sing--regardless of knowledge and talent. > And, obviously, I didn't have much of either. When I discovered that > cyberpunk was carrying on the philosophy of putting information back > into the hands of the people, I got excited. That's what I'm about. > You're elitism is total bullshit. Anyone with a modem and a computer > can get into cyberspace. That's why I got in here in the first place > to share ideas instead of shutting each other out. I ain't no rock > star. I am an eager student. This way I can maneuver through the net, > learning, talking, arguing, and all of that. Basically, fuck all of > you who question my motives and/or integrity. You just don't get it. > billy idol After proving he was connected and involved with the network, much of the flaming continued, people flamed him, his music, the magazines which advertised his music, so on and so forth... Most of them hadn't even heard the CD!!!! Personally I think its a bunch of bull shit... It seems to me like Idol is genuinely interested in the Cyberpunk "movement." There are a lot of people who think that they are K-rad Cyberpunks and that noone from the outside world could ever reach their level of understanding! They don't want everyone and his brother on the network because then they wouldn't be "special." Jesus... I believe that EVERYONE should be on the network... My self-esteem isn't based on the fact that I'm a K-rad computer hacker! I believe Idol's CD will make the net a lot more "mainstream" and will bring a large number of new people online. We owe him a debt of gratitude for showing the world what we believe and getting people interested in the net. We have always said that if the network was made accessible to the public that people would join and they would be interested in it for the same reasons that we are! The whole world would be a part of the internet and information and knowledge would flood everywhere like the Mississippi! Well, its happening, so stop being a bunch of assholes and enjoy the revolution we have founded! The future is here! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Execution (Associated Press, April 26)-- A man accused of invading a computer and embezzling some $192,000 has been executed in China. The French Agency France-Press International News Service says Shi Biao, an accountant at the Agricultural Bank of China's Jilin branch, was accused of forging deposit slips from Aug. 1 to Nov. 18, 1991. AFP, reporting from Beijing, quoted the Xinhua news agency as saying the crime was "the first case of bank embezzlement via computer" in China, adding it came to light when Shi and his alleged accomplice, Yu Lixin, tried to wire part of the money to Shenzhen in southern China. --Charles Bowen (ED- Hopefully the SS isn't taking this as a suggestion!!) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Nashville in the CU news! Date: Fri, 30 Apr 1993 11:23:41 EDT From: Paul Hyland Subject: File 5--Clinton Administration Freedom of Information Policy >Originally From--rich@pencil.cs.missouri.edu (Rich Winkel) /* Written 2:09 am Apr 14, 1993 by nigel.allen@canrem.com in igc:alt.news-media */ /* ---------- "White House Official Outlines Freed" ---------- */ White House Official Outlines Freedom of Information Strategy at 'Information Summit' To: National Desk, Media Writer Contact: Ellen Nelson of The Freedom Forum First Amendment Center, 615-321-9588 NASHVILLE, Tenn., April 13 -- A White House official today outlined a broad open government strategy for the Clinton administration, throwing support behind legislation to apply the Freedom of Information Act to electronic records. "At the Clinton White House, most of the debate over the E-mail system is about how we can interconnect it to public services rather than how we can destroy the records or tear out the hard drives before the subpoenas come to reach us," said John Podesta, assistant to the president and staff secretary. Podesta made his comments in front of 70 participants in the nation's first Freedom of Information Summit, sponsored by The Freedom Forum First Amendment Center at Vanderbilt University. Though the economy dominates the headlines, Podesta said the new administration was quietly working across a broad front to open government. His "predictions for the first year," included: -- Working with Sen. Patrick Leahy (D-Vermont) to win approval this session for a bill allowing access to dozens of electronic databases in the federal government. -- Developing an electronic mail system within the federal government to improve citizen participation in government. -- Making the government's archives available on the nation's "information highway," and appointing a national archivist "who cares more about preserving history than about preserving his job." --Creating a "mood of declassification" with new executive orders from the president outlining what government may keep secret. -- "Reinventing government" under initiatives developed by the fall by Vice President Gore to require more openness on the part of civil servants throughout the bureaucracy. Podesta also pledged lobbying reform and political reform to "get rid of the soft money in campaigns." The Freedom of Information Act may need strengthening in addition to electronic access, he said. Pinched by a dozen years of tight information policy, news organizations have sent President Clinton a freedom of information policy paper calling for wholesale personnel changes in FOIA-related jobs, junking the secrecy classifications