The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / phrack2 / phrack43.003 < prev next >

Wrap

Text File | 2003-06-11 | 43.4 KB | 953 lines

==Phrack Magazine== Volume Four, Issue Forty-Three, File 3 of 27 Phrack Loopback Part II ====================================================================== ToneLoc T-Shirt Offer ====================================================================== Yes, the rumors are true: A ToneLoc t-shirt is at last available. The shirt is an extra large, 100% cotton Hanes Beefy-T, silk screened with four colors on front and eight colors on back. The front features an "anti-bell" logo, with your favorite corporate symbol in blue under a slashed circle in red. The ToneLoc logo appears above, with an appropriate quote below. The back has six Tonemaps, visual representations of exchange scans, contributed by ToneLoc'ers from around the globe. The exchange and scanner's handle is printed below each Tonemap. The handles of the beta testing team are listed below the maps. If you act now, a free copy of the latest release of ToneLoc will be included with your order! Please specify 3.5" or 5.25" disks. $15 postpaid; add $5 for international orders. Make your check or money order payable to "ToneLoc Shirt." Send to: ToneLoc Shirt 12407 Mopac Expwy N #100-264 Austin, TX 78758 Voice Mail (24 hours): 512-314-5460 - Mucho Maas - Minor Threat [Editor: I have one of these. The only hacker program immortalized in cotton. Nifty!] ****************************************************************************** The return of a telecom legend... &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& && &&&&&&& &&&&& &&&&&&&&&&& &&&&&&&&& &&&&&&&&&&&&&& &&&&&&&& && &&&&& &&&&&&&&& &&&&& &&&&& && &&&&&&&& &&&&&&&&&&&&& &&&&&&& && &&& &&&&&&&&& &&&& &&&& && &&&&&&& && &&&&&&&& && & &&&&&& && & & & &&&&&&&&& &&& & &&& && &&&&&&& && &&&&&&&& && && &&&&& && && && && && && &&& && && &&&&&&& && &&&&&&&& && &&& &&&& && &&& &&& && &&&&& && &&& && && &&&&&&& && && &&&&& && &&&& &&& && &&&&&&& && &&&&& && &&& && && &&&&&&& && && &&&& && &&&&& && && &&&&&&& && &&&&& && && && &&&&&&& && && &&& && &&&&& && && &&&&&&& && &&&&&&&&& &&& && && &&&&&&& && && && && &&&& &&& && &&&&&&& && &&&&&&&&& &&& && && && && & & && &&& &&&& && &&&&&&& && &&&&&&& &&& && &&&&&&&&&&& && && && && && &&&&& && &&&&&&& && &&&&&&&&& &&& && &&&&&&&&&&& && && &&& && & &&&&&& && &&&&&&& && &&&&&&&&&&&&&&& &&&&&&&&&&& && &&&&&&&& && &&&&&&& && &&&&&&& &&&&&&&&&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&& && &&&&&&&& &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& S O U T H W E S T A Neon Knights/Metal Communications Experience cDc _ _ ((___)) [ x x ] cDc \ / cDc (' ') (U) '..and none but the Bovine survived the onslaught' -cDc- CULT OF THE DEAD COW -cDc- cDc communications -cDc- D0PE SYSTEM -cDc- --------------------------- Very K-Rad 713-468-5802 No Lame Ratios Running Baphomet Sysd00d : Drunkfux 86,400 Seconds A Day OoOOooOdlez o' T-Files The Official HoHoCon BBS New Pimping Tips Every Day Tonz o' Nifty Ascii Pictures Talk To Satan Himself.. Live!! Free 5-Digit Metro K0DEZ For All d0Pe Gifs Of Gail Thackeray Online Read Hate Filled Nazi Skinhead Poemz Home Of K-RAP : The K-Rad Ascii Possee Learn How To Make Money! Just Ask Byron! Necropheliacs & Kidporn Kollekt0rz Welcome Y0 Y0 Y0 Lonely D00dz! We gotz girlie uzerz! Lots Of Message Bases With Really K-KeWL Names Is This Whole "Volcano Ad" Thing Stupid Or What? GNU Warez From The Future! We Have A Time Machine! I Think We Have One Of Those Big, EL8 Drive Thingies No Net Access? Submit Your cDc & Phrack Articles Here! The Only System Authorized By The Debbie Gibson Fan Club The Neon Knights Did NOT Die, We Just Went Way Underground This Thing Is Starting To Look Like That Album St0nerzz Like Mega KooL Games Like Lemonade Stand And Hunt The Wumpus Deluxe Hey! It's The Mashed Potato Mountain Thing From Close Encounters Users Include Lots Of Elite Peoplez You See On Shows Like Dateline That Really Trendy Super High Speed Modem All Those Warez DooDz Have cDc / CuD / dFx / Neon Knights / NIA / Phrack / uXu / Video Vindicator Telco / Systems / Networks / Security / Cellular / Satan / Death / K0DEZ *************************************************************************** Hi there! As a beginner in Cyberspace & a new reader of Phrack, I just wanna say thiz... IT'S X-CELLENT DUDES!!!!!. Keep the good work!!!!!. I only have your latest issue, and I never read previous ones, so this is maybe old stuff... but I would like to see the Infonet network and Datapac covered in some of UR articles... let me know if u published something in recent issues. Greetings from South America, LawEnforcer. (yes, it's an Alias!!!) [Editor: Well, InfoNet we've never done. Any takers? Datapac I personally scanned some time ago, but almost ALL of the 100K