366 lines
16 KiB
Plaintext
366 lines
16 KiB
Plaintext
==Phrack Magazine==
|
|
|
|
Volume Five, Issue Forty-Five, File 28 of 28
|
|
|
|
PWN PWN PNW PNW PNW PNW PNW PNW PNW PNW PNW PWN PWN
|
|
PWN PWN
|
|
PWN Phrack World News PWN
|
|
PWN PWN
|
|
PWN Compiled by Datastream Cowboy PWN
|
|
PWN PWN
|
|
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
|
|
|
|
|
|
|
|
Paramount's Hack Attack March 3, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~
|
|
Reuter News Wire
|
|
|
|
Though the minds of Paramount execs have surely been n potential whackings,
|
|
computer hacking was the chief focus of execs Bob Jaffe and John Goldwyn
|
|
last week.
|
|
|
|
The execs got Par to pay a low six-figure fee against mid-six figures to
|
|
Johnathan Littman for the rights to make a movie from his Sept. 12 LA Times
|
|
Magazine article "The Last Hacker," and major names are lining up to be
|
|
involved.
|
|
|
|
It's the story of Kevin Lee Poulsen, a skilled computer hacker who was so
|
|
inventive he once disabled the phone system of KIIS_FM so he could be the
|
|
102nd caller and win the $50,000 Porsche giveaway.
|
|
|
|
Poulsen was caught and has been in jail for the last three years, facing
|
|
more than 100 years in prison.
|
|
|
|
It was a vicious tug of war between Touchstone, which was trying to purchase
|
|
it for "City Slickers" director Ron Underwood.
|
|
|
|
Littman, meanwhile, has remained tight with the underground community of
|
|
hackers as he researches his book.
|
|
|
|
That takes its tool. Among other things, the mischief meisters have already
|
|
changed his voice mail greeting to render an obscene proposal.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Hacker Attempts To Chase Cupid Away February 10, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
UPI News Sources
|
|
|
|
Two bachelors who rented a billboard to find the perfect mate said Thursday
|
|
they had fallen victim to a computer hacker who sabotaged their voice mail
|
|
message and made it X-rated.
|
|
|
|
Steeg Anderson said the original recording that informed callers
|
|
how they may get hold of the men was changed to a "perverted" sexually
|
|
suggestive message.
|
|
|
|
"We are getting calls from all over the country," he said. "So we were
|
|
shocked when we heard the message. We don't want people to get the wrong
|
|
idea."
|
|
|
|
"It's rare, but we've seen this kind of thing before," said Sandy Hale, a
|
|
Pac Bell spokeswoman. "There is a security procedure that can prevent this
|
|
from happening, but many people simply don't use it."
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Wire Pirates March 1994
|
|
~~~~~~~~~~~~
|
|
by Paul Wallich (Scientific American) (Page 90)
|
|
|
|
Consumers and entrepreneurs crowd onto the information highway, where
|
|
electronic bandits and other hazards await them.
|
|
|
|
[Scientific American's latest articles about the perils of Cyberspace.
|
|
Sound bytes galore from Dorothy Denning, Peter Neumann, Donn Parker,
|
|
Mark Abene, Gene Spafford and others. Much better than their last attempt
|
|
to cover such a thing back in 1991.]
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
AT&T Warns Businesses December 8, 1993
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|
Business Wire Sources
|
|
|
|
AT&T urges businesses to guard against increased risk of toll-fraud attempts
|
|
by hackers, or toll-call thieves, during the upcoming holiday season.
|
|
|
|
Last year nationwide toll-fraud attempts increased by about 50 percent during
|
|
the Christmas week. Hackers "break into" PBXs or voice-mail systems, obtain
|
|
passwords or access to outside lines, and then sell or use the information to
|
|
make illegal international phone calls.
|
|
|
|
Toll fraud cost American businesses more than $2 billion in 1993. "Hackers
|
|
count on being able to steal calls undetected while businesses are closed
|
|
during a long holiday weekend," says Larry Watt, director of AT&T's Toll
|
|
Fraud Prevention Center. "Tis the season to be wary."
