[ 28 63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= ========================================================================== = <=-[ HWA.hax0r.news ]-=> = ========================================================================== [=HWA'99=] Number 10 Volume 1 1999 March 20th 99 ========================================================================== Synopsis -------- The purpose of this newsletter is to 'digest' current events of interest that affect the online underground and netizens in general. This includes coverage of general security issues, hacks, exploits, underground news and anything else I think is worthy of a look see. This list is NOT meant as a replacement for, nor to compete with, the likes of publications such as CuD or PHRACK or with news sites such as AntiOnline, the Hacker News Network (HNN) or mailing lists such as BUGTRAQ or ISN nor could any other 'digest' of this type do so. It *is* intended however, to compliment such material and provide a reference to those who follow the culture by keeping tabs on as many sources as possible and providing links to further info, its a labour of love and will be continued for as long as I feel like it, i'm not motivated by dollars or the illusion of fame, did you ever notice how the most famous/infamous hackers are the ones that get caught? there's a lot to be said for remaining just outside the circle... @HWA =-----------------------------------------------------------------------= Welcome to HWA.hax0r.news ... #10 =-----------------------------------------------------------------------= ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** *** *** *** please join to discuss or impart news on techno/phac scene *** *** stuff or just to hang out ... someone is usually around 24/7*** ******************************************************************* =-------------------------------------------------------------------------= Issue #10 =--------------------------------------------------------------------------= [ INDEX ] =--------------------------------------------------------------------------= Key Content =--------------------------------------------------------------------------= 00.0 .. COPYRIGHTS ...................................................... 00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC ....................... 00.2 .. SOURCES ......................................................... 00.3 .. THIS IS WHO WE ARE .............................................. 00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?.......................... 00.5 .. THE HWA_FAQ V1.0 ................................................ 01.0 .. GREETS .......................................................... 01.1 .. Last minute stuff, rumours, newsbytes ........................... 01.2 .. Mailbag ......................................................... 02.0 .. From the editor.................................................. =--------------------------------------------------------------------------= 03.0 .. The Mitnick trial update......................................... 03.1 .. Mitnick to plead guilty.......................................... 03.2 .. Federal Prosecutors Leak Info on Mitnick......................... 03.3 .. News from www.kevinmitnick.com................................... 04.0 .. Is Microsoft vulnerable to their own holes? ..................... 05.0 .. Tiny linux packs wallop in Pre-0.49 release...................... 06.0 .. Still think your NT is secure? case insensitivity issues......... prove otherwise, again........................................... 07.0 .. Fast friends, faster foes, from uebereleet to delete ,........... life in the underground.......................................... 08.0 .. Voicemail fraud in Australia..................................... 09.0 .. Government Y2K Readiness......................................... 10.0 .. Voice mail fraud warning......................................... 11.0 .. The iButton , is YOUR costume complete with decoder ring?........ 12.0 .. Courier and Press Newspaper hacked............................... 13.0 .. Youths busted in Backorifice fiasco.............................. 14.0 .. Reno Looks To Curb Internet Crime................................ 15.0 .. offtopic: Matter transportation in your future?.................. 16.0 .. Hacking class?................................................... 17.0 .. A blast from the past ........................................... 18.0 .. Spam is ICQ's latest headache ................................ 19.0 .. AOL cracked (so what else is new?) cracker busted................ 20.0 .. Stolen calling card numbers are big business..................... 20.1 .. More 'hackers' steal phone service............................... 21.0 .. Promail freeware mail agent is really a trojan in disguise....... 22.0 .. Hackers taking toll on web sites ................................ =--------------------------------------------------------------------------= AD.S .. Post your site ads or etc here, if you can offer something in return thats tres cool, if not we'll consider ur ad anyways so send it in. .......................................................................... HA.HA .. Humour and puzzles ............................................ HA.HA1 .. Humourous newsbytes from Innerpulse.com (www.innerpulse.com). HA.HA2 .. Pasty Drone's take on Bill Gates' new book (www.Newstrolls.com). .......................................................................... HOW.TO .. New section: "How to hack" by our illustrious editor ........... ......................................................................... H.W .. Hacked Websites ............................................... A.0 .. APPENDICES...................................................... A.1 .. PHACVW linx and references...................................... =--------------------------------------------------------------------------= @HWA'99 00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT (LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ). Important semi-legalese and license to redistribute: YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE APPRECIATED the current link is http://welcome.to/HWA.hax0r.news IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL ME PRIVATELY current email cruciphux@dok.org THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS: I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE AND REDISTRIBUTE/MIRROR. - EoD Although this file and all future issues are now copyright, some of the content holds its own copyright and these are printed and respected. News is news so i'll print any and all news but will quote sources when the source is known, if its good enough for CNN its good enough for me. And i'm doing it for free on my own time so pfffft. :) No monies are made or sought through the distribution of this material. If you have a problem or concern email me and we'll discuss it. cruciphux@dok.org Cruciphux [C*:.] 00.1 CONTACT INFORMATION AND MAIL DROP ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Has it occurred to anybody that "AOL for Dummies" is an extremely redundant name for a book? - unknown Wahoo, we now have a mail-drop, if you are outside of the U.S.A or Canada / North America (hell even if you are inside ..) and wish to send printed matter like newspaper clippings a subscription to your cool foreign hacking zine or photos, small non-explosive packages or sensitive information etc etc well, now you can. (w00t) please no more inflatable sheep or plastic dog droppings, or fake vomit thanks. Send all goodies to: HWA NEWS P.O BOX 44118 370 MAIN ST. NORTH BRAMPTON, ONTARIO CANADA L6V 4H5 WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are ~~~~~~~ reading this from some interesting places, make my day and get a mention in the zine, send in a postcard, I realize that some places it is cost prohibitive but if you have the time and money be a cool dude / gal and send a poor guy a postcard preferably one that has some scenery from your place of residence for my collection, I collect stamps too so you kill two birds with one stone by being cool and mailing in a postcard, return address not necessary, just a "hey guys being cool in Bahrain, take it easy" will do ... ;-) thanx. Ideas for interesting 'stuff' to send in apart from news: - Photo copies of old system manual front pages (optionally signed by you) ;-) - Photos of yourself, your mom, sister, dog and or cat in a NON compromising position plz I don't want pr0n. - Picture postcards - CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250 tapes with hack/security related archives, logs, irc logs etc on em. - audio or video cassettes of yourself/others etc of interesting phone fun or social engineering examples or transcripts thereof. If you still can't think of anything you're probably not that interesting a person after all so don't worry about it Our current email: Submissions/zine gossip.....: hwa@press.usmc.net Private email to editor.....: cruciphux@dok.org Distribution/Website........: sas72@usa.net @HWA 00.2 Sources *** ~~~~~~~~~~~ Sources can be some, all, or none of the following (by no means complete nor listed in any degree of importance) Unless otherwise noted, like msgs from lists or news from other sites, articles and information is compiled and or sourced by Cruciphux no copyright claimed. HiR:Hackers Information Report... http://axon.jccc.net/hir/ News & I/O zine ................. http://www.antionline.com/ *News/Hacker site................. http://www.bikkel.com/~demoniz/ *DOWN!* News (New site unconfirmed).......http://cnewz98.hypermart.net/ Back Orifice/cDc..................http://www.cultdeadcow.com/ News site (HNN) .....,............http://www.hackernews.com/ Help Net Security.................http://net-security.org/ News,Advisories,++ ...............http://www.l0pht.com/ NewsTrolls (HNN)..................http://www.newstrolls.com/ News + Exploit archive ...........http://www.rootshell.com/beta/news.html CuD ..............................http://www.soci.niu.edu/~cudigest News site+........................http://www.zdnet.com/ +Various mailing lists and some newsgroups, such as ... +other sites available on the HNN affiliates page, please see http://www.hackernews.com/affiliates.html as they seem to be popping up rather frequently ... * Yes demoniz is now officially retired, if you go to that site though the Bikkel web board (as of this writing) is STILL ACTIVE, www.hwa-iwa.org will also be hosting a webboard as soon as that site comes online perhaps you can visit it and check us out if I can get some decent wwwboard code running I don't really want to write my own, another alternative being considered is a telnet bbs that will be semi-open to all, you will be kept posted. - cruciphux http://www.the-project.org/ .. IRC list/admin archives http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk alt.hackers.malicious alt.hackers alt.2600 BUGTRAQ ISN security mailing list ntbugtraq <+others> NEWS Agencies, News search engines etc: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.cnn.com/SEARCH/ http://www.foxnews.com/search/cgi-bin/search.cgi?query=cracker&days=0&wires=0&startwire=0 http://www.news.com/Searching/Results/1,18,1,00.html?querystr=cracker http://www.ottawacitizen.com/business/ http://search.yahoo.com.sg/search/news_sg?p=cracker http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=cracker http://www.zdnet.com/zdtv/cybercrime/ http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column) NOTE: See appendices for details on other links. http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm http://freespeech.org/eua/ Electronic Underground Affiliation http://www.l0pht.com/cyberul.html http://www.hackernews.com/archive.html?122998.html http://ech0.cjb.net ech0 Security http://net-security.org Net Security ... Submissions/Hints/Tips/Etc ~~~~~~~~~~~~~~~~~~~~~~~~~~ All submissions that are `published' are printed with the credits you provide, if no response is received by a week or two it is assumed that you don't care wether the article/email is to be used in an issue or not and may be used at my discretion. Looking for: Good news sites that are not already listed here OR on the HNN affiliates page at http://www.hackernews.com/affiliates.html Magazines (complete or just the articles) of breaking sekurity or hacker activity in your region, this includes telephone phraud and any other technological use, abuse hole or cool thingy. ;-) cut em out and send it to the drop box. - Ed Mailing List Subscription Info (Far from complete) Feb 1999 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~ ISS Security mailing list faq : http://www.iss.net/iss/maillist.html THE MOST READ: BUGTRAQ - Subscription info ~~~~~~~~~~~~~~~~~~~~~~~~~~~ What is Bugtraq? Bugtraq is a full-disclosure UNIX security mailing list, (see the info file) started by Scott Chasin . To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body subscribe bugtraq. I've been archiving this list on the web since late 1993. It is searchable with glimpse and archived on-the-fly with hypermail. Searchable Hypermail Index; http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html About the Bugtraq mailing list ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following comes from Bugtraq's info file: This list is for *detailed* discussion of UNIX security holes: what they are, how to exploit, and what to do to fix them. This list is not intended to be about cracking systems or exploiting their vulnerabilities. It is about defining, recognizing, and preventing use of security holes and risks. Please refrain from posting one-line messages or messages that do not contain any substance that can relate to this list`s charter. I will allow certain informational posts regarding updates to security tools, documents, etc. But I will not tolerate any unnecessary or nonessential "noise" on this list. Please follow the below guidelines on what kind of information should be posted to the Bugtraq list: + Information on Unix related security holes/backdoors (past and present) + Exploit programs, scripts or detailed processes about the above + Patches, workarounds, fixes + Announcements, advisories or warnings + Ideas, future plans or current works dealing with Unix security + Information material regarding vendor contacts and procedures + Individual experiences in dealing with above vendors or security organizations + Incident advisories or informational reporting Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq reflector address if the response does not meet the above criteria. Remember: YOYOW. You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of those words without your permission in any medium outside the distribution of this list may be challenged by you, the author. For questions or comments, please mail me: chasin@crimelab.com (Scott Chasin) Crypto-Gram ~~~~~~~~~~~ CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, insights, and commentaries on cryptography and computer security. To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a blank message to crypto-gram-subscribe@chaparraltree.com.  To unsubscribe, visit http://www.counterpane.com/unsubform.html.  Back issues are available on http://www.counterpane.com. CRYPTO-GRAM is written by Bruce Schneier.  Schneier is president of Counterpane Systems, the author of "Applied Cryptography," and an inventor of the Blowfish, Twofish, and Yarrow algorithms.  He served on the board of the International Association for Cryptologic Research, EPIC, and VTW.  He is a frequent writer and lecturer on cryptography. CUD Computer Underground Digest ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This info directly from their latest ish: Computer underground Digest    Sun  14 Feb, 1999   Volume 11 : Issue 09                             ISSN  1004-042X        Editor: Jim Thomas (cudigest@sun.soci.niu.edu)        News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)        Archivist: Brendan Kehoe        Poof Reader:   Etaion Shrdlu, Jr.        Shadow-Archivists: Dan Carosone / Paul Southworth                           Ralph Sims / Jyrki Kuoppala                           Ian Dickinson        Cu Digest Homepage: http://www.soci.niu.edu/~cudigest [ISN] Security list ~~~~~~~~~~~~~~~~~~~ This is a low volume list with lots of informative articles, if I had my way i'd reproduce them ALL here, well almost all .... ;-) - Ed Subscribe: mail majordomo@repsec.com with "subscribe isn". @HWA 00.3 THIS IS WHO WE ARE ~~~~~~~~~~~~~~~~~~ Some HWA members and Legacy staff ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cruciphux@dok.org.........: currently active/editorial darkshadez@ThePentagon.com: currently active/man in black fprophet@dok.org..........: currently active/IRC+ man in black sas72@usa.net ............. currently active/IRC+ distribution vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black dicentra...(email withheld): IRC+ grrl in black Foreign Correspondants/affiliate members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ATTENTION: All foreign correspondants please check in or be removed by next issue I need your current emails since contact info was recently lost in a HD mishap and i'm not carrying any deadweight. Plus we need more people sending in info, my apologies for not getting back to you if you sent in January I lost it, please resend. N0Portz ..........................: Australia Qubik ............................: United Kingdom system error .....................: Indonesia Wile (wile coyote) ...............: Japan/the East Ruffneck ........................: Netherlands/Holland And unofficially yet contributing too much to ignore ;) Spikeman .........................: World media Please send in your sites for inclusion here if you haven't already also if you want your emails listed send me a note ... - Ed http://www.genocide2600.com/~spikeman/ .. Spikeman's DoS and protection site Contributors to this issue: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Spikeman .........................: daily news updates+ ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** ******************************************************************* :-p 1. We do NOT work for the government in any shape or form.Unless you count paying taxes ... in which case we work for the gov't in a BIG WAY. :-/ 2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news events its a good idea to check out issue #1 at least and possibly also the Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ... @HWA 00.4 Whats in a name? why HWA.hax0r.news?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Can I see you naked?" - Bob Barker Well what does HWA stand for? never mind if you ever find out I may have to get those hax0rs from 'Hackers' or the Pretorians after you. In case you couldn't figure it out hax0r is "new skewl" and although it is laughed at, shunned, or even pidgeon holed with those 'dumb leet (l33t?) dewds' this is the state of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you up and comers, i'd highly recommend you get that book. Its almost like buying a clue. Anyway..on with the show .. - Editorial staff @HWA 00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Also released in issue #3. (revised) check that issue for the faq it won't be reprinted unless changed in a big way with the exception of the following excerpt from the FAQ, included to assist first time readers: Some of the stuff related to personal useage and use in this zine are listed below: Some are very useful, others attempt to deny the any possible attempts at eschewing obfuscation by obsucuring their actual definitions. @HWA - see EoA ;-) != - Mathematical notation "is not equal to" or "does not equal" ASC(247) "wavey equals" sign means "almost equal" to. If written an =/= (equals sign with a slash thru it) also means !=, =< is Equal to or less than and => is equal to or greater than (etc, this aint fucking grade school, cripes, don't believe I just typed all that..) AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21) AOL - A great deal of people that got ripped off for net access by a huge clueless isp with sekurity that you can drive buses through, we're not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the least they could try leasing one?? *CC - 1 - Credit Card (as in phraud) 2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's CCC - Chaos Computer Club (Germany) *CON - Conference, a place hackers crackers and hax0rs among others go to swap ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk watch videos and seminars, get drunk, listen to speakers, and last but not least, get drunk. *CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker speak he's the guy that breaks into systems and is often (but by no means always) a "script kiddie" see pheer 2 . An edible biscuit usually crappy tasting without a nice dip, I like jalapeno pepper dip or chives sour cream and onion, yum - Ed Ebonics - speaking like a rastafarian or hip dude of colour also wigger Vanilla Ice is a wigger, The Beastie Boys and rappers speak using ebonics, speaking in a dark tongue ... being ereet, see pheer EoC - End of Commentary EoA - End of Article or more commonly @HWA EoF - End of file EoD - End of diatribe (AOL'ers: look it up) FUD - Coined by Unknown and made famous by HNN - "Fear uncertainty and doubt", usually in general media articles not high brow articles such as ours or other HNN affiliates ;) du0d - a small furry animal that scurries over keyboards causing people to type wierd crap on irc, hence when someone says something stupid or off topic 'du0d wtf are you talkin about' may be used. *HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R *HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to define, I think it is best defined as pop culture's view on The Hacker ala movies such as well erhm "Hackers" and The Net etc... usually used by "real" hackers or crackers in a derogatory or slang humorous way, like 'hax0r me some coffee?' or can you hax0r some bread on the way to the table please?' 2 - A tool for cutting sheet metal. HHN - Maybe a bit confusing with HNN but we did spring to life around the same time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper noun means the hackernews site proper. k? k. ;& HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d MFI/MOI- Missing on/from IRC NFC - Depends on context: No Further Comment or No Fucking Comment NFR - Network Flight Recorder (Do a websearch) see 0wn3d NFW - No fuckin'way *0WN3D - You are cracked and owned by an elite entity see pheer *OFCS - Oh for christ's sakes PHACV - And variations of same Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare Alternates: H - hacking, hacktivist C - Cracking C - Cracking V - Virus W - Warfare CT - Cyber Terrorism *PHEER - This is what you do when an ereet or elite person is in your presence see 0wn3d *RTFM - Read the fucking manual - not always applicable since some manuals are pure shit but if the answer you seek is indeed in the manual then you should have RTFM you dumb ass. TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0 TBA - To Be Arranged/To Be Announced also 2ba TFS - Tough fucking shit. *w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions from the underground masses. also "w00ten" 2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers) *wtf - what the fuck *ZEN - The state you reach when you *think* you know everything (but really don't) usually shortly after reaching the ZEN like state something will break that you just 'fixed' or tweaked. @HWA -=- :. .: -=- 01.0 Greets!?!?! yeah greets! w0w huh. - Ed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks to all in the community for their support and interest but i'd like to see more reader input, help me out here, whats good, what sucks etc, not that I guarantee i'll take any notice mind you, but send in your thoughts anyway. Shouts to: * Kevin Mitnick * demoniz * The l0pht crew * tattooman * Dicentra * Pyra * Vexxation * FProphet * TwistedP * NeMstah * the readers * mj * Kokey * ypwitch * kimmie * tsal * spikeman * YOU. * #leetchans ppl, you know who you are... * all the people who sent in cool emails and support * our new 'staff' members. kewl sites: + http://www.freshmeat.net/ + http://www.slashdot.org/ + http://www.l0pht.com/ + http://www.2600.com/ + http://hacknews.bikkel.com/ (http://www.bikkel.com/~demoniz/) + http://www.legions.org/ + http://www.genocide2600.com/ + http://www.genocide2600.com/~spikeman/ + http://www.genocide2600.com/~tattooman/ + http://www.hackernews.com/ (Went online same time we started issue 1!) @HWA 01.1 Last minute stuff, rumours and newsbytes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "What is popular isn't always right, and what is right isn't always popular..." - FProphet '99 +++ When was the last time you backed up your important data? ++ Attrition has updated its archive of cracked sites with one of the biggest archives on the net http://www.attrition.org check it out ... ++ Apple's OS X eyes Linux Apple Computer is counting on its new Mac OS X Server software to snare both Linux developers and customers. Apple will go part way toward embracing the "open source" programming philosophy today when Steve Jobs introduces the next version of Mac OS X . http://www.news.com/News/Item/0%2C4%2C33781%2C00.html?dd.ne.txt.0316.02 ++ ICQ filter ensnared in free speech debate ICQ users who choose to screen out "objectionable" messages may think they are simply blocking the seven dirty words or other sexually explicit material. But without closely examining the filtering option, users of AOL's popular chat service may be unwittingly omitting words many do not consider "objectionable." http://www.news.com/News/Item/0%2C4%2C33783%2C00.html?dd.ne.txt.0316.03 ++ AOL, others may not back U.S. privacy plans http://www.news.com/News/Item/0%2C4%2C33803%2C00.html?dd.ne.txt.0316.08 ++ New digital cameras in Kodak's picture http://www.news.com/News/Item/0%2C4%2C33813%2C00.html?dd.ne.txt.0316.16 ++ STAR WARS' DIGITAL EXPERIMENT (CULT. 8:45 am) http://www.wired.com/news/news/email/explode-infobeat/culture/story/18495.html With 'Episode 1: The Phantom Menace,' George Lucas will nudge Hollywood toward a new age of filmmaking. Some theater chains are enthused, but others fear runaway costs and pirating. Michael Stroud reports from Los Angeles. ++ US SEEKS MICROSOFT REVAMP (EXEC 8:45 am) http://www.wired.com/news/news/email/explode-infobeat/story/18494.html The 19 states who joined the federal government's landmark antitrust case against Microsoft are unlikely to settle for any remedy that doesn't include a revamping of the software company, the The New York Times reported. At least some attorneys general will seek to force Microsoft to license the source code for its Windows operating system to other companies. The attorneys acknowledge that the judge in the case could still rule in the favor of Microsoft, but they say they were emboldened by the performance of lead attorney David Boies, and are considering asking for stronger remedies. (Registration required to access New York Times on the Web.) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ MICROWORKZ HITS A NEW LOW (BUS. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18491.html The computer maker will sell machines for US$299, with a year's free Net access through Earthlink included. That brings the PC in line with basic consumer electronics. ++ CYBERIAN MAKES AUCTION BID (BUS. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18492.html The computer e-tailer starts a companion site to its online store, hoping to grab a piece of the auction action from the likes of OnSale. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ FORBES TRUMPETS GOP RUN ONLINE (POL. 7:30 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18493.html The magazine publisher puts up a press release on his Web site and calls it a first. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ PC FREE GOES FREE SOURCE (BUS. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18481.html When you buy Net access from PC Free, it'll throw in a fully rigged computer. Fully rigged with Linux, that is. Hello mass market, says the CEO. By Craig Bicknell. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ MILITARY VEXED BY VACCINE SCARE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18485.html The Pentagon takes issue with Internet discussions warning that the military's mandatory anthrax inoculation is dangerous. Declan McCullagh reports from Washington. ++ TRUST'S TEST: GOING AFTER MS (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18476.html Internet self-regulation gets its first big test this week, as a privacy watchdog group considers whether to investigate Microsoft's privacy practices. By Chris Oakes. ++ MOTHER NATURE'S TEARS (WRLD 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/story/18490.html Tears, saliva, and the urine of pregnant women -- they all contain a powerful protein that laboratory scientists have successfully used to kill the AIDS virus. A New York University biochemist said the protein, called lysozyme, may one day yield more effective AIDS drugs since lysozyme is a natural human compound. The new study appears in the Proceedings of the National Academy of Sciences. The search for the anti-HIV protein began when scientists realized the babies of HIV-infected women were somewhat protected from the virus and speculated that pregnant women made more virus-killing proteins to protect their developing babies. ++ APPLE'S OPEN-SOURCE MOVEMENT (TECH. Monday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18488.html Steve Jobs and Eric Raymond join hands to present part of the new MacOSX server to the open-source community. Linux fans may not welcome the move with open arms. By Leander Kahney and Polly Sprenger. ++ NULLSOFT SUED FOR US$20M (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18475.html Nullsoft, maker of the de facto standard MP3 player, faces a US$20 million dollar copyright infringement lawsuit. By Jennifer Sullivan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ IT'S ALL ABOUT CONVERGENCE (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18474.html Nortel Networks teams with Microsoft, Intel, and Hewlett-Packard to make devices that send voice, video, and data over a single network. By Joanna Glasner. ++ MIT DREAMS OF JINI ALTERNATIVE (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18472.html A new research facility at the Cambridge, Massachusetts university is working to figure out how to get tomorrow's smart devices to talk to each other. ++ CHEMICAL PLANTS FACE Y2K THREAT (POL. Monday) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18469.html A new report warns that chemical plants face "significant" risk of Y2K related failures. Worse, local governments seem to be oblivious to the problem. ++ WIRELESS SUCCESS (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18479.html With 30 percent of Americans already possessing cellular phones, wireless companies predict that technological advances, lower rates, and industry consolidation will boost the mobile's popularity even more in the next few years, the Los Angeles Times reported. So far, incentives like single-rate national pricing, and plans that offer a wealth of minutes, have produced successful results, but in order to fulfill the vision of the inter-operability of wireless and cordless lines, companies are considering all kinds of technological innovations and pricing plans. While most consumers may need to wait a while for cellular global coverage and email, the industry will continue to grow by tapping the American youth market and consolidating overseas. ++ BABY BELLS MISSING LOTS OF GEAR (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18463.html The local US phone companies have been unable to locate nearly US$5 billion in telecommunications equipment, and should write off the missing amount, according to an FCC audit released on Friday, The Wall Street Journal reported. In response to the audit, which could spur regulators to push for lower phone rates, Bell Atlantic and SBC Communications, highest on the list, argued that the audit results were flawed, and all of the Bells argued that the results shouldn't affect rates. Although the FCC report recommends that the companies write off the missing equipment, it isn't taking any action. Instead, it's soliciting public comment on how to respond to the audit results in April. ++ NETSCAPE DEAL ABOUT TO CLOSE (EXEC Monday) http://www.wired.com/news/news/email/explode-infobeat/story/18465.html America Online's acquisition of Netscape Communications, approved by the US Department of Justice and valued at nearly US$9 billion, could create tough competition for Microsoft, The Seattle Times reported. Microsoft said the combination could help it in its antitrust case, because the combination of AOL with Netscape, the software company that sought the government's help, would show how fast competition changes in the computer industry. But backers of the lawsuit said the acquisition does not diminish Microsoft's monopoly. ++ PAUL ALLEN BUYS GO2NET (BUS. Monday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18466.html The other Microsoft founder pays US$600 million for a majority stake in portal upstart Go2Net. The plan: Splice it with cable TV and turn it into a broadband titan. ++ HUMAN GENE RESEARCH ACCELERATING (TECH. Monday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18467.html The research into classifying human genetic structure -- The Human Genome Project -- is going so well that the cooperative Anglo-American effort should be finished a year ahead of schedule. ++ The browser wars heat up with IE5 http://www.news.com/SpecialFeatures/0%2C5%2C33944%2C00.html?dd.ne.txt.0318.02 ++ Spam gives ICQ a new headache (full story in section 18) http://www.news.com/News/Item/0%2C4%2C33970%2C00.html?dd.ne.txt.0318.03 ++ March 17th New Celerons coming Monday http://www.news.com/News/Item/0%2C4%2C33935%2C00.html?dd.ne.txt.0318.04 ++ Intel and FTC settle The US Federal Trade Commission (FTC) has approved the settlement of its antitrust case against Intel, but has imposed only mild restrictions and is continuing an ongoing investigation into the chip giant. Under the settlement, while Intel is not able to withhold most technical information from companies with which it is involved in patent disputes, it may withhold that information if it concerns the specific processor that is the subject of the dispute and the customer is seeking to have that product banned. Information must be provided to manufacturers no later than six months before a processor is due for release. Intel must also report regularly to the FTC concerning its compliance with the order. However, the FTC may not have had its last word; it will be continuing its broader investigation into whether Intel's dominance of the processor market constitutes a monopoly, and if its power has been abused. http://newswire.com.au/9903/ftcset.htm ++ MS BALLYHOOS DIGITAL AUDIO (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18512.html Microsoft is not embracing digital audio quietly. With strategic alliances, investments, and new technologies folded into Windows, the blitzkrieg is on. By Christopher Jones. ++ THE BANK OF BEENZ (EXEC 9:30 am) http://www.wired.com/news/news/email/explode-infobeat/story/18514.html Beenz Company Ltd., a British start-up, is launching what it calls the Internet's first universal currency, symbolized by a bright red bean with two strokes at the top, The Wall Street Journal reported. Founder Philip Letts envisions the concept as an alternative to Web advertising, explaining that Beenz will market itself by rewarding customers who visit sites using Beenz with the currency, which can then be deposited at the Bank of Beenz. In preparation for the launch, Beenz has recruited a number of retailers to hand out and accept the currency in lieu of payment. It expects to derive future revenue through its role as a bank, clearing transactions and taking commissions on the Beenz it sells. (The Wall Street Journal Interactive requires a subscription.) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ AOL, NETSCAPE MERGER A CHALLENGE (EXEC 9:30 am) http://www.wired.com/news/news/email/explode-infobeat/story/18529.html Now that the acquisition of Netscape Communications is almost complete, America Online has to move quickly to blend Netscape's technical expertise with AOL's customer-service savvy, the Washington Post reported. Managing the combination will be Barry Schuler, AOL's president of interactive services. The biggest challenge for him and for AOL will be to set up services that can meet the needs of both services and consumers. ++ THE WEB PRIVACY SEAL, TAKE 2 (POL. 8:30 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18517.html The Better Business Bureau begins stamping its own "seal of approval" on Web sites. Like Truste, the bureau hopes it can calm privacy-nervous consumers. By Chris Oakes and James Glave. ++ JAVA FOR THE CELL PHONE (TECH. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18524.html Symbian, the powerful wireless alliance formed to take on Microsoft, says a new generation of handheld devices will use the Sun language as part of its operating platform. ++ GLOBAL CROSSING GETS US FOOTHOLD (BUS. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18525.html The company that's laying fiber around the world acquires New York-based carrier Frontier for US$11.2 billion in stock. ++ BROADBAND SATELLITE GETS A BOOST (BUS. 7:35 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18526.html GM's Hughes says it will pump US$1.4 billion into Spaceway, its satellite-based high-speed communications network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ++ WHEN IRISH EYEBALLS ARE SMILING (BUS. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/business/story/18521.html The ideal St. Patrick's Day revelers will hold a pint of Guinness in one hand and a mouse in the other as they explore a range of new Irish portals. By Niall McKay. ++ LOST IN SPACE AND RED TAPE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18522.html NASA should lead, follow, or get out of the way of private space exploration. That's the consensus at a conference on the future of space. Declan McCullagh reports from Washington. ++ FEDS PAY TO PUSH GENOME PROJECT (TECH. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18520.html The Human Genome race pits a government-funded consortium that aims to keep gene data public against a private research company that wants to own the findings. The future of medical research is at stake. By Kristen Philipkoski. ++ UK'S ROYAL MAIL DOES E-COMMERCE (POL. 3:00 am) http://www.wired.com/news/news/email/explode-infobeat/politics/story/18508.html The centuries-old institution introduces a secure document technology service aimed at the business sector. British consumers will likely be next in line. By Wendy Grossman. ++ APPLE OPENS OS CODE (TECH. Tuesday) http://www.wired.com/news/news/email/explode-infobeat/technology/story/18515.html Apple is jumping on the open-source bandwagon -- at least with one foot. The company will make parts of Mac OS X code available to developers and promises friendly licensing practices. By Leander Kahney. ++ THE CASE OF THE PILFERED FILTER (BUS. Tuesday) http://www.wired.com/news/news/email/explode-infobeat/business/story/18516.html http://www.news.com/News/Item/0%2C4%2C33888%2C00.html?dd.ne.txt.0317.03 America Online's ICQ chat service filter lets users filter dirty words, apparently with a list illegally borrowed from an old version of Cybersitter. By Heidi Kriz. ++ Windows 2000 compatibility still an issue http://www.news.com/News/Item/0%2C4%2C33875%2C00.html?dd.ne.txt.0317.15 ++ Microworkz $299 PC draws interest http://www.news.com/News/Item/0%2C4%2C33838%2C00.html?dd.ne.txt.0317.16 Mucho thanks to Spikeman for directing his efforts to our cause of bringing you the news we want to read about in a timely manner ... - Ed @HWA 01.2 MAILBAG - email and posts from the message board worthy of a read ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Yes we really do get a pile of mail in case you were wondering ;-0 heres a sampling of some of the mail we get here, the more interesting ones are included and of course we had to get in the plugs for the zine coz we love to receive those too *G* - Ed Comments: Authenticated sender is From: "Matthias Olzmann" To: hwa@press.usmc.net Date: Sun, 14 Mar 1999 19:54:47 0100 MIME-Version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Subject: since it early days Reply-to: molzmann@snoopy.lili.Uni-Osnabrueck.DE Priority: normal X-mailer: Pegasus Mail for Windows (v2.54DE) Well...I'm reading HWA since its 'early days' ! And I just wanna say...that you do a really great job! There is a lot of information...there is humor... all a Admin need he would find in your HWA go on !! matthias olzmann mcse germany ---------------------------------------------------------------------------- Matthias Olzmann Forschungsstelle Literatur Systemadministrator der Frühen Neuzeit Tel. (0541) 969-4882 Universität Osnabrück molzmann@fruehneu.lili.uni-osnabrueck.de -=- Date: 13 Mar 1999 22:37:08 -0000 To: hwa@press.usmc.net Subject: BoardRoom: Link Exchange From: pserv Reply-to: r00ted@yahoo.com Time: Sat, 13-Mar-1999 22:37:08 GMT hey ppl, i just wanted to make note of the fact that yr site is not the only site to be rejected by link exchange on the basis of content. when i attempted to sign up for their program i sent them a banner as they requested, but instead of being included in the program, i got a nasty email rejecting my site due to so called "objectionable" material. link exchange apparently feel that pages dealing with security issues are not acceptable, yet another friend of mine who *is* in the program is consistently getting banners on his site for pr0n :) go figure. anyway i say fuck link exchange, even the ppl i know who are in it are not noticing a significant increase in traffic, and how much do you want "random" viewers to come to your site anyway? has anyone else experienced anything like this with this company? l8z, pserv oh gotta get the plug in anyway, come see the site link exchange hates http://proxiserv.iscool.net *warning* there's no pr0n :) =============================================== Check this site out, it is a thing to behold for sure, and full of interesting stuph... - Ed Date: 17 Mar 1999 12:29:19 -0000 To: hwa@press.usmc.net Subject: Big Shoutz From: S C R E A M (HARP) Reply-to: scream@unitedstates.com Time: Wed, 17-Mar-1999 12:29:18 GMT Just a quick note and a big shout to HWA.hax0rs for recognizing H.A.R.Ps work and spreading the word on what we're all about. Keep up the good work people and keep your eyes and ears out for the next Hackers Against Racist Parties hack, coming VERY soon... Laterz S C R E A M (founder of H.A.R.P) =============================================== We support HARP and EHAP in all their endeavours, stay free and keep the word strong and loud! ... - Ed -=- Date: Fri, 12 Mar 1999 10:34:22 -0500 From: sozni@USA.NET To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Re: Outlook stores PLAINTEXT password! Although this may not be an appropriate topic for this list, there is a related issue with Outlook password protected add-ins. Many companies make add-in components for Microsoft Outlook such as custom forms or folders. These add-ins are password protected to protect code. However, when these passwords are checked at runtime, they are left in memory as plaintext. And since Outlook forms aren't compiled, all code is available to anyone with a password. .sozni A service provided by TechAID Computer Services, http://www.techaid.net The e-mail address of the sender MAY NOT BE AUTHENTIC. -=- Date: 15 Mar 1999 07:23:39 -0000 Message-ID: <19990315072339.14498.qmail@saturn.beseen.com> To: hwa@press.usmc.net Subject: [off topic] Amiga 500 Startup Hack + slackware From: ph0 Reply-to: haxor@technologist.com Time: Mon, 15-Mar-1999 07:23:39 GMT I recently procured an Amiga 500 .. I have no mouse/joystick, or On a more relevant note, Slackware 3.2 (and possibly others) have a -v setting in pppsetup's pppstart script and default permissions to allow all users to read /var/log/messages .. hence ppp chat scripts can be read via /var/log/messages and usernames/passwords gained .. could just be me .. cheers! ** In case people are wondering here;s the reply I sent to the above message jic others have similar concerns... - Ed Date: 15 Mar 1999 15:14:07 -0000 To: hwa@press.usmc.net Subject: BoardRoom: re: [off topic] Amiga 500 Startup Hack + sla From: Cruciphux Reply-to: cruciphux@dok.org Time: Mon, 15-Mar-1999 15:14:07 GMT :I recently procured an Amiga 500 .. I have no mouse/joystick, or :disks though (just screen + machine) .. is there any way :whatsoever I can make this thing _do something_? I found a :reference to some 'hold down both mouse buttons on startup' early :boot screen thinggo on an Amiga page, however I aint got no :sqeaker ;( Well you will need a mouse or you ain't going too far, also the Amiga500 is totally disk based OS some of em have kickstart on rom but you need a disk to do anything at all with it it ain't like a C64 or C128 that has basic in rom and the disk is extra... you can find the software on the web just look good and hard if you get stuck I can maybe rustle up some software and post it somewhere for you as I still have my ami system. :On a more relevant note, Slackware 3.2 (and possibly others) have :a -v setting in pppsetup's pppstart script and default :permissions to allow all users to read /var/log/messages .. hence :ppp chat scripts can be read via /var/log/messages and :usernames/passwords gained .. could just be me .. Think this is standard and it is kinda silly yeah, i'll make a note of this in the mailbag section though anyways maybe since it is relevant... Cruci ================================================================ @HWA 02.0 From the editor.#9 ~~~~~~~~~~~~~~~~~~ #include #include #include main() { printf ("Read commented source!\n\n"); /*well we;ve got a webboard i actually forgot to mention it in the last *issue, too busy with other stuff.. anyways it works its not great but *its free and does the job. PPL, when you join the channel on IRC don't *expect the HWA circus to come to your town, we ain't there to entertain *we're there to receive news reports and hangout so if you were one of *few that just didn't get the idea last time keep it mind for the future *ok? ok ... so here we go again.... issue #10 happy birthday to Mom and Dad! * * Moving right along, thanks for the continued support everyone and tty next time... */ printf ("EoF.\n"); } Congrats, thanks, articles, news submissions and kudos to us at the main address: hwa@press.usmc.net complaints and all nastygrams and mailbombs can go to /dev/nul nukes, synfloods and papasmurfs to 127.0.0.1, private mail to cruciphux@dok.org danke. C*:. @HWA 03.0 The Mitnick Trial Update ~~~~~~~~~~~~~~~~~~~~~~~~ From Wired news http://www.wired.com/news/news/politics/story/18432.html Mitnick Trial: Full Speed Ahead by Douglas Thomas 12:00 p.m. 12.Mar.99.PST LOS ANGELES -- The trial against celebrity cracker Kevin Mitnick will begin as scheduled on 20 April. That's the ruling from US District Court Judge Marianne Pfaelzer, who denied a defense request Tuesday for a continuance that could have delayed the case until the summer. In court on Tuesday, Pfaelzer told Don Randolph, Mitnick's attorney, that if he expected the trial to be delayed by so much as a day beyond its 20 April start date, he should "disabuse himself of that notion." In a 25-count Federal indictment, the government alleges that Mitnick copied proprietary software from computers owned by cellular telephone manufacturers. Mitnick has been in custody here,awaiting a trial, since 1995. The defense team wanted the court to make the government comply with the court's previous order to identify the materials that would be presented at the trial. Most recently, the defense requested that the government provide the passwords for the files they have been able to decrypt. Because of the sheer volume of new information, the defense asked that the court "exclude from evidence any files not reasonably identified," according to defense team attorney Greg Vinson. Failing that, the defense requested an extension to review the new evidence. Pfaelzer denied all motions, but did require the government to provide passwords to the files they deciphered. This week's ruling is not the first time Pfaelzer has turned down the defense's request for more time. In late January, she denied a defense motion for a 60-day continuance. Pfaelzer has been reluctant to allow delays in the case, and made it clear that the motion which pushed the start date back to April would be the last before the case went to trial. For some time, the defense has claimed that the prosecution has "failed to comply with its constitutional and statutory discovery obligations." Specifically, Mitnick's lawyer had accused the government of failing to disclose its exhibit list. The defense also wants access to witness interviews and time to review 1,300 pages of witness statements produced by the government. Mitnick also says he is having difficulty reviewing the evidence to be presented against him. A laptop computer containing the electronic evidence was installed for his use at the Los Angeles Metropolitan Detention Center. But Mitnick was not allowed to access the portable for nearly a month while experts inspected and re-inspected the machine. The government denies claims that they have withheld evidence. US Attorneys said in court documents that is "absurd" for Mitnick to suggest that the defense team's failure to conduct interviews or perform investigations are "somehow attributable to the government." Pfaelzer agreed, and denied the defense motions. This week, she granted a prosecution request to dismiss the continuance without a formal hearing. Meanwhile, Mitnick's co-defendant Lewis DePayne, filed a motion for severance on 1 March, asking that his case be heard separately. In that filing, DePayne requested that his case be heard immediately, without a jury. DePayne's attorney, Richard Sherman, argued earlier before Pfaelzer that there is simply no evidence against his client. Pfaelzer has indicated that she is inclined to grant the severance. DePayne's motion is scheduled to be heard on 22 March. @HWA 03.1 Mitnick could be free by the end of the year... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ZDNet http://www.zdnet.com/zdtv/newscobrand/features/story/0,3730,2228174,00.html Mitnick to Plead Guilty The 'Free Kevin' movement may have to wait a bit longer-- hacker Kevin Mitnick is set to plead guilty to criminal hacking charges. By Alex Wellen and Luke Reiter March 17, 1999 8:30 PM Pacific Hacker Kevin Mitnick will plead guilty to computer -related crimes after more than four years in prison awaiting trial, according to CyberCrime sources. The plea is contained in a court document, or "notice," jointly filed by Mitnick's attorney and federal prosecutors, sources said. The notice itself was filed under seal and "in camera"-- meaning the subject matter will be discussed privately between the parties in chambers before US Federal Court Judge Mariana Pfaelzer. The timing for that meeting will depend on Pfaelzer's schedule and could be as early as Friday. Assistant US Attorney David Schindler confirmed a notice was filed, but would not comment on whether it was a plea agreement. Mitnick's attorney, Donald Randolph, did not respond to CyberCrime inquiries on Wednesday. Sources said the plea agreement will place a cap on Mitnick's sentence. Taking into consideration time already served, he could be released by the end of the year. This plea agreement does not involve codefendant Louis DePayne, set to be tried alongside Mitnick next month. The proposed plea agreement does, however, call into question DePayne's status-- suggesting that he may also resolve his case prior to trial. DePayne's attorney, Richard Sherman, declined to comment Wednesday night. Mitnick, 35, has been imprisoned in the Metropolitan Detention Center, Los Angeles for more than four years awaiting trial on computer-related fraud charges. The 25-count federal indictment issued against Mitnick accuses him of using computers to steal millions of dollars in software Following the September 1996 indictment, Mitnick pleaded "not guilty" to all counts. Mitnick pleaded guilty twice before to similar computer crimes, in 1989 and 1996. In 1989, Mitnick was convicted for stealing computer programs and breaking into corporate networks, and served eight months of a one-year sentence. In April 1996, he pleaded guilty to possession of 15 or more unauthorized access devices (cloned cellular telephone numbers), and for violating supervised release, and was sentenced to 22-months in federal prison. Based in part on his prior two convictions, Mitnick has been detained without bond since February 1995. The hacker's imprisonment without a bail hearing, combined with his prison restrictions, has generated a backlash among Mitnick supporters. Some critics have protested Mitnick's treatment by attacking websites and posting political messages-- the most recent earlier this month to a Monica Lewinsky website, and the most notable of which shutdown the New York Times's website for approximately nine hours last September. Mitnick supporters have also criticized the government for delaying the trial. However, the delays can also be attributed in part to the defense. Over the last four years, Mitnick has been represented by three different attorneys -- who, in combination, have filed a half-dozen motions requested additional information. Mitnick's attorneys have argued government attorneys have stalled efforts by unreasonably withholding information requested by the defense. ZDTV's CyberCrime Bureau-- which includes former prosecutor Luke Reiter, litigator Alex Wellen, and reformed hacker Kevin Poulsen-- will continue to bring you coverage. @HWA 03.2 Federal Prosecutors Leak Info on Mitnick ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ March 19th From HNN http://www.hackernews.com/ contributed by Space Rogue Numerous mainstream media outlets are reporting that Kevin Mitnick has pleaded guilty to computer related crimes. It is believed that this plea of guilty is in exchange for reduced charges and a sentence of mostly time served. The real story is not that Kevin pleaded out as only 4% of federal cases actually go to trial, the real story is how the press got notified of the contents of a _sealed_ federal court document. If the Honorable Mariana Pfaelzer declines the plea agreement Kevin will still be headed for trial on April 20. If that happens Kevin's defense hopes to introduce a motion that will dismiss most of the evidence against him on the grounds of illegal search and seizure. It would appear the the information used to provide probable cause to issue a search warrant for Mitnick's apartment was itself illegally obtained. The defense is claiming that Tsutomu Shimomura, while a private citizen, was in fact acting as a government agent and therefore subject to the laws regarding illegal search and seizure. We urge you to visit the Free Kevin site and learn more about what is not being said by the mainstream media. @HWA 03.3 From www.kevinmitnick.com ~~~~~~~~~~~~~~~~~~~~~~~~~ Anonymous Sources, Politics, and the Media March 18, 1999 In yet another political twist in the highly politicized trial preparations in United States v. Mitnick, the claim that a "notice" was filed in camera and under seal with Judge Mariana Pfaelzer somehow found its way to the telephone, fax machine, or email accounts of Alex Wellen, an intellectual property attorney and now a reporter with ZDTV who interned with the US Attorney's Office Criminal Division (and two federal court judges). The lead prosecutor in the case apparently confirmed for Alex Wellen that a notice was indeed filed. This post addresses an article that appeared on ZDTV the evening of March 17; subsequent posts will address an article that appeared on the same topic in the L.A. Times on March 18, 1999. Freekevin.com has learned that the "notice" is a plea agreement wherein Kevin Mitnick has agreed to plead guilty to a reduced set of charges. While we'll discuss those reduced charges below, we'll take this opportunity to look at the curious circumstances under which the contents of a document filed under seal in a federal court were somehow leaked to a reporter who worked with prosecutors and two federal judges. Why is This a Political "Twist"? It's a violation of federal law to reveal matters that are filed under seal with the court. This creates a dilemma for politically ambitious federal prosecutors, most recently witnessed in the repeated leaks of information from the office of independent counsel Ken Starr. Media Analysis 101 Returning to Alex Wellen's story, we read that.... "Hacker Kevin Mitnick will plead guilty to computer-related crimes after more than four years in prison awaiting trial, according to CyberCrime sources." Anonymous sources... and it is not rather odd for someone to plead guilty after spending "more than four years in prison awaiting trial"? Can't be too odd, since Alex Wellen's article failed to mention that curiosity. Notice that there's no mention that Kevin Mitnick was held in defiance of constitutional requirements that a detention hearing be held and the issue of bail considered. Must not have been important. Nor was there any mention that federal law was broken in leaking the sealed document to the press. "The plea is contained in a court document, or "notice," jointly filed by Mitnick's attorney and federal prosecutors, sources said. The notice itself was filed under seal and "in camera"-- meaning the subject matter will be discussed privately between the parties in chambers before U.S. Federal Court Judge Mariana Pfaelzer." Anonymous sources for the second time. Second paragraph without mention that federal law was broken in leaking the sealed document to the press. Must have been as unimportant as being held four years without bail and without a bail hearing. After learning the possible schedule for the trial, we read... "Assistant U.S. attorney David Schindler confirmed a notice was filed..." The first source attributed to an individual was attributed to the lead U.S. Attorney prosecuting the case. And defense attorney Donald Randolph "did not respond" to inquiries, presumably by reporter -- and ex-intern at a U.S. prosecutor's office -- Alex Wellen. The Way Sources and Journalists Cooperate Even ethical journalists know that they must rely on anonymous sources on occasion. To maintain their integrity, they'll frequently insist on a quid pro quo: that they must attribute something to the source, even if it's a statement saying that "I'll neither confirm nor deny...". That way, the story is sourced anonymously, but there's at least one, and usually more, statements attributed to named sources. Leaking Benefits Prosecution in U.S. v. Mitnick Leaking the existence of a plea agreement benefits the prosecution in numerous ways; we identified three of them above (see "Why is This a Political "Twist"?"). In addition, the first leak sets the tone of the coverage that follows, and even first-year debate students know that when you set the boundaries of the debate, you've won without saying a word. The prosecution has everything to gain and nothing to lose by leaking word of the existence of a plea agreement: they set the tone of the discussion, they hope to take the energy out of the principled people who've learned about the case and become supporters of Kevin Mitnick, and they blindside the defense attorneys. If the leaks are somehow attributed to the prosecution, they merely issue vigorous denials, and there the matter will stop. Leaking Poses Enormous Risks to Defense Leaking the existence of a plea agreement poses enormous risk to Kevin Mitnick, because any agreement is submitted for the judge's approval. Because of this uncertainty, and even at this late date, Kevin is completely focused on preparing for trial on April 20, 1999, just 22 working days away. Indeed, Kevin's investigators have subpoenaed Tsutomu Shimomura to do one of two things: either sign a sworn declaration that a number of factual statements in his book Takedown are true, or appear in court on April 5th to participate in a hearing to suppress any evidence in this case based on Shimomura's actions as a de facto federal agent who allegedly broke federal law repeatedly, and on multiple occasions. Note that Shimomura illegally intercepted electronic communications purported to be from Mitnick, and that the court hearing scheduled for April 5th is intended to suppress those interceptions, as well as a warrantless search conducted on Kevin Mitnick's home in Raleigh, North Carolina (the search was undertaken subsequent to Shimomura's illegal interceptions). A leak from the defense runs the enormous risk of further antagonizing the judge, who might then reject the agreement, and Kevin would then face going to trial with an overworked and understaffed attorney. The possible sentence upon conviction of all charges is more than 35 years in federal prison. The defense would have jeopardized their entire hopes of settling before trial if they had illegally leaked this notice -- no, the defense had no role in this leak, in our opinion. Plea Agreement Includes Reduced Charges If the plea agreement is approved, Kevin Mitnick will spend just a few additional months in prison, and 20 counts of the 27 original counts will be dropped. This circumstance -- that the government is willing to dismiss 75% of the charges against Kevin -- is ample evidence in support of our claim that this case was dramatically overcharged, and was overcharged solely as a result of the extraordinary and repeated media assaults on Kevin Mitnick by reporter John Markoff on the front page of the New York Times. We'll have more on this issue in subsequent updates to this site. Summary Fewer than 4% of all federally charged defendants go to trial. The federal system is set up to virtually ensure a conviction, as the enormous resources of the federal government are brought to bear on a single individual: trying to fight federal charges is like trying to stop a steamroller with a picket sign protesting your innocence. As an indigent defendant held without a bail hearing and without bail for more than four years, Kevin Mitnick has had virtually no control over the conduct of his defense. Using the U.S. Sentencing Guidelines, Kevin faced more than 35 years if found guilty of all charges. Held in jail for four years, his contact with the outside was limited to collect phone calls, visits with legal personnel, and with his immediate family -- all other visitors were forbidden. Although the terms of the guilty plea are quite onerous, the possible alternative -- a potential maximum penalty of more than 35 years in federal prison -- was simply not worth the risk of going to trial with a court-appointed attorney whose two recent motions for continuances less than 50 days before trial were rejected by the court. 