Copy Link
Add to Bookmark
Report
hwa-hn10
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
==========================================================================
= <=-[ HWA.hax0r.news ]-=> =
==========================================================================
[=HWA'99=] Number 10 Volume 1 1999 March 20th 99
==========================================================================
Synopsis
--------
The purpose of this newsletter is to 'digest' current events of interest
that affect the online underground and netizens in general. This includes
coverage of general security issues, hacks, exploits, underground news
and anything else I think is worthy of a look see.
This list is NOT meant as a replacement for, nor to compete with, the
likes of publications such as CuD or PHRACK or with news sites such as
AntiOnline, the Hacker News Network (HNN) or mailing lists such as
BUGTRAQ or ISN nor could any other 'digest' of this type do so.
It *is* intended however, to compliment such material and provide a
reference to those who follow the culture by keeping tabs on as many
sources as possible and providing links to further info, its a labour
of love and will be continued for as long as I feel like it, i'm not
motivated by dollars or the illusion of fame, did you ever notice how
the most famous/infamous hackers are the ones that get caught? there's
a lot to be said for remaining just outside the circle... <g>
@HWA
=-----------------------------------------------------------------------=
Welcome to HWA.hax0r.news ... #10
=-----------------------------------------------------------------------=
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*** ***
*** please join to discuss or impart news on techno/phac scene ***
*** stuff or just to hang out ... someone is usually around 24/7***
*******************************************************************
=-------------------------------------------------------------------------=
Issue #10
=--------------------------------------------------------------------------=
[ INDEX ]
=--------------------------------------------------------------------------=
Key Content
=--------------------------------------------------------------------------=
00.0 .. COPYRIGHTS ......................................................
00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC .......................
00.2 .. SOURCES .........................................................
00.3 .. THIS IS WHO WE ARE ..............................................
00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?..........................
00.5 .. THE HWA_FAQ V1.0 ................................................
01.0 .. GREETS ..........................................................
01.1 .. Last minute stuff, rumours, newsbytes ...........................
01.2 .. Mailbag .........................................................
02.0 .. From the editor..................................................
=--------------------------------------------------------------------------=
03.0 .. The Mitnick trial update.........................................
03.1 .. Mitnick to plead guilty..........................................
03.2 .. Federal Prosecutors Leak Info on Mitnick.........................
03.3 .. News from www.kevinmitnick.com...................................
04.0 .. Is Microsoft vulnerable to their own holes? .....................
05.0 .. Tiny linux packs wallop in Pre-0.49 release......................
06.0 .. Still think your NT is secure? case insensitivity issues.........
prove otherwise, again...........................................
07.0 .. Fast friends, faster foes, from uebereleet to delete ,...........
life in the underground..........................................
08.0 .. Voicemail fraud in Australia.....................................
09.0 .. Government Y2K Readiness.........................................
10.0 .. Voice mail fraud warning.........................................
11.0 .. The iButton , is YOUR costume complete with decoder ring?........
12.0 .. Courier and Press Newspaper hacked...............................
13.0 .. Youths busted in Backorifice fiasco..............................
14.0 .. Reno Looks To Curb Internet Crime................................
15.0 .. offtopic: Matter transportation in your future?..................
16.0 .. Hacking class?...................................................
17.0 .. A blast from the past ...........................................
18.0 .. Spam is ICQ's latest headache ................................
19.0 .. AOL cracked (so what else is new?) cracker busted................
20.0 .. Stolen calling card numbers are big business.....................
20.1 .. More 'hackers' steal phone service...............................
21.0 .. Promail freeware mail agent is really a trojan in disguise.......
22.0 .. Hackers taking toll on web sites ................................
=--------------------------------------------------------------------------=
AD.S .. Post your site ads or etc here, if you can offer something in return
thats tres cool, if not we'll consider ur ad anyways so send it in.
..........................................................................
HA.HA .. Humour and puzzles ............................................
HA.HA1 .. Humourous newsbytes from Innerpulse.com (www.innerpulse.com).
HA.HA2 .. Pasty Drone's take on Bill Gates' new book (www.Newstrolls.com).
..........................................................................
HOW.TO .. New section: "How to hack" by our illustrious editor ...........
.........................................................................
H.W .. Hacked Websites ...............................................
A.0 .. APPENDICES......................................................
A.1 .. PHACVW linx and references......................................
=--------------------------------------------------------------------------=
@HWA'99
00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE
OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO
WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT
(LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST
READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ).
Important semi-legalese and license to redistribute:
YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF
AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE
ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED
IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE
APPRECIATED the current link is http://welcome.to/HWA.hax0r.news
IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK
ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL
ME PRIVATELY current email cruciphux@dok.org
THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL
WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL
THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS:
I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE
AND REDISTRIBUTE/MIRROR. - EoD
Although this file and all future issues are now copyright, some of
the content holds its own copyright and these are printed and
respected. News is news so i'll print any and all news but will quote
sources when the source is known, if its good enough for CNN its good
enough for me. And i'm doing it for free on my own time so pfffft. :)
No monies are made or sought through the distribution of this material.
If you have a problem or concern email me and we'll discuss it.
cruciphux@dok.org
Cruciphux [C*:.]
00.1 CONTACT INFORMATION AND MAIL DROP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Has it occurred to anybody that "AOL for Dummies" is an extremely
redundant name for a book?
- unknown
Wahoo, we now have a mail-drop, if you are outside of the U.S.A or
Canada / North America (hell even if you are inside ..) and wish to
send printed matter like newspaper clippings a subscription to your
cool foreign hacking zine or photos, small non-explosive packages
or sensitive information etc etc well, now you can. (w00t) please
no more inflatable sheep or plastic dog droppings, or fake vomit
thanks.
Send all goodies to:
HWA NEWS
P.O BOX 44118
370 MAIN ST. NORTH
BRAMPTON, ONTARIO
CANADA
L6V 4H5
WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are
~~~~~~~ reading this from some interesting places, make my day and get a
mention in the zine, send in a postcard, I realize that some places
it is cost prohibitive but if you have the time and money be a cool
dude / gal and send a poor guy a postcard preferably one that has some
scenery from your place of residence for my collection, I collect stamps
too so you kill two birds with one stone by being cool and mailing in a
postcard, return address not necessary, just a "hey guys being cool in
Bahrain, take it easy" will do ... ;-) thanx.
Ideas for interesting 'stuff' to send in apart from news:
- Photo copies of old system manual front pages (optionally signed by you) ;-)
- Photos of yourself, your mom, sister, dog and or cat in a NON
compromising position plz I don't want pr0n. <g>
- Picture postcards
- CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250
tapes with hack/security related archives, logs, irc logs etc on em.
- audio or video cassettes of yourself/others etc of interesting phone
fun or social engineering examples or transcripts thereof.
If you still can't think of anything you're probably not that interesting
a person after all so don't worry about it <BeG>
Our current email:
Submissions/zine gossip.....: hwa@press.usmc.net
Private email to editor.....: cruciphux@dok.org
Distribution/Website........: sas72@usa.net
@HWA
00.2 Sources ***
~~~~~~~~~~~
Sources can be some, all, or none of the following (by no means complete
nor listed in any degree of importance) Unless otherwise noted, like msgs
from lists or news from other sites, articles and information is compiled
and or sourced by Cruciphux no copyright claimed.
HiR:Hackers Information Report... http://axon.jccc.net/hir/
News & I/O zine ................. http://www.antionline.com/
*News/Hacker site................. http://www.bikkel.com/~demoniz/ *DOWN!*
News (New site unconfirmed).......http://cnewz98.hypermart.net/
Back Orifice/cDc..................http://www.cultdeadcow.com/
News site (HNN) .....,............http://www.hackernews.com/
Help Net Security.................http://net-security.org/
News,Advisories,++ ...............http://www.l0pht.com/
NewsTrolls (HNN)..................http://www.newstrolls.com/
News + Exploit archive ...........http://www.rootshell.com/beta/news.html
CuD ..............................http://www.soci.niu.edu/~cudigest
News site+........................http://www.zdnet.com/
+Various mailing lists and some newsgroups, such as ...
+other sites available on the HNN affiliates page, please see
http://www.hackernews.com/affiliates.html as they seem to be popping up
rather frequently ...
* Yes demoniz is now officially retired, if you go to that site though the
Bikkel web board (as of this writing) is STILL ACTIVE, www.hwa-iwa.org will
also be hosting a webboard as soon as that site comes online perhaps you can
visit it and check us out if I can get some decent wwwboard code running I
don't really want to write my own, another alternative being considered is a
telnet bbs that will be semi-open to all, you will be kept posted. - cruciphux
http://www.the-project.org/ .. IRC list/admin archives
http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk
alt.hackers.malicious
alt.hackers
alt.2600
BUGTRAQ
ISN security mailing list
ntbugtraq
<+others>
NEWS Agencies, News search engines etc:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.cnn.com/SEARCH/
http://www.foxnews.com/search/cgi-bin/search.cgi?query=cracker&days=0&wires=0&startwire=0
http://www.news.com/Searching/Results/1,18,1,00.html?querystr=cracker
http://www.ottawacitizen.com/business/
http://search.yahoo.com.sg/search/news_sg?p=cracker
http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=cracker
http://www.zdnet.com/zdtv/cybercrime/
http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column)
NOTE: See appendices for details on other links.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm
http://freespeech.org/eua/ Electronic Underground Affiliation
http://www.l0pht.com/cyberul.html
http://www.hackernews.com/archive.html?122998.html
http://ech0.cjb.net ech0 Security
http://net-security.org Net Security
...
Submissions/Hints/Tips/Etc
~~~~~~~~~~~~~~~~~~~~~~~~~~
All submissions that are `published' are printed with the credits
you provide, if no response is received by a week or two it is assumed
that you don't care wether the article/email is to be used in an issue
or not and may be used at my discretion.
Looking for:
Good news sites that are not already listed here OR on the HNN affiliates
page at http://www.hackernews.com/affiliates.html
Magazines (complete or just the articles) of breaking sekurity or hacker
activity in your region, this includes telephone phraud and any other
technological use, abuse hole or cool thingy. ;-) cut em out and send it
to the drop box.
- Ed
Mailing List Subscription Info (Far from complete) Feb 1999
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
ISS Security mailing list faq : http://www.iss.net/iss/maillist.html
THE MOST READ:
BUGTRAQ - Subscription info
~~~~~~~~~~~~~~~~~~~~~~~~~~~
What is Bugtraq?
Bugtraq is a full-disclosure UNIX security mailing list, (see the info
file) started by Scott Chasin <chasin@crimelab.com>. To subscribe to
bugtraq, send mail to listserv@netspace.org containing the message body
subscribe bugtraq. I've been archiving this list on the web since late
1993. It is searchable with glimpse and archived on-the-fly with hypermail.
Searchable Hypermail Index;
http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
About the Bugtraq mailing list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following comes from Bugtraq's info file:
This list is for *detailed* discussion of UNIX security holes: what they are,
how to exploit, and what to do to fix them.
This list is not intended to be about cracking systems or exploiting their
vulnerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.
Please refrain from posting one-line messages or messages that do not contain
any substance that can relate to this list`s charter.
I will allow certain informational posts regarding updates to security tools,
documents, etc. But I will not tolerate any unnecessary or nonessential "noise"
on this list.
Please follow the below guidelines on what kind of information should be posted
to the Bugtraq list:
+ Information on Unix related security holes/backdoors (past and present)
+ Exploit programs, scripts or detailed processes about the above
+ Patches, workarounds, fixes
+ Announcements, advisories or warnings
+ Ideas, future plans or current works dealing with Unix security
+ Information material regarding vendor contacts and procedures
+ Individual experiences in dealing with above vendors or security organizations
+ Incident advisories or informational reporting
Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq
reflector address if the response does not meet the above criteria.
Remember: YOYOW.
You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of
those words without your permission in any medium outside the distribution of this list may be challenged by you, the author.
For questions or comments, please mail me:
chasin@crimelab.com (Scott Chasin)
Crypto-Gram
~~~~~~~~~~~
CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses,
insights, and commentaries on cryptography and computer security.
To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a
blank message to crypto-gram-subscribe@chaparraltree.com. To unsubscribe,
visit http://www.counterpane.com/unsubform.html. Back issues are available
on http://www.counterpane.com.
CRYPTO-GRAM is written by Bruce Schneier. Schneier is president of
Counterpane Systems, the author of "Applied Cryptography," and an inventor
of the Blowfish, Twofish, and Yarrow algorithms. He served on the board of
the International Association for Cryptologic Research, EPIC, and VTW. He
is a frequent writer and lecturer on cryptography.
CUD Computer Underground Digest
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This info directly from their latest ish:
Computer underground Digest Sun 14 Feb, 1999 Volume 11 : Issue 09
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Poof Reader: Etaion Shrdlu, Jr.
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
[ISN] Security list
~~~~~~~~~~~~~~~~~~~
This is a low volume list with lots of informative articles, if I had my
way i'd reproduce them ALL here, well almost all .... ;-) - Ed
Subscribe: mail majordomo@repsec.com with "subscribe isn".
@HWA
00.3 THIS IS WHO WE ARE
~~~~~~~~~~~~~~~~~~
Some HWA members and Legacy staff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cruciphux@dok.org.........: currently active/editorial
darkshadez@ThePentagon.com: currently active/man in black
fprophet@dok.org..........: currently active/IRC+ man in black
sas72@usa.net ............. currently active/IRC+ distribution
vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black
dicentra...(email withheld): IRC+ grrl in black
Foreign Correspondants/affiliate members
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ATTENTION: All foreign correspondants please check in or be removed by next
issue I need your current emails since contact info was recently lost in a
HD mishap and i'm not carrying any deadweight. Plus we need more people sending
in info, my apologies for not getting back to you if you sent in January I lost
it, please resend.
N0Portz ..........................: Australia
Qubik ............................: United Kingdom
system error .....................: Indonesia
Wile (wile coyote) ...............: Japan/the East
Ruffneck ........................: Netherlands/Holland
And unofficially yet contributing too much to ignore ;)
Spikeman .........................: World media
Please send in your sites for inclusion here if you haven't already
also if you want your emails listed send me a note ... - Ed
http://www.genocide2600.com/~spikeman/ .. Spikeman's DoS and protection site
Contributors to this issue:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Spikeman .........................: daily news updates+
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*******************************************************************
:-p
1. We do NOT work for the government in any shape or form.Unless you count paying
taxes ... in which case we work for the gov't in a BIG WAY. :-/
2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news
events its a good idea to check out issue #1 at least and possibly also the
Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ...
@HWA
00.4 Whats in a name? why HWA.hax0r.news??
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Can I see you naked?"
- Bob Barker
Well what does HWA stand for? never mind if you ever find out I may
have to get those hax0rs from 'Hackers' or the Pretorians after you.
In case you couldn't figure it out hax0r is "new skewl" and although
it is laughed at, shunned, or even pidgeon holed with those 'dumb
leet (l33t?) dewds' <see article in issue #4> this is the state
of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you
up and comers, i'd highly recommend you get that book. Its almost
like buying a clue. Anyway..on with the show .. - Editorial staff
@HWA
00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Also released in issue #3. (revised) check that issue for the faq
it won't be reprinted unless changed in a big way with the exception
of the following excerpt from the FAQ, included to assist first time
readers:
Some of the stuff related to personal useage and use in this zine are
listed below: Some are very useful, others attempt to deny the any possible
attempts at eschewing obfuscation by obsucuring their actual definitions.
@HWA - see EoA ;-)
!= - Mathematical notation "is not equal to" or "does not equal"
ASC(247) "wavey equals" sign means "almost equal" to. If written
an =/= (equals sign with a slash thru it) also means !=, =< is Equal
to or less than and => is equal to or greater than (etc, this aint
fucking grade school, cripes, don't believe I just typed all that..)
AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21)
AOL - A great deal of people that got ripped off for net access by a huge
clueless isp with sekurity that you can drive buses through, we're
not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the
least they could try leasing one??
*CC - 1 - Credit Card (as in phraud)
2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's
CCC - Chaos Computer Club (Germany)
*CON - Conference, a place hackers crackers and hax0rs among others go to swap
ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk
watch videos and seminars, get drunk, listen to speakers, and last but
not least, get drunk.
*CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker
speak he's the guy that breaks into systems and is often (but by no
means always) a "script kiddie" see pheer
2 . An edible biscuit usually crappy tasting without a nice dip, I like
jalapeno pepper dip or chives sour cream and onion, yum - Ed
Ebonics - speaking like a rastafarian or hip dude of colour <sic> also wigger
Vanilla Ice is a wigger, The Beastie Boys and rappers speak using
ebonics, speaking in a dark tongue ... being ereet, see pheer
EoC - End of Commentary
EoA - End of Article or more commonly @HWA
EoF - End of file
EoD - End of diatribe (AOL'ers: look it up)
FUD - Coined by Unknown and made famous by HNN <g> - "Fear uncertainty and doubt",
usually in general media articles not high brow articles such as ours or other
HNN affiliates ;)
du0d - a small furry animal that scurries over keyboards causing people to type
wierd crap on irc, hence when someone says something stupid or off topic
'du0d wtf are you talkin about' may be used.
*HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R
*HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to
define, I think it is best defined as pop culture's view on The Hacker ala
movies such as well erhm "Hackers" and The Net etc... usually used by "real"
hackers or crackers in a derogatory or slang humorous way, like 'hax0r me
some coffee?' or can you hax0r some bread on the way to the table please?'
2 - A tool for cutting sheet metal.
HHN - Maybe a bit confusing with HNN but we did spring to life around the same
time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper
noun means the hackernews site proper. k? k. ;&
HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html
J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d
MFI/MOI- Missing on/from IRC
NFC - Depends on context: No Further Comment or No Fucking Comment
NFR - Network Flight Recorder (Do a websearch) see 0wn3d
NFW - No fuckin'way
*0WN3D - You are cracked and owned by an elite entity see pheer
*OFCS - Oh for christ's sakes
PHACV - And variations of same <coff>
Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare
Alternates: H - hacking, hacktivist
C - Cracking <software>
C - Cracking <systems hacking>
V - Virus
W - Warfare <cyberwarfare usually as in Jihad>
CT - Cyber Terrorism
*PHEER - This is what you do when an ereet or elite person is in your presence
see 0wn3d
*RTFM - Read the fucking manual - not always applicable since some manuals are
pure shit but if the answer you seek is indeed in the manual then you
should have RTFM you dumb ass.
TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0
TBA - To Be Arranged/To Be Announced also 2ba
TFS - Tough fucking shit.
*w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions
from the underground masses. also "w00ten" <sic>
2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers)
*wtf - what the fuck
*ZEN - The state you reach when you *think* you know everything (but really don't)
usually shortly after reaching the ZEN like state something will break that
you just 'fixed' or tweaked.
@HWA
-=- :. .: -=-
01.0 Greets!?!?! yeah greets! w0w huh. - Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to all in the community for their support and interest but i'd
like to see more reader input, help me out here, whats good, what sucks
etc, not that I guarantee i'll take any notice mind you, but send in
your thoughts anyway.