of President Reagan's Executive Order 12356, overhauling the Freedom of Information Act and ending military censorship of war reporting. "People working on behalf of the public on more openness in government at all levels are heartened by the prospect of the White House taking the lead in this area," said Paul McMasters, executive director of The Freedom Forum First Amendment Center at Vanderbilt University. The conference, sponsored by The Freedom Forum First Amendment Center at Vanderbilt University, is focusing on issues ranging from the Clinton administration's policies on open government to restrictions on public access to crime, accident and disaster scenes. The conference, open to the public, is at the Stouffer Hotel in downtown Nashville. Speakers on the Clinton FOI Agenda included Richard Schmidt Jr., general counsel to the American Society of Newspaper Editors and partner in the law firm of Cohn & Marks in Washington, D.C.; Theresa Amato, the director of the FOI Clearinghouse in Washington, D.C. and staff counsel for Public Citizens Litigation Group in Washington, D.C.; and Quinlan Shea, former Carter administration official who discussed problems of access to government. Former American hostage Terry Anderson will give the keynote address at the dinner tonight. The Freedom Forum First Amendment Center at Vanderbilt University is an independent operating program of The Freedom Forum. The Center's mission is to foster a better public understanding of and appreciation for First Amendment rights and values, including freedom of religion, free speech and press, the right to petition government and peaceful assembly. The Freedom Forum is a nonpartisan, international organization dedicated to free press, free speech and free spirit for all people. It is supported entirely by an endowment established by Frank E. Gannett in 1935 that has grown to more than $700 million in diversified managed assets. Its headquarters is The Freedom Forum World Center in Arlington, Va. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ASKi and the EFF I HAD several articles submitted from about the legality of boxing in the state of Tennessee. He found a statue passed in 1986 making illegal to have plans for, possess, use, or sell "toll fraud devices." We though this was somewhat odd so we E-mailed the EFF. They said that the law had been passed all-over the US, and almost every case the "plans for" statute had been ruled unconstitutional! Just thought you might want to know if you every get harassed concerning Box-files... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= AT&T There are 321,00 employees worldwide. Its '92 revenues are $64.9 billion dollars and with a net income of 3.8 billion. And they bitch about the $500K more they would make if their network was 100% secure!!! Jesus -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 2600 talks to Congress... We found this very interesting and worthy of a repost... Date: Thu, 10 Jun 1993 16:53:48 -0700 From: Emmanuel Goldstein Subject: File 1--Hacker testimony to House subcommittee largely unheard What follows is a copy of my written testimony before the House Subcommittee on Telecommunications and Finance. The June 9th hearing was supposed to have been on the topic of network security, toll fraud, and the social implications of the rapidly emerging technologies. I was asked to speak for those who had no voice, which translates to hackers and consumers. Instead I found myself barraged with accusations from the two representatives in attendance (Rep. Ed Markey D-MA and Rep. Jack Fields R-TX) who considered 2600 Magazine (of which I'm the editor) nothing more than a manual for computer crime. One article in particular that Markey latched upon was one in our Spring issue that explained how a cable descrambler worked. According to Markey, there was no use for this information outside of a criminal context. Fields claimed we were printing cellular "codes" that allowed people to listen in on cellular calls. In actuality, we printed frequencies. The difference didn't seem to matter - after explaining it to him, he still said he was very disturbed by the fact that I was allowed to keep publishing. It soon became apparent to me that neither one had read my testimony as there seemed to be no inclination to discuss any of the issues I had brought up. In a way, it was very much like being on the Geraldo show. Somehow I thought elected representatives would be less sensationalist and more interested in learning but this was not the case here. We got absolutely nowhere. Markey in particular was rude, patronizing, and not at all interested in entertaining any thought outside his narrow perception. It's too bad this opportunity was lost. There is a real danger in elected officials who don't listen to all relevant opinions and who persist in sticking to old-fashioned, outdated notions that just don't apply to high technology. You can look forward to more restrictive regulations and higher penalties for violating them if this mentality continues to dominate. (ED- John Gilmore was on the panel and noted that Don Delaney proposed a law that would make it illegal to sell security related information to juveniles. Jesus Christ!!! I run a fucking system! How am I going to keep my system secure from attacks if it is illegal for me purchase security related information!? Hell, I also write security related software, will it be illegal for me to make advances in security technology until I'm 18??? In