Title : Phrack World News XXIII Part 1
Author : Knight Lightning
==Phrack Inc.==
Volume Two, Issue 23, File 11 of 12
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN P h r a c k W o r l d N e w s PWN
PWN ~~~~~~~~~~~ ~~~~~~~~~ ~~~~~~~ PWN
PWN Issue XXIII/Part 1 PWN
PWN PWN
PWN Created, Written, and Edited PWN
PWN by Knight Lightning PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
Back To The Present
~~~~~~~~~~~~~~~~~~~
Welcome to Phrack World News Issue XXIII. This issue features stories on
the Chaos Computer Club, more news about the infamous Kevin Mitnick, and
details about an Australian-American hackers ring that has been shut down.
I also wanted to add a big "thanks" to those of you who did send in news
stories and information. Your help is greatly appreciated.
:Knight Lightning
_______________________________________________________________________________
Armed With A Keyboard And Considered Dangerous December 28, 1988
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A follow-up story to the Kevin Mitnick case in the December 24, 1988 edition of
the Los Angeles Times says the federal magistrate refused to release Mitnick on
bail December 23, 1988;
"after prosecutors revealed new evidence that Mitnick penetrated a
National Security Agency computer and may have planted a false story
on a financial news wire...."
Investigators believe that Mitnick may have been the instigator of a false
report released by a news service in April that Security Pacific National Bank
lost $400 million in the first quarter of 1988. The report, which was released
to the NY Stock Exchange and other wire services, was distributed four days
after Mitnick had been turned down for a job at Security Pacific [after the
bank learned he had lied on a job application about his past criminal record].
The false information could have caused huge losses for the bank had it reached
investors, but the hoax was uncovered before that could happen.
The prosecutor said Mitnick also penetrated a NSA computer and obtained
telephone billing data for the agency and several of its employees.
[In refusing bail, the magistrate said,] "I don't think there's any conditions
the court could set up based upon which the court would be convinced that the
defendant would be anything other than a danger to the community.... It sounds
like the defendant could commit major crimes no matter where he is."
Mitnick's attorney said prosecutors have no evidence for the new accusations.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dark Side Hacker Seen As Electronic Terrorist January 8, 1989
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By John Johnson Los Angeles Times
"Computer an 'Umbilical Cord to His Soul"
When a friend turned him in and Mitnick asked why, the friend replied, "Because
you're a menace to society." Mitnick is described as 25, an overweight,
bespectacled computer junkie known as a "dark side" hacker for his willingness
to use the computer as a weapon. His high school computer hobby turned into a
lasting obsession.
He allegedly used computers at schools and businesses to break into Defense
Department computer systems, sabotage business computers, and electronically
harass anyone -- including a probation officer and FBI agents -- who got in his
way.
He also learned how to disrupt telephone company operations and disconnected
the phones of Hollywood celebrities such as Kristy McNichol, authorities said.
So determined was Mitnick, according to friends, that when he suspected his
home phone was being monitored, he carried his hand-held keyboard to a pay
phone in front of a 7-Eleven store, where he hooked it up and continued to
break into computers around the country. "He's an electronic terrorist, said
[the friend who turned him in], "He can ruin someone's life just using his
fingers."
Over the last month, three federal court judges have refused at separate
hearings to set bail for Mitnick, contending there would be no way to protect
society from him if he were freed. Mitnick's lack of conscience, authorities
say, makes him even more dangerous than hackers such as Robert Morris Jr., who
is suspected of infecting computer systems around the country with a "virus"
that interfered with their operations.
Mitnick's family and attorney accuse federal prosecutors of blowing the case
out of proportion, either out of fear or misunderstanding of the technology.
The story details his "phone phreak" background, and his use of high school
computers to gain access to school district files on remote computers, where he
didn't alter grades, but "caused enough trouble" for administrators and
teachers to watch him closely. He used the name "Condor," after a Robert
Redford movie character who outwits the government. The final digits of his
unlisted home phone were 007, reportedly billed to the name "James Bond."
