HWA.hax0r.news is sponsored by Cubesoft communications www.csoft.net and www.digitalgeeks.com http://www.csoft.net/~hwa http://www.digitalgeeks.com/hwa [ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= ========================================================================== = <=-[ HWA.hax0r.news ]-=> = ========================================================================== [=HWA'99=] Number 17 Volume 1 1999 May 8th 99 ========================================================================== [ 61:20:6B:69:64:20:63:6F:75: ] [ 6C:64:20:62:72:65:61:6B:20:74:68:69:73: ] [ 20:22:65:6E:63:72:79:70:74:69:6F:6E:22:! ] ========================================================================== Synopsis --------- The purpose of this newsletter is to 'digest' current events of interest that affect the online underground and netizens in general. This includes coverage of general security issues, hacks, exploits, underground news and anything else I think is worthy of a look see. (remember i'm doing this for me, not you, the fact some people happen to get a kick/use out of it is of secondary importance). This list is NOT meant as a replacement for, nor to compete with, the likes of publications such as CuD or PHRACK or with news sites such as AntiOnline, the Hacker News Network (HNN) or mailing lists such as BUGTRAQ or ISN nor could any other 'digest' of this type do so. It *is* intended however, to compliment such material and provide a reference to those who follow the culture by keeping tabs on as many sources as possible and providing links to further info, its a labour of love and will be continued for as long as I feel like it, i'm not motivated by dollars or the illusion of fame, did you ever notice how the most famous/infamous hackers are the ones that get caught? there's a lot to be said for remaining just outside the circle... @HWA =-----------------------------------------------------------------------= Welcome to HWA.hax0r.news ... #17 =-----------------------------------------------------------------------= ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** *** *** *** please join to discuss or impart news on techno/phac scene *** *** stuff or just to hang out ... someone is usually around 24/7*** *** *** *** Note that the channel isn't there to entertain you its for *** *** you to talk to us and impart news, if you're looking for fun*** *** then do NOT join our channel try #weirdwigs or something... *** *** we're not #chatzone or #hack *** *** *** ******************************************************************* =-------------------------------------------------------------------------= Issue #17 =--------------------------------------------------------------------------= [ INDEX ] =--------------------------------------------------------------------------= Key Content =--------------------------------------------------------------------------= 00.0 .. COPYRIGHTS ...................................................... 00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC ....................... 00.2 .. SOURCES ......................................................... 00.3 .. THIS IS WHO WE ARE .............................................. 00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?.......................... 00.5 .. THE HWA_FAQ V1.0 ................................................ 01.0 .. GREETS .......................................................... 01.1 .. Last minute stuff, rumours, newsbytes ........................... 01.2 .. Mailbag ......................................................... 02.0 .. From the Editor.................................................. 03.0 .. The FBI and the secret wiretapping by ENFOPOL.................... 04.0 .. NIPRNET, the DoD considers (yeah considers) installing *gasp*.... FIREWALLS to help thwart the hacker threat....................... 05.0 .. Mainstream press on some of Mitnicks accrued damages............. 06.0 .. CyberCrooks easier to catch?..................................... 07.0 .. NASA doesn't report cyberattacks................................. 08.0 .. Encryption debate called for..................................... 09.0 .. Product: Hackers stopped cold by 'BlackICE'?..................... 10.0 .. FreeBSD 3.1 remote reboot exploit................................ 11.0 .. More on the MSIE favicon.ico bug................................. 12.0 .. Simple Nomad sheds some light on the Phone Masters (not Rangers as reported last week - sorry Ed)................................... 13.0 .. Israeli Sciemtist reports advance in codebreaking................ 14.0 .. Ecommerce risks losing customers if security is not addressed.... 15.0 .. Computer crime threatens the economy??........................... 16.0 .. Cracking the casinos, a Defcon primer? ;) ....................... 17.0 .. Crackers gearing up for attacks on U.S nuke labs?................ 18.0 .. Calling all | - Picture postcards - CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250 tapes with hack/security related archives, logs, irc logs etc on em. - audio or video cassettes of yourself/others etc of interesting phone fun or social engineering examples or transcripts thereof. If you still can't think of anything you're probably not that interesting a person after all so don't worry about it Our current email: Submissions/zine gossip.....: hwa@press.usmc.net Private email to editor.....: cruciphux@dok.org Distribution/Website........: sas72@usa.net @HWA 00.2 Sources *** ~~~~~~~~~~~ Sources can be some, all, or none of the following (by no means complete nor listed in any degree of importance) Unless otherwise noted, like msgs from lists or news from other sites, articles and information is compiled and or sourced by Cruciphux no copyright claimed. News & I/O zine ................. http://www.antionline.com/ Back Orifice/cDc..................http://www.cultdeadcow.com/ News site (HNN) .....,............http://www.hackernews.com/ Help Net Security.................http://net-security.org/ News,Advisories,++ ...............http://www.l0pht.com/ NewsTrolls .......................http://www.newstrolls.com/ News + Exploit archive ...........http://www.rootshell.com/beta/news.html CuD Computer Underground Digest...http://www.soci.niu.edu/~cudigest News site+........................http://www.zdnet.com/ News site+Security................http://www.gammaforce.org/ News site+Security................http://www.projectgamma.com/ News site+Security................http://securityhole.8m.com/ News site+Security related site...http://www.403-security.org/ News/Humour site+ ................Link http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0 Link http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack Link http://www.ottawacitizen.com/business/ Link http://search.yahoo.com.sg/search/news_sg?p=hack Link http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack Link http://www.zdnet.com/zdtv/cybercrime/ Link http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column) Link NOTE: See appendices for details on other links. http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm Link http://freespeech.org/eua/ Electronic Underground Affiliation Link http://ech0.cjb.net ech0 Security Link http://net-security.org Net Security Link http://www.403-security.org Daily news and security related site Link Submissions/Hints/Tips/Etc ~~~~~~~~~~~~~~~~~~~~~~~~~~ All submissions that are `published' are printed with the credits you provide, if no response is received by a week or two it is assumed that you don't care wether the article/email is to be used in an issue or not and may be used at my discretion. Looking for: Good news sites that are not already listed here OR on the HNN affiliates page at http://www.hackernews.com/affiliates.html Magazines (complete or just the articles) of breaking sekurity or hacker activity in your region, this includes telephone phraud and any other technological use, abuse hole or cool thingy. ;-) cut em out and send it to the drop box. - Ed Mailing List Subscription Info (Far from complete) Feb 1999 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~ ISS Security mailing list faq : http://www.iss.net/iss/maillist.html THE MOST READ: BUGTRAQ - Subscription info ~~~~~~~~~~~~~~~~~~~~~~~~~~~ What is Bugtraq? Bugtraq is a full-disclosure UNIX security mailing list, (see the info file) started by Scott Chasin . To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body subscribe bugtraq. I've been archiving this list on the web since late 1993. It is searchable with glimpse and archived on-the-fly with hypermail. Searchable Hypermail Index; http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html Link About the Bugtraq mailing list ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following comes from Bugtraq's info file: This list is for *detailed* discussion of UNIX security holes: what they are, how to exploit, and what to do to fix them. This list is not intended to be about cracking systems or exploiting their vulnerabilities. It is about defining, recognizing, and preventing use of security holes and risks. Please refrain from posting one-line messages or messages that do not contain any substance that can relate to this list`s charter. I will allow certain informational posts regarding updates to security tools, documents, etc. But I will not tolerate any unnecessary or nonessential "noise" on this list. Please follow the below guidelines on what kind of information should be posted to the Bugtraq list: + Information on Unix related security holes/backdoors (past and present) + Exploit programs, scripts or detailed processes about the above + Patches, workarounds, fixes + Announcements, advisories or warnings + Ideas, future plans or current works dealing with Unix security + Information material regarding vendor contacts and procedures + Individual experiences in dealing with above vendors or security organizations + Incident advisories or informational reporting Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq reflector address if the response does not meet the above criteria. Remember: YOYOW. You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of those words without your permission in any medium outside the distribution of this list may be challenged by you, the author. For questions or comments, please mail me: chasin@crimelab.com (Scott Chasin) Crypto-Gram ~~~~~~~~~~~ CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, insights, and commentaries on cryptography and computer security. To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a blank message to crypto-gram-subscribe@chaparraltree.com.  To unsubscribe, visit http://www.counterpane.com/unsubform.html.  Back issues are available on http://www.counterpane.com. CRYPTO-GRAM is written by Bruce Schneier.  Schneier is president of Counterpane Systems, the author of "Applied Cryptography," and an inventor of the Blowfish, Twofish, and Yarrow algorithms.  He served on the board of the International Association for Cryptologic Research, EPIC, and VTW.  He is a frequent writer and lecturer on cryptography. CUD Computer Underground Digest ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This info directly from their latest ish: Computer underground Digest    Sun  14 Feb, 1999   Volume 11 : Issue 09                             ISSN  1004-042X        Editor: Jim Thomas (cudigest@sun.soci.niu.edu)        News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)        Archivist: Brendan Kehoe        Poof Reader:   Etaion Shrdlu, Jr.        Shadow-Archivists: Dan Carosone / Paul Southworth                           Ralph Sims / Jyrki Kuoppala                           Ian Dickinson        Cu Digest Homepage: http://www.soci.niu.edu/~cudigest [ISN] Security list ~~~~~~~~~~~~~~~~~~~ This is a low volume list with lots of informative articles, if I had my way i'd reproduce them ALL here, well almost all .... ;-) - Ed Subscribe: mail majordomo@repsec.com with "subscribe isn". @HWA 00.3 THIS IS WHO WE ARE ~~~~~~~~~~~~~~~~~~ Some HWA members and Legacy staff ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cruciphux@dok.org.........: currently active/editorial darkshadez@ThePentagon.com: currently active/man in black fprophet@dok.org..........: currently active/IRC+ man in black sas72@usa.net ............. currently active/IRC+ distribution vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black dicentra...(email withheld): IRC+ grrl in black Foreign Correspondants/affiliate members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ N0Portz ..........................: Australia Qubik ............................: United Kingdom system error .....................: Indonesia Wile (wile coyote) ...............: Japan/the East Ruffneck ........................: Netherlands/Holland And unofficially yet contributing too much to ignore ;) Spikeman .........................: World media Please send in your sites for inclusion here if you haven't already also if you want your emails listed send me a note ... - Ed http://www.genocide2600.com/~spikeman/ .. Spikeman's DoS and protection site http://www.hackerlink.or.id/ ............ System Error's site (in Indonesian) ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** ******************************************************************* :-p 1. We do NOT work for the government in any shape or form.Unless you count paying taxes ... in which case we work for the gov't in a BIG WAY. :-/ 2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news events its a good idea to check out issue #1 at least and possibly also the Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ... @HWA 00.4 Whats in a name? why HWA.hax0r.news?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Well what does HWA stand for? never mind if you ever find out I may have to get those hax0rs from 'Hackers' or the Pretorians after you. In case you couldn't figure it out hax0r is "new skewl" and although it is laughed at, shunned, or even pidgeon holed with those 'dumb leet (l33t?) dewds' this is the state of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you up and comers, i'd highly recommend you get that book. Its almost like buying a clue. Anyway..on with the show .. - Editorial staff @HWA 00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Also released in issue #3. (revised) check that issue for the faq it won't be reprinted unless changed in a big way with the exception of the following excerpt from the FAQ, included to assist first time readers: Some of the stuff related to personal useage and use in this zine are listed below: Some are very useful, others attempt to deny the any possible attempts at eschewing obfuscation by obsucuring their actual definitions. @HWA - see EoA ;-) != - Mathematical notation "is not equal to" or "does not equal" ASC(247) "wavey equals" sign means "almost equal" to. If written an =/= (equals sign with a slash thru it) also means !=, =< is Equal to or less than and => is equal to or greater than (etc, this aint fucking grade school, cripes, don't believe I just typed all that..) AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21) AOL - A great deal of people that got ripped off for net access by a huge clueless isp with sekurity that you can drive buses through, we're not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the least they could try leasing one?? *CC - 1 - Credit Card (as in phraud) 2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's CCC - Chaos Computer Club (Germany) *CON - Conference, a place hackers crackers and hax0rs among others go to swap ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk watch videos and seminars, get drunk, listen to speakers, and last but not least, get drunk. *CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker speak he's the guy that breaks into systems and is often (but by no means always) a "script kiddie" see pheer 2 . An edible biscuit usually crappy tasting without a nice dip, I like jalapeno pepper dip or chives sour cream and onion, yum - Ed Ebonics - speaking like a rastafarian or hip dude of colour also wigger Vanilla Ice is a wigger, The Beastie Boys and rappers speak using ebonics, speaking in a dark tongue ... being ereet, see pheer EoC - End of Commentary EoA - End of Article or more commonly @HWA EoF - End of file EoD - End of diatribe (AOL'ers: look it up) FUD - Coined by Unknown and made famous by HNN - "Fear uncertainty and doubt", usually in general media articles not high brow articles such as ours or other HNN affiliates ;) du0d - a small furry animal that scurries over keyboards causing people to type weird crap on irc, hence when someone says something stupid or off topic 'du0d wtf are you talkin about' may be used. *HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R *HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to define, I think it is best defined as pop culture's view on The Hacker ala movies such as well erhm "Hackers" and The Net etc... usually used by "real" hackers or crackers in a derogatory or slang humorous way, like 'hax0r me some coffee?' or can you hax0r some bread on the way to the table please?' 2 - A tool for cutting sheet metal. HHN - Maybe a bit confusing with HNN but we did spring to life around the same time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper noun means the hackernews site proper. k? k. ;& HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d MFI/MOI- Missing on/from IRC NFC - Depends on context: No Further Comment or No Fucking Comment NFR - Network Flight Recorder (Do a websearch) see 0wn3d NFW - No fuckin'way *0WN3D - You are cracked and owned by an elite entity see pheer *OFCS - Oh for christ's sakes PHACV - And variations of same Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare Alternates: H - hacking, hacktivist C - Cracking C - Cracking V - Virus W - Warfare A - Anarchy (explosives etc, Jolly Roger's Cookbook etc) P - Phreaking, "telephone hacking" PHone fREAKs ... CT - Cyber Terrorism *PHEER - This is what you do when an ereet or elite person is in your presence see 0wn3d *RTFM - Read the fucking manual - not always applicable since some manuals are pure shit but if the answer you seek is indeed in the manual then you should have RTFM you dumb ass. TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0 TBA - To Be Arranged/To Be Announced also 2ba TFS - Tough fucking shit. *w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions from the underground masses. also "w00ten" 2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers) *wtf - what the fuck *ZEN - The state you reach when you *think* you know everything (but really don't) usually shortly after reaching the ZEN like state something will break that you just 'fixed' or tweaked. @HWA -=- :. .: -=- 01.0 Greets!?!?! yeah greets! w0w huh. - Ed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks to all in the community for their support and interest but i'd like to see more reader input, help me out here, whats good, what sucks etc, not that I guarantee i'll take any notice mind you, but send in your thoughts anyway. * all the people who sent in cool emails and support FProphet Pyra TwstdPair _NeM_ D----Y Kevin Mitnick (watch yer back) Dicentra vexxation sAs72 Spikeman and the #innerpulse, #hns crew and some inhabitants of #leetchans .... although I use the term 'leet loosely these days, ;) kewl sites: + http://www.l0pht.com/ + http://www.2600.com/ + http://www.genocide2600.com/ + http://www.genocide2600.com/~spikeman/ + http://www.genocide2600.com/~tattooman/ + http://www.hackernews.com/ (Went online same time we started issue 1!) + http://www.net-security.org/ + http://www.slashdot.org/ + http://www.freshmeat.net/ @HWA 01.1 Last minute stuff, rumours and newsbytes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "What is popular isn't always right, and what is right isn't always popular..." - FProphet '99 +++ When was the last time you backed up your important data? ++ Cracker gets Six Months to Three Years From HNN http://www.hackernews.com/ contributed by Sail3 Nicholas Middleton, convicted of breaking into the San Francisco ISP Slip.net and of causing more than $40,000 in damage, will be sentenced by Senior U.S. District Judge William Orrick Jr. on Aug. 4. Middleton is likely to receive six months to three years in jail. ZD Net http://www.zdnet.com/zdnn/stories/news/0,4586,2254225,00.html ++ People keep hacking the "10 Things I Hate About You" site From HNN http://www.hackernews.com/ contributed by Jimmy Riley Seems the owners of the site are getting angry that it is getting hacked. Instead of issuing warnings that it might go away if hacked again why not just fix the site? 10 Things I Hate About You http://movies.go.com/10things/today/index.html ++ How to infect the most people with your next virus release... Contributed by FProphet CWS POLL MAY 4 1999 What virus scanner do you currently use? 282 44.1% McAfee VirusScan 251 39.1% Norton AntiVirus 27 4.2% I don't use a virus scanner 22 3.5% AntiViral Toolkit Pro (AVP) 17 2.6% InoculateIT 12 1.8% Other 10 1.5% Thunderbyte AV 8 1.2% F-Secure 8 1.2% Inoculan 2 0.3% Panda AntiVirus Total Votes: 639 Wow, eh? Now if you want to write a virus, make sure it isn't detected by those and you'll be laughing! ++ NSA Technology Transfer Program From HNN http://www.hackernews.com/ contributed by weld Who says the NSA never does anything for the commercial sector? Here are technologies that you the taxpayer has funded that the NSA has released for all to use. Examples include a compact fingerprint scanner, drive controlled disk sanitation, IPSEC, and of course some crypto applications. Just think if they are giving out this stuff what other cool things must be classified. Technology Transfer Fact Sheets http://www.nsa.gov:8080/programs/tech/toc.html ++ DISA redesigning their protocol to stop hackers By Astral 04.05.1999 17:55 http://www.403.security.org/ DISA is planing to redesign their Non-Classified Internet Protocol Router Network (NIPRNet) to stop hackers.Like HNN wrote they are probably going to install few firewalls to stop hackers. ++ CIH destroyed your data ? By Astral 03.05.1999 13:18 http://www.403-security.org/ A Bangladesh student wrote program that is able to recover data destroyed by CIH virus.Program is called "MRECOVER" and it will posted on the Internet.He also sad that program is able to recover all data successfully in just few minutes.So if CIH destroyed your data you are saved :-) (no url) ++ AOL REWORKS SPAM TEAM (TECH. May 4th 9:15 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/19471.html Long praised for cracking down on spammers, AOL is now cutting back its junk email task force. Does a reorg mean more or less spam for the Net? By Chris Oakes. ++ SPACE STATION BACK ON TRACK (TECH. 9:15 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/19482.html Things are looking up for the International Space Station. The Russian Space Agency worked out its shaky financing and will participate with NASA in the next mission on 20 May. By Polly Sprenger. ++ Y2K new motive for virus writers http://www.403-security.org/ Astral 05.05.1999 14:50 Sunday time published article about Y2K viruses.Not Y2K viruses, the Y2K motives for viruses.Like Mellisa was working, sending e-mails with password to adult sites Y2K viruses would spread on same way but this time by sending .exe Year 2000 postcards. ++ gH 're hacking very active last few weeks http://www.403-security.org/ Astral 05.05.1999 14:50 This time victim was http://aiis.ameritech.com/. gH are hacking very active last few weeks, we saw lot of their hacks.Mirror of this hack is available on our Hacked Sites section. Mucho thanks to Spikeman for directing his efforts to our cause of bringing you the news we want to read about in a timely manner ... - Ed @HWA 01.2 MAILBAG - email and posts from the message board worthy of a read ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From: "S. G. R. MacMillan" To: Subject: Hacker's resource Date: Thu, 6 May 1999 16:31:02 -0400 I'm considered by many hackers as an essential resource: a defence lawyer who understands digital issues. You might consider a link to my site. __________________________________ S. G. R. MacMillan Barrister For the defence of serious criminal cases http://www.sgrm.com mail@sgrm.com PGP Digital Encryption Supported -=- More great poetry from Liquid Phire!; Delivered-To: dok-cruciphux@dok.org From: "liquid phire" To: cruciphux@dok.org Subject: more stuffs Date: Mon, 03 May 1999 18:41:03 PDT Mime-Version: 1.0 Content-type: text/plain; format=flowed; ***i never get any fucking feedback, makes me wonder how many people read my stuffs and dont hate me for it. i'm doubtful on this one, i think it is way to flowery and nice but i have no one to tell me that so here i send it, i need suggestions, just be nice and constructive.