Professional Documents
Culture Documents
4
6
9
!
13
15
17
19
20
22
23
24
25
26
29
30
31
32
34
48
49
50
52
54
58
60
61
62
64
66
On page ZD of this issue you can
peruse some of the responses we received
to the survey mailed out to subscribers
this spring. We've learned quite a bit from
the feedback we've gotten and are quite
heartened by the senti ments expressed
and by the dedication so many of our
readers have. That alone is enough of a
reason to keep going.
However we did notice one rather
disturbing thing. A significant number of
readers (we estimate somewhere in the
ZD-D percent range) believe we should
leave the "politics" out of our maga
zine. While more people seemed to go
the other way, we believe this number is
large enough to be indicative of a trend,
one that needs addressing.
Of a II of the responses we received
back, not a single one defined what was
meant by "politics" within our pages. We
don't edit out brief opinions on current
events from our authors and letter writers
unless it really gets away from the subject
matter - which means uDy opinion could
be represented if expressed. Could it be
our overall tone of rebellion, questioning,
and thinking outside the box? If so, that
would be kind of hard to suppress, our
being a hacker magazine and all. The
other (and most likely) possibility is
that the "pol itics" in question are what
is expressed on these two pages - the
editorial.
How we could ever agree to not
address particular issues and express
certain opinions in our own editorial is
beyond us. But a good number of people
honestly seem to be disturbed by what
we say hre. This is all fine and good as
l
[
0 +
an opinion piece exists to evoke reaction
and make people think. But if we were
to encourage people not to talk about
certain things at all, there would be a real
danger of blinding ourselves to reality.
First, let's clarify. Strictly speaking,
we're not talking politics here insofar as
we're not endorsing candidates or putting
forth one particular political ideology over
a
l
[
0
Y
do ni cel y. Make a qui ck check for Troj ans by
sendi ng a few Ctrl+D' s and l og on. I assume
you have access to compi l er tool s, but you
have one probl em. The sysadmi n i mpl e
mented quotas for the average user. Lucki l y,
you are not the average user. You have a
hi gher pr i or i ty.
Before we start, we shou l d " cl ear" the
machi ne. Run w, who, last and l ook for
ei t her users current l y connected other
than yoursel f or users who have l ogged i n
remotel y recent l y. Assumi ng t hi s i s a si ngl e
user mach i ne, you shou l d be the onl y user
l ogged i n . You may want to run a scr i pt that
mon i tors networ k acti vi ty of you r mach i ne i n
real t i me. The fol l owi ng accompl i shes that:
while true ; do netstat -tn > frst ;
sleep 1 ; netstat -tn > second ; diff
frst second ; done
Run the above in any termi nal ( al l one
l i ne) . Changi ng the arguments to netstat from
-tn to -tev wi l l gi ve you more verbose i nfor
mati on. Now that we' ve cl eared the system,
l et ' s conti nue.
J ump i nto /tmp and make a di rectory to
work i n . Name it somet hi ng that won't draw
attent i on. For exampl e, i f a lot of users r un
gnome/kde you may have fol ders of t he
format or bi t-username. Make a di rectory of
a s i mi l ar format to bl end i n. Qu i ckl y chmod
th i s di rectory 700 to keep others out.
I ns i de your t mp fol der, use l ynx or l i n ks
to downl oad the Fl uxBox source code from
http:/ /fuxbox . sourceforge . net/download .
php . Now untar and gunzi p the arch i ve.
Next, r un. /confgure --prefx=$HOME/fuxbox
to i nsta l l the appl i cati on i n your home
di rectory.
make
make install
Assumi ng al l goes wel l , you ' l l need to
wri te your -/. xi ni trc fi l e. Don ' t forget to
remove your /tmp fol der !
My . xi ni trc contai ns:
xterm&
xclock&
gnome-terminal&
exec $HOME/fuxbox/bin/fuxbox
Add whatever appl i cati ons you l i ke to the
top. Now, maybe you ' re wonder i ng, i f Xl l i s
al ready ru nni ng GDM, how do I r un startx?
The answer is pass i ng one argument.
startx -- : 1
Moments l ater you wi l l be greeted by
you r own personal desktop.
Now that X i s runni ng, you shou l d make
a few more changes. Edi t the fol l owi ng fi l es
found i n your $ HOME di rectory.
. login
. profile
. bashrc ( your s hel l confi gurat i on fi l e)
: update utmp/wtmp records when command is
launched. Th i s hel ps l i mi t the i nfo showi ng
up i n the l ogs about you.
When l oggi ng out, exi t fl uxbox normal l y,
and remember to al ways l og out of the
consol e and to swi tch back to the GDM by
press i ng Ctrl-A1t+F7 .
Remember to chmod your home di rectory
700 to keep others out. I f i t ' s 750 a l l students
can vi ew your fi l es, and i f i t ' s 755 everyone
can vi ew your fi l es.
Us i ng /tmp is my fi rst exampl e of
bypassi ng quotas. But what if you l i ke
watchi ng vi deos or l i sten i ng to mus i c but
can ' t because of the l ack of space? Take a
l ook at how much RAM your mach i ne has
and the s i ze of the swap fi l e. Most machi nes
at my u n i vers i ty have 1 GB of RAM, and, I
ki d you not, one machi ne has a 20GB swap
parti ti on. Many programs a l l ow the bufer i ng
of data i n cache/memory/swap. MPl ayer for
exampl e. If you r un
mplayer -cache 1 0 0 0 0 0 0 -cache-min 99
-http : / / 1ocation . of . fle
i t wi l l downl oad 1 GB i nto RAM! You can
watch your movi e and l eave no trace of i t
on the hard dri ve. Let the cache fi l l wh i l e
you work; i t ' l l start pl ayi ng when i t ' s done.
I ' m cur i ous i f someone more knowl edge
abl e t han me cou l d i mpl ement a fi l e system
wi t h i n the swap space? Some systems onl y
go as far as a quota and l eave memory usage
u n l i mi ted.
Another t r i ck to get ar ound quotas is to
l ook for a l l wor l d wri teabl e fol ders. The fi nd
command can hel p you out:
fnd / -type d -perm -o+w -ls 2>/ dev/
-null 1 >worldwriteable . txt
Al l er rors go to /dev/nu l l and a l l wor l d
wr i teabl e di rector i es wi l l be i n wor l dwri te
abl e. txt. Dependi ng on what you fi nd, you
wi l l have consi derabl y more space at your
di sposal !
Another usefu l program i s l ocate. You can
run:
updatedb --output /tmp/MyDB
to create a database you can search wi th
l ocate. I suggest copyi ng i t to a di sk or a
remote server. You can search your l ocate
database by pass i ng the argument:
locate -d MyDB
I strongl y suggest search i ng your user |.
In doi ng so, I di scovered my campus has an
unpubl i shed backup server t hat stores every
del eted fi l e. I was not i nformed of i ts exi s
tence and i f not for l ocate I never wou l d
have known.
I hope you enj oyed th i s art i cl e. Remember,
you are not an average user. L i mi ts do not
appl y to you . Look for what they mi ssed, and
enj oy.
If you use gnome-termi nal , I recom
end edi ti ng your profi l e and u nchecki ng
l[
0 Z %
[
ZH0
Social Engin
by Poacher
I worked for a wh i l e as a store detecti ve
and the man that hi red me gave me a pi ece
of advi ce: " Son, thi s cou l d be the du l l est,
most depressi ng job you wi l l ever have i n
your l i fe. Ten hours wal ki ng ar ound a store
wi l l make you qui t i n two days. But t hi s j ob
i s what you make of i t. I f you get creati ve i t
can be the most fun you ' l l ever have. "
He was r i ght on both counts. My fi rst two
days were hel l on earth. Then at the end of
the second day I sat down and deci ded that
rather t han gi ve up I woul d fi gure out a way
to be good at it. Two years l ater when I even
tua l l y qui t over a di spute over wages, I was
l ovi ng every second of the j ob.
I took that same atti tude wi t h me when I
started out wor ki ng as a pr i vate detecti ve. To
some peopl e spendi ng 1 8 hours at a stretch
s i tt i ng i n a car desperate to take a l eak may
not sound fun. But i t was the chal l enge, the
seeki ng for hi dden knowl edge. Spendi ng a
week fol l owi ng someone' s every movement
and at the end of i t they don ' t even know you
exi st, yet you knew everythi ng about them.
Sounds fami l i ar ? I t' s the " hacker h i gh" -
that feel i ng you get from acqui ri ng knowl
edge t hat t hey don ' t want you t o have and
gett i ng i t wi t hout them ever knowi ng.
Anyway, back to the topi c i n hand. As a
pr i vate eye I was good at the covert s urvei l
l ance stuff. Si tt i ng i n cars and fol l owi ng
peopl e eventual l y became second nature.
But ear l y on I started meet i ng guys who
never needed to do that. They cou l d knock
on a door and get the i nformati on i n fi ve
.
t .
. 1C
by Knl ghtlOrd
Knl ghtl Ord@hotmai l . com
Programmi ng today has become a
di vi ded front. On one si de you have the
MS . NET programmers and on the other
si de you have the L i nuxlJ ava/Web program
mers. When someone deci des they want to
start wri ti ng software they are faced wi t h
one i mportant quest i on: Whi ch l anguage
to l earn fi rst? Al though th i s questi on i s
" i mportant," i t shou l d not be the focus of an
aspi r i ng devel oper. I n my exper i ence as a
devel oper I have found out one very i mpor
tant t hi ng. If you are a good programmer,
a great programmer even, it doesn't matter
what l anguage you use because you cou l d
us e any one of the hundreds of l anguages
avai l abl e. I t al l comes down to fundamental s
and understandi ng how t o th i nk l i ke a coder.
By restr i ct i ng yoursel f to a speci fi c l anguage
you are l i mi t i ng the type and qual i ty of work
you can create. Understandi ng codi ng struc
ture, l ogi cal anal ys i s, and above al l havi ng
the hacker mi nd wi l l al l ow you to uti l i ze the
tool s that best fi t the scenar i o and not have
the l anguage defi ne your path.
The fi rst l anguage I ever l earned was
RPG I V for the AS/400 comput i ng system.
Granted, t hi s i s an ol d l anguage that hasn't
changed much i n 1 5 years but it is a wel l
documented, structured l anguage that
gave me a base to l ear n how to be a good
programmer, not j ust an RPG programmer.
Once you l ear n one l anguage and u nder
stand the fu ndamental s you essenti al l y know
any l anguage you want. I can pi ck up a new
programmi ng l anguage wi th a smal l l earn i ng
curve i n syntax and executi on that l asts onl y
about a week. I am goi ng t o share my tech
ni que for l earn i ng programmi ng l anguages
and how you can ut i l i ze the fundamental s of
software desi gn to al l ow you to unchai n your
software and become l anguage nonspeci fi c.
The fi rst step is to pi ck a wel l docu
mented l anguage t hat i s easy t o read. Why
choose one easy t o read? Because you wi II
remember it better. If Engl i sh is your pr i mary
l anguage and you read a quote i n Engl i sh
you wi l l more t han l i kel y remember i t. Now
read the same quote i n Spani sh and try and
remember i t. So wi t h absol utel y no knowl
edge of Spani s h you wi l l not onl y forget t he
quote but probabl y mi squote and mi spro
nounce it when you try to recal l i t. The same
basi c theory can be used i n programmi ng.
Say you l earn Vi sual Basi c or Gambas, two
very easy to read l anguages. You have a
command l i ke t hi s :
Dim intCash as Integer
Now you know that the command i s
defi n i ng ( Di m) the var i abl e ( i ntCash) as an
i nteger. So now read the same l i ne i n C:
lnt intCash ;
It is basi cal l y the same. You recogn i ze the
I nt as bei ng a data type of i nteger because
you remember the I nt from VB. The same
goes wi t h any other command you have. I t
i s al l a matter of reference. So thi s sol ves the
l anguage i ssue, but now what about program
mi ng structure? The most i mportant th i ng i s
to th i nk modul ar. The smal l er you can break
tasks down the eas i er i t i s to manage them;
i t al so makes one of the fundamental OOP
theori es eas i er, re- use of code. By maki ng
th i ngs smal l and nonspeci fi c you can take
those pi eces and pl ug them i nto j ust about
any appl i cati on that uses that same process.
For i nstance, take a program that takes two
numbers, di vi des them together, then does
cal cu l ati ons based on that output. Here i s a
code exampl e:
lnt A 2 ;
lnt B 14;
lnt C ;
lnt main ( ) {
C A/B;
I F ( C ? 7,{
Printf ( "C is greater than 7,,
}e1se{
Printf ( "C is less than 7",,
}
}
Thi s is a pretty strai ghtforward l i tt l e code
bl ock. Now you may be sayi ng, why woul d
I modul ari ze someth i ng s o smal l t o begi n
wi th ? Wel l , you don't have t o t r y and sl i m i t
down or anythi ng l i ke that. J ust t r y and th i nk
i n pi eces. So i nstead of t he code above, you
cou l d wr i te someth i ng l i ke th i s :
lnt A;
lnt B;
lnt C ;
lnt main ( ) {
C divide ( A,B ) ;
I F ( C ? 7 ) {
Printf ( "C is greater than 7",,
}else{
Print f ( "C is less than 7",,
}
}
lnt divide ( int a, int b ) {
rnt C]
C al b;
return C]
}
ulumH Z
l
[
0 o
So yeah, there is more code than the
other program but now you are abl e to pl ug
i n any two numbers and di vi de them i n any
sequence that you want. Not onl y that but
you can reuse the di vi de functi on i n any
other app you wi sh. Now you are modul ar.
So the next t i me you need to di vi de some
th i ng you don't have to fi gure out whether
you want to di vi de A by B or vi ce versa
and then change i t down the wad. You can
i nstead change the i nput because the func
ti on wi l l al ways be the same. Thi s ti ny l i ttl e
functi on i s a very basi c exampl e of maki ng
your program modu l ar. It is al so probabl y
not very pract i cal but for demonstrati on
purposes i t i s easy to understand.
The next t hi ng that i s i mportant when
l earn i ng to program i s to understand cl asses.
Most l anguages gi ve you basi c cl asses to
work wi t h. Every data type, whether they are
i ntegers or str i ngs or Bool ean, are al l cl asses.
Each cl ass has speci fi c properti es to i t and
tasks that can be performed t o them. You
cannot di vi de a Bool ean object because that
i s not a method i n that cl ass. So by taki ng
th i s i dea of data types you can create new
types and you can do t hi ngs speci fi c to that
type. As an exerci se, pi ck an object i n your
house that has mul t i pl e parts and mu l ti pl e
functi ons i t performs. For thi s arti cl e I wi l l
choose a radi o. A radi o has mul t i pl e parts;
buttons ( on/off, AM/FM, etc. ) and mu l ti pl e
functi ons: t une up or down, vol ume up or
down, etc. So your programmi ng l anguage
doesn't have a stock radi o cl ass and i nstead
of defi n i ng each part when you wr i te your
code you deci de to wr ite a cl ass i nstead.
Here i s an exampl e of a si mpl e radi o cl ass:
class radio ;
foat tunedTo ;
foat minimumStep ;
int minimumFrequency;
int maximurFrequenC
Y i
int raxVolure ;
int currentVolure ;
bool modType ; / / false am - true
int presetStation ( ) ;
int pre ;
function tuneUp ( )
{
newFreq = tunedTo rinimumStep
if newFreq ~ maximumFrequency
tunedTo newFreq
else
print ' max '
break
function tuneDown ( )
fm
else
}
print ' min '
break ;
function toggleModulation ( )
if mod Type true
mod Type false
minimumFrequency 3 3 0
maximumFrequency 70 0
minimumStep 0
print ' am tuning ' ;
else
mod Type true
minimumFrequency 8 7 . 3
maximumFrequency 0 8 . 0
minimumStep " . 3
print ' fm tuning ' :
end if
function selectPreset ( )
tunedTo presetStation ( pre ) ;
}
function volumeUp ( )
{
if currentVolume ~ maxVolume
currentVolume++:
else
print ' volume already at max ' ;
break ;
end i f
function volumeDown ( )
if currentVolume >
currentVolume-- ;
else
print ' volume already at zero ' ;
break ;
end i f
end radio ;
So as you can see from th i s smal l cl ass,
pretty much every part of a basi c AM/FM
radi o i s i ncl uded and each functi on that the
radi o can perform i s defi ned. Now i n you r
program, to t une up you r radi o al l you have
to do is i nvoke the tuneUpO functi on i nstead
of defi n i ng what the radi o is t uned too, what
i t can be tuned too, and how many steps to
tune before stoppi ng. Al l of thi s i s al ready
defi ned i n the cl ass and every object that i s
of t he type radi o wi l l be abl e t o do t he same
thi ngs . Thi s i s the essenti al pi ece of program
mi ng that you need to understand to be a
good programmer because cl asses al l ow
you to be modul ar and sti l l be abl e to have
compl ex data mani pul ati on wi thout al l the
headaches. Not onl y can you do t hi ngs to
a s i ngl e radi o obj ect but you can use two
newFreq tunedTo " minimumStep
of the same type and do cal cul ati ons on
if newFreq > minimumFrequency
that. So you cou l d essenti al l y test one radi o
tunedTo newFreq agai nst another to make s ure they are doi ng
l
[
0 Z%
[
ZH0
what you want.
Th i s i s j ust the ti p of programmi ng funda
mental s but by l earni ng th i s stuf first you wi l l
save yoursel f a l ot of debuggi ng and codi ng
t i me. Maybe not i n i ti al l y but when you have
a good si zed l i brary of custom functi ons
and cl asses at you r di sposal you wi l l essen
t i al l y be abl e to wr i te programs l i ke putti ng
together a puzzl e. The onl y thi ng that wi l l be
custom to your appl i cati on wi l l be the l ogi c
beh i nd i t and how t hose pi eces fi t together i n
the i mpl ementat i on i n questi on.
A note on l ogi c i s t o try and not be redun
dant as much as possi bl e. I t i s eas i er t o do
that i f you are modul ar. You don't need to
add the same t hi ngs a bunch of t i mes to get
the same answer. Do i t once and then reuse
i t. Another way to make sure your l ogi c
doesn't become a crap shoot i s to have good
nami ng conventi ons for var i abl es . I t makes
your program easi er to read and for other
peopl e to understand. A good method that I
use is cal l ed the Hungar i an Notati on whi ch
i s a way of uti l i zi ng object types i n var i abl e
names so you can keep track of t he ki nd of
data you are wor ki ng wi t h. For i nstance, if
you are defi n i ng an i nteger data type, put int
at the begi n n i ng of the var i abl e name and
you wi l l never forget that you r var i abl e i s an
i nteger. You can modi fy t he notati on scheme
to sui t your personal preference but most
programmers wi l l sti l l be abl e to understand
i t wi t h a l i ttl e bi t of coach i ng on you r nota
ti on styl e. The most i mportant th i ng about
programmi ng l ogi c though i s to be l i near, or
as l i near as poss i bl e. You don't read a book
from back to front, bottom to top, you read
i t front to back, top to bottom. Remember
that when wri ti ng software and avoi d goi ng
backwards i n your code, and never ever
use go or goto statements ! They are evi l and
unnecessary i f you j ust th i nk for a mi n ute
and try to be l i near.
Remember the fundamental s and you
wi l l be abl e to wri te any type of app i n any
envi ron ment wi th any l anguage because
a computer program ends up bei ng the
same th i ng after compi l i ng, no matter what
l anguage you are usi ng. There are a mi l l i on
ways syntact i cal l y to do the same task but
by bei ng a good programmer you can be
s ure that you are doi ng i t correct l y no matter
what syntax you may be usi ng.
Front Door H
by Darkarchi ves
F i rst off, I woul d l i ke to gi ve props to
Cl iff, the author of " Hacki ng Your Own Front
Door" i n 24: 1 . I f you somehow mi ssed th i s
art i cl e, t he fol l owi ng wi l l be somewhat more
confusi ng.
Any l ocks mi th wi l l tel l you that there
are several hundreds of types of l ocks, each
wi th thei r own un i que key s i ze and shape.
Logi cal l y, someone who wanted t o be abl e
t o open every l ock woul d requi re every type
of key, whi ch woul d cost a l oad of money
and be a bi g hass l e to carry around. The tri ck
wi th l ocks i s that 90 percent of the l ocks i n
use today are one of ten garden var i et i es,
i ncl udi ng Sch l age and Kwi kset. By havi ng
these ten mai n keys, you have a h i gh chance
of open i ng the l ock. As Cl i ff correctl y poi nted
out, most areas use the same types of l ocks,
l i ke a dorm room or a nei ghborhood. I n the
area where I l i ve, every house that I know
of uses a Schl age deadbol t as wel l as door
knob. Therefore I wou l d onl y need one key
to get i nto al l of these houses.
Maki ng a bump key i s as easy as fi l i ng
down a spare key or even us i ng a bl ank
and starti ng from scratch. The probl em wi th
th i s i s that i f you are maki ng your fi rst key,
you tend to second guess yoursel f and take
off too much. I made my own Sch l age key
and when i t di dn't work I j ust went on l i ne
and bought a set of 1 1 keys. Looki ng back,
I now know that i t takes some practi ce to
bump, and Sch l age i s harder than some of
the others.
ulumH Z
l
[
0
Once you have made a bump key, don't
be tempted to go and try it on your front
door. Some of the r i sks you ru n i ncl ude
gett i ng the key stuck i n there and havi ng
to cal l someone, or damagi ng you r l ock.
