/\###############/\/\/###################/\/\/\/\/\/\/\/####/\/\/\/\/\/\/\/\/ /###############/\/\/\/#################/\/\/\/\/\/\/\/######/\/\/\/\/\/\/\/\ ###############/\/\/\/\/###############/\/\/\/\/\/\/\/########/\/\/\/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\/\/\#####/\#####/\/\/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\/\/#####/\/\#####/\/\/\/\/\/\ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\/\#####/\/\/\#####/\/\/\/\/\/ #####enter of/\/\/\/\/\/\/\/\#####ntelligent/\/\/#####/\/\/\/\#####narchists/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\#####/\/\/\/\/\#####/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\####################/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\####################/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\####################/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\#####/\/\/\/\/\#####/\/\/\/\/ #####/\/\/\/\/\/\/\/\/\/\/\/\#####/\/\/\/\/\/\/\#####/\/\/\/\/\#####/\/\/\/\/ ###############/\/\/\/\/###############/\/\/\/\/#####/\/\/\/\/\#####/\/\/\/\/ /###############/\/\/\/#################/\/\/\/\#####/\/\/\/\/\#####/\/\/\/\/ /\###############/\/\/###################/\/\/\/#####/\/\/\/\/\#####/\/\/\/\/ Center of Intelligent Anarchists Issue #3 Release Date: 05/02/94 -------------------------------------------------- /## Editor: Totally Destroyed Prodigy:GSTD79B ####/ /########################## (Not Permanent) #####/ / Center of Intelligent Anarchists ##############/ /# c/o Totally Destroyed ###########################/ /## 2400 Derby Drive ############################/ /### Fallston, MD 21047 #######################/ ------------------------------------------------- <><><><><><><><><> Table of Contents>>>>>>>>>> <><><><><><><><><> Introduction by Totally Destroyed Subscription Information by Totally Destroyed Writing for CIA by Totally Destroyed Tips for the New Hacker &&& by Totally Destroyed Credit Card Fraud Busts by Totally Destroyed Mortar by Totally Destroyed Classified Ads by Totally Destroyed Where to Get Information by Totally Destroyed Hacking and Hackers by Mark Hittinger Tribute to Kurt Kobain by Totally Destroyed &&&-password list found in the Internet Worm of 1988 by Robert T. Morris Jr. ><><><><><><> Introduction>>>>>> ><><><><><><> Well, this is the third issue. I am doing well with putting one out each month (First Two, No Problem). I don't know how many of you have actually downloaded a single copy. If you have, how about dropping me a message (email) on one of the local boards to me that I am on. Such as: Terminal Addiction: 410-527-9549*Anarchy Outside the Wall: 410-665-1855*Anarchy (CD-ROM) The Underground Ice Kingdom: 410-823-4125*Anarchy The Dog House BBS: 410-692-5792 The Whore House: 410-296-3205 Most of those offer anarchy files. Outside the Wall has no ratios, neither does Terminal Addiction. T.U.I.K. has ratios, but they have great files. Give them a call any time. The ones with a "*" I log on daily, the others I get on maybe once every two weeks. My Handle is "Totally Destroyed" send me a message. On TUIK I don't have a handle, send it to "Totally Destroyed". Just to let me know you actually read the last issues. Then I'll know if I'm wasting my time or not. Well, on with Issue #3. ><><><><><><><><><><><><> Subscription Information>>>>>>>>> ><><><><><><><><><><><><> To receive the Center of Intelligent Anarchist's publication monthly by mail then send me a letter including Name, Address, and Where you get your copies of CIA (BBS name, Person, etc.). Prices are as follows: Hard Copy $15.00 12 issues Soft Copy Disks Supplied (specify size) $25.00 12 issues Soft Copy, you supply disks $20.00 12 issues Sample copies are available at $2.00 for hard copy and $3.50 for soft copy with the disk supplied (specify size). Send your name, address, phone number (Optional), and check, money order, or cash (Not Responisble for Lost Mail). Mail orders to: Center of Intelligent Anarchist's c/o Totally Destroyed 2400 Derby Drive Fallston, MD 21047 <><><><><><><><> Writing for CIA>>>>>>>>> <><><><><><><><> If you wish to write for the Center of Intelligent Anarchist's publication submit article to: Center of Intelligent Anarchist's c/o Totally Destroyed 2400 Derby Drive Fallston, MD 21047 Include your address, name, where I can get in touch with you (Mailing address U.S. Mail is fine), and the article. If you wish to become a regular writer tell me that as well. If you want to remain anonymous in the article that's ok, just let me know. I would like your address so I can send you information on writing regularly and so I can reach you if I have any questions on your article or want you to write again. <><><><><><><><><><><><> Tips for the New Hacker>>>>>>>>>> <><><><><><><><><><><><> This month we will be dealing with guessing passwords. Let's say that you have someone's valid user name and would like to guess their pass- word. Well, first try their first name, last name, any combinations. First or last names with a numeric or special character in it somewhere. Nicknames, and combinations. Then you could try their street name if you know it, and the city they live in, if you know it. Then try all of those backwards. Then