*** the computer hums, the darkness fades into bluish light. he stares at the screen, shifting from the pulsating lower bar to the logo displayed above. he closes his eyes and in moments they are teased open by the starting sound. he worships here, his microsoft gods and intel dreams. he comes here for solace; a youth with no direction. this is where he finds the comfort that the 20th century life that he leads deprives him of. he logs onto aol, finds love in virtual eyes and open arms in cyber cafes. he follows the links to reccomended sites, never ventures off the beaten path, but sometimes... late at night when the tv is off and no music finds its way into his room. when the house is quiet and his parents sleep. the time when no one is there to save him, to reassure him, to tell him to look away. he sees the truth hidden in the lies. he feels there is something more... and there is there is freedom, concealed in the shadows. there is beauty, woven into the words. there is hope, the undying hunger for the future. this is the world as it is, not hidden behind billboards. this is life, the thirst for adventure and lust for living. this how it should be, survival of the fittest. phiregod liquidphire@hotmail.com forgive me for all errors i welcome feedback in all forms as long as you can present your opinion and support it. _______________________________________________________________ Get Free Email and Do More On The Web. Visit http://www.msn.com -=- ================================================================ @HWA 02.0 From the editor. ~~~~~~~~~~~~~~~~ #include #include #include main() { printf ("Read commented source!\n\n"); /* * Issue #17, 'w00t' * * * * * * * */ printf ("EoF.\n"); } Congrats, thanks, articles, news submissions and kudos to us at the main address: hwa@press.usmc.net complaints and all nastygrams and mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to 127.0.0.1, private mail to cruciphux@dok.org danke. C*:. @HWA 03.0 The FBI and the ENFOPOL wiretapping secret organization ILETS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by weld An FBI-founded organization called ILETS, which has met in secret for 6 years, has led initiatives around the world to build comprehensive interception systems into new telecommunications systems. This include requiring European ISPs to have special sniffing equipment installed on their networks. ILETS AND THE ENFOPOL 98 AFFAIR http://www.heise.de/tp/english/special/enfo/6398/1.html THE ENFOPOL 98 AFFAIR http://www.heise.de/tp/english/special/enfo/6397/1.html SPECIAL INVESTIGATION: ILETS AND THE ENFOPOL 98 AFFAIR Duncan Campbell 29.04.99 America's guiding hand revealed - the secret international organisation behind Europe's controversial plans for Internet surveillance Europe's 21st century tapping plans were born in an unlikely location. Fifty kilometres south of Washington DC, on the swampy western boundaries of the Potomac river is Quantico, Virginia. Here, on a large military reservation, is the FBI's training academy and research and development centre. Members of the public have no access to the high security site. Between 1990 and 1992, the FBI had tried repeatedly to get the US Congress to pass new laws for telephone tapping. The agency was worried that new digital telephone systems did not allow them easy access to track and intercept their targets. Their goal was to turn every type of modern communications systems into a national and, ultimately, global surveillance network which would give them "real time, full time" access to those whom they wanted to watch. The FBI experts ignored the costs imposed by their demands. They wanted manufacturers and network operators to provide systems at their own expense. Nor were they interested in the checks and balances of laws intended to control monitoring and protect privacy. Lawyers were not invited. Civil society would have to pay its own costs. Faced with the roadblocks in Congress, early in 1993 the FBI tried a new approach. They invited US allies to come to Quantico. Law enforcement and security agency representatives met there, calling themselves the "International Law Enforcement Telecommunications Seminar". Seen in retrospect, the title "seminar" is a black joke. Acting in secret and without parliamentary knowledge or government supervision, the FBI through ILETS has since 1993 steered government and communications industry policy across the world. In the shadows behind the FBI stood the NSA (National Security Agency), whose global surveillance operations could only benefit if, around the world, users were systematically to be denied telecommunications privacy in the information age. The countries who came to Quantico in 1993 were traditional US intelligence allies like Canada, the UK and Australia. There was also a core Euro group interested in developing extended surveillance systems - Germany, France, the Netherlands, Sweden (and the UK). Other representatives came from Norway, Denmark, Spain and even Hong Kong. The FBI tabled a document called "Law Enforcement Requirements for the Surveillance of Electronic Communications", written in July 1992. In June 1993, EU ministers meeting in Copenhagen agreed to poll member states on the issues raised by the FBI and by ILETS. After discussions in Europe later in 1993, ILETS met in Bonn early in 1994. By now Austria, Belgium, Finland, Portugal and Spain had joined the 19 member group. At their Bonn meeting, ILETS agreed joint policy in a document called "International Requirements for Interception". This said that "law enforcement representatives and government telecommunications experts from a number of countries that attended an international workshop on interception and advanced telecommunications technologies identified the need for this document". It was their "common requirements". Attached to the two page ILETS policy paper was a detailed, four page set of monitoring requirements and a glossary. This list of "International User Requirements" was identified as "IUR 1.0" or "IUR95". The ILETS meeting in Bonn also instigated two new policies. ILETS wanted international standards bodies such as the ITU (International Telecommunications Union) and ISO (International Standards Organisation) to build in tapping requirements to new system specifications. ILETS also wanted governments to agree on monitoring across international boundaries, so that one agency could intercept communications in another country. In March 1994, the Dutch government proposed that Europe adopt IUR 1.0. But ministers were not told that the document had been written by ILETS. Instead, it was identified as an ENFOPOL document, eventually being called ENFOPOL 90. (ENFOPOL is a standard European Commission classification for documents concerned with Law Enforcement/Police matters.) European Ministers never discussed ENFOPOL 90. It was agreed by a "written procedure", by exchange of telexes. It remained completely secret for nearly two years, and was not published in the Official Journal of European policy until November 1996. Meanwhile, European telecommunications operators were told to fall in line with its requirements. According to the British Home Office (Interior Ministry), for example, the resolution is "used as a basis for discussion with telecommunications operators in accordance with [UK monitoring legislation]". ILETS had also raised the problem of satellite-based mobile phone systems (such as Iridium). These phone systems link subscribers via satellites that are not under government control. This led to a British proposal to the European Commission: "Governments ... will have to create new regulations for international co-operation so that the necessary surveillance will be able to operate." In a slightly modified form, IUR 1,0 became law in the United States in October 1994. Other European nations, and Australia, later incorporated it in their domestic legislation. Within two years from the first ILETS meeting, the IUR had, unacknowledged and word for word, become the secret official policy of the EU and law around the world. Sixteen Nations from ILETS met again in Canberra in 1995 and agreed to try and persuade international standards organisations to adopt the IUR "requirements". This would mean that manufacturers of new exchanges or communications systems would have to build in interception interfaces in order to meet the international standards, free of charge. If this ploy succeeded, then security and law enforcement agencies would save money and make tapping easier, since new networks would come with monitoring systems built in. At their Canberra meeting "participating countries undertook to write to "relevant standards bodies and committees" informing them that their country along with other countries has adopted the IUR as a basis for its national and system-specific requirements .... ". Once again ILETS succeeded. In June 1997, the Australian government persuaded the International Telecommunications Union (ITU) to adopt the IUR requirements as a "priority". They told the ITU that "some countries are in urgent need of results in this area". During 1995 and 1996, through the European Commission, ILETS also effectively turned the IUR into an international treaty. The EU invited countries who had attended ILETS meetings to endorse the still-secret 1995 monitoring policy - that is, IUR 1.0. Non-EU ILETS members were told that "the Council considers that the lawful monitoring of telecommunications systems is an important tool in the prevention and detection of serious crimes and in safeguarding national security. ... The Member States of the European Union have been called upon to apply those Requirements to telecommunications operators and service providers... " Canada, Australia, Norway and the United States wrote back to the EU president, confirming their agreement By now, ILETS had spawned two sub committees, one re-designing the IUR and another (called STC, the Standards Technical Committee) working on technical standards. ILETS and its experts met again in Dublin in 1997. In 1998, they met in Rome, Vienna and Madrid. The IUR was not changed in 1997. But ILETS and its expert committees were at work, defining new requirements to cover the Internet and satellite based systems. They also wanted stringent new security requirements to be imposed on private telecommunications operators. The expert committees drew up new "requirements" to intercept the Internet. During July 1998, ILETS experts met in Rome to settle the new IUR and its attached "glossary". The result was ENFOPOL 98 . In Vienna on 3 September 1998, the revised IUR was presented to the Police Co-operation Working Group. The Austrian Presidency proposed that, as had happened in 1994, the new IUR be adopted verbatim as a Council Resolution on interception "in respect of new technology". Delegates were told that ENFOPOL 98's purpose was to "clarify the basic document (IUR 1.0) in a manner agreed by the law enforcement agencies as expressing their common requirement". But ILETS and its experts had become overconfident. IUR 1.0 had been four pages long. The new IUR (ENFOPOL 98) was 36 pages. The Austrian officials were told that this was politically inadvisable - perhaps that it would frighten ministers by its explicitness. Or, as the IUR experts were later told, "the wide range covered by ENFOPOL 98 was not conducive to ready comprehension". In October 1998, ILETS' IUR experts met in Vienna and Madrid and agreed a shorter, 14 page paper. Some of its more controversial provisions were put into other papers. European police delegates met in November to consider and agree the revised ENFOPOL 98 (rev 1). Suddenly, there was a new factor for the ILETS experts to consider. On 20 November, Telepolis broke the ENFOPOL 98 story, publishing the full text in German nine days later. The story became Internet news around the world. After this, and thanks to two further revisions by the German presidency, ENFOPOL 98 (now renamed ENFOPOL 19 - see news story ) shrank to a mere 6 pages long. Its key provisions are being hidden elsewhere. The most chilling aspect of the ILETS and ENFOPOL story may not even be the way in which the US-led organisation has worked in the dark for more than 6 years to built snooping trapdoors into every new telecommunications system. Their determination to work in the dark, without industry involvement or legal advice, without parliamentary scrutiny or public discussion, has blinded them to the idea that not all "law enforcement" is a public good. Throughout its life, Hong Kong - now incorporated in the People's Republic of China - has been a member of ILETS. By planting its requirements on bodies like the ITU and ISO, the police and security agencies involved have effectively acted as an international treaty organisation. But they were blind to any interests other than their own narrow world-view. "In the name of law and order, the US is now pursuing an international accord that urges stronger surveillance capabilities in nations with appalling human-rights records" says Susan Landau, co-author of Privacy on the Line. By taking Hong Kong into their club, they have shared their advanced ideas on surveillance with the butchers of Tienanmen Square. By seeking the ITU's imprimatur on building surveillance into new communications systems, they have handed the vile butchers of the Kosovans and the Kurds the future tools to seek out and murder their opponents. The new IUR will be welcome news in Thailand and Singapore, and everywhere where enemies of liberty thrive. Even if you are a conservative European or US politician, this