==Phrack Inc.== Volume Three, Issue Thirty-five, File 10 of 13 PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Phrack World News PWN PWN PWN PWN Issue XXXV / Part One PWN PWN PWN PWN Compiled by Dispater PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Welcome to another edition of Phrack World News. Read this issue very carefully because it is full of very important stories about a multitude of different issues. Special thanks goes to Dark OverLord, Stainless Steel Provider, and Private Citizen for their help in preparing this issue. _______________________________________________________________________________ XMASCON 1991 ~~~~~~~~~~~ NIA Magazine & Phrack Inc. present: The Second Annual X M A S C O N Who: All Hackers, Journalists, Security Personnel, Federal Agents, Lawyers, Authors and Other Interested Parties. Where: Houston Airport Hilton Inn 500 North Belt East Houston, Texas 77060 U.S.A. Tel: (713) 931-0101 Fax: (713) 931-3523 When: Friday December 27 through Sunday December 29, 1991 Yes, ladies and gentlemen, you read it right... Xmascon has returned! This will undoubtedly be the telecom event of the year. Unlike certain conferences in the past, Xmascon 91 has a devoted and dedicated staff who are putting in an unmentionable amount of time to ensure a large, vast and organized collection of some of the most diversified people in the telecommunications world. The event will be open to the public so that anyone may attend and learn more about the different aspects of computer security. Hotel Information ----------------- The Houston Airport Hilton Inn is located about 6 miles from Intercontinental Airport. The Xmascon group room rates are $49.00 plus tax (15%) per night, your choice of either single or double. There are also 7 suites available, the prices of which vary from $140 to $250. You can call the hotel to find out the differences and availability of the suites, and you will also NEED to tell them you are with the Xmascon Conference to receive the reduced room rate, otherwise, you will be paying $69.00. There is no charge for children, regardless of age, when they occupy the same room as their parents. Specially designed rooms for the handicapped are available. The hotel provides free transportation to and from the airport, as well as neighboring Greenspoint Mall, every 30 minutes on the hour, and on call, if needed. There are 2 restaurants in the hotel. The Wicker Works is open until 11:00 pm, and The Forty Love is open 24 Hours. There will also be breakfast, lunch and dinner buffets each day. There is a piano bar, The Cycle Club, as well as a sports bar, Chaps, which features numerous table games, large screen TV, and a disco with a DJ. Within the hotel compound, there are 3 pools, 2 of which are indoors, a jacuzzi, a miniature golf course, and a fully equipped health club which features universal weights, a whirlpool and sauna. A car rental agency is located in the hotel lobby, and you can arrange to pick your car up at either the airport or the hotel. Xmascon attendees are entitled to a discounted rate. Contact the hotel for more information. Xmascon will last 3 days, with the main conference being held on Saturday, December 28, in the Osage meeting room, starting at 12:00 p.m. and continuing on throughout the evening. This year, we have our own complete wing of the hotel, which is housed around a 3,000 square foot atrium ballroom. The wing is completely separated from the rest of the hotel, so we are strongly encouraging people to make their reservations as far in advance as possible to ensure themselves a room within our area. We are hoping to have a number of people speak on a varied assortment of topics. If you would like to speak, please contact us as soon as possible and let us know who you are, who you represent (if anyone), the topic you wish to speak on, a rough estimate of how long you will need, and whether or not you will be needing any audio-visual aids. There will be a display case inside the meeting room which will hold items of telecom interest. Specific items that will be available, or that we hope to have, include the first issues of 2600, Tap, Mondo 2000, and other magazines, non-computer related magazines that feature articles of interest, a wide array of boxes, the Quaker Oats 2600 mhz whistle, The Metal AE, etc. We will also have a VCR and monitor set up, so if you have any interesting videos (such as the Unsolved Mysteries show featuring Kevin Poulsen), or if you have anything you think people would enjoy having the chance to see, please let us know ahead of time, and tell us if you will need any help getting it to the conference. If all else fails, just bring it to the con and give it to us when you arrive. If anyone requires any additional information, needs to ask any questions, wants to RSVP, or would like to be added to the mailing list to receive the Xmascon updates, you may write to either myself (Drunkfux), Judge Dredd, or Lord Macduff via Internet at: nia@nuchat.sccsi.com Or via US Mail at: Hard Data Corporation ATTN: HoHo P.O. Box 60695 Airport Mail Facility Houston, Texas 77205-9998 U.S.A. We will hopefully have an 800 mailbox before the next update is sent out. If someone cares to donate a decent one, that will stay up throughout the end of the year, please let us know. We should also be listing a few systems as an alternative form of reaching us. Xmascon 91 will be a priceless learning experience for professionals, and gives journalists a chance to gather information and ideas direct from the source. It is also one of the very few times when all the members of the computer underground can come together