|
|
|
|
AT&T is the industry leader in helping companies to prevent toll fraud.
|
|
Businesses that want more information on preventative measures can request
|
|
AT&T's free booklet, "Tips on Safeguarding Your Company's Telecom Network,"
|
|
by calling 1-800-NET-SAFE.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Sadomasochists Meet Cyberpunks At An L.A. Party June 14, 1993
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
by Jessica Seigel (Chicago Tribune)
|
|
|
|
Sadomasochists meet the cyberpunks. Leather meet hypernormalcy. Body
|
|
piercing meet network surfing (communicating by computer). It was a night
|
|
for mingling among the subcultures to share their different approaches to
|
|
messing with mind and body.
|
|
|
|
The recent party at the S&M club "Club Fuck" was organized by "Boing Boing,"
|
|
a zine that focuses on the kinetic, futuristic world of the new frontier
|
|
known as cyberspace. This place doesn't exist in a physical location, but
|
|
anyone can visit from their home computer by hooking into vast electronic
|
|
networks.
|
|
|
|
A blindfolded man dressed in a jock strap and high heeled boots stood on
|
|
stage while helpers pinned flashing Christmas lights to his flesh with thin
|
|
needles. Then a man with deer antlers tied to his forehead whipped him.
|
|
|
|
The crowd of mostly twentysomethings who came to the club because of the
|
|
cyber theme observed with stony expressions. Chris Gardner, 24, an
|
|
architecture student who studied virtual reality in school, covered his
|
|
eyes with his hand.
|
|
|
|
No one, really was "fitting in." The sadomasochists looked curiously at the
|
|
very-average-looking cyber fans, who openly gawked back at the black
|
|
leather, nudity and body piercing.
|
|
|
|
Sharing subcultures can be so much fun.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Intruder Alert On Internet February 4, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
AP News Sources
|
|
|
|
Intruders have broken into the giant Internet computer network and users are
|
|
being advised to protect themselves by changing their passwords.
|
|
|
|
The breaks-ins may jeopardize the work of tens of thousands of computer
|
|
users, warned the Computer Emergency Response Team, based at Carnegie
|
|
Mellon University in Pittsburgh.
|
|
|
|
"Intruders have already captured access information for tens of
|
|
thousands of systems across the Internet," said an emergency response
|
|
team sent out on the network late Thursday.
|
|
|
|
Passwords were obtained by the intruders using a "Trojan horse
|
|
program," so called because it can enter the main computer for some
|
|
legitimate purpose, but with coding that lets it remain after that
|
|
purpose is accomplished.
|
|
|
|
The program then records the first 128 keystrokes when someone else
|
|
connects to the Internet, and the illegal user later dials in and
|
|
receives that information. The first keystrokes of a user generally
|
|
contain such information as name and password of the user. Once they
|
|
know that the intruders can then sign on as the person whose password
|
|
they have stolen, read that person's files and change them if they
|
|
wish.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Harding Email Compromised by Journalists February 27, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
by C.W. Nevius (SF Chronicle)
|
|
|
|
In another example of the media circus that has dogged Tonya Harding,
|
|
a number of American journalists have apparently obtained the secret computer
|
|
code numbers that would allow them to read Harding's personal electronic mail
|
|
at the Winter Olympics.
|
|
|
|
No reporters have admitted reading Harding's electronic mail, but the
|
|
apparent access to private communications has caused concern among those
|
|
covering the Games.
|
|
|
|
The Olympic computer system is one of the most popular communications devices
|
|
at the Games. Any member of the Olympic family -- media, athlete or Olympic
|
|
official -- can message anyone else from any of several hundred
|
|
computer terminals all over the Olympic venues.
|
|
|
|
The flaw in the system is that it is not especially difficult to
|
|
break the personal code. Every accredited member of the Olympic family is
|
|
given an identification number. It is written on both the front and back
|
|
of the credential everyone wears at the Games. Anyone who has a face-to-face
|
|
meeting with an athlete would be able to pick up the accreditation number,
|
|
if the person knew where to look.
