=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

                                ==Phrack Inc.==

                      Volume Two, Issue 21, File 3 of 11

       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
       <>                                                            <>
       <>                  Shadows Of A Future Past                  <>
       <>                  ~~~~~~~~~~~~~~~~~~~~~~~~                  <>
       <>           Part One Of The Vicious Circle Trilogy           <>
       <>                                                            <>
       <>        A New Indepth Look At A Re-Occurring Problem        <>
       <>                     by Knight Lightning                    <>
       <>                                                            <>
       <>                       August 6, 1988                       <>
       <>                                                            <>
       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

The Problem?
~~~~~~~~~~~~
The fate of the entire modem community for the most part is based on the
foundation of computer bulletin boards.  These realms of information exchange
have become centers of learning and trading various information for thousands
of hackers across the United States and even the world.

However, today's security consultants and law enforcement agencies are smarter
than ever too and they know where to strike in order to do the most damage.
The concept of creating a bulletin board for the purpose of catching hackers
was unheard of until The Phoenix Phortress Incident of 1986.  The creation of
this bulletin board system enabled Sergeant Dan Pasquale of the Fremont Police
Department the ability to penetrate the sacred barrier between the phreak/hack
community and the rest of the world.

This file will attempt to show the extent of this problem within the community
and hopefully will lead readers to discover ways of protecting themselves from
the many "venus fly traps" they are likely to encounter.  Articles presented in
this file are specially edited reprints from past issues of Phrack World News.


The Evidence - The unseen truths reside in the shadows of our past and future.
~~~~~~~~~~~~
The following is an excerpt from Phrack World News Issue III;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Phoenix Phortress Stings 7
~~~~~~~~~~~~~~~~~~~~~~~~~~
On March 5, 1986, the following seven phreaks were arrested in what has come to
be known as the first computer crime "sting" operation.

           Captain Hacker \ Doctor Bob \ Lasertech \ The Adventurer
                  The Highwayman \ The Punisher \ The Warden

Many of them or other members of Phoenix Phortress belonged to these groups:

  High Mountain Hackers \ Kaos Inc. \ Shadow Brotherhood \ The Nihilist Order

Of the seven, three were 15 years old; two were 16; one was 17; and one, 19.

Their charges include:

Several misdemeanors
Trafficking in stolen long distance service codes
Trafficking in stolen credit card numbers
Possession of stolen property
Possession of dangerous weapons (a martial arts weapon)
Charging mail-order merchandise to stolen credit card numbers
Selling stolen property
Charging calls internationally to telephone service numbers

Other phreak boards mentioned include:

Bank Vault (Mainly for credit card numbers and tips on credit card scams)
Phreakers Phortress (Mainly of course for phreak codes and other information)

After serving search warrants early Wednesday morning on the seven Fremont
residences where the young men lived with their parents, police confiscated at
least $12,000 worth of equipment such as computers, modems, monitors, floppy
disks, and manuals, which contained information ranging from how to make a
bomb, to the access codes for the Merrill Lynch and Dean Witter Financial
Services Firm's corporate computers.

The sysop of Phoenix Phortress was The Revenger, who was supposedly Wally
Richards, a 25 year-old Hayward man who "phreaked back east a little" in New
Jersey.  He took the phone number under the name of Al Davis.  However he was
really Sgt. Daniel Pasquale of the Fremont Police Department.

When he introduced his board to other computer users, he called it the "newest,
coolest, phreak board in town."

Pasquale said he got the idea for the sting operation after a 16-year old
arrested last summer for possession of stolen property "rolled them over
(narced) He told us all about their operation."

Pasquale used a police department Apple //e computer and equipment, with access
codes and information provided by eight corporations, including Wells Fargo
Bank, Sprint, and MCI.

Pasquale said he received more than 2,500 calls from about 130 regular users
around the country.  The police started to make their first case three days
after the board went up.

"We had taken the unlisted phone number under the name Al Davis," Pasquale
said. "In six days, these kids had the name on the bulletin board.  I would
have needed a search warrant to get that information."

The arrests were made after five months of investigation by Dan Pasquale.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The Phoenix Phortress incident only led to the arrest of seven hackers.
However, at the same time it enabled the law enforcement agencies to gather
information about over one hundred other hackers, systems being discussed,
anything transmitted in electronic mail on the bulletin board, and most likely
gave them information about hundreds of other hackers, bulletin boards, and so
forth.

The following is an excerpt from Phrack World News Issue VII;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Maxfield Strikes Again                                          August 20, 1986
~~~~~~~~~~~~~~~~~~~~~~
Many of you probably remember a system known as "THE BOARD" in the Detroit 313
NPA.  The number was 313-592-4143 and the newuser password was
"HEL-N555,ELITE,3" (then return).  It was kind of unique because it was run off
of an HP2000 computer.

On August 20, 1986 the following messages began to appear on THE BOARD;
-   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -   -

                Welcome to MIKE WENDLAND'S I-TEAM sting board!
                   (Computer Services Provided By BOARDSCAN)
                             66 Megabytes Strong

                           300/1200 baud - 24 hours.

                      Three (3) lines = no busy signals!
                        Rotary hunting on 313-534-0400.


Board:   General Information & BBS's
Message: 41
Title:   YOU'VE BEEN HAD!!!
To:      ALL
From:    HIGH TECH
Posted:   8/20/86 @ 12.08 hours

Greetings:

You are now on THE BOARD, a "sting" BBS operated by MIKE WENDLAND of the
WDIV-TV I-Team.  The purpose?  To demonstrate and document the extent of
criminal and potentially illegal hacking and telephone fraud activity by the
so-called "hacking community."

Thanks for your cooperation.  In the past month and a half, we've received all
sorts of information from you implicating many of you to credit card fraud,
telephone billing fraud, vandalism, and possible break-ins to government or
public safety computers.  And the beauty of this is we have your posts, your
E-Mail and--- most importantly ---your REAL names and addresses.

What are we going to do with it?  Stay tuned to News 4.  I plan a special
series of reports about our experiences with THE BOARD, which saw users check
in from coast-to-coast and Canada, users ranging in age from 12 to 48.  For our
regular users, I have been known as High Tech, among other ID's.  John Maxfield
of Boardscan served as our consultant and provided the HP2000 that this "sting"
ran on.  Through call forwarding and other conveniences made possible by
telephone technology, the BBS operated remotely here in the Detroit area.

When will our reports be ready?  In a few weeks.  We now will be contacting
many of you directly, talking with law enforcement and security agents from
credit card companies and the telephone services.

It should be a hell of a series.  Thanks for your help.  And don't bother
trying any harassment.  Remember, we've got YOUR real names.

Mike Wendland
The I-team
WDIV, Detroit, MI.


Board:   General Information & BBS's
Message: 42
Title:   BOARDSCAN
To:      ALL
From:    THE REAPER

This is John Maxfield of Boardscan.  Welcome!  Please address all letter bombs
to Mike Wendland at WDIV-TV Detroit.  This board was his idea.

