Copy Link
Add to Bookmark
Report
Phrack Inc. Volume 05 Issue 46 File 20
==Phrack Magazine==
Volume Five, Issue Forty-Six, File 20 of 28
****************************************************************************
(Cyber Christ Meets Lady Luck Continued)
I don't agree with everything that Gail says, but she is a com
pelling speaker; she believes in what she says. But I do agree
with her on the difficulty of forensic evidence in computer
cases.
"I got really mad," she said. "I was reading a magazine and
there was an ad for United, you know, the employee owned airline.
And it was a beautiful ad, hundred of employees standing in front
of a brand new great big jet. All smiling and happy." Gail then
frowned deeply. "Some stockholder ought to sue them for mislead
ing advertising." This was more like it! Go, Gail! "I started
to look at the picture carefully and I noticed this unmistakably
fat lady in a pink dress. And then over a few persons. . .guess
what? The same fat lady in pink." Roars of laughter and ap
plause.
Her point? What seems real may not be real at all, and with a few
hundred dollars in software and a little practice, most anyone
can build a false reality digitally.
Her time was up but the audience wanted more. She was mobbed for
eternity by hackers who fight her tooth and nail but respect her
comportment enough to make the disagreements lively, partisan,
entertaining, but with respect. Respectful hackers. No HoHoCon
orgies; merely verbal barbs with no solution. Everyone knew that,
but it's the battle that counts.
More security conference should be this open, this honest and
informative, with all kinds of people with all kinds of opinions.
That is how we, and I, learn. Listen and learn. And all for
$5000 no less, plus a paltry $15 entrance fee.
* * * * *
The afternoon sessions were filled with a mixture of anti-govern
ment, pro-privacy advocacy, virus workshops and such by both
under and above ground folks. Padgett Peterson's knowledge of
viruses is deep and he spread the same wisdom as his does in so
called legitimate circles. Knowledge is knowledge, and better
accurate than wrong.
It's often surprising to see how people will voice the same
opinion in varying degree of intensity depending upon their
audience. Mark Aldrich of General Research Corp. in the Washing
ton area made a statement that I doubt I would hear at a ConCon.
"Fear your government that fears your crypto. Use crypto as
a weapon." Sara Gordon's panel discussion on crypto and privacy
and related topics fueled the audience's general anti-fed atti
tude.
"I was bugged by the Feds." "So was I?" "What can we do about
it." "Yeah, they listen in on my phones, too. I can hear the
clicks." Right.
As Mark so succinctly put it, "if the government wants to bug
you, you'll never know. They're that good.". That kind of shut
up the dilettante paranoids in the group, albeit mumbling that
they just knew that they were the victim of one of the 900 or so
court approved wire taps last year. Right. I think Gail was
right: some of you guys are too boring to be believed.
The afternoon edition of the Spot A Fed contest took us on the
run. I actually succombed to their enthusiasm and a general lack
of better judgement and followed a group of 8 or 10 to unmask an
unmarked white van in the parking lot.
"It's the Feds." "How do you know?" "Oh, it's the Feds alright."
"How do you know." "It's a white van and the intelligence serv
ices use white vans." "What are you going to do?" "Bust 'em."
"Bust 'em for what?" "For being Feds."
This motley crew traipsed through the mile long casino, trodding
upon the ugly tartan/paisley carpets so obnoxiously loud a blind
man could cry "Uncle!", into the Hall of Overpriced Shoppes
through the lobby and over to the parking garage. We had to have
$100,000 of surveillance gear in tow:(enough to detect the planet
Pluto fart in b-flat). Radio receivers and eavesdropping equip
ment were courtesy of my pal Mike Peros. The goal was, if this
was a Fed van, we could hear it. I don't think so, but I go for
the ride and a few minutes of reprieve away from the conference
hall.
As we near, the excitement grows among the more paranoid who are
trying to instill their own mental foibles into their companions
and sheer terror in normal old Vegas visitors who have no idea
what they've walked into.
Feds? Not. Surrepticious radio transmissions? Just hotel securi
ty tracking the movements of 8 or 10 paranoids (and one writer
with nothing else to do for a half hour) into a parking garage
which has more cameras than NBC. Feds? Of course not. Don't be
ridiculous.
* * * * *
To say nothing worthwhile occurred until 11PM that evening would
be lying, but this thing, this DefCon II thing, was turning into
what I would have called 25 years ago, a Love-In. The partici
pants were giddy from the event, the camaraderie, the $1 Heinek
ens and the hacking. The Sahara was actually pretty good about
it. Jeff got the conference space for free because he guaranteed
that at least 100 hotel rooms would be booked by "computer en
thusiasts coming to a small computer conference." Little did the
hotel know that half the crowd was too young to drink, too broke
to gamble, and conspicuous enough to ward off legitimate clients.