Repeatedl y hi tt i ng a bump key can damage
the spr i ngs that set the pi ns of a l ock and can
ul ti matel y render the l ock usel ess. I person
al l y suggest buyi ng a Kwi kset l ock because
as any l ockpi cker can attest to these l ocks
are the easi est to bump and pi ck. Al so, i t
i s a good i dea to hi t up Googl e vi deos or
any other si te to fi nd some vi deos of peopl e
bumpi ng a door. Don't get t oo hung up on
how they do i t . I nstead tr y and l ear n gener
al l y what moti ons they do so that you
can experi ment l ater. Al so, vi deos of
peopl e bumpi ng make i t l ook i ncredi bl y
easy ( there i s one of a 1 2-year-ol d gi r l
doi ng i t on her fi rst try), but i n real i ty
i t wi l l take a l i tt l e bi t of practi ce. What
I di d was si t down wi th my key, l ock,
and the back end of the screwdri ver and
watch the TV for about an hour. I nstead
of tryi ng to be exact l y l i ke the peopl e on
the vi deos, I whacked at i t and tri ed di fferent
come back out a ti ny bi t. The way th i s works
i s that a normal key wou l d have the pi ns rest
jn the fl at area between the r i dges, and by
fi l i ng off the t i p and shou l der you can put
the key i n so that the pi ns rest i nstead on the
ri dges. When fi l i ng, don't worry about how
much you take off of the shou l der. The t i p i s
where you need t o be carefu l . I f you fi l e too
much, the pi n wi l l mi ss the r i dge al together
and the key wi l l be usel ess for mi ni mal
movement (you cou l d sti l l us e i t for the one
cl i ck method) . I suggest you take off j ust a
bi t and test i t, then take off a l i ttl e more unti l
you get it to the ri ght pl ace.
angl es and pressure unti l I got a successfu l To use a key set for mi ni mal movement
bump. After a whi l e, I cou l d bump one out you s i mpl y i nsert i t and l et i t pop out a bi t,
of every ten, and then I started to actual l y then appl y tensi on and bump. The tensi on i s
pay attenti on t o what I was doi ng s o I cou l d t he hardest part t o master, and real l y t he onl y
l ear n t he best way for me. way to master i t i s to practi ce at di fferent
I am goi ng to take a br i ef moment to tal k amounts of tensi on. I f you have ever pi cked
about what you shou l d hi t your bump key l ocks, then you know how much tensi on you
wi th . My personal favor i te, and it sounds need.
l i ke Cl i ff agrees wi th me, is the handl e of Cl i ff was ri ght i n that there is very l i ttl e
a screwdr i ver. However, from what I have that you can do to prevent thi s type of attack
read on the I nternet, al most anythi ng works. on your house. The onl y other sol ut i on that
Speci fi c bumpi ng tool s whi ch you can buy I cou l d come up wi th bes i des hi s i s to buy
are nor mal l y a foot l ong wi th a rubber an extremel y uncommon l ock so that i f the
str i ki ng area on one end. I have al so heard burgl ar wants i n, he has to make a speci al
of peopl e us i ng wooden spoons, hammers, key. Another fact wi th bump keys i s that the
wal l ets, and even women's heel ed shoes. more expensi ve the l ock i s, the more vu l ner-
Ul t i matel y you want someth i ng that is hard abl e it i s . I n most cases, l ocks cost more
enough to del i ver a good si zed shock to the because they are more preci sel y crafted, and
key whi l e sti l l bei ng sma l l enough to handl e. s i nce the parts are f i t better, t he transfer of
Don't be afrai d to experi ment around wi th energy happens more smoothl y and there
l ots of stuff. You can't real l y mess anyth i ng fore easi er.
up too much. Now that you know al l thi s, I encourage
Cl i ff's art i cl e covered how to bump us i ng you to try it yoursel f, but i n the comfort of
the "one cl i ck method. " As he expl ai ned, you your home wi th a deadbol t that you bought
i nsert the key and then pu l l i t out one cl i ck for th i s purpose. Al so, t r y a Kwi kset l ock fi rst
so that the r i dges can contact the pi ns and because they are notor i ousl y easy t o pi ck
transfer t he energy. The way I bump l ocks i s and bump. I do not recommend tryi ng th i s
cal l ed t he " mi ni mal movement" method and on anyone el se's l ocks, as that wou l d be a
I personal l y th i n k that it is easi er to l ear n on. real l y stupi d i dea because i t i s i l l egal . Al so, i t
To set you r key for mi ni mal movement, you i s easi er t o bump l ocks t hat you are hol di ng
have to fi l e off a bi t of the t i p of the key and i n your hand as compared t o l ocks that are i n
a bi t off of the shou l der (see the fi gure and a door, so I don't suggest that you try. I nstead
parts marked in gray) . The goal of fi l i ng these of us i ng bump keys to break i nto houses,
parts off of your key i s to be abl e to sti ck the use them to wi n bar bets and i mpress your
key a l l the way i n, then l et i t go and have i t fr i ends. Happy bumpi ng.
l
[0
Z%
[
ZH0
by Atom Smasher
atom@smasher.org
L 762A 3B98 A3C3 96C9 C6B7
582A B88D 52E4 D9F5 7808
I recentl y purchased a brand new Kens
i ngton Mi croSaver Combi nati on Notebook
Lock and overal l I ' m not happy wi th i t.
Perhaps the most di sappoi nti ng feature of
th i s I
.
ock, whi ch retai l s for $30-$40 ( US) , i s
t hat I t can be opened wi t h a penny i n l ess
than 20 seconds wi thout damagi ng the l ock
or the devi ce i t ' s attached to. The techni que
descr i bed bel ow can l i kel y be appl i ed to
s i mi l ar l ocks.
l ' l l
.
take th i s opportuni ty to poi nt out
that thi s I nformati on i s bei ng shared for the
purpose of i nformati onal use, educat i onal
use, and the
I n
s to tu r
around i t. Each r i ng has one
s l ot I n I t, al l OWi ng the bar to s l i de when al l of
the r i ngs are
.
pro
p
er l y al i gned. As l ong as any
one of the di al s I S not I n the correct posi ti on
the bar cannot s l i de - i n theory. I n practi ce,
tensi on can be appl i ed to the bar so that the
di al s can be
.
j ammed i nto the "correct" posi
t I Ons, revea l i ng t he combi nati on. The t r i ck i s
t o appl y tensi on t o t he bar wh i l e t ur n i ng the
di al s . For thi s parti cul ar l ock, I ' ve found that
a coi n can ai d i n appl yi ng the proper pres
s ure on the bar.
Sl i de a coi n between the l ock and the
computer case. Wi ggl e the l ock so the coi n
can be seated as cl ose as poss i bl e t o the
l ocki ng bar. Bear i n mi nd that the goal i s to
not cause (bmage to the lock or t he l aptop.
coi n the l ock wi l l tend
t o l ean a
ay from
.
coi n . By pressi ng t he
l ock agai nst the cOi n ( squeezi ng the coi n
between the l ock and computer case) push
the l ock perpendi cul ar t o the computer
case and at the same ti me appl y tensi on to
the l ocki ng bar. A fi rm pressu re i s best; too
much pressure may damage the l ock and/or
computer.
Wi th the proper press ure appl i ed to the
bar,
.
the di al s can be spun back and forth
unt i l they each sti ck, at whi ch poi nt the l ock
shou l d open. Wi th practi ce th i s can be done
i n wel l under 20 seconds by turn i ng two to
three di al s at a t i me to start.
I n test i ng th i s techni que, the di al s seem
to ha
r ml ne
.
I f each di al i s j ammi ng
I n the s l ot ( i ndi cati ng a correct di gi t) or a
groove ( i ndi cati ng noth i ng) .
Thanks to my dad, who taught me how
locks are supposed to work and how they
ottell don ' t. He also taught me that thieves
break into things; locksmiths gain access
to secure areas after receiving proper
authorization.
ulumH Z
l
[
0 V
by L dPf
Let me open wi th a caveat: Fi l e shar i ng
al bum and gi ve i t t o a fri end and fi l e shar i ng
i s currentl y a vi ol ati on of copyri ght l aw and
sti l l exi sts. Pl ease understand, thi s i s not to
is therefore consi dered theft of i ntel l ectual
say t he RI M shoul d j ust gi ve up any more
property. Anyone caught and prosecuted
than the government shou l d stop tryi ng to
can t hus reasonabl y expect to be found
f i nd, thwart, and i mpr i son terror cel l s. Sti l l ,
gui l ty. Havi ng sai d that, even the Supreme
both s i des mi ght want to take a step back
Court has set the precedent that maki ng a
and consi der not so much t hei r unattai n
mi x tape for your fri ends is not a vi ol ati on
abl e stated goal s, but i nstead concentrate
on the sources of t hei r "terror. " Presi dents
of copyri ght l aw, si nce mi x tapes wi thstand
the four factor test for "fai r use" (see Camp-
need to study Ameri can forei gn pol i cy and
bel l v. Acuff- Rose Mus i c, for exampl e) .
how i t serves t o fuel - not curtai l - terror, and
Wi thout goi ng i nto a l l the l egal j argon, the
the RI AA needs to consi der the purpose of
record compani es i n the 2 1 st century.
hi gh court ' s reasoni ng can be summar i zed
The record i ndustry, despi te breaki ng and
as sayi ng that mi x tapes serve as "fai r use"
creati ng new sounds over the decades, i s
because they fal l under the "format sh i fti ng"
hardl y the poster chi l d for foresi ght. I n the
provi si on ( al l owi ng you to move CDs to
l ate 1 990s the major l abel s were sti l l sendi ng
an mp3 pl ayer, for exampl e) , are noncom-
promo CDs out for revi ew i n LP boxes. Thi nk
merci al , and, most i mportant l y, because
about that: I t meant that someone i n the
one song from an al bum actual l y serves as
1 980s had bought so many LP boxes that a
a form of vi ral adverti S i ng for the al bum,
good decade after CDs had suppl anted LPs,
potenti a l l y creat i ng al bum sal es rather than
they sti l l had a surpl us of LP mai l ers. They
di mi ni s hi ng t hem. These deci si ons do not
hadn ' t seen the change comi ng, even as ki ds
extend to ful l al bums, however, and therei n
i n 1 985 saved up t hei r paper route money
l i es the r ub: Somewhere between the two
to buy a CD pl ayer. Even before that, the
extremes of "theft" and " vi ral advert i si ng" l i es
record i ndustry, havi ng gotten fat and ri ch
the poi nt the Recordi ng I ndustry Associ ati on
on si ngl es i n the 1 950s and 1 960s, turned
of Ameri ca ( RI AA) i s mi ssi ng.
up i t s nose at what wou l d become "al bum
The probl em i s, t he RI AA has chosen
ori ented rock. " I t wasn ' t unti l the 1 970s
to chal l enge fi l e shar i ng i n a way s i mi l ar
t hat the majors fu l l y embraced a format l i ke
to the current admi ni strati on' s offensive
El ektra had pi oneered in the l ate 1 960s. And
agai nst terrori s m. Certai nl y, on the surface,
now they fai l to real i ze that, i ron i cal l y, ti mes
the desi re to ri d the wor l d of terrori sts i s a have changed back, and we may wel l now
goal no one wou l d cri ti ci ze, but the sad fact be i n a wor l d where the al bum i s dead - and
i s t hat the goal i s patentl y unattai nabl e. Al l t hi s i s exactl y the k i nd of wor l d i n whi ch fi l e
i t takes i s one nut j ob t o strap expl osi ves on shar i ng wi l l fl our i sh.
h i msel f, wal k i nto a mal l , and bl ow h i msel f Record compani es need t o recogni ze
up, and you have an act of terror i sm. Sadl y, t hi s and morph i nto promoters of bands, not
there' s no account i ng for random nut j obs.
al bums, dependi ng on concert t i cket sal es
Si mi l ar l y, the RI AA seems to thi nk i ts court-
and merchandi si ng to make t hei r money, not
room front in the War on Fi l e Shar i ng can
on record sal es. After al l , even as al bum sal es
al so l ead to total vi ctory, deft l y mi ssi ng the
have dec l i ned due to fi l e shari ng, concert
poi nt that a l l someone has to do is dub an
sal es have actual l y i ncreased, a stati sti c that
l
[
0 Z
Z%
[
ZH0
fl i es i n the face of the RI AA' s oft trumpeted
cl ai m that "fi l e shar i ng hurts the art i sts . " I t
doesn ' t . I t hurts the record compani es and,
the truth be tol d, i t onl y hurts them because
they are unwi l l i ng to adapt. They' ve gotten
fat and ri ch on al bum sal es, and they l ack
the i magi nati on and foresi ght t o fi gure out
how to make money some other way. I n th i s
model , the actual recorded tracks become
al most wort hl ess, l i censed to radi o stati ons
and Probl ogs for a pi ttance and used chi efl y
as a form of word of mouth advert i si ng for
bands, to sel l t i ckets to concerts and stuff
from the merchandi se tabl e. Many bands
have di scovered thi s on t hei r own - l ook at
OK Go' s i nstant fame, based on a seri es of
freel y traded vi deos vi a YouTube, or Ween' s
endorsement of browntracker . net - and t hi s
i s what tru l y terri fi es the recordi ng i ndustry:
I f the musi c goes vi ral , they can' t make any
money off i t.
The onl y other opti on i s to make fi l e
shar i ng a n u l l opti on, and i n order t o do
that, t he record compan i es need t o cut costs
- dramati cal l y. There' s no reason a s i ngl e
track on i Tunes shou l d retai l for mor e than
50 cents, nor al bums for more than fi ve
dol l ars. The onl y reason pri ces are th i s h i gh i s
because the i ndustry i s di ctat i ng them based
on an outdated busi ness hook that deems an
al bum i s worth at l east ten dol l ars, a l l the
wh i l e fai l i ng to real i ze that mp3s are l ossy
qual i ty audi o and come wi thout al bum art or
l i ner notes, the fact of whi ch wou l d demand
to any sane person that down l oadi ng shou l d
cost consi derabl y l ess t han bri ck-n-mortar
shoppi ng. I f the record i ndustry had the fore
si ght, they wou l d recogni ze th i s di spari ty
and gut t hei r overhead, refusi ng to mass
produce any more al bums, peri od. Wi thout
thi s upfront cost - and si nce bands tradi ti on
al l y have to use thei r advances to pay for
recordi ng t hei r al bums themsel ves - l egi ti
mate on l i ne pri ces cou l d be brought to a
l evel that wou l dn' t dri ve penni l ess teens to
theft.
But what about the Br i tney Spears fans
who don ' t own a computer or an mp3 pl ayer
( or even know what one i s)? Si mpl y stated:
Pr i nt on demand. I nstead of s hi ppi ng copi es
of al bums to record stores ( many of whi ch
wi l l be returned or rel egated t o cutout bi ns) ,
send them a computer ki osk i nstead, where
fol ks can go i n, use a touchscreen and t hei r
credi t car d t o buy an al bum, and go home
wi th a ni ce CDR, burned wh i l e t hey wai t
and del i vered i n a cardboard sl eeve wi th
fres hl y pr i nted al bum art. The technol ogy
is certai nl y there for th i s, and the sky' s the
l i mi t i f even one of the maj or l abel s woul d
dump the money they spend on RI AA
l aws ui ts i nto a new busi ness model i nstead.
I n many ways, the ki osk wou l d become a
publ i c i Tunes portal , wi th a few extra bucks
added on the backend because you want to
go home wi th a physi cal CD and al bum art.
Furthermore, the record compani es cou l d
sel ect popul ar al bums for rel ease i n " l i mi ted
edi ti ons" - very short runs of wel l packaged
CDs or (for the col l ectors ' market) L Ps that
sel l to a di scern i ng few for pri ces more i n
l i ne wi th the 20th century busi ness pl an.
The sad fact i s that when t hi ngs have
gotten to the poi nt where you can sett l e your
out of court copyri ght i nfri ngement l awsui t
on l i ne for $ 1 000 (www. p2plawsuits . com). but
can' t buy hi gh qual i ty tracks at a reason
abl e pri ce on l i ne, i t' s ti me for the i ndustry
to step back and reth i nk i ts opti ons. I f the
I nternet can be used to sett l e l awsui ts, surel y
i t does n' t take any l evel of gen i us t o real i ze
t hat it al so can be used to make money off
musi c. Sti l l , even if some record exec reads
t hi s arti cl e and deci des to adopt one of the
above pl ans, there wi l l sti l l be fi l e shar i ng.
Why? For the same reason there wi I I al ways
be terror i sm: Some peopl e wi l l al ways stea l
t hi ngs or bl ow t hi ngs up, j ust for the thri l l of
i t, no matter the soci opol i t i cal message they
try to use to j usti fy thei r acti ons. Even i f the
RI AA managed to compl etel y ban the el ec
troni c transfer of any audi o or vi deo fi l e at,
say, the I SP l evel , fol ks wi l l j ust go back to
the way i t was done i n the 1 980s: tape swap
pi ng vi a bul l eti n boards.
A good busi ness adapts t o the current
market. I t does n' t try to force the market
to fit i nto i ts outdated model . The RI AA
cou l d take the wi nd out of the sa i l s of fi l e
shar i ng by updati ng i t s model t o a pr i nt
on demand format, or el se concentrate on
concert sal es and merchandi si ng, i nstead of
dumpi ng truckl oads of money i nto a never
endi ng seri es of l egal battl es. And the current
admi ni strati on woul d be wi se to try such
new th i nki ng wi th i ts equal l y unwi nnabl e
war on terror: I f even hal f the money spent
on I raq and Afghani stan had i nstead been
spent on energy i ndependence, we wou l dn' t
need any ki nd of rel ati ons wi th t he countri es
that gi ve ri se to gl obal terrori sm i n the fi rst
pl ace, peri od.
If you make the reason for somet hi ng to
exi st a n u l l opti on, peopl e l ose i nterest in i t.
The tri ck i s for those i n power to have the
foresi ght to spend thei r money wi sel y to reap
fut ure gai ns, i nstead of wasti ng i t to fi ght
an ol d model batt l e that can ' t be won . The
moti on pi ct ure i ndustry wou l d be wi se to
l earn t hi s l esson now, before they go too far
down the same road.
ulumH Z
l
[
0 Z
Free Fil es froI
by Di esel dragon
RAM.
Hyperspeed666@gmai l . com
5. Once a decent buffer amount of data
http://www.
dieseldragon. co. u
k
i s down l oaded
. the EFP wi l i start pl aY
i ng.
l
n
t hi s tutor i al , we' l l be traci ng the EFP's HTTP
OxOO. I ntrod
u
ction
requests to fi nd out where the desi red medi a
Anyone who uses t he I nternet nowadays
fi l e i s l ocated.
wi l l have noti ced the i ncreasi ng trend of
Ox02. The Theory Appl i ed
Fl ash appl i cat i ons bei ng used for pl ayi ng
I n t hi s art i cl e, we' l l be down l oadi ng
embedded audi o and vi deo on web pages.
the vi deo at http : / /www. youtube . com/
Notabl e websi tes for t hi s i ncl ude YouTube
watch?v=T8 feb8 zXj 5 4 (case sensi ti ve) . Fi re
( vi deo) and the i nfamous MySpace ( audi o/
up your favori te packet scanner (I use Ethe
vi deo) . Often these Fl ash pl ayers are used
real - http : / /ww. ethereal . com) and set i t to
i n an attempt to pl ay fi l es wi thout reveal i ng
trace everyt hi ng to catch any EFPs that use
the l ocat i on of the host fi l e to prevent users
unusual protocol s (ftp, tel net etc. ) to down
from downl oadi ng the actual fi l es to t hei r
l oad fi l es. Then poi nt your browser t o t he
computers - an exampl e of whi ch can be
URL of the page that hol ds the medi a that
found at http : / /www. dragonforce . com.
you are i nterested i n . Once the song/movi e
However, one t hi ng t hat many webmas-
has started pl ayi ng, stop your packet scan ner
ters have overl ooked i s that the use of
and have a peek at the l og. I t ' l l l ook some
F l ash medi a pl ayers does not guarantee
t hi ng l i ke th i s:
t hat t he fi l e(s) i n quest i on wi l l stay "safe. "
(The fol l owi ng l og i s typed from memory
After al l , i t ' s a s i mpl e fact that anyth i ng on
as I di scovered t hi s on a fr i ends PC a whi l e
the I nternet that can be vi ewed by the user
ago, so apol ogi es for the l ack of packet
can be downl oaded. And i t ' s a fact that has
i nfo. )
few except i ons. I n t hi s arti cl e, I ' l l show you
1 2 7 . 0 . 0 . 1 > 2 0 8 . 6 5 . 1 5 3 . 2 5 3
how to downl oad one of my vi deos from . - GET http : / /www. youtube . com/
You Tube, but i nstead of teach i ng you the
"watch?v=T8 feb8 zXj 5 4
techni que for the one speci fi c si te, I ' l l be
2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 \
showi ng you the general pr i nci pl e behi nd
2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 - [The usual
t he hack whi ch shou l d work for most si tes
GET requests and packets of HTML, i mages,
that use embedded Fl ash pl ayers. Obvi ousl y
scri pts, and other gumpf . . . . ]
the standard di scl ai mers appl y here, and
2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 1
bl f h
1 2 7 . 0 . 0 . 1 > 2 0 8 . 6 5 . 1 5 3 . 2 5 3 GET
you ' re the on I y one responsi e or anyt mg
. h t t [ : 1 1 w w w . y o u t u b e . c o m 1 g e t _
that you use th i s techn i que for. Pl ease don ' t
"video?video id=T8 feb8 zXj 5 4 & 1=2 0 3 & t=OEg
steal copyri ghted works. The author of those
"sToPDskJ4 7 :7h9B3isGzSj A9NZmb [The
works sti l l has to put food on the tabl e as
L and T pa
r
ameters are sessi on speci fi c.
much as you or I do.
Sendi ng j ust the vi deo_i d parameter gi ves a
OxOl . How It Al l Wor
k
s
bl ank page. ]
When an embedded Fl ash pl ayer ( hence- 2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 \
forth referred to as EFP) l oads on a web page, 2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 - [Several
there are a few processes that take pl ace: packets of audi o/vi deo data . . . . ]
1 . An <OBJECT> tag causes an HTTP 2 0 8 . 6 5 . 1 5 3 . 2 5 3 > 1 2 7 . 0 . 0 . 1 1
request to the server for the E F P. As you can see, there is an eas i l y spotted
2 . The EFP is downl oaded to temporary URL to the vi deo. The URL i tsel f may vary
storage and executed us i ng the rel evant from that shown but the theory remai ns the
pl ug- i n . same: Trace packets, fi nd the URL, down-
3. The EFP fi res off an HTTP or other l oad t he fi l e. I n t hi s case, the vi deo sent
request for the medi a fi l e. (Th i s request down from the YouTube server comes i n
mi ght ret ur n an XSPF fi l e i n the case of audi o * . F LV ( F l ash vi deo) format, but someti mes
pl ayers. More on that l ater. ) renami ng the fi l e wi th a . WMV ( or what-
4. The medi a fi l e is downl oaded or ever) extensi on mi ght work. Al ternati vel y,
streamed to the EFP vi a temp storage or there are probabal y several FLV fi l e pl ayers
l
[
0 ZZ-
---------Z%
[
ZH0
for downl oad knocki ng about the I nternet.
I f anyone i s i nterested i n hacki ng the FLV
format, the or i gi nal fi l e i n t hi s case was a
320x240 Wi ndows Medi a format vi deo wi t h
MP3 audi o at 3 0fps ( I thi nk) i f that hel ps.
Ox03. Qui ck Note on XSPF Fi l es
As menti oned above, some audi o EFPs
may request an * . X5PF fi l e i nstead of an
* . MP3 fi l e. Th i s i s actual l y a bonus as X5PF
fi l es are textxml based audi o pl ayl i sts and
can contai n references and URLs t o many
audi o fi l es across the I nternet. Hacki ng the
audi o pl ayer on http : / /w. dragonforce .
-cor us i ng the above method wi l l demon
strate better what I ' m tal ki ng about. Check
out http : / /w. xspf . org for ful l i nfo and
speci fi cat i ons on the format. As a s i de-bar to
th i s, try enter i ng [ Your favorite band ] . rp3
fletype : xspf i nto Googl e and see what
by Anonymous
I have debated whether or not to wr i te
t hi s art i cl e for over a month si nce it has
the potent i al to cause so much damage. I
deci ded that exposi ng Target ' s utter l ack of
network secur i ty woul d br i ng about change
and, i n the end, do more good than har m.
Dur i ng my br i ef empl oyment at Target, I
spent most of my free t i me expl or i ng thei r
i nter nal networ k. I t di d not take me l ong
to real i ze that there was an absence of
any secur i ty. Al l of the computers used by
empl oyees are on the same subnet in the
networ k. These computers i ncl ude regi sters,
empl oyment ki osks, managers' computers,
and backroom computers.
I n addi t i on, Target i nstal l ed Ci sco Ai ronet
802 . 1 1 b routers to support thei r handhel d
scanners used for pr i nt i ng l abel s and stor i ng
i tems i n the back room. These routers do use
WEP, but that i s not a maj or hurdl e to keep
computers outsi de the store from hopi ng on
the i nter nal network and taki ng advantage of
the networ k fl aws to be outl i ned.