a country were most people under 18 can't find South Africa on a map, and the life expectancy in our cities is lower than that for a soldier serving a full tour in Vietnam, I'm going to be arrested because I know too much about Computer Security??? How ignorant can these people POSSIBLY be?!?!) +++++++++++++++++++ WRITTEN TESTIMONY FOLLOWS: Mr. Chairman, members of the Committee, thank you for the opportunity to speak on the issue of the rapid growth and changes in the telecommunications industry. My name is Emmanuel Goldstein and I am the publisher of 2600 Magazine, which is a journal for computer hackers as well as anyone else who happens to be interested in the direction that technology is taking us. We tend to be brutally honest in our assessments and, as a result, we do get some corporations quite angry at us. But we've also managed to educate a large number of people as to how their telephone system works, what kinds of computers may be watching them, and how they can shape technology to meet their needs, rather than be forced to tailor their existence to meet technology's needs. I am also the host of a weekly radio program called Off The Hook which airs over WBAI in New York. Through that forum we have discovered the eagerness and curiosity that many "ordinary people on the street" possess for technology. At the same time we have seen fears and suspicions expressed that would be unwise to ignore. HOW TO HANDLE RAPIDLY CHANGING TECHNOLOGY The next few years will almost certainly go down in history as those in which the most change took place in the least amount of time. The computer and telecommunications revolution that we are now in the midst of is moving full speed ahead into unknown territory. The potential for amazing advances in individual thought and creativity is very real. But so is the potential for oppression and mistrust the likes of which we have never before seen. One way or the other, we will be making history. I think we can imagine it best if we think of ourselves speeding down a potentially dangerous highway. Perhaps the road will become slick with ice or fraught with sharp curves. It's a road that nobody has gone down before. And the question we have to ask ourselves is what kind of a vehicle would we prefer to be in if things should start getting out of control: our own automobile where we would have at least some chance of controlling the vehicle and bringing it down to a safe speed or a bus where we, along with many others, must put all of our trust behind a total stranger to prevent a disaster. The answer is obviously different depending on the circumstances. There are those of us who do not want the responsibility of driving and others who have proven themselves unworthy of it. What's important is that we all have the opportunity at some point to choose which way we want to go. Rapidly changing technology can also be very dangerous if we don't look where we're going or if too many of us close our eyes and let someone else do the driving. This is a ride we all must stay awake for. I am not saying we should be overly suspicious of every form of technology. I believe we are on the verge of something very positive. But the members of this committee should be aware of the dangers of an uninformed populace. These dangers will manifest themselves in the form of suspicion towards authority, overall fear of technology, and an unhealthy feeling of helplessness. HOW NEW TECHNOLOGY CAN HURT US The recent FBI proposal to have wiretap capabilities built into digital telephone systems got most of its publicity because American taxpayers were expected to foot the bill. But to many of the non-technical people I talked to, it was just another example of Big Brother edging one step closer. It is commonly believed that the National Security Agency monitors all traffic on the Internet, not to mention all international telephone calls. Between Caller ID, TRW credit reports, video cameras, room monitors, and computer categorizations of our personalities, the average American feels as if life no longer has many private moments. Our Social Security numbers, which once were for Social Security, are now used for everything from video rentals to driver's licenses. These numbers can easily be used to track a person's location, expenses, and habits - all without any consent. If you know a person's name, you can get their telephone number. If you have their phone number, you can get their address. Getting their Social Security number is not even a challenge anymore. With this information, you can not only get every bit of information about this person that exists on any computer from Blockbuster Video to the local library to the phone company to the FBI, but you can begin to do things in this poor person's name. It's possible we may want a society like this, where we will be accountable for our every movement and where only criminals will pursue privacy. The American public needs to be asked. But first, they need to understand. In Germany, there is a fairly new computerized system of identity cards. Every citizen must carry one of these cards. The information includes their name, address, date of birth, and nationality - in other words, the country they were originally born in. Such a system of national identity can be quite useful, but in the wrong hands it can be extremely scary. For example, if a neo-Nazi group were to somehow get their hands on the database, they could instantly find out where everyone of Turkish nationality