you proceed to this list of more popular passwords. This is the list used in the Internet Worm Virus a few years ago. A few have been added. aaa cornelius guntis noxious simon academia couscous hacker nutrition simple aerobics creation hamlet nyquist singer airplane creosote handily oceanography smile albany cretin happening ocelot smiles alatross daemon harmony olivetti smooch albert dancer harold olivia smother alex daniel harvey oracle snatch alexander danny hebrides orca snoopy algebra dave heinlein orwell soap aliases december hello osiris socrates alphabet defoe help outlaw sossina ama deluge herbert oxford single amporphous desperate hiawatha pacific sparrows analog develop hibernia painless spit anchor dieter honey pakistan spring andromache digital horse pam springer animals discovery horus papers squires answer disney hutchins password strangle anthropogenic dog imbroglio patricia stratford anvils drought imperial penguin stuttgart anything duncan include peoria subway aria eager ingres percolate success ariadne easier inna persimmon summer arrow edges innocuous persona super arthur edinburgh irishman pete superstage athena edwin isis peter support atmosphere edwina japan philip supported aztecs egghead jessica phoenix surfer azure eiderdown jester pierre suzanne bacchus eileen jixian pizza swearer balley einstein johnny plover symmetry banana elephant joseph plymouth tangerine bandit ellen judith pondering target banks emerald juggle pork tarragon barber engine julia poster taylor baritone engineer kathleen praise telephone bass enterprise kermit precious temptation bassoon enzyme kernel prelude thailand batman ersatz kirkland prince tiger beater establish knight princeton toggle beauty estate lagle protect tomato beethoven euclid lambda protozoa topography beloved evelyn lamination pumpkin tortoise benz extension larkin puneet toyota beowulf fairway larry puppet trails berkeley felicia lazarous rabbit trivial berliner fender lebesgue rachmaninoff trombone beryl fermat lee rainbow tubas beverly fidelity leland raindrop tuttle bicameral finite leroy raleigh umesh bob fishers leris random unhappy brenda flakes light rascal unicorn brian float lisa really unknown bridget flower louis rebecca urchin broadway flowers lynne remote utility bumbling foolproof macintosh rick vasant burgess football mack ripple vertigo campanile foresight maggot rochester village cardinal forsythe malcolm rolex virginia carmen fourier mark romano warren carolina fred markus ronald water caroline friend marty rosebud weenie cascades frighten marvin rosemary whatnot castle fun master roses whiting cat fungible maurice ruben whitney cayuga gabriel mellon rules will celtics gardner merlin ruth wiliam cerulean garfield mets sal williamsburg change gauss michael saxon willie charles george michelle scamper winston charming gertrude mike scheme wisconsin charon ginger minimum scott wizard chester glacier minsky scotty wombat cigar gnu moguls secret woodwind classic golfer moose sensor wormwood clusters gorgeous morley serenity yaco coffee gorges mozart sharks yang coke gosling nancy sharon yellowstone commrades graham nepenthe sheldon zap computer gryphon ness shiva zimmerman condo guest network shivers cookie guitar newton shuttle cooper gumption next signature These can all be tried with a special character (!,@,#,$,%,^,&,*,(,),etc.) at the end of the word, the beginning of the word, or any place in the middle. Try the following substitutions: S----------$ ex. PA$$WORD I----------! ex. S!GNATURE C----------( ex. (ATTLE A----------@ ex. @SSOCIATES Also, try the User Name "Anonymous" or "Guest" or "Friend" or "New User". Then try the following passwords with each: Anonymous Guest Friend New User New Test Password When all that fails, start at page one of the Dictionary and work your way through. If all that fails start over and use each word backwards. If all that fails find a new account (if you were dumb enough to try that one for that long.) If you continue hacking that account for very long, you WILL get busted. <><><><><><><><><> Credit Card Busts>>>>>>>>>>> <><><><><><><><><> Sometime last year two asian men traveled throughout Miami, Florida and spent over $260,000. They used well over 20 credit cards they had manufactured. These two men were part of a large credit card fraud group that in the past year has carded over $260,000,000. These men as well as the ringleader of the group were arrested by the secret service sometime last month. The ringleader will be serving 4 years in a federal prison. The funny thing is the lack of observation on the clerks part. The video tapes were reviewed, and the clerks had handed the card back before the man using it even signed the transaction slip. The clerk had no way to check the signatures. The clerk also didn't look at the name of he/she would have noticed that the names on the cards were not asian. This is inexcusable says fomer Visa Employee. The cards should have been checked better. ><><><> Mortar>>>>>> ><><><> This handy weapon can be made to shoot scrap metal and/or glass. Materials Needed for Construction: Iron Pipe 3 feet long and 2 inches to 4 inches in diameter. If you will be shooting tennis balls or