Those responsi bl e for rol l i ng out the
networ k cl ear l y gave no thought to secu
r i ty. The networks are i denti cal from store to
store, so the fl aws were not i sol ated to my
comes up!
OxFF. The Fi nal Word
I hope that t hi s tutor i al has hel ped you a l l
l earn a l i tt l e about how Fl ash Pl ayers a n d the
HTTP standard i n general wor k. I f you l i ke to
downl oad musi c, pl ease consi der us i ng t hi s
method ( and buy t he CD for copyr i ghtlroyal ty
purposes of course! ) as opposed to Appl es
i Tunes. After al l , I ' d rather pay my favori te
bands much more than a meas l y three cents
for each track of t hei rs that I buy!
Shouts t o Bal-Sagoth (for being the
greatest band ever known to Metal!) and
Dragonforce (for providing an excellent
example for this artic/e) !
F-yous to Apple iTunes for ripping artists
of much worse than bedroom pirates and
" those Hackers " ever did!
Frau d
part i cu l ar Target l ocat i on . Every computer
except the regi sters has tel net set up. You
can control any computer wi th the user
name Target and ei ther a bl ank password
or Target as the password. Every computer,
i ncl udi ng the regi sters, has 5MB shares set up
that al l ow a user t o mount t he root di rectory
wi th no password requi red. Al l computers
al so have ftp set up, and wi th the username
Target and password Target, you get fu l l
access to the root di rectory.
Th i s set up al l ows any user to retri eve
empl oyee records and confi dent i al docu
ments from the computers bel ongi ng to the
stores' managers. The most dangerous secu
ri ty oversi ght though, rel ates to the abi l i ty to
connect to the stores' regi sters.
Every regi ster has a share named cpos
(common poi nt of sal e) that keeps l ogs for
every credi t card and debi t card t ransacti on
for a week. I ncl uded i n these l ogs i s, not
onl y the credi t card number and car dhol der
name for every transact i on, but al so a raw
dump of the card' s enti re magnet i c str i p -
for reasons u nknown. The exact l ocati on of
these l ogs on the share is \ app\ eLbackup\ .
Al l regi sters fol l ow the nami ng conventi on
TxxxxREGyyyy where x i s the store number
ulumH Z
l
[
0 ZJ
and y is the regi ster number. Thi s conventi on
i s used company wi de, and any workstati on
can connect t o any regi ster at any store.
I do not have much experi ence wr i t i ng
DOS batch fi l es, but I managed to put
together a s i mpl e batch fi l e that connects
to a regi ster, passed as an argument, grabs
a l l of the credi t/debi t l ogs, and str i pS out the
account number and customer name.
net use z : \ \ \ % l \ cpos
copy z : \ app\ ej_backup\ * . * .
net use z : Idelete
type . pCS Ind /n " VISA CBARCE " - temp
type . pCS Ind /n " NASTERCARD CBARCE " -
Mtemp
type . pCS Ind /n " ANEX CBARCE " - temp
type . pCS Ind /n " DISCOVER CBARCE " - temp
Bow to Get
Your Sugar
by gLoBuS
.
Di s cl ai mer: Anyth i ng that you do wi t h
th i s i nformati on i s your responsi bi l i ty, not
mi ne.
I n the wor l d of prepai d cel l phones,
Vi rgi n Mobi l e i s one of the toP
.
sel l ers of
prepai d mi nutes. Al ong wi t h thei r empi re,
they' ve started to send out some ki ckbacks
to thei r l oyal customers. Here I wi l l show a
very s i mpl y way of gett i ng your ki ckbacks
even qui cker.
Vi rgi n Mobi l e' s current ki ckback program
i s ca l l ed Sugar Mama (http : / / sugarmama .
virginmobileus a . com) I t ' s a fai rl y s i mpl e
system that gi ves you rewards for
p
rovi di ng
feedback t o Vi rgi n about s ome on l i ne adver
ti sements. These ads are short vi deos from
the l i kes of heavy. com, Sub Pop Records,
and Mi crosoft ' s Xbox 3 60. These onl y take
about a mi nute to watch, some are more
unbearabl e t han others, but there' s a very
s i mpl e way arou nd a l l of t hi s .
A s i mpl e observati on of the path you take
to earn your mi nutes shows us how to s ki p
t he vi deo and j ust gi ve feedback i nstead. Let ' s
take an ad from heavy. com for our exampl e.
The sampl e URL i s http : / /cache . ultramer
-cial . com/d/ 0 5 4 - 3 4 7 /heavy_fash . html . Ou r
URL wi l l change t o http : / /cache . ultramer
-cial . com/ d / 0 5 4 - 3 4 7 / heavy_survey . html .
l
[
0 Z+
type . pCS Dnd /n " ACCT# ( N) " - temp
type . pCS Dnd /n " CARD BOLDER : " - temp
SCtt / + temp - Stt1pped . lCQ
etSe temp
etSe . pCS
Us i ng t hi s batch fi l e, one cou l d e
s i l y
grab t he t ransacti on l ogs from every regi ster
at every store over ni ght. Over a month, I
i magi ne somebody cou l d grab tens of thou
sands of credi t card numbers.
I di d not work at Target near l y l ong
enough to expl ore thei r enti
e networ, but
one can onl y i magi ne what ki nd of confi den
ti al i nformati on cou l d be obtai ned from thei r
massi ve networ k.
Pl ease do not use t hi s i nformati on for
mal i ci ous purposes. I onl y wrote t hi s art i cl e
i n the hopes t hat Target wi l l be forced to
change i ts l ax secur i ty pol i ci es.
Noti ce the onl y di fference i s changi ng fl ash
to survey.
.
Thi s techni que cou l d cut several mi nutes
from your t i me spent watchi ng Xbox 3 60 ads
and i n t ur n gi ve you up to fi ve mi nutes per
day of free ai rt i me. For me thi s has cut my
prepai d mi nutes i n hal f on the days
.
that I
"watch" these vi deos. For a guy who I S onl y
on hi s phone for ten mi nutes a day, t hi s i s a
pretty sweet dea l .
Al ong wi th the Sugar Mama progra
.
m,
there are other ki ckback deal s that gi ve
out pretty decent rewards
:
The Ki ckbacks
program gi ves you free ai rt i me whenever
your fri end buys $ 1 5 or mor
.
e
f al
t l me and
l i sts you as the refer rer. Th i S I S ni ce when
you have two phones i n the fami l y, and your
l i tt l e brother makes s ure you get your ki ck
backs. But the real ki cker to t hi s program i s
t he remi nder system used t o l et your fr i end
know that t hey shou l d "top-up" wi th you I n
mi nd.
I n t he Ki ckbacks menu (https : I Iw.
-vi rginrobi l eus a . com/myvirginmobi l e /
-referral . do) there i s a sma l l set of text
boxes at your di sposa l . The top box i s for
you r fr i end's phone number and the bottom I S
Vi rgi n Mobi l e' s remi nder t o "top- up. " Vi
gi n' s
mi stake was l ett i ng th i s box be modi fi abl e.
Th i s l i tt l e remi nder has now become your
Z%
[
ZH0
t i cket to free outgoi ng text messages. Al l you
have to do i s modi fy the contents of the text
box and send i t off. The return address wi l l
be your cel l phone' s number bu t you won ' t
be charged a ni ckel . ( Li teral l y, thei r texts are
fi ve cents api ece. )
by Zi lgO
Zi l gO@trashmai l . net
The UTStarcom F l OOD i s a n i ce "cheep"
( $ 1 1 9. 99 http : / /ww. Voipsupply . com Wi Fi
Vol P devi ce. The pros are sma l l candy bar
form factor, decent battery l i fe, and i f you
hack i t open you ' l l fi nd a l ovel y Mi n i PCI Wi Fi
styl e antenna connector ready for al l your
Tx/Rx i deas. I t's not that t he bui l t i n antenna
does a bad j ob hol di ng your si gnal but you
coul d use a Yagi to l ock onto a di stant AP
and l ook cool tal ki ng on your phone whi l e
everyone assumes you are a terror i st. The
onl y qual ms I have wi th the devi ce i s the
l ack of any abi l i ty to i mport/export phone
book entri es, but i f you have no fri ends t hen
you have nothi ng to worry about . Second
and foremost, you are onl y a l l owed one S I P
account confi gured on the phone.
I or i gi nal l y purchased my UTStarcom
from BoredVoi ce back when the handset fi rst
came out and was twi ce the pr i ce as what
you can get it for today. I used the devi ce for
t hree months to dr unk di al my dorm a bunch
and check i n wi t h fami l y whi l e i n J apan.
When I got home I cancel ed my servi ce and
forgot about the phone.
A few months l ater I started l ooki ng i nto
Aster i sk to depl oy on my campus. That i s
when I di scovered t he l ocked state of my
phone. I had never had t he unpl easant
ness of a l ocked phone. I 've never owned a
cel l phone thankfu l l y. ( I got a l l my mi nutes
racked i n the dumpsters of RatShack! ) I spent
much ti me feedi ng quer i es i nto Googl e but
that went nowhere. A few months ago I
was cl ued i nto a l i n k off of the UTStarcom
for ums, a n i ce pl ace to get techni cal advi ce
di rect from the devel opers. The l i n k poi nted
to http : / /w. betateilchen . de/ . Th i s
resource i s what saved me and shou l d hel p
you ! Provi di ng downl oads as wel l as tftp
servi ce for t he l atest UT fi rmware. Here i s
how you can break t he l ock on your phone:
Downl oad the correct fi rmware and
uncompress the zi p to your desktop.
- You wi l l now need t o ent er the h i dden
I n concl usi on, Vi r gi n Mobi l e does provi de
a decent prepai d cel l phone servi ce wh i l e
negl ect i ng some basi c protecti ons for some
of thei r web features. I do pl an on stayi ng
wi t h Vi rgi n Mobi l e, at l east unt i l they stop
gi vi ng me ki ckbacks.
ATE menu to proceed.
- Turn off the phone.
- Hol di ng the 1 and 9 keys press and hol d
power ( end key) for a few seconds. Wai t for
Func No : to appear.
- Enter 3 7 and press send key, l ook for
success, press end key.
- Enter 38 and press send key, l ook for
success, press end key.
- Enter 41 and press send key, l ook for
success, press end key.
- Now hol d end key to power down the
phone.
Congratu l at i ons! You have now wi ped
the phone cl ear of a l l data i ncl udi ng the tftp
server that the phone cal l s home to provi
si on i tsel f. Now run fwupgrade . exe from t he
desktop. The phone and computer must tal k
t o each other us i ng the same AccessPoi nt.
Let the upgrade appl i cati on t i me out and ask
you to make s ure the phone i s on.
I t i s cruci al that you power up t he phone
i mmedi atel y, get to Menu>Misc>RemoteTFTP ,
and update as qui ckl y as you can.
As soon as you confi rm that you want the
phone to update cl i ck "yes" on the update
tool to have another go at fi ndi ng your
phone. Wi th much l uck t he computer wi l l
fert i l i ze the phone wi th new fi rmware. You're
not out of the woods yet. It took me a total
of fou r t i mes fol l owi ng these steps to break
the phone of t he l ock. The fi rst ti me I found
t he phone cal l ed out t o BoredVoi ce and
reverted back t o a l ocked state i n a matter of
seconds. The other three t i mes I guess were
j ust for good meas ure. I t's been fou r months
now run n i ng v4. 50st and a l l i s good wi th the
added bonus of a web i nterface to take care
of a l l confi gurat i ons.
I t has been sai d t hat th i s wi l l not wor k on
newer hardware, but hope for the best and
gi ve i t a try!
An extremel y usefu l recourse is http : / /
-web . quick . c z / lake/ f l O O O_faq . htm
$upport Open Source! Shouts to your
mother!
ulumH Z
l
[
0 Z
I n t he spri ng i ssue, we sent out a survey
sheet wi t h a non-stamped envel ope to a l l of our
subscri bers as wel l as anyone who s ubscri bed
between the spr i ng and s ummer i ssue rel ease
dates. Over 1 5 percent of the peopl e responded
and around 86 percent of t hem were i n t he Uni ted
States. We want to t hank those of you who took
t he t i me to send i n a response and even pay the
postage whi ch i s furt her proof of you r dedi cat i on.
We rea l i Le that t he survey was onl y sent to a
fracti on of our readers and if you pi ck us u p at
a newsstand, you di dn't have a voi ce t hi s t i me
around. We have yet to fi gure out a good way
to do t hi s on l i ne whi l e bei ng confi ned to those
who actual l y buy t he magazi ne, however we are
consi der i ng several opti ons for t he future. So t hese
numbers shou l d not be consi dered sci ent i fi c. But
we feel t hey do represent a good cross secti on
of our audi ence. As a l ways, you r comments and
feedback are wel come. And now, l et's l ook at
some of t he resu I ts.
Fi rst off, the average age of our readers i s
36. We were sur pr i sed by the n umber of peopl e
who read us wel l i nto t hei r 70s and beyond. 85
percent of t he peopl e are ci vi l i ans wi t h around 2 . 5
percent each bei ng i n t h e mi l i t ary or i n a pri son .
The remai ni ng 1 0 percent were ei t her "other" or
di dn't answer.
Near l y 60 percent of our readers who are i n
school are a t col l ege l evel wi t h another 2 7 percent
at grad school l evel and 1 4 percent i n grades 9- 1 2 .
That's of t he 29 percent who chose to answer the
questi on i n t he fi rst pl ace. 1 5 percent of respon
dpnts are col l pgp dropouts and l ess than 1 pprcent
are h i gh school dropouts.
J ust under hal f of the peopl e have heard of
2600 t hrough t he I nternet or fri ends. J ust over a
quarter have heard of 2600 t hrough bookstores
or newsstands. Al most nobody has heard of us
t hrough fami l y.
The average subscri ber has been wi t h us for
j ust u nder five years. And a shocki ng 92. 3 percent
have never been to one of our conferences wh i l e
a stagger i ng 92 . 6 percent don't go t o 2600 meet
i ngs in t hei r area, most of whom stated they di dn't
go s i mpl y because t hey di dn't exi st where they
l i ved. Around l 2 percenl l i sten ! Of Ihc /oo/,
our weekl y radi o show. Near l y 96 percent of our
readers have I nternet con nect i vi ty.
On a scal e of 1 to , 2600 overa l l wei ghed
i n al 4. 42 . Ol her rat i ngs pr i ce: 4. 4,; covers:
4. Y>; edi tor i al s : 4. 26; arti cl es: 4. 1 2; marketpl ace
l . 4 l , genera l l ayout and des i gn: 4. 01; payphone
pi ct ures: 4. 2 1 ; puzzl e: 3 . 61 ; col u mns: 4. 34;
l etters: 4. I, and the back cover: 4. 3 2 . Of the
changes peopl e woul d l i ke to see, many expressed
a desi re for l ess techni cal content, i l l ustrat i ons,
and di agrams. Peopl e were spl i t ri ght down t he
mi ddl e on whet her or not we shoul d have adver
t i s i ng or whether we shou l d cont i nue to pr i nt code
i n t he magazi ne. However t he peopl e who were
agai nst these i tems were very passi onate i n t hei r
opi ni ons. Near l y everyone who answered sai d
t hei r s ubscr i pt i on does not ar r i ve on t i me. ( Thank
you, U. S. Postal Servi ce. ) Most peopl e found the
websi te and on l i ne store to be good overa l l whi l e
our customer servi ce approached t he excel l ent
rat i ng. There was strong i nterest i n a book or other
projects i n t he future.
Near l y everyone had addi t i onal t hi ngs to say,
a l l of whi ch we read and wi l l consi der. We can
onl y pr i nt a fracti on of t he comments her e but we
want to t hank a l l of you who took t he ti me to fi l l
t hi s out a n d provi de u s wi t h much val ued feed
back. Here i s some of i t :
- Nothi ng stands out as a "favor i te" but I 've read
every magazi ne cover to cover si nce about 1 986.
Can' t say that about any other magazi ne.
- Conti nue to offer a di verse range of art i cl es and
topi cs. For every one arti cl e that doesn't i nterest me,
there's fi ve that do.
- You see my age ( 61 ) . Your type size i s |oosma//.
Sure, you get more i nfo per page but i t's a real pai n
t o see.
You're cl ose to bei ng an above the board,
respected j ournal . But not qui te.
- I greatl y enjoy the edi tor i al s and l etter col umns.
Art i cl es about nati onwi de franchi se systems are al so
qui te i nteresti ng.
You guys are great. Al l the pri soner ads are
ki nd of di sturbi ng. I wi sh I was smart enough to wri te
somet hi ng to get publ i shed. Maybe some day. For
now I wi l l keep readi ng. You guys have the # 1 spot
in my magazi ne rack by my toi l et.
Stop t hrowi ng pol i t i cs i nto the mag. You're a
|cchno/oy zi ne (whether or not you l i ke i t ) .
I l ove the mag. I l ove the edi tori al sl ant. I feel
l i ke there i s no tech subject matter mi ssi ng. I feel
vc/y i nspi red and vc/y moti vated to boost my ski l l
set when I read ZOO.
- I woul d l i ke to see more about hacki ng around
the wor l d (As i a, Europe, Lati n Ameri ca, etc. ) Some
ti mes i t's too U. S. speci fi c.
- I l augh when you guys compl ai n about the
pri son sentences of t hi eves who stea l over the net.
Those guys are common cr i mi nal s. They j ust use an
uncommon method to steal and deserve the ti me
they get. Don't treat them di ferentl y ( better) than
other th i eves.
- [cal l y, cut down on I he l etlers to the edi lor.
Some months there seems to he more l etters than
l
[
0 Z
Z%
[
ZH0
si gnal . appreci ated. Many ti mes "paths of act i on" or "tri cks"
- I real l y l i ke 200 and enj oy the art i cl es. The descri bed i n content i s ei ther too hacker-babbl e or
websi te i s a l i ttl e weak. I compl etel y understand that not commun i cated i n a way that cou l d make i t fun
most of your efforts go i nto the great publ i cati ons but for me too.
the websi te needs a l i ttl e more "umph. " - Less pol i ti cs. There seems to be an obvi ous
- The magazi ne content i s excel l ent. Someti mes pul l to the left at ti mes. I'm part of the VRWC. Keep
the " Letters" secti on i s a bi t tedi ous but even there the pol i t i cs out.
you do some cl ever edi ti ng. Techni cal art i cl es are - I l ove the mag. The l i fet i me sub was the best
u t hi S
.
I S the worst
.
ki nd of agony. I can say
there I S noth i ng more pai nful or l i fe changi ng that
I ' ve ever experi enced. Wi thi n the next few weeks
I changed from bei ng an al l -trust i ng h usband who
never questi oned hi s wi fe' s fai thful ness to an
obsessi ve, overl y j eal ous man who had to know
where she was and what she was doi ng at a l l ti mes.
Atoma' s arti cl e was about the i nformati on he was
abl e to pu l l up off hi s gi rl fri end' s computer from
del eted and h i dden fi l es. He was not onl y abl e to
fi
ters at h
\i
ble
can onl y make
monthl y payments on ne u can view the ca
n
hi story goi ng back several months. I was abl e to see
everyone my wi fe tal ked to on our home phone and
h
r cel l pho
.
ne. I f she del eted somethi ng from t he
h i story on ei t her phone, i t woul d not be removed
from te on l i ne records. Us i ng Fi refox, I found an
extensi on t hat hel ped me f i nd street addresses.
Al l I had to get was a name and ci ty. w. skip
-ease . com gave me access to the extensi on
" Peopl e Search and Publ i c Record Tool bar. " Thi s
gave me several l i n ks to websi tes i ncl udi ng w.
z abasearch . com to do my searches and made
I t very easy to not onl y gi ve me thi s guy' s home
address and phone number but al so hi s wi fe' s
name. After a few searches I not onl y had t he i nfor
mat i on I wanted but I al so had names and addresses
of h i m, hi s wi fe, and hi s mother- i n- l aw. Fami l y tree
web pages gave even more detai l s : chi l dren ' s and
parents' names, bi rth and marr i age dates and l oca
ti ons. Dr i vi ng by the house gave me the chance
to see thei r cars and l i cense pl ates. I found w.
dmv .
,
org -
.
t hi s websi te gave me l i n ks to my l ocal
state s on l i ne pages to see what I cou l d fi nd wi t h
the l i cense pl ates.
Many ci t i es and counti es offer websi tes that
al l ow you to check records to see i f someone i s an
offender or has a cri mi nal record. Some states even
have pri soner i nmate l i sts on the I nternet. These
government si tes are free and avai l abl e for use by
the publ i c.
On my wi fe' s fl ash dri ve I found a good-bye
l etter that was more of a l ove l etter. I t gave me more
i nformati on al l owi ng me to add Googl e Earth to
my tool box and gave me a pi ctu
z
e of where they' d
been and where they tal ked or. dreamed about
run n i ng away to. I was al so abl e to vi si t websi tes
gi vi ng detai l s of each of these l ocati ons i ncl udi ng
some of the avai l abl e I nt i mate acti vi ti es for the
guests.
There i s a ton of i nformati on on the I nternet
and once i t' s there you can bet that i nfo wi l l never
be erased. I f you doubt that, go to w. archive .
-org . I created a websi te and removed it over
seven years ago and they sti l l have every deta i l
of I t. Once someone gai ns access t o the I nternet
i t ' s l i ke i nsta l l i ng 0 new hard dri ve wi th a l l of t hi s
i nformat i on. I t ' s al l r i ght there. You j ust need l ots of
l
[
0 J+ Z%
[
ZH0
pati ence and to know how to l ook for i t.
Dur i ng thi s l ast year t hi ngs have i mproved.
What started wi t h the news l ed to me bei ng severel y
dr unk on a regu l ar bas i s and my wi fe l i vi ng wi t h
her fami l y i n another state for two months. I ' ve
al so been nearl y i mposs i bl e to l i ve wi th, but i t ' s
shown me t hat she' s tru l y commi tted i n maki ng our
marri age wor k. Thi ngs wi t h us ar e better now but
we ar e sti l l i n the process of hea l i ng.
A Broken Husband
While it' understandable to be completely
distraught over what happened, you also demon
strate why people should be genuinely afraid with
all of this information about them so readily avail
able. Stalkers, lunatics, and people with overall
bad intentions have all sorts of power to inject
themselves into your lives and it ', very dificult
to escape their intruding eyes unless you have
a decent plan to protect your privacy. The vast
majority of people do not.
Dear 2600:
I was readi ng the l atest i ssue and ran across
i n the s ni ppets secti on about how some fol ks are
l ooki ng for an anonymous emai l s i te. We made
one. I t l aunched i n J ul y 2006 at http: //www.
-venompen. com/. Now keep in mi nd, it ai n' t qu i te
hardened yet, and we a i n ' t too s ure we want a l ot
of attenti on. But we' re free and we' re anonymous
( a rel at i ve t er m as you know) .
For now, I thought that thi s may be of benefi t to
your readers i n our bi g ol d communi ty. We' re real l y
here t o do no har m. I j ust read t he art i cl e and fel t
i t appropri ate t o provi de t hi s l i n k t o what we feel
is a necessary out l et for those who need to express
concern ( pueri l e or not) or to vent anonymousl y.
I hope you can gl ean the genui ne i nterest I have
in provi di ng an out l et to those who are fearfu l of
bei ng i denti fi ed ( wi th the understandi ng they don ' t
browse t o us from work or someth i ng stupi d l i ke
that) .
