Copy Link
Add to Bookmark
Report

The United Phreakers Incorporated 16

  

-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 1 of 11

Released Date May 23, 1992

Well UPi has finally made its return to the scene. We have gotten back
some of the old members and quite a new ones as well. As you have probably
noticed while you were you downloading it took considerably more time then any
of the previous issues. In the previous issues they only contained one or
possibly two articles, this is issue size has greatly increased over our pre-
vious issues. The file size of the previous issue only ranged from about
20-25k which is quite small, but this is no more, as this issue is
approximately 250k we hope to keep up this quantity and quality of the UPi
magazine while having it much larger than the previous issues.

In this issue you will see many changes we have followed examples of some
of the larger magazines and newsletters out there. Along with adding ideas of
our own, such as the 'busts' cloumn which will cover stories of peoples
unfortunate encounters with the law. Look for the return of The Lost Avenger's
Datapac for Beginners of which he has improved greatly upon. Also in next
future issue we hope to have an article by Black Flag on how to build a device
to modulate the frequency that your voice travels over the phone so you can
make use of loops with voice filters, or whatever other use you might come up
for it. For details on how to get in contact with, become a member, or write a
freelance article for UPi see the end of this issue. Now on with Issue #6!

YOU CAN CONTACT THE EDITORS OF UPI AT

Voice Mail Box: 416-402-0788
Telex:6505271625MCI
MCI Mail: 5271625
Internet E-Mail: tla@maria.wustl.edu


Article Article Name Writer(s) Size
Number
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
6.1 Introduction To UPi Magazine Arch Bishop (2k)
6.2 Card A PBX Arch Bishop (6k)
6.3 A Not-So-Editorial Hardwire (3k)
6.4 ALLIANCE Teleconferencing Services The Lost Avenger (40k)
Boost Business Efficiency
6.5 Anarchy Times Silicon Phreaker (12k)
Last Week Of School
6.6 How To Make A Million Dollars In Your VC Hacker (7k)
Own Basement!
6.7 The Beginner's Guide To Hacking On The Lost Avenger (75k)
On Datapac 1992 Update
6.8 The Lost Avenger/Wiz Kid Bust Black Manta (35k)
The Lost Avenger
Wiz Kid
6.9 UPi Underground Newsline Arch Bishop (69k)
The Lost Avenger
6.10 Member & Site Application Form UPi Editorial Staff (2k)
6.11 Member & Site Listing UPi Editorial Staff (3k)


-------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 2 of 11

________________________________________
| Card A PBX |
| By: Arch Bishop |
|________________________________________|



Have PBX accounts been dry to long in your area? Are you tired of leaving
your hacker on all night and coming up with nothing in the morning. Why not
try an alternative way of acquiring an account, why not card an account?

Materials
~~~~~~~~~~
1 Credit Card Number
1 Drop-Site
1 Newspaper


The credit card is best to get virgin with the all the owners information.
Which can be done by either trashing, or getting a CBI account. If you go
trashing. I would highly recommend Budget Rent-A-Car or some other place where
they would require much information about the customer. At budget the carbons
are full size like a regular piece of paper and contain almost everything you
could possibly want to know about the owner of the card.

You will also need to find a drop-site if you live in a house take a drive
around you neighborhood for houses that are up for sale and not occupied
currently, or if you know someone that is on vacation for a long enough period
of time. Now if you live in an apartment building you can usually just have
the drop-site be another apartment in your building. Most people in apartment
buildings will just put mail that is not for them in the lobby which you can
then easily pickup. You can also try your mailbox key in other peoples
mailbox's they will usually fit more than just yours a friend of mine has a key
that fits 3 other box's besides his own. If you still have not found a place
to mail to you can rent a mailbox very cheaply at most variety stores, also
money marts and they don't tend to care if you use your real information or
not.

After you have your credit card number, and your drop site, start looking
through your local newspaper in the classified section. Look for ad's that
are advertising Private Branch Exchanges, or 'Alternative long distance
carriers' and preferably ones that do not have 1800 numbers because you are
looking for small businesses. If there is more than one ad advertising long
distance carriers, or private branch exchanges, copy all the numbers and names
of the companies down. Then call up the companies and tell them you are
interested in acquiring an account on their system, they will sometimes ask
where you heard about it, if you found it in the paper then just say that.

You should plan what you are going to say before you call, make it sound
good without any "Uhmm" or "Hmm" words in it, which shows that you are thinking
about the answer. Which is always a tip-off that you are up to something, so
try to polish it as much as possible, the main thing is just stay relaxed. You
should integrate the card information with the drop-site information to look
something like this e.g.

[ This is only Sample information and does not represent actual credit card
information. ]

Visa < - Type of Card
George Brown < - Owners Name
4517 288 921 612 715 < - Card Number
08/92 < - Expiration Date
672 Baker St, Hilton. < - Address [Use Drop-Site Address]
L4C2B5 < - Postal Code [Use Drop-Site Postal Code]
419-761-2529 < - Home Phone Number
419-892-1842 < - Work Phone Number
Attorney General < - Place of Employment
General Manager < - Job Position


If you have this information in-front of you while you are calling the
company it should prepare you for any questions they might ask you. If they
throw you a question that you are not expecting answer it to the best of your
ability and don't say "Uhmm" before you answer. You might not have that much
information on the owner of the credit card, the address and postal code are
not really necessary since you replthose with the drop-site address and
postal code anyways. You should have the home phone number but if not just get
a local direct dial VMB and set it up as an answering machine, do the same for
the work number the message should sound something like this. "Hi you have
reached George Brown General Manager at Attorney General please leave a
detailed message about why you are calling and I will get back to you." Some
companies may ask if you want your pin number mailed to you or for them to call
you and tell you your pin number, I have never asked them to phone me but it
might be possible to have them leave the pin number on a voice mailbox if they
thought it was your answering machine. Sometimes it is even possible to do
this without a credit card, depending on how new/stupid the company is. A
friend of mine once called up just to get information from a company offering
long distance service and they started asking him lots of questions then they
asked him for a credit card number. Now this guy had never carded anything in
his life so he just gave them a bogus card number and expiration date, and an
apartment in his building, and they sent the pin number too! Although this
company had only been up and running for two days but seeing as how my friend
rang up a $45 000 bill in a period of 2 months I'm sure its a lesson they won't
forget soon.

Anyways that should be enough information to card yourself an account so
start looking through the classifieds!


------------------------------------------------------------------------------

-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 3 of 11

A Not-So-Editorial by Hardwire

Well the first(?) issue of UPi is here and I've been found lacking!
Originally scheduled for this space was an interview with the FBI about
hackers, phreakers, and pirates (oh my!), but they are NEVER in their office!
I called consistently for the better part of 3 weeks but I always go a message
informing me that regretfully "all agents are currently out of the office" and
not wanting to leave a message I promptly hung up. So our FBI coverage failed
miserably... but wait the CIA handles this stuff to right?? Yup, indeed they
do, but they just wouldn't talk! I ran the interesting channels to get the
number (Hello information? can I have the number for the Central Intelligence
Agency? Thank You) and called them up. I get some air-head with an accent and
she says, "I'm sure someone here can help you... hold on.." I get an interlude
of silence at wich point I'm undoubtably being traced.. and five minutes later
"Hello, what can I do for you sir?"

Hwire:I'm doing a school project on computer crimes, methods, and punishments
I was wondering if I could ask you a few questions...
CIA:Well I'm not too sure if I can help but sure
Hwire:OK,thanks, uhhmmm... what are some of the more typical methods used
by yourselves for catching computer hackers?
CIA:That's a really good question, but I'm afraid we can't tell you, most of
our information isn't available for public access.
Hwire:Can you tell me some of the most common things that trip up computer
criminals?
CIA:Actually you know who deals more with hackers and such? the FBI...
Hwire:Really?
CIA:Yes, you should try calling them.
Hwire:Oh, ok thanks <CLICK>

All of this took place in the space of three minutes... enough time to trace
and get rid of me no doubt... Now to me this seems like a little bit of a
violation to our freedom of information. Granted Canada's Bill of rights may
differ slightly, it still guarantees freedom of information. So I call and get
the boot, this from a branch of the government belonging to "The Education"
President, I was denied a chance to aid my education (like I care hahahaha) So
I figure maybe it just wasn't meant to be, All us phreakers/hackers/ anarchists
and even pirates are destined to charge blindly ahead heedless of what may
become of us.


------------------------------------------------------------------------------

-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 4 of 11

ALLIANCE Teleconferencing Services Boost Business Efficiency

By The Lost Avenger


Editor's Note: OK, guys I found this article in a magazine in my school's
library called AT&T Technology. The article is from an old magazine but it
interesting because it explains how AT&T ALLIANCE Teleconferences work when you
are called by someone who set up one or when you try to set up one yourself.
Hope you guys learn a lot about AT&T ALLIANCE Teleconferences from this file.

Audio and audiographics teleconferencing can help business raise
productivity, save time, and reduce travel expenses. For over 25 years AT&T
has offered Operator Handled Conference Service, which allows operators to set
up conference calls. Recently AT&T introduced new state-of-the-art
conferencing services: ALLIANCE 1000/2000/3000 Teleconferencing Services and
ALLIANCE Dedicated Teleconferencing Service (ADTS). The former is a public
conferencing service that, for the first time, allows anyone with a touch-tone
phone to set up his or her own audio or audiographics conference calls. The
use of digital technology gives conferees the same high quality, full-duplex
connections they'd normally get with one-to-one phone calls.

ADTS, on the other hand, uses analog technology and also provides
exceptional audio quality. ADTS is dedicated to one customer whose attendants
control connections from a terminal on their premises. ADTS also can connect
to such AT&T services as the long-distance network, WATS, and 800 Service.
This article describes the customer advantages, design rationale, technology,
and applications of these state-of-the-art services.

Teleconferencing is changing the ways we manage our business. It lets us
attend meetings wherever a touch-tone phone is available. By means of a
variety of telephone, terminals, and networks, teleconferencing enable more
people to get involved in making or influencing decisions - and making them
faster. Teleconferencing also results in better planned and shorter meetings,
reduced travel expenses improved relations between business locations and,
above all, significant improvements in management efficiency.

AT&T now offers two new state-of-the-art multipoint conferencing services -
in additional to the long-standing Operator Handled Conferencing Service (OHCS)
- that are easy to use, provide a high-quality connection with good speech
volume levels from all locations, permit users to interact fully, are very
reliable, and are low in cost.

The first service, ALLIANCE Teleconferencing, is available to everyone in
the United States via any touch-tone phone. The originator of the calls must
be in the United States, but calls can be made to conferees that can be reached
by international direct distance dialing (DDD). Users can set up their own
conference calls, with up to 58 other parties, or have an attendant set them
up.

The second service is call ALLIANCE Dedicated Teleconferencing Service
(ADTS). With ADTS each bridge (24 to 56 ports - or parties - per bridge) is
dedicated to one customer. (A bridge is an electronic device that connects
many conferencing transmission paths.) AT&T expects that heavy users with
users large volumes of teleconferencing will prefer this feature-rich services.
The bridge is located in the AT&T network; however, the customer controls it
remotely via dedicated voice and data lines and a computer terminal such as an
AT&T 5420, a PC 6300, or equivalent.

AT&T original audio teleconferencing service, OHCS has been meeting the
teleconferencing needs of customers for over 25 years. It appeals to those who
prefer the convenience of place a single call to an AT&T conference operator.
The operator then sets up and controls the call based on the customer's needs
and instructions. OHCS currently uses the same state-of-the-art technology as
ADTS

The bridges for all services are on AT&T premises and are connected high in
the network hierarchy, providing significant transmission advantages over
customer-premises or local phone-company based bridges. (See figure 1.) The
primary advantage of this elimination of the added noise and transmission loss
caused by signals going back and forth to the network, as would happen with a
customer-premises based bridge.

Other advantages of having the bridge located in an AT&T central office are
high reliability, battery back up, prompt repairs, and no need for customers to
allocate their floor space for equipment.



ALLIANCE TELECONFERENCING SERVICE

This service permits anyone with a touch-tone phone and access to the AT&T
public switched network to make ALLIANCE Teleconferencing calls. The
connections are superior to any alternative, and automatic gain control, echo
cancellation, and noise suppression make the conference calls sound as good as
conventional two-party calls. Other features include:

o User setup and control or set-up by an attendant and control by the
user.

o Conference setup guided by computer-stored voice prompts with dialing
possible during most of the announcements.

o Ability to include both domestic and IDDD parties on the conference.

o Full-duplex digital voice conferencing, which allows all conferees to
speak and be heard simultaneously.

o Unique tones to identify parties added to or dropped from the
conference.

The service is being offered as ALLIANCE 1000 for audio, as ALLIANCE 2000
for voiceband-data graphics, and ALLIANCE 3000 for digital-protocol graphics at
4.8 kilobits per second (kb/s), with 56 kb/s planned for the future.

ALLIANCE 1000 Service

Users establish conference calls by dialing 0-700-456-1000. If access
isn't available via the 700 number - because of an intervening independent
phone company - the conferee can dial 1-800-544-6363. This will get an
operator who will initiate the conference; that is, dial the bridge to connect
the caller to it. For an additional charge the operator will set up the call
by calling all the conferees.

If most of the conferees are clustered in one area, charges can be reduced
by dialing 0-700-456-100X to reach a specific bridge location. The X = 1 for
Reno; 2 for Chicago; 3 for White Plains, NY; 4 for Dallas. (See Billing
Information at the end of this file.)

An example of the regular use of ALLIANCE 1000 service is the daily
teleconference held by the operations department of a major trunk airline. At
9 a.m., ten domestic and five European operations locations are bridged to
discuss the previous day's performance, cancellations, departure delays, load
factors, and to establish the causes of problems and plan corrective action.
This immediate feedback allows all parties to be aware of the circumstances
affecting each operations center and to talk about items of mutual, immediate
interest that would be impossible to discuss with any other kind of meeting.

An example of a unique (but infrequent) applications of ALLIANCE 1000
service was its use by the board of directors of a major manufacturer that was
the target of a hostile takeover bid. As developments unfolded, quick-response
decisions by the board were required. Even though the directors were
geographically dispersed, ALLIANCE teleconferencing allowed immediate
discussion in an environment that reasonably approximated an across-the-table
meeting. This was due to the high-quality, full-duplex transmission offered by
the ALLIANCE bridge.

ALLIANCE 2000 Service

This service is intended for conferencing data terminals. It uses the same
equipment as ALLIANCE 1000 service. But unlike that service, ALLIANCE 2000
allows only one conferee to transmit at a time so that data won't be scrambled.
The service would be used for conferencing non-protocol voiceband data/graphics
devices such as AT&T's PC Conferencing system using the OVERVIEW scanner with
SCANWARE software, the Gemini 100 Electronic Blackboard System or freeze-frame
video equipment. The dialing codes are 0-700-456-2000 for the nearest bridge,
or 0-700-456-200X for a particular bridge location.

An ALLIANCE 2000 service application is the weekly production meeting of a
division of an automobile manufacturer. A concurrent audio and graphics
conference is established among the six plant locations in the midwest. Formal
presentations are made by each plant location and the graphics (charts, PERT
diagrams, graphs) at the presenting location are shown to all other locations
simultaneously.

ALLIANCE 3000 Service

This service allows high-quality graphics conferencing at 4.8 kb/s using
terminals that provide the CCITT Telematic Services Protocol (previously the
Group 4 Facsimile Protocol.) ALLIANCE 3000 connections to Accunet Switched 56
service are planned for the future.

Initially the only bridge location will be Chicago. Separate bridge
conference leg connections are required for the audio and graphics portions of
ALLIANCE 3000 audiographics conference calls. Both are established and
controlled from one touch-tone phone.

Using ALLIANCE 3000 service, a large manufacturer will have the ability to
bridge PC workstations at the headquarters, computer design center, and
manufacturing locations to review computer-aided design images developed by the
deign center. Engineers, designers, and marketers will have the ability to
view, comment on, and modify these images on an interactive, real-time basis.
Using scanning devices, people at workstations at up to 59 locations also can
view the actual parts.



BEHIND THE SCENES

All ALLIANCE bridging and control equipment is located in the Network
Services Complex - NSCX. (See figure 2.) The NSCX is located with and
connected to selected 4ESS switches (toll) via five T1 transmission lines and
two signaling links that carry, respectively, the conference connections and
signaling.

A user establishes a conference call by dialing 0-700-456-1000. (See
figure 3.) The "0" prefix routes the call via the end office to the AT&T
Traffic Service Position System (TSPS), which recognizes the 700 + 456 numbers
as a request for ALLIANCE Teleconferencing service. The "0" prefix is ignored
and the call is handled without an operator. After the TSPS obtains the
originating line number via automatic number ID, or operator number ID, the
TSPS performs a six-digit translation of 700 + 456 to 800-XXX. The 800-XXX is
prefixed to the original line number and outpulsed to the office serving the
TSPS.

This number will then be sent to a WATS originating screening office that
accesses a data base to derive the telephone number of the ALLIANCE bridge.
The bridge number and calling number ID are sent to the toll office, and the
connection is then established to the bridge in the NSCX. The TSPS will screen
out switchhook flashes for operator service or requests for service from either
coin phones or hotels since billing can't be done.

Under control of the NSCX processor, the announcement system welcomes the
originator/controller and asks the person how many conference ports are
required. It then connects a register and waits for touch-tone digits. The
person then touch-tone dials the number of total conference ports required,
including one for him or herself.

The announcement system verifies the number of ports and then gives
instructions on how to dial all conference locations. Through a sequence of
dialing and announcements, the conference is established and the parties are
added to a common time-slot connection on the audio (Type I) bridge. (See
The ALLIANCE 1000/2000 (Type I) bridge at the end of this file.) All
connections from the bridge are established over the five T1 lines to the 4ESS
switch and out into the network.



DEDICATED TELECONFERENCING SERVICE

ALLIANCE Dedicated Teleconferencing Service (ADTS) provides high-quality
audio teleconferencing to large customers. The service is provided by
dedicating an entire bridge to one customer. Its features complement other
AT&T teleconferencing services, such as Operator Handled Conferencing Service
and ALLIANCE 1000, 2000, and 3000 Teleconferencing Services. ADTS is intended
for customers with 30 or more teleconferences per month, or whose
teleconferencing needs can best be accommodated by the many special ADTS
features.

ADTS is now provided by the microprocessor controlled, remotely
programmable conference arranger, which is located in an AT&T central office.
The many ADTS features are under direct control of the customer's attendants.
Each of up to three independent attendant positions uses both a voice and data
connection, via private lines to the ADTS, to control the 24 to 56 conferee
ports.

The port capacity can be installed in increments of eight ports, based on
customer needs. Conference ports are assigned in any order on an individual
port basis based on the connection arrangement for each. Half the ports, for
example, may be designated for AT&T 800 Service while the other half are
designated for AT&T Long Distance service. ADTS provides domestic and
international teleconferencing capabilities in a variety of modes that are
under total customer control. These include:

o Blast-up preset conferences. In these conferences, ADTS dials all
conferees at the same time. When people answer they're first
connected to a voice announcement and then are added to the
conference.

o Attendant assisted preset conferences, where the attendant adds one
party at a time.

o Meet-me conferences. The attendant reserves these, and all
conferees are required to call into the conference directly on an
assigned phone number at the designated time. Once the ADTS voice
announcement responds, each conferee must enter a security code to
join the conference.

o Combinations of the above conferences are possible.

o Conference ports can be assigned in any order on a port-by-port basis.
Based on the customer's desire, however, some ports may be committed
to special connections, such as normal DDD, WATS, 800 Service, or
private line.

o Unique voice announcement capability, with six system announcements,
such as "Please enter you touch-tone code for your conference," or
"Please hold for your ADTS call."

o The ability to connect private-line circuits to message (DDD) lines.

o An attendant's directory of 1500 names and phone numbers.

o Up to 100 preset conferences of any size (up to the 56-port capacity)
that the attendant can recall and set up quickly.

o Conferees may be added or dropped, and can be placed in interactive or
listen only mode.

o Conferences may be divided into subconferences and then recombined
later under attendant control.

The ADTS has the technical ability to operate with other switching
arrangements such as the Common-Control Switching Arrangement (CCSA) and
Enhanced Private Switched Communication Service (EPSCS) switches, and 4ESS
switches. (See Figure 5.)

ADTS Operation

The customer's attendant puts conference information into the ADTS with a
data terminal that's connected by a private data channel. (See Figure 6.) The
attendant controls the conference directly, and call processing functions, such
as dialing and call supervision, and performed by the ADTS microprocessor.

Conversations between the attendant and the conferees and carried on a
dedicated private-line phone that's connected directly to the same ADTS
attendant port circuit as the private-line data channel.

High-quality audio is achieved with a four-wire transmission path and a
level-compensating circuit that reduces noise, cancels echos, and automatically
controls gain. Analog data-bridging transmission is possible at up to 4.8 kb/s

Customized Applications

Each ADTS bridge is installed in the AT&T office nearest to the customer's
switching network for connections to CCSA, Centrex, EPSCS or some other
company-based switching system. In the case of DDD, WATS, or 800 Service, the
bridge is generally put in the 4ESS switch office nearest to the customer's
attendants.

Other customer alternatives included placing the bridge nearest the point
of the largest number of conferees or at a location where time-of-day discounts
have a significant impact on the conference leg charges.

ADTS In Action

One ADTS application is in a New York City stock brokerage office that
makes heavy use of a 56-port ADTS bridge that's also in the city. Bridge
connections permit use of WATS, 800 Service, as well as Message
Telecommunications Service (MTS) connections for normal teleconferencing
involving combinations of Meet-Me and Preset conferences. In addition, the
customer has a twelve-location private-line network that's used during trading
hours.

The network has open microphones that allow people to talk at any time
without having to dial a number or push a button. By connecting the
private-line network to ADTS, the customer easily can add parties. The
attendant does not receive any signaling information from the private-line
networks; therefore, specific time arrangements have to be made to insure that
the additional conferees are added and dropped at the correct time.

Another ADTS applications is for a business customer that does a lot of
teletraining. The customer has a 56-port bridge connected directly to the 4ESS
switch where all connections are MTS. This customer uses the preset conference
blast-up feature for virtually all of its conferences. All conferees are
automatically called at the scheduled time and asked to please stand by for
their conference call.



A LOOK AHEAD

Reservations and Meet-Me enrichments were made available with ALLIANCE 1000
and 2000 teleconferencing service in late 1987. (Tariffs became effective in
December, 1987). This will permit customers to reserve their conference
facilities up to two months in advance. Using Meet-Me, the conference host may
have conferees dial directly into the conference using special access numbers
supplied when the Meet-Me reservation is made.

The host also may call the conferees directly from the bridge and add them
to the conference. Other Meet-Me options include screening of each conferee by
a customer-provided attendant; the ability for conferees to call from hotels,
motels, or coin phones; and shared billing of transport costs.

Multimedia PC-based terminals (these include a PC, phone, modem, and a
high-speed digital interface) will open a wide range of conferencing,
applications for businesses, allowing them to use any combination of voice,
data, graphics, and video. It is anticipated that these terminals will be
equipped with Automatic Machine Interface, which will permit totally automatic
conference setup.

Conference control and status information will be transmitted over a
separate Integrated Services Digital Network (ISDN) signaling channel, thereby
improving throughput for data, graphics, and video. This will also greatly
enhance the management of a teleconferencing call by allowing the use of
terminals that display the status of each location participating in the
conference.

The development of and adherence to international standards will ensure a
truly multinational capability for the full spectrum of network and conference
services in the relatively near future. As price and performance improve for
both network access and terminal equipment, it is also anticipated that
applications will be expanded to meet the needs of residential customers.



FIGURE 1: Losses

Transmission differences between network bridges and customer-premises
bridges: (A) normal two-party DDD call, (B) conferencing call using a
customer-premises bridge, and (C) conference call using a network bridge such
as ALLIANCE. Network bridging has a significant transmission advantages over
customer-premises bridges.