The Reaper (a.k.a. Cable Pair)
-------------------------------------------------------------------------------
John Maxfield was in general extremely proud of his efforts with THE BOARD and
he said that a lot of the people he voice verified should have known it was
him.  According to John Maxfield, the only reason this sting board was put up
was to show "What is currently happening in the phreak/hack community."   He
said no legal action will be taken at all, and besides, its fattened his
"dossiers" on a lot of people!

   [The news stories for WDIV-TV 4 appeared in Phrack World News Issue IX.]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Now, this is a classic example of people not learning from other people's
mistakes.  At some point in time prior to this incident, the number for THE
BOARD was posted, it was given a lot of hype and eventually it drew in hackers
to THE BOARD like flies to a spider web from which the unsuspecting users never
broke free.

That is the point I am trying to make -- today's phreak/hacker must learn to be
more security conscious.  What makes anyone think that they can trust someone
just because they are running a bulletin board?  This blind faith is what will
be the downfall of many a hacker until they wise up and start paying attention
to what they are doing.  Safety first; the stakes in this game are a lot higher
than no television after school for a week because once a hacker's phone number
falls into the wrong hands, the law enforcement community or organizations like
the Communications Fraud Control Association (CFCA) can find out everything
about you.  I know because I have seen their files and their hacker data base
is so incredibly large and accurate...its unbelievable.

The following is an excerpt from Phrack World News Issue XIV;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Metalland South:  Phreak BBS or MetaliFEDS Inc.?                   June 2, 1987
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Metalland South BBS, at 404-327-2327, was once a fairly well known bulletin
board, where many respected members of the hack/phreak community resided.  It
was originally operated by two guys from Metal Communications, Inc., but it
wasn't an MCI club board.  The sysop was Iron Man and the co-sysop was Black
Lord.  Recently, it has come to the writer's attention, that MLS has come under
new management, new policies, and possibly a new idea; Sting.

Somewhere around September-October 1986, Iron Man removed all of the hack/
phreak related subboards as well as all G-philes from the system.  He was
apparently worried about getting busted.  The last time this reporter spoke
with him, Iron Man said he intended to put the hack/phreak subs back up.  Then,
not long after this conversation, the number was changed (The original number
was 404-576-5166).

A person using the alias of The Caretaker was made co-sysop and Iron Man would
not reply to feedback.  Everything was handled by The Caretaker [TC from now
on].  TC did not allow any hack/phreak subs, but said he would put them up if
the users would follow STRICT validation procedures.

Strict validation on MLS includes:

^*^  Your Real Name
^*^  Your Address
^*^  Your Voice Phone Number
^*^  A Self-Addressed Envelope (in which he will send back with your account
                                number and password.)

It is obvious to see the ramifications here.  A board or sysop gets busted and
then makes a deal to turn over the board to some company or agency.  To make
sure that they get who they want, you have to give them all this info, and the
only you can get a password is to let them mail it to you, thus guaranteeing
that if something illegal is posted under that account, you are responsible, no
ifs, ands, or buts.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

There was more information that went on to prove that Metalland South was
indeed some kind of a trap or sting board and the whole aura of mystery
surrounding this system made it not worth calling.

Do not EVER give a sysop your address so he can send you your password.  There
is no need for such information as it can only hurt you severely and would not
benefit the sysop in any way that would leave you unharmed.

One other item concerning bulletin boards comes from PWN Issue V where mention
of yet another hacker sting board named The Tunnel was discovered in Texas.
And lets not forget about TMC's P-80, sysoped by Scan Man, that was responsible
for the apprehension of Shawn of Phreakers Quest (also known as Capt. Caveman).

However, do not fool yourself into believing that bulletin boards are the only
places you are likely to run into trouble.  Regular systems that you like to
work with may be just as dangerous if you are not careful.  Druidic Death and
Celtic Phrost found this out the hard way on the Unix system at MIT as they
nearly succumbed to the power of progressive entrapment which would have doomed
them both.

The following is an excerpt from Phrack World News Issue XI;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

MIT Unix:  Victim or Aggressor?                   January 23 - February 2, 1987
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Was the MIT system an innocent victim of hacker oppression or simply another
trap to capture unsuspecting hackers in the act?

It all started like this...

      [Some posts have been slightly edited to be relevant to the topic]

------------------------------------------------------------------------------
MIT
Name: Druidic Death
Date: 12:49 am  Mon Jan 20, 1986

Lately I've been messing around on MIT's VAX in there Physics Department.

Recently some one else got on there and did some damage to files.  However MIT
told me that they'll still trust us to call them.  The number is:

617-253-XXXX

We have to agree to the following or we will be kicked off, they will create a
"hacker" account for us.

<1>  Use only GUEST, RODNEY, and GAMES.  No other accounts until the hacker one
     is made.  There are no passwords on these accounts.
<2>  Make sure we log off properly.  Control-D.  This is a UNIX system.
<3>  Not to call between 9 AM and 5 PM Eastern Standard Time.  This is to avoid
     tying up the system.
<4>  Leave mail to GEORGE only with UNIX questions (or C).  And leave our
     handles so he'll know who we are.

------------------------------------------------------------------------------
Unix
Name: Celtic Phrost
Date: 4:16 pm  Mon Jan 20, 1986

Thanks Death for the MIT computer, I've been working on getting into them for
weeks.  Here's another you can play around with:

                           617/258-XXXX  login:GUEST

Or use a WHO command at the logon to see other accounts, it has been a long
time since I played with that system, so I am unsure if the GUEST account still
works, but if you use the WHO command you should see the GUEST account needed
for applying for your own account.

    -Phrost
------------------------------------------------------------------------------
Unix
Name: Celtic Phrost
Date: 5:35 pm  Mon Jan 20, 1986

Ok, sorry, but I just remembered the application account, its: OPEN
Gawd, I am glad I got that off my chest!

    -(A relieved)Celtic Phrost.

Also on that MIT computer Death listed, some other default accounts are:

          LONG          MIKE          GREG          NEIL          DAN

Get the rest yourself, and please people, LEAVE THEM UNPASSWORDED!

------------------------------------------------------------------------------
MIT
Name: Druidic Death 12
Date: 1:16 am  Fri Jan 23, 1987

MIT is pretty cool.  If you haven't called yet, try it out.  Just PLEASE make
sure you follow the little rules they asked us about!  If someone doesn't do
something right the sysop leaves the gripe mail to me.  Check out my directory
under the guest account just type "cd Dru".  Read the first file.

------------------------------------------------------------------------------
MIT
Name: Ctrl C
Date: 12:56 pm  Sat Jan 24, 1987

MIT Un-Passworded Unix Accounts:   617-253-XXXX

ALEX   BILL   GAMES   DAVE   GUEST   DAN   GREG   MIKE   LONG   NEIL  TOM   TED
BRIAN     RODNEY    VRET     GENTILE    ROCKY    SPIKE     KEVIN    KRIS    TIM

And PLEASE don't change the Passwords....