lived. A malevolent government could do the same and, since not carrying the card would be a crime, it would be very hard to avoid its wrath. Before introducing a new technology that is all-encompassing, all of its potential side-effects and disadvantages should be discussed and addressed. Opportunities must exist for everyone to ask questions. In our own country, nobody was ever asked if they wanted a credit file opened on them, if they wanted to have their phone numbers given to the people and companies they called through the use of Caller ID and ANI, or if they wanted to be categorized in any manner on numerous lists and databases. Yet all of this has now become standard practice. This implementation of new rules has resulted in a degree of cynicism in many of us, as well as a sense of foreboding and dread. We all know that these new inventions will be abused and used to somebody's advantage at some point. There are those who would have us believe that the only people capable of such misdeeds are computer hackers and their ilk. But it just isn't that simple. UNDERSTANDING COMPUTER HACKERS To understand computer hackers, it helps to think of an alien culture. We have such cultures constantly around us - those with teenage children ought to know what this means. There are alien cultures of unlimited varieties throughout the globe, sometimes in the most unexpected places. I'm convinced that this is a good thing. Unfortunately, all too often our default setting on whatever it is we don't understand is "bad". Suspicion and hostility follow and are soon met with similar feelings from the other side. This has been going on between and within our cultures for as long as we've existed. While we can't stop it entirely, we can learn to recognize the danger signs. The best way that I've found to deal with an alien culture, whether it's in a foreign country or right here at home, is to try and appreciate it while giving it a little leeway. There is not a single alien culture I've encountered that has not been decidedly friendly. That includes deadheads, skateboarders, Rastafarians, and hackers. When we talk about computer hackers, different images spring to mind. Most of these images have come about because of perceptions voiced by the media. Too often, as I'm sure the members of this committee already suspect, the media just doesn't get it. This is not necessarily due to malice on their part but rather a general lack of understanding and an overwhelming pressure to produce a good story. Hence we get an abundance of sensationalism and, when the dust clears, hackers are being compared with bank robbers, mobsters, terrorists, and the like. It's gotten to the point that the word hacker is almost analogous to the word criminal. Fortunately, the media is learning. Reporters now approach hackers with a degree of technological savvy. For the most part, they have stopped asking us to commit crimes so they can write a story about it. As the technology envelops us, journalists are developing the same appreciation and curiosity for it that hackers have always had. Any good reporter is at least part hacker because what a hacker does primarily is relentlessly pursue an answer. Computers naturally lend themselves to this sort of pursuit, since they tend to be very patient when asked a lot of questions. WHAT CONSTITUTES A HI-TECH CRIME? So where is the boundary between the hacker world and the criminal world? To me, it has always been in the same place. We know that it's wrong to steal tangible objects. We know that it's wrong to vandalize. We know that it's wrong to invade somebody's privacy. Not one of these elements is part of the hacker world. A hacker can certainly turn into a criminal and take advantage of the weaknesses in our telephone and computer systems. But this is rare. What is more likely is that a hacker will share knowledge with people, one of whom will decide to use that knowledge for criminal purposes. This does not make the hacker a criminal for figuring it out. And it certainly doesn't make the criminal into a hacker. It is easy to see this when we are talking about crimes that we understand as crimes. But then there are the more nebulous crimes; the ones where we have to ask ourselves: "Is this really a crime?" Copying software is one example. We all know that copying a computer program and then selling it is a crime. It's stealing, plain and simple. But copying a program from a friend to try it out on your home computer -- is this the same kind of crime? It seems obvious to me that it is not, the reason being that you must make a leap of logic to turn such an action into a crime. Imagine if we were to charge a licensing fee every time somebody browsed through a magazine at the local bookshop, every time material was borrowed from a library, or every time a phone number was jotted down from the yellow pages. Yet, organizations like the Software Publishers Association have gone on record as saying that it is illegal to use the same computer program on more than one computer in your house. They claim that you must purchase it again or face the threat of federal marshalls kicking in your door. That is a leap of logic. It is a leap of logic to assume that because a word processor costs $500, a college student will not try to make a free copy in order to write and become a little more computer literate. Do we punish this student for breaking a rule? Do we charge him with stealing $500? To the hacker culture on whose behalf I am speaking