A: Normal Two-Party DDD call.

ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3Station 3 3End 3 3AT&T 3 3End 3 3Station 3
31 3 3Office 3 3Network 3 3Office 3 32 3
3 CDD4 CDD4 CDD4 CDD4 3
3 3 3 3 3 3 3 3 3 3
3 3 3 3 3 3 3 3 3 3
@DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY

Loss from Station 1 to Station 2 = 14dB.


B: Conference call using a customer-premises bridge.

ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
AT&T Network 3Switching 3 3End 3 3Station 3
3Point 3 3Office 3 31 3
ZDDDDDDDD4 CDD4 CDD4 3
3 3 3 3 3 3 3
3 3 3 3 3 3 3
3 @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY
ZDDDDDADDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
34ESS 3 3Switching 3 3End 3 3Station 3
3Switch 3 3Point 3 3Office 3 32 3
3 CDD4 CDD4 CDD4 3
3 3 3 3 3 3 3 3
3 3 3 3 3 3 3 3
@DDDDBBBBDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY
3333 ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
333@DDDDDD4Switching 3 3End 3 3Station 3
33@DDDDDDD4Point 3 3Office 3 33 3
3@DDDDDDDD4 CDD4 CDD4 3
@DDDDDDDDD4 3 3 3 3 3
3 3 3 3 3 3
@DDDDBBBDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY
ZDDDDDDDDDDD? ZDDDDAAADDDD?
3Customer- 3 3End 3
3Premises CDD4Office 3
3Bridge CDD4 3
3 CDD4 3
3 3 3 3
@DDDDDDDDDDDY @DDDDDDDDDDDY

Losses: 1 to 2, 2 to 3, 1 to 3 = 28dB.


C: Conference call using ALLIANCE bridging service.

ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
AT&T Network 3Switching 3 3End 3 3Station 3
3Point 3 3Office 3 31 3
ZDDDDDDDD4 CDD4 CDD4 3
3 3 3 3 3 3 3
3 3 3 3 3 3 3
3 @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY
ZDDDDDDDDDDD? ZDDDDDADDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3ALLIANCE 3 34ESS 3 3Switching 3 3End 3 3Station 3
3Bridge CDD4Switch 3 3Point 3 3Office 3 32 3
3 CDD4 CDD4 CDD4 CDD4 3
3 CDD4 3 3 3 3 3 3 3
3 3 3 3 3 3 3 3 3 3
@DDDDDDDDDDDY @DDDDDBDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY
3 ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3 3Switching 3 3End 3 3Station 3
3 3Point 3 3Office 3 33 3
@DDDDDDDD4 CDD4 CDD4 3
3 3 3 3 3 3
3 3 3 3 3 3
@DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY

Losses: 1 to 2, 2 to 3, 1 to 3 = 14dB.



FIGURE 2: Network Services Complex

The Network Services Complex (NSCX) is the heart of ALLIANCE
teleconferencing, providing control, announcements, tones and bridging (both
audio and graphics).

3 ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3 3Signaling 3 3Main 3 3Micro- 3
3 3Terminal 3 3Processor 3 3Processor 3
CDDDDDDDDDDDD4 CDD4 CDD4 CDDDDD?
CDDDDDDDDDDDD4 3 3 3 3 3 3Serial
3 3 3 3 3 3 3 3Control
To 3 @DDDDDDDDDDDY @DDDDDDDDDDDY @DDDDDDDDDDDY 3Bus
3 3
Host 3 3
3 3
Switch3 ZDDDDDDDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD? 3
3 T1 Lines 3DS1 3 3Time Slot 3 3Announce- 3 3
CDDDDDDDDDDDD4Interface 3 3Interchange3 3ment 3 3
CDDDDDDDDDDDD4 CDD4Unit CDDBDD4System CDD4
CDDDDDDDDDDDD4 3 3 3 3 3 3 3
CDDDDDDDDDDDD4 3 3 3 3 3 3 3
3 @DDDDDDDDDDDY @DDDDDDDDDDDY 3 @DDDDDDDDDDDY 3
3 ZDDDDDDDDDDD? 3
3 3Tone 3 3
3 3Receiver 3 3
CDD4Bridge CDD4
3 3 3 3
3 3 3 3
3 @DDDDDDDDDDDY 3
3 ZDDDDDDDDDDD? 3
3 3Type I 3 3
3 3Bridge 3 3
CDD4 CDD4
3 3 3 3
Time3 3 3 3
Multiplexed3 @DDDDDDDDDDDY 3
Data Bus3 ZDDDDDDDDDDD? 3
3 3Type II 3 3
3 3Bridge 3 3
@DD4 CDDY
3 3
3 3
@DDDDDDDDDDDY



FIGURE 3: Call Setup

ALLIANCE calls use TSPS for Automatic Number Identification (ANI) and the
800 database to get the Network Services Complex (NTSX). All parties are
connected to the NSCX bridge and out into the network via the serving AT&T 4ESS
Switch.

ZDDDDDDDDDDD?
3Database 3
3 3 ANI = Automatic Number Identification
3 3
3 3 ONI = Operator Number Identification
3 3
@DDDDBDDDDDDY
ZDDDDADDDDDD? ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3Signal 3 34ESS 3 3Network 3
3Transfer 3 3Switch 3 3Services 3
3Point CDDDDDDDD?ZDDDDDDD4Office CDD4Complex 3
3 3 33 3 3 3 3
3 3 33 3 3 3 3
@DDDDDDDDDDDY ZDDDDDAADDDD? @DDDDDDDDDDDY @DDDDDDDDDDDY
3Originating3
3Screening 3
3Office 3
3 3
ZDDDDDDDDDDD? 3 3
3Traffic 3 @DDDDDBDDDDDY
3Services 3ADDS 3
3Position CDDDDDDD>3
3System 3ANI/ONI 3
3 3 ZDDDDDADDDDD? ZDDDDDDDDDDD?
@DDDDDDDDDDDY 3End 3 3Station 3
3Office 3 0-700-456-1000 3 3
3 CDDDDDDDDDDDDDDDD4 3
3 3 3 3
3 3 3 3
@DDDDDDDDDDDY @DDDDDDDDDDDY



FIGURE 4: Type I Bridge

Type I bridge permits a fully interactive multipoint audio connection.
This bridge provides for noise suppression, automatic gain control, and echo
control.

To Main
Processor
ZDDDDDDDDDDD?
3Control 3
3Interface 3 Control ZDDDDDDDDDDD?
<DDDDD4 CDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD? 3Level 3
3 3 Data 3 3Control 3
3 3 ZDDDDDDDDDDDDDBDDDDDDDDDDDDDDEDDDDDDDDD4 3
@DDDDDDDDDDDY 3 3 3 3 3
ZDDDDDDDDDDD? ZDDDDDADDDDD? ZDDDDADDDDDD? ZDDDDADDDDDD? 3 3
3Data 3 3Echo 3 3Speech 3 3Bridge 3 @DDDDDBDDDDDY
3Interface 3 3Canceler 3 3Detector 3 3Processor CDDDDDDDDY
<DDDDD4 CDD4 3 3 3 3 3
3 3 3 3 3 3 3 CDDDDDDDD?
3 3 3 3 3 3 3 3 ZDDDDDADDDDD?
@DDDDDBDDDDDY @DDDDDBDDDDDY @DDDDDBDDDDDY @DDDDDBDDDDDY 3Conference 3
To Time-Slot3 3 3 3 3Summation 3
Interchange @DDDDDDDDDDDDDDADDDDDDDDDDDDDDADDDDDDDDDDDDDDADDDDDDDD4 3
Unit 3 3
3 3
@DDDDDDDDDDDY



FIGURE 5: ADTS Connection Options

This customer-dedicated network bridge is located in the AT&T central
office with the 4ESS switch. Direct bridge connections to the switch are
possible for completing and receiving MTS, WATS, and 800 calls. Other possible
connections include other networks, class-5 end offices, and private networks.

ZDDDDDDDDDDD? ZDDDDDDDDDDD?1 ZDDDDDDDDDDD? ZDDDDDDDDDDD?
3Attendant 3 3ALLIANCE 3<D>3D4 CD44ESS 3
Voice3 31 3Dedicated 32 3Channel CD4Switch 3
DDDDD4 CDD4Telecon- 3<D>3Bank CD4 3
DDDDD4 3 3ferencing 3 3 CD4 3
Data 3 3 3Service 3<D>3 CD4 3
@DDDDDDDDDDDY 3 3 @DDDDDDDDDDDY 3 3
To Customer 2 3 3 CDDDDDDDDDDD4 ZDDDDDDDDDDD?
Premises Via DDDDDD4 CDD> To Other 3 MTS3<D>3AT&T 3
2001 And 3001 3 3 CDD> Networks CDDDDDDDDDDD4 3Network 3
Private Lines DDDDDD4 CDD> CCSA, EPSCS, 3 WATSCDD>3 3
3 3 CTX CDDDDDDDDDDD4 3 3
3 3 3800 Service3<DD4 3
3 CDD> Private @DDDDDDDDDDDY @DDDDDDDDDDDY
3 3 Line
3 3
3 CDD> To End
3 CDD> Office
3 CDD> (Class 5)
3 3
@DDDDDDDDDDDY56

CCSA = Common Control Switching Arrangement
EPSCS = Enhanced Private-Switched Communications Service
CTX = Centrex
MTS = Message Telecommunications Service



FIGURE 6: ADTS Dedicated Attendant Connections

Each attendant position requires a separate private line for voice and
another for data.

Local
Exchange
ZDDDDDDDDDDD?3 3
34-Wire Talk33 3
3Battery Via33 3 Voice
3Telephone C4<DDDDDDEDDDDDDDDDDDDDDDDDD?
3Unit 33S2001 3 3
3 33Private3 3
@DDDDDDDDDDDY3Line 3 3
3(Voice)3 3
3 3 ZDDDDADDDDDD? ZDDDDDDDDDDD?1
3 3 3AT&T 3 3ALLIANCE CD
3 3 3Port 3 1 3Dedicated 3
3 3 3 CDDD4Telecon- 3
3 3 3 3 3ferencing 3
3 3 3 3 3Service 3
3 3 @DDDDDBDDDDDY 2 3 3
3 3 Data3 DD4 3
ZDDDDDDDDDDD?ZDDDDDDDDDDD?3 3ZDDDDDDDDDDD?ZDDDDDADDDDD? 3 3
3202T 33B29 33 33B29 33202T 3 3 3 3
3Modem C4Data Set C4<DDDDDDE4Data Set C4Modem 3 DD4 3
3 33 33S3001 33 33 3 3 3
@DDDDDBDDDDDY@DDDDDDDDDDDY3Private3@DDDDDDDDDDDY@DDDDDDDDDDDY 3 3
3 3Line 3 3 3
ZDDDDDADDDDD? 3(Data) 3 3 3
3Computer 3 3 3 3AT&T 3
3Terminal 3 3 3 3Network 3
3 3 3 3 3 3
3 3 3 3 3 3
3 3 3 3 3 CD
@DDDDDDDDDDDY 3 3 @DDDDDDDDDDDY56



The ALLIANCE 1000/2000 (Type I) Bridge

The type I bridge, a subsystem of the Network Services Complex (NSCX),
bridges (connects) the conferees' channels. (See Figure 2) Actually there are
two of these bridges, each of which handles 59 channels. The bridge interacts
with the NSCX's main processor via the serial control bus.

The NSCX receives digitized voice channels at the DS1 rate on five T1
transmission lines. Under control of the main processor, the TS1 unit routes
channels to this bridge. (See Figure 4)

Bridge operation is controlled by the bridge processor, a high-speed,
bit-sliced microprocessor. Upon receiving control information from the NSCX;s
main processor, the type I bridge determines the channels to be bridged, the
conferees to be heard, then adjusts the gain.

Echos on incoming channels are eliminated by the echo canceller (an AT&T
IC) and an adjustable digital filter that subtract a simulated echo from the
signals. A digital signal processor (DSP) IC, in the level-control unit,
detects the presence of speech, estimates its level, and sends the results to
the bridge processor, which returns the appropriate gain setting. The DSP
also suppresses noise, keeping the connection quiet when speech isn't present.

Bridging is done in the conference summation unit, which sums the digitized
voice samples from each speaker. (The level of each speaker's input signal is
adjusted first.) Each conferee gets back from the bridge the digital sum of
all speech on all legs of the conference, minus the speech he or she puts in.
This allows for multiple talkers.

As information on each conferee is sent to the bridge processor, all speech
channels associated with the same conference are examined every four
milliseconds for the presence and amplitude of speech. Where speech is
detected, that conferee's voice sample is included in the conference summation
if the total number of speakers has not reached the limit of three. Further
processing of speaker signals by the bridge processor produces an "inertia
effect" - an averaging of signal levels that eliminates transient noise and
allows for pauses in speech.

Once a conference is set up, there's no further communication with the main
processor until the conference ends or the originator exercises further control
options. If parts of the NSCX fail, the type I bridge may be able to continue
the conferences without interruption.



The ALLIANCE 3000 (Type II) Bridge

The type II bridge is a subsystems of the Network Services Complex (NSCX).
It provides the multipoint CCITT Telematic Services Protocol, a high-speed
point-to-point protocol for facsimile transmission at 4.8 kilobits per second
(kb/s), with 56 kb/s planned for the future. Like the type I bridge, this
bridge furnishes 59 ports that are configurable in any combination from a
single 59-port conference to 19 three-port conferences.

The type II bridge interface to the customer is either at 4.8 kb/s
half-duplex via the long-distance network, or at 56 kb/s (planned for the
future) for the new Accunet Switched 56 service. The lower speed gives
customers ubiquitous access to teleconferencing, while the higher speed ensures
a top level of performance for graphics, and a potential transmission time of
about four seconds per page.

Two key concepts guided the design of the bridge's hardware and software.
The first, transparency, makes the bridge look like a terminal, allowing
terminals in a conference to operate as if they were each on a two-point
connection.

The second concept, symmetry, ensures that each terminal will have the same
access to the conference. To achieve this symmetry the bridge accepts requests
>from terminals to transmit, then performs contention resolution, allowing
terminals to transmit in an orderly and equitable way.

The type II bridge also performs capability negotiations and flow control
to differ differences in terminal operating speed (4.8 kb/s or 56 kb/s), error
control and recovery, and transmission.



Billing Information

There are no recurring monthly or installation charges for ALLIANCE
Teleconferencing Services. Calls are billed as follows:

o Regular AT&T long-distance charges apply between the ALLIANCE Services
Access Center (White Plains, Chicago, Dallas, Reno) and each location on the
conference call (including your own). A charge of 25 cents per minute also
applies for each location on the call.

o If the ALLIANCE Services operator is asked to set up the conference
call, there's an additional charge of $3 per location.

RENO, NEVADA WHITE PLAINS, NEW YORK

0-700-456-1001 Audio 0-700-456-1003 Audio
0-700-456-2001 Graphics 0-700-456-2003 Graphics

CHICAGO, ILLINOIS DALLAS, TEXAS

0-700-456-1002 Audio 0-700-456-1004 Audio
0-700-456-2002 Graphics 0-700-456-2004 Graphics



Editor's Note: Well that's the end of the this file. Hope you learned a
lot about how AT&T ALLIANCE Teleconferences really work. I hope you have
enjoyed reading this file as I had typing it. (Yeah right...hehe.)
next time you are on an AT&T ALLIANCE Teleconference you'll now exactly
how they work.


------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 5 of 11

DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
ANARCHY TiMES
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
All Rights Reserved
Released on 04/92
Property of UPi
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD


Last Week of School

Ok you're one week away from your two month trippin' period... BUT! You
don't want the bunch of fuckers to forget about you hehe? Well here are
a few way of making sure you'll have the best days of your life next year.

First : A few things are in and many are totally out.

IN : Bombing
Vandalism
Assassination <NOT! You want the teacher to suffer from you again.>
Black Mailing


OUT: Kiddie stuff like : "I'm going to kill your wife... Sir..."
Stupid prank of the Full-Of-Shit-Paper Bag-Caught-On-Fire-That-The
-Teacher-Will-Try-To-Extinguish-By-Jumping-On-It.

Anyhow you get the idea of what TO do and what NOT to do.


- Bombing -

I won't go over the various explosives substances, because their are many
good text philes on these babies. Get you hands on "The Anarchist Cookbook"
published by God-Know-Who, it explains how to make various explosives.

What to bomb ?? Easy Teacher's Restroom, Cafeteria's garbage can,
janitor's bin, and other school property. To blow the teacher's rest room,
I would not advise using a Light Activated bomb that'll blow up when the
teacher lift the lid of the bowl. I'd rather suggest a good ol' plastic
based explosive placed right in the tank [Scheme 1]

VDDDDDDDDDDDD[ Scheme Number 1 ]DDDDDDDDDDD7 This explain where to place
: _____ : the bomb. If you can, wrap
: |Z? | Z? : the explosive in a plastic
: |@# | / @Y= Plastic Charge : bag to avoid water damage on
: | | / # = Timer Fuse : the timer. You wouldn't want
: |____|/_ _ : it to go off right under a
: 33 3 ---- ) : teachers ass would you ?
: 33 3 / :
: DDDDDY@DD/DDDDD\ :
: :
SDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD=

- Vandalism -

This, I'm sure everybody has performed at least once in his life. Either
by painting a complete wall, or only by writing his name on a desk. Well
why don't you combine the two of them ? PAINT your NAME on a DESK nailed to
a WALL ??? NOT! Here it goes... Usually, school invest in cheap art pieces.
Sometime, it's a statue of the school's funder, or painting of some smart-ass
dope weirdo, that made big bucks by painting little fucked up square in
puke colors. Well the statue is pretty easy to wreck, just saw the heads
off the rest of the body. Or glue a Dick and two balls just in the right
place. If you're daring enough, remove the statue from one school, and switch
the two of them. Only problem here is transportation. Another neat trick is
to offer an haircut to the jerk. Make him a red, white and blue mohawk, or
paint it in more living colors, smear artificial blood everywhere.

Okie painting? Use some sort of thinner to fix these up. Fill a squirt
gun with some Varsol (tm) and spray-n-wash (tm) the thing... It's just gonna
look a bit more psychadelic... WHO GIVES A SHIT ?!??!?

Break-In and Entering a school. Easy if the school is cheap, just enter by
breaking a window. If not, try the roof, or pick some lock, get to the
principal's office. Make some re-decoration thing. Take the previous
mentioned statue and allow him to sit in the principal's chair... Or HANG
the statue in the principal's office... What else ? Hang the PRINCIPAL'S in
his office. Paint some devilish signs in the office, and use the desk as
a ceremonial table... Spill some sheep blood everywhere, and leave a sheep's
dead carcass lying around. Now... Something that work all the time, is to
connect the phone to the intercom. If you're smart 'nuff you will figure
out a way to make the intercom go online as the fucker lift the receiver.
Sure... It may take some time to fix, but hey! Who said pranking was easy ?

- Various Fraud -

Ok, lock pick your way inside the teacher's wardrobe. In there you will
most probably find some various shit as Kleenex (tm), Kotex (tm), and you
might even find some useful thing... Cash, Credit Card, Calling Card,
agenda, driver's license, and various paper (Which we'll use later, to
blackmail the subject). Also, rule #1 of Break-In, is PUT BACK EVERYTHING
IN IT'S PLACE ! You don't want them to notice that someone browsed through
their possessions.

Cash is always useful, but be sure not to get your ass jailed. I'm
sure that if you find cash you'll know what to do with it.

Credit Card, well again here, you probably know what to do with it, but
one thing : DO NOT STEAL THE CARD... Note the Number, Expiration Date, and
every information you can, but for god sake, leave the card in place... If
the card is missing, the asshole will cancel it in the following 24 hrs.

Calling Cards, must I remind you that THESE are FUCKEN' UNSAFE ?? I got
nailed for nearly 450$ once, and promised myself not to ever use one of
these on my own line. Use them for pay-phone transactions. It's pretty
useful and can save you lotsa bucks.

Agenda's are mostly used to pick up owner's street address, phone number
birth date, and various information ranging from friend's phone, password
on the school net, and shit like that.

The driver's license, you can take. No one will care, beside him, perfect
when you need false ID, and shit like that.

Papers, who said there was nothing interesting in the phone, gas,
electricity and other kind of bills? phone bill can supply you phone number
and sometimes, Calling Card numbers, and Gas bills, well, these are not as
useful as phone bill, but still, you can rip off address and phone number.
Electricity bills are the same as gas bill. One thing you should look for is
the receipt that the subject collects from various sources. I know for one
that gas stations emit receipts when you pay by Credit Card. Seek them out.


- Blackmailing -

If you really want to piss off you mark, this is the way to go first,
let me tell you that sticking newspaper letter on a piece of paper is not
the best way. It's long and it's dirty too, I'd rather suggest that you
use some of the modern ways of blackmailing, phone and Typewriter. If
you're good at that, you can fool around with pictures, sending your
favorite teacher a letter containing pictures of him and another chick in a
whorehouse, or a picture of him in a gay bar. If you prefer the old way,
ask him to give you 500$ if he wants his dog back alive...Include a picture
of the dog hanging to a rope. Then, you'll have to plan for a collect site
... Again, Public park garbage can are NOT recommended... You would prefer
a dark alley which you've sweeped out completely for cops and various
unwanted people... Clearly state in your letter that if cops are warned, or
that if he's not alone, the animal will be tortured and the mutilated before
being killed. Ok...Enough bullshitting... Blackmailing is useful, because
you can get almost everybody to do whatever you want, and whenever you want
them to do it.

This, I hope will keep you busy until the end of the school year.

- Assassination -

Yeah, I know, I wasn't supposed to cover this in, but what the heck. I
feel like it today (Rainy Day, Bad Day at school etc).

One of the best way to kill or seriously harm somebody with the less chances
of you getting caught, is your mark's car... A gas tank could easily catch
on fire while he's driving the car.

Follow the next simple steps to clean assassination.

1. Find out where the asshole lives.
2. If the car is in a garage, forget it, and wait 'till the car is out.
3. Always do this at night, you don't wanna be seen.
4. Open the tank and check if it's full, you don't want him to see you
messed with the tank.
5.
VDDDDDDDDDD[Scheme Number 2]DDDDDDDDDDDD7 Ok. Remove the back light cover
: \_______ : on the gas tank side, and just
: _ _.---._) : hook a wire on the red wire that
:(_[o] /__| <- Break Light. : is supposed to be there. Hook
: __ | _ _ : another on the black wire.
: _ \ | (_[o] = Opened Gas Tank : Discreetly tape the wire with
: _) ]___/ : transparent tape the closest
: ___/ .---. = Wiring : possible to the car, and open
SDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD= the gas tank. now, twist the
wires together, and work them the deeper you can in the tank. You may need
a screwdriver to pierce a hole through the small metal net that stop thieves
from suckin' the gas from the tank. Now, just stick the cover back in place
and close the tank. If your thing is too obvious, the guy will probably
check it and remove it, but if it's concealed enough, he's cooked the next
time he'll hit the break... 'Cuz if you have not yet figured out what is
gonna happen, well... The two wires will induce a short circuit, which will
most likely produce a spark, which will ignite the fumes, and BAM!


- Basic Anarchy -

This is a `Say Everything that is nasty and comes out of your head' section.
In here, I will give you a few tips, and let your brain do the hard work.
Which is : Gathering the material and putting the thing in place...

1. Light the neighbor's tree(s) on fire.

Simple. Make some napalm ( Gas and Palmolive <tm> in a can + an
ammonia tablet which is to fall into it...), and put it under the
tree...You'll have about 5 sec to run away, before the things
transform into a fireball. You can light various things with
napalm... Skunks, Rats, Skin Heads, Dog, Krishna, or your favorite
ethnic minority specimen.

2. Smoke Show...

Take about 4 gal. of Gas, pour it into a sewer and light the
things out... The sewer will catch on fire and everything in it
(Shit,Dead rats,dead skunks,dead skin heads, dead krishna...)
will catch on fire too... Emitting a large amount of smoke, which
will be grey, and will stink like a living-dead congress in Brazil.