can only be a source of shame. ILETS has thrown the vital principles of the European Convention and the US Constitution into the dustbin. That, above all, is why the secret processes of ENFOPOL 19, 98 and the rest should be brought to a halt. Democratic society requires nothing less than full and considered public discussion of these important issues. -=- THE ENFOPOL 98 AFFAIR Duncan Campbell 29.04.99 Euro police press on ... and America's guiding hand is revealed THE LATEST VERSION of the ENFOPOL 98 interception plan has just been leaked in London. It reveals that although the name of the key document has been changed, European Commission officials still want to make tapping the Internet official European policy by the end of May. They are pressing on, despite strong domestic opposition in Germany and Austria and recent condemnation by the European Parliament. The new document is called ENFOPOL 19. It was obtained this week by Caspar Bowden of the London-based Foundation for Information Policy Research . ENFOPOL 19 was written at a police officials' meeting in Brussels on 11 March, and was issued by the German presidency on 15 March. According to the British government, "the German Presidency has indicated that it hopes to seek agreement to the draft Council Resolution at the Justice and Home Affairs Council in May". The Council will meet on 27-28 May. ENFOPOL 19 still concerns "interception of telecommunications in relation to new technologies". But instead of detailing massive new requirements for tapping the Internet and other new communications systems, the police group is now pretending that it is not a new policy at all. Referring to the first European tapping plan of 1995, ENFOPOL 19 says that "the requirements of law enforcement agencies ... are applicable both to existing and new communications technologies, for example satellite telecommunications and Internet telecommunications". Thus, it claims, the "technical terms" in the 1995 plan "are to be interpreted as applying to ... in the case of the Internet, the static and dynamic IP address, credit card number and E-mail address". In fact, the 1995 policy says nothing about credit card numbers being used to tap telecommunications. The new document points out that when tapping the Internet, it is not necessary to ask for the details of the sender and the recipient, because these are included in every "datagram" or IP packet. So new regulations for the Internet may not be needed. But this is a deceptive manoeuvre. Successive redrafts of ENFOPOL 98 reveal that the original, highly controversial plan exposed by Telepolis has been broken up into at least five parts, which are now being handled separately: Plans for tapping Iridium and other satellite-based personal communications systems have been separated and are being discussed at a high level in the Commission; Part of ENFOPOL 98 which set out new requirements for personal data about subscribers will be included in "other Council Resolutions to be adopted"; Another resolution will require Internet Service Providers to set up high security interception interfaces inside their premises. These "interception interfaces" would have to be installed in a high security zone to which only security cleared and vetted employees could have access. This is not included in ENFOPOL 19; ENFOPOL 19 also suggests that some tapping systems could operate through a "virtual interface". This would mean installing special software at Internet access points, controlled remotely by government security agencies. A fourth new policy concerning cryptography is now being dealt with separately. The police group now plan that the old and new resolutions will be put into a monitoring "manual", together with detailed instructions on intercepting the Internet. This will include "technical descriptions" which have been taken out of the original ENFOPOL 98 . If this manoeuvre succeeds, then ENFOPOL 98 will escape scrutiny by being smuggled through in parts, while the European Parliament is dissolved (because of the June Euro-elections). But the biggest secret about ENFOPOL 98 has never been told, until now. The controversial document wasn't written by European governments or the European Commission. Both ENFOPOL 98 and Europe's 1995 monitoring policy were written by a US-dominated group of security and law enforcement agency experts, called ILETS. This group does not include any industry or human rights and privacy law advisers. Over the last six years, ILETS has single-handedly forced governments and international standards bodies to build in their "requirements" to laws, networks and new communications systems. Their activities have never been reported to national Parliaments, the European Parliament or even the US Congress. Not until Telepolis revealed the ENFOPOL 98 affair has the secret ILETS organisation been exposed or challenged. @HWA 04.0 NIPRNET to beef up security by *koff* installing firewalls...(wah hahahahaha) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NIPR to install Firewalls to Thwart Hackers From HNN http://www.hackernews.com/ contributed by erehwon The factual inaccuracies in this article are blatant. The Defense Information Systems Agency (DISA) plans to redesign its Non-Classified Internet Protocol Router Network (NIPRNet). While this article touts this 'redesign' as some sort of massive undertaking it sounds like they are just going to install a few firewalls. Oh, yeah, that will keep all the hackers out. Federal Computer Week http://www.fcw.com/pubs/fcw/1999/0503/fcw-newsdodnet-5-3-99.html MAY 3, 1999 DOD net overhaul to thwart hackers BY BOB BREWIN (antenna@fcw.com) The Defense Department has started an overhaul of its global unclassified network to fight off the barrage of hacker attacks the department's systems suffer and to increase capacity to handle a huge rise in traffic to and from the Internet. The Defense Information Systems Agency plans to redesign its Non-Classified Internet Protocol Router Network, DOD's primary entry into commercial World Wide Web sites, to take advantage of enhanced security measures and to improve overall performance. The NIPRNET redesign, scheduled for completion in December with main network components slated for installation no later than June, will provide DOD with a network better designed to stave off hacker attacks that hit DOD systems at a rate of 250,000 a year, according to a DOD source briefed on the network plan. Tony Montemarano, chief of Defense Information Systems Network services for DISA, said the agency is well on its way with the NIPRNET upgrade. "The equipment is purchased, and we are upgrading software loads," Montemarano said. He said that besides providing security, the NIPRNET upgrade also will provide "protection against denial-of-service attacks.... We want to be able to guarantee the availability of the network as well as provide additional security for the users." DISA's plans include the filtering of what DISA called "notorious" protocols routinely exploited by hackers, according to briefing slides obtained by Federal Computer Week. The protocols include the PostOffice Protocol (POP), which allows remote users to read e-mail stored on a central server; remote-access protocols, which allow users to read their e-mail from another system; and Packet Internet Groper (Ping), which hackers use to disable networks by overloading them with a command. According to the briefing slides, DISA plans to start filtering out these protocols by July. But the agency said it has not made any decision yet on which protocols to filter. Montemarano declined to quantify the degree of security that the NIPRNET upgrade will provide, except to say, "It will be better...and performance will be improved considerably." DISA is doubling the number of NIPRNET connections to the Internet because of the huge increase in traffic spurred by the development of the World Wide Web and the amount of information residing on Web sites outside NIPRNET, Montemarano said. "There is so much information out there our users want," he said. Increasing capacity also is a security measure. The inability of NIPRNET to handle the loads imposed by Web traffic without lags or delays had resulted in numerous military commands installing Internet "backdoors" on their systems. DISA is looking to eliminate such backdoor connections. According to the DISA briefing, no unit or command will be allowed to connect a local- or wide-area network to NIPRNET until the network goes through a formal connection approval process. Rear Adm. John Gauss, commander of the Space and Naval Warfare Systems Command, said he believes the NIPRNET redesign offers a better security alternative than the almost total retreat from the Internet advocated by Lt. Gen. William Campbell, the Army's director of information systems for command, control, communications and computers. "Campbell accurately addressed the threat," Gauss said, "but the thing I have to ponder is, [considering] the amount of electronic commerce we do with industry, is it viable just to disconnect from the Internet? What DISA is doing will protect DOD computing and still give us a viable means of communicating with industry." @HWA 05.0 Mainstream media questions some of Mitnicks accrued damages ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Hacker" Racks up $291.8 Million in Damages. From HNN http://www.hackernews.com/ contributed by Weld Pond Finally some mainstream press about the outrageous claims made by NEC America Inc., Nokia Mobile Phones, Sun Microsystems Inc. and Novell Corp. These companies claim substantial losses that they have attributed to Kevin Mitnick. LA Times http://www.latimes.com/HOME/BUSINESS/CUTTING/t000039748.1.html Letters citing damages http://www.hackernews.com/orig/letters.html FREE KEVIN http://www.freekevin.com Heard on the Beat Firms Say Hacker Cost Them $291 Million By GREG MILLER LA Times For a guy who never seemed to profit from his hacking habit, Kevin Mitnick sure took a big bite out of the high-tech economy, if newly disclosed damage estimates from his victim companies are to be believed. Mitnick's hacking cost high-tech companies at least $291.8 million over a two-year span before his capture, according to estimates provided to the FBI by NEC America Inc., Nokia Mobile Phones, Sun Microsystems Inc. and Novell Corp. The damages are listed in previously undisclosed letters that were obtained by 2600 magazine, a pro-hacker publication that has posted the letters on its Web site. The damage estimates vary widely. NEC said Mitnick stole software code worth $1.8 million. But Nokia figures Mitnick cost the company at least $135 million, including $120 million in lost revenue "due to new developments being delayed in reaching the market." Skeptics say the estimates border on fantasy and point out that the companies did not report these hefty setbacks in public financial statements.But the estimates underscore the ambiguities of assessing damages in hacking cases.Some argue that hackers should be accountable for the cost of developing the software they steal, even though they are only taking a copy. Mitnick himself once argued that was akin to saying someone who shoplifts a 49-cent Bic pen ought to be accountable for the millions of dollars Bic has spent developing and marketing it.The issue is still significant for Mitnick, who pleaded guilty to various hacking charges last month but awaits a ruling on the restitution he will be ordered to pay victims. "We're going to make a submission for an amount of restitution we consider appropriate," said Assistant U.S. Atty. Chris Painter, "not necessarily the full amount of the loss that was caused." Copyright 1999 Los Angeles Times. All Rights Reserved @HWA 06.0 CyberCrooks easier to catch? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Sangfroid This Associated Press article seems to think that cyber crooks are easier to catch. Using the authors of Melissa and CIH as well as the man who posted a false news story causing fluctuations in a companies stock as examples for this claim. Unfortunately the author has little or no understanding of how the net actually works.Bad guys are not getting easier to catch there are just more stupid ones. Las Vegas Sun http://www.lasvegassun.com/sunbin/stories/tech/1999/apr/30/043000242.html April 30, 1999 Catching Hackers Becoming Easier ASSOCIATED PRESS NEW YORK (AP) -- They never unmasked the hacker responsible for Michelangelo, a famous computer virus that threw a scare into the high-tech world in 1992. But it took just days to identify the people believed responsible for two viruses that struck this year. Cybercops also had no trouble finding the man who allegedly posted a fake news story this month about a corporate merger that caused one company's stock to gyrate. In at least two of these cases, investigators used the digital footprints that every user of the Internet leaves behind to trace the source of the trouble. While this may force virus writers or hoaxers to think twice before they strike, it also shows how easy it is for anyone -- a government investigator or a skilled salesperson -- to follow your every online move. "The same technology that tracks individuals is used to solve crimes and vice versa," said Ari Schwartz, a policy analyst for the Center for Democracy and Technology, an Internet civil liberties group in Washington. "It's melded into one kind of surveillance technology which could lead to an erosion of privacy." Actually, there's nothing all that complicated about how the law enforcers crack a case on the World Wide Web. In fact, it's similar to the way telephone records are used by investigators. The online accounts that most people use to roam the Web or send e-mail are assigned a unique stamp, or "Internet protocol address," that helps direct the exchange of data between a Web site and its visitors. Those IP addresses leave digital footprints that -- unfortunately for the ill-intentioned -- don't get wiped out as easily or quickly as a trail of bread crumbs. Little is known about Chen Ing-hau, the 24-year-old Taiwanese man identified on Thursday as the author of Chernobyl, a virus that crippled hundreds of thousands of computers this week. But IP addresses were clearly pivotal in tracking down the alleged merger hoaxter, Gary Dale Hoke. The 25-year-old North Carolina man was arrested two weeks ago after he allegedly posted a fictional story April 7 saying his employer, PairGain Technologies, was about be taken over by another company. The false report caused PairGain's stock to rise sharply, then fall after the hoax was uncovered. Hoke, officials said, attempted to conceal his identity with pseudonyms and fake e-mail addresses, but was identified through an IP address. He was charged Friday with five counts of securities fraud, punishable by up to 50 years in prison and $5 million in fines. IP addresses were also used to track down David L. Smith, a 30-year-old network programmer from New Jersey accused of creating the Melissa e-mail virus with a stolen America Online account. Melissa, allegedly named after a topless dancer in Florida, appeared on March 26 and spread rapidly around the world, clogging e-mail accounts and shutting down computer networks worldwide. But IP addresses weren't the only clues used in the Melissa investigation, and that's what troubles privacy advocates. The main difference in the Melissa investigation was the use of a serial number embedded in documents written with the popular program Microsoft Word. "We could go around society with tattoos on our forehead and cameras everywhere, but most people wouldn't like that. But that's what these serial numbers do," said Schwartz, whose organization has filed a federal complaint over a similar serial number embedded in Intel's new Pentium III computer chip. "Law enforcement has a lot of tools out there to find out who these people are. We want them to find crooks," Schwartz said. "But when we make technology, do we want technology that brands individuals, that's puts our serial numbers everywhere as we visit? There has to be some sense of anonymity online." @HWA 07.0 Nasa has security concerns, doesn't report cyberattacks ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by erewhon Roberta Gross, NASA's inspector general, told a Senate subcommittee that parts of NASA are failing to report cyber attacks and that some do not have proper security in place. She went on to claim that an internal NASA organization, NASA's Automated Systems Incident Response Capability, was not performing its job adequately. Federal Computer Week http://www.fcw.com/pubs/fcw/1999/0503/fcw-newnasa-5-3-99.html (ed's note, this gave me a 404 when I tried it i'll try and find the correct link and post the article here) Roberta Gross also is quoted in this article as saying that although the attacks where not reported her office learned of them from "other ways". Hmmmmm, wonder what that means @HWA 08.0 Encryption debate called for ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Weld Pond Jerry Berman, chairman of the Congressional Internet Caucus Advisory Committee said he would like to see a campaign-style debate on encryption pitting members of Congress and the Clinton administration against U.S. lawmakers. CNN http://www.cnn.com/TECH/computing/9905/04/encryption.idg/index.html U.S. advisor seeks full-blown debate on encryption May 4, 1999 Web posted at: 7:51 a.m. EDT (1151 GMT) by Margret Johnston (IDG) -- The chairman of an organization that advises the U.S. Congress on Internet issues yesterday said he would like to see a campaign-style debate on encryption pitting members of Congress and the Clinton administration who oppose relaxing U.S. encryption laws against U.S. lawmakers who favor loosening them. Jerry Berman, chairman of the Congressional Internet Caucus Advisory Committee, said he would push for the debate to be held sometime this year. He added that he would favor participation from U.S. lawmakers who have spoken out against relaxing U.S. restrictions on the export of encryption technology above 56 bit. "I want a face-to-face debate," Berman said during a luncheon for congressional staff members sponsored by the caucus. "Let them go at it." Sen. Diane Feinstein (D-Calif.) and Rep.Michael Oxley (R-Ohio) would be ideal participants, Berman said. And the director of the FBI Louis Freeh would be another good candidate to take part in the debate.But there has been no agenda or date set for the event, Berman said. The two lawmakers and Freeh have opposed legislation that would change the current U.S. encryption law on the grounds that it would weaken law enforcement's ability to catch suspected criminals, particularly terrorists and drug dealers, because they could use the high-level encryption to prevent access to potential evidence stored on their computers. Supporters of a change in U.S. encryption law say those arguments are baseless because high-level encryption is easily obtainable and the U.S. law has only hamstrung American businesses who want to sell and use such encryption outside the U.S. Berman announced that, in addition to the encryption forum, the caucus by year-end would hold forums on privacy, content and broadband technology. "The goal is to educate policy makers about the Internet as a technology," Berman said. "We need to explain to policy makers what these issues are." The Internet Caucus Advisory Committee comprises 120 public interest groups, corporations and associations. Members typically favor maintaining the decentralized, deregulated global aspects of the Internet, Berman said. He added that the caucus got off the ground because Congress passed the Communications Decency Act (CDA) without first asking itself whether it fully understood technology and how the Internet works. The CDA was later ruled unconstitutional by the Supreme Court. @HWA 09.0 Product: Hackers stopped cold by 'BlackICE'? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.cnn.com/TECH/computing/9904/22/blackice.idg/ Start-up puts hackers on BlackICE April 22, 1999 Web posted at: 1:35 p.m. EDT (1735 GMT) by Ellen Messmer (IDG) -- Network Ice, a hot security start-up for intrusion detection, this June plans to ship its first software-based suite for stopping the wily hacker cold. To protect Windows-based desktops and servers from hack attacks, Network Ice is providing software called BlackICE Pro. If BlackICE software spots evidence of mischief, it responds by alerting the user or the administrator of the problem. It can also shut down all communication to and from the source of the intrusion attempt. BlackICE Pro software, which costs $37 per node for 1,000 nodes, will issue a report of any trouble to the Web-based security management console called ICEcap (an acronym for "consolidation, analysis and presentation"). According to Greg Gilliom, CEO of Network Ice, the ICEcap reporting engine uses a technology dubbed "Collective Awareness" to analyze the nature of the intrusion attempt. If needed, it will inform all BlackICE-protected desktops or servers if a systemic corporate-wide attack appears to be under way. Since hackers are constantly upgrading their attack exploits, the BlackICE software is going to have to be updated regularly, much like anti-virus software, Gilliom points out. To do this, ICEcap can "push" intrusion-detection updates down to BlackICE software without disrupting computer activity. "We detect over 200 attack signatures, such as ping sweeps or denial-of-service attacks," Gilliom claims. "We're protocol experts - we know how to exploit protocols. But we're trying to provide a system of administration and protection for small companies that aren't aware of all these issues." Gilliom and the other Network Ice co-founders Robert Graham and Clinton Lum all held senior engineering positions at Network General (now Network Associates after its merger last year with McAfee Associates). The BlackICE suite is host-based intrusion-detection software for Windows. The start-up is also working on an NT-based probe called BlackIce Sentry that would be able to scan for trouble Unix machines, mainframes or databases. The company has no specific shipping date for BlackIce Sentry. Network Ice Chief Technology Officer Robert Graham says that one of the most vulnerable points within the enterprise network today is that presented by the telecommuter or remote access user. "The problem with VPNs and notebook computers is that firewalls are being bypassed by remote dial-in users," Graham says. "When we've put our software on a lot of people's machines, we see virtually everyone will undergo a hacker attack within just a few weeks." This is because the hackers with their automated tools are targeting remote access users to find out their IP addresses or access methods in order to weasel their way into the corporate intranet, Graham claims. Therefore, even companies using VPNs or firewalls can benefit from a desktop-based intrusion-detection system used for remote access. "We see three types of hackers out there," Graham says. "There are voyeurs, like peeping toms; graffiti artists that trash the Web site and tell their friends; and criminals who steal things, such as customer lists." @HWA 10.0 FreeBSD 3.1 remote reboot exploit ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Approved-By: aleph1@UNDERGROUND.ORG Message-ID: <19990501031840.A24252@dilbert.exodus.net> Date: Sat, 1 May 1999 03:18:40 -0500 Reply-To: jamie@exodus.net Sender: Bugtraq List From: Jamie Rishaw Subject: FreeBSD 3.1 remote reboot exploit To: BUGTRAQ@netspace.org Hi, Sorry to be so vague, but I wanted to let everyone know, It's been demonstrated to me by two people who will not reveal "how" that there is a remote bug exploit, almost certainly over IP, that will cause FreeBSD-3.1 systems to reboot with no warnings. The second box this was demonstrated on today had no open services besides ircd, and was remote rebooted. (The first box had open services such as smtp, ssh, pop, http, but did /not/ run ircd, eliminating ircd as the culprit). If anyone can shed some light on this (really bad) issue, it'd be greatly appreciated, especially since I am(was) in the process of upgrading all of my boxes to 3.1. (3.1-REL). Regards, -jamie -- jamie rishaw (efnet:gavroche) -- Exodus Communications, Inc. >Sr. Network Engr, Chicago, SoCal Data Centers In an interesting move Exodus Communications annouced today that they have replaced all of their backbone engineers with furby's @HWA 11.0 More on the MSIE favicon.ico bug ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://web.cip.com.br/flaviovs/sec/favicon/index.html MSIE 5 favicon bug Description There's a bug in MSIE 5 when handling the favicon.ico file downloaded from a web site. By creating a icon file with bad data, it's possible to crash MSIE 5. The stack is filled with information from the icon file so it may be possible to create an icon file with data which would end executing code on the client machine. The favicon.ico icon file The favicon.ico file is an icon file in the MS-proprietary icon file format. It is downloaded by MSIE 5 when the user asks it to add the page's URL to his/her "Favorites" list. When the user selects to add the URL, MSIE 5 downloads the file and shows the icon on the "Favorites" menu. The request for the favicon.ico file is first done on the same path of the current URL. If the file is not found, MSIE 5 will backup one directory in the directory hierarchy and try again. It will do this until it finds the file or reaches the web server root (e.g. if you try to bookmark this page, MSIE 5 will look for favicon.ico