|
|
|
|
Each person is also given a "Secret" password to access the communication
|
|
system. At the outset, the password was comprised of the digits corresponding
|
|
to that person's birth date. Although Olympic officials advised everyone
|
|
to choose their own password, Harding apparently never got around to doing
|
|
so.
|
|
|
|
Harding's initial password would have been 1112, because her birthday
|
|
is the 11th of December.
|
|
|
|
Although none of the writers at the Olympics has admitted reading Harding's
|
|
personal electronic mail, it would be difficult, if not impossible, to
|
|
determine if anyone did any actual snooping. There are no records kept
|
|
of who signs on to the computer from any particular terminal.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Reality Check January 1994
|
|
~~~~~~~~~~~~~
|
|
by Doug Fine (Spin) (Page 62)
|
|
|
|
I ask accused hacker Kevin Lee Poulsen if, as he approaches three years in
|
|
jail without trial, he has any regrets about his computer-related activities.
|
|
Without missing a beat, and breaking a media silence that began with his
|
|
first arrest in 1988, he answers: "I regret shopping at Hughes Supermarket.
|
|
I'm thinking of organizing a high-tech boycott."
|
|
|
|
Poulsen is referring to the site of his 1991 bust in Van Nuys, California.
|
|
There, between the aisles of foodstuffs, two zealous bag-boys -- their resolve
|
|
boosted by a recent episode of Unsolved Mysteries that featured the alleged
|
|
criminal -- jumped the 25-year-old, wrestled him to the ground, and handed
|
|
the suspect over to the security agents waiting outside.
|
|
|
|
Poulsen still kicks himself for returning to Hughes a second time that
|
|
spring evening. According to court documents, a former hacker crony of
|
|
Poulsen's, threatened with his own prison sentence, had tipped off the
|
|
FBI that Poulsen might be stopping by.
|
|
|
|
What, I ask him, had he needed so badly that he felt compelled to return
|
|
to a supermarket at midnight?
|
|
|
|
"Do you even have to ask?" he says. "Condoms, of course."
|
|
|
|
[A very different Kevin Poulsen story. Get it and read it.]
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Key Evidence in Computer Case Disallowed January 4, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
Los Angeles Staff Writers (Los Angeles Times) (Page B3)
|
|
|
|
U.S. District Judge Ronald Whyte in San Jose said computer tapes found
|
|
in a storage locker rented by Kevin Lee Poulsen should not have been
|
|
examined by prosecutors without a search warrant and cannot be used as
|
|
evidence.
|
|
|
|
Whyte had ruled the tapes admissible last month but changed his mind,
|
|
saying he had overlooked evidence that should have put a police officer
|
|
on notice of Poulsen's privacy rights.
|
|
|
|
In addition to illegal possession of classified government secrets,
|
|
Poulsen faces 13 other charges, including eavesdroping on telephone
|
|
conversations, and tapping into Pacific Bell's computer and an unclassified
|
|
military computer network. He could be sentenced to 85 years in prison if
|
|
convicted of all charges.
|
|
|
|
His lawyer, Paul Meltzer of Santa Cruz, said the sole evidence of the
|
|
espionage charge is contained on one of the storage locker tapes. Meltzer
|
|
said a government analyst found that the tape contained a 1987 order,
|
|
classified secret, concerning a military exercise.
|
|
|
|
Poulsen, who lived in Menlo Park at the time of his arrest in the San
|
|
Jose case, worked in the mid-1980s as a consultant testing Pentagon computer
|
|
security. He was arrested in 1988 on some of the hacking charges, disappeared
|
|
and was picked up in April, 1991, after a tip prompted by a television show.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Hacker to ask charges be dropped January 4, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
UPI News Sources
|
|
|
|
An attorney for a former Silicon Valley computer expert accused of raiding
|
|
confidential electronic government files said Tuesday he will ask to have
|
|
charges dismissed now that a federal judge has thrown out the government's
|
|
chief evidence.