3. Kar Krash...

For that one, you will need a few screw drivers, 6" nails, a hammer
and lotsa guts. Go out at night spot your favorite neighbors car.
nail is tire valves, so when he removes the nails, the tires will
flat out. Then, take a flat screwdriver, and push it through the car
locks. Take a Phillip's one, and make the hole bigger, being sure
that the lock will be useless... On certain car, you can even unscrew
the back windows (Honda, Hyundai) and then, you can slash the entire
car interior.

Well... This wrap it up for this issue. Greets are out to : TLA, Arch Bishop
The Darkman, Frozen Tormentor, Dark Angel, The Black Legend, LTD, Mind Bomb,
Prince of Thieves, and to all Anarchist out there.
____
/ /\ \
--(-/__\-)--
X____X narchy Rules. Call NDC (514)899-5435 and leave me mail.
/ \

- Disclaimer -

This file is intended to various illegal use. The author here by
is not to be involved in these activities. (Well, somebody must
have tried these out hehe?) And you pigs can't fucken' do anything
about it. God Bless the 1st Ammendment!

Silicon Phreaker


------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 6 of 11

How to make a million
dollars in your own basement!


By VC Hacker


How do you make a million dollars in your own basement? EASY!
Grow Marijuana! It is possible to grow a higher quality product
indoors than those normally available on the street! The most
important step is choosing your "strain". Try to pick some seeds
>from the best pot you ever smoked. Or if possible get some
"clones" from someone already growing. Follow these simple rules
and you can achieve yields anywhere from 3 to 8 ounces of dry bud
marijuana (with no seeds!) per plant!

Step 1
------
Location. Choose a site which has easy access to water and hydro,
yet is somewhat

  
discreet, and will facilitate ventilation ducts
leading directly outdoors.

Surround Growing Area with a heavy reflective material. This will
keep bright lights from shining out, make the area airtight, and
reflect the excess light back onto the plants. A flat white
plastic (available at some garden centers) is ideal.

Next, run a water hose into the room. It is best to have a Y type
connector hooked up to the hot and cold so you can make the water
lukewarm.

It is time to get some Hydro. Using minimum of 14 gauge wire, run
power directly from source. It is not advisable to use the wall
outlets unless you know for sure there is nothing else on the cir-
cuit. Remember, you will need 1 15 Amp circuit for every light.

Now you are ready for ventilation. Run an intake fan into the area
using duct work. This air must come from outdoors. The intake
should enter the room near the floor, and have a damper on it
to prevent air from leaking in while the fan is off. An exhaust
fan will need to be located on the opposite wall, near the ceil-
ing and leading directly outdoors. The ventilation system must be
able to clear the entire area in 5 minutes. To figure out what
size of fans and duct work, calculate the total cubic footage of
the area. Then, divide it by 5. That result is the approximate
rating of the fans in CFM. Find the closest to that rating with
out going under it, and use the corresponding size duct work. Both
fans should be run using a thermostat. The proper temperatures
will be discussed later. Although the ventilation is probably the
most intense part of setting up your grow-room, it is also one
of the most overlooked parts. IT CAN MAKE OR BREAK YOUR SUCCESS!

Step 2
------
Now, choose how many lights you want to run. One 1 000 watt
light will light approx. a 10 by 10 area, while in vegetative
state. Go to a Hydroponic store or Electrical wholesaler and
purchase 1 000 Metal Malide lamps. Later, when your plants are
in flowering, you will need an equal number of High Pressure
Sodium lamps. Remember to run only one light per 15 amp. circuit.
You still have enough room to run fans on a circuit with one
1 000 watt light. Hang the lights on chains so they can be raised
or lowered.

Now, start your seeds or clones. It is most advisable to start
them under fluorescent tubes until you see roots coming out of
the bottom of the pots. Then, transplant them into 4 to 5 gallon
pots with PRO-MIX BX (available at garden centers) and place them
in the grow room. Limit yourself to 6 to 8 plants per light.This
may not seem like much at first, but they grow quick! Lower the
lights so they are 6 or so inches away. It is important to keep
the lights as close as possible to the plants without burning
them.

Run the lights on Timers, so they operate 18 hours per day. It
is usually easier to control the temperature if you run the
lights at night.

After about a week it is time to start fertilizing. Get some
18-9-27 fertilizer (any garden center) and mix according to the
directions. When the plants are dry about 3 to 4 inches under the
top of the soil, it is time to water. Water one time with fertil-
izer, one time without. Every 2 weeks flush out each plant fully
with 5 gallons of pure water. This will clean out all unused
nutrient and keep plants healthy.

During this whole time the thermostat should be set to keep the
room temperature at 80 degrees.

Step 3
------
After 4 weeks of vigorous growth your plants should be ready to
flower. Usually they should be 36 inches in height.

It is time to add the High Pressure Sodium lights. Change the
light cycle to 12 hours. This will trigger the plants into
flower production (buds!!!).

Obtain 10-52-10 fertilizer. This will stimulate the maximum
flower growth. Mix as to directions, and apply the same as above.
As above, flush plants out every 2 weeks.

Thermostat should be set a little higher during flowering. Usually
80 to 85 degrees, depending on the strain.

After about 2 weeks of flowering the gender of the plants will
start to show. Female plants will have little white hairs at
every branch node, and male plants will have 2 little balls
hanging underneath. Remove and destroy all the male plants. They
do not produce any buds, and will cause you to have seeds in
your crop.

Now, let your remaining female plants flourish for 6 more weeks.
For the last 4 to 5 days it is a good idea to use only fresh water
with no fertilizer in order to clean the nutrient out of the plant
and allow the true taste of the strain to prevail. This will allow
in sweet, flowery tasting buds.

Step 3
------
When your buds are nice and big and fluffy, it's time to cut 'em
down. Plant by plant remove all bud material and separate all the
leaves from the bud. Throw out the leaves. The remaining bud may
be dried on screens, or even on newspapers spread on the floor. It
is most advisable to dry it in a cool, dark place as THC's biggest
enemies are heat and light. This will keep your pot fresh and
potent. Normal drying time is 3 to 4 days.

Now, obtain 4 things: 1) Zip-Loc bags 2) Scale 3) Zig Zag White
Rolling Papers 4) Matches. Roll a big reefer, get stoned, weigh
out some dope, and make some money!



P.S. Aluminum briefcases are very handy for burying money. They
are air and watertight, and can hold twenty-thousand dollars
worth of 20's!


Have Phun


------------------------------------------------------------------------------

-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 7 of 11

The Beginner's Guide To Hacking On Datapac 1992 Update

Written By The Lost Avenger


Welcome to once again to the first return issue of the UPi newsletter.
This file was originally released for Spectrum Issue #1, and then re-released
in the very first UPi Newsletter (Volume 1, Issue 1) and from there I have now
decided that the public's positive reaction to this file was still so
tremendous that it made me decide to re-release the file again and also
re-write and update it to the 1992 specifications for Datapac. Hope you enjoy
reading this file as I did writing it.

After reading through my large collection of g-files. I have found that
there hasn't been a good text file for beginner about hacking the Datapac
network. This guide will give a general incite on how to identity different
types of operating systems when you are hacking about Datapac, and on generally
basic information about Datapac. I hope this will give you more knowledge
about the Datapac network to help get you started. Hope you learn a lot about
Datapac and enjoy reading it at the same time. I have released this file in
UPi Issue Number 1 but I have updated it and re-releasing it.

These are the ten rules of hacking that I go by when I hack around on
systems. These rules are important in order maintain from being caught or
discovered illegally hacking on a system.

I. Do not intentionally damage *any* system.
II. Do not alter any system files other than ones needed to ensure your
escape from detection and your future access (Trojan Horses, Altering
Logs, and the like are all necessary to your survival for as long as
possible.)
III. Do not leave your (or anyone else's) real name, real handle, or real
phone number on any system that you access illegally. They *can* and
will track you down from your handle!
IV. Be careful who you share information with. Feds are getting trickier.
Generally, if you don't know their voice phone number, name, and
occupation or haven't spoken with them voice on non-info trading
conversations, be wary.
V. Do not leave your real phone number to anyone you don't know. This
includes logging on boards, no matter how k-rad they seem. If you
don't know the sysop, leave a note telling some trustworthy people
that will validate you.
VI. Do not hack government computers. Yes, there are government systems
that are safe to hack, but they are few and far between. And the
government has infinitely more time and resources to track you down than
a company who has to make a profit and justify expenses.
VII. Don't use codes unless there is *NO* way around it (you don't have a
local Telenet or Tymnet outdial and can't connect to anything 800...)
You use codes long enough, you will get caught. Period.
VIII. Don't be afraid to be paranoid. Remember, you *are* breaking the law.
It doesn't hurt to store everything encrypted on your hard disk, or
keep your notes buried in the backyard or in the trunk of your car.
You may feel a little funny, but you'll feel a lot funnier when you
when you meet Bruno, your transvestite cellmate who axed his family to
death.
IX. Watch what you post on boards. Most of the really great hackers in the
country post *nothing* about the system they're currently working
except in the broadest sense (I'm working on a UNIX, or a COSMOS, or
something generic. Not "I'm hacking into General Electric's Voice Mail
System"
or something inane and revealing like that.)
X. Don't be afraid to ask questions. That's what more experienced hackers
are for. Don't expect *everything* you ask to be answered, though.
There are some things (LMOS, for instance) that a beginning hacker
shouldn't mess with. You'll either get caught, or screw it up for
others, or both.

I think in my own opinion the best way to find systems is by scanning them
out. Getting them off a board or off a friend is not very safe as they may
already have been hacked to death. Now you are probably wondering how you scan
for systems, well this is what you do. First you select a four digit number
representing the area you want to scan, for example 4910 or something like
that. What you do from there is when you connect to the Datapac network (See
Part V for more details on how to connect to Datapac) you type ".." and press
enter. You should get some kind message such as "DATAPAC: XXXX XXXX" (with
XXXX XXXX the Datapac node number you are on). Once you get that message you
will enter a four digit number (the prefix) that you have selected, but don't
press enter yet. After that type in another four digit number (the suffix)
your have selected and press enter. Datapac will give respond to that by
giving you a Network Message which is discussed later (see Part VII for the
Datapac Network Messages). These messages will tell you if the system you are
trying to reach is out of service, up, busy, and so on. If you have
successfully connected to a system and want to disconnect from if and go back
into Datapac type in the following string "<Control>-P Clear <Enter>". To
continue scanning for more systems just keep on adding one to the last digit of
the number in the suffix that you entered before and press enter. To keep on
scanning just continue this until whatever suits your needs, for example you
may start scanning at 4910 0000 and could stop scanning at 4910 1000.

Ok now in this section I will discuss on how to connect to the Datapac
network. Ok what you do to connect to Datapac is first make sure you computer
is on. Then you load your terminal program, next call your local Datapac
node. Once connected type to Datapac type in "..<Enter>". Datapac will
respond to this with the following message:

DATAPAC: XXXX XXXX

The XXXX XXXX is the Datapac node number you are on. If you have a Network
User Identifier (NUI) then you can enter it in the following way, if you don't
have one then skip this part:

NUI <Your NUI> <Enter>

you will then see the next message:

PASSWORD:
XXXXXX

If Datapac did not send that message then that means that NUI that you entered
is not a valid one. If you did get this message then enter the password
assigned and press enter. Datapac will respond with either one of the
following messages:

DATAPAC: network user identifier <Your NUI> active.

which means that the password entered is correct or

DATAPAC: network user identifier error

which means that the password entered is not correct. Take note that if you
have the valid NUI and it is on and you want to turn it off then type in the
following command:

NUI Off<Enter>

>from there Datapac will send:

DATAPAC: network user identifier not active

which means that you are no longer using the NUI, which also means that won't
be able to connect to NUA's that don't accept collect calls. Once you enter
in all that information.. you can know enter in a NUA. To enter in a NUA just
type in 1+DNIC+NUA (example 1208057040540 for QSD). If you connect to the NUA
properly then you will get this message:

DATAPAC: Call connected to: XXXX XXXX

The XXXX XXXX is the NUA that you have requested to connected to, otherwise it
will display a different message which is discussed later on in this document.

When a Datapac call is established through the network, a call connected
message is received at the originating DTE. All or some of the following
messages may be identified depending on the type of call, options used for the
call, and the type of destination.

Example:

[HUNTED] [BACKED UP] [BACKED UP & HUNTED]
[i LCN] [P/N PACKETSIZE: (128 OR 256)] [NUI (6 to 8 CHAR)CHARGING]
[CUG:(CUG#)] [REVERSE CHARGE]

MESSAGE EXPLANATION

Call connected to: XXXXXXXX A virtual circuit has been established between
an originating DTE and a remote (receiving)
DTE.

Hunted The remote logical channel is part of a hunt
group.

Backed Up The call attempt to the remote DTE has failed.
The network has re-directed the call to another
predetermined DTE that has been optioned as
backup.

i The call has been placed to an international
address.

P Priority service. Packet size: 128.

N Normal service. Packet size: 128 or 256.

DNA Data Network Address of the originating DTE.

LCN Logical Channel Number of the recipient DTE.

NUI The call will be billed to the 6 to 8 character
Network User Identifier.

CUG The recipient DTE is part of a closed user
group.

Reverse Charge The recipient DTE has accepted the charge
associated with the established call.

There are thirty-three messages which may appear when you are accessing the
Datapac network. All of these network-generated messages which are sent to a
terminal, are written as "Datapac: text". The "text" will be one of the
following messages:

ADDRESS
This is a Datapac herald message for an SVC terminal. The "address"
displayed is your Datapac network address. This message indicates that you are
connected to the Datapac network. Proceed with the call request command.

{P,R} TERMINAL ADDRESS -- (DESTINATION ADDRESS LOGICAL CHANNEL)
This is a Datapac herald message for a PVC terminal. It indicates that you
are connected to the network (address and destination address)

CLOSED USER GROUP ERROR INVALID ADDRESS, MORE THAN 12 DATA CHARACTERS, or COMMA
REQUIRED BEFORE DATA CHARACTERS
These messages indicate an error in the call request command--correct and
re-enter the command.

CALLED BY [P][R] or [N][I] ADDRESS (XXX)
This message indicates that a host or terminal has called you. Proceed
with sign-on. (Note: P or N denotes grade of service. R specifies the
charging option, if applicable. I specifies that it is an international call.
(XXX) specifies the logical channel number if it is a national call, and
specifies the gateway id if it is an international call.

CALL CONNECTED
This message indicates that the SVC connection between your terminal and
the destination has been established successfully.

RE-ENTER
This message indicates that a transmission error has occurred in the
current input line. Re-enter the line. If the problem persists, report the
trouble to Telecom Canada.

INPUT DATA LOST
This message indicates that a transmission error has occurred. Since part
of your input line has already been transmitted to the destination, enter a
"line delete" character for your application and a carriage return (CR). When
the destination replies, re-enter the line.

PARITY ERROR
This message indicates that a parity error has occurred in the current
input line from a terminal which is operating in echo mode. The character
which is in error is not echoed. Re-enter the character and continue normal
input. If the problem persists, report the trouble to Telecom Canada.

INPUT ERROR
This message indicates that there is a network problem, due to overruns.
If the problem occurs often, contact Telecom Canada.

PVC DISCONNECTED - TEMPORARY NETWORK PROBLEM
This message indicates that a network problem is preventing the requested
call from continuing. Wait for the Datapac herald message, then continue. If
the condition persists, contact Telecom Canada.

PVC DISCONNECTED - DESTINATION NOT RESPONDING
This message indicates that either the access line to the destination, or
the destination itself is down. Try again later. If the condition persists,
contact the destination.

PVC DISCONNECTED - REMOTE REQUEST
This message indicates that the destination has asked that the connection
be discontinued.

INVALID COMMAND
This message indicates that there is a syntax error in the command.
Correct it and re-enter the command.

COMMAND NOT ALLOWED
This message indicates that the command which was entered, although
syntactically correct, cannot be implemented either due to the NIM state, or
because it violates and/or conflicts with the service options selected --e.g.,
a call request command, when an SVC is already established.

CALL CLEARED -- DESTINATION BUSY
This message indicates that the destination computer cannot accept another
call. Try again later.

CALL CLEARED -- INCOMPATIBLE CALL OPTIONS
This message indicates that the call request command includes facilities
which are not available at the destination or are incompatible with it. Verify
and try the call again. If the problem persists, contact the destination.

CALL CLEARED -- TEMPORARY NETWORK PROBLEM
This message indicates that a network problem has occurred--try again
later. If the problem persists, report it to Telecom Canada.

CALL CLEARED -- DESTINATION NOT RESPONDING
This message indicates that the destination is either not acknowledging
your request to connect or it is inoperable. Try again later. If the problem
persists, contact the destination.

CALL CLEARED -- ACCESS BARRED
This message indicates that the network has blocked your call because of a
Closer User Group violation. Verify the call establishment procedures with the
destination.

CALL CLEARED -- ADDRESS NOT IN SERVICE
This message indicates that the network address in the call request command
identifies a non-existent destination-- i.e., the address is not yet (or is no
longer) assigned. Verify the address and re-enter the call request command.
If the condition persists, contact the destination.

CALL CLEARED -- COLLECT CALL REFUSED
This message indicates that the destination is not willing to accept the
charges for the connection (e.g., it does not accept calls from Datapac public
dial ports). Verify the call establishment procedures and try the call
again. If the condition persists, contact the destination. (See Part VII and
Part VIII for more information.

CALL CLEARED -- LOCAL PROCEDURE ERROR
This message indicates that a network protocol error has occurred. Try the
call again. If the condition persists, report the trouble to Telecom Canada.

CALL CLEARED -- REMOTE PROCEDURE ERROR
This message indicates that a destination protocol error has occurred. Try
the call again. If the condition persists, contact the destination.

CALL CLEARED -- LOCAL DIRECTIVE
This message indicates that a virtual circuit has been cleared in response
to a clear command from a terminal user.

CALL CLEARED -- REMOTE DIRECTIVE
This message indicates that a virtual circuit has been cleared in response
to a clear request packet from the destination.

CALL CLEARED -- REMOTE REQUEST
This message indicates that a virtual circuit has been cleared in response
to an invitation from the destination to clear the call.

RESET -- TEMPORARY NETWORK PROBLEM
This message indicates that a network problem has occurred on the PVC
connection. Wait for the Datapac herald message, then continue. If the
condition persists, report the trouble to Telecom Canada.

RESET -- DESTINATION NOT RESPONDING
This message indicates that the destination end of the PVC connection is
not responding-- i.e., either the access line to the destination, or the
destination itself, is down. Try again later. If the condition persists,
contact the destination.

RESET -- LOCAL PROCEDURE ERROR
This message indicates that the PVC has been reset because of a network
protocol error. Wait for the Datapac herald message, then continue. If the
condition persists, report the trouble to Telecom Canada.

RESET -- REMOTE PROCEDURE ERROR
This message indicates that the PVC has been reset because of the
destination protocol error. Wait for the Datapac herald message, then
continue. If the condition persists, contact the destination.
If the host computer is connected via the ITHI option, this message
indicates that data has been disregarded due to the host not reacting to flow
control conditions sent by the PAD.

RESET -- LOCAL DESTINATION
This message is the network's response to a reset command from the terminal
user. Continue.

RESET -- BY DESTINATION
This message indicates that the destination has reset the virtual circuit.
Data may have been lost. Continue. If the condition persists; report it to
the destination.

RESET -- TEMPORARY NETWORK PROBLEM
These messages indicate that the network has reset the switched virtual
circuit. Data may have been lost. Continue. If the problem persists, report
it to Telecom Canada.

RESET -- LOCAL PROCEDURE ERROR
These messages indicate that the network has reset the switched virtual
circuit. Data may have been lost. Continue. If the problem persists, report
it to Telecom Canada.

Well let me just get back and discuss something that I was talking about
before but didn't go into any great detail about. The Network User Identifier
(NUI) is a credit card-like system associated with the Datapac Network -
similar to a calling card used to bill long distance calls. A NUI is a 6-8
character alphanumeric code which is entered during call set-up to indicate an
account to which Datapac calls may be billed. Associated with each NUI is a
password which is used as a security check when establishing a connection to
the Datapac network. The password is confidential, known only to the user.

The purpose of a NUI is to allow a Datapac user to make use of the Datapac
network for data communications without the requirement of a dedicated Datapac
connection or the need for the destination to accept reverse charge calls.
Once the NUI/password pair has been correctly validated, the call is set up to
the requested destination and call usage billed to the NUI/Datapac account
number.

At call set-up time, the user specifies the NUI and password to the
network. The password is used by the network to authenticate the use of the
NUI. After the NUI/password pair has been correctly validated (process whereby
NUI/password is checked by NUI application), the user will be able to bill all
subsequent session usage to the specified NUI.

There are many useful applications for NUI. NUI, when provided to
authorized users, can eliminate the need for host to accept reverse charge
calls. NUI is required by users of public dial who are placing calls to a host
application with the reverse charge blocking option. NUI permits subscribers
of dedicated and private dial Datapac services to "Third Party" usage charges
to a NUI account. For example, some users may decide that they do not want
usage charged to the dedicated access line which they are using (i.e., if using
someone else's line/terminal). By entering the NUI, all usage for subsequent
calls during the same session would be billed to the account associated with
the specified NUI. NUI permits sender paid calls to domestic Datapac network
addresses and to foreign networks. Users can make international calls to
overseas networks and charge the call usage to their NUI when using public dial
ports. Offshore networks accessed via Teleglobe do not accept collect calls.
Users also have the capability of placing sender paid calls to Domestic Datapac
addresses, Telenet, Tymnet, Autonet, ACUNET and DASNET in the United Sates.
NUI is required to complete calls using Datapac indial/outdial ports (i.e.,
devices at destination not connected to Datapac). NUI can be used to achieve
benefits of departmental accounting. The Datapac bill is itemized to indicate
the charges related to each NUI. This will assist in determining which
department has generated usage and the associated charges.

There are two main components to Datapac billing which is access and usage
Both are billed on a monthly basis. These are the monthly recurring charges
for dedicated access to the Datapac network.

Included in this component are; Service charges - The one time service
charge associated with a request for new service or a change to an existing
one. Monthly charges - The recurring charge for basic dedicated access to the
Datapac network. Other monthly - The additional recurring charges for any
optional charges features or enhancements (additional VCs, PVCs, CUGs, etc.) to
a dedicated access.

These are the charges for the variable amounts of customer data sent to and
>from the network. Included in this component are; Hold charges - Per minute.
This applies only to Public Dial Port and International calls. Call set-ups
(Call Requests) - Per attempt. Does not apply to Permanent Virtual Circuit
(PVCs) arrangements. Resets - Per occurrence when generated by the customer.
PAD usage - Per segment*. Applies to all services except Datapac 3000.
Network usage - Per segment*. Rateant the grade (1,2,3) of the
cities involved (DPSAs) and the distance between them. Surcharges - An
incremental 5% to 25% surcharge applies to network usage when a premium
throughput class is ordered. - A 25% surcharge applies to network usage with
customer requested Priority calls. NUI - although this is a recurring monthly
charge, it is grouped with usage for billing.

Billing of data packets in Datapac is done in segments and commonly
referred to as KILOSEGMENTS (1000 segments). In most cases, one segment is
equal to one packet containing from one to 256 characters. There are some
exceptions; Priority packets - Are a maximum 128 characters and are billed as
one segment, surcharge applies. 512 character packets - Are billed as two
segments. Packets to/from U.S. networks - Are a maximum 128 characters and
are billed as one segment. Packets to/from Overseas networks - The
international standard packet size is a maximum 64 characters and is billed as
one segment by Datapac. Some overseas networks have 128 character packets but
these are billed as two segments.