         -=>Ctrl C<=-
------------------------------------------------------------------------------
MIT Again
Name: Druidic Death
Date: 1:00 pm  Wed Jan 28, 1987

Ok people, MIT is pissed, someone hasn't been keeping the bargain and they
aren't too thrilled about it.  There were only three things they asked us to
do, and they were reasonable too.  All they wanted was for us to not compromise
the security much more than we had already, logoff properly, not leave any
processes going, and call only during non-business hours, and we would be able
to use the GUEST accounts as much as we like.

Someone got real nice and added themselves to the "daemon" group which is
superusers only, the name was "celtic".  Gee, I wonder who that could have
been?  I'm not pissed at anyone, but I'd like to keep on using MIT's computers,
and they'd love for us to be on, but they're getting paranoid.  Whoever is
calling besides me, be cool ok?  They even gave me a voice phone to chat with
their sysops with.  How often do you see this happen?

A little perturbed but not pissed...

DRU'
------------------------------------------------------------------------------
Tsk, Celtic.
Name: Evil Jay
Date: 9:39 am  Thu Jan 29, 1987

Well, personally I don't know why anyone would want to be a superuser on the
system in question. Once you've been on once, there is really nothing that
interesting to look at...but anyway.

-EJ
------------------------------------------------------------------------------
In trouble again...
Name: Celtic Phrost
Date: 2:35 pm  Fri Jan 30, 1987

...I was framed!! I did not add myself to any "daemon" group on any MIT UNIX.
I did call once, and I must admit I did hang up without logging off, but this
was due to a faulty program that would NOT allow me to break out of it, no
matter what I tried.  I am sure that I didn't cause any damage by that.

              -Phrost
------------------------------------------------------------------------------
Major Problems
Name: Druidic Death
Date: 12:20 pm  Sat Jan 31, 1987

OK, major stuff going down.  Some unidentified individual logged into the
Physics Dept's PDP11/34 at 617-253-XXXX and was drastically violating the
"agreement" we had reached.  I was the one that made the "deal" with them.  And
they even gave me a voice line to talk to them with.

Well, one day I called the other Physics computer, the office AT and discovered
that someone created an account in the superuser DAEMON group called "celtic".
Well, I was contacted by Brian through a chat and he told me to call him.  Then
he proceeded to nicely inform me that "due to unauthorized abuse of the system,
the deal is off".

He was cool about it and said he wished he didn't have to do that.  Then I
called George, the guy that made the deal and he said that someone who said he
was "Celtic Phrost" went on to the system and deleted nearly a year's worth of
artificial intelligence data from the nuclear fission research base.

Needless to say I was shocked.  I said that he can't believe that it was one of
us, that as far as I knew everyone was keeping the deal.  Then he (quite pissed
off) said that he wanted all of our names so he can report us to the FBI.  He
called us fags, and all sorts of stuff, he was VERY!! [underline twice] PISSED!
I don't blame him.  Actually I'm not blaming Celtic Phrost, it very easily
could have been a frame up.

But another thing is George thinks that Celtic Phrost and Druidic Death are one
and the same, in other words, he thinks that *I* stabbed him in the back.
Basically he just doesn't understand the way the hacker community operates.

Well, the deal is off, they plan to prosecute whoever they can catch.  Since
George is my best friend's brother I have not only lost a friend, but I'm
likely to see some legal problems soon.  Also, I can forget about doing my
graduate work at MIT.  Whoever did this damage to them, I hope you're happy.
You really messed things up real nice for a lot of people.

Celtic, I don't have any reason to believe you messed with them.  I also have
no reason to think you didn't.  I'm not making an accusation against you, but
WHOEVER did this, deserves to be shot as far as I'm concerned.  Until this data
was lost, they were on the verge of harnessing a laser-lithium produced form of
nuclear fission that would have been more efficient than using the standard
hydrogen.  Well, back to the drawing board now.

I realize that it's hard to believe that they would have data like this on this
system.  But they were quite stupid in many other areas too.  Leaving the
superuser account with no password??  Think about it.

It's also possible that they were exaggerating.  But regardless, damage seems
to have been done.

------------------------------------------------------------------------------
MIT
Name: Phreakenstein
Date: 1:31 am  Sun Feb 01, 1987

Heck! I dunno, but whoever it was, I think, should let himself (the s00per
K-rad elyte d00d he is) be known.

I wasn't on MIT, but it was pretty dumb of MIT to even let Hackers on.  I
wouldn't really worry though, they did let you on, and all you have to prove is
that you had no reason to do it.
----Phreak
------------------------------------------------------------------------------
I wonder...
Name: Ax Murderer 15
Date: 6:43 pm  Sun Feb 01, 1987

I highly doubt that is was someone on this system.  Since this is an elite
board, I think all the users are pretty decent and know right and wrong things
to do.  Could be that one of the users on this system called another system and
gave it out!??

Ax Murderer
------------------------------------------------------------------------------
It was stupid
Name: Druidic Death 12
Date: 9:21 pm  Sun Feb 01, 1987

It seems to me, or, what I gathered, they felt that there were going to be
hackers on the system to begin with and that this way they could keep
themselves basically safe.

I doubt that it was Celtic Phrost, I don't think he'd be an asshole like that.
But I can't say.  When I posted, I was pretty pissed about the whole deal. I've
calmed down now.  Psychic Warlord said something to me voice the other day that
made me stop and think.  What if this was a set up right from the start?  I
mean, MIT won't give me specifics on just what supposedly happened, Celtic
Phrost denies everything, and the biggest part of it is what George said to me.

"We can forgive you for what you did to us if you'll promise to go straight and
never do this again and just tell us who all of your friends are that are on
the system".

I didn't pay much attention to that remark at first, now I'm beginning to
wonder...

I, of course, didn't narc on anyone.  (Who do I know??? hehe)

DRU'
------------------------------------------------------------------------------
Comments...
Name: Delta-Master
Date: 7:15 am  Mon Feb 02, 1987

It wouldn't surprise me if it was some kind of setup, it's been done before.