oranges make sure that your ammo will fit in the pipe snugly Threaded cap to fit pipe Battery and Wire Tools Needed for Contruction: None First screw the cap on the end of the pipe. The cannon is now completed. Burry the pipe in the ground. Make sure the pipe is angled in the desired direction. The end should be almost flush with the ground. Place about 1/2 pound of gunpowder or similar propellant on a cloth. Wrap this up into a package and insert an ignitor (ESTES Model Rocket) into the powder with the leads connected to about ten feet of wire. Put this in the pipe with the insulated wires hanging out the open end. Tamp another piece of cloth in the pipe for wadding. Then pour in the screws, nuts, nails, broken glass, or small stones as your projectiles. BB's or shotgun shot work well also. You then get behind the tube and connect the wires to a 9-volt battery. If there is a clean connection between the igniter and the wires, then it will go off. ><><><><><><><> Classified Ads>>>>>> ><><><><><><><> I know this really isn't anarchy related, but if you have anything you wish to sell, then send me an ad and I will post it in the next issue of CIA. Don't forget to include your phone number or address in the ad. Send ads to: CIA Classified Ads c/o Totally Destroyed 2400 Derby Drive Fallston, MD 21047 ****************************************************** * I have the following AD&D books for sale: * * Players Handbook $15.00 * * Tome of Magic $12.00 * * Monsterous Compendium Vol. 1 * * $18.00 * * Contact Totally Destroyed at 2400 Derby Drive * * Fallston, MD 21047. If you wish to make an* * offer of less than the above than * * write me and I'll get back to you. * ****************************************************** Skateboard wanted. Preferably in fairly good condition. Completes only. Contact Doug Haller........410-893-0785 That's all the ads this month. ><><><><><><><><><><><><> Where to Get Information>>>>>> ><><><><><><><><><><><><> Here's the address of some Magazine's that I thought you might be interested. 2600 Subscription Department P.O. Box 752 Middle Island, NY 11953-0752 -the ultimate hacker/phreak/computer enthusiast magazine (Subscription: $22.00 per four issues.) Mondo 2000 P.O. Box 10171 Berkeley, CA 94709-5171 Phone: 1-510-845-9018 Fax: 1-510-649-9630 -hacking CIA Magazine Archives c/o Totally Destroyed 2400 Derby Drive Fallston, MD 21047 -collection of "Anarchy Files" commonly found on BBS also has some of the phrack files and Computer Underground Digest, write for catalog ($1.00) You can write any of the above for pricing and other assorted information. CIA's catalog is $1.00 due to shipping costs. <><><><><><><><><><><> Beige Boxes Revisited>>>>>> <><><><><><><><><><><> Yes, I know that their are many, many plans for beige boxes floating and these plans are nothing new, but I will cover more ways to use the beige box than the other files I have seen floating around. Materials: Phone cord (To plug into the wall) or Cheap one piece phone, touch tone Wire stripper 2 Alligator Clips Few hundred feet of thin wire Sodder Soddering Iron First you need to decide if you wish to hook up a phone in your house to the box you are doing this to. If not you won't need the thin wire, sodder, or soddering iron. Now take the phone cord, or the cord coming out of the cheap one piece phone. And cut off the plug that goes in the wall. Then strip off the insulation. You should see four wires inside of this. One is Green, one is Red, one is Black, and one is Yellow. If they are not color coded, then you want the two middle ones. Cut off the yellow and black ones. They are not needed. Strip off the red and green ones though. Then attach the alligator clips to these wires (might require sodder). If you used a cheap phone, you're pretty much done, if not the plug the other end of the wire into a phone and you're done. Now go find a junction box. Bring your beige box and a 7/16 inch hex driver. Open up the box with the driver. Then look inside (make sure this is not the box on your porperty). Find the green wire and the red wire. Hook them up appropriately. When I did it, the box had two of each and I hooked up my red to red and my green to the other red. I don't know why, but if green to green and red to red don't work, fool around with it. Sooner or later you'll hit a combination that works. Don'w mess with the yellow and black though, they aren't used. When you finally get a dial tone (on the phone), dial your own phone number. If it is busy then you're tapped in on your on line, if not then you have someone elses line. I wouldn't do this when they might get on the phone, because what you're on is just like another extension in their house. You could bring your laptop and call long distance bbs. Anyway, this is a great way to get someones parents wondering about them. Find a house where it is the parents and only male children (atleast 11 yrs. + old). Run up huge charges on gay porno lines. This is all billed to their line. If you want this to be more permanent. Run the long wire from the red and from the green on your phone wire (beige box) and then run it all the way to the box from your house. hook up the alligator clips and close the box. Hide