Network User Identifier (NUI) Charges

Monthly Service
Rate Charge

General NUI $2.40 $75.00
Corporate NUI $50.00 $125.00
Sub-NUI $2.40 No charge


General Access Rates

Monthly Service
Rate Charge

Closed User Group (CUG) $1.35 $75.00
- no charge for CUG options
Reverse Charge Call Feature $1.35 $22.00
Direct Call Feature $4.20 $75.00
Hunt Group $55.00 $22.00
Call Redirection $157.00 $22.00
- additional charge for diversity
where available


Usage Rates

Datapac usage includes the following billable components:

Hold Time (1,2) $0.04/min. Public Dial and
International ONLY
Call Set-up $0.01 each Public Dial/SVCs ONLY
Reset $0.01 each Customer initiated ONLY
PAD usage (1,2)
Datapac 3101 $0.50/kilosegment
Datapac 3201 $0.85/kilosegment
Datapac 3303 $0.70/kilosegment

Network Usage (1) see following table based on distance
and grade

(1) A 25% discount applies to these components for calls initiated and
completed between 7 PM and 7 AM and on weekends and certain holidays.
Applies to ** PUBLIC DIAL ONLY**.

(2) PAD and Hold Time charges are applied at both the calling and called end,
where applicable.

M I L E A G E

DPSA (city) 1-100 101-400 401-1000 1000+
----------- ----- ------- -------- ------
1 to 1 $0.40 $0.65 $1.06 $1.80
1 to 2 $1.01 $1.70 $2.33 $3.50
1 to 3 $1.70 $3.50 $4.13 $4.77
2 to 2 $1.75 $3.34 $4.24 $5.57
2 to 3 $2.44 $4.24 $5.30 $6.41
3 to 3 $3.13 $5.30 $6.36 $7.00

* NOTE : Larger cities are grade 1 Datapac Serving Areas smaller
cities are grade 3 DPSA's

The Datapac Summary Usage Statement is monthly statement is free of charge.
It is a summary of all calls that have been billed to the addresses or NUIs
that are part of an account for that billing period

Because this is a summary, it is not possible to accurately reconcile the
details of any totals on this statement. This is due to the standard accounting
practices of rounding rules, minimum charging and taxing procedures that have
been applied. If your organization needs this capability, it must be done from
a Detailed Usage Statement. There are other options that can be considered to
meet these needs such as; reverse charging, NUI, separate accounts or division
codes (where available). Please discuss this with the Sales Representative of
your local telephone company.

In addition to the customers account number, dates of the billing period
involved, tax totals and grand total, the following information is supplied;
Billed Address (or NUI and city); Other Address (or City Code if Public Dial
call), # of calls, # of resets, billable units (kilosegments), indication of
surcharges (if applicable), duration of calls, hold charges (if applicable),
and usage charges; A sub total of all above information for each billed address
and Service type of each address

This information is sorted in descending numerical/ alphabetical order.
This same information is given for the U.S. and Overseas Summary Usage
Statements and is grouped by Packet Switching Network name.

A new format for the Datapac Summary Usage Statement will begin
introduction in mid to late 1991. Improved methods of grouping, sorting and
reporting usage have been introduced as well as some additional details. Some
major highlights; Title page to display previous 12 months billing history,
page break by service type, sub-totals by service type, final page with
sub-totals of domestic, overseas and International usage with taxes and a grand
total. The information you need from a summary statement will be easier to
find and handle.

The Datapac Detailed Usage Statement which is chargeable option. It is
a monthly statement that details each and every call that has been billed to
the addresses or NUIs that are part of an account for that billing period.

In addition to the customers account number, the dates of the billing
period involved, tax totals and the grand total, the following information is
supplied for each call; Billed Address or NUI and city, service type, logical
channel (virtual circuit #), throughput class; Other Address and city (only
City if Public Dial call), service type, logical channel (virtual circuit #),
throughput class; Date, local start time and local stop time; Number of resets
(if any); Clear Cause Code; Billable Units (segments) received transmitted;
Call Set-up Class; Hold charges (if applicable); Usage charges and Taxing
province

This same information is given for the U.S. and overseas calls and grouped
by Packet Switching Network name.

The calls on this statement are grouped by billed address and other address
then sorted in descending numerical order. The calls between the Billed and
Other Address are sorted in descending chronological order.

Each call record on this statement can represent either a portion of or a
complete call. Under normal circumstances, an accounting record for a call is
generated when a call is cleared, or every 12 hours. If required, accounting
records can be generated on a call still in session (for variety of network
maintenance reasons). Therefore, a complete accounting record for a particular
call may appear on more than one line. Such instances are identified by the
Class and Clear Codes. If call total is required, it must be calculated
manually.

Well up to now I have discussed how to connect to Datapac, what a NUI is
and how much it cost for a NUI, summary usage statement, detailed usage
statements and usage statement codes. Let me changes topics for a minute and
describe the different type of Datapac services available.

Datapac 3000 is synchronous, application independent service that allows
data terminals (DTE's) and data communicating equipment (DCE) to exchange data
in a packet-mode over a public or private packet switching network.

The DTE/DCE interface connection, disconnection and transmission rules are
defined in a packet switching protocol called X.25 recommendation which is
developed and governed by the international telephone and telegraph consultativ
committee (CCITT).

X.25 protocol is a bit oriented framing structure based on the high level
data link control (HDLC). The CCITT recommendations for X.25 are divided into
three levels, namely:

The Physical Interface (Level 1) - Specifies the use of four-wire,
point-to-point synchronous circuit between the DTE and the network (DCE). This
circuit includes two modems or datasets (one connected to the DTE and the other
connected to the network). Characteristics are: 4-wire point-to-point or dial
via a V.22 bis modem; Full duplex via RS232 convention.

The Frame Level Logical Interface (Level 2) - Defines the frame level link
procedures used to synchronize transmission, initiate the "handshaking"
necessary to establish the 'R-U-There'/Yes-I-Am sequence, flow control
mechanism and perform error checking of data exchange across the DTE/DCE
interface (link). the DTE is usually located at the customer premises and is
called host while the DCE is located in the network. the procedures used to
control the link are defined as commands and responses. Characteristics are:
HDLC; Link access procedure balanced (LAPB) X.25(80) or X.25(84).

The Packet Level Logical Interface (Level 3) - Defines the packet formats
and control procedures required to establish a logical path (call request),
exchange information (data packets) and for removing the logical path (clear
request) between the DTE and DCR. Characteristics are: Logical Channels
(LCN`s); Packet Size; Window Size; And Throughput Class.

The customer's terminal (Host) is connected to a local modem which in turn,
is connected to a second modem (Remote) in the central office via by 4 wires
which in turn, is connected to a line processing module in the Datapac network.
This configuration is called the DTE/DCE link and can be assigned speeds of
1200 bps through 19200 bps.

This DTE/DCE link is assigned a unique Datapac network address (DNA) and
other link parameters such as line speed, modem type, flow control and security
by Telecom Canada.

When the electrical signals are in the correct state as specified in level
1, the Datapac line processing module continuously transmits a CCITT command
called SBMM (Set Asynchronous Balanced Node) to the customer's terminal (Host)
every three seconds. If the host is ready, it responds to the SABM with a
CCITT response UA (Unnumbered Acknowledgement). When this occurs, the link is
initialized (level 2 ready), the host and Datapac module exchange restarts or
restart/restart confirmation commands. When this occurs, the DTE/DCE link
generates a transition to the next X.25 level, level 3.

The DTE then signals the address it wishes to communicate with in a CCITT
defined call request format (8 digits ), 10 digits if using 9th and 10th digit
subaddressing on a Logical Channel (LCN) Datapac then routes the call request
to the appropriate destination (national or international) and awaits a CCITT
defined call accept packet. If this occurs, the accept packet is transmitted
back to the originating host and both hosts may now exchange CCITT defined data
packets. This is called a Switched Virtual Call (SVC); permanent virtual calls
(PVC's) are also offered. At the end of the session, either host can terminate
the SVC by transmitting a CCITT defined clear request packet. Up to 255 SVC's
may be supported simultaneously.

Dial access service is also offered at 2400 bps with a maximum of eight
LCN's over the public telephone network

Datapac 3000 provides customers with a cost effective service derived from
packet switching technology and X.25 protocol. Some benefits are: Simultaneous
communication with many (up to 255) different locations, national and
international, error free transmission, system expansion flexibility, cost
containment through reduced host port connections, 24 hours 7 days-a-week
service, lower communication costs, call parameter selection to suit particular
applications.

Datapac 3101 is a network access service which enables teletypewriter
compatible devices, such as time-sharing terminals, to access the Datapac
network.

Low speed, asynchronous devices are supported through an Interactive
Terminal Interface (ITI) in a Packet Assembler/Disassembler (PAD), which allows
the devices to access the network over dial-up (DDD) or dedicated access lines.

ITI, the end-to-end protocol for Datapac 3101 conforms to the CCITT
recommendations X.3, X.28 and X.29 and supports access to the Datapac network
for asynchronous, start-stop character mode terminals.

X.3 specifies the operation of the pad. It contains the specifications for
the twelve international parameters and their operation. Additional domestic
parameters are also in place to meet Canadian market requirements.

X.28 specifies the command language between the terminal and the PAD. It
also specifies the conditions which define the command mode and the data
transfer mode.

X.29 specifies the procedures to be followed by an X.25 DTE to access and
modify the parameters in the pad as well as the data transfer procedure.

The user needs no special hardware or software to interface a terminal to
the Datapac network. A knowledge of the ITI procedures is the only requirement
at the terminal end.

The Datapac 3101 service provides for terminal to host (user's computer)
and terminal to terminal communication. The host access should conform with
the X.25 protocol, using the Datapac 3000 access service, and also support the
higher level protocol conventions of ITI. host access may also be provided via
the Datapac 3101 service for some applications. The Datapac 3101 service also
provides block mode and tape support.

The Datapac 3201 Network access service which enables various terminals
that are buffered, pollable and operate asynchronously to communicate with host
computers through the Datapac network.

The Datapac 3201 service is typically used by the general merchandise and
specialty sectors of the retail industry in Canada. It provides a cost
effective communication solution whenever there is a requirement for sending
small amounts of information to a host computer and obtaining a short response.
The primary applications are on-line compilation of sales data to help in
inventory control, and on-line credit verification to detect fraudulent credit
cards. Other emerging applications involve trust companies, credit unions,
banks and service stations.

Datapac 3201 provides support at the customers' terminal end (for example a
retail store) by means of a Packet Assembler/Disassembler (PAD) which is
located in a Telecom Canada member company central office. The PAD polls the
various devices for information in an on-line real time environment.

Devices may communicate to the pad via two options: Shared multipoint
multidrop access at 1200 bps, or Dedicated access at 1200, 2400 bps.

Communication between the PAD and the terminal conforms to the ANSI
(American National Standards Institute) X3.28-1976 ISO (International Standards
Organization) poll/select asynchronous protocol. Telecom Canada undertakes to
test terminals which support this protocol, prior to connecting them to the
Datapac 3201 network.

Communication between the customers host computer location and the Datapac
network is accomplished by the use of a X.25 (Datapac 3000) interface which
supports the Datapac 3201 host to PAD "Point-Of-Sale (POS) end to end protocol"
specification.

- Data Collection: Average 1.7 to 2.3 seconds in the peak periods.

- Inquiry-Response (Credit Check): Average 2.7 to 4.2 seconds in
the peak periods.

A typical retail Datapac 3201 application uses short input and output
messages. (For example an average of 50 characters). One kilopacket (1,000
packets or 256,000 bytes) is equal to approximately 1,000 sales transactions or
500 credit authorizations. Average transaction volume would be less than 5000
packets per day.

Other optional Datapac network features include Closed User Group (CUG):
Allows devices within one group to communicate only with accredited devices of
the same group, resulting in a high degree of data security. Additional
options are available to limit call attempts between closed user groups or
within a closed user group, reverse charge call: Allows a user to charge a call
to the destination address, reverse charge call: Reverse charged calls destined
to a Datapac 3201 blocking: address will be blocked by the network.

Datapac 3303 (BSC) provides polled BSC communications protocol support for
IBM 3270 information display systems or their emulators.

Datapac 3303 (BSC) supports all the typical on-line inquiry response and
data entry applications normally accessed with these 3270 terminal clusters.

Datapac 3303 (BSC) is a PAD based service. The 3270 controllers connect to
the network via PAD's (Packet Assemblers/Disassemblers). PAD's perform the
host functions of communicating with the 3270 controllers in the binary
synchronous communications polling protocol, and in doing so, eliminate
cross-network polling.

Datapac 3303 (BSC) connections are dedicated facilities (one per
controller) at speeds of 2400, 4800, or 9600 bps. A virtual circuit is
maintained for each terminal across the network and out to the host at the
other end via a Datapac 3000 line. Most Datapac 3303 (BSC) connections
dialogue with hosts that are running Telecom Canada's Datapac access software
(DAS) in their IBM 3720, 3705, 3725 or Amdahl look-alikes front ends. DAS
supports X.25 connecting. To the network via Datapac 3000. It also supports
the end-to-end protocol transporting the 3270 data across the network.

Aside from lower communications costs, the main reasons for using Datapac
3303 (BSC) are: Ease of network reconfiguration, and dynamic multiple terminal
functionally.

New on-line systems are economically feasible and equipment changes can be
easily accommodated without disrupting service or affecting the network.
Terminals are now much more versatile than ever before. The capability exists
to dynamically access multiple hosts and/or applications from the same
destination (either manually, or via a user friendly mnemonic addressing
scheme). This means terminals behind the same controller can access different
destinations at the same time, saving equipment and communications facilities
costs. In conjunction with DAS (Datapac Access Software) in the host's front
end, that 3270 terminal can also act as an ASCII asynchronous device and access
such systems as Envoy/100 and iNet. In addition, each terminal now has the
ability to appear as either a BSC device to a non-SNA host or an SDLC device to
an SNA host in a matter of a few keystrokes.

There are currently 2 services under Datapac 3303 (SDLC). They are Datapac
3303/SDLC and Datapac 3303/SDLC Plus.

Both services allow IBM (and their emulators) devices to access the Datapac
network for the purpose of transmitting data using the SDLC link level
protocol.

Some common features of the Datapac 3303 (SDLC) are terminal pad based:
The service provides the X.25 framing and de-framing for SDLC data stream as
well as the packetization and de-packetization, QLLC end-to-end protocol: the
service conforms to IBM's QLLC specifications thus making it compatible with
most host X.25 PAD software/hardware implementations, physical unit type 2
accessibility: services such as the IBM 3270, 3177, 52xx, 36xx, 37xx, 47xx,
ATM's, etc. 2.4, 4.8, 9.6 kbps access speeds, Point to point and multipoint
on-net and off-net access, terminal or host initiated calling, normal or
priority packet size option and Closed User Group (CUG) options.

Datapac 3303/SDLC offers 1 VC per PU (controller), switched and permanent
virtual circuit support, and the following applications: virtual private line
emulation, centralized host processing simple call set up, international (via
Telenet/US) access, and token ring gateway support using the IBM 3174

Datapac 3303/SDLC Plus offers 1 VC per LU (end user terminal), local
command mode allows call set up and clearing from users terminal, automatic
direct call, mnemonic DMA dialing methods of call set up, switched virtual
circuit support, and the following applications: disaster recovery, alternate
host access using switching capability from user terminal and Datapac options
(packet size, charging, CUG's) at user terminal level.

Datapac 3304 offers batch terminal support. It supports RJE (or Remote Job
Entry) batch work stations or communications terminals operating under binary
synchronous communications (BSC) protocols.

Datapac 3304 allows users operating under IBM's Multileaving Interface
(MLI) protocol to access the Datapac network. It also supports compatible
computers and terminals using this protocol. Datapac 3304 supports the bulk
data transfer applications from these remote job entry (RJE) work stations
whin as 'transparent' s'pad-to-pad operation'. Devices are connected to the Da
dedicated lines aor 9600 bps. As users groimplement new technology, the termin
upgraded to X.25.

A typical user profile would include a host with a spooling or queueing
subsystem such as HASP II, JES 2, JES 3, ASP and RSCS, batch terminals such as
the IBM 3777 M2 and Data 100 and to have low to medium volumes to transmit.

Datapac 3305 also supports a variety of BSC RJE batch work stations such
as IBM 2770, IBM 2780, IBM 3740, IBM 3770 and IBM 3780.

It provides network access support for those customers using equipment
operating under IBM's point-to-point contention mode protocol and those
compatible computers and terminals using the same protocol.

Datapac 3305 supports the bulk data transfer (batch transmissions)
applications that occur between terminals, hosts, and a variety of other
devices such as communicating word processors.

Datapac 3305 provides savings for those customers running low to medium
volume applications.

Datapac 3305 is a PAD based service. The RJE (Remote Job-Entry) work
stations access the network via PAD's while the host computer may also use the
Datapac 3305 PAD or connect via an X.25 link on Datapac 3000.

Datapac 3305 supports three modes of access: Dedicated lines at 2400 or
4800 bps, private dial at 2400 bps and public dial at 2400 bps

It should be noted that the destination must be dedicated in order to
receive a call.

Datapac access software (DAS) provides a Datapac (X.25) compatibility for
IBM host computer environments. Datapac access software (DAS) resides in
customer-provided IBM hardware; the communications controller or front end
processor such as the IBM 3725 or IBM 3705, and co-exists with its compatible
IBM software such as NCP (Network Control Program), EP (Emulation Program) or
PEP (Partitioned Emulation Program). Datapac access software (DAS)
compatibility also extends to IBM look-alike hardware manufacturers such as
Amdahl.

DAS-installed host computer environments have access to their Datapac-bound
devices, such as those connected via Datapac 3101, Datapac 3303 (DSI/DSP),
Datapac 3303 (QLLC)*, and Datapac 3305, as well as those devices which are
connected via conventional communications facilities, such as private line or
dial-up.

DAS can also provide SNA conversion for non-SNA devices, such as conversion
>from 3270 BSC-3 (Datapac 3303 DSI/DSP) to physical unit type 2 (SNA 3270 SDLC
representation), and ASCII/asynchronous (Datapac 3101) to physical unit type 1
(SNA ASCII SDLC representation). These SNA conversion features allow the
customer to convert his host environment to SNA without modifying or replacing
his existing terminal/device population. DAS also provides an extended
conversion feature for 3270 devices that modifies the incoming data (3270) to
an ASCII/asynchronous datastream and re-routes the traffic into the Datapac
network. Thus providing external ASCII database access to the 3270 device
population.

Other DAS features include multiple host support, transparent path, host to
network callout, extended console routines, code conversion, etc.

Datapac International provides outgoing and incoming access to 6 U.S. based
Networks and to over 100 packet-switched networks around the world. To
successfully complete such calls, Datapac has implemented the International
CCITT X.75 procedures and X.121 International numbering plan. Thus, the
Datapac user originating an international call must use the following format:

(1) (DNIC) (FOREIGN ADDRESS)
: : :
One defines the Datapac International.: : :
Prefix. : :
: :
Packet networks are identified by a ........: :
four digit number called a DNIC :
(data network identification code) :
:
The foreign national address is .......................:
expressed as an eight to ten digit
address.

Calls to international networks, other than those to the U.S., must be pre-
paid; that is, placed from dedicated or private dial access, m

The packet size for an international call must be 128 characters.

On both the Summary and Detailed Usage Statements, Service Type (ST) codes
are used to identify the type of Datapac service involved with a particular
address.

Service Service
Type Description
Code

00 U.S. and overseas
01 3000 Dedicated
02 3101 De Private Dial (300-1200 bps)
04* " Pub05 06 " Out -Dial
07 3201 Shared
08 3303 BSC (DSP)
09 3304 MLI
112 " " Private12 " " P14 3101 Dedicat1
16* " Public Dial (2.4Kbps)
18 3000 Public Dial
19 3303 SDLC (Terminal)
20 3201 Dedicated
21 3303 SDLC (Multihost)
25 3303 SNA/SDLC - Private and Dedicated
26 3001 Enhanced Datapac 3000 Dial trial for off-net in-dial
27 3002 Enhanced Datapac 3000 Dial trial for off-net out-dial

On the Detailed Usage Statement, a code is used to indicate the class of
the call set-up associated with the associated accounting record of a call.
The following codes are used; C Regular call set-up - A call set-up charge
applies; CP Priority Call set-up - A call set-up charge applies; N No call
set-up - A call set-up charge DOES NOT apply and NP Priority no call set-up - A
call set-up charge DOES NOT apply.

On the Detailed Usage Statement, a code is used to describe the reason a
particular call cleared.

At the present time a 3 number code is being used. This will be replaced
by a 2 character alpha-numeric code in mid-1991.

A call set-up charge applies to those clear codes denoted by an *

Clear Code Description

000 00 Trunk network congested
001 01 DSR is invalid
002 02 DSR cannot be reached
003 03 TM not responding
004 04 Address not in tree
005 05 Service down
006 06 Address served not in tree
007 07 Addressed service not ready
010 0A CPM busy
013 0D CPM busy
015 0F Out of norm state - reset
160 A0 Trunk network congested
161 A1 DSR invalid
162 A2 DSR unreachable
163 A3 Time out
164 A4 Address not in tree
165 A5 Service down
166 A6 Network address not found
167 * A7 Addressed service not ready
173 AD CPM busy
174 AE Reset address error
175 AF Reset state error
176 * B0 Local user clear (see note)
177 * B1 Remote user clear
178 B2 Close request from above
179 * B3 Local procedure error
180 * B4 Remote procedure error
181 B5 Message not wanted
182 B6 Packet not wanted
183 B7 CPM shot
184 B8 Call collision
185 B9 Network congestion
186 BA Common block fail
187 BB Local block fail
189 BD Invalid call
190 BE Incoming call prohibited
193 * C1 Local clear before remote accepted
194 C2 X.75 call to clear
195 C3 X.75 reset to clear
196 C4 NUI barred
198 C6 RPOA required
199 C7 RPOA invalid
208 D0 Packet network address error
209 D1 Service not up
210 D2 Service to go down
212 D3 No links up
212 D4 Links restarting
213 * D5 Link out of service
214 D6 No more calls
215 D7 Invalid logical channel number
216 * D8 No free logical channels at called address
217 D9 Nonexistent CUP
218 DA Failure to set up CUP
219 DB Application processor busy
220 DC No application processor
221 DD Maximum number of facilities exceeded
222 * DE Collect call refused
223 DF CUG violation
224 E0 Illegal facility
225 E1 LRC fail
226 E2 Service coming up
227 E3 Service not up

Clear code 176 (B0) can also indicate a record was generated by the network
for accounting purposes. This is most often associated with PVCs or long calls
with a greater than 12 hour duration. The class for this type of record would
be N or NP.

In addition to the fixed monthly rates for Datapac access lines and
options, the following charges apply: Internetwork Usage Rates and Holding Time
Charges

$/HOUR FOR $/HOUR FOR
$/KS $/KS US ORIGINATED CDN. ORIGINATED
NETWORK DNIC DP3000 DP3101 CALLS CALLS

ACCUNET 3134 $ 2.65 $ 3.90 $ 2.00 DED. = $2.00
PUB. DIAL = $3.80
AUTONET 3126 $ 3.75 $ 5.10 $ 5.10 DED. = $0.60
PUB. DIAL = $2.40
BT TYMNET 3106 $ 2.75 $ 5.00 $ 5.60 DED. = $0.60
PUB. DIAL = $2.40
FEDEX 3138 $ 2.75 $ 5.10 $ 6.30 DED. = $0.60
3150 PUB. DIAL = $2.40
NET EXPRESS 3139 $ 2.50 N/A $ 0.60 DED. = $0.60
WESTERN 3101 $ 2.50 $ 5.00 $ 1.85 DED. = $0.60
UNION 3124 PUB.DIAL = $2.40
SPRINTNET 3120 $ 2.75 $ 5.10 $ 6.30 DED. = $0.60
PUB. DIAL = $2.40

(NOTE: DATAPAC 3303 (SDLC) IS ALSO SUPPORTED THROUGH SPRINTNET DP 3303 $/KS =
$5.90 $/HR = NIL )

Notes:
(1) Packet Assembler/Disassembler (PAD) charges are included each band.