Shouts to:
* Kevin Mitnick * demoniz * The l0pht crew
* tattooman * Dicentra * Pyra
* Vexxation * FProphet * TwistedP
* NeMstah * the readers * mj
* Kokey * ypwitch * kimmie
* tsal * spikeman * YOU.
* #leetchans ppl, you know who you are...
* all the people who sent in cool emails and support
* our new 'staff' members.
kewl sites:
+ http://www.freshmeat.net/
+ http://www.slashdot.org/
+ http://www.l0pht.com/
+ http://www.2600.com/
+ http://hacknews.bikkel.com/ (http://www.bikkel.com/~demoniz/)
+ http://www.legions.org/
+ http://www.genocide2600.com/
+ http://www.genocide2600.com/~spikeman/
+ http://www.genocide2600.com/~tattooman/
+ http://www.hackernews.com/ (Went online same time we started issue 1!)
@HWA
01.1 Last minute stuff, rumours and newsbytes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"What is popular isn't always right, and what is right isn't
always popular..."
- FProphet '99
+++ When was the last time you backed up your important data?
++ Attrition has updated its archive of cracked sites with one
of the biggest archives on the net http://www.attrition.org
check it out ...
++ Apple's OS X eyes Linux
Apple Computer is counting on its new Mac OS X Server software
to snare both Linux developers and customers. Apple will go part
way toward embracing the "open source" programming philosophy
today when Steve Jobs introduces the next version of Mac OS X .
http://www.news.com/News/Item/0%2C4%2C33781%2C00.html?dd.ne.txt.0316.02
++ ICQ filter ensnared in free speech debate
ICQ users who choose to screen out "objectionable" messages may
think they are simply blocking the seven dirty words or other
sexually explicit material. But without closely examining the
filtering option, users of AOL's popular chat service may be
unwittingly omitting words many do not consider "objectionable."
http://www.news.com/News/Item/0%2C4%2C33783%2C00.html?dd.ne.txt.0316.03
++ AOL, others may not back U.S. privacy plans
http://www.news.com/News/Item/0%2C4%2C33803%2C00.html?dd.ne.txt.0316.08
++ New digital cameras in Kodak's picture
http://www.news.com/News/Item/0%2C4%2C33813%2C00.html?dd.ne.txt.0316.16
++ STAR WARS' DIGITAL EXPERIMENT (CULT. 8:45 am)
http://www.wired.com/news/news/email/explode-infobeat/culture/story/18495.html
With 'Episode 1: The Phantom Menace,' George Lucas will nudge
Hollywood toward a new age of filmmaking. Some theater
chains are enthused, but others fear runaway costs and
pirating. Michael Stroud reports from Los Angeles.
++ US SEEKS MICROSOFT REVAMP (EXEC 8:45 am)
http://www.wired.com/news/news/email/explode-infobeat/story/18494.html
The 19 states who joined the federal government's landmark
antitrust case against Microsoft are unlikely to settle for
any remedy that doesn't include a revamping of the software
company, the The New York Times reported. At least some
attorneys general will seek to force Microsoft to license
the source code for its Windows operating system to other
companies. The attorneys acknowledge that the judge in the
case could still rule in the favor of Microsoft, but they
say they were emboldened by the performance of lead attorney
David Boies, and are considering asking for stronger
remedies. (Registration required to access New York Times on
the Web.)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ MICROWORKZ HITS A NEW LOW (BUS. 7:30 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18491.html
The computer maker will sell machines for US$299, with a
year's free Net access through Earthlink included. That
brings the PC in line with basic consumer electronics.
++ CYBERIAN MAKES AUCTION BID (BUS. 7:30 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18492.html
The computer e-tailer starts a companion site to its online
store, hoping to grab a piece of the auction action from the
likes of OnSale.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ FORBES TRUMPETS GOP RUN ONLINE (POL. 7:30 am)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18493.html
The magazine publisher puts up a press release on his Web
site and calls it a first.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ PC FREE GOES FREE SOURCE (BUS. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18481.html
When you buy Net access from PC Free, it'll throw in a fully
rigged computer. Fully rigged with Linux, that is. Hello
mass market, says the CEO. By Craig Bicknell.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ MILITARY VEXED BY VACCINE SCARE (POL. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18485.html
The Pentagon takes issue with Internet discussions warning
that the military's mandatory anthrax inoculation is
dangerous. Declan McCullagh reports from Washington.
++ TRUST'S TEST: GOING AFTER MS (TECH. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18476.html
Internet self-regulation gets its first big test this week,
as a privacy watchdog group considers whether to investigate
Microsoft's privacy practices. By Chris Oakes.
++ MOTHER NATURE'S TEARS (WRLD 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/story/18490.html
Tears, saliva, and the urine of pregnant women -- they all
contain a powerful protein that laboratory scientists have
successfully used to kill the AIDS virus. A New York
University biochemist said the protein, called lysozyme, may
one day yield more effective AIDS drugs since lysozyme is a
natural human compound. The new study appears in the
Proceedings of the National Academy of Sciences. The search
for the anti-HIV protein began when scientists realized the
babies of HIV-infected women were somewhat protected from
the virus and speculated that pregnant women made more
virus-killing proteins to protect their developing babies.
++ APPLE'S OPEN-SOURCE MOVEMENT (TECH. Monday)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18488.html
Steve Jobs and Eric Raymond join hands to present part of the
new MacOSX server to the open-source community. Linux fans
may not welcome the move with open arms. By Leander Kahney
and Polly Sprenger.
++ NULLSOFT SUED FOR US$20M (BUS. Monday)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18475.html
Nullsoft, maker of the de facto standard MP3 player, faces a
US$20 million dollar copyright infringement lawsuit. By
Jennifer Sullivan.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ IT'S ALL ABOUT CONVERGENCE (BUS. Monday)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18474.html
Nortel Networks teams with Microsoft, Intel, and
Hewlett-Packard to make devices that send voice, video, and
data over a single network. By Joanna Glasner.
++ MIT DREAMS OF JINI ALTERNATIVE (BUS. Monday)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18472.html
A new research facility at the Cambridge, Massachusetts
university is working to figure out how to get tomorrow's
smart devices to talk to each other.
++ CHEMICAL PLANTS FACE Y2K THREAT (POL. Monday)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18469.html
A new report warns that chemical plants face "significant"
risk of Y2K related failures. Worse, local governments seem
to be oblivious to the problem.
++ WIRELESS SUCCESS (EXEC Monday)
http://www.wired.com/news/news/email/explode-infobeat/story/18479.html
With 30 percent of Americans already possessing cellular
phones, wireless companies predict that technological
advances, lower rates, and industry consolidation will boost
the mobile's popularity even more in the next few years, the
Los Angeles Times reported. So far, incentives like
single-rate national pricing, and plans that offer a wealth
of minutes, have produced successful results, but in order
to fulfill the vision of the inter-operability of wireless
and cordless lines, companies are considering all kinds of
technological innovations and pricing plans. While most
consumers may need to wait a while for cellular global
coverage and email, the industry will continue to grow by
tapping the American youth market and
consolidating overseas.
++ BABY BELLS MISSING LOTS OF GEAR (EXEC Monday)
http://www.wired.com/news/news/email/explode-infobeat/story/18463.html
The local US phone companies have been unable to locate
nearly US$5 billion in telecommunications equipment, and
should write off the missing amount, according to an FCC
audit released on Friday, The Wall Street Journal reported.
In response to the audit, which could spur regulators to
push for lower phone rates, Bell Atlantic and SBC
Communications, highest on the list, argued that the audit
results were flawed, and all of the Bells argued that the
results shouldn't affect rates. Although the FCC report
recommends that the companies write off the missing
equipment, it isn't taking any action. Instead, it's
soliciting public comment on how to respond to the audit
results in April.
++ NETSCAPE DEAL ABOUT TO CLOSE (EXEC Monday)
http://www.wired.com/news/news/email/explode-infobeat/story/18465.html
America Online's acquisition of Netscape Communications,
approved by the US Department of Justice and valued at
nearly US$9 billion, could create tough competition for
Microsoft, The Seattle Times reported. Microsoft said the
combination could help it in its antitrust case, because the
combination of AOL with Netscape, the software company that
sought the government's help, would show how fast
competition changes in the computer industry. But backers of
the lawsuit said the acquisition does not diminish
Microsoft's monopoly.
++ PAUL ALLEN BUYS GO2NET (BUS. Monday)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18466.html
The other Microsoft founder pays US$600 million for a
majority stake in portal upstart Go2Net. The plan: Splice it
with cable TV and turn it into a broadband titan.
++ HUMAN GENE RESEARCH ACCELERATING (TECH. Monday)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18467.html
The research into classifying human genetic structure -- The
Human Genome Project -- is going so well that the
cooperative Anglo-American effort should be finished a year
ahead of schedule.
++ The browser wars heat up with IE5
http://www.news.com/SpecialFeatures/0%2C5%2C33944%2C00.html?dd.ne.txt.0318.02
++ Spam gives ICQ a new headache (full story in section 18)
http://www.news.com/News/Item/0%2C4%2C33970%2C00.html?dd.ne.txt.0318.03
++ March 17th New Celerons coming Monday
http://www.news.com/News/Item/0%2C4%2C33935%2C00.html?dd.ne.txt.0318.04
++ Intel and FTC settle
The US Federal Trade Commission (FTC) has approved the settlement of its
antitrust case against Intel, but has imposed only mild restrictions and
is continuing an ongoing investigation into the chip giant. Under the
settlement, while Intel is not able to withhold most technical
information
from companies with which it is involved in patent disputes, it may
withhold that information if it concerns the specific processor that is
the subject of the dispute and the customer is seeking to have that product
banned. Information must be provided to manufacturers no later than six
months before a processor is due for release. Intel must also report
regularly to the FTC concerning its compliance with the order. However,
the FTC may not have had its last word; it will be continuing its broader
investigation into whether Intel's dominance of the processor market
constitutes a monopoly, and if its power has been abused.
http://newswire.com.au/9903/ftcset.htm
++ MS BALLYHOOS DIGITAL AUDIO (TECH. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18512.html
Microsoft is not embracing digital audio quietly. With
strategic alliances, investments, and new technologies
folded into Windows, the blitzkrieg is on. By
Christopher Jones.
++ THE BANK OF BEENZ (EXEC 9:30 am)
http://www.wired.com/news/news/email/explode-infobeat/story/18514.html
Beenz Company Ltd., a British start-up, is launching what it
calls the Internet's first universal currency, symbolized by
a bright red bean with two strokes at the top, The Wall
Street Journal reported. Founder Philip Letts envisions the
concept as an alternative to Web advertising, explaining
that Beenz will market itself by rewarding customers who
visit sites using Beenz with the currency, which can then be
deposited at the Bank of Beenz. In preparation for the
launch, Beenz has recruited a number of retailers to hand
out and accept the currency in lieu of payment. It expects
to derive future revenue through its role as a bank,
clearing transactions and taking commissions on the Beenz it
sells. (The Wall Street Journal Interactive requires
a subscription.)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ AOL, NETSCAPE MERGER A CHALLENGE (EXEC 9:30 am)
http://www.wired.com/news/news/email/explode-infobeat/story/18529.html
Now that the acquisition of Netscape Communications is almost
complete, America Online has to move quickly to blend
Netscape's technical expertise with AOL's customer-service
savvy, the Washington Post reported. Managing the
combination will be Barry Schuler, AOL's president of
interactive services. The biggest challenge for him and for
AOL will be to set up services that can meet the needs of
both services and consumers.
++ THE WEB PRIVACY SEAL, TAKE 2 (POL. 8:30 am)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18517.html
The Better Business Bureau begins stamping its own "seal of
approval" on Web sites. Like Truste, the bureau hopes it can
calm privacy-nervous consumers. By Chris Oakes and
James Glave.
++ JAVA FOR THE CELL PHONE (TECH. 7:35 am)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18524.html
Symbian, the powerful wireless alliance formed to take on
Microsoft, says a new generation of handheld devices will
use the Sun language as part of its operating platform.
++ GLOBAL CROSSING GETS US FOOTHOLD (BUS. 7:35 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18525.html
The company that's laying fiber around the world acquires New
York-based carrier Frontier for US$11.2 billion in stock.
++ BROADBAND SATELLITE GETS A BOOST (BUS. 7:35 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18526.html
GM's Hughes says it will pump US$1.4 billion into Spaceway,
its satellite-based high-speed communications network.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
++ WHEN IRISH EYEBALLS ARE SMILING (BUS. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18521.html
The ideal St. Patrick's Day revelers will hold a pint of
Guinness in one hand and a mouse in the other as they
explore a range of new Irish portals. By Niall McKay.
++ LOST IN SPACE AND RED TAPE (POL. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18522.html
NASA should lead, follow, or get out of the way of private
space exploration. That's the consensus at a conference on
the future of space. Declan McCullagh reports
from Washington.
++ FEDS PAY TO PUSH GENOME PROJECT (TECH. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18520.html
The Human Genome race pits a government-funded consortium
that aims to keep gene data public against a private
research company that wants to own the findings. The future
of medical research is at stake. By Kristen Philipkoski.
++ UK'S ROYAL MAIL DOES E-COMMERCE (POL. 3:00 am)
http://www.wired.com/news/news/email/explode-infobeat/politics/story/18508.html
The centuries-old institution introduces a secure document
technology service aimed at the business sector. British
consumers will likely be next in line. By Wendy Grossman.
++ APPLE OPENS OS CODE (TECH. Tuesday)
http://www.wired.com/news/news/email/explode-infobeat/technology/story/18515.html
Apple is jumping on the open-source bandwagon -- at least
with one foot. The company will make parts of Mac OS X code
available to developers and promises friendly licensing
practices. By Leander Kahney.
++ THE CASE OF THE PILFERED FILTER (BUS. Tuesday)
http://www.wired.com/news/news/email/explode-infobeat/business/story/18516.html
http://www.news.com/News/Item/0%2C4%2C33888%2C00.html?dd.ne.txt.0317.03
America Online's ICQ chat service filter lets users filter
dirty words, apparently with a list illegally borrowed from
an old version of Cybersitter. By Heidi Kriz.
++ Windows 2000 compatibility still an issue
http://www.news.com/News/Item/0%2C4%2C33875%2C00.html?dd.ne.txt.0317.15
++ Microworkz $299 PC draws interest
http://www.news.com/News/Item/0%2C4%2C33838%2C00.html?dd.ne.txt.0317.16
Mucho thanks to Spikeman for directing his efforts to our cause of bringing
you the news we want to read about in a timely manner ... - Ed
@HWA
01.2 MAILBAG - email and posts from the message board worthy of a read
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Yes we really do get a pile of mail in case you were wondering ;-0
heres a sampling of some of the mail we get here, the more interesting
ones are included and of course we had to get in the plugs for the
zine coz we love to receive those too *G* - Ed
Comments: Authenticated sender is <molzmann@fruehneu.lili.Uni-Osnabrueck.DE>
From: "Matthias Olzmann" <molzmann@snoopy.lili.Uni-Osnabrueck.DE>
To: hwa@press.usmc.net
Date: Sun, 14 Mar 1999 19:54:47 0100
MIME-Version: 1.0
Content-type: text/plain; charset=ISO-8859-1
Subject: since it early days
Reply-to: molzmann@snoopy.lili.Uni-Osnabrueck.DE
Priority: normal
X-mailer: Pegasus Mail for Windows (v2.54DE)
Well...I'm reading HWA since its 'early days' !
And I just wanna say...that you do a really great job!
There is a lot of information...there is humor...
all a Admin need he would find in your HWA
go on !!
matthias olzmann
mcse
germany
----------------------------------------------------------------------------
Matthias Olzmann Forschungsstelle Literatur
Systemadministrator der Frühen Neuzeit
Tel. (0541) 969-4882 Universität Osnabrück
molzmann@fruehneu.lili.uni-osnabrueck.de
-=-
Date: 13 Mar 1999 22:37:08 -0000
To: hwa@press.usmc.net
Subject: BoardRoom: Link Exchange
From: pserv <r00ted@yahoo.com>
Reply-to: r00ted@yahoo.com
Time: Sat, 13-Mar-1999 22:37:08 GMT
hey ppl,
i just wanted to make note of the fact that yr site is not the
only site to be rejected by link exchange on the basis of
content. when i attempted to sign up for their program i sent
them a banner as they requested, but instead of being included
in the program, i got a nasty email rejecting my site due to
so called "objectionable" material. link exchange apparently
feel that pages dealing with security issues are not acceptable,
yet another friend of mine who *is* in the program is
consistently getting banners on his site for pr0n :) go figure.
anyway i say fuck link exchange, even the ppl i know who are in
it are not noticing a significant increase in traffic, and how
much do you want "random" viewers to come to your site anyway?
has anyone else experienced anything like this with this company?
l8z,
pserv
oh gotta get the plug in anyway, come see the site link exchange
hates http://proxiserv.iscool.net *warning* there's no pr0n :)
===============================================
Check this site out, it is a thing to behold for sure, and full
of interesting stuph... - Ed
Date: 17 Mar 1999 12:29:19 -0000
To: hwa@press.usmc.net
Subject: Big Shoutz
From: S C R E A M (HARP) <scream@unitedstates.com>
Reply-to: scream@unitedstates.com
Time: Wed, 17-Mar-1999 12:29:18 GMT
Just a quick note and a big shout to HWA.hax0rs for recognizing
H.A.R.Ps work and spreading the word on what we're all about.
Keep up the good work people and keep your eyes and ears out for
the next Hackers Against Racist Parties hack, coming VERY soon...
Laterz
S C R E A M
(founder of H.A.R.P)
===============================================
We support HARP and EHAP in all their endeavours, stay free and
keep the word strong and loud! ... - Ed
-=-
Date: Fri, 12 Mar 1999 10:34:22 -0500
From: sozni@USA.NET
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Re: Outlook stores PLAINTEXT password!
Although this may not be an appropriate topic for this list, there is a
related issue with Outlook password protected add-ins.
Many companies make add-in components for Microsoft Outlook such as
custom forms or folders. These add-ins are password protected to
protect code. However, when these passwords are checked at runtime,
they are left in memory as plaintext. And since Outlook forms aren't
compiled, all code is available to anyone with a password.
.sozni
A service provided by TechAID Computer Services, http://www.techaid.net
The e-mail address of the sender MAY NOT BE AUTHENTIC.
-=-
Date: 15 Mar 1999 07:23:39 -0000
Message-ID: <19990315072339.14498.qmail@saturn.beseen.com>
To: hwa@press.usmc.net
Subject: [off topic] Amiga 500 Startup Hack + slackware
From: ph0 <haxor@technologist.com>
Reply-to: haxor@technologist.com
Time: Mon, 15-Mar-1999 07:23:39 GMT
I recently procured an Amiga 500 .. I have no mouse/joystick, or
<snip>
On a more relevant note, Slackware 3.2 (and possibly others) have
a -v setting in pppsetup's pppstart script and default
permissions to allow all users to read /var/log/messages .. hence
ppp chat scripts can be read via /var/log/messages and
usernames/passwords gained .. could just be me ..
cheers!