Muddy
It should be noted that the mail that gets
passed through this site is posted for all to see
(minus addresses) and that those running this
system have the ability to see everything.
Safeguards
to the recept i oni st who I had j ust cal l ed. She gave
me a puzzl ed l ook and asked i f I wanted a mai n
tenance key or a tel ecom key. I tol d her tel ecom
fol l owed by whi ch bui l di ng the c l oset was l ocated
i n. She opened a wa l l l ocker and pul l ed out a key
wi th a tag attached to i t. She asked for my name,
company, and cel l phone number. I pul l ed out my
wal l et as I answered the questi ons and before I
cou l d pu l l out my | |she dropped the key on the
counter. I guessed because of my busi ness atti re
that she j ust assumed I was okay. As I wal ked
back to the practi ce I l ooked at the tag on the key
and noti ced that i t had two bui l di ng numbers on
i t. Sure enough, i t opened a l l cl osets I passed i n
both bu i l di ngs ! After t h e cal l was fi ni shed I brought
the key back. She di dn' t check my name off i n her
book. She j ust t ook the key back to the l ocker. I put
i t behi nd me thi nk i ng that she may have been i n a
bad mood or someth i ng ( common at t hi s hospi tal ) .
I n March I had a s i mi l ar cal l at another prac
t i ce. The same exact th i ng happened! No | |check.
No check off i n the " l og book. " And absol utel y no
si gnatures ! I t was a di fferent gi rl that was worki ng
t he counter. I don ' t know about anyone el se, but
i t scares me t o t hi nk t hat the proper safeguards
aren ' t bei ng t aken wi t h the networ ki ng cl osets at
t hi s hospi ta l . Bot h of my coworkers reported that
they have never been prompted for any form of | |
or proof of work. I c a n j ust i magi ne t h e weal th of
knowl edge a person coul d obtai n by moni tor i ng a
network from the c l oset: SSNs, DOBs, addresses,
and medi cal i nformat i on ! I have sent an anony
mous ti p to the management company to hopefu l l y
resol ve t h i s . I guess I wi l l fi nd ou t t h e next t i me I
have network work to do!
i nf3kTl D
Don 't hold your breath. Stupidity and bad
security practices have an amazing resiliency
Dear 2600:
Today I wi t hdrew some money from the ATM at
Bank of Amer i ca. I i nserted my card and soon was
asked for my PI N. I ' ve done t hi s hundreds of t i mes
before but never thought about t hi s. When I i nput
my PI N I real i zed how l oud the tone was when I hi t
each number. I al so real i zed that t he fou r numbers
that I i nput had di fferent tones, not unl i ke a phone
keypad.
I wonder i f i t wou l d be poss i bl e to bug the
Dear 2600: area of the ATM and record the tones. A l i ttl e t r i al
I wor k for a sma l l computer support company i n and error shoul d yi el d the correct numbers. I f the
the southeast Uni ted States. The j ob consi sts most l y number overheard was, say, 4-4-3-4 i t i s easy to
of fi el d cal l s that requi re al most no knowl edge fi gure out the number i n t hi s manner. Then a l l you
whatsoever - broken CD- ROM trays, unpl ugged need i s the card to do a transact i on. Supposedl y
network cabl es, etc. On occas i on I recei ve work one safeguard agai nst card theft i s the secrecy of
orders to repai r i ssues at a l ocal hospi ta l . The the PI N but i t i s n' t very secret i f I can eas i l y trans-
hospi tal i s one of the l argest i n the regi on wi th l ate i t i nto numbers s i mpl y by heari ng the machi ne
al most 1 00 i ndependent practi ces partnered wi t h and then steal the card.
the 500+ bed fac i l i ty. I recei ved a work order i n Of course, I cou l d beat the number out of hi m
J anuary t o " revamp" t he network for a practi ce. The when I rob h i m but i t ' s far more fun to hack i t.
networ ki ng cl osets for these i ndependent practi ces AnOl dFool
are sti l l control l ed by the hospi ta l ' s management And these are the letters that wind up getting
company. quoted on the news. But seriously, for those
I cal l ed the phone number l ocated on a si gn people whose modus operandi includes stealing
that was attached to the l ocked cl oset door. A things out of wallets and purses, obtaining a
young l ady answered the phone and expl ai ned that U. S. style credit card that relies only on a usually
I woul d have to come to thei r offi ce and get the unverified signature would be far more useful to
key. I ran across t he street to t hei r offi ce and t al ked their life of crime. (Other countries have started
ulumHZ
l
[
0 Jo
to use the "chip and pin " system that requires a
PIN but no signature and supposedly has reduced
credit card fraud and identity theft.}
Submissions
Dear 2600:
I am wr i t i ng i n regards to arti cl e submi ssi ons for
?00. I have an i dea for someth i ng about whi ch I
wou l d l i ke to wr i te. What is the procedu re? Shou l d
I s i mpl y wr i te t he arti cl e, t hen s end i t ? Or do I gi ve
a synopsi s fi rst? Al so, what ki nd of word counts are
you i nterested i n ?
Mi chael
The whole process is relatively informal. Simply
send your submission to articles @ 2 6 0 0 _ com
and, if it' selected, you'll get a notification some
time before the next issue comes out. (Depending
on backlog, it could take a couple of issues for
your article to appear. ) A synopsis isn 't necessary,
nor is a word count. Co for as long as necessary to
make your article informative and interesting. Just
remember to keep it in the hacker perspective.
Dear 2600:
I have an a rt i cl e I wrote on us i ng ssh as a
SOCKS proxy to keep peopl e on i nsecure networks
from spyi ng on you. | have a rough draft on my
wehsi te. There were some comments made on the
arti cl e and I wou l d l i ke to i ncorporate those i nto i t
i f you guys are i nterested. I wi l l rewri te i t i f there i s
any i nterest i n t hi s topi c. I t certa i nl y hel ps me wi t h
a l ot of pr i vacy and fi rewa l l concerns.
Tyler
Sounds interesting hut we have to point out
our policy ahout previously released material.
If it', heen published already, even on a small
wehsite t hat " open to the world, we likely won 't
he ahle to consider it as our readers tend not to
like reprints in new editions.
Dear 2600:
I was recent l y wr i t i ng H SYN port scanner
( based on r aw sockets and t he pcap l i brary) and
was wonder i ng i f an art i cl e a bout the process of
bui l di ng such a scanner wou l d be i nteresti ng t o t he
readers of 2o. Do you th i nk you ' d l i ke to publ i sh
someth i ng l i ke t hi s?
i thi lgore
It can 't hurt to send it in. Even if we don 't use
it, you've gotten your thoughts down in writing
which is almost always a good thing.
Dear 2600:
Are there any mi ni mum requi rements for art i cl e
submi ssi ons?
J osh
Words that make sense when strung together.
Words that have something to do with hacking.
And words that haven't appeared elsewhere.
you won ' t share my emai l address wi t h anyone.
W C
There certainly are a lot of submission ques
tions in this issue, aren't there? We always advise
people to send in what they've written. In order to
be considered, your article must contain elements
of the hacker spirit which basically means inquisi
tiveness, imagination, rebelliousness, and an
ability t o think outside t he box. It shouldn 't be
the sort of thing that could appear in a "normal "
computer publication. And unless you indicate
your email address in the text of your article, it is
not printed nor released to anyone.
Meetings
Dear 2600:
I know i n your meet i ng gu i del i nes i t i s stated
that anyone can attend regardl ess of experti se
l evel . I am goi ng to school for computer secur i ty
and forensi c i nvesti gati on at t hi s t i me, but I real i ze
after l i sten i ng to my professors that the best way
to l ear n the i ndustry i s to networ k wi th those who
are actua l l y doi ng the hacki ng. My ul t i mate goa l
is to go after chi l d pornographers, whi ch I am s ure
wou l d be a favorabl e goa l i n the eyes of any hacker
t hat has chi l dren. I a l so want to l earn how best to
protect chi l dren whi l e they' re onl i ne so the preda
tors have a harder ti me performi ng thei r ungodl y
deeds. What I don ' t want t o do i s make anyone at a
.00meeti ng uncomfortabl e knowi ng I ' m not there
for mal i ci ous hacki ng. So before even attempt i ng to
attend I wanted it to be known up front why I want
to attend. Does anyone at ?00 know of any free
onl i ne tutor i al s for hacki ng basi cs? Or are there any
members wi l l i ng to share the experti se for free to
hel p me i n my goa l ?
Vi nce
The fact that you think meeting attendees
would be uncomfortable if you were not mali
cious tells us you have a great deal to lear about
this community As for wanting to protect the chil
dren, that 's all fine and good but far too often we
see the tools developed with that in mind turned
against those who merely wish to exist in a free
thinking and open environment. The best way to
keep kids safe is to educate them and not to create
a "nanny net" which will result in the regulation
of content far beyond the original goals.
Dear 2600:
Let me say that I ' ve been readi ng your maga
zi ne for al most si x years now and I have l oved
every s i ngl e i ssue. I ' d l i ke to contri bute two i deas
that mi ght make i t even better. One, I know you
guys are rel eas i ng the magazi ne on the fi rst Fri day
of every season. Even though i t ' s rel eased at that
ti me i t usua l l y does n' t hi t t he stands for another
few days, so i t mi sses that ?00 meet i ng. I f there
woul d be a way to rel ease it a few days pr i or to
the meet i ngs, we wou l d have the copy wi th us and
more th i ngs to di scuss. I t woul d be excel l ent. My
second i dea i s to have short stori es wr i tten i nto the
Dear 2600: pages somehow. Maybe l i ke one story per i ssue.
I am consi deri ng wr i t i ng an art i cl e i ntroduci ng I fi gure i f al l of us agree t hat Hol l ywood does n' t
t he basi cs of UNI X or an arti cl e expl ai ni ng t he i nner depi ct us accuratel y, why don ' t we show them how
worki ngs of the x86. Are ei t her of these somethi ng i t ' s rea l l y done wi t h proper termi nol ogy and a l l ?
you wou l d be i nterested i n publ i s hi ng? I trust that
You guys recent l y added those fou r extra
p
ages
l[
0 J Z%
[
Zm0
so I
d
on' t know i
f
a
dd
i ng more pages
f
or t
h
e story
wou l d be reasonabl e, but i t was j ust a t
h
oug
h
t.
Anyway, keep up the good work. 200 has me as
a |i feti me rea
d
er.
MasterChen
It' a rare combination to be able to write a
decent story and get all the terminology right. We'
like to see it happen more often. As for the release
dates of the issues, this is a problem caused by the
stores and distributors. We ask them when they
need it in order to meet a particular on sale date.
Even though they get the issue on the day they
request it in order to meet that date, for whatever
reason they don 't get around to putting it on the
shelves. But we've also had the opposite problem.
Some distributors push the issue onto stands well
before the on sale date thinking they're somehow
gaining an advantage by being first. This only
pisses off our other distributors who then do the
same thing next time. And while all of this is going
on, weIe also trying to get it to our subscribers
within the same time frame. If it continues to be a
problem we can try and get it on stands a week or
so earlier. But even then there will be problems.
That much is guaranteed.
Dear 2600:
I s the average atten
d
ee
f
or t
h
e 200 meet
i ngs
h
ere i n t
h
e U. S.
f
i nanci al l y wel l o
ff
? J ust a
t
h
oug
h
t.
John
If only we knew where the thought was going.
We don 't know how well off any of our attendees
are but, as it' never been about money, this isn 't
something that ' likely to matter.
Critique
Dear 2600:
I apol ogi ze
f
or t
h
i s l etter comi ng so l ate but
I was onl y recent l y ma
d
e aware o
f
an arti cl e i n
23: 3 cal l e
d
"W
h
ere
h
ave a l l t
h
e Phi l ez Gone?" by
game . . . . T
h
ere i s somet
h
i ng
d
i
ff
erent to
d
ay. " T
h
i s
i s absol ute garbage. On a regu l ar bas i s , I down
l oa
d
gi gabytes of i nformati on, some of i t not out
of pl ace
f
rom anythi ng from t
h
e BBS era, most o
f
it not. W
h
at makes sense to put on one of the text
f
i l es websi tes, I do. What doesn ' t ends up in my
arc
h
i ves. Ei t
h
er way, I fi nd t
h
e process many ti mes
easi er an
d
pai n l ess t
h
an the hei ght o
f
the BBS era,
when the opportuni ty to
d
own l oa
d
a sma l l handfu l
of text fi l es came at the pri ce o
f
an enti re even i ng
of re
d
i a l i ng wi t
h
a mo
d
em. I n one eveni ng i n the
current era I can
d
own l oa
d
more f i l es t
h
an I
d
own
l oade
d
i n a
d
ecade o
f
us i ng BBSes.
T
h
e art i cl e cl ai ms that new users are onl y
recentl y t
h
e vi ct i ms o
f
l ack of respect. Th i s i s crazy;
I
h
ave fi l e a
f
ter
f
i l e o
f
bul l et i n boar
d
message bases
showi ng
d
i srespect to new users, j ust as I
h
ave
many s
h
owi ng respect and char i ty by o
ff
er i ng
i n
f
ormati on an
d
gu i
d
ance.
W
h
i l e I u n
d
erstan
d
t
h
e nee
d
to
f
i l l pages,
pl ease consi
d
er art i cl es that provi
d
e rote i nstruc
ti ons on basi c aspects o
f
computer i n
f
ormati on, or
whi ch
d
on' t attempt to stray i nto warpe
d h
i stori cal
teac
h
i ngs i n t
h
e space o
f
one an
d
a
h
al
f
pages.
Jason Scott
While we understand your obvious passion
for what you do, it is possible to convey knowl
edge of the information and services you provide
without insulting us or our writers. People submit
articles with the knowledge that they are aware
of others with additional knowledge add to this
or correct the mistakes. It's not ahout trying to fill
pages or speaking out of ignorance. It' a process
that results in a dialog amidst the clearinghouse of
information that passes through here. To us that
dialog is as important as the conclusions since it
gets people into a thinking mode. When you put
people down for not having the same knowledge
as you, then that dialog is poisoned and overshad
owed by negativity There' already enough of that
to go around, past and present.
Gl utton. T
h
i s art i cl e is
h
or r i bl e. Dear 2600:
T
h
e arti cl e,
f
or everyone who
h
asn ' t rea
d
i t I rea
d
t
h
e arti cl e "Hacki ng Your Own Front
s i nce l ast
f
al l , covers t
h
e topi c o
f
"text
f
i l es, "
f
i l es on Door" by Cl i
ff
i n 24: 1 . Cl i
ff
was r i g
h
t to poi nt out
bul l et i n boar
d
systems an
d
t hei r pl ace i n h i story, t
h
at many l ocks on
h
omes an
d
bus i nesses i n t
h
e
an
d
a
d
i scussi on o
f
t
h
e current state o
f
t
h
em. It i s Uni te
d
States are i na
d
equate an
d
easy t o pi ck usi ng
wrong on bot
h
counts. t
h
e "bump" met
h
o
d
. However,
h
e states t
h
at, "Al l
An i mpl i cat i on i s ma
d
e t
h
at t
h
ese
f
i l es are
h
ar
d
o
f
t
h
e l ocks can be opene
d
by an amateur i n l ess
to
f
i n
d
. T
h
ey are not. textfles . com
h
as been t
h
an two secon
d
s. " T
h
i s i s total l y
f
al se. Fi rst, you
maki ng BBS-era text
f
i l es avai l abl e s i nce 1 998, an
d
nee
d
to get a bl ank key that is uncut. It is i l l egal
h
as i tsel
f
been mi rrore
d
an
d d
ownl oa
d
e
d
count l ess
f
or a l ocks mi t
h
to provi
d
e t
h
i s . Even i
f
you got t
h
e
t i mes i n t
h
e l ast n i ne years. It
h
as been t
h
oroug
h
l y correct bl ank an
d f
i l e
d
i t
d
own, i t wou l
d
onl y
f
i t
mappe
d
by searc
h
engi nes an
d
t
h
e tens o
f
t
h
ou- i nto a l ock wi t
h
t
h
e same keyway. T
h
ere are t
h
ou-
san
d
s o
f
BBS text
f
i l es are bei ng
d
i scovere
d
an
d
san
d
s o
f d
i
ff
erent keyways. J ust go to a l ocks mi t
h
d
own l oa
d
e
d
constant l y, to t
h
e t une o
f h
un
d
re
d
s an
d
l ook at a l l t
h
e keys
h
angi ng on t
h
e wal l . Many
o
f
t
h
ousan
d
s o
f
users a mont
h
. phrack . org i s keyways are propri etary too an
d
you coul
d
never
menti one
d
as a source
f
or Phrack, w
h
i l e text get your
h
an
d
s on t
h
e bl anks anyway. But l et's say
-fles . com
h
as Ph rack an
d h
un
d
re
d
s o
f
ot
h
er el ec- you
h
a
d
possessi on o
f
a Me
d
eco, Abl oy, Sc
h
l age
t roni c magazi nes t
h
at
h
ave
f
l our i s
h
e
d
i n t
h
e l ast 2 0 Pr i mus, ASSA, Mul -T- Lock, Kaba, or DOM key.
years. A secon
d
s i te, web . textfles . com, tracks T
h
e bl ank wou l
d
n't
h
el p you pi ck t
h
e l ock s i nce a l l
BBS-styl e text
f
i l es wri tten a
f
ter 1 995, proVi
d
i ng these bran
d
s go beyon
d
t
h
e s i mpl e
f
i ve-pi n tec
h
-
a l ocati on
f
or users to bot
h
rea
d
an
d
upl oa
d
t
h
ei r nol ogy an
d
pi cki ng t
h
em i s pretty cl ose t o i mpos-
recentl y wr i tten works. s i bl e. Cl i
ff
suggests us i ng a C
h
ubb-styl e l ock. T
h
ese
T
h
en, wor ki ng o
ff
t
h
i s base mi sassumpti on,
h
ave been aroun
d f
or over 1 50 years an
d
t
h
ey are
Gl utton specul ates as to w
h
y t
h
ese text
f
i l es are equal l y as secure as any o
f
t
h
e ment i one
d h
i g
h
-
h
ar
d
er to
f
i n
d
or not ava i l abl e. Hi s concl usi on i s secur i ty bran
d
s . However, l ever l ocks (C
h
ubb-
t
h
at "T
h
e s
h
ar i ng o
f
i n
f
ormati on i s a
d
angerous styl e) are general l y morti se
d
i nto a
d
oor an
d
are
ulumH Z
l[
0 J
not compat i b
l
e wi t
h d
oors
d
esi gne
d f
or use wi t
h
a
cyl i n
d
ri ca
l l
ock.
Anonymous
Dear 2600:
P
l
ease
l
et me use you as a me
d
i um to t
h
ank
NYC Locksmi t
h f
or
h
i s
f
u
l l
,
d
etai
l
e
d
an
d
exce
l l
ent
response to my arti c
l
e " Hacki ng Your Own Front
Door. " NYCL, s i r, I
d
e
f
er to your greater knowl e
d
ge
an
d
experi ence!
You ' re correct about t
h
e Br i t i s
h
connecti on,
an
d
i n
d
ee
d
correct about my
l
ack o
f
i ns i
d
er know
l
e
d
ge on t
h
e subject. I ' m not a tra
d
e pro
f
essi ona
l
,
j ust a guy w
h
o
f
oun
d
somet
h
i ng t
h
at worri e
d h
i m,
l
earne
d
w
h
y it worri e
d h
i m, an
d
wante
d
to a
l
ert
ot
h
ers as best I cou
l d
. T
h
e topi c
d
i
d
n' t seem to
h
ave
been covere
d
in t
h
e past
f
i ve years at l east, an
d
so seeme
d f
ai r game. T
h
e
h
eart o
f
my art i c
l
e was
pi tc
h
e
d
as an awareness-rai ser as oppose
d
to an i n
d
ept
h
exp
l
orat i on, ass umi ng 2600ers were smart
enoug
h
to go an
d f
i n
d
out more ( an
d
t
h
en try it
f
or
t
h
emse
l
ves) i
f
t
h
ey were keen!
I
h
a
d
enoug
h
success wi t
h h
an
d
-carve
d
bump
keys t o warrant t
h
i nki ng t
h
i s wort
h
y o
f
submi ssi on.
I ' m most p
l
ease
d
t
h
at we seem t o be u n i que
l
y
un
d
er-protecte
d h
ere i n t
h
e U. K. compare
d
wi t
h
a
l l
t
h
e s ui tes/manu
f
acturers you seem to
h
ave avai l
ab
l
e i n t
h
e U. S. We nee
d
a wi
d
er sprea
d h
ere, but
Ya
l
e ( or compat i bl e/c
l
one
l
ocks)
h
ave somet
h
i ng
l i ke 75 percent o
f
t
h
e
f
ront
d
oors I know, a
l l
wi t
h
t
h
e same gat i ng ( or w
h
atever your tra
d
e term i s, i
f
not "gat i ng") . A
l
t
h
oug
h
I
d
i
d
n ' t
d
i sti ngui s
h
c
l
ear
l
y
enoug
h
between a un i versal master key an
d
one
f
or a part i cul ar s ui te o
f l
ocks, i n t
h
e U. K. a Yal e
bump key i s approac
h
i ng
f
unct i ona
l
equ i val ence
to a master key.
T
h
anks aga i n
f
or t
h
e consi
d
ere
d
an
d f
u
l l
response. Per
h
aps you wou
l d
l i ke t o wri te ot
h
er
arti c
l
es on p
h
ysi cal secur i ty wi t
h
more
d
etai
l
? I
know I '
d
be keen to rea
d
any you wrote. I ' m sure
many ot
h
ers wou
l d
be too.
Cl if
poor 1 4-year-ol
d
Bi
l l
y
d
oesn ' t
h
ave an I nternet
connecti on,
h
ow is
h
e suppose
d
to get
h
i s ques
ti on answere
d
i
f
t
h
e e
d
i tors re
f
use to answer i t i n
t
h
e magazi ne? He won ' t, an
d
a quest i on not bei ng
answere
d
i s never a goo
d
t
h
i ng.
T
h
e ot
h
er t
h
i ng about
h
avi ng a
l l
t
h
e i n
f
orma
ti on provi
d
e
d
on t
h
e webs i te goes back to my state
ment t
h
at
h
acki ng is not an acti on, but a way o
f
t
h
i nk i ng. I
f
a
l l
t
h
e i n
f
ormati on on
h
ow to
d
o t
h
i ngs,
proper
f
ormatt i ng, e
l
ectr i ca
l
sc
h
emati cs are spoon
f
e
d
to us,
h
ow are we s uppose
d
to
h
ack? Hacki ng
i s t
h
e sea rc
h f
or i n
f
ormati on t o t r y an
d f
i n
d
a better
way o
f
accomp
l
i s
h
i ng a goa
l
, w
h
et
h
er t
h
at is to get
an i Po
d
to snag a
l l
t
h
e passwor
d
s o
ff
a computer,
or
f
i n
d
i ng a
d
i
ff
erent roa
d h
ome w
h
en t
h
e norma
l
one you trave
l
on is cl ose
d d
own
f
or construct i on.
As
f
ar as arti c
l
es go, I rea
l l
y
d
on' t t
h
i n k t
h
e e
d
i tors
mi n
d
i
f
you sen
d
i n a banner or not. I
f
you
d
o, an
d
it can be
f
ormatte
d
to t
h
ei r magazi ne, I am s ure
t
h
ey wi
l l
use i t. I
f
not, t
h
en maybe t
h
ey wi
l l f
i n
d
one o
f
t
h
ei r own . W
h
o knows u n
l
ess you ei t
h
er
ask, or try?