the wire. Now you have an extension in your house, yet it's their number. Don't leave it their for too long, someone might notice it. Well, that's it. <><><><><><><><><><> Hacking and Hackers>>>>>>. <><><><><><><><><><> Hacking and Hackers: The Rise, Stagnation, and Renaissance. Copyright(C) 1991 By Mark Hittinger (an288@freenet.cleveland.edu, #60 on Blitzkrieg) This document may be freely reproduced so long as credit to the author is maintained. It doesn't take a rocket scientist to figure out that the publicity afforded to hacking has risen to peak levels within the last year. As one would expect, the political attention being paid to the subject of hackers has also risen to peak levels. We are hearing more about hackers each day. The newspapers have articles about alleged computer crime and phone fraud almost weekly. The legal system is issuing indictments, the secret service is running around with wildcard search warrants, and captured naive hackers are turning on each other. Some well known computer people have formed a lobby called the "Electronic Frontier Foundation". Fox TV has news people on the scene during a bust of an alleged "hacker" who was invading their own doofus system! Non-computer "lay" people have been asking me a lot of questions. So who am I? I'm just another computer bum. I got into computers in the early seventies during high school. I've witnessed computing's rise as something social outcasts did to something everybody wanted to be a part of. Babes looked at us with disgust as we grabbed our data on 110 baud teletypes and paper tape. Rolls of paper tape and access to timeshared basic was so great that we didn't even think that it could get better. Well guess what? Computers and our social position kept getting better. It got so good that pretty soon everybody wanted to ask us questions. These days we are like doctors at a cocktail party, we are always getting hit on for free computer consulting! Even from the babes! You've come a long way baby! Later I got into the professional side, that is, systems programming, systems management, and software development. I've worked with GE, Xerox, IBM, Digital, CDC, HP, Prime, anything I could get my hands on. I dearly loved the DEC-10, learned to live with VAX/VMS, and now grit my teeth when I work with Unix/MS-DOS. My hobby became my career, and they paid me money for it. My chosen hacking name is "bugs bunny" and you can find me on some bulletin boards as user "bugs". Bugs was always creating virtual rabbit holes out of thin air and dodging in and out of them. True hackers love to find and fix software "bugs". Yea!! I'm 34 now and a dad. Being involved in computers for a long time gives me a better perspective than most. Over the years there would sometimes be a major media coverage of some computer crime event. As a local computer "heavy", there were always questions coming my way about what these things were all about. Lately, the questions are more frequent and more sophisticated. All these big highly publicized busts are opening a lot of issues. I didn't have answers to some of these questions so I sat down and did some thinking. Writing this article is an outgrowth of that. I am not a writer so grant me some journalistic slack. Back in the early seventies hacking was quite free. Most of the important stuff was running on batch mainframes that had no connection to the outside world. The systems that we played with were not really considered critical by anyone. We were allowed to play to our hearts content, and nobody really worried about it at all. This period is what I like to think of as the "rise of hacking". You can read about some of it in the first section of Levy's book, "HACKERS". I love that section and read it when current events depress me. In those days the definition of hacker was clear and clean. It was fun, it was hi-tech, it was a blast, and it was not a threat. There were no big busts, very few people understood computing, and the public had no interest in it. We hacked for the sheer love of it. How can I describe the depth of interest that we had? We were not concerned with our image or our "identity". We wrote games, wrote neat hacks, and learned the strengths or weaknesses of each system. We were able to obtain access to a broad range of systems. Consider teenage boys comparing and contrasting the systems designed by older engineers! We eventually reached a point where we decided how a system should be set up. At this point we began to make an annoyance of ourselves. In all instances the various administrations considered us minor annoyances. They had much more pressing problems! New users began to show up in the labs. They reluctantly wanted to get something done that absolutely had to be done on the computer. In many cases they had no idea how to start, and were left to their own devices. Centralized data processing management (MIS) didn't want to deal with them. Often, they saw us playing around, joking, laughing, carefree, and not at all intimidated by the computer. They, on the other hand, were quite intimidated. We helped these people get started, showed them were the documentation was, and explained various error conditions to them. We quickly