The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / phrack2 / phrack46.020 < prev next >

Wrap

Text File | 2003-06-11 | 41.0 KB | 913 lines

==Phrack Magazine== Volume Five, Issue Forty-Six, File 20 of 28 **************************************************************************** (Cyber Christ Meets Lady Luck Continued) I don't agree with everything that Gail says, but she is a com pelling speaker; she believes in what she says. But I do agree with her on the difficulty of forensic evidence in computer cases. "I got really mad," she said. "I was reading a magazine and there was an ad for United, you know, the employee owned airline. And it was a beautiful ad, hundred of employees standing in front of a brand new great big jet. All smiling and happy." Gail then frowned deeply. "Some stockholder ought to sue them for mislead ing advertising." This was more like it! Go, Gail! "I started to look at the picture carefully and I noticed this unmistakably fat lady in a pink dress. And then over a few persons. . .guess what? The same fat lady in pink." Roars of laughter and ap plause. Her point? What seems real may not be real at all, and with a few hundred dollars in software and a little practice, most anyone can build a false reality digitally. Her time was up but the audience wanted more. She was mobbed for eternity by hackers who fight her tooth and nail but respect her comportment enough to make the disagreements lively, partisan, entertaining, but with respect. Respectful hackers. No HoHoCon orgies; merely verbal barbs with no solution. Everyone knew that, but it's the battle that counts. More security conference should be this open, this honest and informative, with all kinds of people with all kinds of opinions. That is how we, and I, learn. Listen and learn. And all for $5000 no less, plus a paltry $15 entrance fee. * * * * * The afternoon sessions were filled with a mixture of anti-govern ment, pro-privacy advocacy, virus workshops and such by both under and above ground folks. Padgett Peterson's knowledge of viruses is deep and he spread the same wisdom as his does in so called legitimate circles. Knowledge is knowledge, and better accurate than wrong. It's often surprising to see how people will voice the same opinion in varying degree of intensity depending upon their audience. Mark Aldrich of General Research Corp. in the Washing ton area made a statement that I doubt I would hear at a ConCon. "Fear your government that fears your crypto. Use crypto as a weapon." Sara Gordon's panel discussion on crypto and privacy and related topics fueled the audience's general anti-fed atti tude. "I was bugged by the Feds." "So was I?" "What can we do about it." "Yeah, they listen in on my phones, too. I can hear the clicks." Right. As Mark so succinctly put it, "if the government wants to bug you, you'll never know. They're that good.". That kind of shut up the dilettante paranoids in the group, albeit mumbling that they just knew that they were the victim of one of the 900 or so court approved wire taps last year. Right. I think Gail was right: some of you guys are too boring to be believed. The afternoon edition of the Spot A Fed contest took us on the run. I actually succombed to their enthusiasm and a general lack of better judgement and followed a group of 8 or 10 to unmask an unmarked white van in the parking lot. "It's the Feds." "How do you know?" "Oh, it's the Feds alright." "How do you know." "It's a white van and the intelligence serv ices use white vans." "What are you going to do?" "Bust 'em." "Bust 'em for what?" "For being Feds." This motley crew traipsed through the mile long casino, trodding upon the ugly tartan/paisley carpets so obnoxiously loud a blind man could cry "Uncle!", into the Hall of Overpriced Shoppes through the lobby and over to the parking garage. We had to have $100,000 of surveillance gear in tow:(enough to detect the planet Pluto fart in b-flat). Radio receivers and eavesdropping equip ment were courtesy of my pal Mike Peros. The goal was, if this was a Fed van, we could hear it. I don't think so, but I go for the ride and a few minutes of reprieve away from the conference hall. As we near, the excitement grows among the more paranoid who are trying to instill their own mental foibles into their companions and sheer terror in normal old Vegas visitors who have no idea what they've walked into. Feds? Not. Surrepticious radio transmissions? Just hotel securi ty tracking the movements of 8 or 10 paranoids (and one writer with nothing else to do for a half hour) into a parking garage which has more cameras than NBC. Feds? Of course not. Don't be ridiculous. * * * * * To say nothing worthwhile occurred until 11PM that evening would be lying, but this thing, this DefCon II thing, was turning into what I would have called 25 years ago, a