04.0 Is Microsoft vulnerable to their own holes? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Is Microsoft vulnerable to their own holes? Via HNN www.hackernews.com/ contributed by hfspc002 With all the recent privacy holes in OLE and Office products where does this leave Microsoft? Are they just as vulnerable to these problems as the public? You bet! Try downloading some MS Office documents from the Microsoft web site and see what you find hidden in the documents. MacInTouch has a list of some of the stuff they found. MacInTouchhttp://www.macintouch.com/o98securitysamp.html Article below, I included some of the readers response letters for amusement value also...- Ed Office 98 Security Hole: Samples Microsoft/Compaq Samples Reader Experiences In researching the long-standing Microsoft Office/OLE security holes, we took a look at some of Microsoft's own Word documents, published on its web site long after the release of its security patch, as well as a Word document posted by Compaq on its web site. These documents, like millions of other MS Office documents, contain extraneous data that may unintentionally reveal sensitive confidential or private information, hidden from view within Word. A MacInTouch reader who pointed out one of the files wrote: "You can easily read the name and directory path of the original file, any revisions and who did them with full directory paths (even on the MS server), the directory paths of all attached graphics, and what appears to be a registration numbers and passwords associated with each user that saved the file. With enough documents, you could concievably construct a full directory structure for the entire MS network, and have the machine codes to mimic a computer in the building. Looks like MS has done half of the hacker's work for them... they are a break-in waiting to happen." In each example below, we show hidden information that is invisible within Word but readily available when the document is opened with a text editor or utility program, such as John Lamb's TextBrowser or Bare Bones Software's BBEdit. We did not do an detailed security analysis of each document, but simply copied out some interesting hidden material. In each case, it is unlikely that the document authors intended to reveal the hidden information in these files, which now are available to millions of people on the Internet, although this information appears far more innocuous than the URLs, source code directories, credit card information and private mail that readers report finding hidden in their Word documents. MSIE 4.5 Reviewers Guide The names "Linda Sorenson" and "Brian Hodges" do not appear anywhere in the document, when you are using Microsoft Word, nor do the file names and directories. "Dani Baldwin" is visible if you choose the "Properties" menu item and view Summary, but it does not appear if you ask Word to "Find" the text. Dani Baldwin Microsoft Word 8.0 D:\briansnap\more\Picture 5.GIF D:\briansnap\more\Picture 4.GIF D:\briansnap\Picture 2.GIF D:\briansnap\Picture 3.GIF Microsoft Internet Explorer 4 Dani Baldwin Linda Sorensonn2ndMicrosoft Word 8.0E Waggener Edstrom Microsoft Internet Explorer 4 D:\briansnap\more\tcrop.gif D:\briansnap\Picture 55.gif D:\briansnap\more\Picture 5.GIF D:\briansnap\more\Picture 4.GIF D:\briansnap\Picture 2.GIF D:\briansnap\Picture 3.GIF2 D:\briansnap\more\textclup.gif D:\briansnap\more\explorer.gif D:\briansnap\more\favs.gifz!D:\briansnap\more\Picture 16.GIF D:\briansnap\more\printopt.gif D:\briansnap\more\Picture 21.GIF D:\briansnap\more\Picture 20.GIF D:\briansnap\Picture 56.gif D:\briansnap\more\Picture 23.GIF D:\briansnap\more\Picture 2.GIF D:\briansnap\Picture 6.GIF D:\briansnap\more\explorer.gif D:\briansnap\more\favs.gif D:\briansnap\more\Picture 16.GIF D:\briansnap\more\printopt.gif D:\briansnap\more\Picture 21.GIF D:\briansnap\more\Picture 20.GIF D:\briansnap\Picture 56.gif D:\briansnap\more\Picture 23.GIF D:\briansnap\more\Picture 2.GIF D:\briansnap\Picture 6.GIF Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc Dani Baldwin&\\WE-OR2\PROD\MS\BSD\Desktop\MIERG.doc Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Dani Baldwin=\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of MIERG.asd Linda SorensonC:\windows\TEMP\MIERG.doc Brian Hodges#C:\WINDOWS\Desktop\MIERG 120898.doc Linda Sorenson?\\WE-WA2\DATA\LindaS\Macintosh\Press materials\MIERG 120898.doc MSIE/OE 4.5 Innovation This example shows information leaks similar to those of the previous example: \\Macbu\public\maclogo\Maclarge.gif Prill$C:\WINDOWS\TEMP\MacInnovations22.doc Linda Sorenson\\WE-WA2\DATA\LindaS\MacInnovations22.doc Dani Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\InnovaPR.doc Dani Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of InnovaPR.asd Dani Baldwin C:\temp\AutoRecovery save of InnovaPR.asd Dani Baldwin C:\TEMP\AutoRecovery save of InnovaPR.asd Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\InnovaPR.doc Brian Hodges C:\WINDOWS\Desktop\InnovaPR new.doc Linda Sorenson C:\windows\TEMP\InnovaPR.doc Linda Sorenson9\\WE-WA2\DATA\LindaS\Macintosh\Press materials\Innova.doc Microsoft Internet Explorer 4 Linda Sorenson MSIE 4.5 Fact Sheet Here we can identify some new people involved in the project, although their names, too, are invisible within Microsoft Word. Note also the presence of the "GUID" fingerprint: _PID_GUID_PID_HLINKSAN{2DD3214D-64E7-11D2-9002-0000C0657DF9 \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif \\Macbu\public\maclogo\macsmal2.gif Baldwin\\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.doc Jodi Ropert C:\WINDOWS\TEMP\4.5IEFS.docDani Baldwin\\WE-OR2\DATA\dbaldwin\winword\AutoRecovery save of 4.5IEFS Christina Snavely \\WE-OR2\PROD\MS\BSD\Desktop\4.5IEFS.doc Linda Sorenson:\\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS.doc Brian Hodges C:\WINDOWS\TEMP\AutoRecovery save of 4.asd Brian Hodges"C:\WINDOWS\Desktop\4.5IEFS new.doc Linda Sorenson \\WE-WA2\DATA\LindaS\Macintosh\Press materials\4.5IEFS new.doc Compaq Modem Overview In the Word document posted by Compaq, we again find the name of the author, even though he is not listed in the Properties sheet, plus his file and directory names and the GUID information: Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Bretting%C:\My Documents\modem white paper.doc Greg Brettin %C:\My Documents\modem white paper.doc Greg Bretting:C:\WINDOWS\TEMP\AutoRecovery save of modem white paper.asd Terry Durham%C:\My Documents\modem white paper.doc C:\S&S_dataprep\White Papers\NEW\prt005a0798.doc _PID_GUID_PID_HLINKSAN{EB8A944A-2068-11D0-BD46-00AA00A42EA1}Al C:\cpq_logo\REDCPQSM.BMP More MacInTouch Reader Experiences From: [MacInTouch reader] Subject: word98 security issue, it's bigger than you think. Date: Wed, 10 Mar 1999 I have to remain anonymous about this please, because of the implications this might have. I am a developer and I occasionally use word98 for reports and such. Reading your report yesterday about the security issue, I wanted to see if it was true. I opened one of my old word docs in codewarrior (after changing the file type/creator codes ) and found the there were not only directory listings to source code I was working on at the time, but also names of specific functions within the source. These things were not menitioned anywhere within the document I typed, but they are embedded in my file. I can supply you with the file if you like, but I'd rather not because it has my name in it and I think the reprecussions of this could be rather large. If you have any questions about this, feel free to send them to me. Date: Wed, 10 Mar 1999 12:04:01 -0500 From: Joe Gudac Organization: Gudac Bowling Lanes Subject: Word Info Ric, After reading about all these problems with the info Word stores with it's files I decided to look at some of the files I had for my business. I picked a simple file that only had my business letterhead and address info and business tax id numbers that I had to give to our bank recently. When looking at the file in canopener I was astonished to find that the file had information from other files containing my credit card numbers and personal information about myself and my family. I have tried for the past several years to not be a Microsoft basher and have tried to learn as much about their software applications to keep myself up to date with the standard business technology, but this is absurd. This along with some of the testimony that has been presented in their anti trust trial I am terrified that they are big brother and may be more corrupt than our government. If that isn't a scare. Enjoy your information and keep up the great web site. Regards, Joseph J Gudac Jr Date: Mon, 15 Mar 1999 From: [MacInTouch reader] Subject: WORD SECURITY *** Please keep the following anonymous: I too have stopped defending Microsoft. I work for a *major* Internet company at a fairly high level. This morning I too looked at a report I submitted last week using Notepad. Not ONLY did it have my name and directories on my hard drive, but it had information on OTHER applications that are totally unrelated to MS Word in it! These apps are competitors of MS (not that many aren't these days). BUT I think the most disturbing was this: all my reports have the same filename except for the date (contained in the filename too). The paths to EVERY report in that directory were there too. In a world where the economoy is changing (mostly for the better I like to think) it's SAD to think actions like these undermine the trust people place in companies that work hard. People should be empowered and educated about technology, not intimidated and afraid because of it. I believe Microsoft is validating a LOT of people's fears about privacy and security unnecessarily. --- Concerned. Date: Mon, 15 Mar 1999 10:52:00 -0500 (EST) From: Oj Ganesh To: MacInTouch Subject: Microsoft security I read with interest your stories and updates concerning GUID numbers and other personal informaion being found in documents created by microsoft programs. Thanks for all the updates and keeping with the story. Yesterday I finally got around to removing some original software that my imac came with, when I noticed a control panel called "Configuration Manager". In it was a section called "Cookies", which (when clicked on) displayed *Some* cookies on my system. Two of the cookies immediately caught my attention since I had never visited the sites with my imac. They were: microsot.com and msn.com, they both had the name "MC1" and they were 'enabled'. Double clicking on the cookies brought up the Cookie Properties box which had this shocking line: "Value: GUID=(my GUID presumably)". I couldn't believe it! Both cookies were identical (both were also set to expire on "Expires: Wed, Sep 15, 1999 7:00 PM GMT") in every respect. The "Configuration Manager" control panel is apparetly made by Microsoft (as the about box says)... Thanks, keep up the good (Mac) work, -Oj Date: Mon, 15 Mar 1999 11:10:49 -0600 To: notes@macintouch.com From: [MacInTouch reader] Subject: Microsoft Security Issues Ric, This may have been reported prior, and it may be less intrusive than the Microsoft issues, but we seem to be ignoring the fact that many other applications besides those from Microsoft carry artifacts from files unrelated to the current one. For the most part these are data that we'd rather not be seen by others. At the moment, I'm referring specifically to Adobe PageMaker. PageMaker files opened in Can Opener reveal lots of extraneous data - directory paths, hard drive names, file names that appear to be unrelated to the current file, and perhaps references to other sensitive data. These are data that are not visible and cannot be found or expunged by any normal means. In addition to embedding directory paths, filenames, etc., related to the current file, it seems that whenever you do a "save as" in PageMaker a lot of data from the original file become permanent and reside in that and all future iterations, or saved as versions, of that file. The data can compound to become an interesting record in its own right. Lots of folks transfer lots of data in the form of PageMaker files and I'll wager that few of them are aware of the nature of some of the data they're "making public" when they do. Maybe some of the more experienced (than me) sleuths will care to comment on PageMaker too? Date: Mon, 15 Mar 1999 12:54:31 -0500 Subject: Word Privacy Problems From: "Jeremy LaCivita" To: notes@macintouch.com Unbelievable! After reading your section on Word privacy issues, I opened up a paper I wrote last week in BBEdit. In addition to a bunch of paths on my machine (which is