But a deal's a deal.
The hotel operators went out of their way and allegedly gave the
hackers permission to hack through the PBX in order to provide a
SLPP connection.
"Just put it back the way you found it when you're done," was the
hotel's only and quite reasonable request.
In my day an equivalent event producing an equivalent social non-
drug induced high would have been achieved by tossing a Frisbee
to Grace Slick (Lead singer Jefferson Airplane) and have her
throw it back. We didn't have the kind of technology that today's
rebellious age has. We had the Beatles and Jimi Hendrix, safe
sex (kinda), safe drugs (well, maybe a little safer) and a cause.
But no technology to speak of.
When I was on the publishing staff of the New York City Free
Press in 1968/9 we wrote our anti-establishment diatribes by
hand. By hand! And then we went down to a dark office late at
night to use their typesetting gear when it was idle. It took no
more than a blushing glance around the room to realize that we
impressionable teens were publishing our political extremisms on
equipment courtesy of Al Goldstein and Screw magazine. Now that
was an education.
DefCon II was a Love-In, technology and all.
Come 11PM yet another speaker canceled so I offered to chat to
the crowd for a half hour or so on Van Eck radiation; the emis
sions from CRT's that make video screens readable from a dis
tance. Now this wasn't a fill in at 2PM or anything. Sessions
reconvened at 11PM and I spoke to a full audience who were there
to get a midnight lesson in cellular hacking.
Most above ground types still believe that hacking is an acne-
faced teenager, chigging Jolt Cola, wolfing down pepperoni
pizza and causing Corporate America no end of grief. To a cer
tain extent some of this is true. But hacking is so much more.
As Rop Gongrijjp, editor of Hacktic once told me, "hacking is
disrespect of technology." It's going the extra mile to find out
how things work. Many of the older hackers, those in their early
20's and older, are migrating from the conventional dial-em-up
and break-in hacking image to the fine art of cellular hacking.
How do these things work? What are the frequencies? How can I
customize my phone? How many channels can I scan? The possibil
ities are endless as I soon learned.
Jim and Bill (fake names) asked if I wanted to see a great demo.
Sure! No names, they said. OK. No problem. In one of the
several thousand hotel rooms at the Sahara was a pile of equip
ment to make an under budgeted FBI surveillance team insanely
jealous. There in the middle of the ridiculously filthy room that
no doubt caused the maid to shudder, sat a log periodic antenna
poised atop a strong and highly adjustable photographic-style
tripod. Feeding the antenna was a hunk of coax attached to a
cell phone's antenna jack.
OK, so what's that? Free cell calls? No, much more.
A second cell phone/scanner, an Oki 900 was modified and connect
ed to a laptop computer. (This was the exact modification being
discussed downstairs) Custom software that was freely distrib
uted around DefCon scanned the data from the Oki and displayed
the scanning activity. A pair of speakers then audibly broadcast
the specific conversation. And in Vegas, you can imagine what
was going over the open airwaves!
A half dozen 'kids' sat around enthralled, each begging for his
turn to, as Jim put it, "harass cellular users. Pure and simple.
Harassment. Stomp on the son of a bitch," he laughed, joined in
by the others.
When a 'good' conversation was detected, they entered the channel
into the broadcasting cell phone and spoke. And talk they did.
Essentially they turned 'private' conversations into wide-band
free-for-alls. If they spoke for only a few seconds one or both
of the parties could hear what was being said. If they talked
for too long, the overpowering signal from the antenna would
literally wipe out the chat: the cell switch reacted with an
internal belch and shut down. Stomping, they called it.
For those on the receiving end of the harassment, it must have
sounded like the overbearing voice of God telling Noah how to
build the Ark.
"Noah?"
"Who dat?
"Noah?"
"Who is that?"
What terror lurks in the minds of boys . . .
For those old enough to remember, stomping is no more a stunt
than putting a 500 watt linear power amplifier on a CB radio and
blasting nearby CB's to kingdom come. The truckers used to do it
to 4-wheelers. When the police began monitoring CB channels "to
protect and serve" they became the target of CB stomping. So
what else is new?
I gotta give it to them: these characters designed and built the
software, modified the phones and put it all together and it
works! Not bad on a $3 allowance and a 10th grade education.