** In case people are wondering here;s the reply I sent to the above
message jic others have similar concerns... - Ed
Date: 15 Mar 1999 15:14:07 -0000
To: hwa@press.usmc.net
Subject: BoardRoom: re: [off topic] Amiga 500 Startup Hack + sla
From: Cruciphux <cruciphux@dok.org>
Reply-to: cruciphux@dok.org
Time: Mon, 15-Mar-1999 15:14:07 GMT
:I recently procured an Amiga 500 .. I have no mouse/joystick, or
:disks though (just screen + machine) .. is there any way
:whatsoever I can make this thing _do something_? I found a
:reference to some 'hold down both mouse buttons on startup' early
:boot screen thinggo on an Amiga page, however I aint got no
:sqeaker ;(
Well you will need a mouse or you ain't going too far, also the
Amiga500 is totally disk based OS some of em have kickstart on
rom but you need a disk to do anything at all with it it ain't
like a C64 or C128 that has basic in rom and the disk is extra...
you can find the software on the web just look good and hard if
you get stuck I can maybe rustle up some software and post it
somewhere for you as I still have my ami system.
:On a more relevant note, Slackware 3.2 (and possibly others) have
:a -v setting in pppsetup's pppstart script and default
:permissions to allow all users to read /var/log/messages .. hence
:ppp chat scripts can be read via /var/log/messages and
:usernames/passwords gained .. could just be me ..
Think this is standard and it is kinda silly yeah, i'll make a
note of this in the mailbag section though anyways maybe since it
is relevant...
Cruci
================================================================
@HWA
02.0 From the editor.#9
~~~~~~~~~~~~~~~~~~
#include <stdio.h>
#include <thoughts.h>
#include <backup.h>
main()
{
printf ("Read commented source!\n\n");
/*well we;ve got a webboard i actually forgot to mention it in the last
*issue, too busy with other stuff.. anyways it works its not great but
*its free and does the job. PPL, when you join the channel on IRC don't
*expect the HWA circus to come to your town, we ain't there to entertain
*we're there to receive news reports and hangout so if you were one of
*few that just didn't get the idea last time keep it mind for the future
*ok? ok ... so here we go again.... issue #10 happy birthday to Mom and Dad!
*
* Moving right along, thanks for the continued support everyone and tty next time...
*/
printf ("EoF.\n");
}
Congrats, thanks, articles, news submissions and kudos to us at the
main address: hwa@press.usmc.net complaints and all nastygrams and
mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to
127.0.0.1, private mail to cruciphux@dok.org
danke.
C*:.
@HWA
03.0 The Mitnick Trial Update
~~~~~~~~~~~~~~~~~~~~~~~~
From Wired news
http://www.wired.com/news/news/politics/story/18432.html
Mitnick Trial: Full Speed Ahead
by Douglas Thomas
12:00 p.m. 12.Mar.99.PST
LOS ANGELES -- The trial against celebrity cracker Kevin Mitnick will
begin as scheduled on 20 April.
That's the ruling from US District Court Judge Marianne Pfaelzer, who
denied a defense request Tuesday for a continuance that could have
delayed the case until the summer.
In court on Tuesday, Pfaelzer told Don Randolph, Mitnick's attorney,
that if he expected the trial to be delayed by so much as a day beyond
its 20 April start date, he should "disabuse himself of that notion."
In a 25-count Federal indictment, the government alleges that Mitnick
copied proprietary software from computers owned by cellular telephone
manufacturers. Mitnick has been in custody here,awaiting a trial, since
1995.
The defense team wanted the court to make the government comply with the
court's previous order to identify the materials that would be presented
at the trial. Most recently, the defense requested that the government
provide the passwords for the files they have been able to decrypt.
Because of the sheer volume of new information, the defense asked that
the court "exclude from evidence any files not reasonab
ly identified,"
according to defense team attorney Greg Vinson.
Failing that, the defense requested an extension to review the new
evidence. Pfaelzer denied all motions, but did require the government
to provide passwords to the files they deciphered. This week's ruling
is not the first time Pfaelzer has turned down the defense's request
for more time.
In late January, she denied a defense motion for a 60-day continuance.
Pfaelzer has been reluctant to allow delays in the case, and made it
clear that the motion which pushed the start date back to April would
be the last before the case went to trial.
For some time, the defense has claimed that the prosecution has "failed
to comply with its constitutional and statutory discovery obligations."
Specifically, Mitnick's lawyer had accused the government of failing to
disclose its exhibit list. The defense also wants access to witness
interviews and time to review 1,300 pages of witness statements produced
by the government.
Mitnick also says he is having difficulty reviewing the evidence to be
presented against him. A laptop computer containing the electronic
evidence was installed for his use at the Los Angeles Metropolitan
Detention Center. But Mitnick was not allowed to access the portable
for nearly a month while experts inspected and re-inspected the machine.
The government denies claims that they have withheld evidence.
US Attorneys said in court documents that is "absurd" for Mitnick to
suggest that the defense team's failure to conduct interviews or perform
investigations are "somehow attributable to the government."
Pfaelzer agreed, and denied the defense motions. This week, she granted a
prosecution request to dismiss the continuance without a formal hearing.
Meanwhile, Mitnick's co-defendant Lewis DePayne, filed a motion for
severance on 1 March, asking that his case be heard separately.
In that filing, DePayne requested that his case be heard immediately,
without a jury. DePayne's attorney, Richard Sherman, argued earlier before
Pfaelzer that there is simply no evidence against his client. Pfaelzer has
indicated that she is inclined to grant the severance.
DePayne's motion is scheduled to be heard on 22 March.
@HWA
03.1 Mitnick could be free by the end of the year...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From ZDNet
http://www.zdnet.com/zdtv/newscobrand/features/story/0,3730,2228174,00.html
Mitnick to Plead Guilty
The 'Free Kevin' movement may have to wait a bit
longer-- hacker Kevin Mitnick is set to plead guilty to
criminal hacking charges.
By Alex Wellen and Luke Reiter March 17, 1999
8:30 PM Pacific Hacker Kevin Mitnick will plead guilty to computer
-related crimes after more than four years in prison awaiting trial,
according to CyberCrime sources.
The plea is contained in a court document, or "notice," jointly filed
by Mitnick's attorney and federal prosecutors, sources said. The notice
itself was filed under seal and "in camera"-- meaning the subject matter
will be discussed privately between the parties in chambers before US
Federal Court Judge Mariana Pfaelzer.
The timing for that meeting will depend on Pfaelzer's schedule and could
be as early as Friday.
Assistant US Attorney David Schindler confirmed a notice was filed, but
would not comment on whether it was a plea agreement. Mitnick's attorney,
Donald Randolph, did not respond to CyberCrime inquiries on Wednesday.
Sources said the plea agreement will place a cap on Mitnick's sentence.
Taking into consideration time already served, he could be released by
the end of the year.
This plea agreement does not involve codefendant Louis DePayne, set to
be tried alongside Mitnick next month. The proposed plea agreement does,
however, call into question DePayne's status-- suggesting that he may also
resolve his case prior to trial. DePayne's attorney, Richard Sherman,
declined to comment Wednesday night.
Mitnick, 35, has been imprisoned in the Metropolitan Detention Center,
Los Angeles for more than four years awaiting trial on computer-related
fraud charges. The 25-count federal indictment issued against Mitnick
accuses him of using computers to steal millions of dollars in software
Following the September 1996 indictment, Mitnick pleaded "not guilty"
to all counts.
Mitnick pleaded guilty twice before to similar computer
crimes, in 1989 and 1996.
In 1989, Mitnick was convicted for stealing computer programs and
breaking into corporate networks, and served eight months of a
one-year sentence. In April 1996, he pleaded guilty to possession of
15 or more unauthorized access devices (cloned cellular telephone
numbers), and for violating supervised release, and was sentenced to
22-months in federal prison.
Based in part on his prior two convictions, Mitnick has been detained
without bond since February 1995. The hacker's imprisonment without a
bail hearing, combined with his prison restrictions, has generated a
backlash among Mitnick supporters. Some critics have protested Mitnick's
treatment by attacking websites and posting political messages-- the
most recent earlier this month to a Monica Lewinsky website,
and the most notable of which shutdown the New York Times's website for
approximately nine hours last September.
Mitnick supporters have also criticized the government for delaying the
trial. However, the delays can also be attributed in part to the defense.
Over the last four years, Mitnick has been represented by three different
attorneys -- who, in combination, have filed a half-dozen motions requested
additional information. Mitnick's attorneys have argued government attorneys
have stalled efforts by unreasonably withholding information requested by the
defense.
ZDTV's CyberCrime Bureau-- which includes former
prosecutor Luke Reiter, litigator Alex Wellen, and reformed
hacker Kevin Poulsen-- will continue to bring you coverage.
@HWA
03.2 Federal Prosecutors Leak Info on Mitnick
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
March 19th
From HNN http://www.hackernews.com/
contributed by Space Rogue
Numerous mainstream media outlets are reporting that
Kevin Mitnick has pleaded guilty to computer related
crimes. It is believed that this plea of guilty is in
exchange for reduced charges and a sentence of mostly
time served. The real story is not that Kevin pleaded
out as only 4% of federal cases actually go to trial, the
real story is how the press got notified of the contents
of a _sealed_ federal court document.
If the Honorable Mariana Pfaelzer declines the plea
agreement Kevin will still be headed for trial on April 20.
If that happens Kevin's defense hopes to introduce a
motion that will dismiss most of the evidence against
him on the grounds of illegal search and seizure. It
would appear the the information used to provide
probable cause to issue a search warrant for Mitnick's
apartment was itself illegally obtained. The defense is
claiming that Tsutomu Shimomura, while a private
citizen, was in fact acting as a government agent and
therefore subject to the laws regarding illegal search
and seizure.
We urge you to visit the Free Kevin site and learn more
about what is not being said by the mainstream media.
@HWA
03.3 From www.kevinmitnick.com
~~~~~~~~~~~~~~~~~~~~~~~~~
Anonymous Sources, Politics, and the Media
March 18, 1999
In yet another political twist in the highly politicized trial preparations in United States v. Mitnick, the claim that a "notice"
was filed in camera and under seal with Judge Mariana Pfaelzer somehow found its way to the telephone, fax machine, or
email accounts of Alex Wellen, an intellectual property attorney and now a reporter with ZDTV who interned with the US
Attorney's Office Criminal Division (and two federal court judges). The lead prosecutor in the case apparently confirmed
for Alex Wellen that a notice was indeed filed. This post addresses an article that appeared on ZDTV the evening of
March 17; subsequent posts will address an article that appeared on the same topic in the L.A. Times on March 18,
1999.
Freekevin.com has learned that the "notice" is a plea agreement wherein Kevin Mitnick has agreed to plead guilty to a
reduced set of charges. While we'll discuss those reduced charges below, we'll take this opportunity to look at the curious
circumstances under which the contents of a document filed under seal in a federal court were somehow leaked to a
reporter who worked with prosecutors and two federal judges.
Why is This a Political "Twist"?
It's a violation of federal law to reveal matters that are filed under seal with the court. This creates a dilemma for politically
ambitious federal prosecutors, most recently witnessed in the repeated leaks of information from the office of independent
counsel Ken Starr.
Media Analysis 101
Returning to Alex Wellen's story, we read that....
"Hacker Kevin Mitnick will plead guilty to computer-related crimes after more than four years in
prison awaiting trial, according to CyberCrime sources."
Anonymous sources... and it is not rather odd for someone to plead guilty after spending "more than four years in prison
awaiting trial"? Can't be too odd, since Alex Wellen's article failed to mention that curiosity. Notice that there's no mention
that Kevin Mitnick was held in defiance of constitutional requirements that a detention hearing be held and the issue of bail
considered. Must not have been important. Nor was there any mention that federal law was broken in leaking the sealed
document to the press.
"The plea is contained in a court document, or "notice," jointly filed by Mitnick's attorney and
federal prosecutors, sources said. The notice itself was filed under seal and "in camera"-- meaning
the subject matter will be discussed privately between the parties in chambers before U.S. Federal
Court Judge Mariana Pfaelzer."
Anonymous sources for the second time. Second paragraph without mention that federal law was broken in leaking the
sealed document to the press. Must have been as unimportant as being held four years without bail and without a bail
hearing.
After learning the possible schedule for the trial, we read...
"Assistant U.S. attorney David Schindler confirmed a notice was filed..."
The first source attributed to an individual was attributed to the lead U.S. Attorney prosecuting the case. And defense
attorney Donald Randolph "did not respond" to inquiries, presumably by reporter -- and ex-intern at a U.S. prosecutor's
office -- Alex Wellen.
The Way Sources and Journalists Cooperate
Even ethical journalists know that they must rely on anonymous sources on occasion. To maintain their integrity, they'll
frequently insist on a quid pro quo: that they must attribute something to the source, even if it's a statement saying that "I'll
neither confirm nor deny...". That way, the story is sourced anonymously, but there's at least one, and usually more,
statements attributed to named sources.
Leaking Benefits Prosecution in U.S. v. Mitnick
Leaking the existence of a plea agreement benefits the prosecution in numerous ways; we identified three of them above
(see "Why is This a Political "Twist"?"). In addition, the first leak sets the tone of the coverage that follows, and even
first-year debate students know that when you set the boundaries of the debate, you've won without saying a word. The
prosecution has everything to gain and nothing to lose by leaking word of the existence of a plea agreement: they set the
tone of the discussion, they hope to take the energy out of the principled people who've learned about the case and
become supporters of Kevin Mitnick, and they blindside the defense attorneys. If the leaks are somehow attributed to the
prosecution, they merely issue vigorous denials, and there the matter will stop.
Leaking Poses Enormous Risks to Defense
Leaking the existence of a plea agreement poses enormous risk to Kevin Mitnick, because any agreement is submitted for
the judge's approval. Because of this uncertainty, and even at this late date, Kevin is completely focused on preparing for
trial on April 20, 1999, just 22 working days away. Indeed, Kevin's investigators have subpoenaed Tsutomu Shimomura
to do one of two things: either sign a sworn declaration that a number of factual statements in his book Takedown are
true, or appear in court on April 5th to participate in a hearing to suppress any evidence in this case based on
Shimomura's actions as a de facto federal agent who allegedly broke federal law repeatedly, and on multiple occasions.
Note that Shimomura illegally intercepted electronic communications purported to be from Mitnick, and that the court
hearing scheduled for April 5th is intended to suppress those interceptions, as well as a warrantless search conducted on
Kevin Mitnick's home in Raleigh, North Carolina (the search was undertaken subsequent to Shimomura's illegal
interceptions).
A leak from the defense runs the enormous risk of further antagonizing the judge, who might then reject the agreement,
and Kevin would then face going to trial with an overworked and understaffed attorney. The possible sentence upon
conviction of all charges is more than 35 years in federal prison. The defense would have jeopardized their entire hopes of
settling before trial if they had illegally leaked this notice -- no, the defense had no role in this leak, in our opinion.
Plea Agreement Includes Reduced Charges
If the plea agreement is approved, Kevin Mitnick will spend just a few additional months in prison, and 20 counts of the
27 original counts will be dropped. This circumstance -- that the government is willing to dismiss 75% of the charges
against Kevin -- is ample evidence in support of our claim that this case was dramatically overcharged, and was
overcharged solely as a result of the extraordinary and repeated media assaults on Kevin Mitnick by reporter John
Markoff on the front page of the New York Times. We'll have more on this issue in subsequent updates to this site.
Summary
Fewer than 4% of all federally charged defendants go to trial. The federal system is set up to virtually ensure a conviction,
as the enormous resources of the federal government are brought to bear on a single individual: trying to fight federal
charges is like trying to stop a steamroller with a picket sign protesting your innocence.
As an indigent defendant held without a bail hearing and without bail for more than four years, Kevin Mitnick has had
virtually no control over the conduct of his defense. Using the U.S. Sentencing Guidelines, Kevin faced more than 35
years if found guilty of all charges. Held in jail for four years, his contact with the outside was limited to collect phone calls,
visits with legal personnel, and with his immediate family -- all other visitors were forbidden. Although the terms of the
guilty plea are quite onerous, the possible alternative -- a potential maximum penalty of more than 35 years in federal
prison -- was simply not worth the risk of going to trial with a court-appointed attorney whose two recent motions for
continuances less than 50 days before trial were rejected by the court.
04.0 Is Microsoft vulnerable to their own holes?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Is Microsoft vulnerable to their own holes?
Via HNN www.hackernews.com/
contributed by hfspc002
With all the recent privacy holes in OLE and Office
products where does this leave Microsoft? Are they just
as vulnerable to these problems as the public? You bet!
Try downloading some MS Office documents from the
Microsoft web site and see what you find hidden in the
documents. MacInTouch has a list of some of the stuff
they found.
MacInTouchhttp://www.macintouch.com/o98securitysamp.html
Article below, I included some of the readers response
letters for amusement value also...- Ed
Office 98 Security Hole: Samples
Microsoft/Compaq Samples
Reader Experiences
In researching the long-standing Microsoft Office/OLE security holes, we took a look at some of Microsoft's
own Word documents, published on its web site long after the release of its security patch, as well as a Word
document posted by Compaq on its web site. These documents, like millions of other MS Office documents,
contain extraneous data that may unintentionally reveal sensitive confidential or private information, hidden from
view within Word.
A MacInTouch reader who pointed out one of the files wrote:
"You can easily read the name and directory path of the original file, any revisions and who did
them with full directory paths (even on the MS server), the directory paths of all attached graphics,
and what appears to be a registration numbers and passwords associated with each user that saved
the file. With enough documents, you could concievably construct a full directory structure for the
entire MS network, and have the machine codes to mimic a computer in the building. Looks like
MS has done half of the hacker's work for them... they are a break-in waiting to happen."
In each example below, we show hidden information that is invisible within Word but readily available when the
document is opened with a text editor or utility program, such as John Lamb's TextBrowser or Bare Bones
Software's BBEdit. We did not do an detailed security analysis of each document, but simply copied out some
interesting hidden material. In each case, it is unlikely that the document authors intended to reveal the hidden
information in these files, which now are available to millions of people on the Internet, although this information
appears far more innocuous than the URLs, source code directories, credit card information and private mail that
readers report finding hidden in their Word documents.
MSIE 4.5 Reviewers Guide
The names "Linda Sorenson" and "Brian Hodges" do not appear anywhere in the document, when you
are using Microsoft Word, nor do the file names and directories. "Dani Baldwin" is visible if you choose
the "Properties" menu item and view Summary, but it does not appear if you ask Word to "Find" the
text.