Love-In. The partici pants were giddy from the event, the camaraderie, the $1 Heinek ens and the hacking. The Sahara was actually pretty good about it. Jeff got the conference space for free because he guaranteed that at least 100 hotel rooms would be booked by "computer en thusiasts coming to a small computer conference." Little did the hotel know that half the crowd was too young to drink, too broke to gamble, and conspicuous enough to ward off legitimate clients. But a deal's a deal. The hotel operators went out of their way and allegedly gave the hackers permission to hack through the PBX in order to provide a SLPP connection. "Just put it back the way you found it when you're done," was the hotel's only and quite reasonable request. In my day an equivalent event producing an equivalent social non- drug induced high would have been achieved by tossing a Frisbee to Grace Slick (Lead singer Jefferson Airplane) and have her throw it back. We didn't have the kind of technology that today's rebellious age has. We had the Beatles and Jimi Hendrix, safe sex (kinda), safe drugs (well, maybe a little safer) and a cause. But no technology to speak of. When I was on the publishing staff of the New York City Free Press in 1968/9 we wrote our anti-establishment diatribes by hand. By hand! And then we went down to a dark office late at night to use their typesetting gear when it was idle. It took no more than a blushing glance around the room to realize that we impressionable teens were publishing our political extremisms on equipment courtesy of Al Goldstein and Screw magazine. Now that was an education. DefCon II was a Love-In, technology and all. Come 11PM yet another speaker canceled so I offered to chat to the crowd for a half hour or so on Van Eck radiation; the emis sions from CRT's that make video screens readable from a dis tance. Now this wasn't a fill in at 2PM or anything. Sessions reconvened at 11PM and I spoke to a full audience who were there to get a midnight lesson in cellular hacking. Most above ground types still believe that hacking is an acne- faced teenager, chigging Jolt Cola, wolfing down pepperoni pizza and causing Corporate America no end of grief. To a cer tain extent some of this is true. But hacking is so much more. As Rop Gongrijjp, editor of Hacktic once told me, "hacking is disrespect of technology." It's going the extra mile to find out how things work. Many of the older hackers, those in their early 20's and older, are migrating from the conventional dial-em-up and break-in hacking image to the fine art of cellular hacking. How do these things work? What are the frequencies? How can I customize my phone? How many channels can I scan? The possibil ities are endless as I soon learned. Jim and Bill (fake names) asked if I wanted to see a great demo. Sure! No names, they said. OK. No problem. In one of the several thousand hotel rooms at the Sahara was a pile of equip ment to make an under budgeted FBI surveillance team insanely jealous. There in the middle of the ridiculously filthy room that no doubt caused the maid to shudder, sat a log periodic antenna poised atop a strong and highly adjustable photographic-style tripod. Feeding the antenna was a hunk of coax attached to a cell phone's antenna jack. OK, so what's that? Free cell calls? No, much more. A second cell phone/scanner, an Oki 900 was modified and connect ed to a laptop computer. (This was the exact modification being discussed downstairs) Custom software that was freely distrib uted around DefCon scanned the data from the Oki and displayed the scanning activity. A pair of speakers then audibly broadcast the specific conversation. And in Vegas, you can imagine what was going over the open airwaves! A half dozen 'kids' sat around enthralled, each begging for his turn to, as Jim put it, "harass cellular users. Pure and simple. Harassment. Stomp on the son of a bitch," he laughed, joined in by the others. When a 'good' conversation was detected, they entered the channel into the broadcasting cell phone and spoke. And talk they did. Essentially they turned 'private' conversations into wide-band free-for-alls. If they spoke for only a few seconds one or both of the parties could hear what was being said. If they talked for too long, the overpowering signal from the antenna would literally wipe out the chat: the cell switch reacted with an internal belch and shut down. Stomping, they called it. For those on the receiving end of the harassment, it must have sounded like the overbearing voice of God telling Noah how to build the Ark. "Noah?" "Who dat? "Noah?" "Who is that?" What terror lurks in the minds of boys . . . For those old enough to remember, stomping is no more a stunt than putting a 500 watt linear power amplifier on a CB radio and blasting nearby CB's to kingdom come. The truckers