Now, I guess what they did may have been sort of illegal, or at
least highly unethical and definitely not nice. But I have to
admit, some of what I witnessed was very, very, funny. I'm not
advocating this kind of activity, but much like Candid Camera
broke into people's lives to capture their reactions, cellular
hacking is similarly amusing. The hacker/phreaks particularly
enjoyed breaking in on fighting couples. (I counted six impend
ing divorces.) Almost without exception the man was in a car and
the lady was at a fixed location; presumably, home.
Him: "Where the hell have you been."
Her: "Nowhere."
Him: "Bullshit.
Her: "Really honey . . ." Defensively.
Him: "Who's with you?" Intense anger.
Hacker: "Don't believe her. She's a whore."
Him: "What was that?"
Her: "What?"
"That voice."
"What voice?"
Hacker: "Me you asshole. Can't you see she's playing you for a
fool."
"I know she is." He agrees.
"What's that honey?"
"I know he's there with you."
"Who?" Incredulous.
"Him . . . whoever you're fucking when I'm at work."
Hacker: "Yeah, it's me."
"Shit! Who the fuck is there?"
"No one!"
"I can hear him, he's there. You're both making fun of me . . ."
Hacker: "She's laughing at you, man."
"No shit. Who the fuck are you?"
Hacker: "The guy who takes care of her when you can't, asshole."
"That's it." Click.
Drug dealers aren't immune to these antics.
"Where's the meet?"
"By the 7/11 on Tropicana."
"You got it?"
"You got the cash?"
"Yeah, dude."
"Be sure you do."
Hacker: "He doesn't have the cash my man. He's gonna rip you
off."
"What?" "What?" Both sides heard the intruder's voice. "Who is
that?"
"What's that about a rip-off?"
"This ain't no rip-off man."
Hacker: "Yes it is. Tell 'em the truth. You gonna take his drugs
and shoot his ass. Right? Tell 'em."
"You gonna rip me off?"
"No, man!"
"Your homeboy says you gonna try and rip me off?"
"What home boy?"
Hacker: "Me, you bozo drug freak. Don't you know that shit can
kill you?"
Click.
Good samaritanism pays off upon occasion.
"Honey, hurry up."
"I'm on the freeway. I'm coming."
Hacker: "He's late. Let's save her ass."
"What was that?" "What did you say honey?"
"He said he was going to save your ass."
"Who did?"
"The guy on the radio." (Technical ignorance abounds.)
Hacker: "Me. You're late and she's scared so we're gonna beat
you there and make her safe."
"Who the hell is that?" "Who?" "The guy with you?" "There's no
one here." "He says he's gonna beat me there and pick you up."
Hacker: "Damn right we are."
"Hey, this is cool. Who's there?"
Hacker: "Cyber Christ talking to you from Silicon Heaven."
"No shit. Really?"
Hacker: "Yeah, (choke, choke,) really."
"What's happening, honey."
"I don't know, for sure. He says it's God."
"God!?!?"
Hacker: "Close enough. Listen, you sound alright. Go get your
woman, man Keep her safe."
"No problem. Uh, thanks."
Click.
Around 4AM, I guess it was, the hacker/phreaks definitely helped
out law enforcement. One end of the conversation was coming from
inside a hotel, maybe even the Sahara. The other from another
cell phone, most likely in the lobby.
"What do you look like?"
"I'm five foot nine, thinning brown hair and 180 pounds I wear
round glasses and . ."
"I get the idea. Where are you now?"
"I'm coming down the elevator now. What do you look like?"
"I'm six foot one in my heels, have long blond spiked hair and
black fishnet stockings."
Hacker: "Don't go man. It's a bust."
"What?" he said.
Hacker: "Don't go, it's a bust. You don't want your name in the
papers, do ya?"
"What the fuck?" she yelled.
"There's a guy who says this is a bust?"
"Bust? What bust?"
Hacker: "That's the clue, man. She's denying it. Of course it's
a bust. Is it worth a night in jail to not get laid?"
"Shit." He whispers not too quietly to another male companion.
"There's some guy on the phone who says it's bust. What should we
do."
Hacker: "I'm telling you man, don't go,"
"This ain't worth it. I'm going back upstairs."
Click.
A couple of hours later the same hooker was overheard talking to
one of her work mates.
"Then this asshole says it's a bust. Cost me $300 in lost busi
ness, shit."
"You, too? Same shit been going on all night long. What the
fuck?"
Wow. And it seems like only this morning that my toilet explod
ed.