Delta-Master

           [All posts in this article were taken from ShadowSpawn.]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The Solution
~~~~~~~~~~~~
What more is there to say?  It definitely looks like there was a setup involved
and it probably was not the first time and probably will not be the last time
either.  So how can you protect yourself?

As far as the bulletin boards go.  There is an unwritten rule somewhere that
basically says that to be a good sysop, you first have to be a good user.  If
the sysop of some mystery board is not someone you have seen around for a long
time, then I would not call.  However, even if it is someone who has been
around, references from someone you feel you can trust is a necessity.  It all
boils down to the reliability of the information and the persons involved.

When dealing with systems like the MIT Unix, remember, if its too good to be
true then most likely there will be something that you are not being told.
Who in their right mind is going to give free accounts to an important system
with delicate information to a group of hackers?  Its crazy.

This file will hopefully serve as an informative fresh look at an old game.  To
me, even if the time I spent putting this article together helps out or saves
only one phreak/hacker, I feel my job has been done successfully.

:Knight Lightning

                            "The Future Is Forever"

                              The Phoenix Project
 
                                
                                ==Phrack Inc.==

                      Volume Two, Issue 23, File 3 of 12

       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
       <>                                                            <>
       <>                        Subdivisions                        <>
       <>                        ~~~~~~~~~~~~                        <>
       <>          Part Three Of The Vicious Circle Trilogy          <>
       <>                                                            <>
       <>  A Study On The Occurrence Of Groups Within The Community  <>
       <>                                                            <>
       <>                Presented by Knight Lightning               <>
       <>                       August 8, 1988                       <>
       <>                                                            <>
       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

               A Rose By Any Other Name... Would Smell As Sweet

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

          The Administration \ Advanced Telecommunications, Inc./ATI
         ALIAS \ American Tone Travelers \ Anarchy Inc. \ Apple Mafia
  The Association \ Atlantic Pirates Guild/APG \ Bad Ass Mother Fuckers/BAMF
    Bellcore \ Bell Shock Force/BSF \ Black Bag \ Camorra \ C&M Productions
   Catholics Anonymous \ Chaos Computer Club \ Chief Executive Officers/CEO
 Circle Of Death \ Circle Of Deneb \ Club X \ Coalition of Hi-Tech Pirates/CHP
        Coast-To-Coast \ Corrupt Computing \ Cult Of The Dead Cow/-cDc-
    Custom Retaliations \ Damage Inc. \ D&B Communications \ The Dange Gang
            Dec Hunters \ Digital Gang/DG \ DPAK \ Eastern Alliance
          The Elite Hackers Guild \ Elite Phreakers and Hackers Club
  The Elite Society Of America \ EPG \ Executives Of Crime \ Extasyy (Elite)
   Fargo 4A \ Farmers Of Doom/FOD \ The Federation \ Feds R Us \ First Class
          Five O \ Five Star \ Force Hackers \ The 414s \ Hack-A-Trip
Hackers Of America/HOA \ High Mountain Hackers \ High Society \ The Hitchhikers
       IBM Syndicate \ The Ice Pirates Imperial Warlords \ Inner Circle
                        Inner Circle II \ Insanity Inc.
International Computer Underground Bandits/ICUB \ Justice League of America/JLA
     Kaos Inc. \ Knights Of Shadow/KOS \ Knights Of The Round Table/KOTRT
       League Of Adepts/LOA \ Legion Of Doom/LOD \ Legion Of Hackers/LOH
       Lords Of Chaos \ Lunitic Labs, Unlimited \ Master Hackers \ MAD!
            The Marauders \ MD/PhD \ Metal Communications, Inc./MCI
  MetalliBashers, Inc./MBI \ Metro Communications \ Midwest Pirates Guild/MPG
       NASA Elite \ The NATO Association \ Neon Knights \ Nihilist Order
Order Of The Rose \ OSS \ Pacific Pirates Guild/PPG \ Phantom Access Associates
                PHido PHreaks \ Phlash \ PhoneLine Phantoms/PLP
              Phone Phreakers Of America/PPOA \ Phortune 500/P500
               Phreak Hack Delinquents \ Phreak Hack Destroyers
         Phreakers, Hackers, And Laundromat Employees Gang/PHALSE Gang
     Phreaks Against Geeks/PAG \ Phreaks Against Phreaks Against Geeks/PAP
      Phreaks and Hackers of America \ Phreaks Anonymous World Wide/PAWW
             Project Genesis \ The Punk Mafia/TPM \ The Racketeers
 Red Dawn Text Files/RDTF \ Roscoe Gang \ SABRE \ Secret Circle of Pirates/SCP
   Secret Service \ 707 Club \ Shadow Brotherhood \ Sharp Inc. \ 65C02 Elite
    Spectral Force \ Star League \ Stowaways \ Strata-Crackers \ The Phrim
     Team Hackers '86 \ Team Hackers '87 \ TeleComputist Newsletter Staff
 Tribunal Of Knowledge/TOK \ Triple Entente \ Turn Over And Die Syndrome/TOADS
  300 Club \ 1200 Club \ 2300 Club \ 2600 Club \ 2601 Club \ 2AF \ Ware Brigade
           The Warelords \ WASP \ The United Soft WareZ Force/TuSwF
                       United Technical Underground/UTU

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Its literally unbelievable just how many different groups and organizations
there are or have been in the phreak/hack/pirate community.  The list of 130
groups displayed above is probably still just a fraction of the actual amount
of groups that there have been, but those are the only ones I am aware of at
this time.

In the past John Maxfield has estimated that there are about 50,000
hackers/phreaks/pirates operating in the United States today.  That figure has
multiplied to to a point where it probably comes close to 500,000.  Believe it
or not, almost everyone has been a member of one of the above groups (or
perhaps a group not mentioned) at one time or another.

Today's telecom security consultants and law enforcement agencies know this too
and that is how group affiliations can be turned against us.

What does being in a group mean?  In the modem community being in a group is
supposed to mean that the people in the group work on projects together and
trade specific information that people outside of the group are not allowed to
access and by the same token, have no way to get it.  However, obviously the
people in the group all feel that the other people with whom they are sharing
information, can be trusted and are worthy of associating with them to begin
with.  So when you stop and think about it, if there was no group, the people
in question would still be trading information and would still trust each other
because they would not have formed the group unless this criteria was met in
the first place.  So in truth, being in a group really means nothing on the
basis previously mentioned.

You see in the modem community, being in a group really is more like a power
trip or a "security blanket" for people who feel that they need to let people
know that they associate with a specific clique in the hopes that the
popularity of some of the other members will lend popularity to themselves.

Many groups form in such a way that they try to make it look otherwise and thus
begins the real problem.  Some groups are formed by a person who tries to get a
lot of guys together that he feels knows a lot or seems to post a lot of good
information - Bad Move; If you are going to form a group at all, stick with
people who you know can be trusted (can you really ever "know" who can be
trusted?) and then out of those people form your group or choose who you feel
should be in it.

Anyway, to prove that they are elite, most groups begin to gather specific data
for giving to group members, and this includes handing out their own names and
phone numbers with other members of the group.  They feel a false loyalty and
psychologically create such utter faith in all the members that the faith is
ultimately blind and based on hopes and aspirations of greatness.

What is the best way for a security agent or informant to blend in with the
modem community?  Join as many groups as possible, start gathering data on
the members, and spread your handle throughout the community to become "well
known."

Example:  Taken From Phrack World News Issue XV;

           [This article has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Mad Hatter; Informant?                                            July 31, 1987
~~~~~~~~~~~~~~~~~~~~~~
We at Phrack Inc. have uncovered a significant amount of information that has
led us to the belief that Mad Hatter is an informant for some law enforcement
organization.