Dani Baldwin
Microsoft Word 8.0
D:\briansnap\more\Picture 5.GIF
D:\briansnap\more\Picture 4.GIF
D:\briansnap\Picture 2.GIF
D:\briansnap\Picture 3.GIF
Microsoft Internet Explorer 4
Dani Baldwin
Linda Sorensonn2ndMicrosoft Word 8.0E
Waggener Edstrom
Microsoft Internet Explorer 4
D:\briansnap\more\tcrop.gif
D:\briansnap\Picture 55.gif
D:\briansnap\more\Picture 5.GIF
D:\briansnap\more\Picture 4.GIF
D:\briansnap\Picture 2.GIF
D:\briansnap\Picture 3.GIF2
D:\briansnap\more\textclup.gif
D:\briansnap\more\explorer.gif
D:\briansnap\more\favs.gifz!D:\briansnap\more\Picture 16.GIF
D:\briansnap\more\printopt.gif
D:\briansnap\more\Picture 21.GIF
D:\briansnap\more\Picture 20.GIF
D:\briansnap\Picture 56.gif
D:\briansnap\more\Picture 23.GIF
D:\briansnap\more\Picture 2.GIF
D:\briansnap\Picture 6.GIF
D:\briansnap\more\explorer.gif
D:\briansnap\more\favs.gif
D:\briansnap\more\Picture 16.GIF
D:\briansnap\more\printopt.gif
D:\briansnap\more\Picture 21.GIF
D:\briansnap\more\Picture 20.GIF
D:\briansnap\Picture 56.gif
D:\briansnap\more\Picture 23.GIF
D:\briansnap\more\Picture 2.GIF
D:\briansnap\Picture 6.GIF
Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc
Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc
Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd
Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd
Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd
Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd
Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd
Linda SorensonC:\windows\TEMP\MIERG.doc
Brian Hodges#C:\WINDOWS\Desktop\MIERG 120898.doc
Linda Sorenson?\\WE-WA2\DATA\LindaS\Macintosh\Press materials\MIERG 120898.doc
MSIE/OE 4.5 Innovation
This example shows information leaks similar to those of the previous example:
\\Macbu\public\maclogo\Maclarge.gif
Prill$C:\WINDOWS\TEMP\MacInnovations22.doc
Linda Sorenson\\WE-WA2\DATA\LindaS\MacInnovations22.doc
Dani Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\InnovaPR.doc
Dani Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of InnovaPR.asd
Dani Baldwin C:\temp\AutoRecovery save of InnovaPR.asd
Dani Baldwin C:\TEMP\AutoRecovery save of InnovaPR.asd
Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\InnovaPR.doc
Brian Hodges C:\WINDOWS\Desktop\InnovaPR new.doc
Linda Sorenson
C:\windows\TEMP\InnovaPR.doc
Linda Sorenson9\\WE-WA2\DATA\LindaS\Macintosh\Press materials\Innova.doc
Microsoft Internet Explorer 4
Linda Sorenson
MSIE 4.5 Fact Sheet
Here we can identify some new people involved in the project, although their names, too, are invisible
within Microsoft Word. Note also the presence of the "GUID" fingerprint:
_PID_GUID_PID_HLINKSAN{2DD3214D-64E7-11D2-9002-0000C0657DF9
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
\\Macbu\public\maclogo\macsmal2.gif
Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc
Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.doc
Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.docDani
Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of 4.5IEFS
Christina Snavely \\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc
Linda Sorenson:\\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS.doc
Brian Hodges C:\WINDOWS\TEMP\AutoRecovery save of 4.asd
Brian Hodges"C:\WINDOWS\Desktop\4.5IEFS new.doc
Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS new.doc
Compaq Modem Overview
In the Word document posted by Compaq, we again find the name of the author, even though he is not
listed in the Properties sheet, plus his file and directory names and the GUID information:
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Bretting%C:\My Documents\modem white paper.doc
Greg Brettin %C:\My Documents\modem white paper.doc
Greg Bretting:C:\WINDOWS\TEMP\AutoRecovery save of modem white paper.asd
Terry Durham%C:\My Documents\modem white paper.doc
C:\S&S_dataprep\White Papers\NEW\prt005a0798.doc
_PID_GUID_PID_HLINKSAN{EB8A944A-2068-11D0-BD46-00AA00A42EA1}Al
C:\cpq_logo\REDCPQSM.BMP
More MacInTouch Reader Experiences
From: [MacInTouch reader]
Subject: word98 security issue, it's bigger than you think.
Date: Wed, 10 Mar 1999
I have to remain anonymous about this please, because of the implications this might have.
I am a developer and I occasionally use word98 for reports and such. Reading your report
yesterday about the security issue, I wanted to see if it was true. I opened one of my old word docs
in codewarrior (after changing the file type/creator codes ) and found the there were not only
directory listings to source code I was working on at the time, but also names of specific functions
within the source. These things were not menitioned anywhere within the document I typed, but
they are embedded in my file. I can supply you with the file if you like, but I'd rather not because it
has my name in it and I think the reprecussions of this could be rather large. If you have any
questions about this, feel free to send them to me.
Date: Wed, 10 Mar 1999 12:04:01 -0500
From: Joe Gudac
Organization: Gudac Bowling Lanes
Subject: Word Info
Ric,
After reading about all these problems with the info Word stores with it's files I decided to look at
some of the files I had for my business. I picked a simple file that only had my business letterhead
and address info and business tax id numbers that I had to give to our bank recently.
When looking at the file in canopener I was astonished to find that the file had information from
other files containing my credit card numbers and personal information about myself and my family.
I have tried for the past several years to not be a Microsoft basher and have tried to learn as much
about their software applications to keep myself up to date with the standard business technology,
but this is absurd. This along with some of the testimony that has been presented in their anti trust
trial I am terrified that they are big brother and may be more corrupt than our government. If that
isn't a scare.
Enjoy your information and keep up the great web site.
Regards,
Joseph J Gudac Jr
Date: Mon, 15 Mar 1999
From: [MacInTouch reader]
Subject: WORD SECURITY
*** Please keep the following anonymous:
I too have stopped defending Microsoft.
I work for a *major* Internet company at a fairly high level. This morning I too looked at a report I
submitted last week using Notepad. Not ONLY did it have my name and directories on my hard
drive, but it had information on OTHER applications that are totally unrelated to MS Word in it!
These apps are competitors of MS (not that many aren't these days). BUT I think the most
disturbing was this: all my reports have the same filename except for the date (contained in the
filename too). The paths to EVERY report in that directory were there too.
In a world where the economoy is changing (mostly for the better I like to think) it's SAD to think
actions like these undermine the trust people place in companies that work hard. People should be
empowered and educated about technology, not intimidated and afraid because of it. I believe
Microsoft is validating a LOT of people's fears about privacy and security unnecessarily.
--- Concerned.
Date: Mon, 15 Mar 1999 10:52:00 -0500 (EST)
From: Oj Ganesh
To: MacInTouch
Subject: Microsoft security
I read with interest your stories and updates concerning GUID numbers and other personal
informaion being found in documents created by microsoft programs. Thanks for all the updates
and keeping with the story.
Yesterday I finally got around to removing some original software that my imac came with, when I
noticed a control panel called "Configuration Manager". In it was a section called "Cookies", which
(when clicked on) displayed *Some* cookies on my system. Two of the cookies immediately
caught my attention since I had never visited the sites with my imac. They were: microsot.com and
msn.com, they both had the name "MC1" and they were 'enabled'. Double clicking on the cookies
brought up the Cookie Properties box which had this shocking line: "Value: GUID=(my GUID
presumably)". I couldn't believe it! Both cookies were identical (both were also set to expire on
"Expires: Wed, Sep 15, 1999 7:00 PM GMT") in every respect.
The "Configuration Manager" control panel is apparetly made by Microsoft (as the about box
says)...
Thanks, keep up the good (Mac) work,
-Oj
Date: Mon, 15 Mar 1999 11:10:49 -0600
To: notes@macintouch.com
From: [MacInTouch reader]
Subject: Microsoft Security Issues
Ric,
This may have been reported prior, and it may be less intrusive than the Microsoft issues, but we
seem to be ignoring the fact that many other applications besides those from Microsoft carry
artifacts from files unrelated to the current one. For the most part these are data that we'd rather not
be seen by others.
At the moment, I'm referring specifically to Adobe PageMaker. PageMaker files opened in Can
Opener reveal lots of extraneous data - directory paths, hard drive names, file names that appear to
be unrelated to the current file, and perhaps references to other sensitive data. These are data that
are not visible and cannot be found or expunged by any normal means. In addition to embedding
directory paths, filenames, etc., related to the current file, it seems that whenever you do a "save as"
in PageMaker a lot of data from the original file become permanent and reside in that and all future
iterations, or saved as versions, of that file. The data can compound to become an interesting
record in its own right.
Lots of folks transfer lots of data in the form of PageMaker files and I'll wager that few of them are
aware of the nature of some of the data they're "making public" when they do.
Maybe some of the more experienced (than me) sleuths will care to comment on PageMaker too?
Date: Mon, 15 Mar 1999 12:54:31 -0500
Subject: Word Privacy Problems
From: "Jeremy LaCivita"
To: notes@macintouch.com
Unbelievable!
After reading your section on Word privacy issues, I opened up a paper I wrote last week in
BBEdit. In addition to a bunch of paths on my machine (which is somewhat understandable) i found
addresses of all the sites I had visited that night (using Internet Explorer):
3Com/Palm Computing - Macintosh
The Apple Store (U.S.)
The Apple Store (U.S.)
In other documents I found information about my email account like my mail server. Who knows
what other information is hidden in the document mixed in with all of the gibberish.
This really bothers me! The paths to images used in the file in somewhat understandable and
relevant, but this is completely irrelevant, and I really think Microsoft needs to explain themselves.
Jeremy
Date: Tue, 16 Mar 1999 01:46:52 +0100
Subject: word98 security - history recorded
From: altair@bigfoot.de
To: notes@macintouch.com
Encouraged by the interesting reports about security problems in word98 docs I carefully examined
some of my files with a text editor.
Guess what. The complete history of some documents I've been using since one year has been
recorded in the file (different OS versions, different machines to be identified by their owner's
names and different hierachical file structures were all plainly visible).
Obviously previous versions of word (at least word 6) own this special "recording feature", too.
Isn't it nice? Thank you, Big Bill, this is exactly what users needed most.
@HWA
05.0 Its a Trinux world after all - Tiny unix packs wallop in Pre-0.49 release
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Main site;
http://www.trinux.org/
Mirrored at;
http://www.genocide2600.com/~tattooman/trinux/images/pre-0.49/
From Packetstorm: http://www.genocide2600.com/~tattooman/
Trinux Pre-0.49 floppy images - "Pre-0.49 floppy images are now available. The floppies now support the features added to
TrinuxHD about a month ago. Most importantly the modem.tgz package now works-- on my system at least. If you follow
the un-Linux-like prompts and type ppp-go you should be able to log via your ISP. Man ppp gives you some background
information and nmap -D will allow you to roll your own "sophisticated and coordinated attacks" from foreign countries
against domestic sites of your choosing. A better idea: spend your milk money on TCP/IP Illustrated Volume 1 and sniff
your modem traffic using tcpdump till you get a clue. Oh yeah, the dialup data disk may become a hot commodity soon
because I imagine I'll yank it after the third message I get asking how to sniff passwords with tcpdump." -- mdf [ed. note: i
couldn't have said it better myself, so i just quoted mdf instead]. Our favorite mdf quote: "I'll tell ya' this security biz is
cutthroat and incestuous, just like a fscking soap opera." Trinux web site, Trinux ftp. MD Franz is the Trinux Project
Leader.
@HWA
06.0 Case insensitivity issue affects NT security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Fri, 12 Mar 1999 13:03:57 -0700
From: Mark <mark@NTSHOP.NET>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: [ ALERT ] Case Sensitivity and Symbolic Links
Prasad Dabak of Cybermedia Software Private Limited has discovered yet
another security risk in Windows NT involving the operating system's case
sensitivity. According to the report, using the permissions on the "\??"
object directory and by exploiting the case sensitivity of object manager,
it is possible to trojan any system executables.
Any ordinary user has write permissions on \?? Object directory. This is to
allow user to map network drives or use "subst" utility to alias a directory
to a new drive letter. Each system drive has an entry into \?? object
directory. Each entry is actually a symbolic link which points to the device
associated with that drive (ergo: Symbolic link \??\C: will typically point
to a device such as \Device\HardDisk0\Partition1). It is possible to create
a trojaned version of this symbolic link using the different character
case -- for example, it is possible to create a symbolic link such as \??\c:
(notice the small letter "c".) By doing this, all the requests to drive C
get routed through the trojaned symbolic link.
Please visit the following URL, where you'll find the further details along
with links to a demonstration of the problem.
http://www.ntsecurity.net/scripts/load.asp?iD=/security/casesensitive.htm
Mark
----------------------------------------------------------------------------
Date: Sat, 13 Mar 1999 00:32:19 +0100
From: Alexandre Stervinou <stervino@INFO.ENSERB.U-BORDEAUX.FR>
To: BUGTRAQ@netspace.org
Subject: New Security Vulnerability in WinNT
A new security vulnerability in Windows NT4 has been released, I was
just surfin' on http://www.cybermedia.co.in/, when I saw this:
<quote>
CSPL has uncovered most serious Case Sensitivity vulnerability in
Microsoft's Windows NT operating system. This security hole allows you
to get "Administrator" access on a machine while logged in as "guest" or
any ordinary user
[...]
Description:
Using the permissions on the "\??" object directory and by exploiting
the case sensitivity of object manager it is possible to trojan any
system executables.
</quote>
--
Alexandre Stervinou
mailto:stervino@info.enserb.u-bordeaux.fr
----------------------------------------------------------------------------
http://www.cybermedia.co.in/
Case Sensitivity vulnerability:
Description:
Using the permissions on the "\??" object directory and by exploiting the
case sensitivity of object manager it is possible to trojan any system
executables.
Problem:
Any ordinary user has write permissions on \?? Object directory. This is to
allow user to map network drives or use "subst" utility to alias a directory
to a new drive letter. Each drive on the system (let it be local/network/substed)
has an entry into \?? object directory. Each entry is actually a symbolic link
which points to the device associated with that drive. (e.g Symbolic link \??\C:
will typically point to a device such as \Device\HardDisk0\Partition1). It is
possible to create a trojaned version of this symbolic link using the different
case. e.g it is possible to create a symbolic link such as \??\c: (notice the
small letter c). By doing this, all the requests to drive C gets routed through
the trojaned symbolic link. (e.g If you get the contents of symbolic link \??\D:
and create a symbolic link say \??\c: and put those contents there, then
executing dir command on drive C will give you directory listing for drive D).
So effectively you can route the traffic on drive C to drive D. This is exactly
what the simulation program exploits.
Simulation:
The description of simulation assumes that you have unzipped the files from the
demo in a directory called C:\FOO and your Windows NT System directory is
C:\WINNT\SYSTEM32.
The simulation works on latest service packs of all Windows NT versions (3.51, 4.0, 5.0)
When you execute BESYSADM.EXE. The program follows the following steps.
Create an indentical directory structure of Windows system directory under
the directory C:\FOO. i.e it will create a directory structure such as
C:\FOO\WINNT\SYSTEM32
Copy all the POSIX subsystem binaries and required DLLs (except PSXSS.EXE)
from C:\WINNT\SYSTEM32 directory to
C:\FOO\WINNT\SYSTEM32
Copy the trojaned version of PSXSS.EXE and a dummy posix application
DUMMYAPP.EXE from C:\FOO to C:\FOO\WINNT\SYSTEM32
Get the contents of the symbolic link \??\C: and append \FOO to it. i.e if
the contents of symbolic link \??\C: is \Device\HardDisk0\Partition1
then new name formed will be \Device\HardDisk0\Partition1\FOO
Create a symbolic link \??\c: (note small c) with the contents as
\Device\HardDisk0\Partition1\FOO
Hence effectively executing a dir command on drive C will now give
directory listing of C:\FOO
Next the program starts a posix application DUMMYAPP.EXE as "POSIX /c DUMMYAPP.EXE"
This results in SMSS.EXE starting POSIX subsystem which effectively loads
trojaned version of PSXSS.EXE.
This trojaned version inherits security context of SMSS.EXE and hence our
PSXSS.EXE runs in root privilege.
This trojaned version adds the logged in user to the local administrator group. T
The name of the logged in user is passed through a file called u.ini that
is created in C:\FOO\WINNT directory.
Comments
The program actually uses \DosDevices everywhere instead of \??, since Windows NT 3.51
does not have \?? object directoy and has DosDevices object directory. Starting from
Windows NT 4.0, \DosDevices is actually a symbolic link which points to \??. Hence using
DosDevices allows the program to run on all Windows NT versions.
Instructions for Demo
Fresh boot the machine.
Login as any ordinary user (guest will also do)
Unzip the files in attached .ZIP file in some directory on any local hard drive
on your machine
Run BESYSADM.EXE
Note:
If you are using Non-English version of Windows NT OR name of the local administrator
group is renamed, then specify the name of the local administrator group as a command
line to BESYSADM.EXE. If no arguments are specified the program assumes that you are
runnning on English version and the name of the local administrator group is "Administrators".
----------------------------------------------------------------------------
Date: Sat, 13 Mar 1999 01:07:18 -0800
From: Dominique Brezinski <dom_brezinski@SECURECOMPUTING.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Re: [ ALERT ] Case Sensitivity and Symbolic Links
At 01:03 PM 3/12/99 -0700, Mark wrote:
>Any ordinary user has write permissions on \?? Object directory. This is to
>allow user to map network drives or use "subst" utility to alias a directory
>to a new drive letter. Each system drive has an entry into \?? object
>directory. Each entry is actually a symbolic link which points to the device
>associated with that drive (ergo: Symbolic link \??\C: will typically point
>to a device such as \Device\HardDisk0\Partition1). It is possible to create
>a trojaned version of this symbolic link using the different character
>case -- for example, it is possible to create a symbolic link such as \??\c:
>(notice the small letter "c".) By doing this, all the requests to drive C
>get routed through the trojaned symbolic link.
Well, the exploit does not work on my machine--it fails with "Internal
error..." when run in my test configuration. I am running NT 4.0
Workstation, SP4, ProtectionMode set to 1, file and registry permissions
set to those recommended in Steve Sutton's NSA guide, Guest user enabled
and allowed to log on locally, %SystemRoot% is on the C partition, and the
exploit executables on the D partition (the only place writable by guest on
my system). I enabled auditing on the \?? object and no access was
attempted. So, it appears that something about my configuration stopped
the exploit in its tracks ;) When I run it from an admin account, it
returns a message saying that the account is already a member of the
administrators group. Oh yeah, I had to enable the Posix subsystem too.
As with the KnownDLLs exploit, good system administration should impede
these kinds of exploits. Though, they are doing a good job of scratching
the surface of huge classes of local privilege escalation attacks for NT.
Dominique Brezinski CISSP (206) 898-8254
Secure Computing http://www.securecomputing.com
@HWA
07.0 Fast friends, faster foes, from uebereleet to delete:life in the underground
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Some of us have been there, many of us have been into systems and gained
the gnards and gno the shit, some decide to forge alliances or form groups
others tend to stay out of the loop and usually out of detection and the lime
light, here's a brief look into a situation that developed recently between
HcV members discussing the spamming of underground webboards and alleged DoS
attacks on their servers by one of their own.
WARNING, this log is for the most part unedited and contains some fucked up
shit about back stabbing, friends and general underground life....