for a realistic purpose. We urge people not to miss out on an event of this caliber, which doesn't happen very often. If you've ever wanted to meet some of the most famous people from the hacking community, this may be your one and only chance. Don't wait to read about it in all the magazines, and then wish you had attended, make your plans to be there now! Be a part of our largest and greatest conference ever. Remember, to make your reservations, call (713) 931-0101 and tell them you're with Xmascon. In closing... if you miss this one, you're only cheating yourself. _______________________________________________________________________________ MindRape Revisited September 27,1991 ~~~~~~~~~~~~~~~~~ >From Arizona State University State Press Further Reading: Phrack Issue 34, File 11, "MindRape or MediaRape?" An Arizona State University (ASU) student is one of seven suspects in a computer fraud scheme that one US West Communications official said could cost the carrier and the phone company as much as $5 billion in one year. Police in Phoenix, Arizona have seized computer equipment, software, and a list of long distance calling card codes from the home of the unidentified 19-year-old student. The student is one of seven people -- three in Oregon and one each in Washington, Utah, and Iowa -- singled out as suspects in a month-long investigation of electronic phone fraud conducted by Phoenix police, said Jim Waltman, a fraud manager for US West Communications. The Phoenix man has not been arrested. The computer "hackers" allegedly used their computers to gain access to secret long distance phone access codes such as the ones found on calling cards, and sold codes to other students for profit. US West officials told the Associated Press that it is unknown how many local customers have been wrongfully billed for long distance calls on their accounts. Kevin Robinson, public information sergeant for the Phoenix Police Department, would not comment on the investigation. Art Carter, dean of Student Life at Arizona State University (ASU), said that if the student is charged, the case will be reviewed under the ASU Code of Conduct and the action taken by the University will be determined at that time. Mark Knighton, security director for LDL Long Distance, said his company and US West were able to trace calls to several location, including the home of the Phoenix man. The Phoenix man has not been arrested, authorities said. Waltman said he was with Phoenix police a week ago when they searched the north Phoenix home and uncovered what turned out to be an inexpensive and relatively simple system for getting free codes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Editor's Comment by: Dispater What MindRape has been charged with cannot be determined now. A request must be submitted to Arizona Public Records and be considered for release to the requestor. Here are some possibly useful numbers: Arizona Special Investigations Division (602)542-4853 County Attorney's Office (602)262-3411 (Gail Thackeray) Arizona Republic Newspaper (602)271-8000 Phoenix Police Department - General Investigations (602)262-6141 - Police Information (602)262-7626 - Police Records (602)262-6134 _______________________________________________________________________________ East Coast LOD Hackers Create Virtual Reality MAELSTROM ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "It's reached the point where hacking is counter-productive." If the 1980's were the decade that hackers emerged from their relative obscurity as computer oddities, to be transformed in the public's perception as front-page news -- then the 90's are shaping up to be the decade of hacker turned entrepreneur. Lately the notorious hacker group Legion of Doom seems to be a particularly fertile spawning ground for ex-hackers turned young-businessman. Two former East-Coast Legion of Doom members, Bruce Fanscher and Patrick Krupa , have pooled their talents to form a new company in the burgeoning field of Virtual Reality. The arena of Virtual Reality has often been called technology in search of a purpose and at times resembles nothing more than an interactive movie meets videogame. This chaotic state of affairs has led to a never-never land of incompatible technologies and far-out ideas, that have tremendous potential, but little commercial application at present. Fanscher and Krupa plan to change all that. "VR isn't anything new, it's something we've been living for over half our lives. The only difference is the state of current technology, makes possible an incredible variety of application." said Krupa in an interview. "Right now we're in the ideal position to move forward on ideas we've been working on for years," added Fanscher. Krupa, who had attained the status of cult figure in the hacker underground prior to his arrest, as chronicled by John Markoff (New York Times) technology columnist, has spent the last several years working in the very lo-tech world of theater, "Basically I was totally burnt out on computers. I mean I don't give a damn if my word processor boots in one second instead of eight, and that's the only place anything was heading for a long time. The NeXT has changed all that and brought to market something truly innovative, although I still don't care too much about technology as anything but a medium through which you can reach people and affect their experiences and perceptions." No stranger to creative innovation himself, Fanscher, Krupa's longtime compatriot, has spent his share of time in the somewhat murky spotlight of the hacker underground. Musing about his days as a hacker delving into computer