The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / phrack2 / phrack45.t27 < prev next >

Wrap

Text File | 2003-06-11 | 61.1 KB | 1,354 lines

==Phrack Magazine== Volume Five, Issue Forty-Five, File 27 of 28 **************************************************************************** International Scenes There was once a time when hackers were basically isolated. It was almost unheard of to run into hackers from countries other than the United States. Then in the mid 1980's thanks largely to the existence of chat systems accessible through X.25 networks like Altger, tchh and QSD, hackers world-wide began to run into each other. They began to talk, trade information, and learn from each other. Separate and diverse subcultures began to merge into one collective scene and has brought us the hacking subculture we know today. A subculture that knows no borders, one whose denizens share the common goal of liberating information from its corporate shackles. With the incredible proliferation of the Internet around the globe, this group is growing by leaps and bounds. With this in mind, we want to help further unite the communities in various countries by shedding light onto the hacking scenes that exist there. If you want to contribute a file about the hacking scene in your country, please send it to us at phrack@well.com. This month we have files about the scenes in Argentina, Australia and Greece. ________________________________________________________________________________ Argentina: Hacking at the ass of the world ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by: OPii. Yeah, i know, it's something you just can't stop, whenever you try to sleep that recurrent idea comes and recurses through your very brain, you are blind, it happens to be worse than MTV, you just can't get to sleep, you stay up for hours, you forget to feed yourself, you can't even remember your name, you turn catatonic, you stand still stretching every nerve and mumbling "hhmmpff..sc.eenn...arghh..teennn..ahhh..." and then you explode in a terrifying scream... "ARRRGHHHHHH, WHAT THE FUCK IS GOING ON IN ARGENTINA??????" Right? NO???? Well, I never really thought that could happened but I'm gonna answer the question anyway, I know you probably don't give a fuck about Argentina and it's scene but, hey, reading shitty text files is not new to you so you wanna change your habits RIGHT NOW? Nahhhhhhhh Introduction ~~~~~~~~~~~~ Ok, enough is enough, so let's get to the point. Argentina is lagging. While other countries are flying toward the hyper publicized "Data Highway", Argentina is still trying to fork it's path in the telecommunication's jungle. And this has it's pros and cons. Before 1990 the telecommunications in Argentina were in hands of Entel, the government's monopolistic arm that ruled the area. But, and there's always a BUT, the service provided by Entel was worse than bad. For too many people it was normal to wait YEARS for a line, paying $1000+ when they finally got it installed, and then a never-ending nightmare began, if it rained, the line went dead, if it didn't die it went crazy, you could pick up the phone and listen to your favorite radio station but of course you could not call anyone. Or you could had bizarre conferences with persons you'd never met...it was basically POTS but with features that Entel never thought about... N-way calling, call forwarding to hell, continuous call waiting in the form of line noise, speed dialing to always busy DNs... Ahh, you could get a line in less than a month if you paid the $1000 to some bogus vapor-companies whose workers would came pulling loops out of their sleeves and installing them quietly (yeah, all completely illegal), these companies were known as the phone mob. Remember, Entel was the ONLY company entitled to give you not only a phone line but the phone itself. And the bills... the bills always had an encrypted message in them, you needed a PhD in Black Magic in order to decipher what the fuck the telco was charging you... but for most mortals the meaning was only one: PAY, pay whatever we order you to pay, and don't ask why. You made only local calls? PAY! (local calls are not free in Argentina) You didn't make that call to Nairobi, Kenya? PAY! Ohh, but you cant dial outside the country with your line? PAY ANYWAY! You want to complain? PAY FIRST! In 1990 the government decided to split Entel in two companies and sell them to private investors, each company would service either the northern or southern Argentina, the border being Buenos Aires' downtown (in case you don't know Buenos Aires is the capital of Argentina). This was nothing more than giving the monopolistic Entel to two new monopolistic companies as we will see. So the government sold Entel and two new companies appeared in Argentina's communications scene: - Telefonica de Argentina. Servicing the southern part of Argentina, this company is formed by the Spanish Telefonica de Espaºa (owned by Spanish gov.) and several Argentinian and foreign investors. - Telecom Argentina. Services the northern Argentina and it's major stockholders are France Telecom and STET (Italy). Also, another two companies where born: - Telintar. Owned by Telefonica and Telecom. The ONE AND ONLY LD carrier in Argentina. - Startel. Guess who owns it? Yeah, Telefonica and Telecom, with some philanthropic aides like Citicorp, J.P. Morgan and Techint and Perez Companc ( Argentinian megacorps). Startel provides TELEX and data transmission services as well as mobile and sea radio links. It runs the most known Argentinian X.25 PSN (ARPAC). The government however had to assure minimal control of the companies and verify that their procedures and actions conform to the Argentinian laws. That's the duty of the SNC (National Communications Secretary) and the CNT ( National Telecommunications Commission), the last being some sort of mirror image of the American FCC. Did anything changed with the appearance of Telefonica and Telecom? Did the customers noticed an improvement in the phone service? Both companies began to "correct" Entel's mess rapidly but personally I consider it was a little more than nothing for the customer. They did change loops, trunks, switches, added features, installed inter-office fiber links, private PSNs and more. But, it's 1994 now, and I still know zillions of persons that had their line dead for 4-5 months, or have been visiting the telco offices everyday during a month complaining about line_noise/no_dial_tone/ dial_tone_but_no_dialing/cant_receive_calls/cant_dial_certain_NPAs/ bills_are_way_out_of_scope/etc. To conclude this section I will only say that: 1). There's still a telecom. monopoly in Argentina, now in the form of two private companies. 2). Service got better but it's still a mess, dirty and expensive. 