used to do it to 4-wheelers. When the police began monitoring CB channels "to protect and serve" they became the target of CB stomping. So what else is new? I gotta give it to them: these characters designed and built the software, modified the phones and put it all together and it works! Not bad on a $3 allowance and a 10th grade education. Now, I guess what they did may have been sort of illegal, or at least highly unethical and definitely not nice. But I have to admit, some of what I witnessed was very, very, funny. I'm not advocating this kind of activity, but much like Candid Camera broke into people's lives to capture their reactions, cellular hacking is similarly amusing. The hacker/phreaks particularly enjoyed breaking in on fighting couples. (I counted six impend ing divorces.) Almost without exception the man was in a car and the lady was at a fixed location; presumably, home. Him: "Where the hell have you been." Her: "Nowhere." Him: "Bullshit. Her: "Really honey . . ." Defensively. Him: "Who's with you?" Intense anger. Hacker: "Don't believe her. She's a whore." Him: "What was that?" Her: "What?" "That voice." "What voice?" Hacker: "Me you asshole. Can't you see she's playing you for a fool." "I know she is." He agrees. "What's that honey?" "I know he's there with you." "Who?" Incredulous. "Him . . . whoever you're fucking when I'm at work." Hacker: "Yeah, it's me." "Shit! Who the fuck is there?" "No one!" "I can hear him, he's there. You're both making fun of me . . ." Hacker: "She's laughing at you, man." "No shit. Who the fuck are you?" Hacker: "The guy who takes care of her when you can't, asshole." "That's it." Click. Drug dealers aren't immune to these antics. "Where's the meet?" "By the 7/11 on Tropicana." "You got it?" "You got the cash?" "Yeah, dude." "Be sure you do." Hacker: "He doesn't have the cash my man. He's gonna rip you off." "What?" "What?" Both sides heard the intruder's voice. "Who is that?" "What's that about a rip-off?" "This ain't no rip-off man." Hacker: "Yes it is. Tell 'em the truth. You gonna take his drugs and shoot his ass. Right? Tell 'em." "You gonna rip me off?" "No, man!" "Your homeboy says you gonna try and rip me off?" "What home boy?" Hacker: "Me, you bozo drug freak. Don't you know that shit can kill you?" Click. Good samaritanism pays off upon occasion. "Honey, hurry up." "I'm on the freeway. I'm coming." Hacker: "He's late. Let's save her ass." "What was that?" "What did you say honey?" "He said he was going to save your ass." "Who did?" "The guy on the radio." (Technical ignorance abounds.) Hacker: "Me. You're late and she's scared so we're gonna beat you there and make her safe." "Who the hell is that?" "Who?" "The guy with you?" "There's no one here." "He says he's gonna beat me there and pick you up." Hacker: "Damn right we are." "Hey, this is cool. Who's there?" Hacker: "Cyber Christ talking to you from Silicon Heaven." "No shit. Really?" Hacker: "Yeah, (choke, choke,) really." "What's happening, honey." "I don't know, for sure. He says it's God." "God!?!?" Hacker: "Close enough. Listen, you sound alright. Go get your woman, man Keep her safe." "No problem. Uh, thanks." Click. Around 4AM, I guess it was, the hacker/phreaks definitely helped out law enforcement. One end of the conversation was coming from inside a hotel, maybe even the Sahara. The other from another cell phone, most likely in the lobby. "What do you look like?" "I'm five foot nine, thinning brown hair and 180 pounds I wear round glasses and . ." "I get the idea. Where are you now?" "I'm coming down the elevator now. What do you look like?" "I'm six foot one in my heels, have long blond spiked hair and black fishnet stockings." Hacker: "Don't go man. It's a bust." "What?" he said. Hacker: "Don't go, it's a bust. You don't want your name in the papers, do ya?" "What the fuck?" she yelled. "There's a guy who says this is a bust?" "Bust? What bust?" Hacker: "That's the clue, man. She's denying it. Of course it's a bust. Is it worth a night in jail to not get laid?" "Shit." He whispers not too quietly to another male companion. "There's some guy on the phone who says it's bust. What should we do." Hacker: "I'm telling you man, don't go," "This ain't worth it. I'm going back upstairs." Click. A couple of hours later the same hooker was overheard talking to one of her work mates. "Then this asshole says it's a bust. Cost me $300 in lost busi ness, shit." "You, too? Same shit been going on all night long. What the fuck?" Wow. And it seems like only this morning that my toilet explod ed. * * * * * So what's a perfectly groomed and slightly rotund 50-something convicted methamphetamine dealer doing at DefCon II with hundreds of impressionable teenagers? You might well ask. So I'll tell you. Sitting in yet another Saharan hell-hole of a room they unabash edly