When Taran King, Cheap Shades, Forest Ranger, and Knight Lightning arrived at
Control C's in Chicago, Illinois, Mad Hatter had already searched the place and
had found some papers that could only have done ^C harm.   We destroyed this
information and thought everything was ok.  However, as it turns out, we
searched Mad Hatter's bags and found a duplicate set of this information and
the general hypothesis was they he intended to leave it behind as incriminating
evidence.

Mad Hatter had also brought down several disks for the purpose of copying
Phantasie Realm.  Please note; PR was an IBM program and MH has an apple.

Control C told us that when he went to pick Mad Hatter up at the bus terminal,
he watched the bus pull in and saw everyone who disembarked.  Suddenly Mad
Hatter was there, but not from the bus he was supposed to have come in on.  In
addition to this, he had baking soda wrapped in a five dollar bill that he
tried to pass off as cocaine.  Perhaps to make us think he was cool or
something.

Mad Hatter constantly tried to get left behind at ^C's apartment for unknown
reasons. He also was seen at a neighbor's apartment making unauthorized calls
into the city of Chicago.  When asked who he called, his reply was "Don't worry
about it."  Mad Hatter had absolutely no money with him during PartyCon (and
incidentally he ate everything in ^C's refrigerator) and yet he insisted that
although he had taken the bus down and had return trip tickets for the bus,
that he would fly back home.  How was this going to be achieved?  He had no
money and even if he could get a refund for the bus tickets, he would still be
over $200 short.  When asked how he was going to do this, his reply was "Don't
worry about it."

On Saturday night while on the way to the Hard Rock Cafe, Mad Hatter asked
Control C for the location of his computer system and other items 4 times.
This is information that Hatter did not need to know, but perhaps a SS agent or
someone could use very nicely.

When Phrack Inc. discovered that Dan The Operator was an FBI informant and made
the news public, several people were criticizing him on Free World II Private.
Mad Hatter on the other hand, stood up for Noah and said that he was still his
friend despite what had happened.  Then later when he realized that people were
questioning his legitimacy, his original posts were deleted and he started
saying how much he wanted to kill Dan The Operator and that he hated him.

Mad Hatter already has admitted to knowing that Dan The Operator was an FBI
informant prior to SummerCon '87.  He says the reason he didn't tell anyone is
because he assumed we already knew.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
When Mad Hatter first entered the phreak/hack world, he joined;

                     Phreaks Anonymous World Wide (PAWW),
                     MetalliBashers, Inc (MBI),
                     Order of The Rose, and
                     Cult of The Dead Cow (-cDc-).

If you were a security agent or a loser hacker turned informant and you wanted
to mix in with the phreak/hack community, wouldn't you try to join as many
groups as possible to spread your name?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Phreaks Anonymous World Wide, MetalliBashers, Inc., Order of The Rose, and
Cult of The Dead Cow, not exactly the toughest groups to join and once there is
one security person in the group, he is bound to vouch for others, etc.  So
while he spreads his name as an elite modem user throughout the community, he
is busy gathering information on group members who are foolish enough to trust
him.

Its not bad enough that some groups are easy enough to infiltrate as it is, but
does anyone remember this?

Taken From Phrack World News Issue XI;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Phortune 500:  Phreakdom's Newest Organization               February 16, 1987
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For those of you who are in the least bit interested, Phortune 500 is a group
of telecommunication hobbyists who's goal is to spread information as well as
further their own knowledge in the world of telecommunications.  This new
group was formed by:

    Brew Associates / Handsomest One / Lord Lawless / The Renegade Chemist
          Quinton J. Miranda / Striker / The Mad Hacker / The Spiker

These eight members are also known as Board Of Directors (BOD).  They don't
claim to be *Elite* in the sense that they are they world's greatest hacker,
but they ARE somewhat picky about their members.  They prefer someone who knows
a bit about everything and has talents exclusive to him/herself.

One of the projects that Phortune 500 has completed is an individual password
AE type system.  It's called TransPhor.  It was written and created by Brew
Associates.  It has been Beta tested on The Undergraduate Lounge (Sysoped by
Quinton J. Miranda).   It is due to be released to the public throughout the
next few months.

Phortune 500 has been in operation for about 4 months, and has released two
newsletters of their own.  The Phortune 500 Newsletter is quite like the
"People" of contemporary magazines.  While some magazines cover the deep
technical aspects of the world in which we communicate, their newsletter tries
to cover the lighter side while throwing in information that they feel is "of
technical nature."  The third issue is due to be released by the end of this
month.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
             *>=-> The Phortune 500 Membership Questionnaire <-=<*

Note:  The following information is of a totally confidential nature.  The
       reason you may find this so lengthy and in depth is for our knowledge of
       you.  We, with Phortune 500, feel as though we should know prospective
       members well before we allow them into our organization.  Pending the
       answers you supply us, you will be admitted to Phortune 500 as a charter
       member.  Please answer the following completely...
...............................................................................

Handle                          :
First Name                      :
Voice Phone Number              :
Data Phone Number               :
City & State                    :
Age                             :
Occupation (If Applicable)      :
Place of Employment (Optional)  :
Work Phone Number   (Optional)  :
Computer Type                   :
Modem Type                      :
Interests                       :
Areas Of Expertise              :
References (No More Than Three) :
Major Accomplishments (If Any)  :
...............................................................................
Answer In 50 Words Or Less;

^*^  What Is Phortune 500 in Your Opinion?

^*^  Why Do You Want To Be Involved With Phortune 500?

^*^  How Can You Contribute to Phortune 500?
...............................................................................

Please answer each question to the best of your ability and then return to any
Phortune 500 Board of Directors Member Or a Phortune 500 BBS:

           The Private Connection (Limited Membership) 219-322-7266
           The Undergraduate AE   (Private Files Only) 602-990-1573
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

An actual application form for joining a group.  Perhaps the concept was a good
one, perhaps not, but from a standpoint of publicity and security, this was a
complete and utter catastrophe.

Basically we are all here to learn in one way or another.  Groups and clubs
in our community only seem to segregate it and at a time when everyone should
be pulling together, this is not such a good idea.  Privacy and security are
important factors that motivate these sects within the society, but ultimately
are the final consequences worth the trouble of creating a group?

If groups had not been created, there would not be as much attention on the
phreak/hack community as there is right now.  When group names start spreading,
it starts the law enforcement agencies into a panic that its big time organized
crime.  This allows them to justify more time and money into the apprehension
of computer criminals and usually they go after the big names; the people in
the most "elite" groups.

Now before you, a member of a group, start criticizing this file, please
understand, I am not referring to any particular groups here, just groups in
general.  Any and all comments made about MBI, -cDc-, PAWW, OOTR, and P500
should not be taken personally and were used only as examples of how groups can
be potential security problems.