3). Both companies enjoyed an explosive economic grow since 1990, their shares being one of the best things you could get a hold of in the stock exchange. The Phony Phone System ~~~~~~~~~~~~~~~~~~~~~~ Argentina uses pulse dialing, except for those lucky persons that have the latest installed switches in their COs. If you don't have DTMF you HAVE TO ask for it, you can do this dialing 112 (Telecom) or visiting the office (Telefonica and/or Telecom). Someone will eventually listen to you and answer: 1) "Uh???? What's DTMF?" - Forget it, ever considered teaching algebra to a chimpanzee? 2) "I'm sorry you can't dial MF with that line" - No luck 3) "Not a problem, we'll set it for MF" - You bastard! Switches are Step by Step or Crossbars but since 1990 the number of electronic, and specially, digital switches has increased constantly. Both, Telecom and Telefonica, use equipment from many different vendors: Siemmens, Ericsson, Hitachi, Fujitsu, Northern Telecom, AT&T, Alcatel, NEC, Spanish companies, Italians, Norwegians, and God only knows what else. Most switches are either European or Japanesse. As for PBXs, Siemmens, Ericsson and Fujitsu are the brands of choice for most companies, with the recent grow of NT's Meridians among large corporations. DNs are 7 digits but still 6 digits in low line density locations, this includes certain areas in Buenos Aires, the capital. Generally, 6 digit DNs can't complete an international call for themselves, they need operator assistance ( DDI is the "feature" that allows a subscriber to make international calls without operator's assistance, geez). Other features offered are 3-way, conference, call forwarding, call waiting (can't be fucking disabled temporarily!) and more. Telecom also offers a service called "Factel" which is a detailed list of all the calls you made in a billing period (2 months), this comes with your bills and they charge you for EACH PAGE. LOCAL CALLS ARE *NOT* FREE. Toll free numbers (800) where introduced two years ago but so far there are few 800s to call, one of the few is the CNT's 800 for reception of complains about the telco's service. Both Telefonica and Telecom use Frecuency Division Multiplexing (FDM) or Time Division Multiplexing (TDM) for grouping channels with a bandwidth of 4KHz into a multiplexed signal, called Base Band, of several channels. Analog and digital multiplexing is used depending on the equipment installed. The hierarchy of groups is as follows: - Primary Group or Basic Group: 12 4KHz channels for a total bandwidth of 48Khz, generally placed in the 60-108 KHz space. There are three ways for forming a Basic Group: Direct Modulation, Pre-group Modulation or Premodulation, I won't discuss 'em in this article. - Secondary Group (aka Super Group): 5 Primary Groups (PG) for a total of 12x5 = 60 channels and a 240KHz bandwidth., placed in 312-552KHz band - Master Group (MG): 5 SGs, 60x5 = 300 channels, 1232 Khz. bandwidth ( 5x240Khz + 32Khz.) in the 812-2044Khz. band - Super Master Group (SMG): 3MGs, 3x300 = 900 channels 3 x 1232Khz + 176 Khz = 3872 KHz bandwidth. (8516-12388 KHz) For digital multiplexing, using TDM, things are like this: Pulse amplitude modulation (PAM) is first used to sample the 4Khz channel, then the PAM signal is quantified in 256 discrete values ( 8 bits) and this is finally multiplexed as follows: - A basic 2048 Mbit/s for 30 channels (8Khz/channel for they're sampled...) - 8 Mbit/s = 4x2Mbit/s ( 120 channels) - 34 Mbit/s = 4x8Mbit/s ( 480 channels) - 52 Mbit/s = 6x8Mbit/s ( 720 channels) <--this is not standard) - 140 Mbit/s = 4x34Mbit/s ( 1920 channels) - 565 Mbit/s = 4x140Mbit/s ( 7680 channels) - 900 Mbit/s = 6x140Mbit/s (11.520 channels) Both DC and AC is used for signalling depending on several characteristics as trunk length, the switch's technology, etc. Reverse polarity and E and M signalling is used with DC, while DP and MF is used with AC. CCITT #3,CCITT #4 or CCITT #5 is used on international circuits, otherwise R2 is used. I won't go into the details of the different in band signalling methods as they are probably well known by you... i'll only point that, as you guessed, things are set for interesting boxing experiences. Argentina is the place for the casual explorer in this topic, even "Joe customer" could choose alternate routes for his local calls, all by himself, some years ago, prefixing the destination DN with a 3 digit number. There are other interesting things to ponder here, like the way calls from one company's zone to the other company's zone are completed, etc. Also, SxS and Xbar switches are fun to mess with, known their "hidden features" like line freezing, forced ANIF and forced linkage of the circuit to a given CO. Payphones, known as TPAs in local telco. jargon, comes in different flavors. First, the one that both companies inherited from their predecessor, Entel, this one sports a rotary dial and needs tokens to operate. Then the obsoleted Telecom's "card puncher", needed a card with a mag strip that the phone would punch each time you used it, these have been replaced by the new Telecom's modular payphone. (Perhaps it was a piece of shit and Telecom replaced them right away??? ). You wont find one of these easily. Telecom's modular payphone works with cards and wont accept tokens or coins, these have a cute LCD and controls for volume, language selection of the messages displayed as well as buttons for redialing and replacing an exhausted card while a call is in progress. It's uses cards with an 8 contacts on-card chip. Telefonica's payphones accept cards AND tokens, they also have a LCD and buttons for volume, redial, etc. They also use cards with 8 contacts on-card chip. They skipped the "brilliant" card punching stage so these are the phones you'll find in Telefonica's area. NO PAYPHONE WILL ACCEPT REGULAR CREDIT CARDS. ONE COMPANY'S PHONE CARD IS INCOMPATIBLE WITH THE OTHER COMPANY'S PHONES. ( this is supposed the change this year? ) Phone cards cant be recharged when they're exhausted. ( eh, this is not quite true ) Telefonica is said to make their payphones accept regular coins any time noooooooowwwwwwww bahahahahahahah . The Networks ~~~~~~~~~~~~ Networks in Argentina are growing, and are growing fast, but they are still poor and slow when compared to other countries nets. LAN are usually based on PCs with Novell's Netware in its different flavors or some lousy Lantastic. As for WANs, the computers you'll ran into are IBM mainframes, DEC VAXes running VMS, and Unixes (generally IBM's RS/6000 w/AIX or lower end PC clones running SCO). Still, open systems are being happily adopted and TCP/IP based LANs are emerging everyday. There aren't many systems online 24hrs/day but mostly online during work hours. You'll find most systems unreliable, bad configured, and worse used. ARPAC, The Jester's Playground ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ARPAC (DNIC==7222) is the most known PSN in Argentina. It has dialup access in more than 30 cities in the country, although the fastest baud rate for them is an infamous 2400bds. Leased lines go up to a maximum of 19.2Kbds. The protocol used is the X.25 suite and ARPAC offers the following optional facilities: - Closed User Group. (CUG) - Fast Select. - Packet size negotiation. - One-way logical channels. (outgoing/incoming). - Non-standard window sizes. - Reverse charge request and acceptance. - Multipoint access - Incoming/outgoing call blocking. - Incoming/outgoing call blocking to and from CUGs. Obviously these features, should you accept them, imply a little extra bucks in your Arpac bill (which will self-destroy your wallet in five secs.). Startel, the company that runs ARPAC, uses a unit called PTD (it stands for Data Transmission Packet in Spanish) for billing purposes. Packets are 128 bytes and conform a PTD, transmission of 64 bytes or less are considered as 1/2 PTD. Startel vacuum cleans it's customers bank accounts this way: 1) A one time payment for the installation of the X.25 equipment. 