in http://web.cip.com.br/flaviovs/sec/favicon/, http://web.cip.com.br/flaviovs/sec/, http://web.cip.com.br/flaviovs/ and http://web.cip.com.br/). Impact MSIE 5 will crash when trying to interpret/show such icon file. It's unknown if it's possible to create an icon file which will trigger code execution on the client machine, but evidences show that it may be possible (i.e. it looks like a stack buffer overflow). Workaround It seems it's not possible to turn off the favicon.ico loading feature. Thus the only workaround is not to add any non-trusted site to the "Favorites" list and wait for a patch from Microsoft. Example If you're using MSIE 5 with Javascript enabled, you can feel the bug in action. Otherwise just try to bookmark this page (note: this will crash your browser). Here's the favicon.ico file that triggers the bug. It's composed of an bogus header followed by lots of "A" characters. What Microsoft is Doing Apparently, nothing. I reported the bug twice, the first one about one month ago, the last time about two weeks ago. I didn't receive any reply. Disclaimer All information contained in this page is for EDUCATIONAL PURPOSES ONLY. The author of this page can not be made responsible for any damage caused by the use or minuse of information here contained. Related Documents Web Workshop Getting Ready for Internet Explorer 5 http://msdn.microsoft.com/workshop/essentials/versions/ICPIE5.asp Apache Week: 9th April 1999 http://www.apacheweek.com/issues/99-04-09 Privacy Issues about the favicon.ico File (below) About This bug was discovered in april 1999 by Flavio Veloso . Privacy Issues about the favicon.ico File Description Every time you bookmark a page in MSIE 5 it will send to the web server a request for a file named favicon.ico (see "MSIE 5 favicon bug" for an explanation about what this file is, along other nice things). This give to web servers admins a way to know that someone has bookmarked it's site; the info includes the date and time of the operation plus the address IP of the machine which bookmarked the site. This may or may not bother you. Impact MSIE 5 will reveal to web servers admins that you bookmarked their sites. Workaround It seems that it's not possible to turn off this feature, so if this bother you, don't bookmark sites with MSIE 5 or don't use it at all. What Microsoft is Doing Microsoft was not contacted about this issue. They were already informed about a a much more dangerous issue about the favicon.ico file and took no measure to fix it in about one month. I don't have plans to contact them about this privacy issue just because I don't want to waste my time anymore with this. Disclaimer All information contained in this page is for EDUCATIONAL PURPOSES ONLY. The author of this page can not be made responsible for any damage caused by the use or minuse of information here contained. About This issue was discovered in april 1999 by Flavio Veloso . @HWA 12.0 Simple Nomad sheds some light on the Phone Masters ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Last week we followed up a story from HNN on the Phone Rangers/Phone Masters the actual proper group name was the PHONE MASTERS and NOT the 2600 group the Phone Rangers, we aplogize for the inaccuracy. From HNN http://www.hackernews.com More Info on Phone Masters contributed by Simple Nomad Simple Nomad sheds some light on the Phone Masters and the latest reporting on the GTE Telecom hacking. This is an HNN exlusive. HNN Report (See below) HNN correction: Correction: We made an error on Friday and mentioned the "Phone Rangers" as the group that broke into GTE's telecom network. This was the "Phone Masters". Phone Master Hacks By: Simple Nomad Robert Riggs, the reporter for WFAA who reported the "cyber-terrorism" story http://www.wfaa.com/news/9904/29/ cyber_terrorism_1.html, had contacted me about two weeks ago as he was preparing the story. I was requested to appear on camera and discuss how vulnerable the nation's infrastructure was. I am glad I declined, considering the FUD. The sad thing about this story is that just talking with Riggs about what had happened was actually quite interesting, and I thought he had quite a scoop. But since his report lacked a lot of the details, here is what I know. The Phone Masters were a group of experienced phreakers and hackers, who had been infiltrating GTE, Sprint, MCI, and several Baby Bells. They had access to pretty much everything. GTE, the Bells, and the others had no idea these guys were into their systems. They apparently had access to pretty much everything, hence they had the ability to "wreak havoc". There have been at least 7 arrests that I am aware of, including 5 of the group and 2 private investigators in Dallas. The charges supposedly range from various computer crimes to various phone fraud felonies. I suspect there will be a conspiracy charge as well. There appears to have been two distinct philosophies at work here, one criminal, and one VERY criminal. Part of the Phone Masters were profitting financially from the hacks, while part were just exploring the phone systems. It appears the reason they were caught is that one of the non-profitting guys became angry after learning of the guys selling information, and ratted them out. Had this not happened, they'd still be deep inside the phone systems. The Feds and the phone companies feel comfortable they have all of "them" out of the phone systems and that the nation can rest easy. A real interesting thing with this case is that it supposedly marked the first time the FBI used taps on phone lines that allowed the Feds to view the online sessions. I wish I had more technical detail here, Riggs referred to it as an "analog" trace, but the basics seemed to be somewhat like the Shimomura "videos" of Mitnick at http://www.takedown.com/. I'm willing to bet a certain Mr. Shimomura helped set the Feds up with this capability. The main alleged criminal things were that several of the Phone Masters were selling credit reports and other personal info (hence the arrest of the 2 PI's, who were "information brokers"), selling of long distance access codes, and pilfering and exploitation of credit card numbers. This is probably the main area where the Feds will make their case, being that it is more "criminal" than simply gaining access and poking around, although my guess is any conspiracy charge will put all of them in jail for a long time. At the time I spoke to Riggs, he was aware of only one time when some of these guys informed a suspected drug dealer (in Colorado, I believe) that there was a tap on his phone, apparently blowing some big DEA investigation. My source on all this was based on my email and phone conversations with Riggs, and putting two and two together after reading the online version of the story and recalling what Riggs said. @HWA 13.0 Israeli Sciemtist reports advance in codebreaking ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ Israeli Scientist Reports Discovery of Advance in Code Breaking contributed by weld Shamir, the 'S' in RSA, has developed a new device that makes factoring the large numbers used in public key cryptograpy much easier. This makes those 512 bit PGP keys potentially vulnerable. You did pick 1024 bit didn't you? NY Times http://search.nytimes.com/books/search/bin/fastweb?getdoc+cyber-lib+cyber-lib+11455+0+wAAA+Shamir May 2, 1999 Israeli Scientist Reports Discovery of Advance in Code Breaking By JOHN MARKOFF An Israeli computer scientist is expected to shake up the world of cryptography this week when he introduces a design for a device that could quickly unscramble computer-generated codes that until now have been considered secure enough for financial and government communications. In a paper to be presented Tuesday in Prague, the computer scientist, Adi Shamir, one of the world's foremost cryptographers, will describe a machine, not yet built, that could vastly improve the ability of code breakers to decipher codes thought to be unbreakable in practical terms. They are used to protect everything from financial transactions on the Internet to account balances stored in so-called smart cards. Shamir's idea would combine existing technology into a special computer that could be built for a reasonable cost, said several experts who have seen the paper. It is scheduled to be presented at an annual meeting of the International Association for Cryptographic Research, which begins on Monday. The name of Mr. Shamir, a computer scientist at Weizmann Institute of Science in Rehovoth, Israel, is the "S" in R. S. A., the encryption design that has become the international standard for secure transmissions. He is a co-inventor of R.S.A. -- with Ronald Rivest of the Massachusetts Institute of Technology and Leonard Adleman of the University of Southern California. R.S.A. is known as public-key cryptography. In this system, a person has a public key and a private key. The public key is used to scramble a message and may be used by anyone, so it can, even should, be made public. But the private key that is needed to unscramble the message must be kept secret by the person who holds it. R.S.A., like many public-key systems, is based on the fact that it is immensely difficult and time-consuming for even the most powerful computers to factor large numbers. But Mr. Shamir's machine would make factoring numbers as long as about 150 digits much easier, thus making it much simpler to reveal messages scrambled with public-key encryption methods. A number of advances in factoring have been made in the last five years. But most of them are the result of applying brute force to the problem. When R.S.A. was created in 1977, Mr. Shamir and his colleagues challenged anyone to break the code. Employing 1970's technology, they said, a cryptographer would need 40 quadrillion years to factor a public key, and they predicted that even with anticipated advances in computer science and mathematics, no one would be able to break the code until well into the next century. In fact, a message the trio had encoded with a 129-digit key successfully withstood attack for only 17 years. It was factored by an international team of researchers in 1994. Using Mr. Shamir's machine, cracking the 140-digit number would be reduced to the difficulty of cracking a key about 80 digits long -- relatively easy by today's standards. Researchers said that if his machine worked it would mean that cryptographic systems with keys of 512 bits or less -- that is, keys less than about 150 digits long -- would be vulnerable in the future, an exposure that would have seemed unthinkable only five years ago. The longer 1,024-bit keys that are available today would not be vulnerable at present. 14.0 Ecommerce being hit hard by the shopping carts scandal? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Companies That Ignore Online Security Are Risking Customers contributed by weld The noise of all these online shopping cart security lapses has finally made the mainstream. Guess what? Some e-commerce sites have not hired anyone with security expertise to audit their sites. Some sites say since they use SSL that they are secure. They just don't get it do they. So the armored truck transferring the data is secure but what about the endpoints. NY Times http://www.nytimes.com/library/tech/99/05/cyber/commerce/03commerce.html By BOB TEDESCHI Companies That Ignore Online Security Are Risking Customers To placate those who worry about how secure it is to shop online, companies typically proffer the idea that buying on the Internet is no more risky than giving a credit card to a waiter in a restaurant. Given recent reports of E-commerce security lapses, that analogy may be giving waiters a bad name. Analysts and executives agree that a vast majority of E-commerce sites are secure, but some say the trend may actually be heading in the opposite direction. Many companies so fear being overtaken by a competitor who got to the Web first -- of "getting Amazoned," in the industry vernacular -- that they rush past security issues in their zeal to establish a Web site. Some companies lack the technical knowledge to use security safeguards; others say they cannot afford security products and advice. And there are those who simply do not consider it a priority. "I wish I had a dollar for every one of my clients that said, 'I don't care if the transaction is really secure; I just need my customers to think it is,'" said Larry Erlich, partner at Domainregistry.com, a Philadelphia company that registers Internet addresses and provides Web consulting services. In the case of one recently disclosed security problem, though, the issue seems to have been not a lack of concern by the Internet retailers but a limited technical knowledge. Two weeks ago, a Seattle Internet service provider, Blarg Online, reported that