There are some groups that are worthwhile organizations and its obvious because
that have existed through the years and been productive.  However, the only way
to keep this community alive is for everyone to work together to protect and
learn from each other.

:Knight Lightning

                              "The Future Is Now"

================================================================


                                ==Phrack Inc.==

                      Volume Two, Issue 22, File 3 of 12

       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
       <>                                                            <>
       <>                     The Judas Contract                     <>
       <>                     ~~~~~~~~~~~~~~~~~~                     <>
       <>           Part Two Of The Vicious Circle Trilogy           <>
       <>                                                            <>
       <>           An Exploration of The Quisling Syndrome          <>
       <>                             and                            <>
       <>  A Look At The Insurrection Of Security Into The Community <>
       <>                                                            <>
       <>                Presented by Knight Lightning               <>
       <>                       August 7, 1988                       <>
       <>                                                            <>
       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>


The Quisling Syndrome
~~~~~~~~~~~~~~~~~~~~~
Definition:  Quisling - (Kwiz/lin)  (1) n. Vidkun Quisling (1887 - 1945),
                                           Norwegian politician who betrayed
                                           his country to the Nazis and became
                                           its puppet ruler.

                                    (2) n. A traitor.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The "Quisling" Syndrome is rapidly becoming a common occurrence in the less
than legal realms of the modem community.  In general it starts out with a
phreaker or hacker that is either very foolish or inexperienced.  He somehow
manages to get caught or busted for something and is scared beyond belief about
the consequences of his actions.  At this point, the law enforcement agency(s)
realize that this one bust alone is worthless, especially since the person
busted is probably someone who does not know much to begin with and would be a
much better asset if he could assist them in grabbing other more experienced
and dangerous hackers and phreaks.  In exchange for these services the Judas
will have his charges dropped or reduced and considering the more than likely
parential pressure these Judases will receive, the contract will be fulfilled.

Example; Taken from Phrack World News Issue XV;

           [This exceprt has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Mad Hatter; Informant?                                            July 31, 1987
~~~~~~~~~~~~~~~~~~~~~~
We at Phrack Inc. have uncovered a significant amount of information that has
led us to the belief that Mad Hatter is an informant for some law enforcement
organization.

MH had also brought down several disks for the purpose of copying Phantasie
Realm.  Please note; PR was an IBM program and MH has an apple.

Control C told us that when he went to pick MH up at the bus terminal, he
watched the bus pull in and saw everyone who disembarked.  Suddenly Mad Hatter
was there, but not from the bus he was supposed to have come in on.  In
addition to this, he had baking soda wraped in a five dollar bill that he tried
to pass off as cocaine.  Perhaps to make us think he was cool or something.

MH constantly tried to get left behind at ^C's apartment for unknown reasons.
He also was seen at a neighbor's apartment making unauthorized calls into the
city of Chicago.  When asked who he called, his reply was "Don't worry about
it."  MH had absolutely no money with him during PartyCon (and incidentally ate
everything in ^C's refrigerator) and yet he insisted that although he had taken
the bus down and had return trip tickets for the bus, that he would fly back
home.  How was this going to be achieved?  He had no money and even if he could
get a refund for the bus tickets, he would still be over $200 short.  When
asked how he was going to do this, his reply was "Don't worry about it."

On Saturday night while on the way to the Hard Rock Cafe, Mad Hatter asked
Control C for the location of his computer system and other items 4 times.
This is information that Hatter did not need to know, but perhaps a SS agent or
someone could use very nicely.

When Phrack Inc. discovered that Dan The Operator was an FBI informant and made
the news public, several people were criticizing him on Free World II Private.
Mad Hatter on the other hand, stood up for Noah and said that he was still his
friend despite what had happened.  Then later when he realized that people were
questioning his legitimacy, his original posts were deleted and he started
saying how much he wanted to kill Dan The Operator and that he hated him.

Mad Hatter already has admitted to knowing that Dan The Operator was an FBI
informant prior to SummerCon '87.  He says the reason he didn't tell anyone is
because he assumed we already knew.

A few things to add;

^*^  Some time ago, Mad Hatter was contacted by AT&T because of an illegal
     Alliance Teleconference that he was responsible for.  There was no bust.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Could this AT&T investigation have been the starting point for Mad Hatter's
treason against the phreak/hack community?  Is there more to it than that?
We may never know the full truth behind this, however we do know that Mad
Hatter was not the only one to know Dan The Operator's secret prior to
SummerCon '87.  The Executioner (who had close ties to TMC Security employees
in Omaha, Nebraska) was fully aware of Dan The Operator's motives and
intentions in the modem world.

There does not always have to be a bust involved for a phreak/hacker to turn
Judas, sometimes fear and panic can be a more powerful motivator to become a
Quisling.

Example; Taken From Phrack World News Issue XV;