somewhat understandable) i found addresses of all the sites I had visited that night (using Internet Explorer): 3Com/Palm Computing - Macintosh The Apple Store (U.S.) The Apple Store (U.S.) In other documents I found information about my email account like my mail server. Who knows what other information is hidden in the document mixed in with all of the gibberish. This really bothers me! The paths to images used in the file in somewhat understandable and relevant, but this is completely irrelevant, and I really think Microsoft needs to explain themselves. Jeremy Date: Tue, 16 Mar 1999 01:46:52 +0100 Subject: word98 security - history recorded From: altair@bigfoot.de To: notes@macintouch.com Encouraged by the interesting reports about security problems in word98 docs I carefully examined some of my files with a text editor. Guess what. The complete history of some documents I've been using since one year has been recorded in the file (different OS versions, different machines to be identified by their owner's names and different hierachical file structures were all plainly visible). Obviously previous versions of word (at least word 6) own this special "recording feature", too. Isn't it nice? Thank you, Big Bill, this is exactly what users needed most. @HWA 05.0 Its a Trinux world after all - Tiny unix packs wallop in Pre-0.49 release ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Main site; http://www.trinux.org/ Mirrored at; http://www.genocide2600.com/~tattooman/trinux/images/pre-0.49/ From Packetstorm: http://www.genocide2600.com/~tattooman/ Trinux Pre-0.49 floppy images - "Pre-0.49 floppy images are now available. The floppies now support the features added to TrinuxHD about a month ago. Most importantly the modem.tgz package now works-- on my system at least. If you follow the un-Linux-like prompts and type ppp-go you should be able to log via your ISP. Man ppp gives you some background information and nmap -D will allow you to roll your own "sophisticated and coordinated attacks" from foreign countries against domestic sites of your choosing. A better idea: spend your milk money on TCP/IP Illustrated Volume 1 and sniff your modem traffic using tcpdump till you get a clue. Oh yeah, the dialup data disk may become a hot commodity soon because I imagine I'll yank it after the third message I get asking how to sniff passwords with tcpdump." -- mdf [ed. note: i couldn't have said it better myself, so i just quoted mdf instead]. Our favorite mdf quote: "I'll tell ya' this security biz is cutthroat and incestuous, just like a fscking soap opera." Trinux web site, Trinux ftp. MD Franz is the Trinux Project Leader. @HWA 06.0 Case insensitivity issue affects NT security ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Fri, 12 Mar 1999 13:03:57 -0700 From: Mark To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: [ ALERT ] Case Sensitivity and Symbolic Links Prasad Dabak of Cybermedia Software Private Limited has discovered yet another security risk in Windows NT involving the operating system's case sensitivity. According to the report, using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager, it is possible to trojan any system executables. Any ordinary user has write permissions on \?? Object directory. This is to allow user to map network drives or use "subst" utility to alias a directory to a new drive letter. Each system drive has an entry into \?? object directory. Each entry is actually a symbolic link which points to the device associated with that drive (ergo: Symbolic link \??\C: will typically point to a device such as \Device\HardDisk0\Partition1). It is possible to create a trojaned version of this symbolic link using the different character case -- for example, it is possible to create a symbolic link such as \??\c: (notice the small letter "c".) By doing this, all the requests to drive C get routed through the trojaned symbolic link. Please visit the following URL, where you'll find the further details along with links to a demonstration of the problem. http://www.ntsecurity.net/scripts/load.asp?iD=/security/casesensitive.htm Mark ---------------------------------------------------------------------------- Date: Sat, 13 Mar 1999 00:32:19 +0100 From: Alexandre Stervinou To: BUGTRAQ@netspace.org Subject: New Security Vulnerability in WinNT A new security vulnerability in Windows NT4 has been released, I was just surfin' on http://www.cybermedia.co.in/, when I saw this: CSPL has uncovered most serious Case Sensitivity vulnerability in Microsoft's Windows NT operating system. This security hole allows you to get "Administrator" access on a machine while logged in as "guest" or any ordinary user [...] Description: Using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager it is possible to trojan any system executables. -- Alexandre Stervinou mailto:stervino@info.enserb.u-bordeaux.fr ---------------------------------------------------------------------------- http://www.cybermedia.co.in/ Case Sensitivity vulnerability: Description: Using the permissions on the "\??" object directory and by exploiting the case sensitivity of object manager it is possible to trojan any system executables. Problem: Any ordinary user has write permissions on \?? Object directory. This is to allow user to map network drives or use "subst" utility to alias a directory to a new drive letter. Each drive on the system (let it be local/network/substed) has an entry into \?? object directory. Each entry is actually a symbolic link which points to the device associated with that drive. (e.g Symbolic link \??\C: will typically point to a device such as \Device\HardDisk0\Partition1). It is possible to create a trojaned version of this symbolic link using the different case. e.g it is possible to create a symbolic link such as \??\c: (notice the small letter ‘c’). By doing this, all the requests to drive C gets routed through the trojaned symbolic link. (e.g If you get the contents of symbolic link \??\D: and create a symbolic link say \??\c: and put those contents there, then executing dir command on drive C will give you directory listing for drive D). So effectively you can route the traffic on drive C to drive D. This is exactly what the simulation program exploits. Simulation: The description of simulation assumes that you have unzipped the files from the demo in a directory called C:\FOO and your Windows NT System directory is C:\WINNT\SYSTEM32. The simulation works on latest service packs of all Windows NT versions (3.51, 4.0, 5.0) When you execute BESYSADM.EXE. The program follows the following steps. Create an indentical directory structure of Windows system directory under the directory C:\FOO. i.e it will create a directory structure such as C:\FOO\WINNT\SYSTEM32 Copy all the POSIX subsystem binaries and required DLLs (except PSXSS.EXE) from C:\WINNT\SYSTEM32 directory to C:\FOO\WINNT\SYSTEM32 Copy the trojaned version of PSXSS.EXE and a dummy posix application DUMMYAPP.EXE from C:\FOO to C:\FOO\WINNT\SYSTEM32 Get the contents of the symbolic link \??\C: and append \FOO to it. i.e if the contents of symbolic link \??\C: is \Device\HardDisk0\Partition1 then new name formed will be \Device\HardDisk0\Partition1\FOO Create a symbolic link \??\c: (note small c) with the contents as \Device\HardDisk0\Partition1\FOO Hence effectively executing a dir command on drive C will now give directory listing of C:\FOO Next the program starts a posix application DUMMYAPP.EXE as "POSIX /c DUMMYAPP.EXE" This results in SMSS.EXE starting POSIX subsystem which effectively loads trojaned version of PSXSS.EXE. This trojaned version inherits security context of SMSS.EXE and hence our PSXSS.EXE runs in root privilege. This trojaned version adds the logged in user to the local administrator group. T The name of the logged in user is passed through a file called u.ini that is created in C:\FOO\WINNT directory. Comments The program actually uses \DosDevices everywhere instead of \??, since Windows NT 3.51 does not have \?? object directoy and has DosDevices object directory. Starting from Windows NT 4.0, \DosDevices is actually a symbolic link which points to \??. Hence using DosDevices allows the program to run on all Windows NT versions. Instructions for Demo Fresh boot the machine. Login as any ordinary user (guest will also do) Unzip the files in attached .ZIP file in some directory on any local hard drive on your machine Run BESYSADM.EXE Note: If you are using Non-English version of Windows NT OR name of the local administrator group is renamed, then specify the name of the local administrator group as a command line to BESYSADM.EXE. If no arguments are specified the program assumes that you are runnning on English version and the name of the local administrator group is "Administrators". ---------------------------------------------------------------------------- Date: Sat, 13 Mar 1999 01:07:18 -0800 From: Dominique Brezinski To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Re: [ ALERT ] Case Sensitivity and Symbolic Links At 01:03 PM 3/12/99 -0700, Mark wrote: >Any ordinary user has write permissions on \?? Object directory. This is to >allow user to map network drives or use "subst" utility to alias a directory >to a new drive letter. Each system drive has an entry into \?? object >directory. Each entry is actually a symbolic link which points to the device >associated with that drive (ergo: Symbolic link \??\C: will typically point >to a device such as \Device\HardDisk0\Partition1). It is possible to create >a trojaned version of this symbolic link using the different character >case -- for example, it is possible to create a symbolic link such as \??\c: >(notice the small letter "c".) By doing this, all the requests to drive C >get routed through the trojaned symbolic link. Well, the exploit does not work on my machine--it fails with "Internal error..." when run in my test configuration. I am running NT 4.0 Workstation, SP4, ProtectionMode set to 1, file and registry permissions set to those recommended in Steve Sutton's NSA guide, Guest user enabled and allowed to log on locally, %SystemRoot% is on the C partition, and the exploit executables on the D partition (the only place writable by guest on my system). I enabled auditing on the \?? object and no access was attempted. So, it appears that something about my configuration stopped the exploit in its tracks ;) When I run it from an admin account, it returns a message saying that the account is already a member of the administrators group. Oh yeah, I had to enable the Posix subsystem too. As with the KnownDLLs exploit, good system administration should impede these kinds of exploits. Though, they are doing a good job of scratching the surface of huge classes of local privilege escalation attacks for NT. Dominique Brezinski CISSP (206) 898-8254 Secure Computing http://www.securecomputing.com @HWA 07.0 Fast friends, faster foes, from uebereleet to delete:life in the underground ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Some of us have been there, many of us have been into systems and gained the gnards and gno the shit, some decide to forge alliances or form groups others tend to stay out of the loop and usually out of detection and the lime light, here's a brief look into a situation that developed recently between HcV members discussing the spamming of underground webboards and alleged DoS attacks on their servers by one of their own. WARNING, this log is for the most part unedited and contains some fucked up shit about back stabbing, friends and general underground life.... * THIS LOG HAS BEEN EDITED it is available on the web but i'm withholding the url, coz I don't want to step on certain ppl's toes. - Ed ùíù Starting logfile IrcLog IRC log started Tue Mar 16 20:45:21 1999 ùíù Value of LOG set to ON NANCY MXXXX 8021 XXXXXX VIEW PL STANWOOD WA 98292 (360)XXX-X7X7 I will give this # a call in 5 minutes wow yer ereet Starting logfile IrcLog Value of LOG set to ON and if you dont answer, i will persue you and really own you 0wn me stop msg'ing me sil ch0wn whats your # ill call you i dont give out my # silicosis is the kid who was spamming the board hello sorry. mindphasr just pasted his info heh yes i spamemd the board your so fucking stupid [silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name..... silicosis: You have gotten yourself into some problems, masuashash come get me just ask pwr on unet [silicosis(~gu1d@sos-dialup210.nwlink.com)] keep it up, i want to get rid of this name..... maybe you would have thought twice. silicosis: why? so you can rip someone elses name? like silicosis or k0de? LOL lol silicosis: go by aC1dbUrN and be