2) A "basic monthly payment" that does not include data traffic. 3) A "variable monthly payment" that depends on the number of PTDs handled by Arpac. As for December 1993 this was calculated considering a fee of $0.007595/PTD and 1 PTD/min for leased lines + 4 PTD/min for dialup access. Also remember that those dialing from the PSTN are paying the local call too. There are discounts based on the day of week and hour of the connection: - Type "A" fee (normal fee) Mon-Fri 06:00-20:00 - Type "B" fee (40% discount) Mon-Fri 20:00-24:00 - Type "C" fee (60% discount) Mon-Fri 24:00-06:00 Sat. 20:00-06:00 Sun. and Holidays 00:00-24:00 International connections are not considered in this figure and are billed according to Telintar (LD carrier) fees. A 8% or 18% tax is applicable to all payments. Customers can also choose a fixed monthly payment instead of basic+traffic payments. The software used is that of ITAPAC (DNIC 2222) and as far as i know theres no support to mnemonics instead of the plain X.121 addressing. Nuas are DNIC+10 digit composed this way: [07222]XXXX YYYYY PP ^^^^\^^^^^\^^\__ port/subaddress \ \ \ \_ host \ \ __ corresponds to a "nodal area" in Startel's jargon,usually associated with geographic location. Some valid entries here are: 2111,2141,2171,2511,2211,2911,2172,2912... NUIs, IURs in Startel's babbling, are formed like this: 9XXXXXXXX/YYYYYY ^^^^^^^^\^^^^^^\_ this is the password, normally 5/6 alphanumerics, \ all uppercase. \ \__ da nui! X is in the [0-9] range and generally the whole 8 digits correspond to one of the subscriber's DNs. So if you were to use ARPAC you'd make a call by typing .. <enter> upon connection (7E1, <= 2.4kbds) then N9<XXXXXXXX>/<YYYYYY>-<nua> ; when using a NUI. or <nua> ; w/o NUI needs Reverse Charge ; Acceptance of course. You don't wanna call them NUIs when talking to Startel personnel (i.e. social engineering) unless you want to become instantly suspected to be an evil phraudster (aka haq3R). "CIBA", The Infamous, or BT Tymnet's retarded child (DNIC==7220) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ If you cared enough to read the BT Tymnet's worldwide dialups listing you probably noticed a few entries for Argentina. These were regularly used by "net explorers" in the mid 80's and were known as "CIBA" among them. CIBA dialups are 300bds (wow!) and use CCITT v.21 protocol (ATB0 for your modem). At that time the fastest ARPAC dialup was 1200bds. All in all CIBA is nothing more than the door to BT Tymnet in Argentina (node 7407, host 1212). There's no direct access to interesting utilities such as "xray" and the likes. NUIs here were stupidly choosen and easily scanned since they followed two known patterns: naargXXXXna , and enargXXXnet X being in the [0-9] range. Many of these were not passworded. Of course no one would even think to scan NUIs at 300bds nowadays... Internet ~~~~~~~~ The Internet is rarely know and even less used in the student, professor, computer and communications professionals circles. It's a depressive experience to explain the workings of "telnet","rlogin","ftp" and such "eccentricities" to people who were supposed to know about them from their TCP/IP books, courses and lectures. You, reader, could allege that a networked unix system is enough to explain this, but despite the technical explanations, the political, economic and social implications of the Internet will remain unknown until a vast amount of persons actually USE and EXPERIENCE it. And I'm not talking about "Joe citizen" here, I'm talking about people that would actually NEED the net if they were to improve their work. It's like describing the taste of an apple to someone, he'll surely understand what you say but don't expect him to understand what it tastes like until he actually bites it. The Internet top level authority in Argentina is the Foreign Relations Ministry and its link to the rest of the world is sponsored by the 'United Nations Development Programme'. 'whois' output follows: United Nations Development Programme (NET-ARNET) Ministerio de Relaciones Exteriores y Culto Reconquista 1088 ler. Piso - Informatica Buenos Aires ARGENTINA Netname: ARNET-NET Netnumber: 140.191.0.0 Coordinator: Amodio, Jorge Marcelo (JMA49) PETE@ATINA.AR +54 1313 8082 Domain System inverse mapping provided by: ATINA.AR 140.191.2.2 ATHEA.AR 140.191.4.10 Record last updated on 06-May-91. Argentina has only an UUCP link (well, once again this is just the publicly known info...) to the Internet through UUNET, connecting several uucp linked networks to it (RAN,RECYT,etc). Atina.ar is the most important host in this scheme, seconded by the Science and Technology Secretary's host (SECYT) and the University of Buenos Aires (UBA) host located at the Exact and Natural Sciencies Faculty in a dependency known as the "CCC". There's also a company the offers Internet connectivity bypassing atina and uunet. 'whois' output: SatLink Uucp/Internet (SATLINK-DOM) Casilla de Correo 3618 (1000) Correo Central Buenos Aires ARGENTINA Domain Name: SATLINK.NET Administrative Contact, Technical Contact, Zone Contact: Stolovitzky, Horacio (HS3) postmaster@SATLINK.NET +54-1-983-6740 Domain servers in listed order: NKOSI.WELL.SF.CA.US 192.132.30.4 WELL.SF.CA.US 192.132.30.2 Record last updated on 24-Mar-93. There are other links that bypass atina and uunet, all of them part of corporate networks. (i.e. IBM's VNET, etc) Although everyone says theres only a UUCP link to the Internet, word is that there are a few hidden 9600bds leased lines shared among many hosts at some sites, at any rate this is completely insufficient for servicing researchers, students and other interested parties, thus the existence of these links is kept as a sort of secret. 