* THIS LOG HAS BEEN EDITED it is available on the web but i'm withholding
the url, coz I don't want to step on certain ppl's toes. - Ed
ùíù Starting logfile IrcLog
IRC log started Tue Mar 16 20:45:21 1999
ùíù Value of LOG set to ON
<mindphasr> NANCY MXXXX
<mindphasr> 8021 XXXXXX VIEW PL
<mindphasr> STANWOOD WA 98292
<mindphasr> (360)XXX-X7X7
<mindphasr> I will give this # a call
<mindphasr> in 5 minutes
<silicosis> wow yer ereet
<eCh0> Starting logfile IrcLog
<eCh0> Value of LOG set to ON
<mindphasr> and if you dont answer, i will persue you and really own you
<silicosis> 0wn me
<mindphasr> stop msg'ing me sil
<eCh0> ch0wn
<silicosis> whats your # ill call you
<mindphasr> i dont give out my #
<eCh0> silicosis is the kid who was spamming the board
<ch0wn> hello
<mindphasr> sorry.
<eCh0> mindphasr just pasted his info
<ch0wn> heh
<silicosis> yes i spamemd the board
<silicosis> your so fucking stupid
[silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name.....
<mindphasr> silicosis: You have gotten yourself into some problems,
<silicosis> masuashash come get me
<mindphasr> just ask pwr on unet
<eCh0> [silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name.....
<mindphasr> maybe you would have thought twice.
<eCh0> silicosis: why? so you can rip someone elses name? like silicosis or k0de? LOL
<mindphasr> lol
<ch0wn> silicosis: go by aC1dbUrN and be fEEred
[silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now
<eCh0> [silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now
ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2638]]
ùíù BitchX: Type /chat to answer or /nochat to close
<eCh0> im not private chatting you
ùíù DCC CHAT:<any> to silicosis closed
<eCh0> quit messaging me bitch
ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2642]]
ùíù BitchX: Type /chat to answer or /nochat to close
ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]]
ùíù BitchX: Type /chat to answer or /nochat to close
ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]]
ùíù BitchX: Type /chat to answer or /nochat to close
ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]]
ùíù BitchX: Type /chat to answer or /nochat to close
[mindspring]!irc.mindspring.com Server flood protection activated for eCh0
<eCh0> Server flood protection activated for eCh0
<mindphasr> lol private chat
ùíù BitchX: Unknown command: IGNORELIST
ùíù BitchX: Doing this is not a good idea. Add -YES if you really mean it
ùíù Usage: /I - See INVITE
ùíù Usage: /IG +|-<nick>
- Ignores ALL except crap and public of nick!host matching <nick>
ùíù BitchX: No such command [IGL]
ùíù BitchX: No such command [IG*]
ùíù Usage: /Ig +|-<nick>
- Ignores ALL except crap and public of nick!host matching <nick>
ùíù Usage: /UnIg <nick>
- UnIgnores <nick>
ùíù BitchX: There are no nicks on your lame nick list
<Debris> #ILAH ON DALNET!
<mindphasr> úùú silicosis invites you to join #l0cked. ^A to accept.
<Debris> INTERNATIONAL LEAGUE AGAINST HACKERS
<mindphasr> are you stupid?
<eCh0> he is trying to be nice now since he is screwed
<eCh0> he is going to end up like bronc
<mindphasr> yes, he is
<eCh0> from mosthated..lol
<eCh0> fuck
<silicosis> bronc is a hairy gay cowboy
<eCh0> where is mosthated?
<silicosis> log that
<eCh0> jail?
<silicosis> HcV was a lame group i started under the name "DragonFyre" a long time ago
<silicosis> log that too
<silicosis> ironlungs was known as Hoss Boss
<silicosis> he was an ereet winnuking m0f0
<Crimz0n> lol
<silicosis> i liked to ping flood quakers with windows 3.11
#feed-the- ch0wn H ch0wn@ip14.fort-worth.tx.pub-ip.psi.net (www.ro0t.nu)
#feed-the- chem1st H sekurity@x-forces.com (xF)
#feed-the- silicosis H ~gu1d@sos-dialup210.nwlink.com (* I'm to lame to read BitchX.doc *)
#feed-the- HowzeR H ~bob@dial65.pm3abing1.abingdonpm.naxs.com (bobby)
#feed-the- mindphasr H mind@mindphasr.activesecurity.net (mindphasr)
#feed-the- eCh0 H ~eCh0@web2.wing.net (T e a)
#feed-the- Crimz0n H ~h0@host-209-214-147-166.msy.bellsouth.net (CriMz0N)
#feed-the- LordGoat H snark@sex.addicts.org (LORD OF THE GOATS!)
#feed-the- Debris H ~Debris@ppp-5800-02b-3243.mtl.total.net (DIE)
#feed-the- UT H ut@sass2192.sandia.gov (UT)
#feed-the- in0d3 H magical@sells.drugs.for.the.blacklotus.net (magical <magical@apolloweb.net>)
#feed-the- IL H magical@hella.pimps.the.hoes.and.stuph.org (magical <magical@apolloweb.net>)
[msg(mindphasr)] hmm, im going to quit HcV, IL wont even kick silicosis out
<mindphasr> [- pwr -]
<mindphasr> scorpio@spectranet.ca
<mindphasr> Drew Cecil,Lucy(parents) Plummer
<mindphasr> 84 XXXXXXXXXXXXXXXXX
<mindphasr> Hamilton, ON L8E 1A1
<mindphasr> Phone: (905) XXX-6925
<mindphasr> Home Value: $89,699
<mindphasr> Cars: 1997 Black Ford Bronc, 1998 red Saturn (unkown make)
<mindphasr> Doctor: St. Marys Medical Hospital Uptown, Dr. Shwartz
<mindphasr> Estimated phone bill for 02-05-99: $9,900
<eCh0> lol
<ch0wn> mindphasr: whos that?
<mindphasr> -(bronc)-
<mindphasr> Name ... Erik J. XXXXXXX
<mindphasr> Street ... 920 W 4TH AVE APT 1.
<mindphasr> Phone Number ... 530-XXX-17XX
<mindphasr> Mother ... 530-XXX-59XX
<mindphasr> City ... CHICO CA, 95926-3674
<mindphasr> U@H ... bronc@2600.COM
<mindphasr> SS ... 556-XX-4X0X
<Debris> LOL
<mindphasr> a silicosis entry will look nice.
<Crimz0n> heh
<silicosis> ok thats it killall named
<eCh0> lol
<eCh0> (silicosis unlocks his elite haxoring secret: killall named)
<eCh0> (everyone stares in awe)
<silicosis> go on icq ech0
<eCh0> so you can get my IP and DoS me?
<eCh0> oh yeah
<eCh0> thats smart
<silicosis> hide on invisible then i dont give a shit
<eCh0> i dont even have icq on
<silicosis> im in windows using tribe making myself look elite
<eCh0> well you must have screwed up somewhere
<silicosis> fucking hell..... die named die
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
[msg(ch0wn)] lol, this is funny shit, im gonna post the logs from this on packetstorm once he is done
ùíù gargan [gargan@u105-173.rose.net] has joined #feed-the-goats
[msg(ch0wn)] and i'll add it on the goat page along with the dalnet #hackerz article and the LoU war one
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh k
<silicosis> hcv is the lamest shit ive ever seen, i never should have started it......
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh...i though ppl liked silicosis, guess not
[msg(ch0wn)] no one likes silicosis, he hides behind me and IL and the other members of HcV
<mindphasr> gH 0wns HcV :P
[msg(ch0wn)] and all he does is DoS
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh
<mindphasr> gH 0wns LoU
<mindphasr> gH > *
<mindphasr> HEHE
<eCh0> eCh0 > gH
<eCh0> =)
<silicosis> i dont care for it anymore, thats why i quit last week, you all cause pointless damage
<silicosis> you must all be bored to shit?
<eCh0> pointless damage
<eCh0> wow
<chem1st> Yes, else we wouldn't be on here
<chem1st> :>
<eCh0> just like your rm -rf of hack-net?
<eCh0> and your elite DoS attacks on EVERYONE?
<silicosis> ohh lets go hack some japanese site....
<mindphasr> sil will be busy
<mindphasr> you wont be bored, i gurantee it
<silicosis> im only here to say my last fuck you's and goodbyes
<eCh0> mindphasr, lets get some gay porno mags mailed to him
<Debris> <DukeNukem3D> Hackers are cruel, vicious, lifesucking, bottom-dwelleing, scum
<Debris> sucking, toilet licking, dog eating, freaks with too much free
<Debris> time!(especially the ones who do it for fun!)
<Debris> <debris> you just say that because you have no skills
<chem1st> No, pocket pussies!
<eCh0> silicosis: thats nice, no one here likes you and wants your goodbye..just leave now
<Crimz0n> lmao
<mindphasr> silicosis: you will be hearing more from me
<mindphasr> later bro
<silicosis> i hope you reconsider what your doing, you'll get busted one day like i did for pinching ech0s penis
<Crimz0n> heh
<eCh0> i dont do anything illegal to get busted man..
<ch0wn> eCh0: i will narc u for irc idling!
<eCh0> lol
<silicosis> im on ken's side, so you children go and have fun, hack all your ereet Japan sites....
<eCh0> ken's side?
<eCh0> silicosis
<eCh0> ken will be having word with your mom soon man
<eCh0> that is why ch0wn is here to see all of this
<Debris> who gives a shit about ken
<eCh0> and that is why this is being logged
<silicosis> you go ahead and log it, nothing matters to me anymore
<eCh0> silicosis: Ken doesn't need 12 year old kids who spam webboards on his side man.
ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- -
| silicosis (~gu1d@sos-dialup210.nwlink.com) (Internic Commercial)
³ ircname : * I'm to lame to read BitchX.doc *
| channels : @#l0cked #feed-the-goats
³ server : irc2.lagged.org ([209.127.0.66] The Black Hole for Pings!)
<silicosis> all you can do is kick/ban/dos attack
ùíù BitchX: Checking tables...
ùíù BitchX: [silicosis!~gu1d@sos-dialup210.nwlink.com]: sos-dialup210.nwlink.com
ùíù BitchX: IPs: [209.20.225.210]
<chem1st> Might as well kill yourself and donate your body to science
<eCh0> if you dont care then just leave
<Debris> chem1st rot will not be accepted
<chem1st> =(
<gargan> chem1st: dedicated to the destruction of canada?
ð mindphasr/#feed-the-goats puts sil up for adoption
<chem1st> Yes I am a seperatist :>
<silicosis> then you children stop DoS attacking sos.ent
<silicosis> then you children stop DoS attacking sos.net
<chem1st> DIE POOR PROVINCES DIE
<eCh0> silicosis, none of us are children, and none of us are DoS'ing anything, stop trying to turn this around
<eCh0> silicosis, it doesn't matter either way though, because soon you'll either be in court or signing up for welfare after you get your new bills
<Debris> chown are you only here to try to impress people with what you heard on irc?
<eCh0> debris
<eCh0> chill
<eCh0> ch0wn is cool now
<eCh0> we are getting along
<LordGoat> i hereby declare crimz0n a goat
<ch0wn> :)
<Crimz0n> really?
<eCh0> The lord of the goats has spoken.
<eCh0> lol
<chem1st> Did he pass the "eating grass" test?
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
<Crimz0n> lol
<HowzeR> ph34r the lord goat
ùíù Scottit0 [~lakd@ppp22-wednesday.mkl.com] has joined #feed-the-goats
<eCh0> real goats smoke grass, eating grass is nasty
<Scottit0> ahhh shit
<Scottit0> silicuntis??
<Crimz0n> 000h
<chem1st> eCh0: Both actually..
<Crimz0n> I smoke grass y0
ð silicosis/#feed-the-goats is back from the dead. Gone 0 hrs 21 min 19 secs
<Scottit0> Silicuntis
<chem1st> heh
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] now silicosis is trying to play nice with me
[msg(ch0wn)] LOL
[ctcp(#feed-the-goats)] PING
ùíù CTCP PING reply from IL: 0.820 seconds
ùíù CTCP PING reply from in0d3: 1.110 seconds
ùíù CTCP PING reply from Crimz0n: 1.112 seconds
ùíù CTCP PING reply from UT: 1.000 seconds
ùíù CTCP PING reply from Scottit0: 1.382 seconds
ùíù CTCP PING reply from mindphasr: 1.690 seconds
ùíù CTCP PING reply from ch0wn: 1.692 seconds
ùíù CTCP PING reply from HowzeR: 1.693 seconds
ùíù CTCP PING reply from Debris: 1.695 seconds
ùíù CTCP PING reply from silicosis: 1.697 seconds
ùíù CTCP PING reply from gargan: 2.200 seconds
ùíù CTCP PING reply from LordGoat: 3.260 seconds
ùíù CTCP PING reply from chem1st: 3.262 seconds
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem
1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
<eCh0> i didnt even see that gargan is here
<eCh0> neet
<gargan> isnt it tho
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] he says yer all blaming him for the b0rt/ezo0n's shit and i said "but u did do it didnt u" and hes like no they are just saying its me cause i said i quit and now they are all pissy
<chem1st> Who's that? :P
<gargan> chem1st: never you mind
<gargan> just some loser
<Scottit0> heh
[msg(ch0wn)] lol, he quit? more like he got kicked out, no one wanted him
<chem1st> Ha, welcome to the club
<chem1st> :>
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh
<Debris> gargan is nicks butt buddy
<eCh0> whos nick
<gargan> no
<gargan> he isnt
<Debris> nick=cyberarmy
<gargan> is it true cyberarmy got rm -rf'd?
<Scottit0> gargan is silicuntis ass friens?
<eCh0> lol, cyberarmy
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
<gargan> i dont talk to nick anymore
<gargan> cyberarmy got way too lame for me a long time ago
<gargan> that damn board
<gargan> eeew
<eCh0> "Cyberarmy has been involved in security auditing attacks of the Pentagon and robotics"
<eCh0> neat
<eCh0> robotics
<eCh0> oooooooooh-ahhhhhhh
<gargan> oh jesus christ
<eCh0> i will make robots from the models at radio shack
<gargan> that fucking about page...
<Crimz0n> heh
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] just emailed ken
<chem1st> haha
<gargan> some german guy emailed me asking me to work for him cause of that damn thing
[msg(ch0wn)] i'll send you the log of this, LOL
<gargan> i prolly still have the email somewhere
[msg(ch0wn)] i'm going to post this shit everywhere, it will be hillarious
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k
<Debris> do you wanna no where the name cyberarmy really came from
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] hehe, the public humilation of silicosis
<Debris> www.electronicarmy.org used to host him
<Debris> and he had an idea where he is a general and he orders little lamers to email bomb
<gargan> that was your server wasnt it?
<Debris> no
<Debris> i just used it
<Scottit0> silicosis takes it up the ass
<Crimz0n> lol
<eCh0> Scottit0 = SilicoSiS
[msg(ch0wn)] post on packetstorm and tell ken to come here
<Scottit0> scottit0 is not silicuntis
[msg(ch0wn)] if you can
-Crimz0n(~h0@host-209-214-147-166.msy.bellsouth.net)- DCC Chat (127.0.0.1)
ùíù DCC CHAT (chat) request from Crimz0n[~h0@host-209-214-147-166.msy.bellsouth.net [127.0.0.1:1786]]
ùíù BitchX: Type /chat to answer or /nochat to close
<eCh0> lol
<eCh0> DCC Chat (127.0.0.1)
ùíù DCC CHAT:<any> to Crimz0n closed
<Crimz0n> lol
<Scottit0> chit
[ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k, if ken replies to the email, i'll tell him he can come here and laugh at silicosis
[msg(ch0wn)] oky
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
ùíù BitchX: Unknown command: QUESO
p1mp.bx iz n0w loaded nigg0r!
/phelp for a help screen
Some of this code is ripped, much props to the ones who made it
204.80.232.172:139 * Windoze 95/98/NT
204.80.232.172:113 *- Not Listen Unknown (may be loss of pkts) ?
204.80.232.172:23 *- Not Listen Unknown (may be loss of pkts) ?
<Debris> gargan does nick irc
209.20.225.210:139 * Dead Host, Firewalled Port or Unassigned IP
209.20.225.210:113 * Dead Host, Firewalled Port or Unassigned IP
209.20.225.210:23 * Dead Host, Firewalled Port or Unassigned IP
<eCh0> hmm, maybe not..
<gargan> i dont know
<gargan> i havent talked to him for months
<gargan> cept about that he hasnt paid Freshman
<Scottit0> silicosis fucks anal money up the ass
<eCh0> what was it that freshman made for him?
<gargan> thing to add something to every text file on his server or something
<Debris> paid freshman for what??
<gargan> you havent been reading packet storm
<gargan> while back he made a delphi program to alter like 100 html files for nick
<Debris> i cant get there
<Debris> lol
<gargan> nick was sposed to pay him 50 bucks for it
mosthated: No such nick/channel
<Debris> lol
[msg(mindphasr)] ya there?
<Debris> whata ho mo
<gargan> who?
[mindphasr(mind@mindphasr.activesecurity.net)] sorta
[msg(mindphasr)] silicosis is in here as Scottit0 now, lol
[ Channel ][ Nickname ][ user@host ][ level ]
[#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a]
[#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a]
[#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a]
[#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a]
[#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a]
[#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a]
[#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a]
[#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a]
[#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a]
[#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a]
[#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a]
[#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a]
[#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a]
[#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a]
[mindphasr(mind@mindphasr.activesecurity.net)] yeah, i see that
<Debris> nick
...........................LOG ON
IRC log ended Tue Mar 16 21:14:42 1999
Disclaimer: This log was provided by eCho and is shown in the form
it was displayed on the web with minor editing, the hacker fight
continued into the night and I left the channel after about three mins
so draw your own conclusions etc and welcome to the underground.
@HWA
08.0
09.0 Government Y2K Readiness
~~~~~~~~~~~~~~~~~~~~~~~~
Government Y2K progress
Full story: http://newswire.com.au/9903/y2kdisc.htm
The first in-depth data on the progress of Federal Government agencies
in dealing with the Y2K problem shows that more than half of all agencies
are now ready to deal with the problem -- but some are still struggling to
catch up, including the department responsible for IT. The figures, which
cover activities through to February this year, show that the total number
of systems identified as compliant or back online is now 59%, up from
44% in November. However, a handful of departments have not have half or
less of their systems compliant. These include Communications, Information
Technology and the Arts (36%), Immigration and Multicultural Affairs (48%),
Treasury (50%) and Veterans Affairs (38%). Government officials said
they were pleased with the progress to date, and that there were unlikely to
beany major glitches come January 1, 2000.
@HWA
10.0 Voice mail fraud warning
~~~~~~~~~~~~~~~~~~~~~~~~
http://newswire.com.au/9903/vfraud.htm
Companies with call-through facilities on their voice mail systems have
been warned to watch out for exposure to fraudulent use. According to
the Australian Communications Authority (ACA), a number of Australian and
New Zealand organisations have been hit by a scheme in which call-through
options on some voice mail facilities are used to dial other numbers,
often overseas. The fraud is well organised and the ACA is considering whether
a code or standard for such equipment is necessary to prevent it occurring
in future.
Watch out for voice mail fraud: ACA
Selina Mitchell
Companies with call-through facilities on their voice mail systems have
been warned to watch out for exposure to fraudulent use.