(2) Each individual call is rounded up to the next higher minute
(3) Usage charges are calculated on a per Kilo-segment basis. A KS is 1000
segments; each segment is up to 128 characters.

In addition to the fixed monthly rates for U.S. access lines, the
following charges apply: Internetwork Usage Rates and Holding Time Charges

NETWORK DNIC $/KS $/KS $/HOUR FOR $/HOUR FOR
DP3000 DP3101 US ORIGINATED CDN. ORIGINATED
CALLS CALLS

ACCUNET 3134 $ 2.25 $ 3.25 $ 1.80 DED. $1.80
PUB. DIAL = $3.25
AUTONET 3126 $ 0.12 $ 0.15 $ 4.50 DED. = $0.60
(kchar) (kchar) PUB. DIAL = $2.40
BT TYMNET 3106 $ 0.07 $ 0.12 $ 4.98 DED. = $0.48
(kchar) (kchar) PUB. DIAL = $1.92
FEDEX 3138 $ 1.50 ( 0-1000 ks) $ 6.00 Not applicable
$ 1.40 (1001-2999 ks)
$ 1.30 (3000- + ks)
NET EXPRESS 3139 $2.00 N/A $ 0.30 DED. = $0.48
WESTERN UNION 3101 (Not available...)
SPRINTNET 3120 $ 2.35 $ 5.10 DED. = $0.60 DED. = $0.60
DIAL = $5.10 PUB. DIAL = $2.40

(NOTE: SDLC SERVICE IS ALSO SUPPORTED THROUGH SPRINTNET) DP 3303 $/KS = $4.80
$/HR = NIL)

Notes: All above rates are in U.S. Currency
(1) These charges represent both Datapac and selected U.S. Network holding
time charges.
(2) BT Tymnet cannot currently make sent-paid calls, but will be able to do so
shortly.

The Datapac outdial service is available in eighteen major centers (DPSA's)
are being served by outdial. They are: Vancouver, Calgary, Edmonton, Regina,
Saskatoon, Winnipeg, Toronto, Clarkson, London, Windsor, Kitchener, Hamilton,
Ottawa, Montreal, Quebec, Halifax, Saint John (NB) and St John's (Nfld) and is
only available at 300 and 1200 BPS.

The outdial port uses profile 6, except that the user of the is allowed to
escape to command mode by using outdial port "
Control P". The destination
terminal must be set at even parity in order to receive the outdial call. Once
connected, Datapac 3000 users can set and read the remote ITI parameters by
sending level 1 packets (X.29).

Establish a call to Datapac via a dedicated or dial-in access. Note: If
using a dial-in access, a network user identifier (NUI) must be activated
before establishing the call. Enter the address of the outdial port. Datapac
will respond with the following:

DATAPAC: call connected
ENTER DESTINATION TELEPHONE NUMBER/ENTRER LE
NUMERO DE TELEPHONE DU DESTINAIRE

Enter the 7-digit telephone number (Local) of the destination terminal.
Datapac will respond with the following:

DIALING/COMPOSITION DU NUMERO (XXX-XXXX)

Printing the destination telephone number as it is dialed. Datapac will
then indicate:

RINGING/SONNERIE

as the modem detects ringback tone. When the destination modem answers the
call, Datapac will send the following message to the originating end:

CALL CONNECTED/COMMUNICATION ETABLIE

then proceed with your call. To clear a call upon completion, enter the clear
command:

(Control P) Clear <Enter>

Datapac will respond with the following:

DATAPAC: call cleared - remote Note: If you have used a NUI to place the ca
the network with the command:

NUI Off <Enter>

Datapac will respond with the following:

DATAPAC: network user identifier not active

Well I have talked about Datapac outdials know I will include a list of
outdial ports for the 18 cities that I mentioned above. Well here's the list.

Calgary (ALTA) 300 63300900
1200 63300901
Clarkson (ONT) 300 91900900
1200 91900901
Edmonton (ALTA) 300 58700900
1200 58700901
Halifax (NS) 300 76101900
1200 76101901
Hamilton (ONT) 300 38500900
1200 38500901
Kitchener (ONT) 300 33400900
1200 33400901
London (ONT) 300 35600900
1200 35600901
Montreal (QUE) 300 82700902
1200 82700903
Ottawa (ONT) 300 85700901
1200 85700902
Quebec City (QUE) 300 48400900
1200 48400901
Regina (SASK) 300 72100900
1200 72100901
St-John's (NB) 300 74600900
1200 74600901
Saskatoon (SASK) 300 71200900
1200 71200901
St. John (NFLD) 300 78100900
1200 78100901
Toronto (ONT) 300 91600901
1200 91600902
Vancouver (BC) 300 67100900
1200 67100901
Windsor (ONT) 300 29500900
1200 29500901
Winnipeg (MAN) 300 69200902
1200 69200901

You want to hack a system on Datapac. So you decided to call and it
connects onto the NUA you want, but you find you are having troubles getting
the system to recognize your input. So here are some answers to some common
problems people find when connecting to systems.

The screen remains blank A physical link has failed - check the cables
between computer, modem and phone line. The remote modem needs waking up -
send a <CR> or failing that, a ENQ <Ctrl> E, character The remote modem is
operati

  
ng at a different speed. Some modems can be brought up to speed by
hitting successive <CR>'s; they usually begin at 120 Bps and then go to 300,
and so on up the ladder. The remote is not working at V21 standards, either
because it is different CCITT standard. Since different standards tend to have
different wake-up tones which are easily recognized with practice, you may be
able to spot what is happening. If you are calling a North American service
you should assume Bell tones. Both your modem and that of the remote service
are in answer or in originate and so cannot speak to each other. Always assume
you are in the originate mode.

The screen fills with random characters. Data format different from your
defaults - check 7 or 8 bit characters, even/odd parity, stop and start bits.
Mismatch of characters owing to misdefined protocol - check start/stop, try
alternatively EOB/ACK and XON/XOFF. Remote computer operating at a different
speed from you - try in order, 120, 300, 600, 1200, 2400, 4800, 9600, 14400,
19200, 38400. Poor physical connection - if using an acoustic coupler check
location of handset, if not, listen on line to see if it is noisy or crossed.
The remote service is not using ASCII/International Alphabet No 5.

Every character appears twice. You are actually in half-duplex mode and
the remote computer as well as your own are both sending characters to your
screen - switch to full-duplex/echo o All information appears on only one li
has the facility, enable it to induce carriage returns when each display line
is filled. many online services and public dial-up ports let you configure the
remote port to send carriage returns and vary line length. Your software may
have a facility to show control characters, in which case you will see <Ctrl>-K
is the remote service is sending carriage returns.

Most of the display makes sense, but every so often it becomes garbled.
You have intermittent line noise - check if you can command line the remote
computer to send the same stream again and see if you get the garbling. The
remote service is sending graphics instructions which your computer and
software can't resolve.

The display contains recognized characters in definite groupings, but
otherwise makes no sense. The data is intended for an intelligent terminal
which will combine the transmitted data with a local program so that it makes
sense. The data is intended for batch processing. The data is encrypted.

Data seems to come from the remote computer in jerky bursts rather than as
a smooth stream. If you are using PSS or a similar packet-switched service and
it is near peak business hours either in your time zone or in that of the host
you are accessing, the effect is due to heavy packet traffic. There is nothing
you can do - do not send extra commands to speed up twill arrive at the host ev
Most of the time everything works smoothly, but I can't get past certain
prompts. The remote servr computenormally generate - check your terminal softw
sending them.

The following is a list of acronyms and terms which are often referred to
in this document and others dealing with this subject.

ACP - Adapter/Concentrator of Packets.
ASCII - American Standard Code for Information Interchange alternate name for
International Telegraph Alphabet No 5 - 7 bit code to symbolize common
characters and comms instructions, usually transmitted as 8 bit code to
include a parity bit.
Asynchronous - Description of communications which rely on start and stop bits
synchronize originator and receiver of data = hence asynchronous protocols,
channels, modems, terminals, etc.
Call Accept - In packet switching, the packet that confirms the party is
willing to proceed with the call.
Call Redirection - In packet switching, allows call to automatically
redirected from original address to another, nominated address.
Call Request - In packet switching, packet sent to initiate a datacall.
Closed User Group - A type of high security NUI in use on several PSNs
throughout the world. CUG users can access optional parameters and NUAs
blocked out by security.
CUG - Closed User Group.
Data Circuit Terminating Equipment - Officalese for modems.
Data Country Code - The first three digits in the four digits of any given
DNIC.
Data Network Identifier Code - The four digits which come before the area
code/address/port address of any given NUA. The DNIC shows which PSN any
given host is based upon. The DNIC can also be broken down into two parts,
the DCC and the NC. For more information, see part VIII.
Data Terminal Equipment - Officalese for computers.
DCC - Data Country Code.
DCE - Data circuit terminating equipment.
Destination Paid Call - A collect call to a NUA which accepts collect charges.
DNIC - Data Network Identifier Code.
DTE - Data Terminal Equipment.
DTE Address - The five digits following the area code of the host on any given
NUA. For example, the NUA 234122345678 has a DTE address of 45678.
Gateway - A host on a given PSN which is connected both the the originating PSN
and one or more different or same PSN's. Gateways also allow one user on
one PSN the ability to move to another PSN and operate on the second as if
the first was not interfering.
Host - Any system accessible by NUA on the PSN.
Hunt/Confirm Sequence - String of characters sent to the SprintNet POTS
dialin/port which allows SprintNet to determine the speed and data type to
translate to on its PAD.
ITI Parameters - Online PAD parameters (X.3 or ITI) which allow the user to
modify existing physical measurements of packet length and otherwise.
LAN - Local Area Network.
Local Area Network - A data network which operates within the confines of an
office building or other physical structure where several computers are
linked together into a network in order to share data, hardware, resources,
etc. These may or may not own a host address on any data network, and if
so, may be accessed via NUA; otherwise direct dialin is the only
alternative.
NC - Network Code.
NCP - Nodes of Communication of Packets.
Network Code - The fourth digit of any given PSN's DNIC.
Network Protocol - The hardware protocol which allows the host systems to
communicate efficiently with the PSN it is connected to. Generally,
synchronous protocols (X.??) are used within the network and asynchronous
protocols (V.??) are used to access the network, but asynchronous protocols
within the network and/or synchronous dialin points are not unheard of.
The standard protocol for packet transfer today is the X.25 synchronous
data protocol. For detailed information, please see part V and Appendix F.
Network User Address - The address of any given host system on any PSN. This
address is thought of as a "phone number" which is dialed to access the
desired host.
Network User Identifier - The ID and password which allow the user which has
logged onto the PSN's PAD to originate calls to host systems which do not
accept collect calls. it is often thought of as a "k0de" or a calling card
which will be billed for at the end of every month.
NUA - Network User Address.
NUI - Network User Identifier.
Outdial - Any system which allows local, national, or international dialing
from the host system. PC-Pursuit can be defined as a local outdial system.
Most outdials operate using the Hayes AT command set and others may be menu
oriented.
Packet Assembler/Disassembler - The device/host which translates the actual
input/output between the host and the user. The PAD often translates
between baud rates, parities, data bits, stop bits, hardware protocols, and
other hardware dependant data which reduces the hassle of continual
modification of terminal and hardware parameters local to the originating
terminal.
Packet Switched Exchange - Enables packet switching in a network.
Packet Switched Network - A network based upon the principle of packet
switching, which is the input/output of packets to and from the PAD which
translates input and output between the user and the host. For detailed
information, please see part IV.
Packet Switched System - Another name for the PSN.
Packet Switch Stream - The PSN used by British Telecom.
PAD Delay - The extra time that is used to translate incoming and outgoing
packets of data which is composed of a continuous stream of clear-to-send
and ready-to-send signals. PAD delay can vary depending on the type of
network protocol and network/port speed is being used.
PAD - Packet Assembler/Disassembler (technical), Public Access Device (customer
service description).
PDN - Public Data Network or Private Data Network.
Port Address - The two optional digits at the end of any given NUA which allow
the PAD/PSN to access a given port. For example, 131202129922255 would
reach the NUA 31202129922255, 55 being the port address.
Private Data Network - Any network (LAN/WAN/PSN) which is owned and operated by
a private company. Private networks are usually smaller than public
networks and may host a myriad of features such as gateways to other
public/private networks, servers, or outdials.
PSE - Packet Switch Exchange.
PSN - Packet Switched Network.
PSS - Packet Switch Stream or Packet Switched System.
PTSN - Public Switched Telephone Network.
Public Data Network - Another name for the PSN.
Public Switched Telephone Network - The voice grade telephone network dialed
from a phone. Contrast with leased lines, digital networks, conditioned
lines.
Server - A type of network which is connected to a host system which can be
reached either via NUA or direct dial which provides the "brain" for a LAN
or WAN.
V.?? - Asynchronous network protocol.
V1 - Power levels for data transmission over telephone lines.
V3 - International Alphabet No 5 (ASCII).
V4 - General structure of signals of IA5 code for data transmission over public
telephone network.
V5 - Standardization of modulation rates and data signalling rates for
synchronous transmission in general switched network.
V6 - Standardization of modulation rates and data signalling rates for
synchronous transmission on leased circuits.
V13 - Answerback simulator.
V15 - Use of acoustic coupling for data transmission.
V19 - Modems for parallel data transmission using telephone signalling
frequencies.
V20 - Parallel data transmission modems standardized for universal use in the
general switched telephone network.
V21 - 300 bps modem standarized.
V22 - 1200 bps full duplex 2-wire modem for PTSN.
V22 bis - 2400 bps full duplex 2-wire modem for PTSN.
V23 - 600/1200 bps modem for PTSN.
V24 - List of definitions for interchange circuits between data terminal
equipment and data circuit terminating equipment.
V25 - Automatic calling and/or answering equipment on PTSN.
V26 - 2400 bps mode on 4-wire circuit.
V26 bis - 2400/1200 bps modem for PTSN.
V27 - 4800 bps modem for leased circuits.
V27 bis - 4800 bps modem (equalized) for leased circuits.
V27 ter - 4800 bps modem for PTSN.
V29 - 9600 bps modem for leased circuits.
V35 - Data transmission at 48 kbps using 60-108 kHz band circuits.
V42 - Combined error correction and data compression standard to give 9600 bps
on dial-up lines.
WAN - Wide Area Network.
Wide Area Network - A data network which operates on a continuous link basis as
opposed to the packet switched basis. These do not operate on the X.25
protocol and may only be accessed via direct-dial or a host on a PSN which
is linked with the WAN.
X.?? - Generally symbolizes some type of synchronous network protocol.
X1 - International user classes of services in public data networks.
X2 - International user facilities in public data networks.
X3 - Packet assembly/disassembly facility (PAD).
X4 - General structure of signals of IA5 code for transmission over public data
networks.
X20 - Interface between data terminal equipment and a data circuit terminating
equipment for start stop transmission services on public data networks.
X20 bis - V21 compatible interface.
X21 - Interface for synchronous operation.
X25 - Interface between data terminal equipment and data circuit terminating
equipment for terminals operating in the packet switch mode on public data
networks.
X28 - DTE/DCE interface for start/stop mode terminal equipment accessing a
PAD on a public data network.
X29 - Procedures for exchange of control information and user data between a
packet modem DTE and a PAD X95 - Network parameters in public data
networks.
X96 - Call process signals in public data networks X121 - International
addressing scheme for PDN's.
X400 - Standards for electronic mail, covering addressing and presentation.

Some interesting books I think you should read that are related to
Phreaking & Hacking:

Cyberpunk - Outlaws And Hackers On The Computer Frontier, By Katie Hafner And
John Markoff, Simon And Schuster Incorporated, Simon And Schuster Building,
Rockefeller Center, 1230 Avenue Of The Americas, New York City, NY 10020, 1991,
368 Pages

Data Theft, By Hugo Cornwall, Mandarin Paperbacks, Michelin House, 81 Fulham
Road, London, England SW3 6RB, 1989, 402 pages

Hacker's - Heros Of The Computer Revolution, By Steven Levy, Bantam Doubleday
Dell Publishing Group Incorporated, 666 Fifth Avenue, New York City, New York
10103, 1985, 448 Pages

New Hacker's Handbook, By Hugo Cornwall, Century Hutchinson Limited,
Brookmount House, 62-65 Chandos Place, Covent Garden, London, England WC2N 4NW,
1989, 194 pages

The Cuckoo's Egg, By Cliff Stoll, Pocket Books A Division Of Simon And Schuster
Incorporated, Simon And Schuster Building, Rockefeller Center, 1230 Avenue Of
The Americas, New York City, NY 10020, 1990, 356 Pages

The Hacker's Handbook, By Hugo Cornwall, E Author Brown Company, 3404 Pawnee
Drive, Alexandia, MN 56308, 1986, 186 Pages


------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 8 of 11

The Lost Avenger/Wiz Kid Bust

By Black Manta & The Lost Avenger


As some of you may know Wiz Kid and I got busted in Jan of 1991 for
Theft of Telecommunications times three and Illegal Use Of A Computer. The
theft of telecommunications was for a couple conference calls that they
did. One of the conference calls was on the Saturday, which went through
without any problems, and the other two were on Sunday. The first one on
Sunday was screwed up totally since we couldn't make any overseas calls.
We should of know something funny was going on and should of left but
instead we set up another one from the same location and in turn got
busted. Oh well that's li a half inch diskette on me with a bunch of o
related stuff. Oh well enough of this bullshit here's the complete story
as told as it happened by Black Manta, The Lost Avenger and Wiz Kid.

On Sunday January 27th 1991 at approximately 12pm, The Lost Avenger
and John Medica aka: Crackerjack, Wrath Child, Byte Bandit, Wiz Kid &
Heavy Dee were caught for Theft Of Telecommunications (Conference call
with a Bell calling card). The call consisted of: LD calls made to
Australia, U.S., France, Denmark etc.. 2 Bomb threats were made to the
White House in Washington D.C., and in Australia crank calls were made to
a Drug information center + Pizza Hut (Pathetic!).

The whole of the calls, were recorded on tape. "Anybody on the line
that said anything about P\H\C or pirating, might be in danger." -- TLA
Also when caught, TLA had a 'Black Book', which consisted of Pirate BBS
numbers, and home phone numbers & names of at least 150 pirates (You
might well be on it!). So be very careful about what your hard drive
consists of.. Since a statement was made, that all the people on the
list would be visited and checked. (Somehow I think this is bullshit!)
But regarding of the seriousness of the incident, I would be careful from
now on. On the 28th TLA, and JM where sent to court at old city hall
in Toronto, Ontario. They got set for another court date, which took
place shortly after the fist, on the 30th of January. Now I write this
file right after arriving from court with TLA. Also Morkoth, and an
other unnamed person were attending the session. Nothing much was
happening there, except for a quick overview of the situation. Then yet
another court date was set for March 4th, 1991. At College Park At
College and Yonge, at 10am in Room 503. Pirates are not advised to
attend it because of previous experiences. One of the Cops who arrested
TLA started questioning me and the others, and said "So you must be
hackers too, you will be found out about on the list (of numbers)".

Here is an exclusive intervi BM: So what happened, from your p
TLA: We were sitting there, talking on the phone. We were faced towards
the alcove at Royal York Hotel. And then two uniform & and two
detectives appeared from no where and arrested us. They took the
phones out of our hands, and and put handcuffs on me and JM. They
then look through the notes I had on me and gave me my rights. They
then shoved us into a Cop car outside the hotel (Boy was it every
cramped in the back. My fucking knees where up near the top of the
cage). If you don't know what a police car inside is like here's a
short description. It's a normal car, but back behind the two front
seats is a cage so you can't hit or do anything to the cops in
front. But with handcuffs on its even worse. Oh well. Anyways back
to the story. They took us down to 52 Division and we each sat
around in little room (one room for each of us). They came in did a
strip search on me. They left the room and for the next couple of
hours they came in and out asking me questions and shit, this lasted
to approximately 2:30am Sunday morning. They then brought me
downstairs and finger printed me and took a picture of me and
Released on a Form 10 (A Promise To Appear Form). I was released
at approximately 3:15am and to court the next day also for 1
station most likely all that night as he had other charges against
him. I was sure happy to get home. I went to court the next day
(At Old City Hall) a another court date up On Wednesday Janua
time). Then on Wednesday I went to court again (At Old City Hall
Again) and again it was to set up another court date appearance for
today (Thursday Febru991). Today I went to court (At College
Park) and again another fucking court date was set up. This time
for March 4 at College Park (again) at 10am, Room 503. What a pile
of shit three times and it was for diddly twat (what a major waste
of time). If you want to come to the next trial please feel free to
come to it but just be warned to watch out and becareful. Anyways
that's what happen up to today.

I thank TLA for that interview. (He wrote it himself).

So here you see, You are never too good to get caught, TLA was
considered an expert at what he was doing, and still the long hand of
law caught him. So be warned in the future..

-- Black Manta, Feb 7th 1991.


Yesterday, March the 4th. Was TLA's, and Whiz Kid's fourth time at
court. This time they actually got on trail! Here's a quick overview of
what happened in the courtroom:

TLA and WK were called up to the stand.. The accusation loud, and i
by request) and John Medica we're caught at Royal York hotel for misusing
Bell Canada wire's with a unauthorized calling card number. The cost of
the calls made summed up to no less than a thousand dollars."

The lady who was reading it out, repeated it about 3-4 times. I have
no clue as to why, but, all I can say is that it got hard to hold your
laugh. Sounded like the record player kept on repeating the same track..
After she had taken her time, and finally realized that she had already
read it numerous times, she then asked the two guys, who were shitting
bricks buy now.. "What do you plead?", TLA replied "Hmm, Guilty I guess",
Medica blurted out loudly and proudly "GUILTY" like he was the jury or
something...

After this the judge issued the date of sentence, and told TLA and JM
to visit the probation officer. This didn't come too easy though..
Me, my friend, TLA, and JM found ourselves sitting in the front hallway of
the courthouse, waiting, waiting, and waiting, that the stupid idiot in
the this little office would get the papers done (I don't understand what
these papers were, but the probation officer wanted them before he'd talk
to the two guys). yet another hour passed by, but no papers were done.
kind person in the office to hurry it up.. And then we were all hit by
shock, when he said that they never even started to make them. Because
the the lawyer had already cleared it up, all of 3 hours ago.
We then found out that it had all been John's fault, he was told what to do
by the lawyer before he left, but must have been picking his ear at the
time or something.. So, we gave Mcfly a big lecture, and then kicked his
ass into the probation office.

Everything then got cleared up. TLA that night called his lawyer, and
was told that the sentence would not be very rough at all.. Nothing like
going to jail, or paying a huge fine.. Just community work, or something.
John in the other hand is probably heading to the slammer, because of his
previous offenses.

But, to see exactly what happens to TLA, PLEASE! Attend the final
court date on April 17th - 1991. (What happened to those people that were
supposed to be there yesterday!!). College Park provincial court (Get off
at College if using the subway) Room 503, at 10 o'clock am.

-- Black Manta --
-=March 5th - 1991=-


TLA here... Ok it is now one year later, today's date is March 25,
1992. We never did write a final edition to this so I will report on what
happened that final court date, and all the events that happened there
after Wiz Kid and I went to court on the 17th of April, 1991.

It was the day that we were going to find out what was going to happen
to us. What happened in court is our lawyer talked to the judge in the
court jargon (didn't know what they where talking about), and then the
judge called JM (he stood up). The judge read him his sentence. What we
got was a suspended sentence in that we have to do 100 hours community
service (10 hours per month) and 2 years probation, and if we didn't do
this we could wind up in court again on the same charges (that's all I
wanted...to waste more of my time in court). After the judge ready JM his
sentence the judge then proceeded to called me (I had to stand
up...whoopie), and read the same sentence to me. Well to make a long story
into a short one, (I don't really want to write about everything that
happened in court that day as it world take forever to write and I don't
really remember exactly what happened and don't really care to either).

We have both finished our community service within the designated time
period specified by the judge. But we still have just under 1 year of
probation left to do (which is a major waste of my valuable time in
which I could be hacking). At least we got off basically and won't have a
criminal record.