today, the only sensible answer is to make it as easy as possible for that college student to use the software he needs. And while we're at it, we should be happy that he's interested in the first place. Of course, this represents a fundamental change in our society's outlook. Technology as a way of life, not just another way to make money. After all, we encourage people to read books even if they can't pay for them because to our society literacy is a very important goal. I believe technological literacy is becoming increasingly important. But you cannot have literacy of any kind without having access. If we continue to make access to technology difficult, bureaucratic, and illogical, then there will also be more computer crime. The reason being that if you treat someone like a criminal, they will begin to act like one. If we succeed in convincing people that copying a file is the same as physically stealing something, we can hardly be surprised when the broad-based definition results in more overall crime. Blurring the distinction between a virtual infraction and a real-life crime is a mistake. LEGISLATION FOR COMPUTER AGE CRIME New laws are not needed because there is not a single crime that can be committed with a computer that is not already defined as a crime without a computer. But let us not be loose with that definition. Is mere unauthorized access to a computer worthy of federal indictments, lengthy court battles, confiscation of equipment, huge fines, and years of prison time? Or is it closer to a case of trespassing, which in the real world is usually punished by a simple warning? "Of course not," some will say, "since accessing a computer is far more sensitive than walking into an unlocked office building." If that is the case, why is it still so easy to do? If it's possible for somebody to easily gain unauthorized access to a computer that has information about me, I would like to know about it. But somehow I don't think the company or agency running the system would tell me that they have gaping security holes. Hackers, on the other hand, are very open about what they discover which is why large corporations hate them so much. Through legislation, we can turn what the hackers do into a crime and there just might be a slim chance that we can stop them. But that won't fix poorly designed systems whose very existence is a violation of our privacy. THE DANGERS OF UNINFORMED CONSUMERS The concept of privacy is something that is very important to a hacker. This is so because hackers know how fragile privacy is in today's world. Wherever possible we encourage people to protect their directories, encrypt their electronic mail, not use cellular phones, and whatever else it takes to keep their lives to themselves. In 1984 hackers were instrumental in showing the world how TRW kept credit files on millions of Americans. Most people had never even heard of a credit file until this happened. Passwords were very poorly guarded - in fact, credit reports had the password printed on the credit report itself. More recently, hackers found that MCI's Friends and Family program allowed anybody to call an 800 number and find out the numbers of everyone in a customer's "calling circle". As a bonus, you could also find out how these numbers were related to the customer: friend, brother, daughter-in-law, business partner, etc. Many times these numbers were unlisted yet all that was needed to "verify" the customer's identity was the correct zip code. In both the TRW and MCI cases, hackers were ironically accused of being the ones to invade privacy. What they really did was help to educate the American consumer. Nowhere is this more apparent than in the telephone industry. Throughout the country, telephone companies take advantage of consumers. They do this primarily because the consumer does not understand the technology. When we don't understand something complicated, we tend to believe those who do understand. The same is true for auto mechanics, plumbers, doctors, and lawyers. They all speak some strange language that the majority of us will never understand. So we tend to believe them. The difference with the phone companies, and here I am referring to the local companies, is that you cannot deal with somebody else if you happen to disagree with them or find them untrustworthy. The phone companies have us in a situation where we must believe what they say. If we don't believe them, we cannot go elsewhere. This is the frustration that the hacker community constantly faces. We face it especially because we are able to understand when the local phone companies take advantage of consumers. Here are a few examples: Charging a fee for touch tone service. This is a misnomer. It actually takes extra effort to tell the computer to ignore the tones that you produce. Everybody already has touch tone capability but we are forced to pay the phone company not to block it. While $1.50 a month may not seem like much, when added together the local companies that still engage in this practice are making millions of dollars a year for absolutely nothing. Why do they get away with it? Because too many of us don't understand how the phone system works. I try to draw an analogy in this particular case - imagine if the phone company decided that a fee would be charged to those customers who wanted to use the number five when dialing. They could argue that the five takes more energy than the four but most of us would see through this flimsy logic. We must