Title : PWN/Part 1
Author : Datastream Cowboy
==Phrack Inc.==
Volume Four, Issue Thirty-Nine, File 10 of 13
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN Phrack World News PWN
PWN PWN
PWN Issue XXXIX / Part One of Four PWN
PWN PWN
PWN Compiled by Datastream Cowboy PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
To Some Hackers, Right And Wrong Don't Compute May 11, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Bruce V. Bigelow (San Diego Union-Tribune)
Special Thanks to Ripper of HALE
The telephone call was anonymous, and the young, male voice was chatty and
nonchalant. He wanted to explain a few things about hacking, the black art of
tapping into private computers.
He was one of several hackers to call, both frightened and intrigued by a San
Diego police investigation into an informal network of computer criminals using
high-tech methods to make fraudulent credit-card purchases. Detectives have
seized a personal computer and other materials, and arrests are pending in San
Diego and other parts of the country.
"Half the time, it's feeding on people's stupidity," the anonymous hacker
said, boasting that most computers can be cracked as easily as popping a beer.
Hackers seem full of such bravado. In their electronic messages and in
interviews, they exaggerate and swagger.
One message traveling the clandestine network notes: "This text file contains
extremely damaging material about the American Express account making
algorithm. I do not commit credit card fraud. I just made up this scheme
because I was bored.
They form groups with names like "Legion of Doom" and "Masters of Deception,"
and give themselves nicknames like Phiber Optik, Video Vindicator and Outlaw.
They view themselves as members of a computer underground, rife with cat-and-
mouse intrigue.
For the most part, they are bring teenagers who are coming of age in a
computer-crazy world. Perhaps a generation ago, they tested their anti-
authoritarian moxie by shoplifting or stripping cars. But, as it has with
just about everything else, the computer has made teenage rebellion easier.
Nowadays, a teenager tapping on a keyboard in the comfort of his bedroom can
trespass on faraway corporate computers, explore credit files and surf coast-
to-coast on long-distance telephone lines.
San Diego police say that gathering details from computerized files as credit-
reporting agencies, hackers around the country have racked up millions of
dollars in fraudulent charges -- a trick known as "carding."
Conventual notions of right and wrong seem to go fuzzy in the ethereal realm
that hackers call cyberspace, and authorities say the number of crimes
committed by computer is exploding nationwide.
Like many hackers, the callers says he's paranoid. He won't give his name and
refuses to meed in person. Now a college student in San Diego, he says, he
began hacking when he was 13, collecting data by computer like a pack rat.
"I wanted to know how to make a bomb," he said with a laugh.
Like other hackers, he believes their strange underground community is
misunderstood and maligned. Small wonder.
They speak a specialized jargon of colons, slashes and equal signs. They work
compulsively -- sometimes obsessively -- to decipher and decode, the hacker
equivalent of breaking and entering. They exploit loopholes and flaws so they
can flaunt their techno-prowess.
"The basis of worth is what you know," the hacker says. "You'll hear the term
'lame' slung around a lot, especially if someone can't do too much."
They exchange credit-card numbers by electronic mail and on digital bulletin
boards set up on personal computers. They trade computer access codes,
passwords, hacking techniques and other information.
But it's not as if everyone is a criminal, the anonymous hacker says. What
most people don't realize, he say, is how much information is out there --
"and some people want things for free, you know?"
The real question for a hacker, he says, is what you do with the information
once you've got it. For some, restraint is a foreign concept.
RICH IN LORE
Barely 20 years old, the history of hacking already is rich in lore.
For example, John Draper gained notoriety by accessing AT&T long distance
telephone lines for free by blowing a toy whistle from a bod of Cap'n Crunch
cereal into the telephone.
Draper, who adopted "Captain Crunch" as his hacker nickname, improved on the
whistle with an electronic device that duplicated the flute like, rapid-fire
pulses of telephone tones.
Another living legend among hackers is a New York youth known as "Phiber
Optik."
"The guy has got a photographic memory,' said Craig Neidorf of Washington, who
co-founded an underground hacker magazine called Phrack. "He knows everything.
He can get into anything."
