==Phrack Inc.== Volume Three, Issue Thirty-four, File #11 of 11 PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Phrack World News PWN PWN PWN PWN Issue XXXIV, Part Two PWN PWN PWN PWN Compiled by Dispater PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Mind Rape or Media Rape? ~~~~~~~~~~~~~~~~~~~~~~~ Special Thanks: Night Ranger Thursday September 26, 1991 was no ordinary day for Mind Rape, a young Arizona State college student. When he finally made it home that day, he found his home had been raided by the feds. 'They took EVERYTHING! Including my Metallica tape!' he told me. After talking to him for quite a while I learned a lot, not just about his bust but about hacking in general. He instructed me not to say anything specifically on the advice of his lawyer and the EFF, but he did want me to let the real reason he was busted be known - His electronic newsletter entitled NSA (for National Security Anarchists). Mind Rape has some very important views on hacking that the government doesn't want others to hear. Some of these views were contained in his newest and soon to be released newsletter NSA issue number five, which was confiscated of course. He was also working on a book about hacker's philosophy, which was taken too. He has not yet been charged but in the eyes of the media he is already been tried and found guilty. It is unfortunate the general public gets its information from news reports like the following because, as you can see, they can be quite misleading. Hopefully once Mind Rape gets everything straight he will continue to write his book, after all it is his constitutional right to do so, and I think it be quite informative to both the hackers of the nineties and the outside world. The following is a transcript of a news report covering his story... - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Male Announcer: That student is Donald _____ of Phoenix. Officials of LDL Long Distance believe he's one of around 20 hackers who've been ripping off their company for fun and profit. In tonight's Night Team Report we'll see how this kind of thievery adds up. The nation's telephone companies loose more than a billion dollars a year to hackers. Mark Nighten (sp?) a security director for LDL Long Distance. Last month he was poring through records like these which convinced him to believe that someone was making hundreds of computer generated phone calls to his company's 1-800 access line trying to get customer's calling card codes. He went to the Phoenix Police. They got a search warrant and traced the calls to a house near 18th Drive near Union Hills. Police went there last month and came away with a computer, software and a list of phone codes, all belonging to 19 year old Donald _____ an ASU student. With nighten suspects _____ is just one of 20 hacker on his network who can make thousands of dollars worth of calls which would wind up on other people's phone bills. Mark: You can see the magnitude of this. Off of one authorization code you could have 10, maybe 150 other people... Male Announcer: Lemme ask ya...How bad are you getting ripped off here? Mark: We've had to have somebody on this 24 hours a day. We've been getting killed. Male Announcer: Hackers often sell the codes they steal to other students. So that hundreds of students and Arizona State University and University of Arizona also could be ripping of the company. Students at Arizona State University told me today that they have not herd of LDL's troubles, but they confirmed that stolen phone codes do have a way of getting around. I iz a College Student: Someone hears...ya know...about the interest and someone else knows somebody...ya know...and they tell you and you talk to them and...ya know...it's not overly expensive or anything like that. Male Announcer: Dr. Dan Kneer of Arizona State University's School of Business is a nationally recognized expert on computer crime. [who?] He contends that hacking is mushrooming. Dr. Dan: The problem that I see is that these people philosophically don't see this as a crime. For most of them this is an intellectual challenge. Male Announcer: That challenge led Dutch students to break into a United States Army Computer during operation desert storm. And as this Japanese documentary shows, it led hackers in a New York City to use payphones to commit big time rip-offs. Now it's important to point out that Donald ______, that Arizona State University student, has not yet been charged with any crime and if he is charged he is innocent until proven guilty. Female announcer: What is the penalty for hacking? Male Announcer: Just for getting into a system when you're not supposed to can be up to a year and a half in prison. But if there is criminal intent to steal, to rip-off that system, the penalty can be as high as 10 years in jail and a $150,000.00 fine. _______________________________________________________________________________ Computer Hacker Gets Probation September 26, 1991 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Special Thanks: Flaming Carrot (Pittsburgh Post-Gazette) A Mt. Lebanon woman who was able to make thousands of free long-distance telephone calls by breaking into voice mail boxes with a touch tone telephone has been placed on 10 years probation. Last