64kbds links are supposed to be installed for interactive sessions this year at certain sites. Other networks ~~~~~~~~~~~~~~ Many companies form their corporate networks as CUGs on Arpac, have their own network, or both. Telcos, consulting firms, banks and insurance companies fall in these categories and are quite interesting research projects for the inquisitive hacker. The "Scene" ~~~~~~~~~~~ There's not much to say about the Argentinian scene. Given the cost and the time you have to wait to get a phone line installed there aren't many BBSes up 24hrs. Most of them are up during nighttime, from 10:00/11:00 pm to 6:00/7:00am, of these, very, very few are dedicated to hack/phreak topics. Also, considering that theres no decent internet access at your local university you would be forced to explore X.25 networks in order to fulfill your natural interest and seek of knowledge. But there aren't many hackers either. Most Argentinians you'll find on the nets are mere abusers with one final goal: to get to QSD or the likes. While this sounds rather amusing (eh) there's an explanation to it. In the mid 80's a few Argentinians used to exploit CIBA's clueless procedures for choosing NUIs. At that time the fastest ARPAC dialup was 1200bds so 300bds was not that bad after all, and not bad at all as you were sure you could find a new NUI in a matter of hours. Yes, many people wasted their diminishing lifes in QSD, but for some this new x.25 thingie was more than a mean for meeting friends over the net and having endless chats with them, some needed to learn and understand the workings of the nets and the many different systems hooked to it. For those the place was Altos, and AMP (although you couldn't connect to PSS directly). And Altos proved to be of great help for Argentinians that got introduced to the hack/phreak world not on a BBS but right on a X.25 network. And so did the sequel of Korn-chat sites (tchh,lutzifer, italian "artemus") or even Pegasus and LINA sometimes. Around '89 or '90 an Efinet (Efinet == Fidonet wannabe) meeting was held, and during it someone gave out a "strange bunch of numbers in the form of some sort of code or something" (this being an ARPAC NUI followed by QSD's NUA) and the attendees ran home and tested it, just to see them connected to the France chat extrordinaire. Meanwhile, things were getting hot elsewhere in the world, and those once famous X.25 hangouts went virtually dead, so these newcomers wouldn't get in touch with Argentinian hackers (as they wouldn't appear in QSD) or other countries' hackers (as they were having a bad time or retiring or simply leaving X.25 alone). So, even if they wanted to learn, these freshmen, for good or for bad, were on their own and still are... The vast majority of the argentine society never heard the words "hacker" or "phreaker" or, if they did, they relate it to things happening in other countries, far, far away. It wasn't until '93, in accordance with the apparently boundless tendency to use the word "cybersomething" when referring to anything remotely related to new technologies, computers, or scifi novels or any other thing that requires publicity, i.e. see cyberIdol's cybershitty cyberCD to understand what I cybermean, uhg excuse me, back to the point... It wasn't until '92 or '93 that the media discovered this brilliant trend for selling more and more, apparently some genius said: "Hey, what if we sell the future? What if we write about how will life be, how will technology be, how will the planet be, how will your dog be? All this with some vague journalistic odor of course. I bet we will sell more!". So they did, and in this frame the hacker/phreak scene is more like the salt to dress the salad, yet things didn't get to the extreme of sensationalism and hacking is portrayed as an activity bound to some new sort of romanticism, still things are very much confused, putting hackers, phreakers, crackers, pirates, virii authors and mere fraudsters all together in the same bag (yes, but what would you expect anyway?). Even some interviews to an ex-hacker (who now runs a data security firm), and a self proclaimed "expert" ( more a virus expert, IF anything) have appeared. On the other side, many "eleet poseurs" have appeared too, but as one could expect, they are nothing more than mere poseurs and certainly not worth more than a phrase here. Final Words! ~~~~~~~~~~~~ This is the 'scene' AS I SEE IT, i don't consider myself an enlightened entity, thus I acknowledge my description might not be objective nor complete (in fact it might be complete bullshit but, do I care? do YOU care?). Argentina is a country where lots of things are still there, waiting to be discovered, virgin beaches for you to explore and enjoy. Security is generally lax, and people is generally not security-aware and even less hacker-aware, trashing and social engineering are simple things that DO give many benefits. As far as I know theres no specific law dealing with computer related crimes (whatever that mean...), and as long as you don't get yourself involved in the traditional crime pictures you are pretty much safe. On the other hand, the bad and expensive phone service, the lack of internet connectivity and the limited number of BBSes dedicated to the so called "underground" (yes, I did it, I used the damned word, argh) make things tougher for newcomers. Perhaps the most interesting thing is that there's not much knowledge of what hacking/phreaking means and this gives us an unique opportunity to avoid misunderstandings and errors that occurred in other countries. Perhaps it is possible to influence people in a positive way, making them think about secrecy, security, privacy and responsibility issues. We are still free of Geraldos, we didn't suffer witch hunts ala Operation Sundevil, the words "hacker" and "phreaker" have not been demonized yet, although the Orwelian-way is common practice among the telcos, but nobody seem to give a fuck about this, or maybe nobody notice?. So, this is it, the file has come to an end and I think it's enough for an introduction, I did not cover cellular telephony nor satellite links and companies providing related services, I did not mention many other things but my intention was to write a description of how things are here, not a fucking encyclopedia. If you think that many topics are deliberately vague and not covered in deep, that some information might be not accurate or if you don't agree with anything I've stated you can contact me at: HBO +541-788-4850 24hrs. Loser's joint +541-658-7983 23:00-6:00 (GMT -3) Here's my PGP key. DO USE IT OR EXPECT NO REPLIES -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAi1EBdUAAAEEAMdEmi+ajN/WIIvN3jjUQk/wb0CLsXe+K49fX8DuUXvUSpdJ UCu8wFH82reJWttj3vaMQ/guKADC/VTIbfsRGWZhbvc+7Mb0W/3LPJSj5zpG9O+M +XF6A7eB6IfncS+p9jU5Tb9lMc/H0BoW4VTpYO/eWK9DJGfAFOA/puxL3X5tAAUR tB1PUGlpIDxvcGlpQGJpYXBiYS51YmEuZWR1LmFyPg== =rKbG -----END PGP PUBLIC KEY BLOCK----- ------------------------------------------------------------------------------ The Australian Underground ( or The lack thereof! ) by Data King ATTITUDE