several software products that were used to create the "shopping cart" technology employed by some Web retailers could leave credit card numbers and other personal data exposed on a company's server, if the software was improperly installed. Those wishing to get at that information simply needed to type a few words and numbers into a search engine like Alta Vista, and they would have been able to get access to a compromised site's data files. The makers of the software say they have addressed the problem, but industry experts said problems involving other software and other Web sites could follow closely behind. One reason, said David Taylor, a vice president at the Gartner Group, a Stamford, Conn., research firm, is that many Internet companies have realized the value in collecting and selling customer data, "and in their quest for that data, people are being less than judicious about how they gather that information." Even the leading Internet companies are not immune to security problems. Earlier this month, for example, Yahoo acknowledged that customer data of one of its merchants had been exposed to the public. In that incident, customers of Vitanet, a retailer of nutritional products, had their addresses, order information and partial credit card numbers posted on a demonstration site that Yahoo had set up for study by would-be Web merchants. Only after being alerted to the security lapse several weeks later did Yahoo correct the problem, which it attributed to a software bug. Despite that stumble by Yahoo, many experts say that those most vulnerable to security flaws are small and medium-size sites. First, smaller operations often lack the money to hire security auditors -- which can cost $15,000 or more for a one-week sweep of a site -- and they generally lack the internal expertise to perform such audits themselves. Second, because they typically operate with a lean technical staff, such sites tend to rely on one software vendor for security needs. In fact, it requires more than one type of software to secure a site, security experts say. Still, some consultants say it is really not very expensive to provide at least a basic level of security. "If you're going ballistic with security, you could spend a lot of money," said Mamoon Yunus, a regional manager for i.Informix, the E-commerce division of the computer services company Informix. But otherwise, he said, "it needn't cost a lot." For instance, software designed to encrypt customer information as it travels to the seller, such as that sold by Verisign, costs $350 a year. And through companies like Cybercash, E-commerce sites can get credit card encryption and processing services set up for roughly $400, plus a fee of 20 to 25 cents a transaction. And for as little as $30 a month, smaller merchants can get secure online storefronts through companies like Cybercash and Internet providers. "Basically, there's no reason to have a security problem, except for a failure to do the homework," said Steven Kramer, president of the Picture Palace, an online retailer of rare and unusual movie videos. Those who run E-commerce sites say there is one additional issue deterring elaborate security systems: the customer's desire to move quickly through a transaction. For increased security, customers would have to go through multiple layers of registration and identity verification before buying, and many would bristle at the inconvenience, said Steven Rabin, chief technologist for Interworld, which develops sites for a number of large retailers. But Taylor, of Gartner Group, said that if reports of security breakdowns continued, E-commerce companies could be under increased pressure to regulate themselves if they do not want the Government to intervene. Taylor said more E-commerce sites should follow the lead of Gateway, the computer seller. In its privacy and security statement, Gateway asserts that "none of the tens of thousands of people who have made purchases through Gateway's Web site using SSL" -- secure sockets layer technology -- "have reported fraudulent use of their credit card as a result of their online order." When asked if, in the event of a security breakdown, Gateway would post information about it and the company's response, Chuck Geiger, Gateway's vice president for E-commerce, said: "It's a good idea, but I'd have to consult with our legal and public relations folks. But in terms of full disclosure and being honest, it makes sense." Taylor said that getting the entire industry to follow Gateway's example could be difficult, though. "The minute these companies start talking about security, they run the risk of bringing the party to a halt," he said. "But this is something the Government could impose, because it wouldn't be expensive for a merchant to do." The E-COMMERCE REPORT is published weekly, on Tuesdays. @HWA 15.0 Computer crime threatens the economy?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www,hackernews.com/ Computer Crime Threatens US Economy contributed by Simple Nomad So now all credit card crooks are hackers. Don't be hitting those URLs for the shopping cart transaction log files or you will be labled a super hacker. The one thing that the article has right is how inept local law enforcement is in catching crooks on the internet. The Dallas Police disbanded their computer crime squad because they couldn't get any qualified help. WFAA-TV News http://www.wfaa.com/news/9904/30/cyber_terrorism_2.html N E W S 8 I N V E S T I G A T E S Computer Crime Threatens U.S. Economy by Robert Riggs April 30 1999 DALLAS -- The FBI says a disturbing trend of hacker attacks and computer crime threaten our nation's economy. Specialized computers called web servers store information about customers who buy products over the Internet. If a web server is not secure, hackers can literally take all of the confidential information stored within, and anyone can become a victim. ONE VICTIM'S STORY Computer security expert David Dunagan never expected to become a victim of computer fraud. Then, a thief stole his identity and his credit card number and ordered a notebook computer over the Internet. Now Dunagan knows first hand just how easy it is. "You are one of millions of transactions a day to somebody, and they don't have time to see who you are, take your credit card, say, 'thank you.' It's just boom, boom, boom, get as many transactions as we can," he said. Dunagan recently came to News 8 Investigates after Dallas Police refused to look into his complaint. News 8 tracked the delivery address for the notebook computer to a North Dallas apartment complex. A woman who answered the door denied having every heard of David Dunagan. "Never heard of David Dunagan," she said. "No, I can't help you." Despite that denial, the apartment's manager said this resident asked that packages addressed to David Dunagan be delivered to her unit. It turns out that Dunagan's office assistant is her roommate. After searching the hard disk drive of the assistant's computer at work, Dunagan fired her. Dunagan was frustrated that police could not help him. "Their approach was, 'okay, well, we're too busy. We're too overloaded. We're too overworked right now to really deal with this, so thank you very much." CYBERCROOKS -- A STEP AHEAD Walt Manning investigated computer crime for the Dallas Police Department, but two years ago, the high tech crimefighting unit was disbanded. "You may or may not be able to find anybody that can help you -- not because they're not willing, just because they don't know how," Manning explained. Manning also said these cybercrooks may be way ahead of law enforcement agencies. "We are starting to see terrorists recruit hackers," he said. "I have read reports that show there are drug cartels in the world that now have professional hackers on their payroll, and have the capability to wage information warfare against the United States." In fact, at the start of the air war against Yugoslavia, Serbian hackers bombarded NATO's website. They overloaded its computer with electronic mail "bombs" until it crashed. No one is safe. Hackers also defaced the Justice Department web page with Nazi swastikas and pornography. They even hit the CIA, renaming the spy agency the "Central Stupidity Agency." CRIME OF THE MILLENNIUM?" Matt Yarborough, the federal computer crimes prosecutor for North Texas, said this is the crime of the millennium. "Think about it," he said. "More and more traditional modes of communication are going on line to the Web." Yarborough warns that hackers can steal confidential information about customers from unsecured websites, and businesses can lose millions of dollars in sales if hackers shut down those websites. "We are adding hundreds, thousands, millions of people per year to the Internet," Yarborough said, "and remember -- anybody can be a hacker. Any individual sitting at their keyboard can choose to hack." HACKERS SHARE INFO ON THE INTERNET How do they do it? Hundreds of hacker sites on the Internet make cyber burglary tools widely available. Some feature an international menu of programs to attack systems. They offer how-to manuals for beginners. One software program cracks the mathematical formula used by credit card companies, generating valid numbers that often pass security checks. There are many more highly sophisticated programs useful for stealing information. FBI Agent Mike Morris demonstrated how a picture of a starburst can conceal a written document. With just a click, he revealed the hidden message. He explained that this technique could be useful for terrorists or military spies or even industrial espionage. "It could be the company's most valuable trade secret.," Morris said. "'Here mom, here's a picture of Johnny riding his bicycle.' Inside, there is a secret formula for whatever you are working on." It's against the law to even try to break into a computer system, but hacker tools are legal to own until you use them. In response, the FBI and U.S. Attorney urge companies to form neighborhood watches for computer fraud -- and not to sweep break-ins under the carpet. PROTECTING YOURSELF Here are some tips to protect yourself when making purchases over the Internet: Be suspicious of anyone who uses an anonymous e-mail address and doesn't give their name, address, and telephone number. Never send your credit card number by e-mail. Be wary of sending checks or money orders. If you are going to do business on the Internet, there are a lot of questions you should be asking about how your information is protected. @HWA 16.0 Cracking the casinos, a Defcon primer? *g* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Silicon Crackers Tackle Casinos by Vince Beiser 3:00 a.m. 3.May.99.PDT First of two parts LAS VEGAS -- Dennis Nikrasch has been tried, convicted, and sentenced to seven-and-a-half years in Nevada state prison. Still, no one really knows how he stole that US$6 million. What is generally agreed on, though, is that Nikrasch, 57, is one of the greatest slot-machine cheats in history -- and the most technologically adept. "Nikrasch," said Keith Copher, chief of enforcement for Nevada's Gaming Control Board, "is the most sophisticated cheat we've seen." Nikrasch started out in the 1970s, rigging mechanical-reel slots. His skills, however, have kept pace with the times. Last fall, a months-long FBI investigation nailed him and several confederates for scamming millions in cars and cash by cracking the silicon chips that control today's computer-based slot machines. Nikrasch is only one of a growing number of hustlers using advanced technology to rip off casinos. In belated response, the gambling industry is just beginning to deploy state-of-the-art security technology. The stakes of this technological race are mounting rapidly, as the multibillion-dollar gambling industry spreads across the country. Slot cheating alone is estimated to cost casinos some $40 million a year. The equipment is easy to come by. You can buy an astonishing array of devices to help you cheat at slots or cards at the Hackers Home Page, for instance. Counting cards is not illegal; using a device to help you do it, however, is a felony. That hasn't deterred a generation of grifters from putting the ultimate counting devices -- computers -- to work for them. Andy Andersen, a veteran Las Vegas private investigator, keeps a scrapbook of all the scams he's seen. On Page 1 is a Polaroid of a man with a lunchbox-sized computer on his hip, wired clumsily to a bandoleer of batteries around his chest. The year was 1978; it was the first wearable card-counting computer Andersen had seen. "Cheats have been using technology since long before the casinos ever thought they were," said Andersen. The clunky hip-computer soon gave way to the "toe-tapper," a computer small enough to be hidden in a player's