Another thing I have found is my probation officer is cool compared to
the one JM has. There was also one more subclause on our sentence which
was there is no making of Long Distance calls (argh..). Well JM's
probation officer makes him brings his telephone bill in every time he sees
her which once every month, while I don't have to (she doesn't even ask me
if I make any LD calls and if she does I say no even though I did make a
couple. (I do pay for LD calls every once in a while when I have nothing
else to phreak with).

Another thing I have found is that for a couple of months I didn't
bother doing my community service. While I could of been charged but
neither my community service officer nor my probation officer bothered
doing anything. All they did was sit on there ass and just told me to
start doing some or else they would charge with Breech Of Probation..
(whoppie). But I have met other people who didn't do community service for
a while and got charged (they got even more community service..). One
last thing I found interesting about my probation officer is that sometimes
I would forget to go to a probation checkup (which I have to go an see her
every month) or even sometimes I would go on the wrong day and the bitch
wouldn't even give a flying fuck. This give you an idea how screwed up
and laided back the Corrections system here in Canada, also it tells you
that my probation officer is really lazy and doesn't give a shit what
clients do and she's getting paid for doing it too.

Ah well I will be glad when this is all over. If you ever do get
busted just pray to god that you are as lucky as we were. Well that's it
for now, I want to go and do some hacking on Datapac (hahaha). Talk to
you all later.

The Lost Avenger/UPi
- March 25, 1992 -


This will give you some idea of what happened before the conference
bust. It was cold winters day, I was leaning back on my chair upstairs in
my room sitting around my three computers. One of them hacking CallNet (a
local PBX company) and second system hacking a 1-800 PBX system, letting my
computer hack day & night, I finally figured out a couple of days later, I
wasn't really getting anywhere.

Shortly later that week on Tuesday evening around 8pm I was walking
downstairs heading towards the kitchen, when I looked through the window
and saw three men walking towards house. I opened the door and there
stood three plain clothes cops. The search warrant was issued and showed
to me. One of the plain clothes cops was standing beside me while I was
standing with my feet to the wall, drinking a two liter bottle of coke and
wondering fuck going on.

Well shortly after one of the cops got chance to talk to my parents
about what was going on. My dad kept screaming "Lock him up!". Sergeant
Gord Rothledge then came up to me and said lets go upstairs John. We then
walked upstairs entering my room, he then proceeded to ask me not to touch
anything. Snap shots of my computer systems, my room and my notes were
taken. Phreaking & hacking related papers, some other computer related
books, and 3 computers were removed from my desk and packed away in
cardboard boxes. These cops made my room into a war zone, by dumping
everything not bolted down into the center of the room.

They then proceeded downstairs. Two of the men where from the Metro
Police Criminal Investigations (Fraud Squad) and the other was a Manager of
Bell Securities, Walter Heapy. They was a couple of laughs here and there
about how I hard-wired the phone line so I had a phone extension in my
room. Shortly after I was dragged into private room, in which I picked my
parents room. We then sat down and they explained what was going down and
told me the method they used to drag me down. To catch me it took one
year of investigation and 24 hour surveillance by Bell Canada and Metro
Police. They recorded all numbers that were in-coming and out-going and
all illegal activities I was doing.

The interview was recorded and fortunately couldn't be used in court,
so I didn't have to worry about what I said. Questions were asked such as
how I got started, and certain numbers like CallNet, Video One, Bell
Cellular, Cantel Cellular and other numbers which I said I didn't remember
every using them. If you know what I had, this guy had twice as much.
All numbers were reordered (in-coming and out-going), the time and date of
the calls and even the duration of the call. You name it the assholes had
me nailed to the wall. About an hour later after the interview we returned
back to my room and there was some talk between my parents and the cops.
After that they took all the stuff they packed away and left my house.

A few days later during the morning, I got a call, asking if I could
come down to the Metro Police Headquarters. I went down to there and sat
down on a bench waiting to be called. A little while later I was then
called and dragged up a flight of stairs, and thrown into a chair. Well so
far, so good, one of the other officers I saw a few days earlier popped in
and said 'Hello'. He seemed to be an ok guy. Shortly after that two men
entered the room and closed the door and started asking questions. I
played stupid to the questions. The sergeant left the room and the other
officers kept asking me questions. This went on, and on, and on (it
seemed like forever). They kept giving bullshit as I didn't know anything.
The sergeant came back in the room with a cardboard box with cables, notes
and books packed to the rim. I went through the cardboard box to see if I
could recognized anything.

They read me my rights and took me downstairs. Before leaving the
headquarters they asked me if I had any sharp articles on me in which I
replied "No". They stuck in the back of a police car and drove me to the
Old City Hall Jail. Once we arrived at the Old City Hall Jail they strip
searched me and then put in a jail cell. After waiting five hours in a
dingy jail cell they called my name. A cop opened the cell door and
escorted me down a small through the side cell into a doorway which led to
a small box looking towards the side of the cell. They called up the case
and discussed it for a couple minutes. After that I was escorted to a
different jail cell and shoved back into it. While waiting in the jail
cell the cops were working on my paper work. After waiting for another
hour and a half they released me on my own free will.

During the hours of 8pm on January 26 we headed down to the Royal York
Hotel. TLA kept bugging me about making a phone call, well, ok fine, so we
headed towards a payphone in the hotel up in the upstairs lobby. He made
the call and after he hung up we decided that we would fuck around for a
sometime more. After fucking around for an hour or so. We decided we
would head back to the lobby of the Royal York Hotel.

Shortly after returning to the Royal York Hotel, we were looking
around the main upstairs lobby and noticed and the end of one side of the
lobby just outside the short hallway was a restaurant. Outside the
restaurant was a bellboy standing around looking bored as hell. So we
decided to talk him and give him something interesting to do.

Wiz Kid> Hey guy, how's it going.
BellBoy> Ok.
Wiz Kid> Hmm ok.
TLA > (doesn't know to say.)
Wiz Kid> Food good.
Bellboy> Yes.
Wiz Kid> Comment->TLA must be mid 30's.
Wiz Kid> Expensive? (Guy must think some tourist from another country.)
BellBoy> Well,.. Not really.
TLA > What kind food you guy's have? What kind food you serve?
(Can't remember exactly what was said.)
Wiz KID> Huh! Ok. Hmm, ya ok.
TLA > (Laughs)
Wiz Kid> (Smiles)

We then returned back to the short lobby and TLA then made a call to
Australia. He talked to a friend of his for about an hour and then hung
up since his friend had to go out. We left the short hallway and returned
to main lobby of hotel. We then were trying to decide what to do next.
TLA had idea, he wanted to go up to the 21th floor and take a look around.
Heck, why not browse around what harm can that do? Anyways during the way
up 21th floor the elevator stopped at 15th floor and a couple joined us in
the ride up. Talk about feeling like right at home 'Shezz' their where in
bath robs. TLA and I just laughed and we wondered about each other
thoughts.

Well seems they were just going for dip! Well they seemed to be a
nice couple. We got chance to talk each other on the way up asked them
where their from and shit like that. Anyways TLA then changed his mind,
and decided to go to the 23th floor. Well, nothing really to see, but just
then we got stopped by security guard, asking us if we guests or looking
for someone. Well, TLA replied we were guests. The security guard said
can I see your pass. My reply to the security guard we looking for some
one who staying here. The security guard asked what room are they in. My
reply was that we weren't to not sure. Security Guard then replied "Leave
this floor or you will be charged with trespassing." Our reply to that was
"Yah right, fuck you buddy".

We then headed back to the 20th floor. We called downstairs from
an in-house phone just for the fuck of it and tried to get an outside line.
We got the hotel operator and asked here if she can dial number for us.
Her reply was you're calling from in-house phone you have to call from your
room. Well, we then headed down the hall and up a flight of stairs. Hmm
people must be having a party up here. Well nothing really interesting to
see. We walked down another hall and to another staircase leading to the
pool. We checked out the pool for a while and decided to go back down the
elevator an back to the main lobby. From the main lobby we walked down
another flight stairs to lower floor of the hotel. We came across another
batch of in-house phone's and TLA started fucking around with those for a
bit. We then started walking back upstairs and proceeded to walk back to
little hallway. We stayed in the little hallway for a while talking to
each other about various things and screwing around with the phones (both
the in-house and payphones).

Ten minutes later a tourist bitch entered the hall from the outside
main lobby, and started to use the phone next booth over from us. Well,
knowing me I looked over her shoulder and low and behold their was a
calling card facing towards the other side of the phone booth. After
jumping up and down and yelling grabbing a pen and piece of paper from
TLA. I looked through a crack trying to find out the numbers on the
calling card. I started writing the numbers of the calling card down but
about one minute later while still trying to get the full number written
down the bitch started moving around which made it harder to the complete
number.

TLA then took a crack at getting the calling card number. Well a
minute went by and all you could here was 'Click, Click'. Which was TLA
hitting the pen on his teeth while leaning back making it look like he was
using the phone. Well it's hard to remember everything did happened but
that's most of it. We did finally get the calling card to work after a
couple of tries. Shortly after 10pm we headed towards to Union Station
which is almost right beside the Royal York Hotel. For those who don't
know what Union Station is, it's basically nothing but seats where you sit
around doing nothing except for waiting for either a Via Rail Train, Go
Train or TTC Subway. But knowing Toronto it's a bum hang out for quick a
buck.

Walking through the doors of Union Station's Go-Train waiting platform
from the Royal York Hotel we came upon a set of payphones. Anyways now it
came the time to decide who was going to start the conference. Well it
turned out to be me. The conference that night wasn't too bad. There was
couple of overseas people as well a some US and even some local people on
the conference. Over two hours worth of conference calls with TLA having
the control what can go wrong.

At approximately 12:30am a security guard from the CN Police came to
us and and asked us to finish our calls since they wanted to close the
station down. Well TLA kept on talking and talking and not bothering to
listen to what the CN security guard had to say. It seemed like there was
never going to be a end to TLA's talking. Well the CN security guard came
back to us after five minutes and started yelling at TLA, asking to finish
his call. Finally, TLA wasn't really to happy having to hang up on the
conference, but he did. After hanging up he started yelling and screaming
at the CN security guard. Yelling and screaming at the CN security guard
didn't seem to get us anywhere so we decided to pack it in for the night
and head for home.

Most of what was said earlier by TLA in his story is basically the
same. However, once we arrived at 52 division just after getting busted
there were some differences between what happened to me and what happened
to him. Here's the story of what happened Sunday night when we got busted.
We where sitting down at the payphone faced back to front. We where on
the lower floor of the Royal York Hotel, sitting in a little alcove next to
a flight of stairs leading up to the main lobby. We decided to get
something to eat. Walking down the hall we came to the small restaurant.
I grabbed a Coke, and sandwich and TLA got a Coke and piece of Black
Forest Cake. Well we walked back towards the payphones as sounds of music
and voices was heard in the background coming from a small local bar just
outside the alcove. Walking back to the alcove, we decided who would start
the conference and as it turned out I would start the conference (again).

Operator> "Operator" in a hi pitch voice.
Wiz Kid > "Yes, can I have the conference operator."
Operator> The operators reply "Yes, one moment please".
Operator> Operators reply, "Yes, party calling from a local coin box number
XXX-XXXX, go ahead sir".
Operator> Conference operators reply "Yes sir, can I help you"
Wiz Kid > My reply was "Yes". I proceed to tell her I wanted to set up a
conference call. She proceeded to ask me for my billing
information, in which I gave it to her.

About five minutes later a guest came up the payphone asking if he
could use phone. My reply was sorry I am waiting for a call. He
questioned us what we where up to. TLA and I reply was just screwing
around. Nothing was really said however we did talk him about five
minutes. Shortly after the bitch finally called back with a local phone
number to call. TLA who was standing around looking puzzled and said to me
"Let me control the conference". My reply to that was "Well, I have the
controller's dial-in phone number". Well we compromised and I let him
control the conference. TLA started calling away to everyone who he knew
and even people who he didn't know.

However the first conference we did on Sunday had a problems calling
overseas. TLA called the conference operator inquiring about the trouble
we have with the it. TLA kept and yelling and screaming at the conference
operator. Finally after about five minutes the conference operator asked
him if he would like to re-start the the conference. The reply from the
TLA was "Yes of course I would (stupid bitch)". Well after talking to the
conference operator TLA then came back on the conference and asked
everyone hang up as he was going to restart it. We should of know
something funny was going on when the first conference didn't work but we
didn't realize that until it was too late. The conference got restarted
and TLA started to call everyone back.

Sitting back at the Royal York Hotel everything seem to be going well.
Shortly after around 11pm a hand reached out so quick that TLA and I didn't
know what the fuck was happening. I looked over and TLA and his face
wasn't too happy! The rest of the story told earlier is basically the
same. TLA gave me chance to write about the horror side of my part of the
story. I asked the guy if he was a "Cop". It was a stupid question but
someone had to do it. The guys reply was "Yes". Shortly after we were
escorted down the long hall and outside to a waiting cop car. While
walking down the long hall, people started to stare at us. I guess these
people have never seen anyone get arrested before. They shove us in the
back of an awaiting cop car and they proceeded to drive to 52 Division.

We arrived at 52 division a few minutes later and taken out of the
car and escorted to garage door at the side of 52 division. One of the
officers opened a small phone box, asking the person inside to open the
door. The garage door opened and we proceeded to walk inside. Once inside
an officer then asked us for our names if we know why here for. We were
escorted up some stairs, down a long hallway and put into separate small
white rooms. During the short walk upstairs, small talk broke up between
the officer and me. I kept saying that I have this addiction. The officer
kept on saying "Sure", as he really fucking cared. Some more small talk
then broke up dealing with something to do with ripping off phone company.

Well shortly after fours hours of standing around in white room an
officer then came in asking which articles belong to me well. The only
really thing I had was Cellular Phone, knowing that the 3 1/2" diskette, a
three ring binder, a World Radio Television Handbook, and a garage door
opener belonged to TLA. Walking outside the room the officer then asked
about articles. Looking at long short table I saw my Cellular Phone and
TLA's book, garage door opener, 3 1/2" diskette, and three ring binder.
I then pointer which article belong to me and then was escorted back to the
little white room.

I knew I would be staying for the night. The next day I was escorted
downstairs to a room with steel door with 1 camera faced to the door.
At least I had someone to talk to. Well the person seemed alright. He
was talking away, telling me what the fuck he done explaining he stolen a
leather Jacket from The Bay. Well I explained what the I did, and not
much of a reply was said. A little later I was escorted outside.
Escorting me outside I was handcuffed to 3 people and away we went like
the three stoogies.

Stepping into the back of the paddy wagon we sat down front to front.
Looking outside the back window looking to see where we were going, looking
outside the side window seeing people going to work, thinking to myself
what I am missing. We came to a stop and heard the door getting open, we
walked out of the paddy wagon and escorted through a long corridor.
Sounds of shouting, talking, other weird things that I couldn't make out
echoed in the hall. I waited to be uncuffed, checked out and shoved into
a cell. After being uncuffed I had to pull my pants down and get checked
out by a officer with white gloves who was checking for any weapons that I
might have.

I was escorted through a main corridor of jail cell was then put in
cell. One half hour went by and once again put out of one jail cell and
put into another jail cell waiting to hear my case be brought up. I
wasn't really to thrilled with my companions in the cell. Hours passed by
sitting on the ground, sitting down and try to get a bit of sleep, you
could hear talk going back and forth to between the other cell mates, "Hey,
I like those Runners, I have to have them. I will make sure I get them by
time night is over". I got escorted once again to another jail cell, which
you could say this cell had been overcrowded with people, looking the
doors of the jail cell I could see on the left table with an officer
signing people out, and other side basically where you pick up your
personal belongings.

I was once again moved to another jail cell waiting around 2 hours
with three other people in this cell, talking away to the officer they once
again moved to another jail cell waiting to be moved to The Don Jail.
After about one hour I was once again handcuffed and put in the back the
paddywagon and off to The Don Jail I went. We arrived at the Don Jail and
escorted to a front of desk with officer asking if I had any valuables.
AFter that he asked me to remove my cloths. Standing in front of me was a
officer who asked me to hang my cloths up on hanger. I though just didn't
give fuck and just hung them as I pleased. Well the officer wasn't really
pleased who I hung them and did it for me.

Shortly after we where giving cloths to wear, which were cheap, neon
and polyister but it's than better been nude! We where put small room with
showers, having to change into these cheap cloths and shoes. I was then
put in a chair with a Korean person and asked a bunch of questions.
Shortly after a picture was taken with number. I was given a tray of food
but the food tasted like the kind of stuff you get in hospitals.

Anyways standing at the elevator of the Don Jail awaiting to be
escorted to my jail cell. I waited to use the phone to call home and
asking my parents to bail me out well. I finally got a chance to use the
payphone to call home but no one was home. Well, I then called friend to
see if he could contact my parents. Well my friend answered but doesn't
know what the happened. Shortly after my name was called. I was escorted
to small room looking around was glassed window, and a visiting room of
some kind. I was surprised to see friend well got chance to talk. We
talked away to each other, asking what each other we have done. After I
talked to my friend for a while I was once again escorted to another small
room.

There was short person at a table signing people out, the bail was set
at $2,000, and I agreed to show up in court at the set date. I am not
going to say anything about the court appearances as they were basically
the same as TLA said earlier and is nothing really interesting happened
during that time.

It's December of 91, the World of Commodore show. It's been nine
months since I last heard of each TLA, however I was looking around
thinking about what to buy and watching an interesting seminar at the same
time. Well thought's went thought my mind when looking ahead and I though
I saw TLA's color jacket. I was surprised to see TLA after nine months.
During this first time their wasn't really much to say, however during
months TLA and I got a chance to clear up some misunderstandings that
happened over the years.

Well I hope you enjoyed this article, as it was fucking hell just
writing it alone. Well that's about all, thanks again to The Lost Avenger
and all members of UPi.

You may contact me, and leave comment or general replies to my private
VMB at, 416-505-4785 24 hours. Thanks again. Wiz Kid, RaDD Corp.

Written By Wiz Kid
May 18, 1992


------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 9 of 11

United Phreaker's Incorporated Underground Newsline

By Arch Bishop & The Lost Avenger


Bell Protects Customers Against Long Distance Fraud
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Bell News April 6, 1992 ]

On March 19, 1992, Bell began to verify charges on all long distance calls
charged to a third number as a way of protecting customers against fraudulently
billed calls.

As a result when a customer asks the operator to bill a long distance call
to a third number, the charges must be accepted at that number before the call
goes through.

This procedure was already in effect for such call when made from public
pay phones. Applying the measure to all third number calls is intended to stop
a type of fraud which has increased sharply over the past few months.

If no one is available to accept the charges, there are still several
options for customers, including billing their call to a Bell Calling Card,
calling collect or dialing direct.

To order a Calling Card, customers can dial 0 and place their request
through an operator.

There is no subscription fee to order the card. Calling cards are more
economical than billing calls to another number, and they allow customers to
bill long distance call to their account when they are away from home or the
office.

Informing Customers

We're letting customers know about the change in several ways.

First, Bell operators are informing customers who want to place this type
of call.

Second, a short informational message has been printed on customer bills.

Third, information was issued to the news media about the change.

Finally, customers who have made at least three such calls over the past
three months and do not have a Bell Calling Card (about 200,000 customers in
Quebec and Ontario) will receive a letter informing them of the change and
letting them know what alternatives there are.


To Curtail Fraud, Restrictions Are Put On Calling Cards From Payphones
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Bell News April 20, 1992 ]

Increasing fraud prompted Bell to discontinue the use of calling cards to
make calls to overseas destinations from payphones in Bell Canada territory.

All calling cards, those of Canadian, American, and international telephone
companies, were affected by the restriction which took effect April 13.
Consumers, however, are able to continue to use calling cards for calls to
Canada and the United States.

The Need to control fraud on calling card from payphones led to this
security measure. Recent investigandicated losses of over a quarter of
a million dollars a day from payphone calling card fraud. In practical terms,
this represented a loss of $500 for every $10 the company made, from overseas
payphone calls.

While Bell recognized this decision will inconvenience some customers,
fraud has escalated to such a degree that it is was felt a security measure had
to be implemented to protect customers and the company from further risk.

Customers are being advised to use alternative calling methods such as:

o billing validated calls to third parties;

o using credit cards (American Express, VISA or Mastercard) with
Millenium payphones.

Located in key airports and hotels, these payphones use magnetic band
screening to validate calls;

o making collect calls;

o using the Bell calling cards from non-coin telephones and, finally

o making cash calls from payphones.

On March 17 Bell made validated of calls billed to third parties mandatory
whether the calls were being placed from payphones, homes or businesses. The
new measure was introduced to protect customers against fraudulently billed
calls.


PBX Fraud Takes Toll On Unsuspecting Users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy Of Business First Of Columbus April 6, 1992 ]

Private branch exchanges can develop privacy--and pricey--problems of
their own.

PBXs, as they are commonly called, are internal telephone switching systems
that businesses use to route calls made by their employees. And in recent
years, PBXs have become the targets of crooks who illegally use such switches
to place long-distance calls without paying for them.

"This is one of the most under-reported stories around," says Marsha
Schermer, a Columbus-based partner with the law firm of Arter & Hadden who
specializes in public utility issues.

"PBX manufacturers and long-distance carriers don't want to talk about PBX
fraud because it's bad publicity for them," she says. "And companies that have
been victimized also don't like to publicize that fact, out of fear of being
targeted by other thieves."

Telecommunications specialists say the most common route thieves use to
break into PBXs is through their remote-access features, which allow employees
located outside the office to place long- distance calls and charge them to
their employer. To use that feature, employees must first enter a toll-free
"800" number to get access to the PBX, followed by a multi-digit authorization
code that allows them to place long-distance calls.

Thieves reportedly use several different methods to find the toll-free num-
bers and related authorization codes. Among the more popular: the use of "war
dialers," which are computer software programs that electronically dial numbers
until they find a combination that gets a dial tone; "Dumpster diving," in
which the thieves look through trash bins in search of coding information
that's been written down and discarded; and "shoulder surfing"-- spying on
business people as they dial into their PBX from a pay phone.

Kim Koeller, a manager within Andersen Consulting's Network Solutions
Group, says thieves have also found ways to break into PBXs via their
voice-mail systems.

"As PBXs have gotten more sophisticated, so have the methods thieves use to
break into them," notes Koeller, who is based in Andersen's Chicago office.

Once they break into a given PBX, the thieves often set up "call-sell"
operations in which they sell the stolen long-distance time to someone else,
often recent immigrants who want to talk with friends or relatives back in
their homeland. However, Arter & Hadden's Schermer says much of the illegal
calling activity funneled through PBXs probably involves drug deals and weapons
sales.

Telecommunications experts say thieves operating out of New York City are
the largest source of PBX fraud. But such problems can strike just about
anywhere.

That situation is reflected in an informational brochure on PBX problems
that was issued by the Communications Fraud Control Association (CFCA) in
Washington, D.C.

According to that publication, entities that have been hit by PBX fraud
include the Tennessee Valley Authority, which lost $65,000; Philadelphia
Newspapers Inc., which was bilked for $150,000; a Midwest chemical company,
which lost $700,000; and an Ohio manufacturer, which lost $300,000. In all,
CFCA says toll fraud costs companies more than $1 billion a year.

It's hard to say just how much of this illegal activity is striking Central
Ohio PBXs. The Columbus office of the FBI, for example, recently reported that
it had received a half-dozen reports of PBX-related fraud during the past nine
months.

The potential for PBX problems here is further reflected in statistics
compiled by the North American Telecommunications Association, which show there
are about 1,000 PBXs now in operation in Columbus.

If your firm is using one of those switches, the CFCA recommends taking the
following defensive steps to reduce the chances of thieves breaking into them:

o Assign authorization codes for remote-access use on a need-to- have
basis. Also, use random numbers for such codes--never have them match the
user's telephone station or corporate badge number.

o If possible, limit remote-access trunk lines to domestic calls only.

o If your PBX has a time-of-day control feature, use it to block the
placement of long-distance calls after business hours.