For several years now the Australian underground scene has turned better yet worse at the same time. The amount of companies and colleges using datacomm has dramatically increased. In my opinion it is still not yet to the stage of America in this respect though. The number of 'hackers' has increased, but I use the term loosely as I do not consider many of these so called 'hackers' to be hackers. Why do I say this? I say this because most people who hang out in the underground scene in Australia consider hacking to be getting an account at a university off of a friend and then snarfing the password file and running crack over it. They are only interested in things that will give them access to IRC, FTP & Newsgroups. ( No flames please I am talking in general here! ) Many of them have never heard of services like MIDAS, Minerva & AUSTPAC and even if they were given a dialup to one of these services I doubt they would have a clue about how to use it. We have a wealth of services out there just waiting to be tried, but there is almost no one who is interested in doing so, to give you an example. One night I was working away on my box at about 3am and a 'hacker' mate had crashed on the couch. I went to dial into one of the local universities and I misdialed the number. At first I didn't realize that I had dialed the wrong number since I got a carrier. My modem connected and then just sat there instead of the usual annex prompt. I bashed the old enter key a few times and suddenly I was presented with a menu to an accounting system. 'Sheet,' I thought, and screaming to wake my mate up ( at this stage I thought I had connected to the university and it hadn't reset the line after the last user hung up ) I started to explore the system, it soon became evident that it wasn't the university but something entirely different, by this time my 'hacker' mate had woken up. 'Whaaaaaaaaat?' comes the response from the couch, I briefly explained what had transpired and his only response was 'Ughhhhh' as he went back to sleep. Needless to say I spent the next 3 hours playing with the system, and by the time I had finished I could crash the accounting menu and exit to the operating system. The system turned out to be fairly boring and proved to be of no use to me, BUT I had to assume that before I knew, it could have been something really interesting and to spend time fully exploring it, where as my 'hacker' mate couldn't give a stuff, 'coz it wasn't on internet'. TECHNIQUES Australian Hackers no longer seem to be using advanced techniques to penetrate a system, very few would have any idea how to use TCP/IP to gain access to a system. Most satisfy themselves with obtaining an id elsewhere and then snarfing the password file and running crack over it. When it comes to things such as VMS the attitude I usually encounter is "VMS urgh, what bloody good is it!". There are some very good Hackers in Australia but most of them do not hang around in the underground scene, rather they are usually university students who learn how to make the best use of the system. Writing things like ICMP bombs, and Sniffers is usually left to these people, in fact I can not think of any active non university student hacker who lives in Australia and uses these sort of techniques. CONS To the best of my knowledge there has only ever been one underground conference in Australia, and that was from memory in 1984, it was called Hackfest and it was nothing compared to HOHOCON or Hacking at the End of the Universe. At the time we all thought it was great, and I must admit it did boost the sharing and finding of new info for a while. I, in association with one or two others, have been thinking of arranging another Hackfest to be held in 1994, it will probably be held in Melbourne, Australia. If you live in Australia and would like to attend then mail me and I will keep you informed. ( Det. Sgt. Ken Day: Don't bother trying to spy on Hackfest if it goes ahead, you're more than welcome to attend! ) NETWORKS In Australia we have several national and international networks, here is a list of some of them: MIDAS International Packet switching network DNIC = 5053 Minerva Automated Office Network w/ International PSS AUSTPAC Australian Packet Switching Network DNIC = 5052 SprintNET Need I explain this??? AARNET The Australian Network that covers Internet in Australia TRAN$END Subset of Austpac ( used by Banks for ATM/EFTPOS transmissions ) Compuserve Need I explain this??? Discovery Australian Videotext system ( Not sure if still in Service ) ????? The Australian Military Network ( Don't know its name ) TAXLAN The Australian Tax Office ( IRS ) Network PHREAKING For years people in Australia believed that phreaking was only really possible by pitting, this included Telecom Investigations Department, but we know that this is not true. Methods that have been used in Australia include: Blue Boxing off of an American Operator Line Pitting ( ie: Linemans handset connected to a telecom junction box ) Clicking ( Electric shock to a public phone ) Boxing off of a disconnected number ( almost impossible now ) Calling Cards ( both American and now Australian Calling Cards ) PBX's ( 0014-800's and local PBX's ) Mobile Telephones ( ie Cellular Phones and b4 that the old Radio mobiles ) There are probably other methods as well but I am not a phreaker so I am not the best person to comment on this. Boxing in Australia is getting dangerous now as we are getting more and more of the new digital exchanges which make it a lot easier to trace, or at least so I am told. There were some people in South Australia making/recharging Telephone cards, ( Like a disposable calling card, but you buy them in news agents and they have a dollar value, once used up you throw them away ) but these people were apparently caught and telecom have taken measures to ensure that this is no longer possible. VMB'S We have a large range of VMBs in Australia, and with the proliferation of VMBs has come the art of Hacking VMBs, we even have people here in Australia that do virtually nothing else other than play with VMBs. These people tend to go a lot further than just cracking the pin numbers, some of them have learned enough about the signalling systems used by these systems to virtually take control of the system and make it do what they want. Once again this is an area that I do not know a lot about. We also have a couple of individuals that run something called the Scene Inpho line, Which essentially is a VMB with a long recorded message giving out tips, rumors, and general rubbish. The number to the Scene Inpho Line unfortunately constantly changes as the owners of the VMB notice what's going on and shut that particular box down. BULLETIN BOARDS There are not a lot of good underground BBS's in Australia, a couple that I know of that come to mind are Destiny Stone II, Empire of Darkness, & Watchtower. I