According to the Australian Communications Authority (ACA), a number of
Australian and New Zealand organisations have been hit by a scheme in
which call-through options on some voice mail facilities are used to dial
other numbers, often overseas. The fraud is well organised and the ACA is
considering whether a code or standard for such equipment is necessary to
prevent it occurring in future.
"The ACA advises organisations with voice mail systems which have such
features to contact their supplier immediately to assess their susceptibility
to this fraud, and either de-activate or limit the extent of the call-through
facility and their possible exposure to the fraud," said ACA executive
manager, Grant Symons in a statement. "They should also monitor their
costs for international calls."
The modus operandi is for the perpetrators of the fraud to telephone an
organisation (often after hours and on weekends) to gain access to their
voice mail. If the voice mail system has the ability to direct a call back from
voice mail to the organisation's PABX system (known as call-through), then
they can dial out to international destinations, it said.
"The latest telecommunications equipment is very sophisticated and offers
benefits to industry and consumers, but has the potential to be misused for
fraudulent purposes," said Symons. "It may be necessary to protect the
Australian community by regulating the equipment to limit the potential for
future fraud."
The ACA is taking an increasingly active role in regulating
telecommunications equipment. The warning comes just a week after it
banned mobile phone jamming systems (see story).
This article is located at http://newswire.com.au/9903/vfraud.htm
@HWA
11.0 The iButton as jewellery with a purpose
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The iButton as featured in Volume 15 #4 of 2600 magazine is now
available as a ring or watch and these things look pretty snazzy
i've always worn electronics and ribbon cabling as jewellery but
this is the ultimate since it actually has a use too ;-) ... - Ed
http://www.ibutton.com/DigStore/access.html
Java-Powered Ring
The Java-Powered Ring is a special version of the Digital Decoder Ring that runs Java Card 2.0, enabling multiple applications to reside in a
single iButton. Dynamic objects, large stacks, and garbage collection give the form exceptional functionality. Fast-write nonvolatile RAM lets
applets be added or deleted on demand, giving you the ability to update. Services not even envisioned today can be added in the future by
downloading applets. The 6K byte RAM lets this Java computer take on the more complex tasks envisioned for Internet commerce, requiring
end-to-end connectivity.
Java-Powered Ring--$65 (iButton with Java included)
Note: You must know your ring size to order. You cannot re-size the ring.
To order, call 1-800-336-6933 from the U.S. or 972-371-6824 internationally.
Digital Decoder Ring
The magic ring that made many a super hero powerful now swoops down from the world of science fiction onto your hand. The Decoder Ring
consists of a shank with a Memory iButton as the signet jewel.
Digital Decoder Ring--$59.50 (DS1996 8Kbyte iButton included)
Note: You must know your ring size to order. You cannot re-size the ring.
@HWA
12.0 Courier and Press Newspaper hacked
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Via DC-STUFF posted by erehwon
SJ Mercury News) EVANSVILLE, Ind. [2.20.99] -- A computer hacker
gained access to online classified advertisements at the Courier &
Press, said company president Vince Vawter.
The hacker altered wording in more than a dozen ads in the electronic
edition of the ``Fast Trak'' automotive publication. Ads in the
printed version of ``Fast Trak'' were not affected. The incident was
reported to the FBI. Electronic advertising can be viewed by persons
across the nation and is considered a form of interstate commerce.
``I think it may have been a prank, but it's very serious,'' said
Vawter. ``It's tampering with a commercial message. These advertisers
are paying us to put that message out there.''
The electronic ads are part of the Courier & Press online edition.
Online ads are protected with a password that is changed periodically.
But further precautions will be instituted to protect the on-line
publication.
Vawter said the ads were paid for by an area car dealer. He declined
to identify the car dealer or what message the hacker posted in the
dealer's ads.
The Courier & Press is taking steps to identify the hacker. Vawter
said it is important to protect the integrity of online advertising.
``Electronic commerce is certainly in its infancy, but it's going to
be a growing field. We consider this to be like somebody coming into
our shop and changing the wording in our ads,'' he said.
==
Some day, on the corporate balance sheet, there will be
an entry which reads, "Information"; for in most cases
the information is more valuable than the hardware which
processes it. -- Adm. Grace Murray Hopper, USN Ret.
==
http://www.dis.org/erehwon/
@HWA
13.0 Youths busted in Backorifice fiasco
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FUD FUD FUD and FUD, I was toying with the idea of putting this in the
humour section this article is so damn funny or even leave it out
completely but its included here for the archive if for no other use as
to put a smile on your face and bring a tear to your eye... here it is
from http://straitstimes.asia1.com.sg/cyb/cyb1_0317.html
in all its glory, pHEAR BO hax0rz (sniff sniff)
Secrets of an Internet snoop exposed
Trojan Horse is the name of software that allows hackers to find out
other users' passwords. Computer experts from Singapore, Australia
and the US tell SAMANTHA SANTA MARIA about the software with a sting
in its tail.
A TROJAN Horse program, which a hacker sends out to snoop and bring
back information from cyberspace, can be followed back to the hacker's
** nest quite easily, computer experts said.
** We live in trees now do we? - Ed
This is because such programs generate unique identification codes for
the hacker while he is capturing information from his victims.
** These codes allow the authorities to find out where the hacker came from.
** codes? what codes? 31337 and 12345 or our ips?!? pHEER!! pHEER!
The Singapore, Australian and US experts were commenting on the recent
case here in which 17 SingNet users' passwords were posted on the Internet
by a character called Acidgerm.
The Criminal Investigation Department arrested two youths two days after
The Straits Times reported on the website containing the passwords.
** The CID declined to say how it went about its work, but revealed that
the Trojan Horse method had been used. The experts The Straits Times
contacted said the most common Trojan Horse programs are Back Orifice and
NetBus, which can be obtained from the Internet easily .
** I give up theres too much here to make fun of i'll leave the rest to
you guys to enjoy... - Ed
Both work the same way: The hacker sends them to the victim as an attachment
to an e-mail, or while the victim is exchanging files during a chat using a
program such as Internet Relay Chat.
The hacker's programs then gather information -- passwords and credit card
numbers, for instance -- and (pHEER!) send this back to him.
But each of these snooper programs generates a unique number for the hacker
-- NetBus generates 12345 and Back Orifice, 31337. (least they got this bit
right) Normal Web users have other codes while they are in cyberspace.
(cyberspace?)
And just like the Electronic Road Pricing system, which can detect what
kind of vehicle is passing under a gantry, the servers of the various
Internet access service providers, such as SingNet or CyberWay, log the
traffic passing through.
Mr Stephen James, managing director of IT Audit & Consulting, an Australian
computer security firm, said investigators need scan only the service providers'
records for the numbers.
They can then track the source of the Trojan Horse: the telephone number from
which it originated and to which the information gathered was sent.
Commenting on the expertise of those who used the Trojan Horse method of entry
here recently, Mr James said that they appear to be inexperienced.
A spokesman for Infinitum, a local IT security firm, said: "The numbers, 12345
and 31337, are default numbers in the Trojan Horse programs. "More advanced
hackers would have known how to change them."
ACIDGERM: Net attack by two youths
TWO youths, one a 22-year-old Nanyang Academy of
Fine Arts student, and the other an unemployed
19-year-old, used the Trojan Horse program to track
down the passwords of 17 SingNet subscribers illegally.
Going by the name Acidgerm, they set up a website
called SickNet on Xoom.com, a host in the US and
used it to reveal the log-in names and passwords of the
subscribers.
They were tracked down by CID's computer crime
branch sleuths and arrested two weeks ago.
@HWA
14.0 Reno Looks To Curb Internet Crime
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Reno Looks To Curb Internet Crime
Contributed by FProphet
WASHINGTON (AP)
A NEW public-private alliance to curb Internet crime will help
teach children "that hacking is the same as breaking and
entering," Attorney General Janet Reno said Monday.
Educating children about acceptable online behavior is among three
initiatives under the Cybercitizen Partnership, an initiative of
government and the high-tech industry to promote cyberspace ethics
and help law enforcers track down online criminals.
"All children know it's wrong to break into a neighbor's house or
read your best friend's diary. Unfortunately, fewer realize that
it's wrong to break into their neighbor's computers and snoop through
their computer files," Reno said.
The Cybercitizen Partnership also will feature a "personnel exchange
program" between private business and federal agencies in which both
will learn how the other responds to threats and crimes over the
Internet. Companies can find out how best to help law-enforcement
agencies, and government officials will learn what business
interests and influences drive industry decisions.
The campaign also will create a directory of computer experts and
computer security resources so that "law enforcement will know where
to turn," Reno said.
The partnership was announced, along with Reno's comments, during a
high-tech industry summit sponsored by the Information Technology
Association of America.
"A decade ago, cybercrime and cyberterrorism didn't really exist
outside of Hollywood movies. Today, they are very real threats,"
Reno said.
"We cannot allow cyberspace to become the Wild West of the
information age."
Last week, a top Pentagon official warned members of the Senate
Armed Services Committee about an electronic Pearl Harbor by
cyberterrorists more likely to go after commercial targets than
military ones.
Deputy Defense Secretary John Hamre said he worries increasingly
about the vulnerability of commercial and financial interests.
"This Pearl Harbor's going to be different," he said last Tuesday.
"It's not going to be against Navy ships sitting in a Navy shipyard;
it's going to be against commercial infrastructure, and we don't
control that. And there's been little progress on that."
A follow up from dc-stuff list that sums up a pretty good reply
to this proposal;
Date: Tue, 2 Mar 1999 16:41:54 -0500
Subject: Re: Janet Reno launches anti-hacking initiative
On Tue, 16 Mar 1999 20:57:02 -0900 J K H <arcangyl@juno.com> writes:
>
>If you have pertinent information that you don't want anyone, aside
>from the specified receiver, to know; why put it on site? Why put
>this kind of information on an insecure network?
perhaps a better question would be: why hide information? not only
should information be _free_, but people should realize that
*information* is worthless. it is only when information is transformed
into knowledge that it is valuable. only when companies and governments
begin to realize that the archaic data model that used to work in the
industrial age is not relevant to the age of knowledge will a rational
and realistic definition of *cybercrime* exist...
>>Educating children about acceptable online behavior is among three
>>initiatives under the Cybercitizen Partnership, an initiative of
>>government and the high-tech industry to promote cyberspace ethics
>>and help law enforcers track down online criminals.
>
>"Acceptable online behavior?" This needs some salt to wet the palate,
>it's too dry and general.
i would also question whether ms. reno or anyone in the clinadmin is
capable of characterizing what is "acceptable online behavior." they
don't understand the net and they certainly cannot oversee it...
leave that to its owners -- its users...
ac
-=-
... 'nuff said - Ed
@HWA
15.0 Offtopic: Matter transportation in your future?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is an interesting post from the dc-stuff list, sure its probably
full of baloney but it makes interesting reading nonetheless... - Ed
Source: Max Planck Society <http://www.mpg.de/news99/news13_99.htm>
Posted 3/17/99
Munich Laser Emits A Beam Of Matter Waves
German scientists at the Max Planck Institute for Quantum Optics in
Garching and the University of Munich have developed a laser that emits a
continuous heam of matter waves instead of light (to be reported in
Physical Review Letters).
Such unprecedented control over atomic motion becomes possible by the
laws of quantum mechanics at very low temperatures, close to absolute
zero, where the atoms reveal their wave nature.
Atom lasers open new prospects in many areas of science and technology.
For instance, it should become possible to accurately deposit atoms on
surfaces and thus to produce tiny nanostructures, as needed in future
computer circuits. Atom lasers may also lead to extremely precise atomic
clocks for future navigation and communication systems.
In their experiments, Tilman Esslinger, Immanuel Bloch and Theodor W.
Hänsch have taken pictures of the shadow cast by their atom laser beam.
The pencil-like beam contains about half a million rubidium atoms and is
accelerated downwards by gravity.
Just as a beam of light, an atom laser beam can be focused and reflected
by using lenses or mirrors consisting of laser light (or of magnets). It
appears feasible to focus an atom laser beam to a spot size of one
nanometer, which is a thousand times smaller than the smallest focus of a
laser beam.
The atom laser is based on Bose- Einstein condensation. If a gas is
cooled to a few millionth of a degree above absolute zero, the atoms lose
their identity and behave as a single entity, some kind of "super atom".
Such a Bose-Einstein condensate was first produced by American scientists
in 1995.
In the Munich experiment, a dilute gas of rubidium atoms is captured in a
sophisticated low-power magnetic trap and cooled down to reach
Bose-Einstein condensation. With the help of a radiofrequency field the
scientists flip the atomic spin so that atoms are allowed escape from the
magnetic trap. In vacuum, the atoms are accelerated by gravity and form a
parallel beam of coherent matter waves.
It the radiofrequency field is turned on before condensation sets in, the
atom laser can only reach threshold, if there is laser "gain". Unlike a
Bose-Einstein condensate, such a laser relies on matter wave
amplification by stimulated elastic scattering of rubidium atoms just as
an optical laser relies on light amplification by stimulated emission of
radiation.
Two years ago, a group at MIT demonstrated the first pulsed atom laser.
The Munich group is the first to produce a continuous matter wave beam
which can be maintained for a tenth of a second. The wave packet of each
atom extends over the entire length of this beam, so that a quantum
object of truly macroscopic dimensions is created. The high brightness
and coherence of such a matter wave beam opens exciting perspectives for
the young fields of atom optics and atom interferometry.
___________________________________________________________________
You don't need to buy Internet access to use free Internet e-mail.
Get completely free e-mail from Juno at http://www.juno.com/getjuno.html
or call Juno at (800) 654-JUNO [654-5866]
@HWA
16.0 Hacking class?
~~~~~~~~~~~~~~
Businesses are actually holding classes for this...
http://cgi.pathfinder.com/time/magazine/articles/0,3266,21458,00.html
Cracking The Code
BY CHRIS TAYLOR
The dress code is business casual--no jeans allowed, not to
mention pierced noses. It's the first day of class--hacking
class--and the instructors, smartly attired in matching
corporate polo shirts, point at screens full of code and
step-by-step directions on how to hack a host computer.
"Get this: No username, no password, and we're connected,"
says one. "I'm starting to get tingles. They're going to be
toast pretty quick." Geekspeak, at least, is still de
rigueur.
In the world of corporate espionage, a company's host
computer is the mother lode, which means that protecting it
is vital. That's the goal of Extreme Hacking, one of a
growing number of counterhacking courses that teach
perfectly respectable people the how-tos of cracking their
own networks so they can better protect them. "We're kind
of wearing the white and black hats at the same time," says
Eric Schultze, the Ernst & Young instructor who gets
tingles from an exposed password file.
How easy is it to hack? If these guys can teach a novice
like me how to break through a firewall, I figure, then all
our networks --at least, the ones without encryption keys
or extremely alert administrators--are in trouble. Why?
Because this is the information age, and the average
computer gives up far too much information about itself.
Because a network is only as strong as its weakest user.
And because the most common log-on password in the world,
even in non-English speaking countries, is "password." With
users like this, who needs enemies?
How big a problem is this in the real world? "Rarely is
there a moment when a hacker isn't trying to get into our
networks," says a senior Microsoft executive. "People go
looking for that weak link." Recently hackers found a
backdoor through a user in Europe--an administrator, no
less--with a blank password. This allowed the hacker root
access--the ability to change everyone else's password,
jump onto other systems and mess up the payroll file.
In our first class, we have no problem rooting around in
the Web servers of a top Internet company. We find three
open ports on the firewall and a vulnerable mail server.
"This network is a f___ing mess," says a classmate. "We
need to have a word with these people."
Over the next few days, any faith I had in the security of
the world around me crumbles. Think your password is safe
because it isn't "password"? If it's in the dictionary,
there is software that will solve it within minutes. If
it's a complex combination of letters and numbers, that may
take an hour or so. There is software that will hijack your
desktop and cursor--and you won't even know about it.
Hacking doesn't require much hardware; even a Palm Pilot
can do it. What protection do you have? "Minimize
enticements," say the teachers. If you don't want to be a
victim of information rape, in other words, don't let your
network give out so many details to strangers.
Old-school hackers scoff at the notion that businesses can
stop them. "Corporations can't teach hacking," says
Emmanuel Goldstein, editor of the hacker quarterly 2600.
"It has to be in you." Perhaps. But if a few more firms
learn to avoid becoming toast, that's no bad thing. END
ShadowVrai
http://shadowvrai.evil.nu
______________________
"Did you really think you could call up the devil and ask him to behave?"
__________
_____________________________________________
Get your free personalized email address at
http://www.MyOwnEmail.com
@HWA
17.0 A blast from the past
~~~~~~~~~~~~~~~~~~~~~
Heres an old text from my archives thats been gathering dust from the
80's thought you might be interested in it some of the info is still
valid but theres little of actual value;
**************************************
* A beginners guide to: *
* H A C K I N G *
* *
* U N I X *
* *
* By Jester Sluggo *
* Written 10/08/85 *
**************************************
In the following file, all references made to the name Unix, may also be
substituted to the Xenix operating system.
Brief history: Back in the early sixties, during the development of third
generation computers at MIT, a group of programmers studying the potential of
computers, discovered their ability of performing two or more tasks
simultaneously. Bell Labs, taking notice of this discovery, provided funds for
their developmental scientists to investigate into this new frontier. After
about 2 years of developmental research, they produced an operating system they
called "Unix".
Sixties to Current: During this time Bell Systems installed the Unix system
to provide their computer operators with the ability to multitask so that they
could become more productive, and efficient. One of the systems they put on the
Unix system was called "Elmos". Through Elmos many tasks (i.e. billing,and
installation records) could be done by many people using the same mainframe.
Note: Cosmos is accessed through the Elmos system.
Current: Today, with the development of micro computers, such multitasking
can be achieved by a scaled down version of Unix (but just as powerful).
Microsoft,seeing this development, opted to develop their own Unix like system
for the IBM line of PC/XT's. Their result they called Xenix (pronounced
zee-nicks). Both Unix and Xenix can be easily installed on IBM PC's and offer
the same functions (just 2 different vendors).
Note: Due to the many different versions of Unix (Berkley Unix, Bell System
III, and System V the most popular) many commands following may/may not work. I
have written them in System V routines. Unix/Xenix operating systems will be
considered identical systems below.
How to tell if/if not you are on a Unix system: Unix systems are quite common
systems across the country. Their security appears as such:
Login; (or login;)
password:
When hacking on a Unix system it is best to use lowercase because the Unix
system commands are all done in lower- case.
Login; is a 1-8 character field. It is usually the name (i.e. joe or fred)
of the user, or initials (i.e. j.jones or f.wilson). Hints for login names can
be found trashing the location of the dial-up (use your CN/A to find where the
computer is).
Password: is a 1-8 character password assigned by the sysop or chosen by the
user.
Common default logins
--------------------------
login; Password:
root root,system,etc..
sys sys,system
daemon daemon
uucp uucp
tty tty
test test
unix unix
bin bin
adm adm
who who
learn learn
uuhost uuhost
nuucp nuucp
If you guess a login name and you are not asked for a password, and have
accessed to the system, then you have what is known as a non-gifted account. If
you guess a correct login and pass- word, then you have a user account. And,
if you guess the root password, then you have a "super-user" account. All Unix
systems have the following installed to their system: root, sys, bin, daemon,
uucp, adm
Once you are in the system, you will get a prompt. Common prompts are:
$
%
#
But can be just about anything the sysop or user wants it to be.