o Regularly monitor your long-distance billing and traffic for unusual
patterns. Numerous attempted calls that are short in duration, for example,
might indicate a computer "hacker" seeking to break into your system.

o Try "hacking" your PBX to seek weaknesses in its defenses.

If your company PBX does get hit by thieves, who pays for the illegal
calls? Thus far, at least, legal and regulatory bodies have held that the firm
owning or leasing the PBX--and not the equipment manufacturer or the
long-distance carrier involved--is responsible for paying such charges.


AT&T To Reopen Direct Calling Service Between U.S., Vietnam
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service/Wall Street Journal April 6, 1992 ]

WASHINGTON -DJ- American Telephone & Telegraph Co. said it reached an
agreement with Vietnam communications officials to reopen direct communications
service between the United States and Vietnam for the first time in 17 years.

The company said the start of service hinges on acquiring all necessary
U.S. regulatory approvals. AT&T said in a press release that it hoped to
offer limited direct dial service in a few days by sending calls between the
United States and Vietnam through third countries. The company said direct
links could be available in a matter of weeks.

Calls to Vietnam from the U.S. mainland will cost between $2.51 and $2.91
for the first minute, depending on the time, and between $1.77 and $2.17 for
each additional minute, AT&T said.

Currently, callers trying to reach Vietnam from the U.S. pay as much as $8
a minute to black market telephone operators.

AT&T said it has been working since 1988 to seek approvals from U.S.
government officials to provide telephone service for the 700,000
Vietnamese-Americans living in the United States.

The State Department on April 13 said it would grant an exception to the
U.S. economic embargo with Vietnam to allow telephone calls between the United
States and Vietnam. Payments due the Vietnamese for completing calls will be
placed in a blocked account under the jurisdiction of the United States
government.


AT&T Unveils New Consumer Long Distance Phone Service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service April 28, 1992 ]

NEW YORK -DJ- American Telephone & Telegraph Co. unveiled its EasyReach
700 Service, a portable, permanent long distance telephone number.

For $7 a month, customers will receive a 700 number that is theirs for as
long as they remain EasyReach 700 subscribers, no matter where on the U.S.
mainland they travel or move, the company said in a press release.

Sucribers also get selective call forwarding and the option to receive
calls that are toll-free to the caller.

AT&T said the service is designed primarily for long distance calling and
subscribers are expected to retain a local telephone number. The EasyReach 700
calls will be billed at fixed per-minute prices, regardless of the distance.

In its filing with the Federal Communications Commission, the company said
the service will be introduced June 15.

Merrill Tutton, president AT&T consumer communications services, explained
that the new service will permit customers to use a single telephone number at
their homes, office, vacation or wherever they might choose. The customer has
only to give friends, family or associates, his 700-number, tell AT&T the
telephone number where he can be reached and AT&T will forward all calls to the
700-number called to the location the customer desires. AT&T also will provide
a mechanism that will allow certain calls to be billed automatically to the
700-service customer.

AT&T said it will charge $7 a month for service. For calls billed
automatically to the 700-service customer, AT&T will charge 25 cents a minute
at peak hours and 15 cents a minute off peak - both about the same as a regular
direct-dialed long distance rates.

"You can give it to a child, friends, army buddies, whoever you want, and
they can reach you wherever you are," Tutton said. He acknowledged, however,
that "there is a finite number of people that will feel this is a service they
want." Tutton said, "this is aimed at people who move around a lot, have a
couple of homes or also own a cellular phone."

Customers can designate those whose calls can be billed to the 700-service
customer by providing them with a four-digit personal identification number.

The charge to the subscriber is 25 cents a minute during peak hours and 15
cents off-peak, or "a penny or so more than regular long-distance rates,"
Tutton said. Customers must make the call over an AT&T line or dial an extra
five-digit access code to send the call over the AT&T network, AT&T said.

"That doesn't strike me as very user friendly," said Patricia Proferes,
director of card and Personal 800 Services at MCI Communications Corp. She
noted that MCI has been offering a "Follow Me" service that allows a customer
to use a toll-free 800 number and give it out to friends or business
associates. "People are confused by 700 numbers," she said.

A Sprint Corp. spokesman said the company "looked into offering the type
of service announced by AT&T and while we're not ruling out offering a similar
one in the future, we're now focusing our resources on other services."

While Tutton wouldn't offer an estimate on the size of the potential
market, a spokeswoman noted that AT&T Bell Laboratories figured there are about
six million possible combinations of ten-digit numbers that can be offered
using the 700 prefix. There are more than 100 million phone customers in the
U.S. Moreover, nothing is keeping rivals MCI and Sprint from offering similar
programs based on 700 numbers.

"This is a nifty way for AT&T to condition its customers to think of AT&T
in terms of mobile communications and local communications," said Jack B.
Grubman, telecommunications analyst at PaineWebber Inc. Currently AT&T offers
neither of those services, and this could pave the way for the company to wade
into these markets.


AT&T Unveils

  
New Fraud Protection Program
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Servic May 13, 1992 ]

NEW YORK -DJ- American Telephone & Telegraph Co. said it is introducing a
new program to help its customers secure their communications systems and
control telephone fraud.

The company said its NetProtect Basic Service, which monitors calling to
countries experiencing the highest amounts of long-distance fraud and domestic
800 service 24 hours a day, seven days a week, and alerts customers to
suspected fraud, will be offered to all business customers of AT&T's
long-distance and domestic 800 services at no additional charge.

AT&T said it began this week monitoring its 800 service to prevent thieves
>from using the network to commit fraud. It said it will begin monitoring
international long-distance service Aug. 1.

The company said in addition to basic service, its customers will be able
to choose optional NetProtect products and services, for a cost, to meet their
individual security needs.

Among the other options it plans to offer are NetProtect Enhanced Service,
which includes all NetProtect Basic Service options, provides more customized
monitoring and - pending Federal Communications Commission approval - will
offer a $25,000-per-incident limit on customers' financial liability for fraud
caused by thieves using a company's PBX; Hacker Tracker, a software package
that works with AT&T's PBX Call Accounting System Plus to detect and alert
customers to suspicious calling patterns; and AT&T Fraud Intervention Service,
which gives AT&T's PBX and voice messaging customers access to a team of
technical and security experts who can help them detect and stop fraud.

The company said it expects the liability cap component of the program,
pending FCC approval, to take effect Sept 1.

The problem of phone-service theft has been a bone of contention between
long-distance carriers and corporate customers, some of whom have complained
that the carriers haven't done as much as they could to stop the problem. At
issue is whether the customer or the phone company is responsible for the costs
rung up by thieves, primarily professional hackers who get access to companies'
internal telephone systems.

AT&T also will offer seminars to companies in watching for fraud and in
developing phone security measures for companies' staffs. Corporate customers
would remain liable for fraudulent phone charges that do occur.

AT&T's announcement follows a similar move several weeks ago by rival
Sprint Corp. Unlike the other long-distance carriers, though, AT&T also makes
telephone equipment, so it could face possible complaints from customers about
insufficient equipment as well as service. Also, AT&T's fee-based enhanced
protection programs require customers to have AT&T 800 service and AT&T
outbound long-distance traffic at each location. Such theft is estimated to
cost companies more than $1 billion annually, according to the Communications
Fraud Control Association, a Washington-based group. Jerre Stead, president of
AT&T's business communications systems unit, and Joseph Nacchio, president of
business communications services, said they see the cost for enhanced
protection as "only marginal" to companies. But they noted that toll-call
fraud has increased sharply in the last few years, as companies try to make
their phone systems more user-friendly to their employees.


AT&T - World Connect Service: English-Speaking Operators
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service April 30, 1992 ]

NEW YORK -DJ- American Telephone & Telegraph said its World Connect
Service, beginning today, eliminates language barriers and unfamiliar dialing
procedures for Americans living or traveling abroad.

Users of AT&T's World Connect Service will be able to place calls from 34
countries by using their AT&T Calling Card or AT&T Universal Card. Calls will
be completed with the assistance of an English-speaking AT&T operator.

Customers can access AT&T World Connect Service by dialing the AT&T
USADirect Service number from the countries where World Connect is available.

Callers then give the AT&T operator the country code, city code and local
number of the person they want to reach, along with their AT&T Calling Card or
Universal Card number and the operator completes the call, the company said in
a press release.


Sprint Unveils Calling Card To Facilitate Calling Process
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service April 20, 1992 ]

KANSAS CITY, Mo. -DJ- Sprint Corp. unveiled a new Sprint FONCARD that
will enable customers to dial fewer digits to complete a call, place calls with
a card number and use new technology.

In a press release, the company said the new Sprint FONCARD has a variety
of features designed for domestic and international business travelers. It
will make FONCARD long distance calling simpler and enable customers to save
time, effort and money.


Pacific Bell Delays Ending Grace Period For 213/310 Code
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service May 1, 1992 ]

SAN FRANCISCO -DJ- Pacific Bell, citing unrest in Los Angeles, said it will
delay indefinitely the end of its six-month grace period for users of the 213
and 310 area codes.

On Nov. 2, the company, a unit of Pacific Telesis, introduced the 310 area
code and announced that its ''permissive dialing'' period would last through
May 2. After tomorrow, callers were supposed to be connected to a recording
asking them to redial using the correct code.

There is no new conversion date at this time, the company said in a
statement. Callers will still be able to use either area code 213 or area code
310 for calls into the region, the company said.


Pacific Bell To Suspend Some Charges For Victims Of LA Riot
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Dow Jones News Service May 1, 1992 ]

SAN FRANCISCO -DJ- Pacific Bell, a unit of Pacific Telesis, said it will
suspend certain charges for its call forwarding, remote call forwarding, and
Pacific Bell voice mail and message center services.

In a news release, the company said it is suspending the charges in order
to help telephone calls reach the victims of civil unrest in Los Angeles. The
offer will be available to those customers who have been forced to flee their
homes or whose businesses have been burned or abandoned.

The suspended charges include installation fees and recurring charges for
30 days. Usage charges won't be waived.

It's difficult to look natural while committing a computer crime. A sweaty
brow or quickened heart beat is not going to give you away, but activities like
logging on in the middle of the night or accessing a file that you normally
have no interest in, may.

For a year now, the US Federal Bureau Of Investigations has been testing a
new kind of security system which attempts to trap malicious computer users, or
intruders masquerading as staff, by highlighting statistically-unusual
behavior.

At present the system is confined to one IBM mainframe serving three or
four field officers in the Washington DC area, but there are plans to extend it
across the country.

Over the next few years similar systems are likely to surface at other
sensitive computer sites in government agencies, defense ministries and also
the armed forces.

The FBI's package, called Intruder Detection Expert Systems (Ides), has
been developed over six years by SRI International of Menlo Park, California,
1.5m) of funding, mainly from the US Navy. The software monitors
individual users and groups of users and builds up a historical profile of
their "normal" behavior on the computer.

It then monitors their current activity, and sends out an immediate alert
if there is a significant difference between the two.

In this way Ides detects instructions that go unnoticed by conventional
password and access-control systems. For example, it can detect hackers who
have gained access to a computer through exploiting unknown vulnerabilities.

The FBI has uncovered some "interesting events" says Teresa Lunt,
programmer director at SRI. "Typically," she says, "they're concerned that a
user might be providing information to someone on the street. An FBI employee
who normally works on stolen cars, for example, might be contacted by a
drug-related criminal and asked to look something up."

FBI cases tend to overlap department boundaries, says Lunt, so computer
users may have the authority to access a wide range of files. With Ides,
however, they will be asked to justify any unusual actions.

Ides also includes a second kind of snare - it is able to recognize
specific actions that are regarded as suspicious, such as a string of
unsuccessful attempts at logging on. It archives this with an expert or
"knowledge-based" system programmed to look for particular sets of
circumstances.

Hackers are predictable, says Lunt. "There's a cookbook of ways to
break into a Unix or Vax system for example - you can encode that information
and look for those particular exploitations."

Lunt says the prototype Ides, which runs on a Sun workstation connected to
the computer being monitored, may spawn a product within two to three years.

The institute has funding for another three years of research but "we think
we can start turning out useful prototypes now," says Lunt. SRI is not
product-orientated but the research group is looking for a joint-venture
partner to bring Ides to market.


Thrifty Tel's Lament: Hackers Back on Attack
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Orange County Business Journal April 9, 1992 ]

"They're baaack!" says Thrifty Tel Inc.'s Rebecca Bigley.

"They" are the computer hackers that plagued the long-distance telephone
company two years ago, as it was struggling through a difficult bankruptcy.

Hackers are computer jockeys who gain illegal access to a target computer
system and often wreak havoc within the system. Bigley had battled the hackers
once before --and thought she had won. Now they have returned.

"This time we're prepared, and they are not going to get away with it,"
Bigley said. As if to underscore this, she has taken the offensive, calling on
the state Public Utilities Commission to help Thrifty Tel in its fight.

As previously reported in the Business Journal, Thrifty Tel emerged from
bankruptcy in January after surviving a fire, an investigation by the
Securities and Exchange Commission and infiltration by hackers. The company
was cleared of any wrongdoing in the SEC case.

Then came a faulty billing package that threw the company into
bankruptcy--a hole that took two years to climb out of.

Now hackers have started entering the company's billing system once again.
Bigley, the company's vice president, said that six hackers--all from the San
Diego area--have been tracked and caught.

"There seems to be a group of kids operating together down there," Bigley
said. "I'm here to tell them that we know how to catch them."

The hackers, she said, all are children of "well-to-do business people" in
the San Diego area. She characterized one as the son of a "very prominent" San
Diego businessman. As a condition of settlement, she agreed not to disclose
their names.

Computer hackers have continuously plagued the long-distance telephone
industry, obtaining access codes to make their own long- distance calls without
paying for them.

"It's a huge problem, especially for the major companies like AT&T, MCI and
Sprint," said Jeff Buckingham, president of Cal-Tel, a statewide organization
made up of 30 long-distance telephone companies. He estimated that hackers
cost the phone companies hundreds of millions of dollars nationwide.

Nearly two years ago, Thrifty Tel was hit with the first rash of several
dozen computer hackers, who repeatedly broke into the company's computer system
and stole long-distance access codes. Unchecked, the problem could have put
the company out of business, Bigley said.

Bigley mounted a personal and much-publicized counterattack against the
hackers. After first coming up with a system that gave instant notification
when a hacker was tapping into the telephone network, Bigley applied to the PUC
for the right to impose $6,000 in "accessfees" against hackers.

"But that does not always seem to faze them that much. For them, the worst
is the condition of settlement: They must forfeit their computers to us,"
Bigley said.


Illegal CB Equipment Seized From Four Dealers In Amarillo, Texas
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Popular Communication June, 1992 ]

Under the direction Of Assistant United States Attorney Mark Nichols, the
United States Marshalls with the assistance of the FCC's Dallas office and the
Amarillo Police Swat Team, seized an estimated $20,000 of illegal electronic
equipment. The equipment was seized from four businesses in the Amarillo,
Texas, area: S&S CB Shop, Radio Depot CB Sales, Ben's CB Sales and Repeair and
Tri State Radio.

After receiving a report from the Crime Stoppers office of the Amarillo
Police Department, an investigation was conducted by the FCC's Dallas Office
with the assistance of the Amarillo Police Department. The seized equipment
included linear amplifiers and non-type accepted CB transceivers capable of
boosting transmitter power to over 1000 watts. This level of power is well
over the legal 4 watt limit.

The use, sale, or manufacture of linear amplifiers or other devices that
boost CB radio power beyond legal limits os prohibited by the Communications
Act and the FCC's Rules and Regulations. These devices are capable of
disrupting public safety and aeronautical communications, and causing
interference to home electronic entertainment equipment.

Federal law provided penalties, which include fines up to $100,000 and
imprisonment for up to one year, for a first offense.


Three Pirates Sentenced In Texas
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Popular Communication June, 1992 ]

Three Odessa, Texas, men have been sentenced by a United States District
Court for operating two unlicensed FM broadcast stations. The unlicensed FM
stations used the callsigns "KROX" and "KFRE" and identified the operation as
the "Pirate Radio Network". Agents of the Federal Communications Commission,
United States Border Patrol, United States Marshalls Service and the Odessa
Police Department cooperated in the investigation and issuances of search
warrants which led to the arrests.

Thomas Euguene Barnes pled guilty to one count of aiding and abetting
unlawful operation of a radio station. Both men were ordered to perform 100
hours community service and placed on a three year probation term.

Unauthorized operation of a broadcast station creates potential of harmful
interference to stations licensed by the FCC and is a violation of Section 301
of the Communications Act of 1984, as amended


Area Firms Stung by PBX Fraud
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of South Bend Tribune Business Weekly April 18, 1992]

SOUTH BEND--At least two area companies have recently been defrauded of
between $60,000 and $200,000 worth of long-distance telephone calls. Both
firms requested anonymity, but confirmed the problem and the amounts.

The local loss is part of a larger problem called PBX fraud, which has been
plaguing companies around the country. PBX fraud usually involves breaking
through telephone switches and selling toll-free calling access to criminals.

The fraud was discovered in Michiana when the two firms noticed a dramatic
increase in the number of calls placed to area code 809-- the code for
Colombia, South America.

PBX fraud is accomplished by a network of hackers who randomly dial 800
numbers and attempt to break through telephone switches, commonly called PBX's,
located in companies around the country. If successful, the hackers notify a
ready and willing band of thieves who pay for the number and use it for
"business" purposes. The victims of the fraud are then charged for the
criminal's calls.

In an article in the September/October 1991 issue of ISP News, published by
the MIS Training Institute Press, William J. Cook of the United States
Attorney's office in Chicago, cited a case of PBX fraud involving Mitsubishi,
which lost over $430,000, and AT&T, which provided the telephone system.

Although the case has not yet been resolved, Cook reported that "AT&T
responded that its standard practice was and is to give customers ample warning
of the dangers of toll fraud and that users (of telephone equipment) typically
lose out when they implement poor maintenance and security procedures."

The fraud is not as difficult to pull off as it may seem. At a recent AT&T
Consultants' Liaison seminar, an instructor from DePaul University in Chicago
revealed that there is a catalog available which lists software products
guaranteed to break into telephone switches or voice mail systems.

A typical PBX fraud scenario might begin with an employee unable to place
outside calls. The lines of the system are occupied by the criminals. The
telecommunications department specialist may receive a call from the long
distance carrier inquiring about an increase in calls to a certain area code.
Further investigation may reveal that nearly all outgoing calls are placed to
the suspect area code.

How should a company deal with PBX fraud? First, if the fraud is already
established, the firm's telecommunications specialist should remove from the
system valid access to the area code the criminals are using.

To prevent fraud from occurring, a company systems administrator should
check "call detail reports" on a daily basis looking for failed attempts to
access the telephone system or multiple calls to unusual locations. In
addition, the firm should work with its PBX or voice mail manufacturer or a
competent telecommunications consultant to determine where the company is at
risk and what hardware, software, or procedures can be implemented to prevent
toll fraud.

The firm should be sure to report any known attempts at fraud to federal,
state, or local law enforcement officials.



Canadian Phone Companies Form New Holding Firms And Revise Mandate
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Computer Paper March 1992 ]

Canada's major telephone companies last month announced the creation of two
jointly held companies Stentor Resource Center Inc. and Stentor Telecom Policy
Inc. In addition, they announced a revised mandate for Telecom Canada, which
will now be known as Stentor Canadian Network management.

The CEOs of the nine telephone companies unveiled their plans at an Ottawa
news conference that was to Montreal, Toronto and Vancouver, Stentor Resource
Center will consolidate the shareholder companies marketing and engineering
development activities at the national and international levels. Stentor
Resource Center will develop and deliver national telecommunications products
and services, will develop national technology standards, will conduct or sub-
contract researches and development projects for the telephone companies, and
will establish international alliances with other telecommunications organ-
izations. It may also become involved in systems development with the
telephone companies.

Stentor Resource Center will officially be in operation as of January 1,
1993. It is expected to have approximately 2,500 employees drawn from the
member telephone companies. it will be centered in Ottawa, but will also have
operations in other parts of the country. Brian Hewat, currently Executive
Vice-President Marketing for Bell Canada, will be appointed President and Chief
Executive Officer of Stentor Resource Center.


Kapor Praises ISDN As Key To Future
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Computer Paper March 1992 ]

Mitch Kapor, founder of Lotus Development and the Electronic Frontier
Foundation (EFF), used the keynote address at the Winter '92 Usenix technical
conference to hammer home the EFF's vision of a civilized network world, with
networking for all.

Kapor feels that ISDN a technology considered by many to be obsolete even
before it has become widely available is in face the key to universal access to
the network world.ISDN provides digital service using the same basic equipment
used by voice technology. An ISDN connection provides 2 channels of data at 64
kilobits/second and an additional control channel at 16 kilobits per second.
Voice communication requires 56 kilobits without compression, and typical
high-speed modems attain little more than 9600 or 14400 bits per second by
contrast.

In theory, ISDN should cost no more than voice phone calls, because many
phone companies already transmit most of their voice by digitizing it and
sending it over the 64-kilobit channels that ISDN uses.

Because ISDN uses the copper wires that are already in place throughout the
network world, it requires no additional physical equipment unlike plans for
fiber optic multi-megabit data connections. ISDN is also sufficiently fast for
good quality videotelephony.

Kapor suggested, and the audience agreed, that almost every member of the
audience would buy such ISDN service if it were available under the terms he
describes. Such could be the start of a network world for everybody in the
USA.

Kapor also pushed for more commercialization of the TCP/IP "Internet" that
already hooks together tens of thousands of computer systems around the world.
Kapor offered some free business ideas to the audience, suggesting that people
work to start network service bureaus to allow the exchange of money, and even
a network bank that accepted checks signed with digital signatures.

The EFF has recently opened an office in Washington, DC to assist with its
public policy lobbying efforts. In addition to promoting universal network
availability the EFF has worked to make itself the ACLU of the network world,
assisting those whose rights are abused by law-enforcement officers who
misunderstand or fear computer and network technology.


New For Networks: Hayes Announces ISDN Extender
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Computer Paper March 1992 ]

Hayes Microcomputer Products has announced the Hayes ISDN eXTender, a
network interface module providing both ISDN (Intergrated Services Digital
Network) service under its Basic Rate Interface, and analog phone service to
users of the NeXT computer.

The product provides an eight-pin connector to an analog telephone line.
When used in conjunction with NeXTstep release 3.0 applications, the eXTender
can be used for remote connections to local area networks, as well as high-
speed voice, data, fax and multimedia communications.

The product represents a strategic relationship between two of the computer
industry's first wave of entrepreneurs, Dennis Hayes and Steve Jobs.

Hayes created some of the first PC modems on a kitchen table in 1977, about
the same time Steve Jobs was forced out at Apple while Hayes faced hard times
resulting from price-cutting in the modem market.

Since then, Jobs has founded his NeXT company while Hayes has rebuilt his
firm around ISDN and local area network access, using a subsidiary called
Practical Peripherals to fight the modem price war. Hayes was also one of the
first U.S modem makers to aggressively search out international markets, and
has been a leader in opening the Chinese market.


Phone Rate Hikes Are Likely to Continue, Analysts Say
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Los Angeles Times March 27, 1992 ]

After eight years of price cuts, long-distance telephone rates for most of
the nation's households are rising, and analysts said the trend is likely to
continue as carriers retreat from the bruising competition that followed the
breakup of American Telephone & Telegraph.

Industry leader AT&T, as well as MCI and Sprint, Thursday acknowledged the
rate increases for 1991 _ which ranged from less than 1 percent to nearly 3
percent. The increases were necessary, they said, because the cost of doing
business also rose.

The increases came as the carriers backed away from the intense price
competition that hammered interstate phone rates down by 40 percent since 1984.
Carriers instead are focusing their efforts on winning the loyalty of
high-volume long-distance callers with special discount programs. While these
plans can offer significant savings, it is estimated that less than one-third
of the nation's households enjoy bargain rates.