[He and a friend] broke into a North American Air Defense Command computer in
Colorado Springs in 1979. [The friend] said they did not interfere with any
defense operation. "We just got in, looked around, and got out."
What made Mitnick "the best" said a fellow hacker and friend, was his ability
to talk people into giving him privileged information. He would call an
official with a company he wanted to penetrate and say he was in the
maintenance department and needed a computer password. He was so convincing,
they gave him the necessary names or numbers.
He believed he was too clever to be caught. He had penetrated the DEC network
in Massachusetts so effectively that he could read the personal electronic mail
of security people working on the case of the mysterious hacker and discover
just how close they were getting to him. But caught he was, again and again.
Mitnick's motive for a decade of hacking? Not money, apparently... Friends
said he did it all simply for the challenge. [His one-time probation officer
says,] "He has a very vindictive streak. A whole bunch of people were
harassed. They call me all the time." His mastery of the computer was his
"source of self-esteem," said a friend.
_______________________________________________________________________________
Computer Chaos Congress 88 Report January 3, 1989
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Observing Chaos Communication Congress 1988, Hamburg
"From Threat To Alternative Networks"
On 28-30 December, 1988, Computer Chaos Club (CCC) held its 5th annual "Chaos
Communication Congress" at Hamburg/FRG (West Germany). As in previous years,
300 people (mainly aged 16-36, 90% male, with some visitors from Austria and
The Netherlands) gathered, carefully observed from newsmedia (German stations,
printmedia, press agencies, but also from UK's BBC, and being observed by
Business Week's Katie Hafner, who gathered material for a book on hackers,
planned by John Markoff and herself).
In the chaotic (though creative) congress "organization," two different tracks
were visible:
-- Technical presentations on networks (UUCP, GEONET, FIDONet, and CCCs
emerging "open networks" BTXnet and "Zerberus"), and on a PC-DES encryption
developed by a leading CCC member (who had escaped the French police's
arrest by travelling to SECURICOM by railway while police waited at the
airport);
-- Socio-political discussions about "sociology of hackers," "free flow of
information" as well as reports about recent events, dominated by the arrest
of Steffen Wernery in Paris in Spring 88 when being invited to speak on
SECURICOM.
CCC speakers reported about their work to install "free networks." In Germany,
most of the networks are organized in the form of a "Verein" (an association
with legal status, which guarantees tax-free operation): Such networks are
access-restricted to their members. The different German science and
University networks (and their bridges to international networks) usually
restrict access to scientists. Different CCC subgroups are establishing
"alternative networks," such as "EcoNet" for communication of ecological data
and information, planned to be available, free of cost, to broader social,
ecological, peace and political groups and individuals.
Apart from traditional technologies (such as GEONET and FIDONet), the German
Post Office's Bildschirmtext (Btx) will be used as a cheap communications
medium; while CCCs first hack was, years ago, to attack the "insecure
Btx-system" (in the so-called "HASPA coup" where they misused the Btx password
of the Hamburg savings bank to repeatedly invoke CCC's Btx information at a
total prize of 135.000 DM, then about 50.000$), they today begin to use this
cheap though very limited medium while more powerful communications media are
available. Today, the emerging ISDN technology is verbally attacked by hackers
because of the excessive accumulation of personal data; from here, hacks may be
attempted when ISDN becomes regionally available in 1989/90.
Several speakers, educated Informaticians with grades from West German
Informatics departments, professionally work in Software production and in
selling hardware/software to economy and state agencies. Among them, several
professional UNIX and UUCP users have begun to organize CCC's future UUCP
version. Up to now, only few CCC members use (and know about) UNIX systems,
but their number may grow within the near future according to CCC's
"marketing." One speaker told the audience, "that you can remotely start
programs in UUCP." After some learning phase, the broadened availability of
UNIX in the hacker scene may produce new threats.