|
|
|
|
Attorney Peter Leeming said the government's case against Kevin L.
|
|
Poulsen is in disarray following a ruling suppressing computer tapes and
|
|
other evidence seized from a rented storage locker in 1988.
|
|
|
|
''We're ready to go to trial in the case, and actually we're looking
|
|
forward to it,'' Leeming said.
|
|
|
|
Poulsen is charged with espionage and other offenses stemming from his
|
|
hacking into military and Pacific Bell telephone computers. The government
|
|
alleges that Poulsen illegally obtained confidential military computer codes
|
|
and confidential information on court-ordered wiretaps.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
The Password is Loopholes March 1, 1994
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
by Joshua Quittner (Newsday) (Page 61)
|
|
|
|
You'd think that Polytechnic University, in Brooklyn, one of the finer
|
|
technical schools in the country, would know how to safeguard its
|
|
computer system against hacker intrusions. And you'd think the same of
|
|
New York University's Courant Institute, which hosts the mathematical
|
|
and computer science departments.
|
|
|
|
But a teenage Brooklyn hacker, who calls himself Iceman, and some
|
|
of his friends say they invaded the schools Internet-connected
|
|
computers and snatched the passwords of 103 students.
|
|
|
|
Internet break-ins have been a national news story lately, with
|
|
reports that unknown intruders have purloined more than 10,000 passwords
|
|
in a burst of activity during recent months. The Federal Bureau of
|
|
Investigation is investigating, since so many "federal-interest
|
|
computers" are attached to the wide-open Internet and since it is a
|
|
crime to possess and use other peoples' passwords.
|
|
|
|
Experts now believe that a group of young hackers who call
|
|
themselves The Posse are responsible for the break-ins, though who they
|
|
are and what they're after is unclear. Some people believe the crew is
|
|
merely collecting passwords for bragging rights, while others suspect
|
|
more insidious motives. Their approach is more sophisticated, from a
|
|
technical standpoint, than Iceman's. But the result is the same.
|
|
|
|
Now Iceman, who's 18, has nothing to do with The Posse, never heard
|
|
of it, in fact. He hangs with a group of budding New York City hackers
|
|
who call themselves MPI.
|
|
|
|
Iceman told me it was simple to steal 103 passwords on the
|
|
universities systems since each password was a common word or name.
|
|
|
|
What did Iceman and company do with the passwords?
|
|
|
|
He said mostly, they enjoy reading other people's files and e-mail.
|
|
"Every once in a while," he said, "you get something interesting."
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
A Rape In Cyberspace December 21, 1993
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
by Julian Dibbell (Village Voice) (Page 36)
|
|
|
|
[<SNIFF> Some guy made my MUD character do bad things in a public
|
|
area. And all the other MUDders could do was sit and watch! WAHHHHH.
|
|
|
|
Get a fucking life, people. Wait, let me restate that; Get a
|
|
FUCKING REAL LIFE!]
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Hacking Goes Legit February 7, 1993
|
|
~~~~~~~~~~~~~~~~~~
|
|
by Ann Steffora and Martin Cheek (Industry Week) (Page 43)
|
|
|
|
Corporations ARE using "tiger teams" and less glamorous methods to check
|
|
computer security.
|
|
|
|
[Uh, yeah. Sure they are. Hey, is that an accountant in your dumpster?
|
|
Better tuck in that tie dude. Don't forget your clipboard!
|
|
|
|
I will put a computer security audit by me, or by anyone from the hacker
|
|
community, against a computer security audit done by ANY of the following:
|
|
Coopers & Lybrand, Deloitte & Touche, Arthur Andersen or Price Waterhouse.
|
|
It's no contest. These people are NOT computer people. Period.
|
|
|
|
Get the hell out of the computer business and go do my fucking taxes.]
|
|
|
|
------------------------------------------------------------------------------
|