of NUA's I found still work. Maybe someone should take my script and re-scan it. Anyone? Class? Bueler?] **************************************************************************** begin contribution------------------------------- VMS machines that have captive accounts often have accounts such as HYTELNET. This is an account which will archie for you, or take you to a few select BBSs or any of many boring things to do. You simply log in as HYTELNET, there isn't a password, and go through the menus. Now, that's where the fun begins. If you use HYTELNET to telnet anywhere, while it is connecting, simply type your local telnet escape key (something like ^\ or ^]) and then........you have a telnet prompt. Unfortunately, if you close or disconnect, it will return to the HYTELNET menus, and you can't open a new connection, since you're already connected. So, what you do is SPAWN whatever process you want.....you could SPAWN TELNET or SPAWN FTP or SPAWN anything else for that matter. SPAWN with no arguments (the shell escape) does not work, however. This works from any captive account that telnets. So, you can telnet to a VAX that has HYTELNET, log in as HYTELNET, do what I told you, and then hack to wherever, since the reports from the target site will show that HYTELNET@insert.vax.site committed the heinous crimes that you did. Kaneda end contribution-------------------------------- [Editor: Kaneda: thanks for that tidbit. Now I'm sure to get grief on IRC from someone coming from an odd site. :) Give my regards to Tetsuo. "But some day...we will be"] **************************************************************************** _ _ ((___)) [ x x ] cDc communications \ / Global Domination Update (' ') #12 - April 1st, 1993 (U) Est. 1986 New gNu NEW gnU new GnU nEW gNu neW gnu nEw releases for April, 1993: _________________________________/Text Files\_________________________________ 221: "Sickness" by Franken Gibe. Paralyzed by thoughts. Rage! Fight! Dark! 222: "A Day in the Life of Debbie G1bs0n" by The Madwoman. The pop idol faces her arch enemy on the fields of ninja combat and in the arms of love. 223: "The B!G Envelope Stuffing Scam" by Hanover Fiste. How to get money. Make Sally Struthers proud of you. 224: "The Bird" by Obscure Images. Story 'bout a sad guy who laughs at birds. It's depressing. Oi's a kooky guy. 225: "Tequila Willy's Position Paper" by Reid Fleming and Omega. Unknown to most, Tequila Willy thew his hat in the ring for the 1992 presidential election. Here's the paper detailing his positions on all the important issues. Better luck in '96, eh? 226: "Simple Cryptology" by Dave Ferret. Introductory guide to cryptology which also includes a good list of other sources to look into. 227: "Big Ol' Heaping Pile of Shit" by Suicidal Maniac. Buncha poems about lots of things. Wacky. 228: "ISDN: Fucking the Vacuum Cleaner Attachments" by Reid Fleming. Intended for _Mondo 2000_, this file drops science about everyone's favorite future phone system. 229: "The Evil Truth About Peter Pan" by Lady Carolin. It's a whole mess of things you and your puny little mind might not have noticed about this popular kiddie (hah!) story. 230: "The 2:00 O'Clock Bus" by Tequila Willy and Bambi the Usurper. Geriatric porn with some doggy flavor. _____________________________/Other Stuff to Get\_____________________________ From: cDc communications/P.O. Box 53011/Lubbock, TX 79453 This is Swamp Ratte's stuff: All the cDc t-files on disk by mail, for convenience sake! Specify MS-DOS or Apple II format 3.5" disks. $3.00 cash. cDc stickers! Same design as were flying around at HoHoCon, with the scary-lookin' cow skull. k00l. Send a SASE and 50 cents for a dozen of 'em (or just send a dollar). Weasel-MX tape! _Obvious_ 45-minute cassette. This is Swamp Ratte's funk/punk-rock/hip-hop band. It's a mess, but fun. $3.00 cash. cDc hat! Yeah, get yer very own stylin' black baseball cap embroidered with the cDc file-header-type logo on the front in white. This isn't the foam-and-mesh cheap kind of hat; it's a "6-panel" (the hat industry term) quality deal. Roll hard with the phat cDc gear. $15.00 plus a buck for postage. _Swingin' Muzak_ compilation tape! An hour of rockin' tuneage from Weasel-MX (all new for '93), Counter Culture, Acid Mirror, Truth or Consequences, Grandma's V.D., and Sekrut Squirrel. Lotsa good, catchy, energetic stuff for only $5.00 cash. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: FNORD! Publications/2660 Trojan Dr. #912/Green Bay, Wisconsin 54304-1235 This is Obscure Images' stuff: FNORD! 