boot. A player uses his toes to record which cards are dealt, and the computer emits tiny electric shocks to indicate when to hit or stand. Toe-tappers are still used, but the latest card scam turned up last fall in Atlantic City. Casino security staff discovered that a man playing high-stakes mini-baccarat had a subminiature video camera disguised as a button on his coat sleeve, which he positioned to monitor the cards as they slid out of the mechanical shuffling machine. His partner was watching the video from a van in the parking lot, then radioing back, via a tiny receiver in the player's ear, which cards were coming up. For fast money, nothing beats the slot machines. Some older machines can still be successfully jacked with equipment as primitive as a dollar on a piece of duct tape that can be yanked back after triggering a credit, or a tiny light bulb on a wire that blinds the machines' optic counter so that it keeps spitting out coins. "There are lots of little ways to cheat," said Frank Luizzo, a former Nevada state trooper who used to infiltrate cheating gangs. "But the guys who use electronics are going after the cars, the boats, the millions of dollars. That's balls, big balls." Take Barry Zeltner. Last year, Zeltner figured out a way to run a static electric shock through video keno machines in several Nevada casinos, forcing them to reset. Zeltner would then play a series of numbers he knew were more likely to come up after a resetting. He scammed an estimated $750,000, got caught, jumped bail, and is currently on the run. Nikrasch, however, is believed to have pulled in about $10 million in the late 1970s, a run that earned him five years in prison. He was only out for a few years before he began his chip-hacking scam. No one has figured out exactly how he beat the chips, and Nikrasch isn't saying. "I have no desire to explain anything to the public," he wrote Wired News from jail. "Never smarten up a chump." Court documents and interviews with law-enforcement officials, however, reveal most of the story. Nikrasch apparently bought a slot machine to practice on at home and obtained extra computer chips from the machine's manufacturer. He probably got the keys required to open the casinos' machines on the black market, where casino employees can sell copies for thousands of dollars. In the casinos, his partners would crowd around to block the surveillance camera's view while Nikrasch opened the machine and the housing around the computer chip. He would then attach clips to either side of the chip, use a handheld device to force-feed it the jackpot code, and close the works back up -- all in under a minute. One of Nikrasch's partners would then sit down to "play." The next coin, of course, would trigger the jackpot. There's no way of knowing how many other technology-driven scams are going on or how much they cost the gambling industry. Unlike other businesses, there's no lost inventory to count. "You don't know you're being cheated," said Copher, "until you catch someone." Copher should know. Just last year, Gaming Control arrested a man for rigging the computer programs in several slots to scam $50,000. The cheat turned out to be one of his own agents. PART II Casinos Fight Back with Tech Vince Beiser 3:00 a.m. 4.May.99.PDT Second of two parts. LAS VEGAS -- The surveillance cameras pick up Andy Andersen the instant he steps into the vast casino at Caesars Palace. He strolls through banks of slot machines and over to the blackjack tables to chat with a pit boss he knows. By that time, a security agent is on the phone to the pit, demanding to know why Andersen's there. There can be only one reason: trouble. Andersen is famous in Las Vegas security circles as a top-notch private investigator, a pioneer who uses cutting-edge technology to catch card counters, slot scammers, and all manner of casino cheats. He is best known for his remote-monitoring system. Using a laptop and a cell phone-modem, Andersen can link into a client casino's surveillance system from anywhere, check a suspected grifter's face against his private database, and tell surveillance whether to evict him. Tonight, however, Andersen, his white hair gelled back and a pair of tiny gold handcuffs on a chain around his neck, is just checking on the progress of a new system he plans to take online in 1999. It will move casino surveillance technology to a new level: a digital casino network that incorporates biometric facial recognition technology. "We've got to get into high technology," said Andersen, "because the cheaters have." Most casino security systems are surprisingly behind the technological times, thanks to the complacency of their old-school owners and the vast profits they rake in despite the cheaters. But as the gambling companies grow ever larger and more sophisticated, the casinos are beginning to realize how tech-savvy cheaters are ripping them off. And they're moving to catch up. "The technology we have now is ancient," said Frank Luizzo, a former Nevada state trooper who now oversees security for Las Vegas' Hard Rock Hotel & Casino. "The industry didn't realize how much it was losing, so it didn't want to invest more in security. But that's changing now." The surveillance room of the Tropicana, a Strip landmark, is typical: In a windowless room suffused with a deep cathode glow and the low thrumming of machinery, two officers sit hunched over keypads, scanning a wall of 52 mostly low-resolution, black-and-white monitors. When someone on the casino floor catches the watchers' interest, they use a joystick to zoom in, rotating or tilting the cameras as needed. Meanwhile, the images on the other monitors change every few seconds, cycling through the views from each of hundreds of ceiling-mounted cameras. Against a wall, 220 VCRs ceaselessly record everything the cameras see. It's a clunky system. The tapes have to be reviewed manually, are a nuisance to archive, and leave many casinos periodically "blind" for a few seconds while fresh cassettes are put in. More-flexible digital systems are only just hitting the market. California-based Sensormatic's Intellex system is one of the most sophisticated. A Pentium-equipped PC controls up to 16 digital cameras, all feeding into a single monitor via an ISDN line. Everything is archived to DAT tape, which can then be searched with "motion filters." Users highlight, say, a stack of chips with a mouse, and the computer searches through hours of tape in seconds to find every instance where those chips moved. Casino floor managers, or detectives like Andersen, can also tap into the system at any time from their laptops. The trouble, said Sensormatic spokesman Alex Durazo, is that "it's not real time, just 15 to 20 frames per second. That means you could miss split-second movements." Real-time digital recording is still prohibitively expensive, considering that most casinos have upwards of several hundred cameras recording nonstop. Digital recordings are also inadmissible in court because of concerns over the ease with which they can be altered. The industry's prevailing mindset, however, also slows the acceptance of new technologies. Ask Oliver Schubert, president of Casino Software & Services, which developed a voice-controlled program that analyzes blackjack players to determine whether they are counting cards. "When we started seven years ago, we had to supply the computers along with the software system because most casinos didn't have them," said Schubert. "There are a lot of old-timers in this business who just want to do things the way they always have." Among the antiquated weapons in the Strip's defensive arsenal is a fax network linking a dozen or so casinos. Today, when surveillance at one casino spots a cheater, it faxes a picture of the miscreant to everyone else in the network. "Half the time, it just comes out a black square," said Keith Michaels, the Tropicana's director of surveillance. That network is exactly what Andersen's company, CVI, is out to replace. Starting sometime in mid-May, CVI's network will connect at least 15 casinos around the country, enabling them to digitally transmit scanned images of cheaters to each other. Andersen can also provide remote assistance with his laptop surveillance system. But his job, too, will become partly automated. Using technology marketed by CVI partner Biometrica Systems, the system will also allow surveillance agents to capture a live image of a suspicious player's face, then run it against a digitized photo database of known cheaters for instant identification. The system has already been installed in three major casinos. "As gambling spreads, there are more cheats to watch in more casinos," said Andersen. And more ways than ever to watch them. @HWA 17.0 Crackers gearing up to attack U.S nuke labs? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://cnn.com/US/9905/03/us.china.spy/ Report warned of cyber attacks on nuclear labs May 3, 1999 Web posted at: 1:01 a.m. EDT (0501 GMT) WASHINGTON (CNN) -- A classified report from U.S. intelligence agencies warned the Clinton administration in November that computer systems at national nuclear weapons labs were vulnerable to cyber attacks, a senior administration official told CNN on Sunday. Yet a Taiwan-born researcher, suspected of downloading sensitive files while working at the Los Alamos National Laboratory in New Mexico, was able to keep high-level security clearance until his firing in March. Wen Ho Lee reportedly took information from a secure computer database at the laboratory and transferred it to a less secure system, which would have been accessible from outside the lab. The agencies conducted the threat assessment as a result of a directive issued in February 1998 by President Clinton, after allegations that China obtained U.S. nuclear secrets by penetrating the Los Alamos National Laboratory. A senior U.S. lawmaker predicted Sunday that there would be more "revelations" concerning suspected nuclear espionage by China. "The damage was bad, a lot worse than people ever imagined," said Sen. Richard Shelby (R-Alabama). "I'm afraid they have a lot more than we ever dreamed," said Shelby, chairman of the Senate Intelligence Committee, on "Fox News Sunday." The November report documents more than 200 attempts to infiltrate non-secure computer systems at the nuclear laboratories. But nuclear laboratories are not the only vulnerable government facilities. A number of federal agencies, including the Department of Defense, are routinely attacked by hackers. The threat assessment warned that China, Russia and India could seek U.S. nuclear secrets. A number of government investigations warned various administrations dating back to President Bush about lax security at the labs. One recent General Accounting Office report raised concerns about a U.S. overseas visitor program that allowed hundreds of visits without background checks. Last October, Energy Secretary Bill Richardson initiated a number of measures to improve security at the nuclear labs. In mid-March of this year, he launched a program to improve cyber security. Later in the month, Richardson learned of the cyber spying allegations against Lee. According to Richardson, the information in question related to simulated testing for nuclear weapons and nuclear weapons design. The FBI, which had been investigating Lee since 1996, had attempted without success to have the Justice Department approve a court-authorized wire tap or search warrant. Justice officials had questioned whether there was enough evidence to pursue a wire tap or search warrant. Richardson said he shut down computer work at the labs for two weeks beginning April 2 of this year. Lee agreed to allow the FBI and Energy Department to check his computer files. He has denied any wrongdoing and has not been charged with any crime. He was fired in March from his Los Alamos post for allegedly failing to inform Energy officials about contacts with China, and allegedly failing to safeguard classified materials. Shelby said his committee would soon focus on how the Justice Department and the FBI dealt with Lee, who reportedly came to the attention of investigators in 1994. "There is a lot of blame to go around, and I think it's serious," Shelby said. Lawmakers including Shelby have questioned why so many warnings seemed to go unheeded, and why it took so long to zero in on Lee's alleged activities. "It looks to me like this is a botched investigation by the FBI, and I think there is some culpability with the Justice Department," Shelby said. "I think the Justice Department treated this as an ordinary case when it should have been an extraordinary case." Justice officials were not available for response. Justice Correspondent Pierre Thomas and Reuters contributed to this report. @HWA 18.0 Calling all |