I
h
ave been us i ng Li nux
f
or t
h
e l ast
f
our years.
Not unt i
l
j ust recent
l
y t
h
oug
h h
ave I been rea
l l
y
tryi ng to
l
earn
h
ow to manage a L i nux box. You
can' t
l
earn
h
ow to proper
l
y a
d
mi n i ster a L i nux box
by rea
d
i ng a book or by a
l
ways bei ng gi ven t
h
e
answers. I
h
ave use
d
Fe
d
ora, Ubuntu, Re
d
Hat, an
d
SUSE. None o
f
t
h
ese rea
l l
y l ets you
l
earn
h
ow t
h
e
OS works because a
l
ot o
f f
unct i ons are
d
one
f
or
you . A week ago as o
f
wr i t i ng t
h
i s, I swi tc
h
e
d
to
S
l
ackware 1 2 . 0. T
h
e reason
f
or t
h
i s i s because i t
wi
l l
gi ve me t
h
e opport un i ty t o actual l y
l
earn Li nux
because
h
ar
dl
y anyt
h
i ng i s
d
one
f
or you. Actua
l
ly,
app
l
i cati ons work better an
d f
aster i
f
you compi
l
e
t
h
e source co
d
e yourse
l f
rat
h
er t
h
an runni ng an
i nsta
l l
er. Some peop
l
e
d
on' t nee
d
t o know
h
ow to
f
u
l l
y a
d
mi ni ster a Li nux
d
i stro an
d
t
h
at is
f
i ne. But
f
or t
h
e peop
l
e w
h
o want t o
l
earn
h
ow t o
d
o t
h
i ngs
i n L i nux at t
h
e comman
d l
i ne, you
d
on' t
l
earn
un
l
ess you
d
o.
I
h
ave on
l
y been rea
d
i ng t
h
i s magazi ne regu
l
ar
l
y
f
or t
h
e
l
ast t
h
ree years, w
h
i c
h
i s onl y 1 2
Dear 2600:
i ssues. I
f
I remember correct
l
y, out o
f
t
h
ose 1 2
T
h
i s i s i n response to MS3 FGX' s
l
etter i n 24: 2 .
i ssues, t
h
ere
h
ave been four art i c
l
es about some
T
h
e e
d
i tors at 2600 are
d
oi ng a
f
i ne j ob wi t
h
t
h
e
sort o
f
Wi Fi
h
acki ng. W
h
et
h
er it was breaki ng t
h
e
magazi ne an
d
t
h
ei r websi te. You s
h
oul
d
rea
l
i ze t
h
at
WPA co
d
e or war
d
r i vi ng, t
h
e topi c o
f
Wi Fi i ntru-
t
h
ere i s a l ot o
f
work t
h
at
h
as to be
d
one between
si on
h
as been ta
l
ke
d
about a
l
ot. T
h
e reason i s,
eac
h
i ssue. I know t
h
at t
h
ree mont
h
s seems
l
i ke
as tec
h
no
l
ogy c
h
anges an
d
gets better, t
h
e ways
a
l
ot o
f
t i me
f
or on
l
y a 70 page magazi ne, but I
o
f
accomp
l
i s
h
i ng t
h
i ngs you want to
d
o wi t
h
t
h
at
wou
l d
not be surpri se
d
to
f
i n
d
out t
h
at i t i s actua
l
l y
tec
h
nol ogy c
h
anges. Do you t
h
i n k t
h
at
f
or t
h
e
l
ast
very
d
i
ff
i cu
l
t
f
or t
h
em to
d
o w
h
at t
h
ey
d
o.
2 3 years t
h
i s magazi ne
h
as been pub
l
i s
h
e
d
t
h
ere
You nee
d
to remember t
h
at
h
acki ng is not
h
asn ' t been a multitude o
f d
up
l
i cate topi cs? Look
mere
l
y an acti on t
h
at a person
d
oes on a computer.
at a
l l
t
h
e arti c
l
es t
h
ere
h
ave been on soci a
l
engi -
I t i s a state o
f
mi n
d
; a way o
f
t
h
i nki ng. You say t
h
at
neeri ng. T
h
e reason
f
or t
h
i s i s two
f
o
l d
.
t
h
ey waste space i n t
h
ei r magazi ne answer i ng
Fi rst, l et ' s t
h
i nk o
f
poor 1 4-year-o
l d
Bi
l l
y agai n.
repeat quest i ons an
d
t
h
ey probab
l
y get a
l
ot o
f I n t
h
e Spr i ng 2 005 i ssue, magneti c stri pe rea
d
i ng
d
up
l
i cate art i c
l
es. Yes, t
h
ey
d
o repeat a
l
ot o
f
t
h
e
was
d
i scusse
d
. But Bi
l l
y
d
oes n' t pi ck up
h
i s
f
i rst
same questi ons an
d
yes, I am s ure t
h
ey get tons o
f 2600 unt i
l
a
l
ater i ssue. Meanw
h
i
l
e, someone
d
up
l
i cate arti c
l
es. However, I
d
o not see t
h
i s as a
submi ts an arti c
l
e on magnet i c stri pe rea
d
i ng an
d
,
ba
d
t
h
i ng.
w
h
i
l
e bei ng i nnovati ve an
d d
i
ff
erent
f
rom t
h
e
Fi rst I wi
l l d
i scuss t
h
e quest i ons. Peop
l
e o
f
a
l l art i c
l
e i n t
h
e Spr i ng 2005 i ssue, t
h
e e
d
i tors rej ect
ages an
d l
i
f
esty
l
es rea
d
t
h
i s magazi ne. T
h
ere are
t
h
e arti c
l
e because t
h
ey are
f
o
l l
owi ng a new " no
peop
l
e w
h
o
d
o not
h
ave an I nternet connect i on ( as
d
up
l
i cate topi c" po
l
i cy. Or maybe t
h
e aut
h
or o
f
f
ar
f
etc
h
e
d
as t
h
at may soun
d
, it is true) . Or t
h
ey
t
h
i s art i c
l
e goes to 2600' 5 websi te an
d
sees t
h
at
may not know o
f
t
h
e 2600 websi te, or
d
on' t know
magnet i c stri pe rea
d
i ng was a
l
rea
d
y pub
l
i s
h
e
d
, so
h
ow to searc
h f
or i t . So i
f
t
h
e e
d
i tors post answers
h
e
d
eci
d
es not to submi t i t i n
f
ear t
h
at t
h
e e
d
i tors
to
f
requent
aske
d
questi ons on t
h
ei r webs i te, an
d wi
l l
rej ect t
h
e arti c
l
e. Ei t
h
er way, Bi
l l
y is now
l[
0 %
[
ZH0
d
eni e
d
i n
f
ormati on because peopl e are a
f
rai
d
to
pr i nt i n
f
ormati on on t
h
e same t
h
i ng twi ce.
T
h
i s o
f
course br i ngs me to my secon
d
poi nt:
t
h
ere i s al ways somet
h
i ng
d
i
ff
erent i n eac
h
art i cl e
even i
f
t
h
e topi c
h
as been covere
d
be
f
ore because,
aga i n, tec
h
nol ogy c
h
anges every
d
ay. I rea
d
t
h
e
art i cl e i n t
h
e Spr i ng 2005 i ssue, an
d
I
d
i
d
i t. I ma
d
e
my own magneti c stri pe rea
d
er. T
h
ere is a casi no
- t
h
at wi l l remai n namel ess - t
h
at uses a gi
f
t car
d
system to manage t
h
e i n
f
ormati on o
f
customers'
bal ances. I went to t
h
i s cas i no an
d
teste
d
my stri pe
rea
d
er on t
h
ei r car
d
. W
h
en I outputte
d
t
h
e
d
ata, I
was abl e to see w
h
ere t
h
e bal ance was store
d
an
d
I
was abl e to c
h
ange t
h
at amount. I went
f
rom
h
avi ng
$40 on t
h
e car
d
to $45 . I took t
h
e car
d
back to t
h
e
cas i no to cas
h
out. I wante
d
to see i
f
t
h
ey wou l
d
be abl e to noti ce t
h
at I went
f
rom
h
avi ng $40 on
t
h
e car
d
to $45 wi t
h
out even gambl i ng. T
h
ey
d
i
d
n' t
an
d
I ma
d
e a
f
ast
f
i ve bucks. A year l ater I
d
i
d
t
h
e
same t
h
i ng an
d
a l most got my ass arreste
d
w
h
en
t
h
ey coul
d
n' t matc
h
u p t
h
e
d
ata on t
h
e car
d
wi t
h
t
h
e game l ogs on t
h
ei r servers. So i
f
I were to wri te
an art i cl e on t
h
i s topi c, s
h
oul
d
it be rej ecte
d
on t
h
e
basi s t
h
at it was
d
i scusse
d
a l rea
d
y, even t
h
oug
h
t
h
e
ori gi nal art i cl e is no l onger accurate
f
or t
h
i s si tua
t i on? I t
h
i nk not.
I n
f
ormati on s
h
oul
d
never be kept
f
rom anyone,
but t
h
ere s
h
oul
d
not onl y be one way o
f
obta i n i ng
it ei t
h
er. T
h
i s magazi ne
h
as been publ i s
h
e
d f
or t
h
e
l ast 23 years. T
h
ey must he
d
oi ng a l ot o
f
t
h
i ngs
ri g
h
t to s urvi ve t
h
e troubl es t
h
at t
h
ey
h
ave prob
abl y
h
a
d
to go t
h
roug
h
. Remember,
h
acki ng i s not
j ust an acti on t
h
at i s
d
one on a computer - i t i s
a way o
f
t
h
i n ki ng. Once agai n, e
d
i tors o
f
2600,
t
h
ank you
f
or putt i ng out suc
h
a
f
i ne publ i cati on
an
d
keep
d
oi ng w
h
at you are
d
oi ng. I l ook
f
orwar
d
to rea
d
i ng a l l t
h
e
f
ut ure arti cl es on Wi Fi i ntrusi on
an
d
soci al engi neeri ng. Hack on!
P3ngul n
Thanks for the kind words. But please don't
mention us the next time you mess around with
money in a casino. In fact, don't let there be a
next time.
Dear 2600:
Dear 2600:
Fi rst o
ff
, I l ove t
h
e mag. I ' m a l ong t i me rea
d
er
h
al
f
way t
h
oug
h
my
f
i rst s ubscr i pt i on. Now t
h
at
f
orma l i ti es are out o
f
t
h
e way, i n 24: 2 a person
name
d
Barron wrote an
d
,
f
rom w
h
at I can tel l ,
h
e
was ma
d
about a publ i c l i brary
h
avi ng a control l e
d
access program on i ts computers an
d h
e al so coul
d
not
f
i n
d
a
h
acker or group o
f h
ackers w
h
o
h
acke
d
in t
h
e name o
f
t
h
e USA. As u n i ntel l i gi bl e as t
h
at
l etter was, my l etter i s about t
h
e response
f
rom
2600.
About
h
a l
f
way t
h
oug
h
t
h
e response, t
h
e topi c
t ur ns an
d
starts compar i ng peopl e w
h
o l ook
f
or
h
acki ng groups to t
h
e mi l i tary. Apparentl y,
accor
d
i ng to t
h
e respon
d
er, members o
f
t
h
e mi l i
tary are wr i t i ng l etters to 2600 i n or
d
er to
f
i n
d
h
ackers to "
d
o t
h
ei r bi
dd
i ng . . .
f
or t
h
ei r versi on
o
f
j usti ce" even t
h
oug
h
t
h
e
f
i rst l etter never sai
d
anyt
h
i ng about t
h
e mi l i tary. I personal l y was i n
t
h
e Mar i ne Corps
f
or
f
i ve years. I j oi ne
d
ou t o
f
my
own
f
ree wi l l an
d
nei t
h
er I nor anyone I knew ever
tri e
d
to tri ck someone el se ( or a group) to "
d
o our
bi
dd
i ng. " We a l rea
d
y
d
o our own
d
i rty wor k an
d
h
ave our own "
h
ackers" so we real l y
d
on' t nee
d
you to "become anot
h
er hranc
h
o
f
anyone's mi l i
tary. " Many o
f
t
h
e peopl e i n t
h
e mi l i tary ( not j ust
t
h
e tec
h
savvy computer guys, I
f
i xe
d
opti cs on
M- 1 98
h
owi tzers) rea
d
t
h
i s magazi ne an
d
wou l
d
not appreci ate bei ng compare
d
to
h
ustl ers, merce
nari es, an
d
ot
h
er suc
h
l owl i
f
es.
I ' m not sayi ng t
h
e U. S. government |o|
i ncl u
d
e
d
)
d
oes not
h
ave i ts
f
l aws, but pl ease
d
on' t
assume everyone i n t
h
e mi l i tary s
h
ares t
h
ose
vi ews. We are commi ssi one
d
an
d
enl i ste
d
men
an
d
women w
h
o are sti l l j ust as
f
ree as anyone to
h
ave our opi ni ons, vi ews, an
d
ways o
f
l i
f
e. Many
peopl e di d not
d
o anyt
h
i ng
f
or t
h
e
f
ree
d
oms t
h
ey
take
f
or grante
d
, but many
h
ave wi l l i ngl y
d
i e
d f
or
t
h
i s country so you cou l
d h
ave you r opi n i on an
d
vi ews.
No one i n any branc
h
o
f
t
h
e mi l i tary
d
eserves
wor
d
s l i ke t
h
at
f
rom anyone. Ri g
h
t or wrong, on
topi c or not. T
h
ere' s no nee
d
to tarni s
h
w
h
at we
stan
d f
or, w
h
i c
h
is mai ntai ni ng your "
f
ree an
d
open
access to t
h
oug
h
ts, i
d
eas, an
d
tec
h
nol ogy. " Pl ease
d
on' t assume t
h
at you ' re t
h
e onl y ones w
h
o care
about
f
ree
d
om. I
f
your e
d
i tors/respon
d
ers
d
on' t
approve o
f
t
h
i s country' s current mi l i tary acti ons,
t
h
at's j ust
f
i ne, but pl ease
d
on' t
d
i srespect us to
s
h
ow your opi ni ons.
I
h
ave been rea
d
i ng your magazi ne
f
or a year
now an
d
I absol utel y l ove i t. However I
d
o
f
i n
d
t
h
at your ra
d
i o s
h
ow seems to be rat
h
er l aggi ng i n
h
acker rel ate
d
content, c
h
oos i ng i nstea
d
t o rant
about past s
h
ows an
d
t
h
e FCC.
mi cah
Semper Fi
The radio show is not meant to be a rehash
Crazypete
of the magazine and it basically covers the world
CPL, USMC
of technology, privacy, consumer issues, and life Actually, there are plenty of people in the
itself from a hacker perspective of experimenta-
military who deserve words like that and a
tion, observation, and questioning. We try to
whole lot more. You are not a monolithic group
make it as interesting and infectious as possible so
of people who all think as one. You have some
that people with no technical knowledge at all are
great people and some really horrible ones.
drawn in. Focusing on the history (past shows)
We never condemned everyone in the military
underlines the signifcance of what we're doing
and our words were by no means meant to be
and keeping an eye on the FCC and their overly
aimed solely at the military of any one country.
restrictive actions is absolutely essential to anyone
It's a disservice to your organization and to the
interested in the survival of radio and free speech.
rest of us to simply turn a blind eye when some-
Those interested should go to http: //www. 2600. thing happens involving the military that would be
com/offthehook to listen live or through the
wrong in any other setting. And when members
archive. If you want the high fidelity editions, you
of any military try to get hackers to launch denial
can order them at http: //store. 2600. comand have
of service attacks against other countries, we will
hundreds of hours of history at your fingertips. speak out against it. That goes against the "free
ulumH Z
l
[0 JY
and open access " ideology you're supposedly
standing for and you should he equally outraged
at those trying to employ these tactics.
Dear 2600:
T
h
e Prop
h
et was a bit mi sl eadi ng in
h
i s
"Tel ecom I n
f
ormer" art i cl e ( 24: 2) w
h
en
h
e sa i d
t
h
at NeuStar control s system I D assi gnments. As
a cel l u l ar engi neer, I wi s
h
t
h
at t
h
i s was true. But
w
h
en t
h
e FCC pri vati ze
d
SI D assi gnments ( prob
abl y
f
or purel y i deo
l
ogi ca
l
reasons as t
h
e cost o
f
SI D management by t
h
em was probabl y negl i gi b
l
an
d
t
h
ere' s no reason t
h
ey cou l dn' t
h
ave c
h
arge
d
f
ees) t
h
ey ma
d
e it competi ti ve an
d
seven compa
n i es appl i e
d f
or t
h
e j ob, i ncl u
d
i ng NeuStar.
T
h
e gui
d
el i nes
f
or t
h
e compan i es i nvol ved are
on t
h
e U. S. FCC websi te at: http : / /wireless .
-fcc . gov/ services / cel l ul ar/ data/Admin
-istratorGuidelines0 9 0 5 0 3 . pdf
I t ' s not cl ear t
h
at any U. S. SI D co
d
es
h
ave been
a l l ocate
d
s i nce pri vati zati on i n 2 00: so i t seems
t
h
at t
h
e seven compan i es are run n i ng t
h
i s opera
ti on as a c
h
ar i ty ri g
h
t now (t
h
ey are suppose
d
to be
f
un
d
ed by
f
ees
f
rom SI D al
l
ocat i ons) .
T
h
e worst arti cl e I ' ve read i n a l ong t i me i s
"VoI P Cel l p
h
ones: T
h
e Cal l o
f
t
h
e Fut ure" by Toni
Sama ( 24: 2) . I t ' s
h
ar
d
t o know w
h
ere t o begi n
wi t
h
t
h
i s art i cl e, i t ' s s o
f
u
l
l o
f
mi s i n
f
ormati on.
Compar i ng UMA wi t
h
SI P i s bi zarre, because one' s
a ra
d
i o access protocol ( UMA) an
d
t
h
e ot
h
er i s an
appl i cati on protocol . T
h
ere' s no reason t
h
at bot
h
cou l
d
n ' t be use
d
at t
h
e same t i me. I n
f
act,
f
or any
Vol P access an appl i cati on protocol
h
as to be use
d
,
al t
h
oug
h
ot
h
ers are possi bl e suc
h
as H. 323 or t
h
e
many propri etary protocol s.
Part o
f
t
h
e con
f
usi on i s t
h
at Vol P means many
d
i
ff
erent t
h
i ngs. T
h
ere i s pure Vol P l i ke Skype,
w
h
ere t
h
e enti re cal l i s Vol P. T
h
ere are Vol P PBXs
w
h
i c
h
,
f
or secur i ty reasons, access t
h
e publ i c
network l i ke any ot
h
er system. T
h
ere are l ong
d
i stance carri ers t
h
at can be accesse
d
by any ki n
d
o
f
p
h
one an
d
use t
h
e I nternet to bypass expensi ve
i nternat i onal p
h
one l i nes, especi al l y to countri es
w
h
ere exorbi tant l ong
d
i stance c
h
arges are use
d
to garner
f
orei gn exc
h
ange. T
h
ere are compani es
l i ke Vonage t
h
at provi
d
e Vol P to t
h
e
h
ome but wi l l
eventual l y,
f
or most cal l s, convert t o PSTN proto
col s to a l l ow access. I roni ca l l y, to ensure t
h
ese
systems can i nterconnect, t
h
ey a l l
h
ave to convert
to stan
d
ar
d
PSTN protocol s . I ' m not aware o
f
any
Vol P protocol s t
h
at are i nteroperabl e ( e. g. , Skype
to Vonage) .
T
h
e bi g questi on
f
or wi rel ess i s w
h
at ' s wrong
wi t
h
t
h
ei r exi st i ng protocol s t
h
at use compresse
d
d
i gi t al voi ce ( 8- 1 3 kbps) over t
h
e ra
d
i o i nter
f
ace,
converte
d
to stan
d
ar
d
TDM voi ce ( 32-64 kbps)
wi t
h
i n t
h
e network. Wi rel ess Vol P
d
ramati cal l y
i ncreases t
h
e ban
d
wi
d
t
h
requi rements. It
d
oes not
d
ecrease t
h
em. Are t
h
e bene
f
i ts o
f h
avi ng a ra
d
i o
i nter
f
ace an
d
network t
h
at treats everyt
h
i ng as
d
ata rea l l y t
h
at great, especi al l y w
h
en muc
h
o
f
t
h
e
equi pment to
h
an
d
l e voi ce
h
as to be speci al i ze
d
ei t
h
er to provi
d
e protocol s l i ke S I P an
d
SDP or to
ensure rel i abl e
d
el i very o
f
t
h
e t i me sens i ti ve voi ce
packets?
Dl vrOc
In response to your first point, The Prophet
responds: "The writer is correct that NeuStar is
one of five companies authorized by the FCC to
perform SID administration. My article did not
state, and was not intended to imply that this
control is exclusive. For what it' s worth, we' ve
seen numerous new Sios appear over the years
in carrier PRLs; see http : / /www . rainyday .
-ca/ -dialtone for details. "
Dear 2600:
Re: "Spend Qual i ty Ti me On l i ne " ( Market
pl ace, 24: 2) , we a l l know t
h
e I nternet was onl y
i nvente
d f
or commerci a
l
exp
l
oi tati on o
f
gi r l s wi t
h
sel
f
-esteem i ssues ( a
f
ter a
l
l , sel l i ng sex servi ces
h
as
heen t
h
e
d
r i vi ng
f
actor be
h
i n
d
every maj or tec
h
t y to
be beli('ved without any further v/dn:. It ' Just
another example of how the publisher isn 't prop
erly protected in the publishing industry.
Dear 2600:
Th i s i s i n response to Dave' s l etter and hi s
concerns about secur i ty wi th Ci ngul ar ( now AT&T)
i n the Spr i ng i ssue. You asked the quest i on "Why
do i n-store sal es reps need access to accounts t hat
have al ready been created? " The reason for th I S
i s s i mpl e. Upgrades. Anyone who
.
has a n eXi s t i ng
account wi t h AT&T ei t her qua l i fi es or does not
qual i fy for a di scount on a new phone i n excha nge
for extendi ng thei r contract ( l i ke a l l proVi der s) . I t I S
necessary for the sal es rep to check te web appl i
cati on you menti oned t o see I f t he i ndi vi dual qual i
fi es, otherwi se every retai l er wou l d have t o ca l l
customer servi ce to get that i nformati on a n d that
wou l d be a ni ghtmare ( 1 5- 20 mi nute hol d t i mes ! ) .
I am a rep for Radi o Shack and us e th i S system
on a dai l y basi s. I t al so al l ows us to do ot her th i ngs
such as enter a new SI M card number i f yours
was damaged, or enter a new I ME I number ( l i ke a
phone's ser i al number) if you r phone is dama
ed. I t
does however gi ve the i nformati on you menti oned
i n your l etter ( l ast four of SSN, password, etc. ) . ( t
is every rep's respons i bi l i ty to ver i fy a customer s
i denti ty before ever di scussi ng a n account Wi t h
them. I can't speak for everyone but I mysel f al ways
l ook at an | |, ask for the l ast four or the password,
and never l et a customer l ook at the screen unl ess
I ' m absol utel y s ure they are who they say they are.