developed reputations as knowing how to get something to work. One of the people I helped made a remark to me that has stuck with me for a long time. He said, "I am trained as a civil engineer, so I don't have a feel for this. But you, you are pure bred. You've gotten into this fresh and taught yourself from the ground up. You haven't been trained into any set doctrine." Phar out man! This is an important point. There were no rules, guidelines, or doctrines. We made our own up as our experiences dictated. As time wore on, the new user pool began to grow more rapidly. The computers began to creak and groan under the work loads that were being placed upon them. During the day time, we came to the computer area to find it packed. We could no longer access the computers during the day. After all, we were just playing! That was OK with us. Soon we were there at night and on weekends. We obtained the off-hour non-prime time access, but this put us further away from the mainstream. These new guys liked the timeshared computers much more than their mainframe batch machines. They started to move their darn *important* crud from the mainframe machines to "our" timesharing computers. Pretty soon the administrations started to think about what it meant to have payroll or grades on the same computers that had "star-trek version 8", "adventure", or "DECWAR version 2.2". They were concerned about security on the timesharing systems, but due to their budget constraints, most of the centralized MIS shops still had to give priority to their batch mainframes. We continued to play, but we cursed at the slow systems when the important stuff was running. I got off "tuning" systems to make them run faster or more efficiently. Interactive response time became the holy grail. The "rise of hacking" was beginning to run out of steam. The timesharing systems had been expanded as much as technology and budgets would allow. We had learned the various systems internals inside and out. We now knew much more about the systems than the "official" maintainers did, and these maintainers perceived us as a threat to their positions. The computers were still overloaded. The nasty politics of access and resources began to rear their head. A convenient scapegoat was to eliminate access to games. Eliminate the people that were just playing. Examine all computing activity and bill for it. This didn't solve any of the problems (we all knew payroll and grades wouldn't fit in!) but it did raise the issue of the hackers to the surface. All of a sudden we became defined as a problem! We were soon getting shut out of various systems. New kids began to show up and pretend to be hackers. They would do anything to show off, and created large problems for "us". At this point the "stagnation" period was beginning. These were hard days for us. Many of my friends quit what they were doing. Many of us got real jobs on the computers we played with as a dodge. Centralized MIS departments began to be placed between the rock and hard place of limited budgets and unlimited customers. The new kids, the overloaded systems, the security concerns for the important applications, and the political situation all resulted in the stagnation of hacking. "Hacker" took on a bad connotation. I saw all kind of debates over what "hacker" meant. Some claimed it was a compliment, and should only be awarded to those bit twiddlers that were truly awesome. Many claimed that hackers were the scum of the earth and should be totally decimated! What could you do but stay out of the way and let things take their course? I realize now that it was in the MIS departments' *VESTED INTEREST* to define the term "hacker". Centralized MIS did not have the courage to fight for larger budgets. Upper level administrators who just approved the budget would freak out when they saw kids playing games on the computers in the library. MIS had to define this as bad, had to say they would put a stop to it. MIS had to look like they were managing the computer resources responsibly. Any unusual or politically unacceptable computer event that couldn't be covered up was caused by "hackers". It was a dodge for MIS! I am not saying that some questionable stuff didn't go down, I am just saying that it was logical to call anything "bad" by some sort of easily accepted label - "hackers". Of course, when the unusual computing event took place your budding journalists were johnny on the spot. You don't climb that journalist ladder by writing about boring stories. Wild computer stories about hacking captured the public interest. I suppose the public liked to hear that somebody could "beat" the system somehow. Journalists picked up on this and wrote stories that even I found hard to believe. The new kids, even when not asked, would blab all day long about the great things that they were doing. And don't you know, they would blab all day long about great hacks they heard that you pulled! Stories get wilder with each re-telling. I realize now that it was in the journalists' *VESTED INTEREST* to define the term "hacker". The public loves robin hood, the journalists went out and found lots of pseudo-robin hoods. More and more stories began to hit the public. We heard