systems to see how they worked, Fanscher remarked that: "It's reached the point where hacking is counter-productive. You can only take apart things other people have designed and see what makes them work, for so long, before it becomes an exercise in boredom and the time comes to use what you've learned to create something new that nobody has ever seen before. My current interest in other people's systems is zero. It was a useful learning experience for me, but there's no future in it." This oddly charismatic, dynamic duo is rounded out by Delia Kopold a former actress and theater major who is the architect of the worlds that make MAELSTROM come alive. This initial offering by the collection of talents will be an online system run on the NeXTcube supermicro -- a machine that looks more like a piece of modern art than a computer -- that offers enhanced versions of all the usual amenities like electronic messaging, file transfers, and networking, all revolving around MAELSTROM, a program Fanscher calls, "a real-time virtual interaction simulation engine." MAELSTROM will initially take the form of an extremely detailed fantasy world complete with custom graphic programs that run on MS-DOS, Macintosh and Amiga computers, allowing users to tap into the NeXTcube's system architecture through their home computers connected to telephone lines. "Maelstrom isn't really a fantasy game, it's actually a universal engine comprised of objects that can be accessed by a variety of graphic, sound and data files to create just about any multi-user reality you can dream up," explains Krupa. The MAELSTROM system is about to go through a short beta-test run in New York City prior to a national ad campaign that will herald its universal accessibility on packet switch. "Our beta system already offers everything that competing services offer, but at a much lower cost -- and we're still adding features. And nothing like Maelstrom has ever existed before, the technology just wasn't there," concludes Fanscher. _______________________________________________________________________________ 2600 Magazine Exposes Security Holes October 18,1991 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by John F. McMullen & Barbara E. McMullen (Newbytes) Armonk, New York -- Supported by videotape examples, Emmanuel Goldstein, editor and publisher of 2600 Magazine: The Hacker Quarterly, told those in attendance at an October 17th New York City press conference that "the American public is often lulled into a false sense of security; a security that is often not supported by the facts of specific cases." The videotapes, produced by 2600 and provided to the press show both the intrusion of a Dutch "hacker" in to United States Military computers and what Goldstein alleges is the fallibility of a brand of mechanical, pushbutton locks used by, among others, New York State University sites, Federal Express, United Parcel Service, JFK International Airport, IBM and NASA. Goldstein told Newsbytes "We invested considerable time and money to wake people up to the fact that we have a false sense of security when it comes not only to computer networks but to physical safety as well." The tape of the Dutch "hacker" was made by Goldstein while in Europe. and shows the intrusion into a Unites States Army computer system. The intruder was able to set up a fictitious account called "danquayle" and, once into the system, was able to obtain "root" privileges thus giving him total control of the workings of the system. A portion of this tape had previously been shown with Goldstein's approval on an episode of the Geraldo Rivera television show "Now It Can Be Told". Goldstein told Newsbytes that one^S^Q reason for his release of the entire tape to the press was his feeling that the Rivera episode entitled "The Mad Hacker's Key Party" had distorted the message of the tape -- "This was not a case of a terrorist break-in but was rather simply a demonstration of the lack of security of our systems. To find root accounts with password like "Kuwait" and lack of sophisticated security in our military computers should be of real concern and should not be lost in an exploitation of the 'hacker' issue." A background paper provided at the conference by 2600 explains the entire intrusion effort in detail and states "The purpose of this demonstration is to show just how easy it really was. Great care was taken to ensure that no damage or alteration of data occurred on this particular system. No military secrets were taken and no files were saved to a disk by the hackers. What is frightening is that nobody knows who else has access to this information or what their motivations might be. This is a warning that cannot be taken lightly." The second videotape show Goldstein and other 2600 staff opening seemingly at will locks manufactured by Simplex Security Systems. The locks of the mechanical pushbutton combination variety were shown to be installed at the State of New York University at Stony Brook, JFK International Airport and on Federal Express and United Parcel pick-up boxes throughout the New York Metropolitan area. In the film, Goldstein is shown filling out a Federal Express envelope for delivery to 2600 Magazine and inserting in the Fedex dropbox. He then lifts the weather protection cover on the box's lock and keys a combination that allows him to open the lock and remove his envelope. Scott Skinner, a SUNY student and 2600 staff member told Newsbytes that it had actually taken the staff 10 minutes to determine the proper code combinations to open the lock. Skinner explained, "While Simplex prefers people to think that there is an