You must remember there are goi ng to be securi ty
hol es everywhere and, wh i l e that's not very reas
sur i ng, i t sadl y i s t he truth.
I hope someone from AT&T reads your l etter
and takes acti on to stop these practi ces but they
can't stop everyon
.
e. I f you're r
al l y
.
concerned
about pri vacy and i nformati on bei ng gi ven to the
ulumH Z
wrong person, I woul d suggest prepai d servi ce. Al l
you have t o do i s h a n d someone some cash, get a
PI N, enter it on your phone, and you're good to
?
o,
no quest i ons asked. It is, however, more expens i ve
then a postpai d account ( dependi ng on how much
you tal k) , but pr i vacy comes Wi t h a pr I Ce. As for t he
graph you ment i oned t hat shows whether you ar e a
profi tabl e customer or not, I have not seen t hi S on
our systems, but each retai l er may have thei r own
software to access AT&T' s i nformat i on.
I hope t hi s has answered your questi ons and
those of anyone el se who i s concerned about t hei r
pr i vacy.
Justi n
Dear 2600:
Whi l e I was readi ng the l atest edi t i on, I noti ced
peopl e expl ai ni ng that Barnes and Nobl e had to
manua l l y enter the pr i ce of the magazi ne. I al so
read your expl anat i on that the pr i ce IS embedded
i n the UPC i tsel f. However, that part of the argu
ment i s i rrel eva nt
.
Why? Because Ba rnes and
Nobl e uses NCR for thei r POS system, much l i ke
my own pl ace of empl oyment. They use a database
system for a l l UPC prcess l ng. Ours l S cal l ed Un i ty.
The process is a s i mpl e grab and r un type system.
Empl oyee sca ns the ba rcode, t he system checks
the UPC i n the dat abase and di s pl ays the pri ce.
( Because NCR a l l ows you to cha nge the pr i ce on
every s i ngl e UPC i n exi stence, pri ce embeddi ng i s
usel ess . )
I n some cases as i t i s wi t h Ba rnes and Nobl e
and the f l uct uat i ng pr i ce of magazi nes, NCR gi ves
a ni ce l i tt l e opt i on t o prompt for pri ce ( i . e. , manu
a l l y enter i ng the pr i ce) . And such i s the way of the
NCR system, Ba rnes and Nobl e, and many other
pl aces.
John
| have since leared (through another
reader) that we were mistakf'f l in our belief that
the price was embedded in the l/C. Our only
concer comes from those inst ances where the
UPC is not entered (either manually or by scan
ning) and the resulting non-counted issues are
billed back to us. So (ar only Bares and Noble
has this policy of charging publishers for "missin
issues and we hope to see an end put to It as It 5
horribly unfair to those of us who have no control
over how many issues get lost, shoplifted, or
pilfered by employees.
Dear 2600:
I wanted to l et you know that, wi th sal es tax,
one i ssue of you r magazi ne now comes to $6. 66
where I l i ve.
Thank you.
Trol l axor
Whatever we can do to add a little joy to life.
Dear 2600:
I n 24: 2, Raven wri tes that he purchased
2600 at Borders i n West Lebanon, New Hamp
s hi re, and the magazi ne di dn' t scan correct l y. I
have purchased the l ast two i ssues at Barnes
nd
Nobl e i n Manchester and each t i me the magazi lle
scanned correctl y. And wi t h my member card, I not
onl y get 1 0 percent off, I have the sati sfacti on of
l[
0 +
knowi ng that the government knows I ' m i ntel l i gent
and dangernus.
I woul d al so l i ke t o note that whi l e t hi s Barnes
and Nobl e was several days l ate i n gett i ng the i ssue
to the stands, they al ways have had i t di spl ayed
promi nent l y.
Mi chael
Encryption
Dear 2600:
From the auto- responder for art i cl e submi ssi ons
at articles @ 2 6 0 0 . com:
" We don ' t recommend sending /'C/
encrypted articles as we frequently have prob
lems with people using the wrong keys and/or an
incompatible version. If it doesn ' t work right away,
we discard it and move on to the next submis
sion. Since your article may be appearing in the
magazine anyway, encryption isn ' t a necessity. If
you want to be anonymous, we suggest using an
anonymous remailer ill/ead. "
I t ' s bad enough that fi nanci al i nst i t ut i ons,
government agenci es, doctors, l awyers, and nearl y
everyone el se who shou l d be usi ng PCP does n' t.
But for a hacker magazi ne, and not j ust any ol d
hacker magazi ne but The Hacker Quarterly to
di scourage i ts use is j ust pl ai n shamefu l .
Rather t han di scouragi ng i ts use whol esal e and
offer i ng a bunch of l ame excuses, hel p ensure that
i t' s used correctl y:
" We frequently have problems with people
using the wrong keys. " Publ i s h the key fi ngerpri nt( s)
i n the magazi ne.
" We frequently have problems with people
using. . an incompatible version. " What versi on
are you us i ng? Ment i on that al ong wi t h the key
fi ngerpr i nt.
"Since your article may be appearing in the
magazine anyway encryption isn ' t a necessity. "
Let ' s assume that your ema i l and mi ne are both
bei ng moni tored. I t ' s ent i r el y poss i bl e that one
woul dn' t want the art i cl e to be known to any thi rd
parti es unt i l i t ' s publ i shed.
" If you want t o be anonymous, we suggest using
an anonymous remailer instead. " That does n' t sol ve
the probl em of submi tt i ng an art i cl e pseudonony
mousl y, and sti l l cl ai mi ng the swag. Encrypt i on
does sol ve that probl em ( t o a degree) .
As hackers we shoul d be us i ng ( and encour
agi ng the use of) PCP. Thi s is a techn i cal i ssue, a
soci al i ssue, a human r i ghts i ssue, an i deol ogi cal
i ssue, and a very real pol i t i cal i ssue.
Atom Smasher
762A 3B98 A3C3 96C9 C6B7
582A B88D 52E4 D9F5 7808
to remain off the radar. It doesn 't matter if you
know which version we happen to be using at the
moment. This will still happen. And even if there
are no issues at all, if you go and send us a nice
juicy article that happens to be encrypted from
your whitehouse. gov account, there will still be
a record of the fact that you sent us the email
in (he first place which is more than enough to
make your superiors suspicious. PCP solves some
problems when used properly but not all. But the
real issue is that until our grandmothers can use it
easily, it' not cnough. After all, how many people
who don 't read this magazine would even know
the purpose of the second line of your signature?
Until we build a system that everyone can use, we
will continue to see most people use it improp
erly And that, unfortunately, is just something we
don 't have the time to resolve. The priority in this
case is to receive the articles as quickly and effi
ciently as possible. Our key is published at http: //
www2600. com/magazine/2600pubkey. txt and
we do decrypt articles that are properly encrypted
to it. But, as mentioned, when it doesn 't work
we have to simply move on to the next one due
to time constraints. So if you know what you're
dOing, great. If not, your submissions will be lost.
And, as mentioned, most pcop/e will fall into the
latter category.
Dear 2600:
The noti on that crypto can stop an i nvesti ga
t i on pendi ng agai nst you i s absurd. I t's cal l ed a
subpoena. If your di s k is encrypted and they can ' t
crack i t, they can get a subpoena from t he j udge
requi r i ng you to tel l them how to decrypt i t. I f you
don ' t compl y wi th the subpoena, you go to j ai l for
contempt of court and stay there unt i l ei t her a) you
tel l them what they want to know, or b) the j udge
deci des you ' ve l earned your l esson. So, un l ess the
cr i mes you ' re bei ng i nvesti gated for are extremely
ser i ous ( i . e. , you ' d be faci ng ten years or extradi
t i on t o a cou nt ry wi t h a l ess t han sterl i ng humani
tar i an record), i t probabl y i s n' t worth your whi l e to
try to buck the system.
SodaPhish
l always worth your while to try and hold
on to as much privacy as you can. The notion that
only important stuf should be protected defeats
the entire purpose of protecting your privacy.
Everyone has their own limits but that doesn 't
mean you have to make it easy for them. For
example, just how much can you be prosecuted if
you've actually forgotten your password?
Questions
We honestly don 't disagree with any of your
Dear 2600:
points. But the fact remains that the system just
Thought I ' d wri te to see i f anyone cou l d wei gh
isn 't simple and intuitive enough for a lot of
i n on whether or not thi s i s even possi bl e. I was
people out there. We don 't have the time for all
dr i vi ng to work one day l i sten i ng to the South
of the hand holding that would be needed to
Fl or i da publ i c radi o stati on (WXEL) when I came to
resolve the problen
1
s. People continue to send
a traffi c l i ght compl ete wi th overhead power l i nes,
us PCP mail from keys that we haven 't used in
etc. The radi o si gnal started to get weak ( heard a l ot
years, despite the existence of a current one on
of stati c) , then I heard tal k i ng agai n over the stat i c.
our website. The mere fact that (here are version
As I l i stened, I real i zed it was Howard Stern ' s show.
incompatibilities necessitates all kinds of back
It took me a second before it hi t me that Howard' s
and forth unencrypted correspondence which is
now on satel l i te radi o. I t happened one more t i me
usually tllf las( thing people want if they're trying
at another traffi c l i ght before I ar r i ved at work. I
l
[
0 +Z
Z%
[
ZH0
am 1 00 percent posi t i ve it was Stern ' s show but
how can satel l i te and radi o si gnal s somehow cross?
My brother bel i eves I s i mpl y thought I was hear i ng
someth i ng el se, but I ' m posi t i ve. If anyone knows
whether t hi s coul d be possi bl e i n any way, l et me
know.
dl uvaisha
You'd be surprised how many times this exact
scenario has played out. What ' happening (and
what increased dramatically since Howard Stern
moved to the Sirius satellite system) is that people
are using converters to allow the satellite signal
to be heard on their regular car radios. So they
receive the audio from the satellite and then
retransmit it on what is supposed to be a vacant
FM frequency Some of these devices overdo i t a
bit though. Not only do they transmit well beyond
the immediate vicinity (which should only cover
one's car) but they even interfere with existing
stations, particularly those on dd. l FM (the
default setting on most of these devices) . Other
radios tend to get overpowered when they're right
next to an offender, usually at trafic lights.
Dear 2600:
I recent l y pul l ed off a CPS tracki ng devi ce from
the rear bumper of my car. Due to past experi ences
wi th the FBI , I fi gured they i nstal l ed i t and I had
my attorney cal l the l ocal fi el d offi ce. The Feds
were not onl y respons i bl e but they wanted t hei r
very expensi ve pi ece of equ i pment back. Needl ess
to say, I ' m keepi ng i t. We a l l know i t wou l d end
up on someone el se' s bumper and, l i ke me, t hei r
every move wi l l be tracked for who knows how
l ong. Asi de from some scr i bbl ed numbers, there
are no manufactur i ng i dent i fi ers on the devi ce.
The battery pack uses Saft batteri es (w. saftbat
-teries . COR . Al l sect i ons are backed wi th strong
magnets.
Thank you for focus i ng attent i on on the state
of repressi on in t hi s country; i t ' s i mportant that
peopl e know. The vi ct i ms of thi s sort of t hi ng have
few, i f any, opti ons for stoppi ng i t. For those who
send i n l etters argu i ng that the probl em i s bei ng
overbl own, I ' d chal l enge them t o trade pl aces wi t h
me for a day. I ' m s ure they' d l ove the unmarked
veh i cl es, break- i ns, and rai ds. These are rea l i
t i es I deal wi t h despi te no charges or convi ct i ons.
I f peopl e wal k the l i ne i n t hi s country and never
questi on anyt hi ng, then yes, they wi l l probabl y l i ve
a total l y predi ctabl e l i fe. But I thi n k most i n t hi s
communi ly lend the other way, whi ch means i t
won ' t be l ong unt i l they' re pu l l i ng one of these off
of t hei r bumper too.
El ana
h i m a few tri cks i n Wi ndows wi th Tweak UI but he
tol d me never to use hi s computer agai n. He even
made fun of me for not knowi ng L i nux and own i ng
a Mac.
Thanks for any i nformati on you can gi ve me
about soci al engi neeri ng t hi s guy!
.
Haroon the Hacker
If you can 't become a hacker by pestering
a big, fat, bearded slob of a bar owner into
teaching you the tools of the trade, there really
isn 't anything left that we can think of We can 't
imagine what you'rE doing wrong; that approach
usually works.
Dear 2600:
I ' m from Serbi a, Europe ( al most) and I was
wonder i ng i f you ' rE mayhE i nterested i n di stri b
ut i ng 2600 Magazine al ong wi t h t-sh i rts, sweat
s hi rts etc. on the Serbi an market, whi ch by the
way i s not bi g but I th i nk your mater i al wi l l be
more than wel come here. Of course, there i s al so
a nei ghbori ng market ( Bosni a, Croati a, Sl oven i a,
Macedoni a) . We can cover al l of t hese for you.
Zoran
Novi Sad
We can offer bulk discounts on stuf we ship
from here and if there was enough interest in actu
ally originating the material over there (printing
shirts, etc. ), we could work with you on that. Send
us email or postal mail with as many particulars as
possible and we'll sec what 's possible.
Dear 2600:
I fi na l l y got around to watchi ng feedom Down
time. I t i s an eye-opener for s ure ( as wel l as qu i te
comi cal ) . I n fact, I l i ke i t so much that I wou l d l i ke
to make it vi ewabl e/downl oadabl e on my server
al ong wi th a bunch of other i nfo about Kevi n.
So bei ng a subscr i ber and knowi ng that you
guys sel l i t on l i ne wh i l e al so havi ng the greatest
respect for the 2600 i nsti tuti on that you guys have
bui l l up from scrat ch over the past 25 or so years, I
wou l d l i ke to know whether or not I have permi s
si on to pl ace i t on my server for vi ewi ng/down l oads.
I f i t affects you r dec i si on, the copy that I have i s a
reduced qual i ty versi on that I got off of a torrent,
and, obvi ousl y, I don ' t i ntend to make or charge
any money whatsoever off of the down l oads.
Th i s may seem l i ke a r i di cu l ous request to
outsi ders, but over the years I have seen that 2600
does al l ow free di st r i but i on, on occas i on, of i tems
such as the radi o programs and audi o for confer
ences as l ong as i t is di st ri buted for free. So I woul d
j ust l i ke a l i ttl e fri endl y cl ar i fi cati on.
Whi l e I am at i t , what i s your pol i cy on scanned
( PDF, etc. ) versi ons of your magazi nes? I move
Dear 2600: around a l ot and have l ost qui te a few of my 2600's
A l ocal bar owner I know uses UNI X and has a over the years so I have begun to di gi t i ze them i n
l ong beard a n d wears t hi ck gl asses. He i s al so very order to avoi d any future l oss. Am I al l owed to have
fat. When he gets dr unk he tal ks about the good ol d t hem on di spl ay on my server or even downl oad-
days of Commodore bul l et i n boards and fl at data- abl e? I haven' t seen a l etter i n any of my i ssues
bases. Addi t i onal l y hi s bar i s qui te fi l thy. Therefore regardi ng your opi n i on or, rather, decree on how
I bel i eve he is a hacker. t i ght you guys hol d onto copyr i ght and i ntel l ec-
I real l y need to become a hacker and t hi s man tual property r i ghts/l aws on your warez. Perhaps i f
i s my onl y hope. My questi on i s how do I approach you guys respond to me you can cl ar i fy t hi s for the
h i m about mentor i ng me? I keep showi ng up at hi s communi ty.
bar but he gets dr unk and yel l s at me for l oi teri ng. By the way, l ove the new magazi ne format,
Someti mes he fal l s asl eep. One t i me I tri ed to show especi al l y s i nce your puhl i sher has l earned how
ulumH Zl
[
0 +J
to do t hei r j ob and cure the cover i nk proper l y.
Al t hough it does show wear and tear much sooner
t han the ol d versi on, I fi nd that I have i nadvertent l y
stumbl ed upon a new 2600 tradi t i on of deter
mi n i ng the worth of an i ssue by how worn out i t
has become'
Pha |_Saph
The radio shows, conference material, and
"Freedom [owntime" are all permitted to he
redistributed as long as they're not resold or edited
in any way. We hope that people will continue to
huy the original material from us as well SC we
Cdn do future projects. Since the magazine is
what keeps us in existence, we don't want i t rpdis
trihuted in the printed format as that i s a direct
copy of what we sell. We don 't have a problem
with the article text being redistrihuted bUI lhe
entire contents of the magazine, layout and all,
is a different mailer. ThaI :, our backbone and if
we lose it, we loS the whole thing. It', espfcially
important in our caS since we are / || percent
supported hy our reaclers and not hy adverliscrs.
Ucar 2b00:
Ci ven that therr' a rC no gu,Ha ntees i n l i fe
anyways, what wou l d you Si'y to d cur i oLs one who
wonci ers ,1 pproxi matel y wh,' n the cl'adl i m' is io,
l etters to t lw edi tor for the next i ssue! Th1 ks !
Omi d
We would ,ay that you {ade the dea(/line.
t: )ngr.1 1 (!lat ions.
|n0|/.:
and tol d me to wr i te to the peopl e in Wash i ngton,
sendi ng them copi es of my rel ease l etter and j udi
ci al order and that shou l d cl ear t hi ngs up. Th i s I
prompt l y di d vi a FedEx, whi ch they recei ved on
Apr i l 2 nd. The response I eventual l y recei ved from
them at the end of May was that they had nothi ng
i n thei r fi l es on me and were doi ng t hi s t o me
because t he F l or i da Department of Law Enforce
ment had an i ssue wi th me, that i s, they pl aced me
on the sex offender regi stry.
Over a l ong weekend here in the country
where I work, I went back to Pennsyl vani a to hel p
my mother move i nto a sen i or ci t i zens ' commun i ty.
When I l anded i n Mi ami , the I mmi grati on peopl e
di d t he s ame t hi ng t o me, except t hi s t i me they
had " I CE agents" confi scate my l aptop and USB
memory st i ck. I protested and asked why t hi s was
happeni ng. An agent asked me what I had gone to
pr i son for. I tol d h i m and was i nformed "that ' s why. "
They used a customs form to l i st what they took but
never compl etel y f i l l ed i t (ut , such as the reason
for confi scati on, etc. I was tol d by the agent that
t hei r for ensi c peopl e wou l d l ook at i t the next day
dnd i t wou l d be fi ni shed by then and I cou l d get i t
back when I returned t hrough Mi ami . The next day
I cal l ed hi m to f i nd out the stat us of the l aptop and
he tol d me the for ens i cs guys had pi cked i t up l ate
and i t wou l d not be ready that day. He al so tol d me
that he had to l eave for four days and that I needed
to stdY i n touch wi th hi s partner. I spoke wi th hi s
partner over t he next few days as ki ng about the
stat us of the l aptop. He kept tel l i ng me thit every
t h i ng was fi ne, but there were some encrypted
fi l es on there and he asked i f t hey cou l d have the
Ucar2b00:
passwords. I t ol d hi m no, t hey cou l d not have the
I am c\ Un i ted St dt es ci t i zc'n ,md current l y work
passwords, s i nce one was t he UN' s mai l fi l e and
' o t l)(' Un i ted N,i ons i n Hai t i . | wou l d l i ke you r
t i l ot her I di dn ' t l'ven remember .myrore. On
opi ni on on whdt i s happen i ng t o me.
Monday the 21 st of M,Y. I spoke wi th hi m agai n
I n ''7 I WeS au Lsl,d ( fcl scl v, I assert) and
and he s,l i d he wou l d meet me as I depl a ned to
convi ct ed ( fraudu l ent l y, I assert) recei pt and
return the I ,lptop. When I ar r i ved i n Mi ami on
possess i on of c h i l d pornography. My l i fe h,l S tLl red
ruesday, he di d i ndeed meet me a t the pl ane, but
I I l l o hl' l l . | recei ved O mont h sentCncc ;l Il d
wi t h a nother agent and no l aptop. He apol ogi zed
served 42 mont hs (one th i rd i n sol i tary l ockdown) .
t hat he di d not get back to me but sai d they coul d
I t W,l S i mposs i bl e to get a job and as D grown lIl an
not rel lase the l aptop wi t hout get t i ng i nt o Ihose
I had to l i ve wi t h my mother. Th i ngs fi nal l y beg,l
encrypt ed f i l es. I asked hi m whi ch f i l es he was
to cha nge i n earl y 20()4, two and a hal f yCars after
ta l k i ng about ,md he ;l gai n apol ogi zed that he was
bei ng rel eased. After I H months of wor k i ng for a
not very fami l i ar wi th computers.
company i n I.as Vegas and then for a contractor
The femal e agent asked me some quest i ons l i ke
i n the Mar i ani I s l ands, I fi nal l y started wi t h my
where I bought the l aptop, when I bought it, etc,
present empl oyer, the Un i ted Nat i ons Department
and then they took my ema i l address, promi s i ng to
of Peacekeepi ng Operat i ons.
l et me know whi ch fi l es they needed i nfo for. To
My probl em i s t hat every t i me I enter the
date I h;we not heard from them and I sti l l don ' t
Un i ted States, I am harassed by t he I mmi grat i on
know whi ch fi l es t hey want passwords for. I n truth,
and Customs peopl e. I am pul l ed off i nto a sepa-
I may not know the passwords anymore, and I defi -
rate room wi t h i mmi grants, etc. , and forced to wai t
ni tel y cannot know unti | they can tel l me exactl y
anywhere from mi nutes t o fou r hours ( they
what they are tal ki ng about. One of the agents
have caused me to mi ss two f l i ghts) , and then my
took great care to state that one of the fi l es they
baggage i s ransacked. Th i s has occur red every t i me
were i nterested i n was "accessed" two days before I
I enter the U. S. , even when en route to another UN
arr i ved i n the U. s . I asked h i m i f i t was successfu l l y
assi gnment . I travel wi t h a Uni ted Nat i ons Lai ssez-
accessed but he di d not repl y.
Passer, whi ch is a type of passport for offi ci al busi -
I compl etel y san i t i zed the computer before I
ness as wel l as my regu l ar '. b. passport.
came to tbe U. s. i n case any traces of any ki nd of
At the end of March of t hi s year the exact same
quest i onabl e mater i al mi ght sti l l be on there. The
probl em happened to me. I got a l i ttl e upset at
agents repeatedl y stated that everyth i ng was OK
the offi cer at I mmi grat i on, who fi nal l y expl ai ned
but for the encrypted fi l es. I do not feel I shou l d
t o me t hat my probl ems were happeni ng because
have to gi ve the government my passwords and I
t hei r computer system showed that I was sti l l under
feel they shoul d ret ur n the l aptop to me s i nce i t
federal sUJervi sed rel ease! He gave me a fact sheet
di d not even enter the count ry, but was taken i n
l
[
0 ++
Z%
[
ZH0
customs.
I th i nk t hi s whol e th i ng was done wrong, and
after al l t hat has happened to me I must say that
I am now compl etel y terri fi ed to enter the '. b.
The UN routes most of i t s assi gnments t hrough
the U. S. , and i f I keep gett i ng del ayed by customs
wh i l e j ust en route to another overseas assi gnment,
thi s nonsense cou l d eventual l y cost me my j ob.