fEEred [silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now [silicosis(~gu1d@sos-dialup210.nwlink.com)] private chat me now ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2638]] ùíù BitchX: Type /chat to answer or /nochat to close im not private chatting you ùíù DCC CHAT: to silicosis closed quit messaging me bitch ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:2642]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close ùíù DCC CHAT (chat) request from silicosis[~gu1d@sos-dialup210.nwlink.com [209.20.225.210:21002]] ùíù BitchX: Type /chat to answer or /nochat to close [mindspring]!irc.mindspring.com Server flood protection activated for eCh0 Server flood protection activated for eCh0 lol private chat ùíù BitchX: Unknown command: IGNORELIST ùíù BitchX: Doing this is not a good idea. Add -YES if you really mean it ùíù Usage: /I - See INVITE ùíù Usage: /IG +|- - Ignores ALL except crap and public of nick!host matching ùíù BitchX: No such command [IGL] ùíù BitchX: No such command [IG*] ùíù Usage: /Ig +|- - Ignores ALL except crap and public of nick!host matching ùíù Usage: /UnIg - UnIgnores ùíù BitchX: There are no nicks on your lame nick list #ILAH ON DALNET! úùú silicosis invites you to join #l0cked. ^A to accept. INTERNATIONAL LEAGUE AGAINST HACKERS are you stupid? he is trying to be nice now since he is screwed he is going to end up like bronc yes, he is from mosthated..lol fuck bronc is a hairy gay cowboy where is mosthated? log that jail? HcV was a lame group i started under the name "DragonFyre" a long time ago log that too ironlungs was known as Hoss Boss he was an ereet winnuking m0f0 lol i liked to ping flood quakers with windows 3.11 #feed-the- ch0wn H ch0wn@ip14.fort-worth.tx.pub-ip.psi.net (www.ro0t.nu) #feed-the- chem1st H sekurity@x-forces.com (xF) #feed-the- silicosis H ~gu1d@sos-dialup210.nwlink.com (* I'm to lame to read BitchX.doc *) #feed-the- HowzeR H ~bob@dial65.pm3abing1.abingdonpm.naxs.com (bobby) #feed-the- mindphasr H mind@mindphasr.activesecurity.net (mindphasr) #feed-the- eCh0 H ~eCh0@web2.wing.net (T e a) #feed-the- Crimz0n H ~h0@host-209-214-147-166.msy.bellsouth.net (CriMz0N) #feed-the- LordGoat H snark@sex.addicts.org (LORD OF THE GOATS!) #feed-the- Debris H ~Debris@ppp-5800-02b-3243.mtl.total.net (DIE) #feed-the- UT H ut@sass2192.sandia.gov (UT) #feed-the- in0d3 H magical@sells.drugs.for.the.blacklotus.net (magical ) #feed-the- IL H magical@hella.pimps.the.hoes.and.stuph.org (magical ) [msg(mindphasr)] hmm, im going to quit HcV, IL wont even kick silicosis out [- pwr -] scorpio@spectranet.ca Drew Cecil,Lucy(parents) Plummer 84 XXXXXXXXXXXXXXXXX Hamilton, ON L8E 1A1 Phone: (905) XXX-6925 Home Value: $89,699 Cars: 1997 Black Ford Bronc, 1998 red Saturn (unkown make) Doctor: St. Marys Medical Hospital Uptown, Dr. Shwartz Estimated phone bill for 02-05-99: $9,900 lol mindphasr: whos that? -(bronc)- Name ... Erik J. XXXXXXX Street ... 920 W 4TH AVE APT 1. Phone Number ... 530-XXX-17XX Mother ... 530-XXX-59XX City ... CHICO CA, 95926-3674 U@H ... bronc@2600.COM SS ... 556-XX-4X0X LOL a silicosis entry will look nice. heh ok thats it killall named lol (silicosis unlocks his elite haxoring secret: killall named) (everyone stares in awe) go on icq ech0 so you can get my IP and DoS me? oh yeah thats smart hide on invisible then i dont give a shit i dont even have icq on im in windows using tribe making myself look elite well you must have screwed up somewhere fucking hell..... die named die [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] [msg(ch0wn)] lol, this is funny shit, im gonna post the logs from this on packetstorm once he is done ùíù gargan [gargan@u105-173.rose.net] has joined #feed-the-goats [msg(ch0wn)] and i'll add it on the goat page along with the dalnet #hackerz article and the LoU war one [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh k hcv is the lamest shit ive ever seen, i never should have started it...... [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh...i though ppl liked silicosis, guess not [msg(ch0wn)] no one likes silicosis, he hides behind me and IL and the other members of HcV gH 0wns HcV :P [msg(ch0wn)] and all he does is DoS [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh gH 0wns LoU gH > * HEHE eCh0 > gH =) i dont care for it anymore, thats why i quit last week, you all cause pointless damage you must all be bored to shit? pointless damage wow Yes, else we wouldn't be on here :> just like your rm -rf of hack-net? and your elite DoS attacks on EVERYONE? ohh lets go hack some japanese site.... sil will be busy you wont be bored, i gurantee it im only here to say my last fuck you's and goodbyes mindphasr, lets get some gay porno mags mailed to him Hackers are cruel, vicious, lifesucking, bottom-dwelleing, scum sucking, toilet licking, dog eating, freaks with too much free time!(especially the ones who do it for fun!) you just say that because you have no skills No, pocket pussies! silicosis: thats nice, no one here likes you and wants your goodbye..just leave now lmao silicosis: you will be hearing more from me later bro i hope you reconsider what your doing, you'll get busted one day like i did for pinching ech0s penis heh i dont do anything illegal to get busted man.. eCh0: i will narc u for irc idling! lol im on ken's side, so you children go and have fun, hack all your ereet Japan sites.... ken's side? silicosis ken will be having word with your mom soon man that is why ch0wn is here to see all of this who gives a shit about ken and that is why this is being logged you go ahead and log it, nothing matters to me anymore silicosis: Ken doesn't need 12 year old kids who spam webboards on his side man. ÚÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄ---Ä--ÄÄ-ÄÄÄÄÄÄÄÄÄ--- -- - | silicosis (~gu1d@sos-dialup210.nwlink.com) (Internic Commercial) ³ ircname : * I'm to lame to read BitchX.doc * | channels : @#l0cked #feed-the-goats ³ server : irc2.lagged.org ([209.127.0.66] The Black Hole for Pings!) all you can do is kick/ban/dos attack ùíù BitchX: Checking tables... ùíù BitchX: [silicosis!~gu1d@sos-dialup210.nwlink.com]: sos-dialup210.nwlink.com ùíù BitchX: IPs: [209.20.225.210] Might as well kill yourself and donate your body to science if you dont care then just leave chem1st rot will not be accepted =( chem1st: dedicated to the destruction of canada? ð mindphasr/#feed-the-goats puts sil up for adoption Yes I am a seperatist :> then you children stop DoS attacking sos.ent then you children stop DoS attacking sos.net DIE POOR PROVINCES DIE silicosis, none of us are children, and none of us are DoS'ing anything, stop trying to turn this around silicosis, it doesn't matter either way though, because soon you'll either be in court or signing up for welfare after you get your new bills chown are you only here to try to impress people with what you heard on irc? debris chill ch0wn is cool now we are getting along i hereby declare crimz0n a goat :) really? The lord of the goats has spoken. lol Did he pass the "eating grass" test? [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] lol ph34r the lord goat ùíù Scottit0 [~lakd@ppp22-wednesday.mkl.com] has joined #feed-the-goats real goats smoke grass, eating grass is nasty ahhh shit silicuntis?? 000h eCh0: Both actually.. I smoke grass y0 ð silicosis/#feed-the-goats is back from the dead. Gone 0 hrs 21 min 19 secs Silicuntis heh [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] now silicosis is trying to play nice with me [msg(ch0wn)] LOL [ctcp(#feed-the-goats)] PING ùíù CTCP PING reply from IL: 0.820 seconds ùíù CTCP PING reply from in0d3: 1.110 seconds ùíù CTCP PING reply from Crimz0n: 1.112 seconds ùíù CTCP PING reply from UT: 1.000 seconds ùíù CTCP PING reply from Scottit0: 1.382 seconds ùíù CTCP PING reply from mindphasr: 1.690 seconds ùíù CTCP PING reply from ch0wn: 1.692 seconds ùíù CTCP PING reply from HowzeR: 1.693 seconds ùíù CTCP PING reply from Debris: 1.695 seconds ùíù CTCP PING reply from silicosis: 1.697 seconds ùíù CTCP PING reply from gargan: 2.200 seconds ùíù CTCP PING reply from LordGoat: 3.260 seconds ùíù CTCP PING reply from chem1st: 3.262 seconds [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] i didnt even see that gargan is here neet isnt it tho [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] he says yer all blaming him for the b0rt/ezo0n's shit and i said "but u did do it didnt u" and hes like no they are just saying its me cause i said i quit and now they are all pissy Who's that? :P chem1st: never you mind just some loser heh [msg(ch0wn)] lol, he quit? more like he got kicked out, no one wanted him Ha, welcome to the club :> [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] heh gargan is nicks butt buddy whos nick no he isnt nick=cyberarmy is it true cyberarmy got rm -rf'd? gargan is silicuntis ass friens? lol, cyberarmy [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] i dont talk to nick anymore cyberarmy got way too lame for me a long time ago that damn board eeew "Cyberarmy has been involved in security auditing attacks of the Pentagon and robotics" neat robotics oooooooooh-ahhhhhhh oh jesus christ i will make robots from the models at radio shack that fucking about page... heh [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] just emailed ken haha some german guy emailed me asking me to work for him cause of that damn thing [msg(ch0wn)] i'll send you the log of this, LOL i prolly still have the email somewhere [msg(ch0wn)] i'm going to post this shit everywhere, it will be hillarious [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k do you wanna no where the name cyberarmy really came from [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] hehe, the public humilation of silicosis www.electronicarmy.org used to host him and he had an idea where he is a general and he orders little lamers to email bomb that was your server wasnt it? no i just used it silicosis takes it up the ass lol Scottit0 = SilicoSiS [msg(ch0wn)] post on packetstorm and tell ken to come here scottit0 is not silicuntis [msg(ch0wn)] if you can -Crimz0n(~h0@host-209-214-147-166.msy.bellsouth.net)- DCC Chat (127.0.0.1) ùíù DCC CHAT (chat) request from Crimz0n[~h0@host-209-214-147-166.msy.bellsouth.net [127.0.0.1:1786]] ùíù BitchX: Type /chat to answer or /nochat to close lol DCC Chat (127.0.0.1) ùíù DCC CHAT: to Crimz0n closed lol chit [ch0wn(ch0wn@ip14.fort-worth.tx.pub-ip.psi.net)] k, if ken replies to the email, i'll tell him he can come here and laugh at silicosis [msg(ch0wn)] oky [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] ùíù BitchX: Unknown command: QUESO p1mp.bx iz n0w loaded nigg0r! /phelp for a help screen Some of this code is ripped, much props to the ones who made it 204.80.232.172:139 * Windoze 95/98/NT 204.80.232.172:113 *- Not Listen Unknown (may be loss of pkts) ? 204.80.232.172:23 *- Not Listen Unknown (may be loss of pkts) ? gargan does nick irc 209.20.225.210:139 * Dead Host, Firewalled Port or Unassigned IP 209.20.225.210:113 * Dead Host, Firewalled Port or Unassigned IP 209.20.225.210:23 * Dead Host, Firewalled Port or Unassigned IP hmm, maybe not.. i dont know i havent talked to him for months cept about that he hasnt paid Freshman silicosis fucks anal money up the ass what was it that freshman made for him? thing to add something to every text file on his server or something paid freshman for what?? you havent been reading packet storm while back he made a delphi program to alter like 100 html files for nick i cant get there lol nick was sposed to pay him 50 bucks for it mosthated: No such nick/channel lol [msg(mindphasr)] ya there? whata ho mo who? [mindphasr(mind@mindphasr.activesecurity.net)] sorta [msg(mindphasr)] silicosis is in here as Scottit0 now, lol [ Channel ][ Nickname ][ user@host ][ level ] [#feed-the-][ ch0wn ][ch0wn@ip14.fort-worth.tx.pub-ip.p] [n/a] [#feed-the-][ chem1st ][sekurity@x-forces.com ] [n/a] [#feed-the-][ Crimz0n ][~h0@host-209-214-147-166.msy.bell] [n/a] [#feed-the-][ Debris ][~Debris@ppp-5800-02b-3243.mtl.tot] [n/a] [#feed-the-][ eCh0 ][~eCh0@web2.wing.net ] [n/a] [#feed-the-][ gargan ][gargan@u105-173.rose.net ] [n/a] [#feed-the-][ HowzeR ][~bob@dial65.pm3abing1.abingdonpm.] [n/a] [#feed-the-][ IL ][magical@hella.pimps.the.hoes.and.] [n/a] [#feed-the-][ in0d3 ][magical@sells.drugs.for.the.black] [n/a] [#feed-the-][ LordGoat ][snark@sex.addicts.org ] [n/a] [#feed-the-][ mindphasr][mind@mindphasr.activesecurity.net] [n/a] [#feed-the-][ Scottit0 ][~lakd@ppp22-wednesday.mkl.com ] [n/a] [#feed-the-][ silicosis][~gu1d@sos-dialup210.nwlink.com ] [n/a] [#feed-the-][ UT ][ut@sass2192.sandia.gov ] [n/a] [mindphasr(mind@mindphasr.activesecurity.net)] yea