Friday, Common Pleas Judge Robert E. Dauer ordered Andrea Gerulis, 20, of Castle Shannon Boulevard to make restitution of $4,300 to Magee Womens Hospital and $2,516 to Pittsburgh Cellular Telephone Co. Gerulis, a Mt. Lebanon High School graduate, was a computer hacker who entered telephone computer systems illegally so that she could make telephone calls without paying for the service. Mt. Lebanon police Detective John L. Michalec posed as a computer hacker and spent nine months investigating her activities, which were done by dialing codes on a touch-tone telephone. After a non-jury trial in May, Dauer convicted her of two counts of theft of services and two counts of unlawful use of computers. Assistant District Attorney Thaddeus A. Dutkowski recommended probation because he didn't want Gerulis to go to jail, where she could teach inmates how to commit crimes with a telephone. If she were incarcerated, she would have the largest classroom environment she could hope for, Dutkowski said. Dauer agreed that inmates already know too much about committing crimes with telephones. Gerulis told Dauer that she was sorry for what she did, that when she started, she was doing it for fun. She was also ordered to continue psychological counseling. _______________________________________________________________________________ More Archaic Government Regulations Proposed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Special Thanks: Stainless Steal Provider (New York Times) The federal government said Thursday that it would introduce a standard for authenticating electronic data later this summer, but the announcement prompted an angry reaction from one of the leading private providers of software that protects computer data. The company, RSA Data Security Inc. of Redwood City, Calif., said the government had failed to address fears about the possibility of a secret "trap door," which would permit intelligence and law-enforcement agencies to look at private data. The issue of providing special mechanisms to permit government access to private information has caused a growing public debate recently. Earlier this year an anti-terrorism bill introduced in Congress called on the computer and telecommunication industries to permit federal agencies to look at private data. But the statement was later dropped from the bill after extensive public opposition. Government officials said that it would be possible for technical experts to examine the standard when it is released this summer and they could decide for themselves whether there were any shortcomings in the design of the standard. "It will be openly published and people can inspect it to their heart's content," said James H. Burrows, head of the computer systems laboratory at the National Institute of Standards and Technology. He added that the new standard was not intended to encrypt computer data, and that the government would continue to rely on an earlier technology known as the Data Encryption Standard to actually hide information from potential electronic eavesdroppers. Burrows said there was a project under way to develop a successor to that standard, but that it was years away from completion. ______________________________________________________________________________ Computer Whiz Accused Of Illegal Access and Mischief September 25, 1991 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Peter G. Chronis (The Denver Post Page 1 "NASA vs. Hobbyist") An Aurora computer hobbyist who allegedly used a personal computer and his home phone to penetrate NASA computers hacked off Uncle Sam enough to be indicted on seven federal counts yesterday. Richard G. Wittman, 24, the alleged "hacker," was accused of two felonies, including gaining unauthorized access to NASA computers to alter, damage, or destroy information, and five misdemeanor counts of interfering with the government's operation of the computers. Wittman allegedly got into the NASA system on March 7, June 11, June 19, June 28, July 25, July 30, and Aug. 2, 1. Bob Pence, FBI chief in Denver, said Wittman used a personal computer in his home and gained access to the NASA systems over telephone lines. The investigation, which took more than a year, concluded that Wittman accessed the NASA computer system and agency computers at the Marshall Space flight Center in Huntsville, Alabama, and the Goddard Space Flight Center in Greenbelt, Maryland. The NASA computers are linked to a system called Telenet, which allows qualified people to access government data bases. A user name and password are required to reach the NASA computers. Federal sources declined to reveal more information because the complex case involves "sensitive material." Wittman, a high-school graduate, apparently hadn't worked in the computer industry and held a series of odd jobs. The felony counts against him each carry a possible five-year prison term and $250,000 fine. _______________________________________________________________________________ Security Increases ~~~~~~~~~~~~~~~~~ Special Thanks: Stainless Steal Provider (New York Times) The foundation was started by Richard Stallman, who was awarded a MacArthur Foundation fellowship in 1. While mainstream software companies have prohibited users from freely copying their programs, Stallman, who