'zine #1 & #4 - $2.00 Each Shoggoth 912 #1 - $0.75 For some snarly techno grooves, send away for the new tape from Green Bay's finest (and only) technorave sensation, I OPENING! IO-Illumination Demo Tape (7 songs of joy) - $5.00 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: Freeside Orbital Data Network/ATTN:dFx-HoHoCon-cDc/11504 Hughes Road #124 Houston, TX 77089 This is Drunkfux's stuff: HoHoCon '92 T-Shirts : Black : XL : Elite : Stylish : Dope : Slammin' Only $15 + $2 shipping ($2.50 for two shirts). Your choice of either "I LOVE FEDS" or "I LOVE WAREZ" on front, where "LOVE" is actually a red heart, ala "I LOVE N.Y." or "I LOVE SPAM." On the back of every beautimus shirt is... dFx & cDc Present HOHOCON '92 December 18-20 Allen Park Inn Houston, Texas HoHoCon '92 VHS Video : 6 Hours : Hilariously Elite : $18 + $2 Shipping Please make all checks payable to O.I.S. Free cDc sticker with every order! w0w! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: Bill's Shirt Thing/P.O. Box 53832/Lubbock, TX/79453 This is Franken Gibe's stuff: AIDS sucks! Order a catalog! Nifty t-shirts that make you happy. Proceeds go to local AIDS Resource Center. Send a $0.29 stamp for the cat'. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: Teach Me Violence magazine/61 East 8th St./Suite 202/New York, NY 10003 This is The Pusher's stuff: Teach Me Violence 'zine: Issue #1 (Mr. Bungle, COC, Murphy's Law) Issue #2 (Helmet, Supertouch, Agnostic Front, American Standard) Issue #3 (Faith No More, Chris Haskett, Cathedral, Iceburn, Venom) $3.00 cash each - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From: A Day In The Life Of.../P.O. Box 94221/Seattle, WA 98124 This is Lady Carolin's stuff: A Day In The Life Of... 'zine, free with two stamps. Bi-monthly contact list of girlie bands/grrrl bands/female vocalists. $1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __________________________________/cDc Gnuz\__________________________________ "cDc: savin' trees in '93" Hiya once again, here's whassup: NEW Internet FTP site: zero.cypher.com. This is Drunkfux and Louis Cypher's chilly-the-most deal. Login as "anonymous" and get all the cDc stuph fast fast fast. NEW cDc Mailing list: Get on the ever-dope and slamagnifiterrific cDc mailing list! Send mail to cDc@cypher.com and include some wonderlessly elite message along the lines of, "ADD ME 2 DA MAILIN LIZT!!@&!" NEW Official cDc Global Domination Factory Direct Outlets: Cyberspace.Nexus +31-67-879307 [Belgium] Mirrorshades BBS 903/668-1777 The Ministry of Knowledge 401/043-3446 The Crowbar Hotel 713/373-4031 We're always taking t-file submissions, so if you've got a file and want to really get it out there, there's no better way than with cDc. Upload text to The Polka AE, or my Internet address, or send disks or hardcopy to the cDc post office box in Lubbock, TX. NEW updated CDCKC0W.TXT file. All the information for sysops to get going running Factory Direct Outlets. It should be available from wherever you got this Update. NEW CDCV9.ZIP is out containing cDc t-files 201-225. Factory Direct Outlet sysops should get this and put it up on their systems. See ya in May. S. Ratte' cDc/Editor and P|-|Ear13zz |_3@DeRrr "We're into t-files for the girlies and money." Write to: cDc communications, P.O. Box 53011, Lubbock, TX 79453. Internet: sratte@cypher.com, sratte@mindvox.phantom.com. [Editor: Whew. Any word on those cDc Glow in The Dark Toilet Seat Covers? I've got my 29.95 ready!] **************************************************************************** Hey there a few of us use this account and wuld like to get phrack sent to us here if at all possible... :) We are all Australians and all read your magazine to death.. a friend of mine runs a board called shred til ya ded which is basically a hpac and warez assortment... nothing 0 day but definately good for hacking info... we are in the middle of getting all of your mags online at the moment you mentioned in phrack 42 that you would like people from other countries to write pieces about the scene there... well depending on the kind of thing you want i would be more than happy to give it a go with some mates thanks Darkstar [Editor: Darkstar and anyone else--send me your files about your scenes in other countries. Nearly everyone who promised me a file about their country flaked out. You'll see who did send me a file later in this issue. Other countries: get off your duffs and send me a file! We want to know what goes on there! Boards, Busts, History, Hackers, Hangouts, Groups, Greats, Legends, Lore, EVERYTHING!] *************************************************************************** I remember seeing a message somewhere on the WELL saying an issue of Phrack carried listings of Viruses. Could you tell me which one(s)? Also, do you know of any sites which have virus listings archived ? Thanks, Jon Barber [Editor: Well, John, Phrack doesn't carry virii info. You might check around for 40hex. Personally, I think virii are vastly overrated hype driven onward by McAffee and other self-serving interests. That is why we ignore them. (That