The other track of the Congress discussed themes like "sociology of hackers"
where a group of politology students from Berlin's Free University analyzed
whether hackers belong to the "new social movements" (e.g. groups on peace,
nuclear energy, feminist themes). They found that, apart from much public
exaggeration (it is not true that hackers can invade *any* computer), hackers
are rather "unpolitical" since they are preferably interested in technology.
A major topic was "free access to/flow of information." Under the title
"freedom of information act," speakers suggested a national legislation which
guarantees individual and group rights to inspect files and registers of public
interest; the discussion lacked sufficient basic knowledge, e.g. of the
respective US legislation and corresponding international discussions in Legal
Informatics.
Summarizing the Congress and accompanying discussions, active CCC members try
hard to demonstrate that they have *no criminal goals* and ambitions (they
devoted a significant amount of energy to several press conferences, TV
discussions etc). The conference was dominated by young computer professionals
and students from the PC scene, partially with good technological knowledge of
hardware, software and networks; while some people seem to have good technical
insights in VAXsystems, knowledge of large systems seems to be minimal. To some
extent, the young professionals wish to behave as the :good old-fashioned
hackers": without criminal energy, doing interesting work of good professional
quality in networks and other new areas.
While former CCCongresses were devoted to threats like Viruses, *no explicit
discussion* was devoted *to emerging threats*, e.g. in ISDN or the broadening
use of UNIX, UUCP. The new track discussing political and social aspects of
computing follows former discussions about "hacker ethics." Here, the
superficial, unprofessional discussions of related themes show that the young
(mainly) males are basically children of a "screen era" (TV, PCs) and of an
education which concentrates on the visible "image," rather than understanding
what is behind it.
Special Thanks to Dr. Klaus Brunnstein, University of Hamburg
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The Chaos Communication Congress 1988 in Hamburg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From Terra of The Chaos Computer Club
One of the basic statements of the Chaos Computer Club from Hamburg, in the
Federal Republic of Germany is the demand for "The new human right of free
exchange of data between all beings, without censorship, for all beings, and
for the moment at least world-wide."
Other statements include "data free NOW!" and "Free flow of information."
Indeed, these ideas are not new, not even in the computer community, but the
important thing is that the CCC is now in the process of turning some of the
old hacker dreams into reality. For example: they are now creating their own
networks, that exchange not only 'club' information, but everything that
interest those on the net. This includes genetical engineering and
environmental issues.
The Chaos Communication Congress that takes place every year in Hamburg is for
many hackers even more of a dream. Imagine being a hacker in some lonesome
outpost thinking you are the only one that is crazy enough to be smarter than
technology, and finding out there is a whole bunch of people that are just as,
or even more, crazy. This year is the fifth congress, and advertisement is not
needed: The 'family' knows exactly, because it's all in the networks.
The congress itself is split up over a number of rooms. There is a hack-room,
where the real hacking takes place. There is also a press room, where hackers
and journalists together try to bring the hacker message out to the rest of the
world. The archive contains all of the 'Chaos papers,' all press clippings,
interesting remarks and all issues of the "datenschleuder", the German Hacker
Magazine.
German 'data travelers' are also present. A 'data traveler' is someone that
uses the international data network for gaining access to all sorts of
computers all over the world. A famous story is that of a German hacker that
tries to reach a friend and finds his phone busy. He then calls his local
Datanet access number and goes through all of the computers that he knows his
friend is interested in at that moment. His friend, hanging around in some
computer in New York gets a message on his screen saying; "Ah here you are,
I've been looking around everywhere."
Back to this congress. On the first day the emphasis lies on the past. All
things that have happened to the CCC in the past year are being discussed. The
second day the emphasis lies on the future; and then ideas about the future of
the information society is the subject of discussion. CCC says "Information
society" is not equivalent to "Informed Society", and more attention should be
paid to public use of computer technology.
One of the main goals of the CCC is getting people to think about these issues;
so that it is no longer just computer maniacs that decide over the faith of the
world. "We don't know yet whether the computer is a gift or a timebomb, but
it IS going to change everyone's life very soon."
_______________________________________________________________________________