The l aptop i s my personal property. However,
I use it mostl y for my work as a broadcast engi
neer for the UN. The agents repeatedl y asked me
thi s and I repeatedl y tol d them that i t was used
for work, but t hi s di dn' t seem to s i nk i n . Th i s has
caused me to l ose most of my project work for the
country where I am stat i oned as wel l as my ema i l
arch i ves, a n d has set me back consi derabl y.
Havi ng tol d you a l l t hi s, I am wonder i ng if there
i s anythi ng you th i nk can be done and what my
opt i ons are. I do not want to gi ve up my passwords.
There i s noth i ng i n the encrypted fi l es except empty
fol ders. I purposel y created the encrypted stuff j ust
to gi ve them fits i f they ever confi scated my l aptop
and i t seems to be doi ng the tri ck. Th i s i s a matter
of pr i nci pl e and harassment. I am ti red of bei ng
harassed by the government and I wou l d l i ke t o get
somet hi ng done about th i s.
Te I nvi si bl e Man
Whatever crime it was that you were convicted
of (falsely or not - that simply doesn 't matter once
you're convicted), you've served your sentence
and you've been released. What you're experi
encing here is pure harassment at the hands of
law enforcement and they can get away with it
because of the current hysteria in our country
regarding anything even remotely linked to child
pornography. So don't expect much in the way of
public sympathy. That doesn 't mean you shouldn't
fight this at every step. If you are indeed listed
as a sex offender then you must acquaint your
self with what law enforcement can legally do to
you - locally and federally. Unless there is specific
suspicion of a crime, you cannot be compelled
to hand over encrypted files. In fact, your entire
computer should be pass worded and off limits
to them. A decent lawyer would obViously know
more about this and it certainly sounds as if having
one would benefit you. While fighting this battle,
make sure you have a means of getting access to
your work even if they hold onto your laptop. You
can store critical files remotely and gain access to
them from a different machine if necessary. This
is good advice for anyone traveling in case of a
hardware failure or theft. The thing to remember
is that our legal system is currently set up so that
offenders "re-offend. " They want you t o fail and to
go back into the system. Ask anyone on probation
or supervised release.
where money came from and whether there was an
anal ogy in h i story.
Let's say I ' m a caveman and I l i ve i n a commu
n i ty of cavemen. I have spent the whol e day gath
eri ng berri es. L i kewi se wi th my two fri ends, one
of them spent al l day ki l l i ng an ani mal , and the
other spent al l day start i ng a fi re. Now I wou l d l i ke
some meat and a fi re to cook that meat on i n order
to have a wel l ba l anced di et. I trade some of my
berri es wi th the fri end who has meat and t he fri end
who has fi re. Now i f the fri end who has fi re sai d I
am onl y al l owed to cook one pi ece of meat usi ng
t he f i r e he traded me because that's al l the fi re
l i cense al l ows, I woul d be pretty upset. Hopefu l l y
the fi re wi l l l ast me the ent i re ni ght unt i l a l l of my
meat is cooked.
Fast forward to present day. For most peopl e,
havi ng a home PC equ i pped wi th an OS is not
necessary for s urvi val - un l ess you happen to make
your l i vel i hood off of your computer. I n any case,
a si ngl e user l i cense for a pi ece of software does n' t
make sense t o me. I pai d for t hi s CD and I i ntend
to use thi s CD any way I see fi t. I used money to
acqu i re phys i cal property. Now someone mi ght
say, why not j ust use software under the GPL l i ke
Debi an? Back when I fi rst was purchas i ng software,
i nsta l l i ng and us i ng that type of software was the
equ i val ent of l ayi ng my meat on some rocks and
l etti ng the sun cook t hem ( as i n i t woul d t ake a
real l y l ong t i me) . I wanted someth i ng that worked
ri ght away and fast. Now my opi n i ons have changed
and I wou l d l i ke to get to know my OS better, so
I use Debi an where I don ' t have to worry about
breaki ng the l aw for us i ng a pi ece of physi cal prop
erty I bought. I ' m not tryi ng to advert i se for Debi an
i f that's what i t l ooks l i ke. I am s i mpl y sayi ng t hat I
hate restri cti ve software l i censes and the restri cti ve
software l i censes themsel ves shou l d be outl awed.
carbide
Gratitude
Dear 2600:
I have been a l i feti me subscr i ber to 2600 si nce
1 998. Si nce that ti me I have moved l ocati ons more
t han ten t i mes ( comes wi th the l i fe) . Several ti mes I
went wi thout my subscri pti on for a year. Neverthe
l ess the staff at 2600 al ways sent me my back i ssues
and has vi gi l ant l y fol l owed my mai l forwardi ng
requests every step of t he way. Thanks, 2600, best
$260 I ever spent, seri ousl y.
( Thi s l etter not endorsed or prompted by 2600
i n any way. )
Jane Doe
Observations
Dear 2600:
Dear 2600:
Oh my God.
To start off thi s story, l et's make a few defi ni - Okay. I was j ust post i ng a bul l et i n on MySpace
ti ons. Berri es wi l l mean money. Meat wi l l mean about some pol i t i cal stuf and I added a l i n k at the
a Pc. And fi re wi l l mean the operat i ng system. bottom. Wel l , I was revi ewi ng i t j ust before I posted
The probl em I have wi th some software l i censes it and I noti ced that the l i n k had changed l i ke t hi s:
i s t hat i f you go out and buy a box wi th software ww. awebsite . com/ aspecifclocation/in
i n i t usi ng your hard-earned cas h and you have
-dex . html
two computers at home, in most cases you are
to
onl y al l owed to i nsta l l it on one computer. Thi s
ww. msplinks . com/ aksh3 2 7 hklsdf 0 9 s
not maki ng sense t o me a t a l l compel l ed me to ask
-8 7 7 shdklfha0 9 3 9u9u0 2 3 4 2 8 3hsdkfj
ulumH 2l
[
0 +
Anyway, it t ur ns out that mspl i n ks is servec on
MySpace' s nameservers and, the company t hat ' s
i n charge of mspl i n ks i s a company cal l ec Mark
Mon i tor ( sl ogan: " Maki ng the I nternet Safe for Bus i
ness" ) . I di d a whoi s l ookup on mspl i n ks and here' s
what I got:
MySpace, Inc. ,
Oomain Name: msplinks. com
Administrative Contact: Fox Croup Legal lntel
lectual Property Oept.
Yeah, t hat ' s ri ght. Fox Group Legal I ntel l ectual
Property Dept.
.
Wel l , th is most likely means one t hi ng: MySpace
i s i n affi l i at i on wi t h Fox and i ts l awyers to track i ts
users to see i f they' re post i ng any i ntel l ect ual prop
erty of Fox (Family Cuy etc. ) . Thi s i s probabl y due
to pressu re on MySpace by Fox to come up wi th a
"sol ut i on" that works for everyone.
The mspl i n ks i s added after you take your
bul l et i n from the edi t i ng stage to the previ ewi ng
stage and the l ong str i ng after the . com/ is most
l i kel y associ ated wi th the upl oadi ng user i n a cata
base that Fox has i ts hands all over.
1 . I was never tol d of th i s by myspace. com
and l i kel y wou l d never have found out i f I hadn' t
happened t o noti ce i t.
2. Does Fox have any other i nformat i on about
me besi des bei ng abl e to i denti fy me as a uni que
us er on MySpace?
3. WTF?
Anyway, I hope thi s hel ps. I f you are concernec,
pl ease feel free to ema i l MySpace. I ' m s ure t hat they
woul d love to hear everyone bi tchi ng about i t.
Rev. Troy (Subgeni us)
This is definitely something to be concerned
about but it' hardly earth-shattering. MySpace
was bought by Rupert Murdoch: News Corpora
tion (parent of Fox) way back in luly of 200'.
Dear 2600:
My nei ghbor ' S burgl ar al ar m went off t hi s
mor n i ng and after i t kept goi ng for a whi l e I wal ked
around t hei r house to see if anybody was goi ng to
do somet hi ng about i t. Apparent l y my nei ghbors
weren' t home because there was no si gn of l i fe,
but they had several " Protected by Br i nks" si gns
on the l iwn. So I cal l ed Br i nks to see what they
had to say. After navi gat i ng thei r automated phone
system to get to an operator I was asked to enter
the phone number of the l ocati on where the al arm
i s i nstal l ed. Si nce I di dn' t know my nei ghbor ' S
phone number I had to ent er " #" several t i mes t o
get t hrough to a person. I expl ai ned to the Br i nks
representati ve t hat my nei ghbor ' S al arm was goi ng
off. When they asked me for my nei ghbor ' S phone
number I expl ai ned that I di dn' t know i t but I
gave them my nei ghhor ' s address. After checki ng
t hei r records they happi l y i nformed me, " Oh, t hat
address i s n' t moni torec. " Ni ce! What if I had been
a bur gl ar casi ng the nei ghborhood to fi nd unmoni
tored al arm systems? I t wou l dn' t t ake a geni us to
soci al engi neer these i di ots who are a l l too eager to
tel l you whi ch addresses are moni tored and whi ch
aren ' t .
Arcade One
Dear 2600:
other day and was havi ng troubl e gett i ng some
fl owers to r i ng up. The associ ate had to come over
and manual l y enter the pri ce. Whi l e he was doi ng
t hat I noti ced t hat t he fl ora l code f or manual l y
enter i ng a pri ce i s "2 600. " J ust thought you guys
woul d l i ke to know. Keep up the good work!
Jason
Flowers. How nice.
Dear 2600:
I recent l y j oi ned the Li bertar i an Party and
noti ced the address for the Li bertar i an headquar
ters i s: 2 600 Vi rgi ni a Avenue NW, Sui te 200, Wash
i ngton DC 2001 7. I s ?00 fi nal l y i nfl uenci ng the
pol i t i cal parti es?
Matthew
It might also be interesting to note that this
is the address of the Watergate Hotel, the only
building ever to take down a president. But we're
going to continue to say that we named ourselves
after the frequency since that 's far less suspicious.
Dear 2600:
I wanted to share an experi ence that I j ust had
i n a l ocal Borders Books. I went i nto the store
l ooki ng for the new Summer 2 007 i ssue. Mi nd you,
t hi s i s the fou rth consecuti ve week I ' ve gone i nto
the store searchi ng for what I consi der to be the
Hol y Gra i l of computi ng, and I ' ve yet to get i t. I
guess when I fi nal l y do get my hands on the new
i ssue, i t wi l l be that much better. I di gress. So, as I
was standi ng there at t he magazi ne rack hopel ess
l ooki ng for 24: 2, I saw a boy of no more than ten
t humbi ng t hrough a Macworld magazi ne. I thought
back to when I was that age ( I ' m now 2 1 ) , and how
I woul d have k i l l ed to even have heard of ?00. I
found an ol d i ssue on the shel f ( 24: I ) , handed it to
h i m, and sai d, " I f you real l y want to expand your
mi nd about computi ng, read t hi s . It wi l l change
your l i fe. I ' ve been readi ng i t for three years now
and i t's the greatest magazi ne ever. " He s mi l ed at
me and sai d, " Ni ce s hi rt . " I l ooked down and real
i zed t hat I was wear i ng an Appl e t-s hi rt. You know,
the one wi t h the retro l ogo. He then l ooked to hi s
grandfather who was beh i nd h i m. The grandfather
s mi l ed at me and asked hi s grandson i f he wanted
the magazi ne. The grandson nodded hi s head yes
and off I went. I can' t hel p but t hi nk that I j ust woke
someone up from a s l eep and offered them the red
pi l l . Hopeful l y that wi l l not be the l ast i ssue that
he reads. Thanks aga i n for gi vi ng me a for um to
expand my mi nd and consci ousness.
Fiat justi ti a ruat cael ur.
Cyphertrex
Let: hope he wasn't too traumatized. Or
freaked out if he sees this letter.
Dear 2600:
I n response to S. Pi dgorny's comments about
the Austral i an E l ectoral System ( 24: 2) , peopl e who
don ' t vote are fi ned, but i f the person enrol l s to vote
agai n that fi ne wi l l be voi d. So one cou l d refuse to
vote and after bei ng fi ned j ust re-enrol l .
I n t h e case of vote theft, i t i s i mposs i bl e to
di scard the fraudu l ent vote s i nce the E l ectoral
Commi ssi on does n' t know who cast whi ch vote
s i nce i t ' s anonymous. I am unaware what acti on i s
I was us i ng the s el f checkout at Al bertson' s the
l
[
0 +
Z%
[
ZH0
taken i n t hi s case.
I t i s poss i bl e to cast mu l t i pl e votes as one person
or a group of peopl e wi thout the need to assume a
real person' s i denti ty t hough. I had a fri end whose
l i festyl e was extremel y nomadi c, mostl y because
he wanted to be harder to fi nd. When he enrol l ed
to vote, i nstead of submi tt i ng a " change of address"
form, he wou l d submi t a " new enrol l ment" for m.
Thi s l ed to hi m bei ng counted as a new person
every ti me and he ended up wi t h 22 "versi ons" of
h i msel f on the el ectoral rol l , a l l val i d and a l l wi th
the abi l i ty to vote.
Us i ng t hi s method to " r i g" an el ect i on wou l d be
qu i te di ffi cul t, especi al l y a federal one. But i t defi
n i tel y cou l d be used to hel p a candi date wi n a seat.
The Aust ral i an E l ectoral System can be expl oi ted
but fort unatel y (or unfortunatel y) not enough
peopl e care about pol i t i cs to expl oi t i t.
aci di e
Dear 2600:
Phi l l i p Torrone had a good pi ece i n " Hacker
Perspecti ve" back i n the Wi nter 2 006-2007 i ssue
whi ch made me thi n k about a l ot of t hi ngs. Thi ngs
future, present, and past and how much t he hacker
worl d or communi ty has changed over the years.
I real l y enj oyed Mr. Torrone' s art i cl e and that i s
what prompted me to fi nal l y wr i te i nto 2600 after
20 somethi ng years of readi ng it (yeah, I ' m an ol d
s kool 2600 reader) .
I count mysel f l ucky to have been i nto hacki ng,
phreaki ng, cracki ng, etc. back i n the heyday
of the ear l y to mi d 1 980s. I know i t was not the
begi nni ng - some anci ent Greek phi l osopher and
Captai n Cr unch beat us al l to the punch i n terms
of creat i ng hacki nglphreaki ng - but that magi cal
per i od smack i n the mi ddl e of the 80s was defi
n i tel y a hacker's paradi se. The l ong shot of i t i s that
a l ot of ki ds l earned a l ot of t hi ngs that they other
wi se woul d have never been exposed to. And sure,
some of the stuff we di d was wrong. I t happens. We
were young, dumb, and fu l l of cur i osi ty. But the
bi g l esson of our hacki ng youth was not so much
how a Ni x machi ne works, or how to patch home
grown code i nto a BBS program, or how the phone
network worked so we coul d wake some poor
J apanese woman up i n the mi ddl e of t he n i ght. The
bi g l esson was that i nformati on i s rea l l y powerfu l .
I nformati on i s s o powerfu l that on e k i d I grew
up wi th went to j ai l for i t. Yeah, we were mucki ng
about on a sensi t i ve gover nment system. We
admi tted that and we real i zed we were wrong.
After al l , curi os i ty k i l l ed the cat. But the focus was
not on thei r securi ty l apse, or our abi l i ty to get i nto
a system that a one-fi ngered bl i nd, deaf, and dumb
man coul d type hi s way i nto. Our l esson was that
we had pr i ntouts wal l paper i ng everyone' s bedroom
that contai ned i nformati on, and that thi s i nforma
t i on was power, and those i n power di d not want
us to have that i nformat i on. After a l l , t here were
vi rtual l y no hacki ng l aws at the ti me and as far
as phreaki ng we were l ooki ng at some charges of
theft. OK, fai r enough, everyone accepted that. So
why the strange focus on the i nformati on and not
so much on the l oss of phone company revenue?
Wel l , computers and tech nol ogy have changed
a l ot s i nce those days and so have the l aws. But I ' m
not s o s ure i f the l esson has. I sti l l bel i eve, more
than ever, that the real threat to "them" i s that
others have a des i re to know t hi ngs that they do
not want them to know. They are the gatekeepers
and we are the mi ndl ess sheep, I suppose. I real l y
do not know what t he reasoni ng i s except t o say
that the obvi ous answer i s power of some type.
Wel l , my publ i c educati on taught me that
peopl e s houl d cooperate and share i nformati on
freel y so t hat we can a l l benefi t, l ear n, and bui l d
upon i t for a better wor l d for a l l of us. Th i s cou l d
not be more of a l i e i f they t r i ed. Everyth i ng I was
taught was r ubbi s h. What they rea l l y meant to say,
as best as I can fi gure out, was that t he i nforma
t i on they want you to know shou l d be spread and
shared whi l st other i nformati on you s houl d not
even bother aski ng about and never shou l d you go
l ooki ng for i t on you r own accord. Because t hat i s
t he l esson we a l l l earned back then and i t seems
that i s sti l l the l esson we are l ear ni ng.
I supposed I gravi tated toward the hacki ng
subcul t ure ( can we cal l i t t hat ? ) because i n those
days the whol e envi ronment was to hel p newbi es.
I f you wanted to know somethi ng al l you had to
do was ask someone and they woul d di rect you
to the proper text phi l e, message board ( BBS), or
personal l y teach you themsel ves. I nformati on
fl oated around freel y ( provi ded you were part of
the group, whi ch i s i roni c I real i ze, but that was
for safety reasons from them busti ng everyone)
and i t was wonderfu l because you cou l d know
how t hi ngs worked and why they worked the
way they di d. You were no l onger i n thi s mi ndl ess
wor l d where t hi ngs j ust magi cal l y worked; you had
understandi ng of t hei r wor ki ng.
Now we have far better technol ogy and a way
smarter generat i on of hackers. The young hackers
of today are absol utel y bri l l i ant and t hey keep
that spi r i t a l i ve and goi ng, hel pi ng to c i rcumvent
oppressi ve technol ogi es, hel pi ng to spread i nfor
mati on to l i berate peopl e and feed t hei r want i ng
t o understand. And I hope t hi s tradi t i on conti nues
on for a very l ong ti me unti l peopl e rea l i ze that the
onl y way forward i s to hel p, share, and educate. But
today' s wor l d i s scary, I must admi t . Ci vi l r i ghts are
bei ng eroded, consumer ri ghts are bei ng attacked,
governments a l l over the wor l d are more restr i c
ti ve and suspi ci ous t han ever. Looki ng the wrong
way mi ght be enough to get you detai ned and
quest i oned. Wear i ng a 2600 s hi rt mi ght mean you
are a terror i st. And i f you are smart and know a l ot
about how ai r pl anes work, the software i nvol ved
and stuff l i ke that, that mi ght pl ace you on the Do
Not Fl y |i st forever.
The poi nt I am tryi ng to make here is that
"they" are defi n i tel y tryi ng to hol d us back. Even i n
Uni versi ty I fel t the tensi on of gett i ng too cl ose to
certai n i nformati on, and I thought Uni versi ty was
meant to be a free th i nki ng arena. Hackers wi l l
forever be persecuted si nce they refuse t o be mi nd
l ess sheep who are amazed by the "magi cal " tech
nol ogy; and I suppose that makes us the s uspect
by defaul t . I t i s an ol d bori ng sayi ng but true more
than ever: Knowl edge i s Power. And there i s a l ot
of power out t here tryi ng to stop you from gai n i ng
that knowl edge. But don ' t qu i t. Soci ety wi l l never
know or appreci ate the contri buti on hackers make
unti l that contri but i on stops. Then we are a l l i n
deep troubl e.
ViSiOn
ulumH Zl[0 +
by Donol i
Mr. D from Company A deci ded to create
a new company wi th a guy named Har ry.
Si nce Mr. D al ready owned a smal l bu i l di ng,
there was no probl em wi th offi ce space. I t
was easy t o set up a second offi ce separated
by a s i ngl e wal l . I manage the network for
Mr. D i n Company A. I t ' s a smal l networ k
wi th a Wi ndows 2000 Server and, at t he
most, 1 5 workstati ons runni ng Wi ndows
2000 Professi onal or XP Professi onal . The
enti re network i s wi red and uses stati c I P
addresses onl y. There i s n o wi rel ess router
and no DHCP runni ng at a l l . So, i f an asso
ci ate of the company shou l d ar r i ve wi th a
l aptop and wants to connect to the I nternet,
hi s computer must be gi ven an I P address on
the exi st i ng Cl ass C subnet. There is no other
way to connect. When the second company
was formed, Harry deci ded that he wanted to
use a wi rel ess network and al so deci ded that
he di dn' t want me to i nsta l l i t . He brought i n
hi s own peopl e t o make i t happen a t doubl e
the pr i ce.
Bot h Mr. D and Harry deci ded that a
connect i on was needed between the two
networks for payrol l purposes, so they had
Har ry' s guy i nsta l l two wi rel ess networ k
car ds i n two of the PCs i n Company A' s
system. Al l was fi ne wi th the systems and
sti l l fai r l y secure si nce WEP was enabl ed.
What was n' t fi ne was t hat Mr. D never real l y
trusted Har ry and t he di strust grew as t i me
went on, so much so that Mr. D thought
that Harry had a t roj an horse run n i ng on
Company A' s system and maybe even had
bugged the tel ephone system. That ' s when
he deci ded to cal l me. So I went there and
checked the l ogs for Trend Mi cro' s C1 i en
Server Su i te whi ch is great for sma l l busI
nesses. I di dn' t see anythi ng there. Next,
I ran netstat -an to see i f t here were any
u nwanted connect i ons i n the forei gn address
col umn of the output. The onl y t hi ng I saw
was the I P addresses of each of the networ k
cards, one wi red and one wi rel ess. Nei ther
of them had any suspi ci ous connect i ons to
the outs i de worl d.
I t hen opened t he browser and connected
to the web i nterface of the wi rel ess router
i n Har ry' s offi ce. I was greeted wi th a l ogi n
e Buffal o
Wi rel ess Router
di al og box aski ng for my user name and
password. Not knowi ng what router i t was,
I t r i ed usi ng admi n as the user name or the
password, whi ch D L i nk and L i nksys use
respect i vel y. None of that worked. At that
poi nt, I don ' t remember i f I cl i cked cancel or
i f I was automati ca l l y redi rected to anot her
page that sai d " The user l ogi n name i s ' root. ' "
Oh real l y? I t i s ? Thank you very much for
that i nformat i on. You are too ki nd. It was
root and wi thout a password. What cou l d
be better ? The i nterface page opened and I
i mmedi atel y went to DHCP where I saw a
l i st of connected computers by I P address
al ong wi th the name of the user. One by one,
I opened a r un box and ran \ \ 1 9 2 . 1 6 8 . 1 . XXX.
Most of the C: dr i ves were shared al though
not everythi ng on each dr i ve was acces
s i bl e. I went though a l l I cou l d l ooki ng for
Data Gone Wi l d that was worryi ng Mr. D.
There was noth i ng that di dn' t bel ong there.
I ass umed i t was moved to Syri a al ong wi th
the Weapons of Mass Destructi on to av
?
i d
detecti on. Fi nal l y, I cl i cked on I ntrUSi on
Detector. I t took me t o t he next page whi ch
sai d " No detect i ons fou nd yet . " What ? ? No
detect i ons? ? What about t he fai l ed l ogi n
attempts that I made wi th admi n as a user
name and/or password? Don ' t they count as
an i nt r usi on or do I have to br eak down t he
entrance door wi th an ax fi rst? I c l i cked the
"cl ear l og" j ust i n case but i t probabl y wasn ' t
needed.