is also why I don't mention them when I lecture on computer security...they are no big thing.)] **************************************************************************** Ok, So I was reading Phrack 42's listing for SprintNET nodes... But there was no information on how to access it.. What are the ACNS For the Sprintnet? Is there a Phrack out that details use of the SprintNET.. Would appreciate ANY and ALL, as I've never heard of it being used widely like the Internet, and would like to know how to use it.. Jack Flash... [Editor: Jack...you kids are spoiled. You and your Internet. Hrumph. Remember when Arpanet was like a 20 or so Universities and Contractors, and tied to about 100 bases thru Milnet? No? Sheesh. To answer your question, Sprintnet (used to be Telenet, and always will be to me) is a public packet switched network. It can be accessed in nearly EVERY city in the USA, and in many large cities in other countries. The Toll-Free dialups are: 300-2400: 800-546-1000 9600 v.32: 800-546-2500 At the TERMINAL= prompt, type D1. Then to find a local dialup, at the @ prompt type MAIL. Login as username PHONES password PHONES.] ***************************************************************************** RE: Loop-Back I was wondering if it would be possible for you to do something on Novell LAN security, as we have one at my high school. I was also wondering about bluebox tones...in my area, if you call into the next county, sometimes you hear what sounds like bluebox tones. I had thought these lines were digital, and therefore, would not require tones of any type.. any ideas? RF Burns [Editor: As for the Novell...check later in this issue. As for the MF tones...when calls go from one area to another it is quite common to hear multi-frequency tones. Depending upon the way the call is routed, your particular pick of LD carrier and the equipment between you and the destination, you may hear these tones. You may even be one of the lucky ones, and be able to seize a trunk. Using certain LD carriers you can still box, but usually you are stuck with a trunk that can't get out of the area. Alas.] ***************************************************************************** Hi - I'm a student in the MLS program here at SUNY Albany. I found out about Phrack while researching a paper for my public policy class, on the ECPA and shit. Well, I gave a fabulous 45-minute presentation on it all and then wrote an even better paper for which I was rewarded with an A as well as an A for the class. Turns out John Perry Barlow and Mitch Kapor are heroes of my professor as well. So now I'm hooked. For my thesis I'm writing a user manual for librarians on the Internet and helping teach a class in telecommunications. Just wanted to let you phrack-types know you're my heroes and I want to be a member of the phrack phamily. Can't send any money, though. *:( Keep the faith, hopey t [Editor: That's really great! Usually profs are terribly anal about anything regarding Phrack and/or hacking. You are very lucky to have had such an instructor. Congrats on the class and good luck with your thesis!] **************************************************************************** Hi! I was just glancing through Phrack #42, and read the portion that sez that all computer professionals (essentially) have to delete this and even old copies of Phrack. Coupla questions: I'm a Network Administrator for a University, do I have to comply? It's not like I am a thug from Bellcore or anything like that. Although one of the things I am concerned with, professionally, is the security of our systems, I am no Cliff Stoll. If I were to catch an unauthorized visitor, I would give him the boot, not chase him down with prosecution in mind. I have, of course, deleted all my old Phracks as well as #42, but I would like to be able to re-snarf them. Let me know... Thanks! Dan Marner [Editor: Well, Dan, technically Phrack could quite possibly be beneficial to you and assist you with your career, and this is the typical scenario in which we request that you register your subscription and pay the registration fee. Of course, we don't have the SS as our own personal thugs to go break your legs if you don't comply. :) You might at least try to get your employer to pay for the subscription. As far as issues prior to 42 go, KEEP THEM! They are exempt from anything, and are arguably public domain.] ***************************************************************************** Hey, I need to get in touch with some Macintosh phreakers. Know any? Anyway, are there any good war dialers or scanners out there for Macintosh? I need something that picks up PBXs and VMBs as well as Carriers. Thanx in advance... [Editor: I personally avoid the little toadstools like the plague, and I was unable to get a hold of the only hacker I know