Phiber Optik demonstrated his skills during a conference organized by Harper's
Magazine, which invited some of the nation's best hackers to "log on" and
discuss hacking in an electronic forum. Harper's published a transcript of the
11-day discussion in it's March 1990 issue.
One of the participants, computer expert John Perry Barlow, insulted Phiber
Optik by saying some hackers are distinguished less by their intelligence than
by their alienation.
"Trade their modems for skateboards and only a slight conceptual shift would
occur," Barlow tapped out in his message.
Phiber Optik replied 13 minutes later by transmitting a copy of Barlow's
personal credit history, which Harper's editors noted apparently was obtained
by hacking into TRW's computer records.
For people like Emmanuel Goldstein, true hacking is like a high-tech game of
chess. The game is in the mind, but the moves are played out across a vast
electronic frontier.
"You're not going to stop hackers from trying to find out things," said
Goldstein, who publishes 2600 Magazine, the hacker quarterly, in Middle
Island, New York.
"We're going to be trying to read magnetic strips on cards," Goldstein said.
"We're going to try to figure out how password schemes work. That's not
going to change. What has to change is the security measures that companies
have to take."
ANGELHEADED HIPSTERS
True hackers see themselves, in the words of poet Allen Ginsberg, as
"Angelheaded hipsters burning for the ancient heavenly connection to the
starry dynamo in the machinery of night." These very words were used by Lee
Felsenstein, designer of the Osborne-1 computer and co-founder of the Homebrew
Computer Club.
But security consultants and law enforcement officials say malicious hackers
can visit havoc upon anyone with a credit card or driver's license.
"Almost none of it, I would say less than 10 percent, has anything to do with
intellectual exploration," said Gail Thackeray, a Phoenix prosecutor who has
specialized in computer crimes. "It has to do with defrauding people and
getting stuff you want without paying for it."
Such crimes have mushroomed as personal computers have become more affordable
and after the break up of AT&T made it more difficult to trace telephone calls,
Thackeray said.
Even those not motivated by financial gain show a ruthlessness to get what they
want, Thackeray said.
"They'll say the true hacker never damages the system he's messing with,"
Thackeray said, "but he's willing to risk it."
Science-fiction writer Bruce Sterling said he began getting anonymous calls
from hackers after an article he wrote about the "CyberView 91" hacker
convention was published in Details Magazine in October.
The caller's were apparently displeased with Sterling's article, which noted,
among other things, that the bustling convention stopped dead for the season's
final episode of "Star Trek: The Next Generation."
"They were giving me some lip," Sterling said. They showered him with
invective and chortled about details from Sterling's personal credit history,
which they had gleaned by computer.
They also gained access to Sterling's long distance telephone records, and
made abusive calls to many people who has spoken to Sterling.
"Most of the news stories I read simplify the problem to the point of saying
that a hacker is a hacker is a hacker," said Donn Parker, a computer security
consultant with SRI International in Menlo Park.
"In real life, what we're dealing with is a very broad spectrum of
individuals," Parker says. "It goes all the way from 14-year olds playing
pranks on their friends to hardened juvenile delinquents, career criminals and
international terrorists."
Yet true hackers have their own code of honor, Goldstein says. Computer
trespassing is OK, for example, but altering or damaging the system is wrong.
Posing as a technician to flim-flam access codes and passwords out of
unsuspecting computers users is also OK. That's called "social engineering."
"They're simply exploring with what they've got, weather it's exploring a
haunted house or tapping into a mainframe," Goldstein said.
"Once we figure things out, we share the information, and of course there are
going to be those people that abuse that information," Goldstein added.
It is extremely easy to break into credit bureau computers, Goldstein says.
But the privacy being violated belongs to individual Americans -- not credit
bureaus.
If anything, credit bureaus should be held accountable for not providing
better computer security, Goldstein argues.
_______________________________________________________________________________
Companies Fall Victim To Massive PBX Fraud April 20, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Barbara E. McMullen & John F. McMullen (Newsbytes)
NEW YORK CITY -- Appearing on the WBAI radio show "Off The Hook," New York
State Police senior investigator Donald Delaney discussed the movement of
organized crime groups into telecommunications fraud and warned the public
of the dangers of such practices as "shoulder surfing."