stories of military computers getting penetrated. We heard stories of big financial rip-offs. We heard cute stories about guys who paid themselves the round-off of millions of computer generated checks. We heard stories of kids moving space satellites! We heard stories of old ladies getting their phone bills in a heavy parcel box! As an old timer, I found a lot of these stories far fetched. It was all national inquirer type stuff to me. The public loved it, the bureaucrats used it, and the politicians began to see an opportunity! The end of the "stagnation" period coincides the arrival of the politicians. Was it in the *VESTED INTEREST* of the politicians to define the term "hacker"? You bet! Here was a safe and easy issue! Who would stand up and say they were FOR hackers? What is more politically esthetic than to be able to define a bad guy and then say you are opposed to it? More resources began to flow into law enforcement activities. When actual busts were made, the legal system had problems coming up with charges. The legal system has never really felt comfortable with the punishment side of hacking, however, they LOVE the chase. We didn't have guns, we were not very dangerous, but it is *neat* to tap lines and grab headlines! What a dangerous time this was. It was like a feedback loop, getting worse every week. When centralized MIS was unable to cover up a hacking event, they exaggerated it instead. Shoddy design or poor software workmanship was never an issue. Normally "skeptical" journalists did not ask for proof, and thrilled at the claims of multi-million dollar damages. Agents loved to be seen on TV (vote for me when I run!) wheeling out junior's Christmas present from last year, to be used as "evidence". The politicians were able to pass new laws without constitutional considerations. New kids, when caught, would rabidly turn on each other in their desperation to escape. Worried older hackers learned to shut up and not give their side for fear of the feeding frenzy. Hackers were socked with an identity crisis and an image problem. Hackers debated the meaning of hacker versus the meaning of cracker. We all considered the fundamental question, "What is a true hacker?". Cool administrators tried to walk the fine line of satisfying upper level security concerns without squelching creativity and curiosity. So what is this "renaissance" business? Am I expecting to see major hacker attacks on important systems? No way, and by the way, if you thought that, you would be using a definition created by someone with a vested interest in it. When did we start to realize that hacker was defined by somebody else and not us? I don't know, but it has only been lately. Was it when people started to ask us about these multi-million dollar damage claims? I really think this is an important point in time. We saw BellSouth claim an electronically published duplicate of an electronic document was worth nearly $100,000 dollars! We later saw reports that you could have called a 1-800 number and purchased the same document for under twenty bucks. Regular non-computer people began to express suspicion about the corporate claims. They expressed suspicion about the government's position. And generally, began to question the information the media gave them. Just last month an article appear in the Wall Street Journal about some hackers breaking in to electronic voice mail boxes (fancy answering machines). They quoted some secret service agent as saying the damages could run to the tens of millions of dollars. Somebody asked me how in the world could screwing around with peoples answering machines cause over 10 million dollars in damages? I responded, "I don't know dude! Do you believe what you read?" And when did the secret service get into this business? People say to me, "I thought the secret service was supposed to protect the president. How come the secret service is busting kids when the FBI should be doing the busting?" What can I do but shrug? Maybe all the Abu-Nidals are gone and the president is safe. Maybe the FBI is all tied up with some new AB-SCAM or the S&L thing. Maybe the FBI is damn tired of hackers and hacking! In any event, the secret service showed it's heavy hand with the big series of busts that was widely publicized recently. They even came up with *NEAT* code names for it. "Operation SUNDEVIL", WOW! I shoulda joined the secret service!!! Were they serious or was this their own version of dungeons and dragons? In a very significant way, they blew it. A lot of those old nasty constitutional issues surfaced. They really should define clearly what they are looking for when they get a search warrant. They shouldn't just show up, clean the place out, haul it back to some warehouse, and let it sit for months while they figure out if they got anything. This event freaked a lot of lay people out. The creation of the Electronic Frontier Foundation is a direct result of the blatantly illegal search and seizure by the secret service. People are worried about what appears to be a police state mentality, and generally feel that the state has gone to far. I think the average American has a gut level feel for how far the state should go, and the SS