seek out other such dubious practices and not blindly accept what we are told. Other examples abound: being charged extra not to have your name listed in the telephone directory, a monthly maintenance charge if you select your own telephone number, the fact that calling information to get a number now costs more than calling the number itself. More recently, we have become acquainted with a new standard called Signalling System Seven or SS7. Through this system it is possible for telephones to have all kinds of new features: Caller ID, Return Call, Repeat Calling to get through a busy signal, and more. But again, we are having the wool pulled over our eyes. For instance, if you take advantage of Call Return in New York (which will call the last person who dialed your number), you are charged 75 cents on top of the cost of the call itself. Obviously, there is a cost involved when new technologies are introduced. But there is no additional equipment, manpower, or time consumed when you dial *69 to return a call. It's a permanent part of the system. As a comparison, we could say that it also costs money to install a hold button. Imagine how we would feel if we were charged a fee every time we used it. The local companies are not the only offenders but it is particularly bad in their case because, for the vast majority of Americans, there is no competition on this level. The same complaints are being voiced concerning cable television companies. Long distance telephone companies are also guilty. AT&T, MCI, and Sprint all encourage the use of calling cards. Yet each imposes a formidable surcharge each and every time they're used. AT&T, for example, charges 13 cents for the first minute of a nighttime call from Washington DC to New York plus an 80 cent surcharge. Since a calling card can only be used to make telephone calls, why are consumers expected to pay an extra fee as if they were doing something above and beyond the normal capability of the card? Again, there is no extra work necessary to complete a calling card call - at least not on the phone company's part. The consumer, on the other hand, must enter up to 25 additional digits. But billing is accomplished merely by computers sending data to each other. Gone are the days of tickets being written up by hand and verified by human beings. Everything is accomplished quickly, efficiently, and cheaply by computer. Therefore, these extra charges are outdated. SOCIAL INJUSTICES OF TECHNOLOGY The way in which we have allowed public telephones to be operated is particularly unfair to those who are economically disadvantaged. A one minute call to Washington DC can cost as little as 12 cents from the comfort of your own home. However, if you don't happen to have a phone, or if you don't happen to have a home, that same one minute call will cost you $2.20. That figure is the cheapest rate there is from a Bell operated payphone. With whatever kind of logic was used to set these prices, the results are clear. We have made it harder and more expensive for the poor among us to gain access to the telephone network. Surely this is not something we can be proud of. A direct result of this inequity is the prevalence of red boxes. Red boxes are nothing more than tone generators that transmit a quick burst of five tones which convince the central office that a quarter has been deposited. It's very easy and almost totally undetectable. It's also been going on for decades. Neither the local nor long distance companies have expended much effort towards stopping red boxes, which gives the impression that the payphone profits are still lucrative, even with this abuse. But even more troubling is the message this is sending. Think of it. For a poor and homeless person to gain access to something that would cost the rest of us 12 cents, they must commit a crime and steal $2.20. This is not equal access. CORPORATE RULES Hackers and phone phreaks, as some of us are called, are very aware of these facts. We learn by asking lots of questions. We learn by going to libraries and doing research. We learn by diving into phone company trash dumpsters, reading discarded material, and doing more research. But who will listen to people like us who have been frequently characterized as criminals? I am particularly grateful that this committee has chosen to hear us. What is very important to us is open communications. Freedom of information. An educated public. This puts us at direct odds with many organizations, who believe that everything they do is "proprietary" and that the public has no right to know how the public networks work. In July of 1992 we were threatened with legal action by Bellcore (the research arm of the Regional Bell Operating Companies) for revealing security weaknesses inherent in Busy Line Verification (BLV) trunks. The information had been leaked to us and we did not feel compelled to join Bellcore's conspiracy of silence. In April of this year, we were threatened with legal action by AT&T for printing proprietary information of theirs. The information in question was a partial list of the addresses of AT&T offices. It's very hard for us to imagine how such information could be considered secret. But these actions are not surprising. They only serve to illustrate the wide disparities between the corporate mindset and that of the individual. It is essential that the hundreds of millions of Americans who will be affected by today's all-encompassing inventions not be forced to play by corporate rules. In 