who uses one. If anyone out there on the net could email us with the scoop on Mac hacking/phreaking utilities it would be most appreciated.] ***************************************************************************** Hello! I was just wondering if you knew of any FidoNet site that carries back issues of phrack. The main reason behind this, as my link through the Internet is basically through a FidoNet-type network and I am unable to ftp files. Any help would be appreciated! Thanks! Jason K [Editor: Phrack pops up everywhere. I would be very surprised if it wasn't on a ton of fido sites. However, I have no idea of what those sites may be. If anyone knows of any, let us know!] **************************************************************************** Can you give me the email address for the 2600 Magazine or whomever the person in charge. I've no idea how to contact them, so that's why I'm asking you. I'm much obliged. Thanks, MJS [Editor: 2600 magazine can be reached at 2600@well.sf.ca.us To subscribe send $21 to 2600 Subscriptions, P.O. Box 752, Middle Island, NY, 11953-0752. To submit articles write to 2600 Editorial Dept., P.O. Box 99, Middle Island, NY, 11953-0099. Note: If you are submitting articles to 2600 and to us, please have the courtesy of LETTING BOTH MAGAZINES KNOW IN ADVANCE. Ahem.] **************************************************************************** Do you know if there has been a set date and place for the next HoHoCon? Best Regards, Mayon [Editor: Actually, it's looking more and more like HoHoCon will be December 17, 18, 19 in Austin, TX. It may still be in Houston, but methinks the Big H has had about enough of dFx. We'll let you know when we know for sure.] **************************************************************************** Reporter for major metro paper is interested in help finding out anything there is to find on four prominent people who have volunteered to have their privacy breached. Financial fundamentals. Lives of crime. Aches and pains. How rich they are, where they vacation, who they socialize with. You name it, we're interested in seeing if it's out there. All for a good cause. If you're willing to advise this computer-ignorant reporter, or dig in and get the dope on these volunteers, please contact him at tye@nws.globe.com Or call at 617-929-3342. Help especially appreciated from anyone in the BOSTON area. Soon. Thanks. [Editor: Interesting. This showed up in my box in late June, so it should still be going. I would recommend watching yourselves in any dealings with journalists. Take it form one who has been burned by the press. (And who has a journalism degree himself.)] **************************************************************************** Hey there... I don't know if this will get to Dispater or to the new editor. Since the change in editorship, the proper way to contact Phrack has become sort of a mystery. (The new address wasn't included in Phrack 31.) Anyway, I'm writing to bitch about the quality of #31. I've got two main beefs: 1. The article about fake-mail was GREAT until it turned into a "how-to" primer on using the info given to cause damage. That is exactly the kind of thing that will end up getting you sued. I have some legal background, and I'm pretty sure that the author of that article and possibly even Phrack itself and its editors are now open to a damn good argument for tortuous negligence if anyone follows the instructions and damages someone on Compuserve, etc. The argument will go something like, "Phrack set into motion a chain of events that led to my client being damaged." You guys should have just given the info, and left off the moronic ways to abuse it. 2. The article on "Mall Security Frequencies" was copied directly from Popular Communications, Nov. 1992 issue. Hell, that was even their cover story. Can we say "copyright enfringement?" If not, I'm sure you'll be _hearing_ it a few more times. If I was still practicing, I'd call 'em up and ask their permission to sue on contingency. Split the damages obtained on a motion for summary judgment 50/50 with them. It would only take a week and one filed complaint... Point is, you have opened yourselves up to get sued and lose EASILY. As much as I've enjoyed reading Phrack over the years, if this new staff continues in this manner, I'll be stuck with back-issues. Cyber (305) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details. [Editor: I think you meant 41, not 31. But to answer your points: 1) As long as there is a first amendment, Phrack will continue to print articles that some may or may not agree with. Printing the blueprints for an atomic bomb does not make you an accomplice to those who build it and detonate it. 2) Numbers are numbers. Can we even spell "copyright infringement?" If you were still "practicing..." We at