* * * * *
So what's a perfectly groomed and slightly rotund 50-something
convicted methamphetamine dealer doing at DefCon II with hundreds
of impressionable teenagers? You might well ask.
So I'll tell you.
Sitting in yet another Saharan hell-hole of a room they unabash
edly market for $55 per night I encountered hackers #1 through #4
and this . . . I immediately thought, elderly gent. He said
nothing and neither did I, thinking that he might have been an
over aged chaperone for delinquent teens or perhaps even an
understanding Fed. But the gallon jugs of whiskey was depleting
itself right before my eyes, as if a straw from Heaven sucked the
manna from its innards. Actually, it was Bootleg.
Not bootleg liquor, mind you, but Bootleg the felonious con from
Oregon. Apparently he got busted 'cause speed is and was against
the law, and crank is not exactly the drug choice of maiden aunts
nor school marms. "I've been a hacker longer than some of these
kids have been alive. It all started back in . . ." and Mike
"Bootleg" Beketic commenced on the first of hundreds of war-story
jail house tales to entertain him and us. Bootleg loves a good
story.
"Jail ain't so bad," he bragged with a huge whiskey smile. "No
one fucked with me. You gotta make friends early on. Then it's
OK." Good advice, I guess. "On parole I got slammed with a year
for piss that didn't pass." Gotta be clean, my man. Stay away
from that shit. It'll kill you and your teeth will rot.
Bootleg handed me form PROB-37, (Rev. 1/94) from the United
States District Court, Federal Probation System. Grins from ear
to ear. A badge of honor for villains, thieves, and scoundrels.
Sounds like they need their own union.
This was the official "Permission To Travel" form dated June 16,
1994 which gave Bootleg the legal right to travel from Oregon to
Las Vegas in the dead of the summer to attend a "computer conven
tion." The flight times were specific as were the conditions of
his freedom. He had to inform the local cops that he was in
town. In case any crimes occurred throughout the city of Las
Vegas during his sojourn, he was an easily identifiable suspect.
While he downed another Jack and coke I found out what Bootleg
was really doing. Despite the fact that the "Federal Keep Track
of a Crook Travel Form" said, "you are prohibited from advertis
ing or selling your DMV CD," the paranoia that runs rampant
through the minds of prison bureaucracy was actually in this case
quite correctly concerned.
"What's a DMV CD?"
"I'm glad you asked." I was set up. The edict said he couldn't
sell or advertise, but there was no provision stating that he
couldn't answer questions from an inquiring mind.
Bootleg handed me a CD ROM:
Bootleg Presents:
DMV
- Over 2 Million Oregon Drivers License Records
- Over 3 Million Oregon License Plate Records
The inside jacket clearly stated that this information was not to
be used by any creatively nefarious types for any sort of person
al Information Warfare tactics. It warns,
Do not use this CD to:
- Make phony Licenses
- Make phony Titles
- Obtain phony I.D.
- Harass Politicians, Cops or Journalists
- Stalk Celebrities
- Get ME in trouble <G>
I can come up with at least 1001 other uses for this collection
of information that the Oregon authorities are none too happy
about. The ones Bootleg outlined never came into my mind.
(Heh!) Bootleg acquired the information legally. State officials
were kind enough to violate the electronic souls of its citizens
by sending Bootleg their driver's information magnetically embla
zoned on a 3600 foot long piece of 9 track acetate. Now they
want to change the law to reflect "heart felt concern for the
privacy of their citizens." Get a clue, or if none's available,
buy one from Vanna.
Bootleg is moving onto the next 47 states (California and New
York don't permit this kind of shenanigans) shortly to make sure
that everyone has equal access. Hacking? Of course. Bootleg
effectively hacked the Oregon DMV with their blessing and tax
payer paid-for assistance.
Time to go back to my room while Bootleg and friends spent an
evening of apparently unsuccessful whoring around the Strip and
Glitter Gulch.
A good time was had by all.
* * * * *
Jeff Moss opened the Sunday morning session with an ominous
sermon.
"You'll notice that the wet bar is missing from the rear?" It
had been there yesterday. Everyone turns around to look. "I
gotta pay for the damage . . . " Jeff was not a happy camper.
"They have my credit card number and it's almost full. So cool
it!" But the show must go on and we had more to learn.
Next. Anonymous mailers on the net? Forget about it. No such
thing. Anonymous remailers, even if they are in Norway or Finland
or some such other country where American information contraband
such as child pornography is legal, are only as safe and secure
as the people who run it
"The FBI can go over any time they want and look up who you are
and what kinds of stuff you swallow down your digital throat,"
one speaker announced. Of course that's ridiculous. The FBI
would have to call in the Boy Scouts or Russian Mafia for that
kind of operation, but we all knew that anyway. A slight slip of
the ad lib tongue. No harm done.