           [This exceprt has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Crisis On Infinite Hackers                                        July 27, 1987
~~~~~~~~~~~~~~~~~~~~~~~~~~
It all started on Tuesday, July 21, 1987.  Among 30-40 others, Bill From RNOC,
Eric NYC, Solid State, Oryan QUEST, Mark Gerardo, The Rebel, and Delta-Master
have been busted by the United States Secret Service.  There are rumored to be
several more members of the more "elite" community busted as well, but since we
can neither disprove or prove the validity of these rumors, I have chosen not
to name them at this time.

One of the offshoots of this investigation is the end of The Lost City of
Atlantis and The Lineman's treason against the community he once helped to
bring about.  In Pennsylvainia, 9 people were busted for credit card fraud.
When asked where they learned how to perform the art in which they had been
caught, they all responded with the reply of text files from The Lost City Of
Atlantis.

So, the Secret Service decided to give The Lineman a visit.  Lineman, age 16 (a
minor) had no charges against him, but he panicked anyway and turned over the
bulletin board, all g-philes, and the complete userlog to the Secret Service.
This included information from the "Club Board."  The final outcome of this
action is still on its way.  In the meantime, many hackers are preparing for
the worst.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The results and consequences from The Lineman's actions were far more severe
than they originally appeared.  It is highly speculated that The Lineman was in
possesion on a very large directory of phreaks/hackers/pirates that he had
recently acquired.  That list is now in the hands of the government and the
Communications Fraud Control Association (as well as in the files of all of the
individual security departments of CFCA members).  I've seen it and more.

The Lineman was able to acquire this list because one phreak stole it from
another and then began to trade it to his friends and to others for information
and passwords, etc. and what happened from there is such an over exposure and
lack of CONTROL that it fell into the wrong and dangerous hands.  Acts such as
this will with out a doubt eventually lead all of us towards entropy.

Captain Caveman, also known as Shawn of Phreakers Quest, began work to help TMC
after he was set up by Scan Man during the summer of 1986.

However, being busted or feeling panic are still not the only motivations for
becoming a Judas.  John Maxfield, one of today's best known security
consultants, was once a hacker under the handle(s) of Cable Pair and Uncle Tom.
He was a member of the Detroit based Corrupt Computing and the original Inner
Circle until he was contacted by the FBI and decided that it would be more fun
to bust hackers than be one.

The following is an excerpt from Phrack World News Issue V;

           [This article has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Computer Kids, Or Criminals?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
John Maxfield is a computer security consultant who lives in a downriver
suburb.  Maxfield spends most of his working hours scanning BBSs, and is known
by computer crime experts as a hacker tracker.  His investigative work scanning
boards has resulted in more prosecutions of computer hackers than anyone else
in the field, say sources familiar with his work.  Maxfield, who accepts death
threats and other scare tactics as part of the job, says the trick is knowing
the enemy.  Next to his monstrous, homemade computer system, Maxfield boasts
the only file on computer hackers that exists.  [Not true any longer -KL]  It
contains several thousand aliases used by hackers, many followed by their real
names and home phone numbers.  All of it is the result of four years of steady
hacker-tracking, says Maxfield. "I've achieved what most hackers would dearly
love to achieve," said Maxfield.  "Hacking the hacker is the ultimate hack."

Maxfield estimates there are currently 50,000 hackers operating in the computer
underground and close to 1,000 underground bulletin boards.  Of these, he
estimates about 200 bulletin boards are "nasty," posting credit card numbers,
phone numbers of Fortune 500 corporations, regional phone companies, banks, and
even authored tutorials on how to make bombs and explosives.  One growing camp
of serious hackers is college students, who typically started hacking at 14 and
are now into drug trafficking, mainly LSD and cocaine, said Maxfield.

Maxfield's operation is called BoardScan.  He is paid by major corporations and
institutions to gather and provide them with pertinent intelligence about the
computer underground.  Maxfield also relies on reformed hackers.  Letters of
thanks from VISA and McDonald's decorate a wall in his office along with an
autographed photo of Scottie, the engineer on Star Trek's Starship Enterprise.

Often he contacts potential clients about business.  "More often I call them
and say, I've detected a hacker in your system," said Maxfield.  "At that
point, they're firmly entrenched.  Once the hackers get into your computer,
you're in trouble.  It's analogous to having roaches or mice in the walls of
your house.  They don't make their presence known at first.  But one day you
open the refrigerator door and a handful of roaches drop out."

Prior to tracking hackers, Maxfield worked for 20-odd years in the hardware end
of the business, installing and repairing computers and phone systems.  When
the FBI recruited him a few years back to work undercover as a hacker and phone
phreak, Maxfield concluded fighting hacker crime must be his mission in life.

"So I became the hacker I was always afraid I would become," he said.  Maxfield
believes the hacker problem is growing more serious.  He estimates there were
just 400 to 500 hackers in 1982.  Every two years, he says, the numbers
increase by a factor of 10.  Another worrisome trend to emerge recently is the
presence of adult computer hackers.  Some adults in the computer underground
pose as Fagans, a character from a Charles Dickens novel who ran a crime ring
of young boys, luring young hackers to their underground crime rings.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

John Freeman Maxfield's BoardScan is also known as the Semco Computer Club and
Universial Export, the latter coming from the company name used by the British
government in Ian Flemming's James Bond novels and subsequent motion pictures.

Another Judas hacker who went on to become a security consultant is the
infamous Ian Arthur Murphy of I.A.M. Security.  Perhaps he is better known as
Captain Zap.

The following excerpt is from The Wall Street Journal;

[This article has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

It Takes A Hacker To Catch A Hacker As Well As A Thief         November 3, 1987
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by Dennis Kneale (Staff Reporter Of The Wall Street Journal)

              "Computer Hacker Ian [Arthur] Murphy Prowls A Night
               Beat Tracking Down Other Hackers Who Pirate Data"

     Capt. Zap actually Ian A. Murphy, is well-known as one of the first
convicted computer-hacker thieves.  He has since reformed -- he swears it --
and has been resurrected as a consultant, working the other side of the law.

CRIME CREDENTIALS
     Other consultants, many of them graying military vets, try to flush out
illicit hackers.  But few boast the distinction of being a real hacker -- and
one with a felony among his credentials.  Capt. Zap is more comfortable at the
screen than in a conversation.  Asked to name his closest friend, he shakes his
head and throws up his hands.  He has none.  "I don't like people," he says.
"They're dreadful."
     "He's legendary in the hacking world and has access to what's going on.
That's a very valuable commodity to us," says Robert P. Campbell of Advanced
Information Management in Woodbridge, Va., Mr. Murphy's mentor, who has hired
him for consulting jobs.  The 30-year-old Mr. Murphy is well-connected into his
nocturnal netherworld.  Every night till 4 a.m., he walks a beat through some
of the hundreds of electronic bulletin boards where hackers swap tales and
techniques of computer break-ins.
     It is very busy these nights.  On the Stonehenge bulletin board, "The
Marauder" has put up a phone number for Citibank's checking and credit-card
records, advising, "Give it a call."  On another board, Mr. Murphy finds a
primer for rookie "hacklings," written by "The Knights Of Shadow."  On yet
another he sifts out network codes for the Defense Department's research
agency.
     He watches the boards for clients and warns when a system is under attack.
For a fee of $800 a day and up, his firm, IAM/Secure Data Systems Inc., will
test the security of a data base by trying to break in, investigate how the
security was breached, eavesdrop on anyone you want, and do anything else that
strikes his fancy as nerd vs. spy.  He says his clients have included Monsanto
Co., United Airlines, General Foods Corp., and Peat Marwick.  Some probably
don't know he worked for them.  His felony rap -- not to mention his caustic
style -- forces him to work often under a more established consultant.  "Ian
hasn't grown up yet, but he's technically a brilliant kid," says Lindsey L.
Baird, an Army veteran whose firm, Info-Systems Safeguards in Morristown, New
Jersey has hired Capt. Zap.
     Mr. Murphy's electronic voyeurism started early,  At age 14, he would
sneak into the backyard to tap into the phone switch box and listen to
neighbor's calls.  (He still eavesdrops now and then.)  He quit highschool at
age 17.  By 19 he was impersonating a student and sneaking into the computer
center Temple University to play computer games.

EASY TRANSITION
     From there it was an easy transition to Capt. Zap's role of breaking in
and peeking at academic records, credit ratings, a Pentagon list of the sites
of missiles aimed at the U.S., and other verboten verbiage.  He even left his
resume inside Bell of Pennsylvania's computer, asking for a job.
     The electronic tinkering got him into trouble in 1981.  Federal agents
swarmed around his parent's home in the wealthy suburb of Gladwyne, Pa.  They
seized a computer and left an arrest warrant.  Capt. Zap was in a ring of eight
hackers who ran up $212,000 in long-distance calls by using a "blue box" that
mimics phone-company gear.  They also ordered $200,000 in hardware by charging
it to stolen credit-card numbers and using false mail drops and bogus purchase
orders.  Mr. Murphy was the leader because "I had the most contempt" for
authority, he says.
     In 1982, he pleaded guilty to receiving stolen goods and was sentenced to
1,000 hours of community service and 2 1/2 years of probation.  "It wasn't
illegal.  It was electronically unethical," he says, unrepentant.  "Do you know
who likes the phone company?"  Who would have a problem with ripping them off?"
     Mr. Murphy, who had installed commercial air conditioning in an earlier
job, was unable to find work after his arrest and conviction.  So the hacker
became a hack.  One day in his cab he picked up a Dun & Bradstreet Corp.
manager while he was carrying a printout of hacker instructions for tapping
Dun's systems.  Thus, he solicited his first consulting assignment:  "I think
you need to talk to me."  He got the job.
     As a consultant, Mr. Murphy gets to do, legally, the shenanigans that got
him into trouble in the first place.  "When I was a kid, hacking was fun.  Now
I can make money at it and still have a lot of fun."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Now because of all the publicity surrounding our well known friends like Ian
Murphy or John Maxfield, some so-called hackers have decided to cash in on news
coverage themselves.

Perhaps the most well known personality that "sold out" is Bill Landreth aka
The Cracker, who is the author of "Out Of The Inner Circle," published by
Microsoft Press.  The book was definitely more fiction than fact as it tried to
make everyone believe that not only did The Cracker form the Inner Circle, but
that it was the first group ever created.  However, for starters, The Cracker
was a second-rate member of Inner Circle II.  The publicity from the book may
have served to bring him some dollars, but it ultimately focused more negative
attention on the community adding to an already intense situation.  The
Cracker's final story had a little sadder ending...

Taken from Phrack World News Issue X;

[This article has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The Cracker Cracks Up?                                        December 21, 1986
~~~~~~~~~~~~~~~~~~~~~~
         "Computer 'Cracker' Is Missing -- Is He Dead Or Is He Alive"