clearly went past that point. To be fair, there aren't any good guidelines to go by in a technical electronic world, so the secret service dudes had to decide what to do on their own. It just turned out to be a significant mistake. I saw Clifford Stoll, the author of the popular book "Cuckoos Egg" testify on national C-SPAN TV before congress. His book is a very good read, and entertaining as well. A lot of lay people have read the book, and perceive the chaos within the legal system. Stoll's book reveals that many systems are not properly designed or maintained. He reveals that many well known "holes" in computer security go unfixed due to the negligence of the owners. This book generated two pervasive questions. One, why were there so many different law enforcement agencies that could claim jurisdiction? Lay people found it amazing that there were so many and that they could not coordinate their efforts. Two, why were organizations that publicly claimed to be worried about hackers not updating their computer security to fix stale old well known problems? If indeed a hacker were able to cause damage by exploiting such a well known unfixed "hole", could the owner of the computer be somehow held responsible for part of the damage? Should they? We all watched in amazement as the media reported the progress of Robert Morris's "internet worm". Does that sound neat or what? Imagine all these lay people hearing about this and trying to judge if it is a problem. The media did not do a very good job of covering this, and the computing profession stayed away from it publicly. A couple of guys wrote academic style papers on the worm, which says something about how important it really was. This is the first time that I can remember anyone examining a hacking event in such fine detail. We started to hear about military interest in "worms" and "viruses" that could be stuck into enemy computers. WOW! The media accepted the damage estimates that were obviously inflated. Morris's sentence got a lot of publicity, but his fine was very low compared to the damage estimates. People began to see the official damage estimates as not be%9g very credible. We are in the first stages of the hacking renaissance. This period will allow the hackers to assess themselves and to re-define the term "hacker". We know what it means, and it fits in with the cycle of apprentice, journeyman, and master. Its also got a little artist, intuition, and humor mixed in. Hackers have the chance to repudiate the MISs', the journalists', and the politicians' definition! Average people are questioning the government's role in this and fundamental rights. Just exactly how far should the government go to protect companies and their data? Exactly what are the responsibilities of a company with sensitive, valuable data on their computer systems? There is a distinct feeling that private sector companies should be doing more to protect themselves. Hackers can give an important viewpoint on these issues, and all of a sudden there are people willing to listen. What are the implications of the renaissance? There is a new public awareness of the weakness in past and existing systems. People are concerned about the privacy of their electronic mail or records on the popular services. People are worried a little about hackers reading their mail, but more profoundly worried about the services or the government reading their stuff. I expect to see a very distinct public interest in encrypted e-mail and electronic privacy. One of my personal projects is an easy to use e-mail encrypter that is compatible with all the major e-mail networks. I hope to have it ready when the wave hits! Personal computers are so darn powerful now. The centralized MIS department is essentially dead. Companies are moving away from the big data center and just letting the various departments role their own with PCs. It is the wild west again! The new users are on their own again! The guys who started the stagnation are going out of business! The only thing they can cling to is the centralized data base of information that a bunch of PCs might need to access. This data will often be too expensive or out-of-date to justify, so even that will die off. Scratch one of the vested definers! Without centralized multi-million dollar computing there can't be any credible claims for massive multi-million dollar damages. Everyone will have their own machine that they can walk around with. It is a vision that has been around for awhile, but only recently have the prices, technology, and power brought decent implementations available. Users can plug it into the e-mail network, and unplug it. What is more safe than something you can pick up and lock up? It is yours, and it is in your care. You are responsible for it. Without the massive damage claims, and with clear responsibility, there will no longer be any interest from the journalists. Everybody has a computer, everybody knows how much the true costs of damage are. It will be very difficult for the journalists to sensationalize about hackers. Scratch the second tier of the vested definers! Without media coverage, the hackers and their exploits will fade away from the headlines. Without public