Delaney said that corporations are being victimized to the tune of millions of
dollars by unauthorized persons "outdialing" through their private branch
exchanges (PBXs). He traced the case of Data Products, a computer peripheral
firm, that did not even seem aware that calls could be routed from the outside
through their switchboard to foreign countries. It was only, according to
Delaney, when it received a monthly telephone bill of over $35,000 that it
perceived a problem.
"It was at 5:10 PM on a certain date that Liriano finally, after weeks of
trying, was able to obtain an outside dial tone on Data Products 800 number.
Subsequent investigation showed that thousands of calls using a 9600 baud modem
as well as manually placed calls had been made to the 800 number. At 7:30 the
same evening, a call using the Data Products number was placed to the Dominican
Republic from a telephone booth near Liriano's house. Within a few hours,
calls were placed from phones all around the neighborhood -- and, within a
week, calls began being placed from booths all around Manhattan," Delaney
related.
Phiber Optik, another studio guest and a convicted computer intruder previously
arrested by Delaney, commented, "I'm glad that Mr. Delaney didn't refer to
these people as hackers, but identified them for what they are: Sleezy common
criminals. What these people are doing requires no super computer knowledge
nor desire to learn. They are simply using computers and telephones to steal."
Delaney agreed, saying, "The people actually selling the calls, on the street
corner, in their apartments, or, in the case of cellular phones, in parked
cars, don't have to know anything about the technology. They are given the
necessary PBX numbers and codes by people higher up in the group and they just
dial the numbers and collect the money. In the case of the re-chipped or clone
cellular phones, they don't even have to dial the numbers."
Delaney added, "These operations have become very organized very rapidly. I
have arrested people that have printed revenue goals for the current month,
next six months, and entire year -- just like any other franchise operation.
I'm also currently investigating a murder of a call-seller that I arrested last
October. He was an independent trying to operate in a highly organized and
controlled section of Queens. His pursuit of an independent career may well
have been responsible for his death."
Off The Hook host Emmanuel Goldstein asked Delaney what responsibility that the
PBX companies bear for what seems to be rather easy use of their systems for
such activity. Delaney responded that he thought that the companies bear at
least an ethical and moral responsibility to their clients to insure that they
are aware of their exposure and the means that they must take to reduce the
exposure. "As far as criminal and civil responsibility for the security of the
system, there are no criminal statues that I am aware of that would hold the
PBX companies criminally liable for failure to insure proper security. On the
civil side, I think that the decision in the AT&T suit about this very topic
will shed some light of legal responsibility."
Goldstein also brought up the difficulties that some independent "customer-
owned coin-operated" telephones (COCOTs) cause for customers. "The charges are
often exorbitant, access to AT&T via 10288 is sometimes blocked, there is not
even the proper access to 911 on some systems, and some either block 800 calls
or actually try to charge for the connection to the 800 numbers.
"We've even found COCOTs that, on collect calls, put the charges through when
an answering machine picks up and the caller hangs up after realizing that no
one is home. They are set up to start billing if a human voice is heard and the
caller doesn't hang up within 5 or 10 seconds."
Delaney agreed that the COCOTS that behave in this fashion are an ongoing
problem for unsuspecting users, but said that he has received no complaints
about illegal behavior. He said, however, that he had received complaints
about fraudulent operation of 540 numbers -- the local New York equivalent of a
900 number. He said "most people don't realize that a 540 number is a
chargeable number and these people fall victim to these scams. We had one case
in which a person had his computer calling 8,000 phone numbers in the beeper
blocks each night. The computer would send a 540 number to the beepers.
People calling the number would receive some innocuous information and, at the
end of the month a $55 charge on her/his telephone bill."
Delaney continued, "The public has much to be worried about related to
telephone fraud, particularly in New York City which can be called "Fraud
Central, USA." If you go into the Port Authority Bus Terminal and look up in
the balcony, you will see rows of people "shoulder surfing" with binoculars.