1990 a magazine similar to 2600 was closed down by the United States government because Bell South said they printed proprietary information. Most people never found out about this because Phrack Magazine was electronic, i.e., only available on computer bulletin boards and networks. This in itself is wrong; a publication must have the same First Amendment rights regardless of whether it is printed electronically or on paper. As more online journals appear, this basic tenet will become increasingly critical to our nation's future as a democracy. Apart from this matter, we must look at what Bell South claimed - that a document discussing the Enhanced 911 system which was worth $79,449 had been "stolen" and printed by Phrack. (Some newspaper accounts even managed to change it into an E911 program which gave the appearance that hackers were actually interfering with the operation of an E911 system and putting lives at risk. In reality there has never been a report of a hacker gaining access to such a system.) It was not until after the publisher of Phrack was forced to go to trial that the real value of the document was revealed. Anyone could get a copy for around $14. The government promptly dropped its case against the publisher who, to this day, is still paying back $100,000 in legal fees. As further evidence of the inquity between individual justice and corporate justice, Bell South was never charged with fraud for its claim that a $14 document was worth nearly $80,000. Their logic, as explained in a memo to then Assistant U.S. Attorney Bill Cook, was that the full salaries of everyone who helped write the document, as well as the full cost of all hardware and software used in the endeavor ($31,000 for a Vaxstation II, $6,000 for a printer), was perfectly acceptable. It is very disturbing that the United States government agreed with this assessment and moved to put a pre-law student behind bars for violating corporate rules. MISGUIDED AUTHORITY I wish I could stand before this committee and say that we have been successful in stopping all such miscarriages of justice. While the Phrack case may have been the most bizarre, there are many more instances of individuals being victimized in similar manners. A teenager in Chicago was jailed for a year for copying a file that was worth millions, according to AT&T, but was utterly worthless and unusable to a kid. A bulletin board operator in California, along with his entire family, was held at gunpoint for hours while authorities seized his equipment in an unsuccessful attempt to find child pornography. Three hackers in Atlanta, after being imprisoned up to a year for dialing into a Bell South computer system that had no password, were forced to pay $233,000 in restitution so the company could install a password system. More recently, a student at the University of Texas at Houston was suspended from school for a year because he accessed a file that merely listed the users of the system (a file which the system allows all users to access). In increasing numbers, young people are being sent to jail, not necessarily for something they did, but rather for something they could have done in a worst-case scenario. Again this indicates fear and misunderstanding of technology and its applications. But this time those feelings emanate from those in authority. Locally, an ominous happening occurred at a 2600 monthly meeting last November. (These meetings occur in public areas in cities throughout the nation on the first Friday of every month.) Shortly after it began, the Washington meeting was broken up by Pentagon City Mall security guards. Without any provocation, people were forced to submit to searches and everybody's name was taken down. One of the attendees who was writing down an officer's name had the paper ripped from his hand, another had his film taken from his camera as he tried to document what was going on. Upon questioning by a reporter from Communications Daily, the mall security chief claimed that he was acting under orders from the United States Secret Service. Subsequent Freedom of Information Act requests by Computer Professionals for Social Responsibility have yielded more evidence implicating the Secret Service in this illegal and unwarranted action. Nothing of a criminal nature was ever found in any of the bags that were searched. But a full list of the attendees wound up in the possession of the Secret Service. It seems ironic that while hackers are conducting an open gathering in the middle of a shopping mall in order to share knowledge and welcome new people, agents of the Secret Service are lurking in the shadows trying to figure out ways to stop them. How can we move forward and talk about exciting new applications of technology when we're off to such a bad start? The people that are being arrested, harassed, and intimidated are the people who will be designing and running these new systems. They are the ones who will appreciate their capabilities and understand their weaknesses. Through our short-sightedness and eagerness to listen to the loudest voices, we are alienating the promises of the future. How many here, who grew up in decades past, remember hearing teenagers talk of how the government is after them, watching their every move, listening to their phone calls, doing everything one might expect in a totalitarian regime. Such feelings are the sure sign of an ailing society. It does not matter if these things are not actually occurring - their mere perception