Things to do when you are in: Some of the commands that you may want to try
follow below:
who is on (shows who is currently logged on the system.)
write name (name is the person you wish to chat with)
To exit chat mode try ctrl-D.
EOT=End of Transfer.
ls -a (list all files in current directory.)
du -a (checks amount of memory your files use;disk usage)
cd\name (name is the name of the sub-directory you choose)
cd\ (brings your home directory to current use)
cat name (name is a filename either a program or documentation your username
has written)
Most Unix programs are written in the C language or Pascal since Unix is a
programmers' environment.
One of the first things done on the system is print up or capture (in a
buffer) the file containing all user names and accounts. This can be done by
doing the following command:
cat /etc/passwd
If you are successful you will a list of all accounts on the system. It
should look like this:
root:hvnsdcf:0:0:root dir:/:
joe:majdnfd:1:1:Joe Cool:/bin:/bin/joe
hal::1:2:Hal Smith:/bin:/bin/hal
The "root" line tells the following info :
login name=root
hvnsdcf = encrypted password
0 = user group number
0 = user number
root dir = name of user
/ = root directory
In the Joe login, the last part "/bin/joe " tells us which directory is his
home directory (joe) is.
In the "hal" example the login name is followed by 2 colons, that means that
there is no password needed to get in using his name.
Conclusion: I hope that this file will help other novice Unix hackers obtain
access to the Unix/Xenix systems that they may find. There is still wide growth
in the future of Unix, so I hope users will not abuse any systems (Unix or any
others) that they may happen across on their journey across the electronic
highways of America. There is much more to be learned about the Unix system
that I have not covered. They may be found by buying a book on the Unix System
(how I learned) or in the future I may write a part II to this........
AFAIK a part two was never released to this, if you know of one let me know so
I can add it to my collection of old texts... I believe this was a one-off classic
from the 80's though - Ed
@HWA
18.0 Spam is ICQ's latest headache
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And you thought you only had to worry about DoS kiddies? well now
the mass advertising a$$hole$ are after you with spam.
Spam is ICQ's latest headache
By Rose Aguilar
Staff Writer, CNET News.com
March 18, 1999, 12:10 p.m. PT
Most Netizens think of instant messaging software as a quick way to chat with
friends and coworkers.
But as some users of America Online's ICQ chat and instant message client are learning,
the services also can give marketers an easy way to "seek" them.
Unlike spam--most of which usually is left unopened or trashed upon receipt--ICQ's
blinking yellow note, which signals users that a message is waiting, usually is opened
seconds after it appears.
Despite campaigns for new laws to curb junk email, most longtime email users have
come to accept and even tolerate spam. It's almost inevitable with email, but with
ICQ, it's a different story. "I've gotten spam twice. Both times it was an invitation
to visit a porn site. And no, I wouldn't keep using ICQ if spam became a constant
occurrence," one ICQ user told News.com via email.
"I received a URL to visit a porn site and was disgusted. Unlike email, I have no
idea what the message is about, so I'm more inclined, even excited, to open it. I'm
disappointed," wrote another reader, who received her first spam last week after having
used the service since it launched back in 1996.
Ironically, AOL has been one of the most adamant opponents of junk email. It argued in
several successful lawsuits that spam overburdens its network and received court orders
to ban junk emailers from its service. The company also has worked closely with federal
lawmakers to draft legislation targeting spammers.
ICQ's Terms of Service (TOS) says, "By using the ICQ Software and its privacy and
security features, you may be subject to various risks, including among others: Spoofing,
eavesdropping, sniffing, spamming, breaking password, harassment, fraud, and forgery."
ICQ, which has 28 million registered users and was acquired by AOL last June, says it
hasn't received enough complaints to ban the use of spam, but it does give users a
variety of tools to block it.
"If you wanted to set your ICQ universe and limit it to three people, you could," said ICQ
spokeswoman Jeanne Meyer. "You would only hear from those three people and shut the
rest of the universe out."
In order to send a message to someone, ICQ users must add recipients to a contact list.
Spammers can either target specific individuals by typing in their name or email address,
or they can target random users based on their interests, background, affiliation, phone
number, or profession.
Meyers says the best way to block spam is to set your preferences so that a potential
spammer who wants to add you to the contact list must first receive your authorization.
"If you don't do that, anybody could add you to their contact list and monitor you all the
time," said Meyers.
Users also can block individuals or groups of people from sending messages.
But what if ICQ spam becomes more prevalent? Meyers says ICQ will "let members
decide what's right for them."
Since being acquired by AOL, ICQ has become ensnared in other Net content
controversies. Earlier this week, it abruptly pulled a "dirty word" content filtering option
that was pointing users to a list that also barred phrases such as "now.org," the home
page for the National Organization for Women.
Some analysts say that as long as blocking tools are available, ICQ probably won't lose
members.
As for ICQ spam, William Blair equity analyst Abhishek Gami says it was inevitable.
"Look at pop-up ads," he said. "Everyone hated AOL for pop-up ads, but now you can't go
to GeoCities today without seeing a pop-up ad. You close it and move on. It's the price
you pay for a free product."
Even more interesting than porn-related and get-rich-quick spam is the marriage of instant
messages and advertisements, he added.
"[ICQ is] going to find a way to have people opt in to certain merchants or Web sites and
let them know that they're interested in receiving messages in real time," said Gami.
For example, bookseller Barnes & Noble might send out a "50 percent off" sale to a
massive list of ICQ users who opt in. "[If customers] explicitly come to you and say,
'Please bug me.' That's a gold mine waiting to happen."
@HWA
19.0 AOL Cracker busted
~~~~~~~~~~~~~~~~~~
March 19th
From HNN http://www.hackernews.com/
contributed by shadow
Jay Satiro an 18-year old New York resident has been
charged with computer tampering after breaking into the
systems on America Online. AOL has claimed that it will
costs $50,000 to repair the damage done to its data.
AOL spokesmen have refused to give out details in the
case such as how the intruder gained access, how long
he went undetected and exactly what damage was
cause. (Ed Note: Would sure be interesting to know how
they justify that fifty grand figure. How much can it
cost to restore from backup?)
Washington post article:
Teen Accused of Hacking Into AOL
Thursday, March 18, 1999; 8:18 p.m. EST
NEW ROCHELLE, N.Y. (AP) -- An 18-year-old high school dropout
has been charged with computer tampering after hacking into the internal
computers of America Online and altering some programs.
Jay Satiro was arrested and his computer confiscated Wednesday night
after AOL officials contacted authorities. A complaint filed against Satiro
said the teen-ager altered AOL data and programs that would cost about
$50,000 to repair.
AOL spokesman Rich D'Amato refused to give details of what was
altered or how long the intrusion went undetected. He said the intrusion
``really should mean absolutely nothing for America Online members.''
Satiro's mother posted $5,000 bail. He did not return telephone messages
seeking comment Thursday.
``Jay's a genius, but his common sense is a little low,'' said his 15-year-old
brother, Bobby.
First-degree computer tampering carries a maximum sentence of five to
15 years in prison.
© Copyright 1999 The Associated Press
@HWA
20.0 Stolen calling card numbers are big business
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
March 19th
From HNN http://www.hackernews.com/
contributed by Arik
Stolen calling card numbers are big big business racking
up millions of dollars in fraud charges each year.
Criminals are still using the tried and true method of
shoulder surfing and the social engineering of corporate
switchboard operators, but have gone so far as to
electronically break into corporate PBX's to record
calling card numbers automatically. Investigators are
even claiming that organized crime may be involved.
Somehow the journalist who wrote this story figures
that this just must be the work of "Hackers" as he uses
the term through out the story. Activities such as this
would be more appropriately attributed to Phreakers but
I am sure not even they would appreciated being
labeled as criminals. Exactly when did the word 'hacker'
become synonymous with criminal?
Article follows;
http://www.nydailynews.com/1999-03-19/News_and_Views/Crime_File/a-23052.asp
Hot Spot in Phone
Scam Is On Hold
Hustlers who sell black market long-distance calls were lying
low yesterday at least by the pay phones at Broadway
and 50th St. in the wake of a Daily News probe into the
$1.8 billion-a-year stolen calling card number business.
The few regulars working the popular scam site yesterday,
collecting $10 cash for unlimited calls to Africa or Asia, were
more discreet in taking cash hand-offs from customers than before
The News' report.
The 50th St. pay phones are just one of many illicit outdoor calling
bazaars throughout the city in which customers are connected to
friends and relatives overseas at rates far lower than commercially
available.
Thousands of calling cards are stolen monthly, many by skilled
criminal computer hackers.
By William Sherman
Original Publication Date: 03/19/1999
20.1 More 'hackers' hacking GTE (snicker) phone systems for bucks...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More 'Hackers' steal phone service
March 19th
from HNN http://www.hackernews.com/
contributed by Fr3aKy
In Westerfield Center Ohio, an unknown 'hacker' has
gained access to the Westfield Companies 800 number
and rung up over $31,000 in long distance charges. This
article is so full of misleading comments, assumptions,
FUD, stereotypes, and downright inaccuracies I don't
know where to begin. Interesting how the entire article
blames the unknown 'hacker' and not the weak security
on the companies phone system.
Article follows;
Hacker rings up $31,518 in calls
GTE investigates attack on phone system of Medina
County firm
BY DAVID KNOX
Beacon Journal staff writer
WESTFIELD CENTER: A telephone hacker dialing an 800 number
managed to break into the telephone system at the headquarters of Westfield
Companies and rang up $31,518 worth of calls to foreign countries.
The high-tech fraud occurred over the Feb. 6-7 weekend, according to
Medina County Sheriff's Detective Tadd Davis.
Shortly after the break-in, Davis said Westfield officials were notified by
GTE of ``unusual telephone calls being made'' and took steps to block the
intruder.
The company, a 150-year-old regional insurance corporation, alerted the
sheriff on Tuesday after receiving a GTE phone bill that revealed the full
extent of the intrusion.
Scores of phone calls had been charged to the company's account to
countries in every continent of the globe accept Antarctica.
In Asia, calls were placed to Hong Kong, the Philippines, Korea, India,
Pakistan, Bangladesh and Sri Lanka.
In the Middle East, Saudi Arabia and Kuwait were called.
Countries called in Europe included the United Kingdom, Norway and
Croatia.
Africa was represented on the bill by Egypt and Senegal, and South
America by Equador and Peru.
At least one call was placed to Australia.
Davis said that the calls went through Westfield's automated phone system at
all hours of the day and night over the two-day weekend.
The duration of the calls ranged from a few minutes to more than three
hours.
``I couldn't believe it,'' Davis said. ``I've never before dealt with something
this sophisticated.''
Dan Sondles, Westfield's senior vice president for corporate communication,
said the company's phone system had never been broken into before.
Sondles said company officials are working with GTE officials to ensure it
doesn't happen again.
``They are trying to get to the bottom of it, just as we are,'' he said.
Sondles said Westfield officials also are negotiating with GTE over
responsibility for the huge bill.
``I don't know how that will be resolved,'' he said.
Davis said the case may never be solved because the telephone hacker
could have called from anywhere in the nation using the corporation's
toll-free 800 number.
Because hackers can manipulate the computerized global telephone
network, Davis said there often is ``no way to trace back to the person
making the call.''
Joseph Persichini, assistant special agent in charge at the FBI's Cleveland
office, said the problem of hackers breaking into telephone systems has
increased worldwide because of the computerization of the global telephone
system.
``Telephone hacking is computer hacking,'' Persichini said. ``It is not easy to
accomplish . . . It takes perseverance and knowledge.''
Persichini declined to speculate on the purpose of the calls placed through
the Westfield phone system.
Some hackers break into systems just to show off and share their
knowledge on the Internet.
``There are Web sites and groups that pride themselves on their ability to
hack into systems,'' he said.
Another possibility is that the break-in was part of an illegal commercial
scheme.
Persichini said a large corporation such as Westfield Companies ``is a good
target because of the large volume of calls they place and the accessibility of
their 800 number.''
@HWA
21.0 Promail freeware mail agent is really a trojan in disguise
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
News and security advisories from Aeon Labs.
[03.99]
ProMail v1.21, an advanced freeware mail program for Windows 95/98, is a trojan.
It has been spread through several worldwide distribution networks (SimTel.net,
Shareware.com and others) as proml121.zip.
Upon discovering - through LAN sniffing - that the program would attempt to connect
to SMTP instead of POP3 when a regular mail check was performed, we
reverse-engineered the software.
The executable, which appears to have been created with Borland Delphi, has been
packed with Petite (a shareware Win32-EXE compressor) and then "hexed" to make
disassembly harder.
ProMail v1.21 supports multiple mailboxes; every time a new mailbox is created, an
"ini" file containing the users full name, passwords, email addresses, servers and
more is generated.
Prior to doing any other action, the program performs a check for a valid network
connection which, if found, allows for the sending of ALL of the personal user data,
including the user's password in encrypted format, to an account on NetAddress - a
free email provider.
Apart from this "feature", the software is 100 % functional and very well done.
For further information or a more detailed analysis contact us.
mailto:aeon@army.net
@HWA
22.0 Hackers taking toll on web sites ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From http://deseretnews.com/dn/view/0,1249,70002080,00.html?
Hackers taking toll on Web sites
By Steve Fidel
Deseret News staff writer
Businesses hanging out an Internet shingle don't like to make a big deal
of it when their Web site gets hacked. But it happens.
Hackers break in to Web servers just to show they can. Crackers break in
to steal money or information. Political activists, known as "hactivists," plant
political messages or disrupt traffic.
"There is a problem getting good numbers. Financial institutions, health
care they are not going to go public that they were hacked. If they did,
people wouldn't give them their money," said Todd Neilson, applications sales
engineer for US WEST.
In round numbers, the Web security problem cost businesses $6 billion
last year, Neilson estimates. Most of that loss was not the result of corporate
espionage or embezzlement but because of lost productivity from disruptions
hackers caused, he said. "If your server is down for a week because you have
to go in and fix a problem, that ends up costing a lot of money."
Promoting awareness and introducing businesses to some of its products
and business partners are the motives behind a conference on Internet
security US WEST hosted in Salt Lake City Thursday.
Neilson is on the circuit preaching Internet security in the major cities in
US WEST's 14-state territory. He has a professional hacker in the act to
demonstrate the ways Web security shortcomings are exploited.
"A firewall that is 99 percent secure is 100 percent vulnerable," Neilson
said. The biggest problem is finding the technology talent to stay ahead of
the hackers.
"The moral of the conference is: If you think that basic security is good
enough, it really isn't. You really need someone who knows what they're
talking about" engineering a commercial Web site.
@HWA
AD.S ADVERTI$ING. The HWA black market ADVERTISEMENT$.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$$
! !
$ $
! *** IT HAS BEEN FOUR YEARS! *** FREE KEVIN MITNICK NOW!!!! ** !
$ $
! !
$$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$
www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.freekevi
n.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnick.co
m www.2600.com ########################################ww.2600.com www.freeke
vin.com www.kev# Support 2600.com and the Free Kevin #.com www.kevinmitnick.
com www.2600.co# defense fund site, visit it now! . # www.2600.com www.free
kevin.com www.k# FREE KEVIN! #in.com www.kevinmitnic
k.com www.2600.########################################om www.2600.com www.fre
ekevin.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnic
k.com www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.fre
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* www.csoft.net webhosting, shell, unlimited hits bandwidth ... www.csoft.net *
* www.csoft.net www.csoft.net www.csoft.net www.csoft.net www.csoft.net *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.BIZTECHTV.COM/PARSE WEDNESDAYS AT 4:30PM EST, HACK/PHREAK CALL-IN WEBTV *
* JOIN #PARSE FOR LIVE PARTICIPATION IN SHOW CHAT OR THE WEBCHAT, AND WEBBOARD*
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.2600.COM OFF THE HOOK LIVE NETCAST'S TUES SIMULCAST ON WBAI IN NYC @8PM *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
//////////////////////////////////////////////////////////////////////////////
// To place an ad in this section simply type it up and email it to //
// hwa@press,usmc.net, put AD! in the subject header please. - Ed //
//////////////////////////////////////////////////////////////////////////////
@HWA
HA.HA Humour and puzzles ...
~~~~~~~~~~~~~~~~~~~~~~~
"why is a mouse when it spins?"
- Tom Baker
"Thar she blows!"
- Bill Clinton 1998
1) True or false: The lipstick that Monica Lewinski used when servicing
Bill Clinton is constantly out of stock due to demand at the retailers.
This recently came thru from the DC-STUFF list and couldn't go by
without a mention here, as it is quite hilarious;
Date: Fri, 19 Feb 1999 16:48:53 -0700 (MST)
From: Adams <jdadams@ucsub.Colorado.EDU>
Reply-To: Adams <jdadams@ucsub.Colorado.EDU>
To: dc-stuff@dis.org
Subject: Funny as hell crypto-gram
A recent 'cryptogram' (by Bruce Schneier) discusses several psuedo-crypto
companies, their "secure" algorithms, and misimformation...
The complete text can be found at: www.counterpane.com. Check for the
Feb. 15 edition.
Here's a brief protion:
"
Warning Sign #1: Pseudo-mathematical gobbledygook.
In the quote above, notice the "unique in-house developed incremental base
shift algorithm." Does anyone have any idea what that means? Are there
any academic papers that discuss this concept? Long noun chains don't
automatically imply security
Meganet <http://www.meganet.com> has a beauty on their Web site: "The base
of VME is a Virtual Matrix, a matrix of binary values which is infinity in
size in theory and therefore have no redundant value. The data to be
encrypted is compared to the data in the Virtual Matrix. Once a match is
found, a set of pointers that indicate how to navigate inside the Virtual
Matrix is created. That set of pointers (which is worthless unless
pointing to the right Virtual Matrix) is then further encrypted in dozens
other algorithms in different stages to create an avalanche effect. The
result is an encrypted file that even if decrypted is completely
meaningless since the decrypted data is not the actual data but rather a
set of pointers. Considering that each session of VME has a unique
different Virtual Matrix and that the data pattern within the Virtual
Matrix is completely random and non-redundant, there is no way to derive
the data out of the pointer set." This makes no sense, even to an expert.
US Data Security <http://www.usdsi.com> has another beauty: "From a
mathematical point of view, the TTM algorithm is intuitively natural and
less cumbersome to use than methods that are number-theory based."
SuperKrypt <http://www.superkrypt.com/> tries to impress with an acronym:
"SuperKrypt products utilize the DNGT bulk encryption method," whatever
that is. And Cennoid <http://www.cennoid.com> just doesn't understand
what
it's talking about: "Since key length and key structure vary and since the
encryption engine does not use any mathematical algorithms, reverse
engineering is impossible and guessing is not an option."
"
<end>
Heh...heh...