market for $55 per night I encountered hackers #1 through #4 and this . . . I immediately thought, elderly gent. He said nothing and neither did I, thinking that he might have been an over aged chaperone for delinquent teens or perhaps even an understanding Fed. But the gallon jugs of whiskey was depleting itself right before my eyes, as if a straw from Heaven sucked the manna from its innards. Actually, it was Bootleg. Not bootleg liquor, mind you, but Bootleg the felonious con from Oregon. Apparently he got busted 'cause speed is and was against the law, and crank is not exactly the drug choice of maiden aunts nor school marms. "I've been a hacker longer than some of these kids have been alive. It all started back in . . ." and Mike "Bootleg" Beketic commenced on the first of hundreds of war-story jail house tales to entertain him and us. Bootleg loves a good story. "Jail ain't so bad," he bragged with a huge whiskey smile. "No one fucked with me. You gotta make friends early on. Then it's OK." Good advice, I guess. "On parole I got slammed with a year for piss that didn't pass." Gotta be clean, my man. Stay away from that shit. It'll kill you and your teeth will rot. Bootleg handed me form PROB-37, (Rev. 1/94) from the United States District Court, Federal Probation System. Grins from ear to ear. A badge of honor for villains, thieves, and scoundrels. Sounds like they need their own union. This was the official "Permission To Travel" form dated June 16, 1994 which gave Bootleg the legal right to travel from Oregon to Las Vegas in the dead of the summer to attend a "computer conven tion." The flight times were specific as were the conditions of his freedom. He had to inform the local cops that he was in town. In case any crimes occurred throughout the city of Las Vegas during his sojourn, he was an easily identifiable suspect. While he downed another Jack and coke I found out what Bootleg was really doing. Despite the fact that the "Federal Keep Track of a Crook Travel Form" said, "you are prohibited from advertis ing or selling your DMV CD," the paranoia that runs rampant through the minds of prison bureaucracy was actually in this case quite correctly concerned. "What's a DMV CD?" "I'm glad you asked." I was set up. The edict said he couldn't sell or advertise, but there was no provision stating that he couldn't answer questions from an inquiring mind. Bootleg handed me a CD ROM: Bootleg Presents: DMV - Over 2 Million Oregon Drivers License Records - Over 3 Million Oregon License Plate Records The inside jacket clearly stated that this information was not to be used by any creatively nefarious types for any sort of person al Information Warfare tactics. It warns, Do not use this CD to: - Make phony Licenses - Make phony Titles - Obtain phony I.D. - Harass Politicians, Cops or Journalists - Stalk Celebrities - Get ME in trouble <G> I can come up with at least 1001 other uses for this collection of information that the Oregon authorities are none too happy about. The ones Bootleg outlined never came into my mind. (Heh!) Bootleg acquired the information legally. State officials were kind enough to violate the electronic souls of its citizens by sending Bootleg their driver's information magnetically embla zoned on a 3600 foot long piece of 9 track acetate. Now they want to change the law to reflect "heart felt concern for the privacy of their citizens." Get a clue, or if none's available, buy one from Vanna. Bootleg is moving onto the next 47 states (California and New York don't permit this kind of shenanigans) shortly to make sure that everyone has equal access. Hacking? Of course. Bootleg effectively hacked the Oregon DMV with their blessing and tax payer paid-for assistance. Time to go back to my room while Bootleg and friends spent an evening of apparently unsuccessful whoring around the Strip and Glitter Gulch. A good time was had by all. * * * * * Jeff Moss opened the Sunday morning session with an ominous sermon. "You'll notice that the wet bar is missing from the rear?" It had been there yesterday. Everyone turns around to look. "I gotta pay for the damage . . . " Jeff was not a happy camper. "They have my credit card number and it's almost full. So cool it!" But the show must go on and we had more to learn. Next. Anonymous mailers on the net? Forget about it. No such thing. Anonymous remailers, even if they are in Norway or Finland or some such other country where American information contraband such as child pornography is legal, are only as safe and secure as the people who run it "The FBI can go over any time they want and look up who you are and what kinds of stuff you swallow down your digital throat," one speaker announced. Of course that's ridiculous. The FBI would have to call in the Boy Scouts or Russian Mafia for that kind of operation, but we all