ESCONDIDO, Calif. -- Early one morning in late September, computer hacker Bill
Landreth pushed himself away from his IBM-PC computer -- its screen glowing
with an uncompleted sentence -- and walked out the front door of a friend's
home here.

He has not been seen or heard from since.

The authorities want him because he is the "Cracker", convicted in 1984 of
breaking into some of the most secure computer systems in the United States,
including GTE Telemail's electronic mail network, where he peeped at NASA
Department of Defense computer correspondence.

His literary agent wants him because he is Bill Landreth the author, who
already has cashed in on the successful publication of one book on computer
hacking and who is overdue with the manuscript of a second computer book.

The Institute of Internal Auditors wants him because he is Bill Landreth the
public speaker who was going to tell the group in a few months how to make
their computer systems safer from people like him.

The letter, typed into his computer, then printed out and left in his room for
someone to discover, touched on the evolution of mankind, prospects for man's
immortality and the defeat of the aging process, nuclear war, communism versus
capitalism, society's greed, the purpose of life, computers becoming more
creative than man and finally -- suicide.

The last page reads:

"As I am writing this as of the moment, I am obviously not dead.  I do,
however, plan on being dead before any other humans read this.  The idea is
that I will commit suicide sometime around my 22nd birthday..."

The note explained:

"I was bored in school, bored traveling around the country, bored getting
raided by the FBI, bored in prison, bored writing books, bored being bored.  I
will probably be bored dead, but this is my risk to take."

But then the note said:

"Since writing the above, my plans have changed slightly.... But the point is,
that I am going to take the money I have left in the bank (my liquid assets)
and make a final attempt at making life worthy.  It will be a short attempt,
and I do suspect that if it works out that none of my current friends will know
me then.  If it doesn't work out, the news of my death will probably get
around.  (I won't try to hide it.)"

Landreth's birthday is December 26 and his best friend is not counting on
seeing him again.

"We used to joke about what you could learn about life, especially since if you
don't believe in a God, then there's not much point to life," said Tom
Anderson, 16, a senior at San Pasqual High School in Escondido, about 30 miles
north of San Diego.  Anderson also has been convicted of computer hacking and
placed on probation.

Anderson was the last person to see Landreth.  It was around September 25 -- he
does not remember exactly.  Landreth had spent a week living in Anderson's home
so the two could share Landreth's computer.  Anderson's IBM-PC had been
confiscated by authorities, and he wanted to complete his own book.

Anderson said he and Landreth were also working on a proposal for a movie about
their exploits.

Apparently Landreth took only his house key, a passport, and the clothes on his
back.

But concern grew by October 1, when Landreth failed to keep a speaking
engagement with a group of auditors in Ohio, for which he would have received
$1,000 plus expenses.  Landreth may have kept a messy room and poor financial
records, but he was reliable enough to keep a speaking engagement, said his
friends and literary agent, Bill Gladstone, noting that Landreth's second
manuscript was due in August and had not yet been delivered.

But, the manuscript never came and Landreth has not reappeared.

Steve Burnap, another close friend, said that during the summer Landreth had
grown lackadaisical toward life.  "He just didn't seem to care much about
anything anymore."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Landreth eventually turned up in Seattle, Washington around the third week of
July 1987.  Because of his breaking probation, he is back in jail finishing his
sentence.

Another individual who wanted to publicize himself is Oryan QUEST.  Ever since
the "Crisis On Infinite Hackers" that occurred on July 21, 1987, QUEST has been
"pumping" information to John Markoff -- a reporter for the San Francisco
Examiner who now has moved up to the New York Times.  Almost t everything Oryan
QUEST has told John Markoff are utter and complete lies and false boasts about
the powerful things OQ liked to think he could do with a computer.  This in
itself is harmless, but when it gets printed in newspapers like the New York
Times, the general public get a misleading look at the hacker community which
can only do us harm.  John Markoff has gone on to receive great fame as a news
reporter and is now considered a hacker expert -- utterly ridiculous.
_______________________________________________________________________________

Infiltration
~~~~~~~~~~~~
One way in which the hacking community is constantly being infiltrated happens
on some of today's best known bulletin boards.  Boards like Pirate-80 sysoped
by Scan Man (who was also working for Telemarketing Company; a
telecommunications reseller in Charleston, West Virginia) can be a major
problem.  On P-80 anyone can get an account if you pay a nominal fee and from
there a security consultant just has to start posted supplied information to
begin to draw attention and fame as being a super hacker.  Eventually he will
be asked to join ill-formed groups and start to appear on boards with higher
levels of information and blend into the community.  After a while he will be
beyond suspicion and as such he has successfully entered the phreak/hack world.
Dan The Operator was one such agent who acted in this way and would have gone
on being undiscovered if not for the events of SummerCon '87 whereafter he was
exposed by Knight Lightning and Phrack Inc.


:Knight Lightning

                            "The Future Is Forever"