is widely respected for developing computer languages and software editing tools, has argued that information is not the same as other commodities and should be shared without cost. His password has been widely known among network users because he has refused to keep it secret. He is bitter about the changes that have accompanied the coming of age of computer networks. Last month, after security was increased at the foundation and many users were stripped of their guest privileges, Stallman said he considered giving up his quest. In the end, he decided that the cause of creating free software was too important to abandon, but he said he feels like a pariah. "Since I won't agree to have a real password, I will only be able to log in on the 'inside' machines," he wrote in an electronic message in response to a reporter's query. "I still feel partly ashamed of participating in this. I've been forced to choose between two principles, both of which are so important to me that I won't accept the loss of either of them." Idealists like Stallman and Ted Nelson, the author of the cult classic "Computer Lib," hoped that the computer revolution wouldn't be like the industrial revolution. This time the wealth -- information -- would be free to everyone and instant communication would break down the barriers between rich and poor and remake mankind. Marvin Minsky, a computer science professor at MIT, said that for 15 years, beginning in 1963, researchers at the school lived in a paradise, sharing computers and networks before a system of password protection was installed. Now that has changed. "It's sad," he said. "But Richard Stallman is living in a dream world. He has this view that his idea of computer ethics will prevail. But it's not going to happen this year or next." Instead of finding community on computer networks, many users are now confronted with virus invasions and information theft, leading to the same sense of alienation and fear felt by residents of large cities. "At first I thought this was Marshall McLuhan's global village coming to reality," said Neil Harris, a manager at General Electric Information Services Co., which sets up computer conferences and sells information to about 200,000 members around the world. "But it's not that at all. It's a lot of people connecting in hundreds of small communities based around highly specific interests." Steven Levy, who has written about the early days of computing at MIT, said that the demise of the Free Software Foundation's open door policy was inevitable. "When you pass the plate around in church you don't expect people to steal from it," he said. "But sooner or later everyone knows that the plate is unguarded, and there are always people who don't care about the church. The question is how far do you go to protect it? Do you lock the church or do you send an armed guard around with the plate?" ______________________________________________________________________________ PWN Quicknotes ~~~~~~~~~~~~~ 1. On June 12, 1991, Sirhackalot's equipment was confiscated by the Southern Bell and the FBI without any charges being filed. Neither the FBI nor Southern Bell bothered to explain why they were in his home and taking his personal possessions. Again neither party could tell Sirhackalot what he supposedly did to bring both agency's to his doorstep. Also busted were Mr.Doo and The Imortal Phreak. [Special Thanks: The Marauder (404)] _______________________________________________________________________________ 2. Bill Cook is no longer an assistant United States Attorney in Chicago. It is unknown how he left his position. Basic questions go unanswered. Did he quit or was fired? If he was fired, we'd like to know exactly why. _______________________________________________________________________________ 3. Wanted: Targets of Operation Sun Devil Computer Professionals for Social Responsibility (CPSR) is pursuing a lawsuit against the Secret Service seeking the release of information concerning Operation Sun Devil. In recently filed court papers, the agency claims that the information cannot be disclosed because, among other reasons, disclosure would violate the privacy of those individuals who are the targets of the investigation. This argument can be overcome if CPSR obtains signed releases from those individuals. CPSR is requesting the cooperation of anyone who was the subject of a Sun Devil raid on or about May 7, 1. We are prepared to enter into an attorney- client relationship with individuals responding to this request, so that confidentiality will be assured. Please respond ASAP to: David Sobel CPSR Legal Counsel (202) 544-9240 dsobel@washofc.cpsr.org _______________________________________________________________________________ 4. Recently Microsoft discovered it was the victim of trespassing. A security guard noticed two people playing volleyball on the premises and knew that they did not work for Microsoft. The officer approached the volleyball players and asked them to leave. The trespassers left. Later someone asked the security guard how he knew that the people playing volleyball were not Microsoft employees. He replied, "They had tans." [Special Thanks: Psychotic Surfer] _______________________________________________________________________________