can not comment on Destiny Stone II as I have never called it. However, when I used to called Empire of Darkness it was so lame it wasn't funny and now he has gone 96+ only I can't call it ( I'm poor and can't afford a new modem ;) ). Watchtower showed potential but unfortunately the sysop of it is very slack and needs to get off of his butt and do some work on it! The underground boards in Australia tend to reflect the general state of the scene, ie: complete and total apathy! Most H/P boards in Australia are also warez sites and tend to be pretty lame and insecure because of all the warez puppies on them, I can not think of a really good board in Australia that is still operating. BUSTS In the last year the Australian Federal Police, Computer Crimes Unit has been quite busy raiding people. As a result there have been 4 convictions that I know of, and another 2 people waiting for charges to be laid. The people convicted and there sentences are as follows: Data King (me) Guilty but no record ( escaped conviction under section 19b of the act ) $300.00 fine and $500 2 year Good Behavior bond. ( Pleaded Guilty to 2 Charges ) Electron 6 Months Jail ( suspended sentence ), $500 6 Month Good Behavior bond, & 300 hours Community Service Work. ( Pleaded Guilty to 14 Charges ) Nom 6 Months Jail ( suspended sentence ), $500 6 Month Good Behavior bond, & 200 hours Community Service Work. ( Pleaded Guilty to 2 Charges ) Phoenix 12 Months Jail ( suspended sentence ), $1000 12 Month Good Behavior bond, & 500 hours Community Service Work. ( Pleaded guilty to 15 Charges ) In the most part people get busted in Australia due to either their stupidity ( Hi Phoenix! ), being lagged in by some low life, or by trusting someone they should not of ( Hi Phoenix! ). LEGALITIES Both Hacking and Phreaking have been illegal in Australia for quite a few years I will not go into details here as hopefully there will be an article in this issue of Phrack covering the laws and possible penalties. Computer Crime in Australia is the responsibility of the Australian Federal Police Computer Crimes Unit. The people known to us in this unit are: Det. Sgt. Ken Day Det. Neil Campbell Det. Steve Visic ( Sorry guys if I spelled your names wrong - NOT! ;) ) If you are able to add any names to the list, please mail them to me and any other info you have on them. That way we can begin to build up a dossier on our enemies! PUBLIC There seems to be a growing awareness in the general populace of Australia. There has been quite a bit of media hype on hacking over the last year, and slowly the public seems to be getting a great fear of hackers. To me it seems ridiculous, as the only real hackers that the public should have feared lived in the early 80's. Today's generation of Australian hackers are pretty HOPELESS in my humble opinion. To give an example, when Electron, Nom, & Phoenix's court cases were getting media attention I was sitting in my parent's lounge room one night when the news was covering their sentencing. My father thought that these people were very dangerous and should have gotten a bigger sentence than they did. At this time he did not know about my bust. I have explained it to him now but he still doesn't seem to understand...oh well that life I guess. CONCLUSION This is how I see the Australian scene, If you disagree, want to comment, send me info for future articles, get on the hackfest mailing list, or just want to have a chat you can mail me at: dking@suburbia.apana.org.au If you require privacy you can send me stuff that is encoded via pgp, my pgp public key is as follows: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.0 mQCNAi0t3M4AAAEEAMPZMexyZ+Nxz8Ry1w9R7pTLFGM7xk0MwJ/izS687UIJLzc5 l38jFM0bEcuSukRrLkBYIDdiAgOdn50cJmKOPyvE4FvR2eh2dbdHyFKzaVWVe5zE HZhNx2o0kb6SRIQHu8Vh/pkl+S29RKzDbIgMLLjOCwN0V1/RUal4ROOqDaCbAAUT tCdEYXRhIEtpbmcgPGRraW5nQHN1YnVyYmlhLmFwYW5hLm9yZy5hdT4= =ttmq -----END PGP PUBLIC KEY BLOCK----- I can also usually be found on IRC a couple of hours a night in these channels under the nick of dking: #apana #hack #phreak #linux Thanks for assistance with this file go to: SPiN-DoC Olorin & Connie Lingus ( Motivational Support - <SMILE> ) Have phun, and remember: BE CAREFUL OUT THERE! ============================================================================== ()()()()()()()()()()()()()()()()()()()()()()()()() () () () "Australian Hacking Laws" () () () () 21/01/93 () () () () (c) Data King () () () ()()()()()()()()()()()()()()()()()()()()()()()()() Crimes Act 1914 (Commonwealth) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Part VIA - Offences Relating to Computers Section 19B (1) Order & Recognizance The Court can discharge you under this section, with a surety and/or recognizance given by you. If discharged under this section you may be put on a good behavior bond of up to but not exceeding 2 years. Other conditions may be placed on you by the court also, this conditions can be anything that the court considers appropriate. To have this section come into effect the following must apply: The Court is satisfied that the charge(s) are proved, but is of the opinion, having regard to: The Character, Antecedents, Age, Health, & Mental Condition that it is unexpedient to inflict any punishment or any punishment other than a nominal one on you. Basically what this means is that you can be found guilty and not have a conviction recorded against your name, but you must realign that the department of public prosecutions may object to this and then you will have to try and convince the Judge to ignore what the DPP says, (not easy). Also please realign that if you were to receive a section 19B and then were caught doing naughty things again and you are still under your good behavior bond, you will forfeit your bond and have to stand trial again for the original offence(s). Section 74A - Interpretation (1) In this part, unless the contrary intention appears: "carrier" means: (a) a general carrier within the meaning of the Telecommunications Act 1991; or (b) a mobile carrier within the meaning of that Act; or (c) a person who supplies eligible services within the meaning of that Act under a class licence issued under section 209 of that Act; "Commonwealth" includes a public authority under the Commonwealth; "Commonwealth computer" means a computer, a computer system or a part of a computer system owned, leased or operated by the Commonwealth; "Data" includes information, a computer program or part of a computer program. (2) In this Part; (a) a reference to data stored in a computer includes a reference to data entered or copied into the computer; and (b) a reference to data stored on behalf of the Commonwealth in a computer includes a reference to: (i) data stored in the computer at the direction or request of the Commonwealth; and (ii) data supplied by the Commonwealth that is stored in the computer under, or in the course