is enough to cause lasting harm and mistrust. PROMISE OF THE INTERNET The future holds such enormous potential. It is vital that we not succumb to our fears and allow our democratic ideals and privacy values to be shattered. In many ways, the world of cyberspace is more real than the real world itself. I say this because it is only within the virtual world that people are really free to be themselves - to speak without fear of reprisal, to be anonymous if they so choose, to participate in a dialogue where one is judged by the merits of their words, not the color of their skin or the timbre of their voice. Contrast this to our existing "real" world where we often have people sized up before they even utter a word. The Internet has evolved, on its own volition, to become a true bastion of worldwide democracy. It is the obligation of this committee, and of governments throughout the world, not to stand in its way. This does not mean we should stand back and do nothing. Quite the contrary, there is much we have to do if accessibility and equality are our goals. Over-regulation and commercialization are two ways to quickly kill these goals. A way to realize them is to have a network access point in every house. Currently, network access is restricted to students or professors at participating schools, scientists, commercial establishments, and those who have access to, and can afford, local services that link into the Internet. Yes, a lot of people have access today. But a far greater number do not and it is to these people that we must speak. The bigger the Internet gets, the better it gets. As it exists today, cultures from around the globe are represented; information of all kinds is exchanged. People are writing, reading, thinking. It's potentially the greatest educational tool we have. Therefore, it is essential that we not allow it to become a commodity that only certain people in society will be able to afford. With today's technology, we face the danger of widening the gap between the haves and the have-nots to a monumental level. Or we can open the door and discover that people really do have a lot to learn from each other, given the opportunity. It is my hope that this committee will recognize the importance of dialogue with the American public, in order to answer the questions so many are asking and to address the concerns that have been overlooked. I thank you for this opportunity to express those issues that I feel relevant to this hearing. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 2600 The following press release is brought to you by the Association for the Spread of Knowledge and Information (ASKI)... -------------------------------------------------------------------------------- ZP, TND, and 2600 Magazine are proud to present... Nashville!Nashville!Nashville!Nashville!Nashville!Nashville!Nashville!Nashville! 22222 666666 00000000 00000000 !! 2 2 6 6 0 0 0 0 !! 2 2 6 0 0 0 0 !! 2 6 0 0 0 0 !! 2 66666666 0 0 0 0 !! 2 6 6 0 0 0 0 !! 2 6 6 0 0 0 0 !! 2 6 6 0 0 0 0 !! 2 6 6 0 0 0 0 22222222 6666666 00000000 00000000 !! -=The Hacker Quarterly=- Meetings!!Meetings!!Meetings!!Meetings!!Meetings!!Meetings!!Meetings!!Meetings!! Yes, folks!!! 2600 meetings have come to NASHVILLE!!!!! We will be holding a meeting on the first Friday of every month at Bellevue Mall in the sitting area near Dillards on the first floor... The first meeting will be on Friday, July the 2nd!! All of Nashville's REAL Cyberpunks will be there!!!! The meeting starts around 5pm and will last until 8. Very informal, just show up and chat, bring some interesting info and have PHUN!!! You may want to eat first unless we all decide to move to the Food Court... Tell everyone you know to be there and tell area SysOps to ADVERTISE these meetings!!!! See you there, The White Ninja */^\* -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ASKi Phile #13 Coming Soon AKSi03 will include articles on Encryption and an article on switching under ISDN (interesting stuff!). ASKi04 will have more phone stuff. ASKI05 will contain vast amounts of information on scanners, ham radio and radio frequencies. Well we hope you will be looking for our future issues and we will be glad to accept any illuminating info you can provide! Though it did take a while to put out this issue, we will be speedier on the next few. L8TR! ASKi Phile #14 Disclaimer ASKi, Inc. does not advocate, participate in, or conspire in the violation of any law--no matter how oppressive, unconstitutional or simply stupid such law may be. ASKi, Inc. and the writers and editors of ASKiNews do not take ANY responsibility for the use of the information provided. Though we do give credit where credit is due! ASKi, Inc. does engage in description of technological processes (for educational and informational purposes only), and some of these processes may well require appropriate licensing to perform legally. Fortunately, no license is needed for the distribution or receipt of information itself! This information is compiled from various sources and persons as well as personal experiences of the authors and in NO WAY implicates ANY person in ANY crime. And remember, although we have appropriated information for this magazine, if you take it from us its STEALING... :-) ÕÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ͸ ³ Have a happy phreaking day! ³ ÔÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ; P.D. says -- "May you die on the 23rd." WiLD CHiLD says -- "Beauty is truth, truth beauty"