knew that anyway. A slight slip of the ad lib tongue. No harm done. I didn't know, until this Sunday, that there were actually real live versions of "Pump Up The Volume" running rampant across the country, impinging their commercial-free low power radio broad casts into an electromagnetic spectrum owned and operated by the Federal Communications Commission. And, as to be expected, the FCC is trying to put these relatively harmless stations out of business along with Howard Stern and Don Imus. One would think that WABC or KLAC or any other major market stations would little care if a podunk 20 watt radio station was squeezing in between assigned frequencies. And they probably shouldn't. But, as we learned, the Military lent an innocent hand. In support of the hobbies of servicemen, a local San Francisco base commander gave approval for a group of soldiers to establish a small, low power radio station for the base. Good for morale, keep the men out of the bars: you know the bit. But the ballistic missiles went off when the nation's premier rating service, Arbitron, listed KFREE as a top local station in the San Francisco market. "What station KFREE?" "Who the hell are they?" "What the fuck?" Needless to say, KFREE was costing the legitimate radio stations money because advertising rates are based upon the number of listeners not up and peeing during commercials. Since KFREE was ad-free, no contest. Arbitron assumes the rating to relect the existence of a real station - the numbers are there - and the local stations call the FCC and the FCC calls the base and as quick as you can scream, "Feds suck!" KFREE is off the air. Stomp. I was scheduled to speak today, but with the schedule seemingly slipping forward and backward at random haphazard intervals, there was no telling when what would occur. Mark Ludwig, of Virus Writing Contest fame and author of the much touted "Little Black Book of Computer Viruses" Virus gave a less then impas sioned speech about the evils of government. "I know most of you don't have any assets other than your comput er," Ludwig said to the poverty stricken masses of DefCon II. "But you will, and you want to make sure the government doesn't come crashing down around you whenever they want. They can and will take your life away if it suits them. There is no fourth amendment. Most search and seizures are illegal." And so it went. "Put your money off shore, kids," said Dr. Ludwig the theoretical physicist. "Find a good friendly country with flexible banking laws and the Feds can't get you." "And when the Feds do come for you, make sure that your entire life is on your computer. Rip up the papers after you scan them in. Your all-electronic life cannot be penetrated - especially if you get a case of the forgets. 'Oops, I forgot my password. Oops! I forgot my encryption key. Oops! I forgot my name.'" "Even your VISA and Mastercard accounts should be from overseas. Keep it out of the US and you'll be all the better for it." For those interested in such alternative, Ludwig recommends that you call Mark Nestman: of LPP Ltd. at 800-528-0559 or 702-885-2509. Tell him you want to move your millions of rubbles and dollars and Cyber-credits overseas for safe keeping because the Byzantine Police are at the front door as you speak. Order pamphlet 103. These are the defensive measures we can take protect ourselves against the emerging Police State. But offensive action is also called for, he says. "Help Phil Zimmerman. Send him money for his defense. Then, laugh at the Feds!" Haha, haha. Haha. Hahahahahaha. Ha! ."When they come to the door, just laugh at them." Haha. Haha ha. Haha. "No matter what they do, laugh at them." Hahahahaha. Enough of that, please. If I laugh at 6 husky beer-bellied Cyber-cops who have an arsenal of handguns pointed at my head, they might as well send me to the Group W bench to commiserate with Arlo Guthrie. Peeing would come before laughing. But then again, I'm no longer a grunged out 20 year old who can laugh in the face of the Grim Reaper. "Yes, ossifer, sir. I'm a cyber- crook. I ain't laughing at you in your face, ossifer, sir . . ." I panic easily. Kissing ass well comes from a life long success of quid pro quo'ing my way from situation to situation. "And, now," Master Mark announced, "on to the results and awards for the Annual Virus Writing contest." Ludwig seemed suddenly depressed. "Unfortunately, we only got one legitimate entry." One entry? The media plastered his contest across the media- waves and the National Computer Security Association was planning a tactical nuclear response. One entry? What kind of subver sives have 20 year olds turned into anyway? In my day (Yeah, I'm old enough to use that phrase) if we called for a political demonstration thousands would pile through the subway turnstiles to meet a phalanx of well