of performing, a contract with the Commonwealth. Section 76B - Unlawful access to data in Commonwealth or other computers (1) A person who intentionally and without authority obtains access to: (a) data stored in a Commonwealth computer; or (b) data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 6 months (2) A person who (a) with intent to defraud any person and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or (b) intentionally and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer, being data that the person knows or ought reasonably to know relates to: (i) the security, defense or international relations of Australia; (ii) the existence or identity of a confidential source of information relating to the enforcement of a criminal law of the Commonwealth or of a State or Territory; (iii) the enforcement of a law of the Commonwealth or of a State or Territory; (iv) the protection of public safety; (v) the personal affairs of any person; (vi) trade secrets; (vii) records of a financial institution; or (viii) commercial information the disclosure of which could cause advantage or disadvantage to any person; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 2 Years (3) A person who: (a) has intentionally and without authority obtained access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; (b) after examining part of that data, knows or ought reasonably to know that the part of the data which the person examined relates wholly or partly to any of the matters referred to in paragraph (2)(b); and (c) continues to examine that data; IS GUILTY OF AN OFFENCE - PENALTY: for contravention of this subsection: Imprisonment for 2 years Section 76C - Damaging data in Commonwealth and other computers A person who intentionally and without authority or lawful excuse: (a) destroys, erases or alters data stored in, or inserts data into a Commonwealth computer; (b) interferes with, or interrupts or obstructs the lawful use of a Commonwealth computer; (c) destroys, erases, alters or adds to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or (d) impedes or prevents access to, or impairs the usefulness or effectiveness of, data stored in a Commonwealth computer or data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 10 years Section 76D - Unlawful access to data in Commonwealth and other computers by means of certain facilities. (1) A person who, by means of a facility operated or provided by the Commonwealth or by a carrier, intentionally and without authority obtains access to data stored in a computer. IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 6 months (2) A person who: (a) by means of a facility operated or provided by the Commonwealth or by a carrier, with intent to defraud any person and without authority obtains access to data stored in a computer; or (b) by means of such a facility, intentionally and without authority obtains access to data stored in a computer, being data that the person knows or ought reasonably to know relates to: (i) the security, defense, or international relations of Australia (ii) the existence or identity of a confidential source of information relating to the enforcement of a criminal law of the Commonwealth or of a State or Territory; (iii) the enforcement of a law of the Commonwealth or of a State or Territory; (iv) the protection of public safety; (v) the personal affairs of any person; (vi) trade secrets; (vii) records of a financial institution; or (viii) commercial information the disclosure of which could cause advantage or disadvantage to any person; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 2 Years (3) A person who: (a) by means of a facility operated or provided by the Commonwealth or by a carrier, has intentionally and without authority obtained access to data stored in a computer; (b) after examining part of that data, knows or ought reasonably to know that the part of the data which the person examined relates wholly or partly to any of the matters referred to in paragraph (2)(b); and (c) continues to examine that data; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 2 Years. Section 76E - Damaging data in Commonwealth and other computers by means of certain facilities A person who, by means of a facility operated or provided by the Commonwealth, intentionally and without authority or lawful excuse: (a) destroys, erases or alters data stored in, or inserts data into a computer; (b) interferes with, or interrupts or obstructs the lawful use of, a computer; or (c) impedes or prevents access to, or impairs the usefulness or effectiveness of, data stored in a computer; IS GUILTY OF AN OFFENCE - PENALTY: Imprisonment for 10 Years. Section 76F - Saving of State and Territory Laws Sections 76D and 76E are not intended to exclude or limit the concurrent operation of any law of a State or Territory. Conclusion: ~~~~~~~~~~~ You may have noticed that any hack of a Computer in Australia could result in you staying in a prison for quite a long time, as almost any hack would be and offence under just about all of the subsections listed above, combine this with a consecutive sentence and you *COULD* be in jail for over 25 years. "Be Careful Out There!!" ------------------------------------------------------------------------------ -- The HELLenic Digital Subculture Scene -- by Opticon the Disassembled - "EL33t3 Hackers": "TH3rE R N0 UNKraKKable ZyZTEMZ.EV3ry1 HAS[S] It's H0L3z." - I'm sure every "EL33t3#@$$^!!! HaKKER" has at least one hole by nature. "The Gods could have chosen any place but they chose Greece"...Yes, they did. By mistake probably. Agricultural country, light industry, member of the European Community, ten million residents, surrounded by sea (polluted in some areas) and forests (burned in some areas). Four thousand years old culture, beautiful language (due to it's ancientness) [...] Digital subculture scene? Quite a few articles appear on newspapers and magazines about CyberPunk. Quite a few people claim to be hackers (elite ones), crackers (elite ones), phreakers (elite ones) and coders (elite ones). University students get insane pleasure when talking about their last achievements, how they cracked all the accounts of a shadowed password file, and how they transferred 2000 true color, porno JPEG and phracking files. Public bulletin board systems distribute blue boxing related articles (Hail Mark Tabas!) and pirate boards distribute "oNE DaY WAREZ!@!#". "Phone freaks, crackers, hackers, virus makers." At the end, an interview with a young software cracker. He listens to TECHNO ("the only real music"), he would like to buy an Apple Powerbook and he needs only five minutes to "crack a disk". No busts have taken place AS FAR AS I KNOW. Only innocent pirates and couriers were prosecuted years ago, due to distribution of cracked programs for ZX Spectrum, Commodore and Amstrad ("peeks, pokes, hints & tips"). An article about "Legion Of Doom! - ComSec" appeared on November 1991: "X-Hackers offer their services to companies". Glamorous picture of the group, opinions, history, comments from a phracking illiterate journalist. An-archic 'zines (printed format) were publishing digital underground related news, since mid '80s. A family man in my city has been using a black box for 10 years. He accepts calls from relatives living in Italy. At the age of seventeen Nikos Nasoyfis wrote a book about 8088/8086 assembly programming and cracking of protection methods. He is considered to be a genius in those areas. Upon the request of a magazine he created "the first Hellenic virus". No Digital Underground / An-archy related systems exist, except DiES IRAE. But of course " If [When] you are good, nobody knows that you are there ". * Packet Switching Data Networks SERVICE: HELLASPAC DNIC: 2023 LOG-IN PROCEDURES 1. Dial access number: 1161 for both 300 and 1200 bps. Additionally, the following access numbers are available within Athens: 8848481, 8849021, and 3477699. 2. Upon connection, the user types three dots and Enter or Return: ... (CR) 3. The network will respond : HELLASPAC If no response, repeat step 2. 4. Upon receipt of the network prompt, the user types (in capital letters): NXXXX - 0 WWWW (CR) where XXXX is the user's NUI and WWWW is the NUA. 5. HELLASPAC will answer : COM 6. To log off, type (CTRL)PCLR(CR) The network will respond CLR CONF Until the end of the year a free experimental 2400bps ( 1200 baud + MNP 5 ) dial up public service will be operating at 0961-11111 (if you call this a 2400 baud NUI, shame on you! You know who you are :-) ). 0961-22222 will lead to HellasTel ( Video Text ). Can't tell if foreigners can call these numbers. SERVICE: ARIADNET Ariadnet is a Hellenic research/academic network sponsored by the European Community. There are two main hosts: LEON and ISOSUN. The first one serves the public; dial-ups, low cost (10.000 drg for three months), yet low disk quota (starts from 1 MB) due to "the workstation's incapability to carry a lot of hard disks". The second one serves users who call from other sources (i.e. PSDNs). Thanks to Ariadnet most universities provide free internet access (usually they reach 1 KiloByte per second) in conjunction to restricted HellasPac access (a.k.a. high expenses). The following captures will talk by themselves. ** ISOSUN @ ARIADNE hellenic research/academic network login: help Last login: Wed Mar 18 19:37:13 from 38212026 SunOS Release 4.0.3_EXPORT (ARIADNE.FEB2) #1: Thu Feb 13 13:04:45 EET 1992 Please, do not leave your mail in mailing queue for a long time. Clean them up often. Otherwise your mail may be lost.... thanks postmaster A R I A D N E T - X.121 server Demokritos isosun SUN:INTERNET,X400-R&D-MHS 10100101, leon 10100102 PRIME 9950 primos: EARN-BITNET 10100100, gatos 10100104 mVAX DECNET-CERN (cluster) 10100103, KE-lab 10100108 EIE mVAx 101002005 EKT Data Bases PERKIN-ELMER 10100200 Kapodistriako Pan.CYBER-NOS 10100401, mVAX 10100402 Aristotelion Pan. mVAX 13100104, unix 386 13100108, Metsovion Polytechnion vms-mvax 1010030107, sun 1010030106 High Energy Lab 10100351 Gen.Secr. Research UNIX V 1010050008, sequent 1010050007 ITY Pan. Patra, CTI unix server 16100101 ATE Pan. Crete , FORTH 18100100 ASSOE(Athens U. of Economics) VAX/VMS 10100600 NATIONAL OBSERVATORY VAX/VMS 10100700 Rethimno Pan Kritis/Economics-Philosophy 38312025 Chania Poly. Kritis 38212026 ZENON,INTRAKOM,ATKO, HITEC, PLANET via X25 and TCPIP/X25 ATDP6519905 ATDP6533172 V21/V22 MODEM hayes, no parity, 1 stop bit, 8 data connect to ARIADNET pad service @ Demokritos HELLASPAC Gateway, IXI Gateway, X400 Gateway, Internet Gateway INFORMATION: +301 6513392 FAX: 6532175 TEAM: Y.Corovesis,A.Drigas,T.Telonis (+4 students) ADMINISTRATION: A.Arvilias tel:+301 6515224 NEXT: TEI-Pirea, EMY, NTUA-physicslab, Thessaloniki VAX9000 ** * Phone Network The last four years or so, the old analog switching centers (HDW, Rotary, Crossbar) are being replaced with digital ones (Ericsson-Intracom AXE-10 and Siemens EWSD). Theoretically that should be completed by the end of 1994 (according to the Christian way of chronometry). These provide the following for the masses: PAGING (was operating anyway) HOT LINE "WAKE-UP" SERVICE ABBREVIATED DIALLING THREE PARTY SERVICE CALL WAITING "DOT NOT DISTURB" SERVICE OUTGOING CALL BARRING MALICIOUS CALL IDENTIFICATION ABSENT SUBSCRIBER SERVICE LINE HUNTING TOLL TICKETING (sure they do!) ...and of course better control OF the masses FOR the state. I got very interesting results exploring those new centers. If I ever finish the project it will appear in Phrack or UPi (hopefully). Damn...Better to think over that twice. Abusing raises eyebrows. The country direct numbers use the 00-800-country code-11 format. Believe it or not; I had to social engineer the directory assistance operator to start moving. Not to mention the time and examples he needed to understand what I was talking about. Bad luck? FINLAND 00-800-358-11 CYPRUS 00-800-357-11 ICELAND 00-800-353-11 BRITAIN/NORTH IRELAND 00-800-44-11 SWEDEN 00-800-46-11 HOLLAND 00-800-31-11 NORWAY 00-800-47-11 DENMARK 00-800-45-11 FRANCE 00-800-33-11 GERMANY 00-800-49-11 M.C.I. 00-800-122155 00-800-1211 SPRINT 00-800-1411 AT&T 00-800-1311 As of now only U.S.A. direct numbers can be used for blue boxing. It was possible to do so and it should be possible nowadays, although I cannot confirm that. The last months I have spent A LOT of time scanning numbers and frequencies but I didn't come to an end. To be continued... * Cellular Phone Networks The pen-European digital (shit!) mobile telephony system G.S.M. is being implemented. Nothing is solid yet and of course no one claims (trumpet fanfare added here) that phreaks out through that. In the first state PANAFON will cover Athens and Argosaronic and afterwards all the big cities: Thessaloniki (it should be functioning by now), Patra, Heraklio et cetera. They are planning to cover more than 90% of the country's residents and 75% of the geographical region. Problems appear thanks to the strange terrain. I don't know what is going on with TELESTET. The total registered subscribers are considered to be about ten thousand. * Miscellaneous An Integrated Service Digital Network is being established and local universities are installing [optical] Fiber Distributed Data Interfaces. PBXs are now becoming popular. Most operators know little or nothing on computer security or managing in general. That's why some of them accept offered help and provide afterwards (non-privileged) accounts and old, yet valuable, duplicate manuals. If some anti-hacking measurements are taken, that is thanks to the company employers who maintain and prepare the systems. Do not hang on this, but I think that there are no laws concerning H/P in particular. Needless to say that no conferences take place. Of course QSD & IRC...ohhh fuck it.