Phrack wholeheartedly encourage you to again pick it up, and keep practicing and practicing until you get whatever it is you were practicing down pat. Obviously it must have been guitar, and not law. Such a litigious society we live in. Suing Phrack would accomplish nothing. It would not even hinder its publication. Since Phrack has no money, nothing would be gained. Even if fined, Phrack could not be forced to sell its computer equipment to pay fines, since this would be removing the livelihood of the publisher, thus it would continue its quarterly publication. Where on Earth did you get such ideas? You obviously know nothing about lawsuits. Any lawyer would laugh at the thought of suing Phrack since it would gain nothing financially, and provide such a huge amount of bad publicity that even if a judgement were reached in their behalf it would not be worth it. Oh wait, you were a lawyer. Now I know why the past tense. But you are correct on one point: we cannot print copyrighted material without permission. You may have noted that last issue (among other changes) Phrack no longer includes full text of news items without prior permission from the publisher. That was the ONLY thing that worried me about publishing Phrack, and so I changed it. We at Phrack welcome constructive criticism, but at least have the nerve to email directly, rather than hide behind an anonymous remailer. That way, someone could have responded to you in a more direct and expeditious manner.] **************************************************************************** Dear Sir/Madam, I am a student at ukc in England and wish to subscribe to Phrack receiving it as email at the following address ks16@ukc.ac.uk thank you and keep up the good work. We use unix and I would be interested in getting a copy of su (switch user) which looks for the user file passwd.su in the users home directory. I don't know much about unix, but I do know it would need to run from my home directory and access the kernel. Many thanks for any help you may be able to give. S [Editor: Its "SIR" hehe. Sir Bloodaxe. In any case, if anyone would care to draft up this modification to su and send it in I'll print it in the next issue's line noise.] **************************************************************************** I had some beef with Rack's article in PHRACK 42. I've attached a writeup of comments; you're welcome to a) forward it to him, b) shitcan it, or c) publish it. thx, -Paul My background: I've been into the scene for about 12 years. My day job is writing unix s/w for a NASA contractor. My night job... well, never mind that. I have a strong amateur interest in crypto, and I'd like to share some of what people in the usenet/Internet community have been kind enough to teach me. Racketeer sez: > If you think that the world of the Hackers is deeply shrouded with >extreme prejudice, I bet you can't wait to talk with crypto-analysts. These >people are traditionally the biggest bunch of holes I've ever laid eyes on. In >their mind, people have been debating the concepts of encryption since the >dawn of time, and if you come up with a totally new method of data encryption, > -YOU ARE INSULTING EVERYONE WHO HAS EVER DONE ENCRYPTION-, mostly by saying >"Oh, I just came up with this idea for an encryption which might be the best >one yet" when people have dedicated all their lives to designing and breaking >encryption techniques -- so what makes you think you're so fucking bright? One real reason for this reaction is that people _have_ been studying encryption for 100 years or so. As a result, many simple cryptosystems are continually being reinvented by people who haven't ever made even a simple study of cryptosystems. Imagine if someone came up to you and said "Wow! I just found a totally K00L way to send fake mail! It's radical! No one's ever thought of it before!" You'd laugh, right? _Anyone_ can figure out how to forge mail. Well, _anyone_ can come up with the n-th variation of the Vigniere or substitution cipher. An even more important reason for their 'tude is that cypherpunks are suspicious by nature. A key principle of crypto is that you can only trust algorithms that have been made public and thoroughly picked over. Without that public scrutiny, how can you trust it? The fedz' Digital Signature Standard (DSS) got raked in the crypto and industry press because the fedz wouldn't disclose details of the algorithm. "How do we know it's secure?" the cypherpunks asked. "We won't use it if we don't know it's secure!" Point being: (for those of you who skipped over) cypherpunks trust NO ONE when the subject is encryption algorithms. Maybe J. Random Hacker has come up with a scheme faster and more secure than, say, RSA. If JRH won't share the details, no one will use it. Racketeer goes on to talk about DES. One important