armed police appropriately attired in riot gear. One entry? Come on X-Generation, you can do better than that? No wonder the world's going to shit. Don't have enough trouble from the young-uns. Sheeeeeeesssh! Mark Ludwig's politically incorrect virus writing contest may have been a PR success but it was a business abortion. One entry. Shit. At the NCSA meeting in Washington, rivaling fac tions battled over how we as an association should respond. "Hang the bastard." "He's what's wrong with world." "Put him in a county jail with Billy-Bob, Jimmy-Ray and Bubba for a week and they'll be able to squeeze him out between the bars." C'mon you fools! Ignore him! Ignore him! If you don't like what he has to say don't egg him on. Ignore him. You want to do what the Feds did to poor Phil Zimmerman and make him a folk hero? Turning a non-event into the lead for the evening news is not the way to make something go away. I loudly advocated that he be treated as a non-entity if the goal was reduction to obscurity. I was right. Super-high priced PR and lobby firms had prepared presentation to wage an all-out attack on Ludwig and his contest. I bet! And who was going to pay for this? Peter Tippitt of Semantech ponied up what I believe amounted to $7,000 to get the pot going. No one else made a firm offer. Can't blame them cause it would have been no more effective than taking out an ad in Time proclaiming that evil is bad. The PR firm would have made their fees, the event would have made even more news and Ludwig would certainly have had to make a judgement and choose from more than one entry. But oddly enough, the one entry did not win. The winner of the Annual Virus Writing Contest was no less than Bob Bales, Executive Director of the NCSA. Not that Bob wrote a program, but if he had, Ludwig said, it would be called either Don Quixote or Paranoia, and it would be of the human brain at- tacking Meme type. The virus is a software equivalent of Prozac to alleviate the suffering in middle-aged males who have no purpose in life other than virus busting. "Is Winn Schwartau here?" Mark asked the audience. I was there. "Yo!" "Would you tell Bob that he's won a plaque, and a $100 check and a full year subscription to the Computer Virus Developments Quarterly." I'm the technology advisor to the NCSA so it was a natural request to which I was pleased to oblige. I told Bob about his 15 minutes of fame at DefCon to which he roared in laughter. "Good! Then I won't have to subscribe my self." I spoke next. Jeff introduced me by saying, "Winn says he doesn't want to speak to an empty room so he's gonna talk now." Some introduction. But, what a great audience! Better than most of the security above-ground starched sphincter tight suit and tie conference audiences I normally get. But then again, I get paid handsomely to address legitimate audiences where I have to be politically correct. At DefCon, insulting people was the last thing I worried about. It was what I focused on, onstage and off. "Hey, kid. Did you ever land Zimmerman in bed?" "You, you, er . . ." "C'mon kid. Give me your best shot." "Your mother . . ." A crowd gathered to see what kind of repar tee this little schnook could come up with. "Your mother .. ." C'mon kid. You got it in you. C'mon. "You, she is a . . . uh, . . . mother . . ." and he finally skulked away in sheer embarrassment. Poor kid. When he went to the men's room, men walked out. Poor kid. I don't think he ever figured out it was all a put on. The audience got it, though. Rather than go over what I rambled about for an hour, here comes a blatant plug: Go buy my new book "Information Warfare: Chaos on the Electronic Superhighway." That'll sum it up real nice and neat. But what a great audience. Thanks. Little did I know, though, that I was also on trial. John Markoff of the New York Times was the first to ask, and then a couple of buddies asked and then a lady asked during the Q&A portion of my ad hoc ad lib speech. "How come you did it?" Did what? "How come you flamed Lenny DeCicco?" It turns out that someone adapted my electronic identity and logged on to the WELL in Sausalito, CA and proceeded to post a deep flame against Lenny. Among other none-too-subtle asper sions, 'my' posting accused Lenny of a whole string of crimes of Information Warfare and even out and out theft. Except, it wasn't me. I answered the lady's question with, "It wasn't me, I don't know Lenny and I don't have an account on the WELL." That satisfied everyone except for me. What happened and why? It seems that Lenny's former partner in crime Most- Wanted on the lam federal fugitive computer hacker Kevin Mitnick actually wrote and signed the letter with his initials. Or someone was spoofing him and me at the same time. But why? And why me? It took a couple of days after arriving home from DefCon to learn