The trend toward high-volume discounts concerns consumer activists who
worry that low-income or elderly people who make few long-distance calls are
subsidizing the low rates enjoyed by people who can afford to call more often.

"We are moving away from the social commitment to inexpensive, basic phone
service," said Audrie Krause, executive director of Toward Utility Rate
Normalization, a San Francisco-based consumer group.

Representatives of the nation's three largest long-distance carriers
rejected the notion that affluent people benefit at the expense of those who
can't afford to make enough calls to qualify for a discount.

"We do not view (basic) long-distance customers as a cash cow of any
kind," MCI spokesman John Swenson said.

For most consumers, the increase in long-distance rates last year was
barely perceptible. Consumer Action, a San Francisco-based consumer advocacy
organization, released a survey Thursday indicating that AT&T rates rose by a
fraction of a percent, and that MCI's rates rose by 1.2 percent. Consumer
Action said its survey showed Sprint's rates shot up by 3.94 percent.

Consumer Action calculated the increases by comparing the costs of calling
between four pairs of cities during the day, evening and at night to capture
time-sensitive changes in phone rates.

The group noted that its survey is only a sampling and may not reflect
actual rate changes experienced by consumers. In fact, Sprint disputed the
survey's findings, saying that it raised basic long-distance rates by 2.7
percent last year.

Consumer Action spokesman Michael Heffer said MCI and Sprint raised their
rates to more closely match the rates set by AT&T, the largest and usually the
high-price carrier. The survey indicated that Sprint's rates now match AT&T's
in some cases, while MCI continues to price itself below AT&T.

In a statement, Consumer Action Executive Director Ken McEldowney
criticized the rate increases as unjustified.

"At first glance, it looks as if the carriers are raising rates to offset
revenue losses they may be incurring from their discount calling plans."

But the carriers disputed this. AT&T specifically attributed its rate jump
to a government-ordered rise in the amount the company must pay local phone
companies to offset the cost of doing business in low-income areas.

While AT&T would not disclose the size of the federally mandated cost
increase, spokesman Michael D. Johnson said, ``AT&T did not pass along the
full extent of our costs.''


Computer Virus Fails To Byte
Canadian Tipped Off In Time But Other Countries Not So Lucky
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Toronto Star March 7, 1992 ]

It was billed as the great plague, but it turned out to be nothing more
than a sniffle.

Advanced precautions taken by Canada's governments, universities and
corporations served as immunization against a lethal computer virus known as
Michelangelo.

Other countries, however awoke to the Italian Renaissance artist's 517th
birthday yesterday with gibberish on their IBM-compatible computers.

The virus, which attacked sporadically around the globe, left South Africa
hardest hit, with more thank 1,000 computers affected in 450 to 500 businesses,
most of them pharmacies.

Police in Amsterdam said the virus was unwittingly spread around the world
by a Taiwanese software copying house, by Taiwanese authorities have not
identified the firm.

Immunization techniques appeared to have avoided the worst effects in
Europe and Asia and, with Middle Eastern offices closed for the Muslim day of
prayer yesterday, the extent of damage there was not know.

John McAfee, president of the U.S.-based Computer Virus Industry
Association, a research group of software and hardware makers, estimated that
at least 10,000 computers has been hit world-wide and had lost data.

The virus, scheduled to strike at 12:01 a.m. yesterday, wipes out the
contents of hard disks of infected computers as they are switched on.

Any computer compatible with IBM equipment is a potential target, but the
virus can be eradicated by special software.

Only a handful of cases were reported in Toronto, Ottawa and Kitchener, and
these occurred days before the artist's birthday.

Over-all, government agencies seemed to escape the deadly virus, said
Constable Greg Peters of The Royal Canadian Mounted Police in Ottawa.

"We notified 150 government agencies and private contact and advised them
to prepare themselves," Peters said yesterday.

"We're quite confident that preventive measures halted the virus."

IBM Canada Ltd. reported no problems from its customers, who own 1 million
PCs across the country, adding that a warning earlier this week about the virus
gave people time to prepare.

Maclean's magazine suffered some minor disruption from the virus, but it
did not affect editorial content, an official said, and most of the wiped-out
information was backed up on other files.

Bell Canada kicked in its anti-virus software this week, searching for bugs
in the system, but none were found, said David Goldsmith, associate director of
corporate security.

Norton anti-viral software used on computers at the Toronto Stock Exchange
seemed to prevent any problems, said Olaf Kraulis, vice-president of
information systems.

The University of Toronto - which was hit with the virus in a test last
week - also didn't experience problems, said Wilfred Camilleri, the
university's manager of security.


Computer Crime Problem Highlighted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Toronto Star March 9, 1992 ]

With the growing corporate dependence on computers, "information crimes"
have become easier to commit but harder to detect, says a Toronto-based
security company.

"Electric intrusion is probably the most serious threat to companies that
rely on computerized information systems," Intercon Security Limited says in
its Allpoints publication.

Allpoints cited a study of 900 businesses and law enforcement agencies in
Florida showing that one of four businesses had been the victim of some form of
computer crime.

"While most of the media attention has focused on `hackers,' individuals
who deliberately and maliciously try to disrupt business and government
systems, one estimate indicates that 75 per cent plus of electronic intrusion
crimes may be `insider attacks' by disgruntled employees," the publication said

In Intercon's experience, vice president Richard Chenoweth said the company
is as likely to find a corporate crime committed by a disgruntled employee as
one one perpetrated by an outsider.

Intercon said the technology exists to guard against most electronic
intrusion. "The problem is that many information managers still don't believe
there is a risk, so they are not making the best possible use of what is
available."

More on computer security and corporate crime in Allpoints, Telephone:
(416)229-6812.


MCI, Sprint Take Steps to Cut Off Swindlers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of The Washington Times March 1, 1992 ]

MCI and Sprint yesterday said they are cracking down on telephone fraud.

The two long-distance carriers are tackling different kinds of
swindles, though:

o MCI said it will stop sending out bills for pay-per-call operators who
promise help getting a loan, credit, a credit card or a job.

o Sprint said it will offer large business customers a form of liability
insurance against unauthorized use of corporate switchboard lines.

MCI Communications Corp. of the District said it wanted to protect
consumers who might be gulled into overpaying for some "900- number" services
during economic troubles.

But long-distance carriers are also guarding their own bottom lines by
tightening up pay-per-call standards, said telecommunications analyst James
Ivers.

"They're acting fiscally responsibly because traditionally these were the
types of programs that created a high level of uncollectable" bills when
ripped-off consumers refused to pay, said Mr. Ivers, senior analyst with
Strategic Telemedia, a consulting firm in New York.

Last September, Sprint Corp., of Kansas City, Mo., told more than 90
percent of its 900-number customers it would no longer do their billing.
Long-distance firms cannot refuse to carry pay-per- call services, but most
900-number operators do not want the expense and trouble of doing their own
collections.

American Telephone & Telegraph Co., of New York, said it has set up strict
guidelines for all 900-number firms, such as disclosing in advertising any fees
charged for credit processing.

AT&T spokesman Bob Nersesian said: "We still think there are legitimate
providers of this kind of service and our guidelines keep the dishonest guys
off the network."

Sprint's switchboard-fraud liability protection is aimed at big customers,
whose Sprint bills are more than $30,000 per month.

For an installation fee (up to $5,000) and a monthly charge (also up to
$5,000), Sprint will absorb fraudulent phone charges above $25,000 per
switchboard. The customer pays the first $25,000. Sprint's liability ends at
$1 million.

Large and medium-sized companies can rack up huge bills if their private
switches, known as private branch exchanges or PBXes, are broken into and used
to make calls to other countries.

In a recent case, more than 20,000 calls were made on a company's PBX over
a weekend, with the charges estimated at more than $1 million, said M.R.
Snyder, executive director of Communications Fraud Control Association, a
Washington trade group.

"It is certainly (a fraud target) that is ripe for being abused," Ms.
Snyder said, especially since telephone carriers have improved their ability to
spot unauthorized credit-card calls more quickly.

Overall, telecommunications fraud costs phone carriers and customers an
estimated $1.2 billion per year although the figure is really just a
"guesstimate," Ms. Snyder said.

Company PBXes often have features that allow traveling employees, or
distant customers, to call in and tap an outgoing line. With computer
programs, hackers can randomly dial numbers until they hit security codes.

Sometimes the codes are only four digits, so hackers don't even need a
computer said Bob Fox, Sprint's assistant vice president of corporate security

Along with the fees, customers must agree to take certain precautions.
Those include using security codes at least eight digits long and eliminating
the ability to tap outside lines through voice mail. In return, Sprint will
also monitor PBX use every day, instead of the five days per week currently
done free for customers, Mr. Fox said.

MCI spokesman John Houser said his company will be watching Sprint to see
if the program is a success. Spokesman Andrew Myers said AT&T offers fraud
protection to some corporate customers but is not considering extending that to
cover PBX abuse.

AT&T is currently involved in several lawsuits over disputed PBX charges
that total "many millions" of dollars, Mr. Myers said. Sprint officials said
they have not sued any customers to collect on PBX fraud bills.


Province Careless With Data: Auditor
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Toronto Computes March 1992 ]

When lunch hour moves in, government employees move out, abandoning desks
and computers in search of sustenance. Dutifully, they stuff confidential
papers into safes and cabinets.

But those diskettes holding private credit data and other confidential
information are often casually strewn atop desks.

Nearly 65 percent of government staff don't lock up diskettes containing
confidential information when they leave their stations, according to Douglas
Archer who recently retired as provincial auditor, Ontario's watchdog for
government spending.

Are we governed by a computer-careless, if not computer illiterate, body?
Yes, according to Archer's last report.

"The problems we identified were so widespread, we felt it was fair to be
critical of the entire system government-wide," said John Sciarra, executive
assistant to the auditor.

In the daily use of desktop computers by government employees, the auditor
found information inadequately protected, staff unaware of when they were
handling confidential data, few guards against viruses and incidents of
unlicensed copies of commercial software.

Also present was that bane of computer equipped organizations, inadequate
selection and protection of passwords.

At five different ministries, said the auditor, it was easy to find phone
numbers, user names and passwords all the supposedly confidential information
anyone would need to gain acces to computers via modem. In some cases, that
information was pinned to a wall, taped to keyboards or left on a desk.

Lax security precautions were also found in the powerful government
mainframes. The auditor examined five mainframes, focusing on how each
managed its security software, known as Resources Access Control Facility, or
RACF.

The report gave very low marks to the Ministry of Correctional Services.
But Bill Gray, director of management information systems at the ministry's
North Bay data center, said security is not lax.

"The wording (of the report) is much more pejorative than the reality.
It's not terribly lax."

According to the report, the data center's mainframe had too many
privileged users and poor password controls. As well, some users were capable
of altering the audit trail information, allowing them to erase records of
their activities.

The Information Security group at North Bay didn't have control of the
command to turn RACF off, nor had it changed the original password required to
use that command.

Gray said Corrections' poor showing was because RACF had just been
installed in December 1990. "When they audited, the data center had been in
operation for only weeks.

"Most people, I think, would recognize that when you set up something new
there are lots of things to do and we missed some of these, frankly. The
auditor pointed them out to us and we thanked them for it. It helped us
improve our security, and for us, because of the line of business we are in, we
take security very seriously probably more seriously than most organizations."

Gray said the center has done a review of its technical staff and
"documented who can and should have access, and the number has been reduced."

The only recommendation not implemented is encryption. "We have evaluated
that and we are still uncertain if that's a wise thing to do," said Gray.

He said there are some questions about the RACF encryption system. "That
option apparently doesn't work all the time. It causes some failures under
certain conditions."

Only the Ministry of Revenue received a glowing report card from the
auditor.

"It's and educational thing, the knowledge level of people," said John
Thompson, manager of technology security at the Revenue Ministry.

"Revenue has a fairly strong technology base and I think we are alert to
the technology concerns."

One ministry spokesperson said mini-computers were at fault for security
problems.

"Minicomputers were initially purchased to process information for small
numbers of people...The minis were traditionally much less well protected
since the loss of a mini threatened only local interests."

The next step for the auditor's office is to return to the ministries to
check on whether its recommendations are being implimented.

"It's still to early, "Sciarra said." "We'll probably do follow-ups in the
summer."

Follow-ups aren't as detailed as audits, and the next audit isn't due for
five or six years, he said.

"We audit government programs on a cyclical basis. There are too many
government programs to allow annual audits."

Sciarra said a detailed follow-up will have to come from the standing
committee on public accounts of the Ontario Legisature. That all-party
committee made up of 11 MPPs is designed to keep government bureaucracy
accountable by holding public hearings on issues raised by the auditor.

"There are so many weaknesses we identified." Sciarra said, "I think the
public accounts committee will be selecting those three sections of the 1991
report (dealing with computer security) for more detailed review. It is on
their agenda, but hasn't been scheduled for hearing yet."

Sciarra said that once the committee tackles the problem, there will be
considerable "pressure exerted" for better security measures.


Virus Helped United States Win Gulf War
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Toronto Computes March 1992 ]

Computer virii have moved from the basements of techno-weenies into the
Cloak-and-dagger world of military espionage. According to an American
newsmagazine, the U.S military used a virus to cripple the Iraqi airforce
during last year's Gulf War.

In an operation worthy of James Bond, American intelligence agents
identified a French printer about to be smuggled to the Iraqi army from Jordan,
according to unidentified senior U.S officials who leaked the story to U.S News
and World Report. The agents then removed a chip in the printer and replaced
it with a chip that contained a virus. The virus was designed the National
Security agency, the magazine said. A spokesperson for the NSA told Toronto
Computes that it would be inappropriate to comment on the story.

According to the magazine article, the virus was intended to foul up a
mainframe computer tied to Iraq's air defense system, said the magazine. "Once
the virus was in the system, the U.S officials explained, each time an Iraqi
technician opened a window on his computer screen to access information, the
contents of the screen simply vanished."

Because the virus originated in a printer, it evaded detection by the Iraqi
computer. "It's a very sneaky way to get a virus in," said Glenn Price-Jones,
technical services director for Wanikas Software Inc. of Toronto which
provides a wide range of anti-virus services and distributes VirusBuster
software for Leprechaun Software International. "It would make it very
difficult to find the source of the virus. You wouldn't expect a printer to
cause software subverstion."

The operation must have been incredibly sophisticated, he said. "You'd
have to know how a central processor and a printer communicate with each other
in great detail and how to subvert that." But a virus writer could figure out
how to confound a mainframe system if it's one that's widely used, he added.

"It's pretty easy to know the system if its in use many areas." But the
operation would have been difficult. "Someone would have to have the printer
stolen between France and Iraq, change the chip, then put the printer back on
the transportation route without any detection."

The virus directed against Iraq could also infect innocent victims, said
Price-Jones. Such a virus could have infected civil aviation systems, causing
civilian airplanes to be misguided by air traffic controllers, he said.

It's likely the military and the civilian air control systems used the same
type of hardware, making it possible for the virus to spread, he said.

"They have to talk to each other or they'll be straying into each others'
air space." If the Iraqi military passed along any data to civil aviation
authorities, the virus might have ridden along with the data. "With something
as insidious as this the virus could hide itself as a data record."

But it's highly unlikely the virus would have spread to civil aviation
authorities in other countries because they'd have to be using the same
hardware and software as the Iraqi military was using, he said. There's a
greater risk that the Iraqis discovered which printer chip carried the virus,
cloned it, then smuggled it into a printer destined for the military of the
U.S. or some other country. But such a smuggling operation would probably be
detected before it did any damage. it would be easy for security officials to
check for tainted chips by examining every chip and seeing whether they match
the specifications of a good chip.

Price-Jones said there was no possibility that such a virus could be used
to foster world peace, say by disabling every country's nuclear arsenal.

"In theory you could do it, but there are too many layer of failuch as DOS
Macintosh, and very difficult on mainframes, said Price-Jones. "There's
built-in security in a mainframe. You usually can't get access into a
mainframe without being detected."

It's virtually impossible to run a mainframe without first entering a
personal password. And once you've given it your password, the system
maintains a record of everything you do. So most mainframe virii would carry
the electronic fingerprints of its creator.

DOS systems, however are very virus-prone and are becoming increasingly
susceptible, said Price-Jones.

"There is zero security in DOS systems. You can look at anything you want.
It's wide open. As PCs become the global-village network, the risk is getting
higher. There are 100 million DOS PCs in the world and they're getting
cheaper.

A $200 compiler program lets you write a very elegant little virus."
A spokesperson for the Iraqi Embassy in Ottawa wouldn't comment on the story
and said questions should be addressed to the ambassador by fax. The
ambassador did not respond to a faxed request for a comment.


AT&T Provides Debit-Card Service To Visitors In U.S.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Wall Street Journal May 12, 1992 ]

American Telephone & Telegraph Co. and other U.S. long-distance carriers
are offering services that let foreign visitors to the U.S. prepay their
long-distance phone calls here, The Wall Street Journal reported.

AT&T, the nation's largest long-distance phone carrier, said it plans to
announce its AT&T TeleTicket service today. It said the debit-card service
will assist the caller in one of nine languages and that it has started taking
orders for the debit cards which customers use to make the calls.

About 42 million travelers visited the U.S. last year, according to the
U.S. Travel & Tourism Administration, a Department of Commerce agency. AT&T
said its studies showed each visitor made an average of four phone calls per
visit last year.

"There's a different calling system here and it can be very confusing" to
an outsider, said Margaret Barrett, director of Global Consumer Services at
AT&T.

Unlike the foreign debit cards, AT&T customers won't have to search for a
special phone that takes its debit card, according to Barrett.

TeleTicket customers will dial a special "800" number to make their calls,
then punch in an identification number that also tells the AT&T system the
customer's regular language. A recorded message tells the customer how to
select each service, including phone calling. Once the call is completed, the
cost of the call is deducted from the customer's prepaid card account.

In addition, TeleTicket users can also dial the number to gain access to
U.S. weather reports, currency exchange information and interpretation
services in their own language. AT&T is offering the service initially in nine
languages: Dutch, English, French, German, Italian, Japanese, Korean,
Portuguese and Spanish.

TeleTicket calls will cost more than regular direct dial calls. Under the
AT&T plan, a three-minute call to the Netherlands costing $5.10 at regular
rates will cost $7.20 using a TeleTicket card.

Barrett said AT&T hopes to distribute the debit cards through numerous
channels overseas, including travel agents, airlines and tourist bureaus.

Other carriers are tapping into this international traveler market. In
early April, Sprint Corp. announced a debit card program that lets Japanese
and Mexican travelers buy phone call credits in $10, $20 and $50 increments and
get language assistance. MCI Communications Corp. said it will unveil its own
debit card program for travelers in a few weeks. The regional Bell companies
are said to be readying their own debit card programs and some carriers in
other countries are beginning to offer prepaid debit cards to travelers.


Authorities Uncover Network of Hackers In Credit Card Fraud
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Wall Street Journal April 20, 1992 ]

SAN DIEGO (AP) -- Police said they have cracked a network of young computer
hackers who were able to make millions of dollars in fraudulent credit card
purchases and break into confidential credit- rating files.

As many as 1,000 hackers, ranging in age from 14 to 25, have shared such
information nationwide for at least four years, Detective Dennis Sadler said.

He said officers stumbled upon the network while investigating a local case
of credit card fraud.

An alleged hacker picked up in late March agreed to cooperate and has
provided information to police and the FBI, Mr. Sadler said. Authorities
refused to identify the person.

The probe has led to the arrest of two teens in Ohio and seizures of
computers and related items in New York City, the Philadelphia area and
Seattle.

Police say the hackers can gain access to the computers of national credit
card agencies and credit reporting agencies through such major computer
networks as Telenet, Signet and Sprintnet.

Hackers obtained some information from computers at Equifax Credit
Information Services, an Atlanta-based credit reporting agency.

"We're still in the process of investigating, and we're working very
closely with San Diego police," said company spokeswoman Tina Black.

Equifax, one of the nation's three largest credit bureaus, has a database
that includes about 170 million credit files. Ms. Black said fewer than 25
files were compromised.


Bell Atlantic Picks N.J. Town To Test Technology
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ Courtesy of Wall Street Journal May 1, 1992 ]

PHILADELPHIA -- Bell Atlantic Corp. said it picked Union City, N.J., for
a joint test with American Telephone & Telegraph Co. of technology to bring
information services to the classroom.

The companies announced last October that they planned to test a technology
that allows the transmission of interactive voice and data as well as
full-motion video over existing copper wires in the telephone network.

The technology is called "asymmetrical digital subscriber line," and allows
compressed video signals to be carried only one way over regular copper phone
wires. It also allows the same line to transmit voice, data and video signals
simultaneously.


------------------------------------------------------------------------------


-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 10 of 11

Member & Site Application Form


UPI has once more returned and it is no longer the shit group it used to
be. We are looking for quality members that are willing to contribute to the
group. We are especially looking for people who are experienced in electronics
and chemistry, and any other P/H/C/A topic. If you would like to join UPi
please fill out the application below then rename the application form to your
alais and zip it up and upload it privately to The Cathedral or you can send it
to us in ascii form via our internet e-mail address (which is listed in the
main introduction).

What is your handle?
:
What is your first And last name?
:
What is your voice phone number?
:
What is your data phone number?
:
What city do you live in?
:
What province/state do you live in?
:
What country do you live in?
:
How old are you?
:
How many years of experience do you have in the underground?
:
What are you specialities in the underground?
:
:
:
:
:
What do you have to offer UPi?
:
:
:
:
:
Are you/or have been a member of any other groups?
:
List anything else below that you want to say about yourself that would
convince us to let you become a member?
:
:
:
:
If you run a board and would like you board to become a site for UPi please
fill out the following information.

What is the name of board?
:
What is the phone number?
:
How many megs does the board have?
:
What baud rate is supported?
:
What bbs program do you run?
:
How does you board support the underground?
:
Is the anything special about your board?
:
:
:
:
:
List anything else below that you want to say about your board that will
convince us to let you become a site?
:
:
:
:
:


------------------------------------------------------------------------------

-=- United Phreaker's Incorporated Magazine -=-

Volume Two, Issue Six, File 11 of 11


[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]
!! !!
!! U P i - U N I T E D P H R E A K E R ' S I N C O R P O R A T E D !!
!! !!
[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]

Founder And President: The Lost Avenger - Editorial Staff

Vice President: Arch Bishop - Editorial Staff

Writers: Truth Assasin
Black Flag
Hardwire
Master Of Gold
Silcon Phreaker
VC Hacker

Site Listing:
------------------------------------------------------------------------------
Node BBS Name Area Baud Megs BBS Sysop
Number Code Rate Program
------------------------------------------------------------------------------
WHQ The Cathedral 416 14.4 85 Telegard Arch Bishop
Node #1 Pango +972 2400 200 SuperBBS Basil Chesyr
------------------------------------------------------------------------------

Freelance writers are always welcome to write articles for future UPi
Issues. If you would like to submit an article please send then to The Lost
Avenger or Arch Bishop via The Cathedral or send them to The Lost Avenger via
Internet E-mail. If the article is not accepted you will be notified and let
known the reason why or why not, your article was not acceptable. But don't be
discouraged if your article wasn't acceptable, you may submit more articles
even though one of your other submissions were not accepted.

New members from anywhere in the world will always be welcome. If you wish
to join the group, you must logon to The Cathedral and acquire an account.
Once that's done, you need to ask TLA or AB for the UPi questionnaire to be
used to evaluate you. Once you pass, an email of congratulations will be sent
to you and you will be able to participate fully in the group in addition to
getting your name on this elegant introduction screen.

Impress chicks with how you're a member of a premier international
organization of freelance anarchists with the capability to reach out and touch
a globe.

[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]
!! !!
!! U P i - U N I T E D P H R E A K E R ' S I N C O R P O R A T E D !!
!! !!
[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]==[$]



← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT