Issue 9                                                             Volume 2 
 
                        * * * T H E  A B U S E R * * * 
 
 
 
Contents: 
 
Disclaimer..... 
Letter From The Editor..... 
CAFBL News..... 
Crashing A Renegade BBS by Kamui..... 
Underground News..... 
Social Engineering Bell Atlantic by Swallow..... 
Qwik Trix..... 
The Underground Art Of Encryption by Key Master.....  
Too Many Snoops by Spooky..... 
 
 
DISCLAIMER: 
 
I nor any other person involved with the writing, programming, or  
distributing of THE ABUSER take no responsibility for the person(s)  
that read or obtain this magazine. The information in this magazine is  
SOLELY for informational purposes only and anything described in this  
magazine SHOULD NOT be attempted, since some material is ILLEGAL.  
Furthermore, I nor any other person involved with THE ABUSER DO NOT  
guarantee all or any information published in this magazine to be  
one-hundred percent true and/or effective. 
 
 
LETTER FROM THE EDITOR: 
 
Well we are just about back on track now. CAFBL had a little stir up 
but we have put that all behind us and are trying to get back on 
schedule because, as you probably know, we are behind once again.  
Hopefully all the rumors that have been going around about me have  
been put to rest. I have heard a lot of strange stories going around. 
I hope people don't believe everything they hear. 
 
 
CAFBL NEWS: 
 
Before I do anything else I would like to thank Black Francis and his 
BBS, Goat Blowers Anonymous, for becoming the unofficial WHQ for CAFBL 
until we find one. Everyone seemed to flock to his BBS to communicate 
because it is the best BBS in the 215/Philadelphia area. Thanx again! 
 
We had another little scare inside of CAFBL. Spiff had said for some 
time that he was no longer going to be a CAFBL member. Well, with 
everyone saying that THE ABUSER just wouldn't be the same without him, 
he has decided to stay. Rush 2 has left CAFBL. Differences in opinion 
with other members within the group have caused him to leave. With  
the leaving of Rush 2 we thought it appropriate to have some other  
members join in his place. Treason and ViRUS are now part of CAFBL.  
They are both writers. You may have seen some of Treasons work in a 
mag called BTR. We would like to welcome both Treason and ViRUS into 
CAFBL. Look for some work from them soon. CAFBL will be making a few 
changes in the months to come. By issue number 10 I hope to be a  
tightly nit group. Some contact was lost with members when THC went  
down, but most members have found a way to communicate. We now  
officially have a WHQ. It's Kamui's BBS, Pyshcotic Reflections. 
 
 
 
CRASHING A RENEGADE BBS BY KAMUI: 
 
_intro_         
         
        While i think Renegade is the best BBS software out there,  
there are still lots of bugs. Most of these bugs that i have found  
have to do with MCI Code Support. Cott Lang is pretty stupid to allow  
MCI access all over the board... Anyway, i will show you an example  
of how to crash a RG board with MCI codes. 
 
 
_the^juicy^stuff_ 
         
        Logon as a Newuser and put your handle as "HA%UN". Then fill  
out any info you want for the other questions. Now after you answer  
all the questions and enter your new password, it will go to the  
NEWINFO.MNU which on most boards will display an ansi file that shows  
your stats just in case you typed in the wrong thing. Now when Renegade  
displays your Handle it will scroll 
 
HaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHa 
HaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHa 
HaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHaHa 
 
all over the screen. You probably know why by now, but i will explain 
anyway. It's because after renegade displays "Ha" for your handle, it  
will then display the MCI Code for Handle and will be in an infinite  
loop. The SysOp can't just hang up on you, he must Reboot the computer  
completely (and if you're lucky, maybe he'll get some lost clusters). 
 
        Now you can do this same method with any of the other  
questions. They all have MCI codes of their own. 
 
        And remember to do this late at night or early in the morning  
when the sysop isn't around so he doesn't know how you did it. He will  
see from the sysop logs that there was a newuser logon, but since you  
didn't actually save the information, it won't write what handle you  
entered in. He might put in an NUP after a while, buy hey, it's gets a  
little old after entering it on the same board all the time... 
 
* Now how the fuck do i prevent lamers from doing this to _MY_ board? 
 
        That's simple. Just edit the ansi that you have for the  
NEWINFO.MNU that displays the person's info and take out all the MCIs.  
Just write the options to change the info, but don't show the info  
that they wrote in. That ansi should be the only place it displays the  
person's handle in the new user process, unless you give the user  
access to your board right when they apply. Then you're fucked... It  
is pretty annoying for the users, but it's the only thing to do, and  
is worth it when you wake up at noon and find that your computer was  
scrolling "Cafbl Rules" all over the screen since 5 in the morning. 
 
        Another method to keep your board from being crashed is the 
TRASHCAN.TXT file. This is an option for Renegade that Cott Lang  
didn't write in the Doc files. You see, if you make a file called  
TRASHCAN.TXT and put it in the Renegade MISC directory, then you can  
specify what user names you don't want. This is also helpful to find  
out if someone tried this method of crashing on your board, because it  
will write the following in the Sysop.Log if a name on the list was  
entered - 
 
* New User Logon 
Unacceptable Name: HA%UN 
 
        You can't just write "%" in this file, because it only checks  
that the whole Handle isn't blacklisted. (maybe cott _did_ make it for  
blacklisting, but didn't want warez pups to know about it). You can  
plainly see when you hex edit the RENEGADE.OVR file that under the  
question "Enter your New Handle", it says TRASHCAN.TXT. 
 
 
UNDERGROUND NEWS: 
 
Man Charged With Phone Scheme 
 
It was a report of a suspected drug deal in the 7-11 parking lot that  
brought Haverford police to the scene. What they found instead - two  
men pouring over a chapter in The Whole Spy Catalog called, "How to  
Locate and Tap Any Telephone" - was a lot more interesting. From that  
discovery last week, police and federal authorities have developed an 
investigation into high-tech fraud.  One of the two men, Edward  
Elliott Cummings, 33, has been arrested and charged with two counts  
each of unlawful use of a computer and possession of devices for theft  
of telecommunications. In the Villanova room where Cummings had been  
staying, police said, they found evidence of a "large-scale operation"  
in which Cummings allegedly had been "cloning" cellular phone numbers  
and converting speed dialers into "red boxes" that can make free calls  
from pay phones. When the police encountered Cummings at the 7-11 on  
Eagle Road, he was preparing to sell one of those speed dialers and  
the crystals that are used to convert them, police alleged. The second  
man, who was not arrested, had traveled from Florida to buy the  
device, according to a police affidavit. Two days later, after  
speaking with a Secret Service agent about the legality of the  
devices, Haverford police arrested Cummings. They said they found him  
repairing a personal computer in a home on the 100 block of North  
Concord Road in Marple Township.  When they searched him, police said,  
they found a modified speed dialer in his wallet, which led to the  
second set of charges. The secret service is still working with  
Haverford officers on the investigation, but Cummings has not been  
charged on the federal level, agent-in-charge Ernie Kun said  
yesterday.  Cummings is being held in Delaware County Prison on  
$100,000 bail. While searching the room where Cummings stayed in a  
home on Panorama Road in Villanova Thursday, police said they seized  
several hundred speed dialers, computer software, cellular phones, and  
thousands of computer chips and crystals.  They also found books  
describing computer crimes and hacking, as well as literature related  
to bomb-making, said Haverford Police Sgt. John Walsh. Cummings  
apparently moved to Villanova after a falling-out with a landlord in  
Broomall. The former landlord, Charles Rappa of Broomall, said he  
found eight to 10 sticks of dynamite in the house after Cummings moved  
out in October.  He also found various "how-to" books. "I got a whole  
pile of them that he left here [such as] How to Kill Somebody With  
Poison, How to Get Around the Credit Card System,"  Rappa, who is a  
Realtor in Glenolden, said yesterday. "'Two Christmases ago, he was  
boasting that he could tap into TWA and get a free ticket.  I said,  
'What do you mean?'  So he went up to his computer and he was able to  
access TWA." With that, Cummings was off to pick up his ticket to  
Morocco from Philadelphia International Airport - and Rappa did not  
see him for the next two weeks, he said. "For a man who didn't work,  
he lived pretty good," Rappa said.  "When he came to live here five  
years ago, he worked for a computer company, and they let him go.  He  
said he was going to just freelance.  He was going to buy himself a  
computer." Rappa said Cummings often locked himself in his room for  
long periods.  
 
Computer Hacker Gets Prison Term 
 
Los Angeles - A computer hacker who admitted rigging radio call-in 
contests to win luxury automobiles, Hawaiian vacations and thousands 
in cash was sentenced yesterday to 51 months in prison. Kevin Lee  
Poulsen was also ordered by U.S. District Judge Manuel Real to pay  
$58,000 in restitution and serve three years supervised probation upon  
his release. Prosecutors called the sentence the harshest ever given a  
computer hacker. Poulsen, 29, faces additional charges of stealing  
classified Air Force communications. 
 
Bomb Made From Info From Internet 
 
Cape Girardeau, Mo. - A bomb found in a teen-ager's bedroom was made  
with information gathered from the Internet, police said yesterday.  
The boy's father found the bomb and brought it to police headquarters  
in this southeast Missouri town Wensday. "It was a fairly  
sophisticated device, constructed of gun powder and gasoline with  
Styrofoam melted into the gasoline," said Police Chief Howard Boyd. "It  
formed a napalm-like substance that will stick to you and burn." The  
case was still under investigation and the boy had not been charged,  
Boyd said Monday. He declined to release the youth's name or exact  
age. 
 
Bell Atlantic Nears Video 
 
Washington(AP) - Bell Atlantic Corp. cleared a crucial regulatory  
hurdle Friday in its plans to become a cable television provider. The  
Philadelphia-based company said it received a waiver from a consent  
decree that broke up AT&T in 1984 that will allow it to transmit video  
and other signals across local telephone boundaries. U.S. District  
Judge Harold Greene, who administers the decree, granted the waiver. 
 
Cell Phone Venture 
 
Bell Atlantic Corporation (BYSE:BEL) and NYNEX Corporation (NYSE:NYN)  
recently announced plans to combine their cellular operations,  
creating a new national wireless company that will operate in seven of  
the top 20 cellular markets, with a total population of 55 million.  
The combining of the cellular companies is scheduled to be completed  
this quarter. Thomas A. Bartlett has been named president of the  
Northeast regional territory for the Bell Atlantic Mobile and NYNEX  
Mobile joint venture. Recently, ACS Enterprises Inc., of Bensalem, 
providers of Popvision wireless cable TV, merged with CAI Wireless  
Systems Inc. It was reported at the time that Bell and NYNEX will  
develop technology for the wireless cable systems owned by CAI. Alan 
Sonnenberg, chairman and CEO of ACS, said an important ACS and CAI was  
the capital provided by Bell Atlantic Corp. and NYNEX Corp. The money  
will be used to fund the cash portion of payment to ACS shareholder  
and other CAU acquisitions. 
 
 
SOCIAL ENGINEERING BELL ATLANTIC BY SWALLOW: 
 
Introduction  -  
    This article lists important Bell Atlantic number, and tells you  
how to talk to them to get any information you want. If you learn to  
social engineer well enough, you can get anything you need on the  
phone company with my list below.   
    Before you call work out an identity - have the following  
information ready:  
    - you are calling from repair, station number xx (any number works  
from about 10-40, even though the repair stations are not separated  
like this - it sounds very realistic to stupid operators when you say  
"station 22 repair").  
    - the location of your office. Pick out a town near you where Bell  
Atlantic has an office with trucks parked out back. Example: Bryn  
Mawr, PA is what I usually use.   
    So if they ask "who am I speaking to?", you say "This is Mark  
Abene at station 29 repair in Bryn Mawr." For best results, do not use  
the names Mark Abene, Emmaneul Goldstein, or anything starting with  
Bernie. 
 
Basic Rules  - 
    * if you ever get put in a tight spot, blame your supervisor, and  
work it out to a mutual agreement. 
         THEM: sorry sir, I'm not allowed to give you that  
               information-who is this anyway?  You should know better  
               than to ask for that... 
         ME: duh... my supervisor gave me this number and told me to  
             call. 
         THEM: okay - don't let it happen again!  
    * it's more casual as you may think.  relax a bit - when talking,  
don't be afraid to make conversation, and small talk (how are you,  
etc.). 
    * do NOT abuse these numbers.  Some of them are very easy to get  
information from!  If you abuse the numbers, then they will boost  
security! 
    * if they ask a question and you don't know the answer, blame your  
supervisor again, and work it out to mutual agreement, swearing to  
call back. 
         THEM: what is the ID code to get that information? 
         ME: duh... my supervisor gave me this number and told me to  
             call.     
              I'd better check with him and call you back. 
         THEM: duh, okay. 
    * rehearse what you want to say, and make sure your goal is clear  
    - do you know what it is you are calling for? 
    * do NOT sound like a (for lack of a better term) dork. Sound like  
a real repairmen might.  If you haven't gone through puberty yet, have  
somebody who has make the call for you.   
    * yet again: use your supervisor as your security.  Most of the  
operators on these numbers are not too bright. If they get their  
supervisors though, they'll figure it out.  So - if you have confused  
an operator, and he/she wants to go get their supervisor, make a  
graceful exit, using your supervisor as an excuse. 
 
Stupid "not-quite-a-hack" hacks  -   
    Free local calls with redbox:  Call the operator and tell her your  
coins are going in, but they're not doing anything - you're still not  
connected. The operator will dial the number for you, and will  
actually accept the red box tones as real money.  
    Free LEGAL! calls:  Call up repair (611) - flaming mad:  "I'm  
trying to call this number, and I keep on getting reorder tone, and  
the phone ate my quarter, and the operator tried and it still didn't  
work!  What's wrong with it!?!" Sometimes repair will put you through 
for free on the account of all your troubles. 
 
Fun Numbers  -  
 
News line  -  1.800.647.6397 
    This is the number that Bell Atlantic employees call everyday to  
hear a recording of Bell Atlantic news events.  Usually boring, but  
sometimes they talk about fraud, and other naughty things. 
 
ANI  -  958, 958-xxxx, 958-4100 
    ANI is automatic number identification.  When you call this  
number, it will read your number back to you.  This is good for  
finding out what number you are calling from if you are beige boxing,  
etc. 
    In most of Bell Atlantic, it has something to do with 958. In the  
suburbs of Philly, it's 958-4100, in Philly and in south Jersey, the  
number is just 958.  Try 958, 958-4100, and 958-???? where you live  
and see what happens.   
 
NOC (Network Operations Center, pronounce KNOCK)  - 
    The NOC is basically God. They have a lot of information, and  
they just wait for repairmen to call up and ask for it. So... try  
calling up and asking for the ESS switch in your exchange. Try calling  
up and finding out what they have. I have not had much experience with  
them yet. 
 
703.205.4200  -  NOC in Virginia.  Try to bullshit them in to getting  
you the NOC in your own area if it's not listed here. This one appears  
to be the headquarters, or at least more important than the others -  
there are more people working there, and they have more information. 
 
610.251.2600  -  NOC for area code 610, southeastern PA, suburbs of  
Philadelphia.   
 
215.451.2200  -  NOC for area code 215, Philadelphia. 
 
If they tell you that they don't cover the area you are looking for,  
simply ask them for the number of the NOC that covers the NPA-xxx exchange.   
 
LAC (Line Assignment Center, pronounced ell-ay-cee)  -   
    1.800.310.9898   
    Note: this is for the Philadelphia (215/610) area only.  If you  
are in Philadelphia, and they tell you they do not handle that area,  
a) ask for the LAC that does, or ask to get transferred to "control".  
Tell control what you need, and for what area.   
    This is like 555-1212 on steroids. They have the phone number of  
EVERYBODY who has phone service. Even companies and unlisted phones.  
The only exception to this is the NSA. The LAC does not have the  
phone number for the NSA, but after all, there is No Such Agency.  
Right, anyway:  call up the LAC and say "Hi...  I need the phone  
number for a customer at <<<FULL ADDRESS>>>" There should be no  
problem. You can also get the cable pair from them by replacing the  
words "phone number" with "cable pair".  Pretty clever, If you are  
really good and clever, you can use this number to get a CNA for a  
number you have, but this takes work - they are not supposed to give  
it out, though they have access to it very easily. 
 
 
QWIK TRIX: 
 
HOW TO MAKE SOMEONE'S FONE A REOUTER: 
(Ultra Call Forwarding) by Dark Phiber 
[Bell Atlantic Systems] 
 
In issue 7 I told you about the Ultra Call Forwarding (UCF) service. 
Well since that time I had been caught doing it and they have changed 
their security around. You now need to know the social security  
number of the line you wish to add the UCF service to. For most of  
you that is no problem at all. For the ones that can't get social  
security numbers as easily you need to social engineer a little more. 
I have found they won't ask you as many questions if you ask them  
more questions and sound sincere and get them to trust you. 
 
Another thing not mentioned in the first article about UCF was the 
TelCo's capability to track every number that the UCF line is forwarded 
to. They have printouts of when the line is activated for UCF and when 
it is deactivated for UCF. Dates and times are also included. 
 
 
THE UNDERGROUND ART OF ENCRYPTION BY KEY MASTER: 
[Formerly released in CSoft Magazine] 
 
How I see things, there has been one constant in human society since  
the very first day that we placed a footprint in the sand.  That  
constant is of security.  The security of information.  The secret  
location of our cave which houses the badly needed food for the coming  
winter.  The plans to a deadly bomb which could destroy our planet if 
obtained by the wrong people. 
 
What should we know?  What shouldn't we know?  In this information  
age, security of information is becoming an obvious issue.  Did you  
know that the United States government is RESTRICTING certain forms of  
encryption from being used by the public? 
 
I wrote this article for anyone who is interested.  It explains the  
basics of "Encryption", which is the intentional alteration of data in  
any medium (to "encrypt") to be indecipherable to anyone except those  
who have the scheme to "decipher" the data back to its original form. 
Sounds easy, doesn't it? :) 
 
This article is divided by topics in the field of Encryption, and,  
where appropriate, there are FYI's (For Your Information) to help  
explain terms you might not understand. 
 
 
==FYI== "Code" and "Cipher" ? 
 
A "Code" involves the use of code words, symbols, or groups of numbers  
to replace words or phrases.  For example, many police forces use  
"10-4" for Acknowledge, "10-9" for Repeat Message, "10-98" for  
Prison/Jail Break, etc. 
 
A "Cipher" is something TOTALLY DIFFERENT.  A "Cipher" works with the  
elements of a message.  For example, the letter "k" in the group of  
characters "jklm". 
 
 
==FYI== "Clear; Key; Cipher" ? 
 
Three (3) main terms used in encryption.  In the example of a message  
being encrypted, the "Clear" (also called "Plain") represents the  
message BEFORE encryption.  The "Cipher" is what the message looks  
like AFTER encryption. And the "Key" is sometimes used to calculate  
the Cipher. 
 
 
Substitution 
~~~~~~~~~~~~ 
Substitution, as the name implies, involves substituting one thing  
with another. 
 
"Simple Substitution": Simple Substitution is a cipher with a single  
cipher character replacing each clear character. 
 
The most common way to get a simple substitution table is to start  
with a key word (which must NOT have repeating characters in it).   
Let's use the word "CODER" as our key. 
 
Clear : A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Cipher: C O D E R A B F G H I J K L M N P Q S T U V W X Y Z 
 
After that, the left-over letters are placed in order. However, if we  
were to do only that, many clear characters and cipher characters will  
actually remain the same!  To avoid that, we first rewrite the cipher  
alphabet under the key word: 
                             C O D E R 
                             A B F G H 
                             I J K L M 
                             N P Q S T 
                             U V W X Y 
                             Z 
 
Now, starting with the leftmost column, we rewrite a revised cipher  
alphabet: 
 
Clear : A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Cipher: C A I N U Z O B J P V D F K Q W E G L S X R H M T Y 
 
That's more like it.  Now each character has a DIFFERENT character to  
substitute itself with.  Let's encrypt "KEY MASTER" using the above  
"Simple Substitution" table: 
 
                        Clear:   K E Y  M A S T E R 
                        Cipher:  V U T  F C L S U G 
 
There are many variants of Simple Substitution for the computer.  The  
three most common involve using the logical XOR operator, adding and  
subtracting ordinal values, and digit-swapping.  ALL of these methods  
are different forms of SUBSTITUTION. 
 
"Polyalphabetic Substitution": Polyalphabetic substitution involves  
MULTIPLE ALPHABETS and usually has a variable key. 
 
An example of a Polyalphabetic Substitution cipher is the "AutoKey  
Cipher".  On top of using a variable key, the AutoKey Cipher uses a  
NON-REPETATIVE key.  It creates a non-repetitive key by creating the  
key, based upon the data being encrypted, as it encrypts. 
 
Let's start with a typical polyalphabet table: 
 
      a b c d e f g h i j k l m n o p q r s t u v w x y z 
                        ^ 
   a  A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
   b  Z A B C D E F G H I J K L M N O P Q R S T U V W X Y 
   c  Y Z A B C D E F G H I J K L M N O P Q R S T U V W X 
   d  X Y Z A B C D E F G H I J K L M N O P Q R S T U V W 
   e  W X Y Z A B C D E F G H I J K L M N O P Q R S T U V 
   f  V W X Y Z A B C D E F G H I J K L M N O P Q R S T U 
   g  U V W X Y Z A B C D E F G H I J K L M N O P Q R S T 
   h  T U V W X Y Z A B C D E F G H I J K L M N O P Q R S 
   i  S T U V W X Y Z A B C D E F G H I J K L M N O P Q R 
   j  R S T U V W X Y Z A B C D E F G H I J K L M N O P Q 
   k  Q R S T U V W X Y Z A B C D E F G H I J K L M N O P 
   l  P Q R S T U V W X Y Z A B C D E F G H I J K L M N O 
   m  O P Q R S T U V W X Y Z A B C D E F G H I J K L M N 
   n  N O P Q R S T U V W X Y Z A B C D E F G H I J K L M 
   o  M N O P Q R S T U V W X Y Z A B C D E F G H I J K L 
   p  L M N O P Q R S T U V W X Y Z A B C D E F G H I J K 
   q  K L M N O P Q R S T U V W X Y Z A B C D E F G H I J 
   r  J K L M N O P Q R S T U V W X Y Z A B C D E F G H I 
   s  I J K L M N O P Q R S T U V W X Y Z A B C D E F G H 
   t  H I J K L M N O P Q R S T U V W X Y Z A B C D E F G 
   u  G H I J K L M N O P Q R S T U V W X Y Z A B C D E F 
   v  F G H I J K L M N O P Q R S T U V W X Y Z A B C D E 
   w  E F G H I J K L M N O P Q R S T U V W X Y Z A B C D 
   x  D E F G H I J K L M N O P Q R S T U V W X Y Z A B C 
   y  C D E F G H I J K L M N O P Q R S T U V W X Y Z A B 
   z  B C D E F G H I J K L M N O P Q R S T U V W X Y Z A 
   ^                    ^ 
Here we have 26 DIFFERENT, possible alphabets to use.  The principle  
of the AutoKey Cipher is that the cipher character determines the  
cipher used for the next character.  However, there must be an initial  
key to start the process going.  Let's use "J" as the initial key, for 
example.  Now let's encrypt "KEY MASTER" using the AutoKey Cipher with  
the above polyalphabet table: 
 
                        Clear:   K E Y  M A S T E R 
                        Cipher:  Z V X  L L T A W F 
 
We started with "J" as the initial key.  We go along the top row and  
find the "J" column.  Then we go down until we find the letter to be  
encrypted.  Then we go over to the left and find out the cipher  
letter.  I put the ^ symbol under the letters to follow for the first  
character to encrypt, the "K". 
 
Also notice that this method totally stomps on a frequency count  
because, in the above example, two totally different letters represent  
the letter "E". 
 
==FYI== "Frequency Count" ? 
A "Frequency Count" is one of the tools used to break encryption  
schemes.  For example, the characters E, T, A, O, N, I, S, R, & H make  
up more than 70 percent of the average text; the characters T, O, A,  
W, B, C, D, S, H, F, M, R, I, & Y are the initial letter of most  
words; the characters E, T, D, S, N, R, & Y are the final letter of 
most words.  These and tons of other facts about the English language  
help code breakers determine a text message. 
 
 
Transposition 
~~~~~~~~~~~~~ 
Transposition, UNLIKE substitution, involves SWITCHING one thing with  
another by methodically mixing up the characters to make the message  
unreadable. 
 
Let's encrypt "KEY_MASTER" using the simple "Rail Fence Cipher".   
First we write the message in some form of a rectangle or square,  
then rewrite the message arranging the letters in diagonals. 
 
                        Clear:   K E Y _ M A S T E R 
 
                                  K E Y _ M 
                                  A S T E R 
 
                        Cipher:  M _ R Y E E T K S A 
 
 
Super Encipherment 
~~~~~~~~~~~~~~~~~~ 
Up to this point, we have been dealing with PRIMARY concepts of  
encryption.  "Primary", meaning you encrypt something with one  
encryption method and that's it. Welcome to what is called "Super  
Encipherment".  It involves encrypting something that is ALREADY  
encrypted! 
 
Probably the best and safest way to do this is to mix a Substitution  
Cipher with a Transposition Cipher. 
 
Before you attempt this, I want to tell you that TRUE Super  
Encipherment means NOT "canceling out" the primary system of  
encryption!!! 
 
==FYI== "Canceling Out" ? 
 
    ANALOGY:  1 + 2 = 3.  The answer is 3.  For our 
              purposes, 3 makes 1 and 2 meaningless. 
              1 + x = 1 + x.  The answer, in this second 
              case, is the question.  There are NO COMMON 
              TERMS to simplify, as in the first problem. 
              When one encryption method "cancels out" 
              another, that means there are common terms 
              between the two methods--which would actually 
              equate to ONE encryption method.  When that 
              happens, Super Encipherment does NOT exist 
              with that particular scheme. 
 
    EXAMPLE:  A double XOR.  Let's encrypt the number 4 
              with two XOR keys.  4 XOR 75 = 79.  79 XOR 77 
              = 2.  Ok, we just DOUBLE XOR'd a byte with 
              TWO SEPARATE KEYS!  WOW!  Sounds great, huh? 
              These two methods "cancel" each other. 
              Watch: 4 XOR 6 = 2.  As you can see, XORing a 
              byte with 75 and 77 is the same as XORing the 
              same byte with 6. 
 
 
Compression 
~~~~~~~~~~~ 
Believe it or not, "Compression" can be a form of encryption.   
Compression means that the encrypted version is SMALLER than the  
decrypted version.  Common computer utilities made by various people  
that can compress data include PKZIP, ARJ, LHA, and STACKER.  Getting  
into this will blow the scope of this article, so I will just say it 
exists. 
 
 
Random Numbers 
~~~~~~~~~~~~~~ 
A side note about "random numbers": should you ever find the need to  
have a "random number", keep in mind that it is NOT POSSIBLE.  True  
randomness does not exist as far as we know.  We can't simply sit down  
and write numbers that come into our heads.  We'll be unconsciously  
including patterns. Computer number generators use very complex  
equations to put together a string of numbers that don't repeat  
quickly and which have very subtle patterns.  It's only logical to see  
that any generating system which depends on an equation, however  
complex, will leave its pattern in the numbers. 
 
The closest one can get to true randomness is from a statistical table  
of some sort, such as from WORLD ALMANAC and stock and bond price  
listings in the financial pages of the newspaper. 
 
 
That's about it for this article, I hope you've learned something  
about encryption! 
 
If you want to contact me, I can be reached via Internet, or at SPIRAL  
AbYSS, my BBS, at 215-968-1574. 
 
INTERNET: kmaster@delphi.com 
 
 
TOO MANY SNOOPS BY SPOOKY:                             
           
        The capture of our beloved leader Dark Phiber *coughNOTcough*  
;) got me thinking about how few of us tkae any security precautions  
against feds, parents, and other snoops.  I mean that h/p shit on yer  
puter can probably get you into alot of trouble, especially if the  
feds find it.  So I thought that i would address this issue with my  
next article, and here it is! (Note: I am currently running DOS  
version 5.0 so some of these tricks may not work if you are running  
anything else. ;P) 
 
     %Software Barriers% 
          1.Password protect the BIOS- I kniow most of the newer  
            puters will let you do this, although mine won't =( This  
            is especially good because that way you can't boot from  
            A: and bypass it. 
 
          2.Install a 3rd party pasword system- In case you can't lock  
            your BIOS you shoulf definately fo this. Just be sure to 
            put the call to the password system in the 1st or 2nd  
            lines of your autoexec.bat so that you can't control-c out  
            of it.  There are plenty of these programs out there for  
            free. One place to look is at the CERT faculty on the net.  
            Maybe when I learn to program I'll make a password system  
            and release it for cafbl. Look for it in the future.... 
 
          3.Hide your secret files- here's how i did it.... 
             a.make a directory to store the files in (in an  
               inconspicious place, like off of C:\DOS) 
             b.hide the directory with attrib 
             c.in your config.sys file, add the following lines: 
               install doskey 
               doskey keystrokes=macros 
               doskey dir /a=fool.bat 
               dosket dir /a:h=dir 
            *What this does is makes it so that when a snoop types dir*  
            * /a                                                      * 
            *to list your hidden files and directories, it'll run     * 
            *fool.bat                                                 * 
            *instead. And when they type dir /a:h it will just run    * 
            *plain dir                                                * 
             d.then hide config.sys and make it read-only 
             e.next make a batch file called fool.bat(or whatever, be  
               sure it's same as what you told doskey to call however) 
               that will 1st clear the path, then call fooledu.bat.  
               Put this file in your path and hide. 
             f.now make another batch file htat will echo the same  
               thing that dir /a shows when there are no hidden files.  
               Make one for every directory, making sure to change the  
               "Directory of . . ." line accordingly. At tyhe end of  
               the file, add a line that will restore the path. 
            *The whole purpose of clearing the path is so that you run*  
            *the                                                      * 
            *fooledu.bat in the directory that you are in at that     * 
            *time, not                                                *   
            *the one in the path. Not very fancy, but it works.       * 
            g.then rename attrib.exe and then hide it so they can't   
              just hit  
               attrib and list all of your hidden files that way. 
 
          4.Destroy the evidence- Ok, your sitting there hacking NASA  
            when all of the sudden you hear a knock at the door them  
            your mom calling you saying that some federal agents would  
            like to talk to you. Uh-oh! What do you do? Format the  
            drive? No, that takes too long, erares all data including  
            legit stuff, and can be undone. Well I have a better  
            solution. Here's what you do. Make a batch file containing  
            something like this: 
             cls 
             echo installing sharware, hold . . . 
             kill c:\dos\hack*.* >nul 
             rd c:\dos\hack >nul 
             kill c:\stuff\warezz\*.* >nul 
             rd c:\stuff\warezz >nul 
             md c:\shareware 
             copy c:\dos\game.com c:\shareware >nul 
             echo instillation complete! 
             delete %0 >nul 
          Note:KILL is one of those programs that overwrites the  
               program with ones and zeros, making recovery  
               impossible.(for extra security) GAME.COM is just a  
               batch file converted to a com that echos 'runtime error  
               at 4410:001B' that way if the spam asks you what you  
               are doing you can say that you are installing a  
               shareware game and run the com(previously hidden in  
               c:\dos or wherever) which should convince him you are  
               telling the truth. btw-the DELETE %0 at the end of the  
               batch file just deltes the batch file, totally  
               destroying the evidence. 
 
     %Hardware Barrier% 
           
          1.Destroying your backups- In case you get raided by the  
            feds/cops/telco, you will most likely want to have a way  
            to quickly destroy you backup copies of any h/p stuff you  
            have on disk. Well the method that i have ready to use is  
            pretty simple. Just take some wire, wrap it around your  
            box that you store your disks in, then connect one side of  
            the wire to a 9 volt battery's negative side, and the  
            other to a SPST switch  which then in turn is connected to  
            the positive side of the battery completing a simple  
            electromagnet. When/if the feds ever come, flick the  
            switch on and your disks will be scrambled. If you wanna  
            be fancy, you can install a battery holder. Also, you can  
            drill a hole in your desk and mount it there. 
          *NOTE:I have no method of destorying the data on the HD    * 
          *physically, but i imagine that if you have the            * 
          *electromagnet close enough when you turn it on it would   * 
          *affect it, maybe even scramble all of the data but right  * 
          *now i don't have a HD to test this theory out on. But i'll*  
          *get back to you's on it when i find out.                  * 
 