I didn't know, until this Sunday, that there were actually real
live versions of "Pump Up The Volume" running rampant across the
country, impinging their commercial-free low power radio broad
casts into an electromagnetic spectrum owned and operated by the
Federal Communications Commission. And, as to be expected, the
FCC is trying to put these relatively harmless stations out of
business along with Howard Stern and Don Imus. One would think
that WABC or KLAC or any other major market stations would little
care if a podunk 20 watt radio station was squeezing in between
assigned frequencies. And they probably shouldn't. But, as we
learned, the Military lent an innocent hand.
In support of the hobbies of servicemen, a local San Francisco
base commander gave approval for a group of soldiers to establish
a small, low power radio station for the base. Good for morale,
keep the men out of the bars: you know the bit.
But the ballistic missiles went off when the nation's premier
rating service, Arbitron, listed KFREE as a top local station in
the San Francisco market.
"What station KFREE?" "Who the hell are they?" "What the fuck?"
Needless to say, KFREE was costing the legitimate radio stations
money because advertising rates are based upon the number of
listeners not up and peeing during commercials. Since KFREE was
ad-free, no contest. Arbitron assumes the rating to relect the
existence of a real station - the numbers are there - and the
local stations call the FCC and the FCC calls the base and as
quick as you can scream, "Feds suck!" KFREE is off the air.
Stomp.
I was scheduled to speak today, but with the schedule seemingly
slipping forward and backward at random haphazard intervals,
there was no telling when what would occur. Mark Ludwig, of
Virus Writing Contest fame and author of the much touted "Little
Black Book of Computer Viruses" Virus gave a less then impas
sioned speech about the evils of government.
"I know most of you don't have any assets other than your comput
er," Ludwig said to the poverty stricken masses of DefCon II.
"But you will, and you want to make sure the government doesn't
come crashing down around you whenever they want. They can and
will take your life away if it suits them. There is no fourth
amendment. Most search and seizures are illegal." And so it
went.
"Put your money off shore, kids," said Dr. Ludwig the theoretical
physicist. "Find a good friendly country with flexible banking
laws and the Feds can't get you."
"And when the Feds do come for you, make sure that your entire
life is on your computer. Rip up the papers after you scan them
in. Your all-electronic life cannot be penetrated - especially
if you get a case of the forgets. 'Oops, I forgot my password.
Oops! I forgot my encryption key. Oops! I forgot my name.'"
"Even your VISA and Mastercard accounts should be from overseas.
Keep it out of the US and you'll be all the better for it." For
those interested in such alternative, Ludwig recommends that you
call Mark Nestman: of LPP Ltd. at 800-528-0559 or 702-885-2509.
Tell him you want to move your millions of rubbles and dollars
and Cyber-credits overseas for safe keeping because the Byzantine
Police are at the front door as you speak. Order pamphlet 103.
These are the defensive measures we can take protect ourselves
against the emerging Police State. But offensive action is also
called for, he says. "Help Phil Zimmerman. Send him money for
his defense. Then, laugh at the Feds!" Haha, haha. Haha.
Hahahahahaha. Ha!
."When they come to the door, just laugh at them." Haha. Haha
ha. Haha. "No matter what they do, laugh at them." Hahahahaha.
Enough of that, please. If I laugh at 6 husky beer-bellied
Cyber-cops who have an arsenal of handguns pointed at my head,
they might as well send me to the Group W bench to commiserate
with Arlo Guthrie. Peeing would come before laughing. But then
again, I'm no longer a grunged out 20 year old who can laugh in
the face of the Grim Reaper. "Yes, ossifer, sir. I'm a cyber-
crook. I ain't laughing at you in your face, ossifer, sir . . ."
I panic easily. Kissing ass well comes from a life long success
of quid pro quo'ing my way from situation to situation.
"And, now," Master Mark announced, "on to the results and awards
for the Annual Virus Writing contest." Ludwig seemed suddenly
depressed. "Unfortunately, we only got one legitimate entry."
One entry? The media plastered his contest across the media-
waves and the National Computer Security Association was planning
a tactical nuclear response. One entry? What kind of subver
sives have 20 year olds turned into anyway? In my day (Yeah, I'm
old enough to use that phrase) if we called for a political
demonstration thousands would pile through the subway turnstiles
to meet a phalanx of well armed police appropriately attired in
riot gear. One entry? Come on X-Generation, you can do better
than that? No wonder the world's going to shit. Don't have
enough trouble from the young-uns. Sheeeeeeesssh!