endless number of permutations to the lock, there are actually only 1,085. In most cases, even this number is greatly reduced -- if one knows that only three buttons are being used, it reduces the possibilities to 135. Additionally, we found that, once we had the combination to one Federal Express dropbox, it worked in every other one that we tried in the New York area." Goldstein told Newsbytes "When we contacted Simplex, they first denied that the locks were unsafe and then said that the permutations were much greater. After some discussion, they admitted that the 1,085 figure was correct but said that it would take a person with a complete listing of the combinations over four hours to try them all. Our experience obviously shows that they may be opened in a much shorter time than that." Goldstein also pointed out that, "although a $5 Master combination lock may be broken by a crowbar, it is a much more secure combination device. It has 64,000 combinations compared to the 1,085 with the Simplex." Goldstein continued, "One of the real problems is that, should a person have the misfortune to be robbed, entry due to a failure of the Simplex lock gives no evidence of a forcible break-in and police and insurance companies often put the blame on the homeowner or office manager for 'giving away the combination.' It really can create a problem." Skinner told Newsbytes "I'm really concerned about t^Shis. I'm a student at SUNY, Stony Brook and all our dormitories use these locks as the only means of security. I've shown the problem to Scott Law who is responsible for residence security but he has discounted the problem and said that the locks were installed at the recommendation of the campus locksmith. The locksmith, Garry Lenox contradicts Law and says that he recommended against these locks years ago and said that they were not secure for dormitory use." Skinner said that he will write an article for the college newspaper in an attempt to raise consciousness about this problem. Goldstein also said that he intends to publish the list of valid combinations in an up-coming iss^Que of 2600 to demonstrate to the public the problems with the lock. He further said that he will raise the issue on his weekly radio show, "Off The Hook", heard on New York's WBAI-FM. In response to a Newsbytes question concerning how the 2600 staff happened to become involved in a problem with locks, Goldstein said, "We're hackers and when we see something with buttons on it, whether it's a computer or not, we tend to try it. While the average person tends to accept that things are secure just because he is told that they are, hackers will usually try them out. It's because of this 'trying out' that we can point out the problems with both the US military computer security and this lock -- and we feel that, in both cases, we have performed a service. People should be aware when they are at risk so that they may take action to correct it." _______________________________________________________________________________ Questions Exist On Israeli Break-In Of US Systems September 10,1991 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Barbara E. McMullen & John F. McMullen (Newsbytes) NEW YORK -- Amidst reports of the intrusion by an Israeli national into United States military computer systems, there have been conflicting accounts of the extent and nature of the invasion. According to wire services, Deri Schriebman, an 18 year-old graduate of Israel's Technion Institute and a native of the northern Israeli city of Carmiel, was arrested by Israeli police for allegedly breaking into US military computers and commercial credit card systems. Israeli spokes person Eitan Raz, commenting on the equipment found at Schriebman's home for allegedly making free overseas phone calls, was quoted as saying "This was a very complex system. It was the first time such technology was discovered in Israel." Newsbytes has ben able to confirm with sources that a trail of credit card fraud in the United States and Canada led investigators to Schriebman but has not been able to confirm that Schriebman, as reported in Israeli press, was able to access classified Pentagon information concerning Patriot missiles during the recent Gulf War. A US government investigative official told Newsbytes that, while his agency has formally requested documentation of the events from the Israeli police, that there seems to have been no contact to date between any US service and the Israeli investigators. Other investigative sources have told Newsbytes that the investigation into Schriebman's activities began in May 1991 when two Quebec teenagers were arrested for purchasing goods through the use of stolen credit card identification. The teenagers told Canadian authorities that they had received the information from a source in Carmiel, Israel and the authorities notified Israeli police. According to the Israeli reports, Schriebman admitted the intrusion into credit card files and the subsequent dissemination of codes but denied making any use of the information. He was quoted as saying that his cracking into the systems was done only out of curiosity. A "hacker" source told Newsbytes that underground bulletin boards utilized for the exchange of such credit information are often frequented by foreign nationals. He said that the most frequent visitors come from Australia, Israel and Germany and that many of the Israelis identify themselves as have a connection with the Technion Institute. _______________________________________________________________________________ Downloaded From P-80 International Information Systems 304-744-2253 12yrs+