thing to note is that the unix crypt() function has NOTHING to do with DES. Here's part of the SunOS 4.1.2 man page for crypt(): crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor. Methods of attack on such machines are widely known, thus crypt provides minimal security. It's fairly clear that for a known-ciphertext attack (i.e. you have a block of encoded text, but neither the key nor the plaintext) will, at worst, require 2^56 decryption attempts. Various schemes for parallel machines and so forth have been posted in sci.crypt. Does the NSA have something that can crack DES? Probably. Remember that DES is mostly used for short-lived session keys. ATMs are a good example; they typically use a DES key for one communication session with the central bank. New session, new key. DES is _not_ very well suited for long-term encryption, since it can probably be attacked in "reasonable" time by a determined, well-equipped opponent. Now, on to PGP. Pretty Good Software was indeed threatened with a lawsuit by Public Key Partners (PKP). PKP holds the patent on the RSA public-key algorithm. (Many people, me included, don't think that the patent would stand up in court; so far, no one's tried.) The nice thing about PGP is that it offers IDEA and RSA in a nice package. When you encrypt a file, PGP generates an IDEA session key, which is then encrypted with RSA. An opponent would have to either a) exhaustively search the entire IDEA key space or b) break RSA to decrypt the file without the password. Racketeer also mentions that PGP can optionally compress files before encryption. There's a solid crypto reason behind this, too. One well-known and successful way to attack an encrypted file is to look for patterns of repeated characters. Since the statistical frequencies of word and letter use in English (and many other languages; some folks have even compiled these statistics for Pascal & C!) are well-known, comparing the file contents with a statistical profile can give some insight into the file's contents. By compressing files before encrypting them, PGP is moving the redundancy out of the text and into the small dictionary of compression symbols. You'd still have to decrypt the file before you could do anything useful with that dictionary, or even to determine that it _had_ a signature! [Editor: Well, Rack is not to blame for all complaints I got about the file. I printed a file that was several KBytes short of complete. I noticed it seemed odd, but was assured by Rack, TK & Presence that I had received the correct file. I was misinformed, and should have known better than to print a file I should have known was incomplete. I apologize to Rack & to all of you. About the other gripes: Rack, care to reply?] ***************************************************************************** In issue #42 of Phrack there was an article about the USPS' practice of selling change of address information without consumer consent. I sent the supplied form letter and carbon copied my congressman and senators. Today I received a reply from the USPS Records Office. April 1, 1993 Dear Mr. Rosen: This concerns your recent Privacy Act request for accountings of disclosure of mail forwarding information you have provided to the Postal Service. Disclosure of your forwarding address might have been made to individual requesters by post offices or to subscribers to the National Change of Address File (NCOA) by an NCOA licensee. The NCOA is a consolidated file of all forwarding information provided by postal customers and stored on automated media. Listholders may subscribe to NCOA to obtain the new addresses of individuals for whom they already have in their possession the old address. For disclosures made by post offices, we are in the process of querying the Washington, DC postmaster for any accountings. For disclosures made from the NCOA system, we will begin querying NCOA licensees all of which keep logs identifying the particular subscribers to whom they have given NCOA information. This accounting will not identify with certainty the subscribers who have in fact received your new address, but will give you a list of all subscribers receiving NCOA service for the relevant time period and thus might have received your address. Because a large number of requests like yours are being received, there will be a delay in responding. Requests are being processed in order of receipt and you will be sent the accountings as soon as possible. Your patience is appreciated. Sincerely, Betty E. Sheriff USPS Records Officer [Editor: Thanks for sending that letter in! Amazing that someone in the maze of red tape even thought to make a form letter to respond. I think I'll demand a disclosure as well.] **************************************************************************** Phrack 42 Errata We mistakenly