They have binoculars or telescopes trained on the public telephones. When they
see a person making a credit card call, they repeat the numbers into a tape
recorder. The number is then sold and, within a few days, it is in use all
around the city. People should always be aware of the possibility of shoulder
surfers in the area."
Goldstein returned to the 540 subject, pointing out that "because so many
people don't realize that it is a billable number, they get caught by ads and
wind up paying for scam calls. We published a picture in 2600 Magazine of a
poster seen around New York, advertising apartment rental help by calling a
540 number. In very tiny print, almost unreadable, it mentions a charge.
People have to be very careful about things like this."
Delaney agreed, saying, "The 540 service must say within the first 10 seconds
that there is a charge, how much it is, and that the person can hang up now
without being charged -- the guy with the beeper scam didn't do that and that
was one of the reasons for his arrest. Many of the services give the charge so
fast and mix it in with instructions to stay on for a free camera or another
number to find out about the vacation that they have won that they miss the
charges and wind up paying. The 540 person has, although he may be trying to
defraud, complied with the letter of the law and it might be difficult to
prosecute him. The average citizen must therefore be more aware of these scams
and protect themselves."
Goldstein, Phiber Optik, and Delaney spent the remainder of the show answering
listener questions. Off The Hook is heard every Wednesday evening on New York
City's WBAI (99.5 FM). Recent guests have included Mike Godwin, in-house
counsel of the Electronic Frontier Foundation; and Steve Jackson, CEO of Steve
Jackson Games.
_______________________________________________________________________________
Changing Aspects Of Computer Crime Discussed At NYACC May 15, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Barbara E. McMullen (Newbytes)
New York City -- Donald Delaney, New York State Police senior investigator, and
Mike Godwin, in-house counsel, Electronic Frontier Foundation (EFF), speaking
to the May meeting of the New York Amateur Computer Club (NYACC), agreed that
the entrance of organized crime into telecommunications fraud has made the
subject of computer crime far different than that discussed just a year ago at
a similar meeting.
Newsbytes New York bureau chief John McMullen, moderating the discussion,
recalled that Delaney in last year's appearance had called for greater
education of law enforcement officers in technological areas, the establishment
of a New York State computer crime lab, outreach by law enforcement agencies to
the public to heighten awareness of computer crime and the penalties attached
-- items that have all come to pass in the ensuing 12 months. He also
mentioned that issues involving PBX & cellular phone fraud, privacy concerns
and ongoing debate over law enforcement wiretapping & decryption capabilities
have replaced the issues that received most of the attention at last year's
meeting.
Delaney agreed with McMullen, saying that there has been major strides made in
the education of law enforcement personnel and in the acquisition of important
tools to fight computer crime. He said that the practice of "carding" -- the
purchasing of goods, particularly computer equipment, has become a much more
major problem than it was a year ago and that many more complaints of such
activities are now received.
He added that "call-selling" operations, the making of international telephone
calls to foreign countries for a fee, through the fraudulent use of either a
company's private branch exchange (PBX) or an innocent party's cellular phone
account, has become so lucrative that arrested suspects have told him that
"they are moving from drug sales to this type of crime because it is less
dangerous and more rewarding."
Delaney pointed out, however, that one of his 1991 arrests had recently been
murdered, perhaps for trying to operate as an independent in an area that now
seems to be under the control of a Columbian mob "so maybe it's not going to
continue to be less dangerous."
Delaney also said that PBX fraud will continue to be a problem until the
companies using PBX systems fully understand the system capabilities and take
all possible steps to insure security. "Many firms don't even know that their
systems have out-dialing capabilities until they get it with additional monthly
phone charges of upwards of $35,000. They don't realize that the system has
default passwords that are supposed to be changed," he said, "It finally hits
some small businesses when they are bankrupted by the fraudulent long-distance
charges."
Godwin, in his remarks, expressed concern that there is not sufficient
recognition of the uniqueness of BBS and conferencing systems and that,
therefore, legislators possibly will make decisions based on misunderstandings.