-adams
HA.HA1 Some excerpts from Innerpulse.com ... :-) (-:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Innerpulse takes the local and underground news and adds a touch
(sometimes a bucket full) of humour and twists it around a bit to
make things more interesting (although some stories I swear are
true) its well worth checking out, just try not to drink anything
while browsing this site unless u enjoy having coffee shoot out your
nose ... - Ed
http://www.innerpulse.com/
Local Girl's Website Attacked by 'The Nugget'
Contributed by siko
Friday - March 12, 1999. 06:24PM GMT
It seemed like any other day in the Northeast region of the United States.
But unlike any other day, 'The Nugget' was busy cracking one local girl's
website.
"I went to post some news about myself and .. ", said local girl only known to
Innerpulse as 'Amy', just before bursting into tears. "I didn't even do anything
to The Nugget".
Among the noticable changes to the website, The Nugget made several
character distinctions in which local authorities hope to use to catch the raving
tator.
"We have been able to confirm that this (The) Nugget character likes beer
and hookers, among other things. We also have a rough sketch of (The)
Nugget", said Warren Chief of Police John Scranton.
The young victim has been sent to therapy to relieve stress and damage to her
upstanding reputation.
'cracked site link' -> http://www.drunks.com./~puta
Brazilian hackers ignore Ugly American
Contributed by Shredder Sledder
Wednesday - March 17, 1999. 03:46PM UTC
Furthering his attempt to alienate 95% or more of the entire global
population, John Vranesevich made disparaging comments about a nation of
millions today.
Man on the wire interviews on a larger brazilian IRC network
(irc.brasnet.org) revealed spirited replies to this unprovoked ugliness:
"Who?" rang out 37 times in portugese, a few english, and one spanish reply
as to the name "John Vranesevich" and/or "JP".
When an explanation was provided, along with quoted text, most hackers
responded with random series of keystrokes signifying disgust and thought
provoking wisdom. Translated excerpts include:
"Come to our country and say that, Fag!", "Skinny White Bitch, I have a
BS in Computer Science AND I fucked your sister", "hehehe, I'll bet he's
never seen a topless beach before." & "I don't get it, who did you say he
was?"
Most brazilian hackers quickly ignored the news and went back to discussing
inconsistencies between the portugese distributions of linux and english
versions.
Excerpt of the "actual irc log" ... ;)
GayPee [Anonymous@antijp.com] has joined #hack
jotao: [tSh] === NEWS ===
<GayPee> hi
<jotao> [GayPee] Hey GayPee!
<GayPee> hi
und3r [~uns@pbbgB26YagkM.200.244.84.O] has
joined #hack
<jotao> [GayPee] Hey GayPee!
<GayPee> hola
<und3r> keepah
BRASNET: [Logon News - 18 Fev 1999]
PARABENS!! A BrasNET deu de presente para
seus usuarios e-mail na
forma nick@brasnet.org! Para configurar
isso basta ter um nick registrado e usar o
comando [/msg nickserv set email
seu-email-real]. Todos os nicks sao validos
com exceçao dos que possuem barras (| e \).
Esse eh um servico :inedito
criado apenas para voces, usuarios e amigos
da BrasNET. Aproveitem!!
BRASNET: [Logon News - 08 Mar 1999] Se as
mensagens do NickServ/ChanServ/MemoServ
estao aparecendo
em ingles... e voce quer que apareca em
portugues... digite /msg nickserv set
LANGUAGE 5
und3r [~uns@pbbgB26YagkM.200.244.84.O] has
left #hack (Bye : KVirc 0.6.0 by Szymon
Stefanek <kvirc@tin.it>)
<GayPee> have any of you heard of
antionline.com? anyone here know "John
Vranesevich" or "JP"?
<AcHeR> Blz
<c_orb> GayPee, what is it?
<c_orb> hehe
<c_orb> JP Morgan?
<c_orb> JP = Japan?
<c_orb> hehehe
<chaosmaker> c_orb whois arpa.net
<c_orb> hehehe
<chaosmaker> c_orb whois arpa.net
<analysis> c _ orb : o cara da antionline
<chaosmaker> shimomura
<chaosmaker> domain
<chaosmaker> :D
<analysis> falou varis merda do brasil
***my translation: he says some bad shit
about Brasil***
<c_orb> o q ele disse?
***my translation: What?!@ he dissed us?***
<chaosmaker> humm
<chaosmaker> humm
<GayPee> I apologize for him in advance
<chaosmaker> antionline
<c_orb> falai a pagina
AcHeR [~GoiasEC@tEfvZyqhpMc.200.211.130.O]
has left #hack
chaosmaker> humm
<chaosmaker> www.antionline.com
<c_orb> br tem muito hacko meu
***my translation: Brasil might hack you for
that***
<analysis> whoa, "We even had one "user"
trying to brute force their
<analysis> way into our administration
realm. Needless to say, he was from Brazil,
a
country which is
<analysis> connected to the rest of the
internet via a long piece of yarn with tin
cans
attached to each end."
<analysis> does that guy get into irc?
<GayPee> yes
<GayPee> undernet
<analysis> efnet?
<GayPee> no
<analysis> what chan?
<GayPee> he is too scared of efnet
<GayPee> j00nix
<c_orb> HEHE
<analysis> do cdc and phrack like jp?
<GayPee> deep hate would be my estimate
<analysis> err
analysis> sorry
<analysis> heh
<analysis> jp is dead
<GayPee> Well, he's a little immature to say
the least.
<|WiZarD|> tsk tsk tsk
<analysis> he's gay
CeZiNHa [CeZiNHa@eL3NZdiwdWY.sti.com.br] has
joined #hackers
ChanServ sets mode: +o CeZiNHa
<GayPee> he's a loser with his own website,
nothing new, but most people don't insult
entire
nations with them.
<CeZiNHa> oi :)
<analysis> CeZiNHa : :)
<CeZiNHa> ana: :)
anony is away: (hackeando a geladeira)
[BX-MsgLog On]
<CeZiNHa> ops
<analysis> ana?
<CeZiNHa> analysis: :)
<analysis> oooo
<|WiZarD|> CeZiNHa: oizzz
<analysis> hehe
-=-
2600 Meeting Ends in Tragedy
Contributed by siko
Wednesday - March 10, 1999. 08:41AM GMT
The local 2600 chapter in Hartford, Connecticut, experienced a serious
disagreement late Tuesday night at the Hartford Civic Center, their meeting
place.
"Me and HoBeater were just chillin.. and all of a sudden I heard NetSpud and
TerDberGER having some sort of disagreement", remembers JehriKirlz, who
was an eye witness to a fight that broke out. "Next thing I know, punches are
being thrown".
"How much of an idiot can you be? He claims that Windows98 is nothing but
a waste of hard drive space and that Windows95 is more compact. First of
all, there are too many enhancements in the latest installation of Windows to
overlook. He deserved it", said NetSpud as he was taken away in cuffs.
The disagreement over which version of the popular Microsoft OS led to
what some 2600 members are calling a 'terrible mess'. People passing by at
the local mall remember the incident only as 'fucking hilarious'. Only two
punches were thrown, both by NetSpud, landing blows to left ear and another
to the chin.
"I tried to grab his hair, there is so much of it. I keep telling that punk to cut
his hair. Nooooo it makes him look more hackerish. This is a travesty of
justice. Anyone with a brain knows Windows95 is better than that bloatware
known as Windows98", said TerDberGER, as he was carried away on a
stretcher, broken glasses and all.
Police were called to the scene and immediately settled both parties down,
but the 2600 meeting was cancelled.
HA.HA2 Business at the speed of Drool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Via HNN who funnily enough had Pastydrone's name down as Patsy Drone (!)
which is a joke in itself anyways ... moving right along <bah hahahaha>
sorry..Pasty's a good guy he'll let me off with laughing at that
right Pasty? <wink wink>
http://newstrolls.com/news/dev/diva/diva031599.htm
This is a response to the Time story on Bill Gates's new book where
he prints 12 steps to good business practices... funny stuff - Ed
Business @ the Speed of Drool by Pasty Drone (Newstrolls)
Business @ the Speed of Drool as it Oozes from the
Corner of your Mouth to Your Keyboard as You
Lay Slumped Over your Latest Power Point Slide
Presentation.
(Editor's Note: This is humour. If you can't take a joke, click off.)
Bill Gates has written a book. It is his second book. It is a nice book and it is
called Business @ the Speed of Thought and if you must buy it, at least help
support NewsTrolls by purchasing it through our link.
Time Magazine has an excerpt from the book entitled Bill Gates' New Rules in
which it excerpts the following 12 rules of business according to Bill...I've added
my own little insights to Bill's big ones (all caps). I suggest you read the article
first and then come back here.
1 INSIST THAT COMMUNICATION FLOW THROUGH E-MAIL
Email will never replace the face-to-face. No one who has been petrified by the
company lawyer's fire-and-brimstone-lawsuit-lecture is going to put sensitive info
in an email.
2 STUDY SALES DATA ONLINE TO SHARE INSIGHTS EASILY
Read: Study sales data online so Microsoft can share you insights...via their nifty
ID mechanics...
3 SHIFT KNOWLEDGE WORKERS INTO HIGH-LEVEL THINKING
Poor Bill...he's still deluded that executives actually READ the charts and
worksheets of data...the middle managers are usually too busy creating the next
set of data to analyze an earlier output, and you're lucky if your line employees
have junior college under their belt...
4 USE DIGITAL TOOLS TO CREATE VIRTUAL TEAMS
Sometimes this works (ala NewsTrolls), most times climbing the corporate ladder
results in anti-team work. People compete to prove that THEIR way of using the
digital tools is the best one, and with each new senior mid-management hire,
there's a new set of tools for you to feed your data into while the rest get
chucked.
5 CONVERT EVERY PAPER PROCESS TO A DIGITAL PROCESS
Bill admits they can't even do it at his place (although they got it down to 60).
Some things ARE better left on paper or you're just going to spend MILLIONS
more on programmer bills because you're updating your Intranet every two
seconds (and don't even think you can automate THAT process; users refuse to
look at HTML...)
6 USE DIGITAL TOOLS TO ELIMINATE SINGLE-TASK JOBS
Here's where Bill really makes $$$ off of you. Where before you had your data in
a relatively inocuous Excel spreadsheet, now you also get to try and wrangle the
same data into MS Project, MS Access, and probably embed it in a MS
Powerpoint slide. MS digital tools eliminate Single Task jobs because they
replicate the single tasks into more numerous and time-consuming ones...
7 CREATE A DIGITAL FEEDBACK LOOP
Well, it's more like a digital PLYBACK loop (same data, new MS program).
Here's a neat quote from Bill:
The best projects are those in which people have the customer scenario clearly in
mind...
Let's all remember to really think of MICROSOFT when you think of KEEPING
THE CUSTOMER IN MIND...
8 USE DIGITAL SYSTEMS TO ROUTE CUSTOMER COMPLAINTS
IMMEDIATELY
Honestly I can't believe Bill has the balls to make point #8, but there you go...
And, does ANYONE read those customer complaint emails? Well, ok...maybe if
they're really bizarre... Actually in many instances the people who actually DO
the product design are not native English speakers so having them answer the
mail could be rather amusing...and of course that's assuming your product
designers aren't in Bombay or elsewhere...
9 USE DIGITAL COMMUNICATION TO REDEFINE THE BOUNDARIES
This one could basically be summed up into: Hire more temps (think of the
benefits money you'll save). Oh, and then the kicker:
In the Web work style, employees can push the freedom the Web provides to its
limits.
In other words, GET USED TO the idea that you won't get benefits...
10 TRANSFORM EVERY BUSINESS PROCESS INTO JUST-IN-TIME
DELIVERY
I think Bill meant to say "Barely-There Delivery". Witness Office 2000. And
HEY!...whereas with paper you often turned in deadline documents the morning of
an afternoon deadline, now you can wait up to 2:55 for a 3:00 deadline...that's
progress!
11 USE DIGITAL DELIVERY TO ELIMINATE THE MIDDLE MAN
Ah, now this is clever Bill at his finest...the subtext on this one is: Stock Brokers,
Real Estate Agents...don't be scared!...Put your trust in Bill and through his
products he will allow you to firmly entrench your job so that no one would ever
DARE call spreadsheet-shittin' YOU a "middle man".
12 USE DIGITAL TOOLS TO HELP CUSTOMERS SOLVE PROBLEMS FOR
THEMSELVES
Or, in other words it is better for your customer to get stuck in a phone tree from
hell than to train a human to help them not panic when they see the Windows Blue
Screen of Death.
So let's see Rules 4,6,8,9,11,and 12 all say USE DIGITAL. Rule 7 uses the word
"create", but could just as easily be "use". And what do all the rules tell you dear
reader?
BUY MICROSOFT.
The actual Time story can be found at the following URL or go <koff>
buy Bills book, god knows he needs the cash for an arboritium ...
http://cgi.pathfinder.com/time/reports/gatesbook/gatesbook1.html
HOW.TO "How To Hack" March 1999 -> Part I (Steps 1 to 4)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Intro
~~~~~
This is not coincidentally next to the HA.HA section in the
HWA.hax0r.news zine in fact the name itself is a piss-take on the
"scene" (if you can't take the piss out of yourself you're taking
things way to seriously and won't survive 2 weeks out here) but its
a fact that anyone that puts out a zine like this has to deal with
and thats the endless messages and questions from 'newbies' asking
"HOW DO I HACK xxxx OS?" etc, well here's how you do it. I'll warn
you up front that i'm not going to be gentle and will be fucking
blunt with you, if you don't have the balls fuck off now you're dead
meat and will be minced and made a laughing stock all over the net,
if you think you can handle it then read on, this is an excersize
that is best learned by doing but do it on your own machine if you
try any of these things on someone elses box without any experience
you will end up in jail.
Step 1.
~~~~~~~
If you are not running FreeBSD, or a variation thereof or Linux in
any of its incarnations, the first thing you need to do is either
partition off 400M or so of your home machine for linux (easiest)
or get a scrap 386 from somewhere (unix isn't windows and will
run just fine with 8 or even 4 megs of ram for our purposes) and
install linux or FreeBSD, I prefer BSD but there are more exploits
written for linux. Why? because writing to the raw sockets in linux
is a lot easier than it is in BSD, BSD is closer to *real* unix
than Linux is, when linux first came out it was little more than
a toy shell and was buggy as hell, BSD on the other hand was raped
of its best parts and incorporated into linux, thats why it has one
of the best TCP stacks out there, you can thank BSD for that...NT
also owes its existance to Linux and BSD so by using and learning
one of these OS's you will be set in good stead for hax0ring your
way to stardom. Thats what you want isn't it? if thats the case
this file is NOT for you. Stardom=recognition=fame or infamy=jail
time. Are you ready for jail? no? ok maybe you're reading this for
the humour value or maybe you want to persue or are persuing a
career in security, cool its a fun job isn't it? you get to hack
and you're on the side of the good guys. Ok keep reading...
Step 2
~~~~~~
Locate all the texts you can that pertain to breaking into systems
and locate a good source of exploit code, (aka scripts) you don't
want to become a script kiddie but you do need example code to learn
from and the best code is usually put out with security in mind but
can be bent to 'evil' ends by turning it around and using it to enter
rather than block holes in the system. Some good places to look for
code are www.rootshell.com (they don't keep up to date as much as
they used to since they were rewted by hackers using a hole in SSH
but they still have a good variety of exploit scripts available) for
up to the minute exploit code PacketStorm Security is probably the
best site that you will ever find, they are located on the Genocide2600
servers at http://www.genocide2600.com/~tattooman/ and the site is run
by Ken Williams a key member of EHAP. Proof that ethical hacking does
exist.
Step 3
~~~~~~
Gather up every FAQ and RFC that you can pertaining to networking and
network security, yes this means reading and learning new stuph, if
this sounds like work, well it is... and you better get used to it since
staying on top of the daily exploits is key if you want to make sure that
your system is secure once its on the net. "On the net you ask!?!?" well
of course, we have to get you on the net to try out some of these mad
sploits don't we? unless you have a few machines laying around in which
case we can do some intranet hacking as well.
Step 4
~~~~~~
Set up your network. I will not give you any help with this, I assume
you know how to setup a basic network if you don't then you haven't been
following the steps properly or are plain stupid. Advice: Give up now and
become a grass cutter, we need more of those the lawns around here are
terrible.
Step 5
~~~~~~
Breaking in. This is the bit you've all been waiting for, well guess what
many zines and serials keep users hanging on by posting teasers to keep
people interested, and shit, i'm no different, we'll continue with step
5 IN AN UPCOMING ISSUE.
Cruciphux
P.S "Hacking IRC" is still in progress and will also be continued in a
further issue of the zine its not forgotten or dead by any means. - Ed
@HWA
H.W Hacked websites Marc13th-March20th
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note: The hacked site reports stay, especially with some cool hits by
groups like *H.A.R.P, go get em boyz racism is a mugs game! - Ed
* Hackers Against Racist Propaganda (See issue #7)
Unconfirmed Hack Report:
http://www.cddhcu.gob.mx/ by Moskos Sex Hackers Team
Posted on irc in our channel by Yo_Soy, but the site was down when I
tried to check it out on several occasions... - Ed
Also, direct from HNN's rumours section including disclaimer notice;
http://www.hackernews.com/
March 15th 1999
Disclaimer:
This is the rumour section. Anything posted in this area
may or may not be true. Many people think that just
because something is posted here it is gospel. While
HNN attempts to verify everything on the site we are
not always able to do so. Most thing posted here in the
rumour section are true, however we are unable to
verify them all.
contributed by Anonymous
Cracked
We have recieved reports that the following sites have
been compromised:
http://www.isd.net
http://www.ebay.com
http://www.summercon.org
http://www.bonwell.com
http://www.leute.at
http://www.home-listings.com
http://www.globestf.com/
http://www.stannecu.org/
http://www.directvision.com
http://www.realtimeeng.com
http://www.s-and-h.com
http://www.lemming.com
http://www.tcedge.com
http://www.capitalcom.com
http://www.adwar.com/
http://www.tuldys.com/
http://www.adventuretoursinc.com/
@HWA
_________________________________________________________________________
A.0 APPENDICES
_________________________________________________________________________
A.1 PHACVW, sekurity, security, cyberwar links
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The links are no longer maintained in this file, there is now a
links section on the http://welcome.to/HWA.hax0r.news/ url so check
there for current links etc.
The hack FAQ (The #hack/alt.2600 faq)
http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html
Hacker's Jargon File (The quote file)
http://www.lysator.liu.se/hackdict/split2/main_index.html
International links:(TBC)
~~~~~~~~~~~~~~~~~~~~~~~~~
Foreign correspondants and others please send in news site links that
have security news from foreign countries for inclusion in this list
thanks... - Ed
Netherlands...: http://security.pine.nl/
Russia........: http://www.tsu.ru/~eugene/
Indonesia.....: http://www.k-elektronik.org/index2.html
http://members.xoom.com/neblonica/
Brasil........: http://www.psynet.net/ka0z
http://www.elementais.cjb.net
Got a link for this section? email it to hwa@press.usmc.net and i'll
review it and post it here if it merits it.
@HWA
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
© 1998, 1999 (c) Cruciphux/HWA.hax0r.news
(r) Cruciphux is a trade mark of Hoary Wild Arachnids Inc.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
puzzle answer: TRUE
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
[45:6E:64]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65] 