interest, the politicians will have to move on to greener pastures. In fact, instead of public fear of hackers, we now are seeing a public fear of police state mentality and abuse of power. No politician is going to want to get involved with that! I expect to see the politicians fade away from the "hacker" scene rapidly. Scratch the third tier of the vested definers! The FBI and the secret service will be pressured to spend time on some other "hot" political issue. So where the heck are we? We are now entering the era of truly affordable REAL systems. What does REAL mean? Ask a hacker dude! These boxes are popping up all over the place. People are buying them, buying software, and trying to get their work done. More often than not, they run into problems, and eventually find out that they can ask some computer heavy about them. Its sort of come full circle, these guys are like the new users of the old timesharing systems. They had an idea of what they wanted to do, but didn't know how to get there. There wasn't a very clear source of guidance, and sometimes they had to ask for help. So it went! The hackers are needed again. We can solve problems, get it done, make it fun. The general public has the vested interest in this! The public has a vested interest in electronic privacy, in secure personal systems, and in secure e-mail. As everyone learns more, the glamour and glitz of the mysterious hackers will fade. Lay people are getting a clearer idea of whats going on. They are less willing to pay for inferior products, and aren't keen about relying on centralized organizations for support. Many know that the four digit passcode some company gave them doesn't cut the mustard. What should we hackers do during this renaissance? First we have to discard and destroy the definition of "hacker" that was foisted upon us. We need to come to grips with the fact that there were individuals and groups with a self interest in creating a hysteria and/or a bogeyman. The witch hunts are over and poorly designed systems are going to become extinct. We have cheap personal portable compatible powerful systems, but they do lack some security, and definitely need to be more fun. We have fast and cheap e-mail, and this needs to be made more secure. We have the concept of electronic free speech, and electronic free press. I think about what I was able to do with the limited systems of yesterday, and feel very positive about what we can accomplish with the powerful personal systems of today. On the software side we do need to get our operating system house in order. The Unix version wars need to be stopped. Bill Gates must give us a DOS that will make an old operating system guy like me smile, and soon! We need to stop creating and destroying languages every three years and we need to avoid software fads (I won't mention names due to personal safety concerns). Ken Olsen must overcome and give us the cheap, fast, and elegantly unconstrained hardware platform we've waited for all our lives. What we have now is workable (terrific in terms of history), but it is a moral imperative to get it right. What we have now just doesn't have the "spark" (I am not doing a pun on sun either!!!). The hackers will know what I mean. If we are able to deal with the challenges of the hacking renaissance, then history will be able to record the hackers as pioneers and not as vandals. This is the way I feel about it, and frankly, I've been feeling pretty good lately. The stagnation has been a rough time for a lot of us. The stock market guys always talk about having a contrarian view of the market. When some company gets in the news as a really hot stock, it is usually time to sell it. When you hear about how terrible some investment is, by some perverse and wonderful force it is time to buy it. So it may be for the "hackers". We are hearing how terrible "hackers" are and the millions of dollars of vandalism that is being perpetrated. At this historic low are we in for a reversal in trend? Will the stock in "hackers" rise during this hacking renaissance? I think so, and I'm bullish on the 90's also! Party on d00des! ><><><><><><><><><><><> Tribute to Kurt Kobain>>>>>>>> ><><><><><><><><><><><> Kurt Kobain, the former lead singer of Nirvana, commited suicide sometime between Thursday, April 7, 1994 and Friday April 8, 1994 with a sawed off shotgun. He put the barel to his face and pulled the trigger. He did leave a suicide note, and although I don't have access to the exact letter, I can summarize the reading of the note for you. Courtney Love, now widowed wife of the late Kurt Kobain, sent a tape to the organizer's of a candle tribute to Kurt Kobain on April 11, 1994. On the tape she read the parts of the letters she said were directed to the fans, but the parts that were "None Of Your Damn Buisiness" she left unknown. The main theme behind his letter is that he hates the band Nirvana, hated his life, hated his music, and was living a lie. Well, in our daily activities lets all remember one of the greatest men in punk rock today. A man who wanted to entertain and make music. Let's not forget him, "Kurt Kobain, we will never forget you and the music that you have made for the past five or so."