He said "Telephone conversations, with the exception of crude conference call
systems are 'one-to-one' communications. Newspapers and radio & telephone are
"one-to-many" systems but BBS" are "many-to-many" and this is different. EFF
is interested in seeing that First Amendment protection is understood as
applying to BBSs."
He continued "We also have a concern that law enforcement agencies will respond
to the challenges of new technology in inappropriate ways. The FBI and Justice
Department, through the 'Digital Telephony Initiative' have requested that the
phone companies such at AT&T and Sprint be required to provide law enforcement
with the a method of wire-tapping in spite of technological developments that
make present methods less effective.
"Such a procedure would, in effect, make the companies part of the surveillance
system and we don't think that that is their job. We think that it is up to
law enforcement to develop their own crime-fighting tools. When the telephone
was first developed it made it more difficult to catch crooks. They no longer
had to stand around together to plan foul deeds; they could do it by telephone.
Then the government discovered wiretapping and was able to respond.
"This ingenuity was shown again recently when law enforcement officials,
realizing that John Gotti knew that his phones were tapped and discussed
wrongdoings outdoors in front of his house, arranged to have the lampposts
under which Gotti stood tapped. That, in my judgement, is a reasonable
approach by law enforcement."
Godwin also spoke briefly concerning the on-going debate over encryption. "The
government, through varies agencies such as NSA, keeps attempting to restrict
citizens from cloaking their computer files or messages in seemingly
unbreakable coding. We think that people have rights to privacy and, should
they wish to protect it by encoding computer messages, have a perfect right to
do so."
Bruce Fancher, sysop and owner of the new New York commercial BBS service,
MindVox, and the last speaker in the program, recounted some of his experiences
as a "hacker" and asked the audience to understand that these individuals, even
if found attached to a computer system to which they should not legitimately
access, are not malicious terrorists but rather explorers. Fancher was a last
minute replaced for well-known NY hacker Phiber Optik who did not speak, on the
advice of his attorney, because he is presently the subject of a Justice
Department investigation.
During the question and answer period, Delaney suggested that a method of
resolving the encryption debate would be for third parties, such as banks and
insurance companies, to maintain the personal encryption key for those using
encryption. A law enforcement official would then have to obtain a judge's
ruling to examine or "tap" the key for future use to decipher the contents of
the file or message.
Godwin disagreed, saying that the third party would then become a symbol for
"crackers" and that he did not think it in the country's best interests to just
add another level of complexity to the problem.
The question and answer period lasted for about 45 minutes with the majority of
questions concerning encryption and the FBI wiretap proposal.
_______________________________________________________________________________
Couple Of Bumbling Kids April 24, 1992
~~~~~~~~~~~~~~~~~~~~~~~
By Alfred Lubrano (Newsday)
Two young Queens computer hackers, arrested for the electronic equivalent of
pickpocketing credit cards and going on a computer shopping spree, will be
facing relatively minor charges.
Rudolph Loil, age 17, of Woodside, charged with attempted grand larceny, was
released from police custody on a desk appearance ticket, a spokesman for the
Queens district attorney's office said.
A 15-year-old friend from Elmhurst who was also arrested was referred to Queens
Family Court, whose proceedings are closed, the spokesman said. He was not
identified because of his age.
Law-enforcement sources said they are investigating whether the two were
"gofers" for adults who may have engaged them in computer crime, or whether
they acted on their own.
But Secret Service officials, called into the matter, characterized the case as
"just a couple of bumbling kids" playing with their computer.
The youths were caught after allegedly ordering $1,043 in computer equipment
with a credit card number they had filched electronically from bank records,
officials said.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hackers April 27, 1992
~~~~~~~
Taken from InformationWeek (Page 8)
Two teenagers were arrested last week in New York for using computers to steal
credit card and telephone account numbers and then charging thousands of
dollars worth of goods and phone calls to the burgled accounts.
The two were caught only after some equipment they had ordered was sent to the
home of the credit card holder whose account number had been pilfered. Their
arrests closely follow the discovery by the FBI of a nationwide ring of 1,000
computer criminals, who charge purchases and telephone calls to credit card and
phone account numbers stolen from the Equifax credit bureau and other sources.