Mark Ludwig's politically incorrect virus writing contest may
have been a PR success but it was a business abortion. One
entry. Shit. At the NCSA meeting in Washington, rivaling fac
tions battled over how we as an association should respond.
"Hang the bastard." "He's what's wrong with world." "Put him in
a county jail with Billy-Bob, Jimmy-Ray and Bubba for a week and
they'll be able to squeeze him out between the bars."
C'mon you fools! Ignore him! Ignore him! If you don't like what
he has to say don't egg him on. Ignore him. You want to do what
the Feds did to poor Phil Zimmerman and make him a folk hero?
Turning a non-event into the lead for the evening news is not the
way to make something go away. I loudly advocated that he be
treated as a non-entity if the goal was reduction to obscurity.
I was right.
Super-high priced PR and lobby firms had prepared presentation to
wage an all-out attack on Ludwig and his contest. I bet! And who
was going to pay for this? Peter Tippitt of Semantech ponied up
what I believe amounted to $7,000 to get the pot going. No one
else made a firm offer. Can't blame them cause it would have been
no more effective than taking out an ad in Time proclaiming that
evil is bad. The PR firm would have made their fees, the event
would have made even more news and Ludwig would certainly have
had to make a judgement and choose from more than one entry.
But oddly enough, the one entry did not win.
The winner of the Annual Virus Writing Contest was no less than
Bob Bales, Executive Director of the NCSA. Not that Bob wrote a
program, but if he had, Ludwig said, it would be called either
Don Quixote or Paranoia, and it would be of the human brain at-
tacking Meme type. The virus is a software equivalent of Prozac
to alleviate the suffering in middle-aged males who have no
purpose in life other than virus busting.
"Is Winn Schwartau here?" Mark asked the audience.
I was there. "Yo!"
"Would you tell Bob that he's won a plaque, and a $100 check and
a full year subscription to the Computer Virus Developments
Quarterly." I'm the technology advisor to the NCSA so it was
a natural request to which I was pleased to oblige.
I told Bob about his 15 minutes of fame at DefCon to which he
roared in laughter. "Good! Then I won't have to subscribe my
self."
I spoke next. Jeff introduced me by saying, "Winn says he
doesn't want to speak to an empty room so he's gonna talk now."
Some introduction. But, what a great audience! Better than most
of the security above-ground starched sphincter tight suit and
tie conference audiences I normally get. But then again, I get
paid handsomely to address legitimate audiences where I have to
be politically correct. At DefCon, insulting people was the last
thing I worried about. It was what I focused on, onstage and
off.
"Hey, kid. Did you ever land Zimmerman in bed?"
"You, you, er . . ."
"C'mon kid. Give me your best shot."
"Your mother . . ." A crowd gathered to see what kind of repar
tee this little schnook could come up with. "Your mother .. ."
C'mon kid. You got it in you. C'mon. "You, she is a . . .
uh, . . . mother . . ." and he finally skulked away in sheer
embarrassment. Poor kid. When he went to the men's room, men
walked out. Poor kid. I don't think he ever figured out it was
all a put on.
The audience got it, though. Rather than go over what I rambled
about for an hour, here comes a blatant plug: Go buy my new book
"Information Warfare: Chaos on the Electronic Superhighway."
That'll sum it up real nice and neat. But what a great audience.
Thanks.
Little did I know, though, that I was also on trial.
John Markoff of the New York Times was the first to ask, and then
a couple of buddies asked and then a lady asked during the Q&A
portion of my ad hoc ad lib speech. "How come you did it?" Did
what? "How come you flamed Lenny DeCicco?"
It turns out that someone adapted my electronic identity and
logged on to the WELL in Sausalito, CA and proceeded to post a
deep flame against Lenny. Among other none-too-subtle asper
sions, 'my' posting accused Lenny of a whole string of crimes of
Information Warfare and even out and out theft.
Except, it wasn't me. I answered the lady's question with, "It
wasn't me, I don't know Lenny and I don't have an account on the
WELL." That satisfied everyone except for me. What happened
and why? It seems that Lenny's former partner in crime Most-
Wanted on the lam federal fugitive computer hacker Kevin Mitnick
actually wrote and signed the letter with his initials. Or
someone was spoofing him and me at the same time. But why? And
why me?