after extensive conversations with the WELL that my erased ac count from almost two years ago and then re-erased on June 20 of this year was accidentally turned back on by some mysterious administrative process that I cannot claim to fathom. OK, that's what they said. But perhaps most interesting of the entire Getting Spoofed inci dent was a single comment that Pei Chen, sysop of the WELL said to me while I complained about how such an awful anti-social attack was clearly reprehensible. Oh, it's simple, she said. "We have no security." Whooaaaahhh! The WELL? No security? I love it. I absolutely love it. Major service provider, no security. Go get 'em cowboy. The only other speaker I wanted to see was Peter Beruk, chief litigator for the Software Publisher's Association. This is the Big Software Company sponsored organization which attempts to privately interdict illegal software distribution as a prelude for both civil and criminal prosecutions. And with this group of digital anarchists, no less. The SPA scrounges around 1600 private BBS's to see who's making illicit copies of Microsoft Word or Quattro For Weanies or Bulgarian for Bimbos or other legitimate software that the pub lishers would rather receive their due income from then being stolen. "Which boards are you on?" "That would be telling." Big grin and laughs. "Is your BBS secure?" A challenge in the making. "Sure is." "Is that an offer to see if we can break in?" Challenge made. "Ahem, cough, cough." Challenge denied. "What name do you use on the boards?" Idiot question that de serves an idiot answer. "Fred." Laughs. "You mean you have a full time guy to download software from boards to see if it's legal or not?" "Yup." "So, you pay people to commit felonies?" Astutely stupid ques tion. "We have permission." "Why should we have to pay rip-off corporations too much money to use really shitty software?" "So don't buy it." "We don't. It's so shitty that it's barely worth stealing." "So don't steal it." "Just want to check it out, dude." "Scum sucking imperialists are making all of the money. The software designers are getting ripped off by the big software bureaucracies. Power to the people." Every generation goes through this naively innocent berating of capitalism. It doesn't make them Communists (in 1950 it did), just not full fledged capitalist pigs themselves yet. Soon come. Vis a vis Ludwig's comment on the asset-deprived audience. Soon come, man. "We go after BBS's that store illegal software." "So you're gonna put Compuserve in jail?" Big, big applause. Despite the openly verbal animosity between the free-ware believ ers and the Chief Software Cop, the spirited and entertaining disagreements maintained a healthy good natured tone that well exceed Peter's time limit, as DefCon II was coming to a close. It was time for one more stand up comedy attempt by a short haired bandanna wearing hippie/hacker/phreak who was not quite up to the job. "OK, guys. We've had some fun at the Feds expense. They're people, too. So, from now on, it's Hug a Fed. Go on, find a fed and go up to him or her and big them a great big bear hug full of love." The Feds that had been busted were gone. The ones still successfully undercover weren't about to blow it for a quick feel from a horny teenager. Next. The Cliff Stoll doll with an assortment of accessory yo- yos was a popular item. It was thrown pell-mell into the crowds who leapt at it with a vengeance like a baseball bleachers sec tion awaiting the 61st home run. "There used to be a Wife of Cliff Stoll doll, but no one's seen it in two years." Cliff is strange. I don't know if he's that strange, but it was a funny bit. "Then we have the LoD/MoD action figure set starring Erik Bloo daxe and Phiber Optik." GI Joe action set gone underground. Corny, but appreciated as hundreds of bodies dove to catch the plastic relics tossed from the stage. If anything, an anti-climatic end to an otherwise highly informa tive and educational conference. I can hardly wait till next year when, after word gets out, DefCon III will be attended by thousands of hackers and cops and narks who will try to replay the Summer of Cyber-Love '94 for a sequel. * * * * * More than anything I wanted to get away from the Sahara. Away from its nauseatingly chromatic carpets, it's hundreds of sur veillance cameras, and most of all, away from its exploding toilets. We decided to play, and play we did at the new Luxor Hotel which is an amazing pyramid with 4000+ rooms. There are no elevators as in a pyramid 'going up' is kind of useless, so Inclinators take passengers up the 30 some odd floors to hallways which ring around the impossibly huge hollowed out pyramid shaped atrium. This was play land. And for three hours we played and played and went to dumb shows that attract mid-western mamas from Noodnick, Kentucky, alighting