noted that the TRW video shown at HoHoCon was dubbed by Dispater and Scott Simpson. It was actually made by Dispater and ZIBBY. **************************************************************************** ==Phrack Magazine== Volume Four, Issue Forty-Three, File 3a of 27 EDITORIAL My Problems With Clipper by Chris Goggans The introduction of the new government backed encryption chip, Clipper, has become a much debated issue. I like many others have a large number of problems with the chip and the problems it may bring in the future. Why should we believe that this algorithm is robust? For years and years the NSA has backed DES as the encryption standard, when cryptoanalysts have consistently brought its strength into question. Additionally, the NSA has forced companies to submit their routines for analysis before allowing them to be distributed commercially. At times they have even requested that the algorithms be purposely weakened (we will assume that this was so they could more easily decipher the encrypted data.) With this in mind, why should we now meet anything endorsed by the NSA with anything but suspicion? And the fact that they refuse to release the algorithm for security reasons even further adds to the suspicion that this chip is either inherently weak and easily broken by the NSA or that there is a backdoor in the algorithm that will allow the NSA to effortlessly view any data encrypted with the Clipper. Assuming that the government is on the level (for once), and they cannot decipher Clipper-encrypted data without legally obtaining keys from the assigned escrow agents. The idea that the government will have to go before a judge and show just cause for needing the keys pacifies some, but from my own personal experience, the government will always get what they want. If the Secret Service could get a search warrant to enter my home based solely upon one posting to an electronic bulletin board, they could certainly obtain the necessary keys needed to decipher my speech. In fact, most non-technical persons will become needlessly suspicious upon the mere mention of someone using encrypted speech mechanisms and be more easily swayed to release the keys to law enforcement. Should Clipper be adopted by various government agencies for use, this could have serious trickle-down effects upon the lives of regular citizens. Let's say the military decides that they will use Clipper. They will then most likely require their various contractors to use it as well. Then after continued use, the contractor may begin to tell its other customers to communicate with them using Clipper also. Usage could grow exponentially as more and more people become comfortable with the use of the secure communications devices until it becomes a defacto standard without any legal pressures to use it ever mandated by Congress. Should Congress mandate its use in any form, even if only within the government itself, this potentiality will rapidly become reality. If Clipper eventually receives such accepted use, anyone using any other type of encryption will be immediately suspect. "Why aren't you using the chip? What do you have to hide?" The government may even outlaw the use of any other encryption technologies, and if America has become comfortable and satisfied with Clipper such a law may go unchallenged, after all, only spies, child pornographers and drug dealers would have something to hide, right? As the world's computer networks creep ever further into our daily lives, and the speed and power of supercomputers multiplies every year a rather frightening scenario emerges. Since the government is a major funder of the Internet, who is to say that Clipper won't become the basis for encrypting over its lines? As our country moves closer to ISDN and the PSTN and the PSDN's become more intertwined, who is to say that Clipper won't be the basis for encryption since companies like AT&T already endorse it? Imagine if you will, a massively parallel supercomputer, the likes of which may not exist yet, in a special room in Ft. Meade, or buried underground in New Jersey, that consistently decrypts all communications and sorts it according to communicating parties. Then through the use of AI, the computer decides whether or not such communication presents a threat "to national security." The structure of the telephone network already supports such an arrangement. The purpose of the NSA allows for such an arrangement. The advances in computer technology will give the potential for such an arrangement. If Clipper is tainted, yet accepted, there will be no more privacy in America. Perhaps my view of the government and their ultimate intentions is way off base. I sincerely hope so, as I do not want to be forced to take the mark of this beast to conduct my business dealings and to live my life in peace.