The discovery has already led to the arrest of two Ohio hackers and the seizure
of computer equipment in three cities.
_______________________________________________________________________________
DOD Gets Fax Evesdroppers April 14, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~
By Joseph Albright (Atlanta Journal and Constitution)(Page A12)
Washington -- The Air Force is buying a new weapon to battle leaks: A $30,000
portable fax-tapper.
Whenever someone transmits a fax, the fax-tapping device attached to the phone
line will sneak an electronic copy and store it in a laptop computer's memory.
Each of the new devices will enable an Air Force intelligence officer to
monitor four telephones for "communications security" violations.
Susan Hansen, a Defense Department spokeswoman, said last week that "there is
no plan right at the moment" to install the devices in the Pentagon, whose
top leaders have been outraged in recent weeks by leaks of classified policy
documents to reporters.
But she left open the possibility that some of them will be attached to
sensitive military fax lines when the tapping devices are delivered to the Air
Force six months to a year from now.
"There are a lot of things that are under review here," she said after
consulting with the Pentagon's telecommunications office.
Plans to buy 40 of the devices were disclosed a few weeks ago in a contract
notice from a procurement officer at Wright-Patterson Air Force Base near
Dayton, Ohio. When contacted, a spokesman referred inquiries to the Air
Force Intelligence Command at Kelly Air Force Base, Texas, which authorized the
purchase.
The Air Force Intelligence Command insisted that the devices will never be used
for law enforcement purposes or even "investigations."
"The equipment is to be used for monitoring purposes only, to evaluate the
security of Air Force official telecommunications," said spokesman Dominick
Cardonita. "The Air Force intelligence command does not investigate."
Mr. Cardonita said that, for decades, Air Force personnel in sensitive
installations have been on notice that their voice traffic on official lines is
subject to "communications security" monitoring. The fax-tapper simply
"enhances" the Air Force's ability to prevent "operational security"
violations, he said.
He estimated that the Air Force will pay $1.2 million under the contract, due
to be let this June. That averages out to $ 30,000 for each fax-tapper, but
Mr. Cardonita said the price includes maintenance and training.
Douglas Lang, president of Washington's High Technology Store and an authority
on security devices, said that, so far as he knows, the Air Force is the first
government agency to issue an order for fax-tapping machines.
Mr. Lang said he has heard from industry sources that 15 contractors have
offered to sell such devices to Wright-Patterson.
"It is one more invasion of privacy by Big Brother," declared Mr. Lang, who
predicted that the Air Force will use the devices mainly to catch anyone trying
to leak commercially valuable information to contractors.
Judging from the specifications, the Air Force wants a machine that can trace
leaks wherever they might occur.
Mr. Cardonita said the Air Force Intelligence Command will use the devices
only when invited onto an Air Force base by a top commander.
_______________________________________________________________________________
900-Number Fraud Case Expected to Set a Trend April 2, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By David Thompson (Omaha <Nebraska> World-Herald)
Civil court cases against abuses of 900-toll telephone number "will be slam
dunks" as the result of the successful prosecution of a criminal case in Omaha
over 900 numbers, a federal postal inspector said.
Postal inspector Michael Jones said numerous civil actions involving 900
numbers have been filed, including three recently in Iowa. At least one civil
case is pending in Nebraska, he said, and there may be others.
Jones said the mail fraud conviction of Bedford Direct Mail Service Inc. of
Omaha and its president, Ellis B. Goodman, 52, of 1111 South 113th. Court, may
have been the first criminal conviction involving 900 numbers.
The conviction also figures in Nebraska Attorney General Don Stenberg's
consumer protection program, which calls attention to abuses of 900 numbers, a
staff member said.
Among consumer complaints set to Stenberg's office, those about 900 numbers
rank in the top five categories, said Daniel L. Parsons, senior consumer
protection specialist.
People are often lured by an offer of a gift or prize to dial a toll-free 800
number, then steered to a series of 900 numbers and charged for each one,
Parsons said.
He said that during the last two years, state attorneys general have taken
action against 150 organizations for allegedly abusing 900 numbers.
_______________________________________________________________________________