in Vegas for their annual RV pilgrimage. But we went and enjoyed none the less. The "Live TV" show was anything but live except for lovely Susan who hosted us into the ersatz TV station. Her job is to look pretty, sound pretty and warm up the crowd for an over budget, overproduced schmaltz driven video projection that was to make us all feel like we were on stage with Dave. Letterman, that is. The effect does not work. But we enjoyed ourselves, anyway. "Everyone here on vacation?" "No!" I yelled out. Poor Susan was stunned. No? Why else would you be here? "What are you doing?" The TV audience of 500 was looking our way. Between the five of us we had a million dollars (give or take) of electronic wizardry stuffed around us, beneath us and in our laps. "Working." Gee, I'm quick. "What do you do?" Susan asked with a straight face. I bet she expected something like gas pumper, or nocturnal mortuary forni cator or 7/11 clerk. "We're hacking for Jesus. This is Cyber Christ!" I said pointing at Erik Bloodaxe. Silence. Dead silence again. Sleep with Phil Zimmerman silence. Except for us. We giggled like school boys. Psyche. "Ah, . . . that's nice." That was all she could come up with: That's nice. So much for ad libbing or deviating from the script. But the TV audience enjoyed it. A whole lot. They finally figured out it was put on. Not every one from the Mid- West is as stupid as they all pretend to be. Then it was time to get sick. VR rides do me in, but not to be publicly humiliated by my 20-something cohorts (and Mike Peros with whom I had to travel yet another 2000 miles that night) I jumped right into an F-14 simulator which rotated 360 degrees on two gimbals for an infinite variety of nauseousness. "Oh, shit!" I yelled as I propelled myself forward and around and sideways with sufficient g-force to disgorge even the most delec table meal. "Oh, shit." I had reversed the throttle and was now spinning end over end backwards. My inner ear was getting my stomach sick. "Oh, shit." Out of the corner of my eyes my four pals were doubled over in laughter. Had I barfed yet and not known it? God, I hope not. "Oh, shit." I came to a dead stand still, the video screen showed me plummeting to earth at escape velocity and I pushed the throttle forward as roughly as I could. An innate survival instinct came in to play. "Oh, shit!" The virtual aircraft carrier came into sight and after almost 2 minutes of high speed rotating revulsion, I was expected to land this spinning F-14 on a thimble in the ocean. Right. I tried, and damned if I didn't make it. I have no idea how, but I got an extra 34,000 points for a safe landing. 120 seconds. Ding. Time's up. I got out of the simulator and spilled right onto the floor; one 42 year old pile of humanity who had navigated nausea but whose balance was totally beyond repair. "Could anyone hear me?" I asked from my knees. "They were selling tickets." "Do I get my money back?" Onto the VR race cars. I really thought I'd throw up to the amusement of a thousand onlookers. Hacking then phreaking then flying and now driving. I put the pedal to the metal and crashed. The huge video display has me tipping end over end and the screen is shaking and the car I'm driving is shuddering violently but my brain can't compute it all. I'm gonna wretch, I just know it. But I keep on driving, decidedly last against people who haven't been handicapped with an inner ear so sensi tive I get dizzy when I watch a 5" black and white TV. We tilted out of there and alas, it was time to find a 200,000 pound of metal to glide me home. It was a damn good thing I hadn't eaten before VR Land, but I wolfed down $3 hot dogs at the air port knowing full well that whatever they served on the plane would be a thousand times worse. So Mike and I munched, leaving Cyber Christ and friends to battle the press and the stars at the opening of Planet Hollywood at Caesar's Palace. And then an unexpected surprise. Lisa and friend; our first class objects of flirtation from the outbound trip which seemed like a month ago, appeared. But we were all so wiped out that a conti nent of innuendo turned into a series of short cat naps. We got a few flirts in, but nothing to write home about. Red Eye flights are just not what they're cracked up to be. As I crawled into bed at something like 7AM Eastern, my wife awoke enough to ask the perennial wife question. "What did you do all weekend?" I, in turn, gave her the usual husbandly re sponse. "Oh, nothing. Good night, Gracie." * * * * * (C) 1994 Winn Schwartau Winn Schwartau is an information security consultant, lecturer and, obviously, a writer. Please go buy his new book: "Informa tion Warfare: Chaos on the Electronic Superhighway." Available at book stores everywhere. Winn can be reached at: Voice: 813.393.6600 or E-mail: P00506@Psilink.com