It took a couple of days after arriving home from DefCon to learn
after extensive conversations with the WELL that my erased ac
count from almost two years ago and then re-erased on June 20 of
this year was accidentally turned back on by some mysterious
administrative process that I cannot claim to fathom. OK, that's
what they said.
But perhaps most interesting of the entire Getting Spoofed inci
dent was a single comment that Pei Chen, sysop of the WELL said
to me while I complained about how such an awful anti-social
attack was clearly reprehensible. Oh, it's simple, she said.
"We have no security." Whooaaaahhh! The WELL? No security? I
love it. I absolutely love it. Major service provider, no
security. Go get 'em cowboy.
The only other speaker I wanted to see was Peter Beruk, chief
litigator for the Software Publisher's Association. This is the
Big Software Company sponsored organization which attempts to
privately interdict illegal software distribution as a prelude
for both civil and criminal prosecutions. And with this group of
digital anarchists, no less.
The SPA scrounges around 1600 private BBS's to see who's making
illicit copies of Microsoft Word or Quattro For Weanies or
Bulgarian for Bimbos or other legitimate software that the pub
lishers would rather receive their due income from then being
stolen.
"Which boards are you on?"
"That would be telling." Big grin and laughs.
"Is your BBS secure?" A challenge in the making.
"Sure is."
"Is that an offer to see if we can break in?" Challenge made.
"Ahem, cough, cough." Challenge denied.
"What name do you use on the boards?" Idiot question that de
serves an idiot answer.
"Fred." Laughs.
"You mean you have a full time guy to download software from
boards to see if it's legal or not?" "Yup."
"So, you pay people to commit felonies?" Astutely stupid ques
tion.
"We have permission."
"Why should we have to pay rip-off corporations too much money to
use really shitty software?"
"So don't buy it."
"We don't. It's so shitty that it's barely worth stealing."
"So don't steal it."
"Just want to check it out, dude."
"Scum sucking imperialists are making all of the money. The
software designers are getting ripped off by the big software
bureaucracies. Power to the people." Every generation goes
through this naively innocent berating of capitalism. It doesn't
make them Communists (in 1950 it did), just not full fledged
capitalist pigs themselves yet. Soon come. Vis a vis Ludwig's
comment on the asset-deprived audience. Soon come, man.
"We go after BBS's that store illegal software."
"So you're gonna put Compuserve in jail?" Big, big applause.
Despite the openly verbal animosity between the free-ware believ
ers and the Chief Software Cop, the spirited and entertaining
disagreements maintained a healthy good natured tone that well
exceed Peter's time limit, as DefCon II was coming to a close.
It was time for one more stand up comedy attempt by a short haired
bandanna wearing hippie/hacker/phreak who was not quite up to the
job.
"OK, guys. We've had some fun at the Feds expense. They're
people, too. So, from now on, it's Hug a Fed. Go on, find a fed
and go up to him or her and big them a great big bear hug full of
love." The Feds that had been busted were gone. The ones still
successfully undercover weren't about to blow it for a quick feel
from a horny teenager.
Next. The Cliff Stoll doll with an assortment of accessory yo-
yos was a popular item. It was thrown pell-mell into the crowds
who leapt at it with a vengeance like a baseball bleachers sec
tion awaiting the 61st home run.
"There used to be a Wife of Cliff Stoll doll, but no one's seen
it in two years." Cliff is strange. I don't know if he's that
strange, but it was a funny bit.
"Then we have the LoD/MoD action figure set starring Erik Bloo
daxe and Phiber Optik." GI Joe action set gone underground.
Corny, but appreciated as hundreds of bodies dove to catch the
plastic relics tossed from the stage.
If anything, an anti-climatic end to an otherwise highly informa
tive and educational conference. I can hardly wait till next
year when, after word gets out, DefCon III will be attended by
thousands of hackers and cops and narks who will try to replay
the Summer of Cyber-Love '94 for a sequel.
* * * * *
More than anything I wanted to get away from the Sahara. Away
from its nauseatingly chromatic carpets, it's hundreds of sur
veillance cameras, and most of all, away from its exploding
toilets.
We decided to play, and play we did at the new Luxor Hotel which
is an amazing pyramid with 4000+ rooms. There are no elevators as
in a pyramid 'going up' is kind of useless, so Inclinators take
passengers up the 30 some odd floors to hallways which ring
around the impossibly huge hollowed out pyramid shaped atrium.
This was play land. And for three hours we played and played and
went to dumb shows that attract mid-western mamas from Noodnick,
Kentucky, alighting in Vegas for their annual RV pilgrimage. But
we went and enjoyed none the less.
The "Live TV" show was anything but live except for lovely Susan
who hosted us into the ersatz TV station. Her job is to look
pretty, sound pretty and warm up the crowd for an over budget,
overproduced schmaltz driven video projection that was to make us
all feel like we were on stage with Dave. Letterman, that is.
The effect does not work. But we enjoyed ourselves, anyway.
"Everyone here on vacation?"
"No!" I yelled out. Poor Susan was stunned. No? Why else would
you be here?
"What are you doing?" The TV audience of 500 was looking our
way. Between the five of us we had a million dollars (give or
take) of electronic wizardry stuffed around us, beneath us and in
our laps.
"Working." Gee, I'm quick.
"What do you do?" Susan asked with a straight face. I bet she
expected something like gas pumper, or nocturnal mortuary forni
cator or 7/11 clerk.
"We're hacking for Jesus. This is Cyber Christ!" I said pointing
at Erik Bloodaxe.
Silence. Dead silence again. Sleep with Phil Zimmerman silence.
Except for us. We giggled like school boys. Psyche.
"Ah, . . . that's nice." That was all she could come up with:
That's nice. So much for ad libbing or deviating from the
script. But the TV audience enjoyed it. A whole lot. They
finally figured out it was put on. Not every one from the Mid-
West is as stupid as they all pretend to be.
Then it was time to get sick. VR rides do me in, but not to be
publicly humiliated by my 20-something cohorts (and Mike Peros
with whom I had to travel yet another 2000 miles that night) I
jumped right into an F-14 simulator which rotated 360 degrees on
two gimbals for an infinite variety of nauseousness.
"Oh, shit!" I yelled as I propelled myself forward and around and
sideways with sufficient g-force to disgorge even the most delec
table meal. "Oh, shit." I had reversed the throttle and was now
spinning end over end backwards. My inner ear was getting my
stomach sick. "Oh, shit." Out of the corner of my eyes my four
pals were doubled over in laughter. Had I barfed yet and not
known it? God, I hope not. "Oh, shit." I came to a dead stand
still, the video screen showed me plummeting to earth at escape
velocity and I pushed the throttle forward as roughly as I could.
An innate survival instinct came in to play. "Oh, shit!" The
virtual aircraft carrier came into sight and after almost 2
minutes of high speed rotating revulsion, I was expected to land
this spinning F-14 on a thimble in the ocean. Right. I tried,
and damned if I didn't make it. I have no idea how, but I got an
extra 34,000 points for a safe landing. 120 seconds. Ding.
Time's up.
I got out of the simulator and spilled right onto the floor; one
42 year old pile of humanity who had navigated nausea but whose
balance was totally beyond repair. "Could anyone hear me?" I
asked from my knees.
"They were selling tickets."
"Do I get my money back?"
Onto the VR race cars. I really thought I'd throw up to the
amusement of a thousand onlookers. Hacking then phreaking then
flying and now driving. I put the pedal to the metal and
crashed. The huge video display has me tipping end over end and
the screen is shaking and the car I'm driving is shuddering
violently but my brain can't compute it all. I'm gonna wretch, I
just know it. But I keep on driving, decidedly last against
people who haven't been handicapped with an inner ear so sensi
tive I get dizzy when I watch a 5" black and white TV.
We tilted out of there and alas, it was time to find a 200,000
pound of metal to glide me home. It was a damn good thing I hadn't
eaten before VR Land, but I wolfed down $3 hot dogs at the air
port knowing full well that whatever they served on the plane
would be a thousand times worse. So Mike and I munched, leaving
Cyber Christ and friends to battle the press and the stars at the
opening of Planet Hollywood at Caesar's Palace.
And then an unexpected surprise. Lisa and friend; our first class
objects of flirtation from the outbound trip which seemed like a
month ago, appeared. But we were all so wiped out that a conti
nent of innuendo turned into a series of short cat naps. We got
a few flirts in, but nothing to write home about. Red Eye
flights are just not what they're cracked up to be.
As I crawled into bed at something like 7AM Eastern, my wife
awoke enough to ask the perennial wife question. "What did you
do all weekend?" I, in turn, gave her the usual husbandly re
sponse.
"Oh, nothing. Good night, Gracie."
* * * * *
(C) 1994 Winn Schwartau
Winn Schwartau is an information security consultant, lecturer
and, obviously, a writer. Please go buy his new book: "Informa
tion Warfare: Chaos on the Electronic Superhighway." Available at
book stores everywhere. Winn can be reached at: Voice:
813.393.6600 or E-mail: P00506@Psilink.com