Now we a l l know that secur i ty is usual l y
an afterthought but at l east t he admi n had
WEP enabl ed. Of course, he shoul d have
had the router password protected and the
workstat i ons shou l dn' t have had a l l those
shared fi l es. The probl em i s that admi ni stra
tors somet i mes don ' t l ook at secur i ty from
the i nsi de, where I was. The fact that the
Buffal o Ai r Stati on actual l y gave me the user
name i s not the admi n ' s fau l t . The fact that
i t di dn' t count my fai l ed l ogi n attempts as
an i ntrusi on i s not the admi n ' s faul t ei t her.
Those are thi ngs that came wi th the router.
How does a l l that hel p you ? If you are an
admi n, now you know what do. I f you j ust
l i ke to l ook for unsecured wi rel ess connec
ti ons on http : / /www. wifaps . com/ . then you
know what to do too.
l[
0 + Z%
[
ZH0
The Thrill O ustom
Caller ID
by krt
Custom Cal l er I f i nformati on presents
appl i cati ons not otherwi se poss i bl e i n a
mu l t i - l i ne wor l d. You wi l l fi nd that your tel e
phone presence becomes hi ghl y avai l abl e
and under your control .
Do you al ready have t he abi l i ty to
customi ze your Cal l er l |i nformat i on? If you
don ' t, you wi l l fi nd that i t i s tri vi al and i nex
pensi ve to do. Di fferent tel ephone ci rcui ts
requi re di fferent methods. I nformati on that
appl i es to customi zi ng Cal l er l | on Voi ce
over I P tel ephone ci rcu i ts does not neces
sari l y appl y to the same task on an anal og
tel ephone ci rcui t .
Th i s arti cl e does not appl y t o spoofi ng t he
ANI i nformati on uti l i zed by tol l -free servi ces
such as g l 1 , 41 1 , and 800 numbers and
does nol i mpl y or suggest I hal you go about
mucki ng i n those systems.
I l l ega l uses exi st for al l technol ogi es. Be
carefu l i f you try any of the acti vi ti es i n t hi s
art i cl e. Look up your l oca l l aws and, most
i mportant l y, be aware of what you ' re doi ng.
You mi ght fi nd t hat what you t hought was
l egal has become a l i fet i me j a i l sentence
as of the new year. fo your part to prevent
overcrowded j ai l s by sl ayi ng out of tbem.
Si ngl e Number Presence
Usi ng Two Ci rcui ts
Th i s is cal l routi ng to save on tol l s and
provi de tel epbone subscr i ber access i n l ow
to no cel l ul ar coverage areas. Two year
contracts don ' t sound s o good when you
real i ze that the cancel l at i on cost i s more t ban
the cost del ta on that fancy Rai s i n phone at
the mal l . Mat h i s hard, l et ' s go shoppi ng!
Th i s appl i cati on can be used t o handl e
cal l routi ng for economi cal purposes. Th i s
cou l d i ncl ude taki ng cal l s on your no extra
cost tel ephone ci rcui t dur i ng the day and
on your no extra cost ni ght t i me cel l phone
mi nutes.
I f you use t hi s cal l forwardi ng tri ck the
other way around you can di sgui se your
cel l phone number. You can ass ure your
tel ephone networ k presence and mai n
tai n di scret i on wi th regards to your actual
l ocat i on.
Thi s appl i cati on uses some of the same
concepts i nvol ved wi th Networ k Address
Trans l at i on, Load Bal anci ng/Hi gh Avai l -
abi l i ty of an I P Address, a n d Packet Routi ng
i n the I P networ ki ng wor l d.
Required:
A telephone circuit with customizahle
Caller //information.
A cell phone that can forward t o a tC'le
phone circuit.
Cive yourself at least one hour to tesl it
all properly.
I n essence t hi s i s a s i mpl e set of tasks to
obtai n a fa i r l y decent method of tol l avoi d
ance and potent i al l y ca l l qual i ty. I n rea l i ty
i t can be a chore to remember if someth i ng
is forwarded or not and then ver i fyi ng i t.
Thi s appl i cati on keeps i t to a s i ngl e poi nt for
control l i ng ca l l forwar di ng.
You mi ght want to l ook i nto the dul o
mat i on of cal l forwardi ng wi t h features l i ke
rol l -to- home or even a s i mpl e schedu l er that
your cel l phone mi ght have
.
Ca l l forwardi ng
genera l l y occurs on t he swi tch si de and as
s uch you have t o make s ure that t he swi tch
actual l y recei ved and executed your ca l l
forwardi ng request.
I f you send out cal l forwa rdi ng request
i n a had coverage spot, ver i fy that your ca l l s
are for warded correct l y. You mi ght want to
set forwa rdi ng i n a good coverage spot, sll ch
as at wor k j ust before you l eave for home.
Set your tel ephone ci rcu i t ' s deiaul t/voi ce
ma i l forward t o your cel l phone's voi ce
ma i l box so that you don ' t mi ss any i mpor
tant messages.
When you ' re at home: For ward your
cel l u l ar phone t o you r tel ephone ci rcu i t. Al l
i nbound ca l l s wi l l be recei ved on vour tel e-
phone ci rcu i t.
'
When you' re on the road: Di sabl e the
cal l forwardi ng us i ng your cel l phone. Al l
i nbound cal l s wi l l be recei ved on your cel l
phone.
I n a forwarded or non forwarded state:
When you di al out from ei t her your tel e
phone ci rcui t or cel l phone you mai ntai n
a s i ngl e number presence. Keep your tel e
phone ci rcui t ' s n umber hi dden so that you
encourage the usage of a s i ngl e number.
I nstant Voicemail Access
Quickie: Hol d 1 on any cel l phone to
access that cel l phone' s voi ce mai l box.
Hopefu l l y you ' re presented wi th a password
i f i t ' s you r phone.
ulumH Zl0 +Y
Required:
A telephone circuit that can display your
cell phone' s Caller ID information.
A voice mailbox that authenticates via
Caller ID and has no password.
Give yourself about thirty minutes to set
it up and test it.
Thi s appl i cati on is easy to do. Di al your
cel l number from a tel ephone ci rcui t that
di spl ays your cel l phone' s i nformati on vi a
Cal l er 1 0. The voi cemai l system wi l l recog
ni ze you and grant access .
Th i s goes hand i n hand wi t h the fi rst appl i
cati on ( si ngl e number presence) . I t provi des
access to a voi ce mai l box that both l i nes
can share. Set your defaul t cal l forwardi ng
on your tel ephone ci rcui t as menti oned.
You shou l d fi nd that your access method i s
rel ati vel y t he s ame and qui ck from your tel e
phone ci rcui t and cel l phone.
You mi ght fi nd that your phone does n' t
support hol di ng down t he 1 button for voi ce
mai l access, especi al l y i f i t ' s a regul ar cord
l ess u n i t. You can set a speed di al button
on your phone to get arou nd that. I suggest
not mappi ng the speed di al button to the
1 button. You wi l l end up wi t h two di st i nct
associ at i ve brai n pathways for these very
repeti ti ve tasks.
You can al so use th i s wi t h a password
but that ' s j ust not as fun now i s i t fol ks ?
Who wants t o be t hat secur e? Consi der these
quest i ons carefu l l y pl ease. I f someone cou l d
keep t hi s t o the r i ght si de of the el ecti ons
when i t' s u ncovered, t hat ' d be swel l .
Si ngl e Data Presence Usi ng Two Ci rcui ts
Required:
A data service that authenticates via
Caller ID information.
Methods:
A telephone line that can display the
correct Caller // information that is asso
ciated with your billing and subscriber
Securi "Q Your
by bl tl Ock
information.
A program that can announce your cell
phone number as its own that works with
your service carrier's gateways.
A compatible service gateway that
authenticates via Caller ID and bills t o the
subscriber identifed by Caller //.
Th i s is s i mi l ar to the fi rst appl i cat i on. You
mi ght use t hi s to i ns ure that you have better
access to your data servi ces. If your data
servi ce does not feature forwardi ng then you
wi l l be l i mi ted to a s i ngl e poi nt for recep
t i on of data servi ces. You wi l l sti l l be abl e to
send from both ci rcu i ts. Th i s cou l d hel p you
i f your cel l phone is di ffi cu l t to type on and
you send data messages frequent l y.
Common Services: Short Messaging
Service aka SMS, texting, text messaging;
Multimedia Messaging Service, aka MMS,
picture mail, media mail
You can usual l y fi nd SMS and MMS cl i ents
for your computer. The cl i ent software can
be found fai r l y eas i l y i n open sou rce, share
ware, and commerci al for ms. Confi gure t he
software such that your sendi ng i nformati on
matches your tel ephone presence phone
number. Si nce th i s technol ogy changes
rapi dl y, I l eave i t up to you to di scover the
myri ad of tool s avai l abl e.
Other Ways
For most data servi ces you mi ght fi nd that
the provi der has an SMTP to data servi ce
gateway, such as an SMTP to SMS rel ay. Th i s
i s t he manual route. Us ual l y you can send
to your reci pi ent's phone number at a cl ever
emai l address, such as: 2 0 6 1 2 3 4 5 6 7 @ cellu
-larprovidermail . net.
You wi l l have to know the reci pi ent's
provi der and the part i cu l ar gateway's
protocol and access method. You shou l d be
abl e to del i ver a message wi th your sendi ng
i nformati on customi zed t o poi nt back to
your publ i c presence tel ephone number.
Th i s topi c came out of necess i ty at a recent
"networ k protocol anal yzer" ( aka s ni ffer) up
j ob I had. I needed t o securel y punch parts
on a networ k and start captur i ng packets, I
of my networ k traffi c t hrough the corporate
wou l d be abl e to vi ew a l l I nstant Messenger
fi rewal l to remotel y manage th i ngs outsi de
traffi c. Th i s traffi c woul d i ncl ude usernames
the company. Al so, I nstant Messenger traffi c
and passwords, al ong wi t h every message
has al ways been a concern for me.
you sent to your chat partner. The same
Fi rst, we' l l tal k about 1 M t raffi c. I di d not
goes for usi ng 1 M on your home broad-
want my user name and password fl oat i ng
band. Every t i me you si gn on t o AOL I nstant
l[0 Z%
[
ZH0
Messenger, or MSN, or Yahoo Messenger, SOCKS proxy of 1 2 7. 0. 0. 1 i nstead of l ocal -
or ( i nsert popu l ar chat program here) , your host), and the port shou l d be whatever you
username and password i s sent i n pl ai n text speci fi ed i n Step 5. I won ' t go i nto program
over the I nternet to the company/servi ce you detai l s as each program i s a l i tt l e di fferent.
are connecti ng to. Anyone cou l d very eas i l y There shou l d be opti ons i n t he program t o do
throw a s ni ffer up and capture packets for a th i s . AI I I M programs I ' ve used support proxy
few hours, then spend some t i me anal yzi ng usage, some better t han others however.
what they captured to wor k out how to i Chat, for exampl e, doesn ' t l i ke SOCKS
i mpersonate you vi a chat. . . . proxi es for some reason. I use Adi u m on the
I won ' t go on about why protecti ng your- Mac and Cai m on the Pc.
sel f i s i mportant, so on wi th i t . Step 9: Logi n to your chat program. I f i t
SSH stands for Secure Shel l . Read a l l works, great! Congrats, you are now more
about it at http : / /en . wikipedia . org/wiki/ secure t han you were before.
Secure_Shell. Wi ki pedi a does a good j ob To test out whether or not your chat
expl ai ni ng what SSH i s/does. I won ' t attempt program i s actual l y connected vi a the secure
to paraphrase. t unnel , you can di sconnect your SSH connec-
Step | . You need to be i nterested i n t hi s t i on and see i f your chat program l ogs you
topi c. We' l l assume you are, otherwi se you out ( l oses connecti vi ty) . I f i t does, then i t ' s
wou l dn' t be readi ng t hi s . safe t o say you are set up proper l y. I f you stay
Step 2. Set up!confi gure an SSH server on connected to your chat program and the SSH
a remote/home computer. I use the i ntegrated connecti on i s not runni ng, then you have an
SSH server on my Mac. No addi t i onal soft- i ssue somewhere - probabl y mi sconfi gured
ware needed. On a PC you ' l l need OpenSSH chat proxy sett i ngs.
or someth i ng s i mi l ar.
What El se Can You Do?
Step . I nsta l l SSH cl i ent software that Now that you have an SSH t unnel , you
wi l l connect to the SSH server you j ust set
can route any traffi c you ' d l i ke t hrough i t .
up. On a Mac SSH Tunnel Manager works
Use redi recti ons/forwardi ng i n the SSH
wel l . On a PC Tu nnel i er i s the best i n my
cl i ent software to route the t raffi c where you
opi ni on.
want i t t o go. I n Tunnel i er i t's cal l ed C2 S
Step 4: If you have a router i n pl ace,
Fwdi ng. I n SSH Tu nnel Manager, i t ' s cal l ed
forward port 22 to the I P address of you r SSH
Local Redi rect i ons and Remote Redi rec-
server. I f you don ' t, then ski p th i s step.
t i ons. Set up a proxy server on your remote
Step . Create a new connecti on/tunnel
server!computer and browse t he web us i ng
on your cl i ent computer t o the I nter net I P
your home broadband connect i on. You can
address of your SSH server. I won ' t go i nto
set a remote redi recti on for your POP/SMTP
detai l s on thi s step si nce each program i s a
traffi c and check your ema i l vi a Out l ook or
l i tt l e di fferent. I had t o get creati ve on the
whatever mai l program you ' d l i ke. Set a l ocal
actual ports bei ng used to tunnel out of the
redi rect i on on port 5900 and you can VNC
corporate fi rewa l l . Fi nd an open port and
i nto any computer on your home networ k.
use i t. J ust make s ure to forward a l l traffi c on
Agai n, to test out whether or not your traffi c
that port to port 22 on the server you set up
i s t ravel i ng through the SSH tunnel , s i mpl y
i n Step 2. Hint: I f you can us e your 1 M cl i ent
di sconnect the SSH connecti on and t ry the
wi thout a proxy, you can tunnel your traffi c
connecti on. I f i t connects, someth i ng i sn ' t
over port 5 1 90. confi gured proper l y. I f i t does not connect,
Step 6: The next part is an i mportant part.
i t' s safe to say everyth i ng i s worki ng as
After you set the detai l s of the connecti on/
i ntended.
tunnel , fi nd the sect i on of the software that Oh, one more thi ng . . . . I f you do th i s on
al l ows you t o create a SOCKS proxy. I t can
your work computer and your I T department
be SOCKS4 or SOCKS5 . On the Mac I j ust
fi nds out what you ' re doi ng, they wi l l l i kel y
put a checkmark i n the box t o enabl e t he
be l ess t han pl eased. My advi ce i s t o make
SOCKS4 proxy and gi ve it a port to ru n on
fr i ends wi t h your I T support peopl e ( desksi de
( you can l eave i t set t o defaul t too) .
techni ci ans, networ k admi ns) . I can al most
Step 7: Connect to your SSH server,
guarantee each of them is doi ng t hi s al ready.
authenti cate, done. Be happy that you
Be thei r fr i end and they may even set t hi s
now have a fai r l y secure tu nnel from your
up for you, or tel l you what port t o use. I f
computer t o your server across the I nternet.
you are rude to them, prepare to be reported
Step o.Th i s is another i mportant step. You
to management for breaki ng company
need to confi gure your chat program to use
gui del i nes.
the SOCKS proxy you j ust set up. The SOCKS Oh, one fi nal note . . . . Usual di s cl ai mers
proxy server shou l d be 1 2 7. 0. 0. 1 , or l oca l - appl y. Don ' t break the l aw, etc.
host (on a Mac I ' ve found you must use the
Happy trai l s ( or l ack thereof) .
ulumH Zl
[
0 o
I s fi ndi ng an open wi rel ess networ k i n
t he i nvi tati on of a networ k t o j oi n. Not onl y
your nei ghborhood and sett i ng up a NAT
is it decl ar i ng " Here I am, connect to me, "
connecti on to di rect a l l your t raffi c t hrough
i t' s gi vi ng out I P addresses when you do so.
i t i nstead of order i ng cabl e modem servi ce
Dependi ng on the cl i ent-si de confi gurati on,
steal i ng a connecti on? I s us i ng the connec-
no acti ve part i ci pati on i s even requi red;
t i on at a coffee shop wi thout buyi ng a cup
Most systems wi l l automati cal l y connect
of coffee i l l ega l ? I s checki ng your ema i l from
to any networ k i n the prefer red networ k
a random open networ k i l l ega l ? I s us i ng a
l i st, and many open access poi nts share
networ k expl i ci t l y desi gned as publ i c after
common factory defaul t names l i ke " I i n ksys"
busi ness hours l i kel y to get you ar rested? and "defau l t . " Systems wi th automati c OS
I f you ' ve been readi ng the news l atel y,
updates wi l l typi cal l y downl oad updates
the answers wou l d " Yes, " " Yes, " " Yes, " and
( as t o be expected when connected t o a
perhaps s urpr i si ngl y, " Yes" - dependi ng on
network) , meani ng i t ' s possi bl e t o not onl y
where you l i ve! After war ni ngs about open
connect to, but begi n us i ng the resources of
networks in tech news for years, it seems the
an open networ k uni ntenti onal l y.
mai nstream medi a ( and l aw enforcement) Accessi ng a wi rel ess networ k wi thout
i s begi n n i ng to take an i nterest i n wi rel ess
the permi ssi on of the owner, even when
networks. Hal f a dozen cases rangi ng from
the networ k i s "open, " typi cal l y fal l s under
l ocal news to hi gh-profi l e data theft have
computer trespass i ng l aws. From the exi st i ng
made headl i nes i n recent months wi t h penal -
cases, t he charges are fi l ed under l ocal ( state
ti es rangi ng from fi nes to fel on i es.
or county) l aws rather t han federal . The exact
Open wi rel ess networks are a cur i ous
charge depends on the regi on. However, the
i ntersect i on of moral i ty and l ega l i ty. Li vi ng
Federal Computer Fraud and Abuse Act ( 1 8
i n a country where broadband access i s
U. S. c. 1 03 0) makes unauthori zed access
not metered by usage ( un l i ke other regi ons
or exceedi ng aut hori zed access wi th the
where i t may be charged per ki l obyte
i ntent to defraud on a computer or networ k
monthl y, presenti ng a very real cost t o t he
a cr i me. Whi l e t he Feds are general l y u n i n
owner of a network) and, payi ng for a broad-
terested i n "sma l l " cases ( l ess than $ 1 00, 000
band connecti on al ready, I personal l y t hi n k
i n damages), many states have copi ed the
i t's di ffi cul t to fi nd a moral argument agai nst
CFAA for thei r own l aws.
ut i l i zi ng open wi rel ess networ ks, at l east i n
I n 2 006 a man i n I l l i noi s was charged
moderat i on. Whi l e saturat i ng someone el se's wi t h, and pl ed gui l ty to, " unauthori zed
networ k or us i ng i t to anonymi ze i l l egal
computer access" and pai d a $250 fi ne for
act i vi ty obvi ousl y crosses t he l i ne, use of an
us i ng an open access poi nt from hi s car. The
open networ k wou l d seem to be i n l i ne wi t h
prosecut i ng attorney ci ted poss i bl e puni sh
the owner's deci si on to l eave i t open. Unfor-
ments of up to a year i n j ai l for the use of
t unatel y, it can be di ffi cul t to tel l i f the user
an opened access poi nt . A s i mi l ar ar rest was
i ntent i onal l y l eft t he networ k open or s i mpl y
made i n 2 005 i n Fl ori da, when a man was
di dn ' t bother to read the manual that came
arrested and charged wi t h a t hi rd-degree
wi th t he access poi nt - and the l aw typi cal l y
fel ony, carryi ng a potenti a l $ 1 0, 000 fi ne and
comes down on the si de of protecti ng t he
fi ve years of j ai l t i me. I n both of these ar rests,
owner.
no ment i on was made of what acti vi ty was
When an access poi nt i s "open, " i t adver-
taki ng pl ace on the networ k.
t i ses the ESS I D ( networ k name) several ti mes
Further confUSi ng matters, not every
a second (ten by defau l t) , requi res no WEP
state woul d consi der such use i l l ega l . For
or WPA key, and provi des DHCP. Regardl ess
exampl e, New Hamps hi re' s RSA: 638: 1 7
of t he owner's i ntent i ons, thi s si gni fi cantl y
a l l ows an u nauthori zed user three affi rma
bl urs t he l i nes between attacki ng a networ k
ti ve defenses: t hey reasonabl y bel i eved t hey
to gai n unauthori zed access, and accept i ng
had authori zati on, woul d get free access i f
l
[
C oZ
Z%
[
ZHC
asked, or had no way of knowi ng that the the Computer Mi suse Act. For those more
access was unauthori zed. If any of these are fami l i ar wi th Ameri can styl e l egal documents,
proven, the user wi l l be found not gui l ty of the Computer Mi suse Act, wr i tten in 1 990, i s
t he cr i me. s urpr i si ngl y di rect and, whi l e predati ng wi re-
I n 2 006 two men were arrested in a h i gh l ess networks, i t i ncl udes provi si ons agai nst
profi l e case i n Mi chi gan i nvol vi ng hacki ng both the use of a computer to gai n unau
of t he Lowes wi rel ess network t o obtai n thori zed access and the us e of unauthor i zed
credi t card numbers. Un l i ke the previ ous access t o commi t further cr i mes. Vi ol ati ons
exampl es, thi s ar rest was unequi vocabl y of t he Computer Mi suse Act can carry a s i x
j usti fi abl e ( i f, of course, they are gui l ty of month j ai l sentence pl us fi nes. The Computer
the charges) . Thi s case i nvol ved the del i b- Mi suse Act expl i ci t l y states that it may appl y
erate penetrati on of the Lowes corporate to non- ci t i zens as wel l . The Communi cati ons
network and the i nstal l ati on of spyware to Act, an i mmense document dea l i ng wi th the
moni tor Poi nt of Sal e termi nal s . However, i n regu l ati ons of OFCOM and tel ecommuni ca
May 2 007, a Mi ch i gan man was arrested for ti ons i n general , contai ns s i mi l ar l aws, and
usi ng a publ i c hotspot i n a coffee shop from recent amendments rai se the potenti al fi nes
hi s truck and charged wi th fel ony fraudu- t o 50, 000.
l ent access t o a computer network wi th a ( 1 ) A person is guilty of an offence if
poss i bl e fi ve year sentence and $ 1 0, 000 i n (a) h e causes a computer to perform any
fi nes. I n th i s case the man was not usi ng a function with intent to secure access to any
network whi ch the owners di d not i ntend program or data held in any computer;
to be publ i c. He was us i ng a network the (b) the access he intends to secure is
owners di dn' t i ntend to be publ i c for hi m at unauthorised; and
that t i me, a di st i ncti on much harder to make (c) he knows at the time when he causes
( and as a user of networks, to determi ne if i t t he computer t o perform t he function that
appl i es t o you) . that is the case.
The Mi chi gan l aws he i s charged under (2) The intent a person has to have to
refer to someone who wou l d "access or cause commit an offence under this section need
access to be made to a computer program, not be directed at
computer, computer system, or computer (a) any particular program or data;
network to acqu i re, al ter, damage, del ete, or (b) a program or data of any particular
destroy property or otherwi se use the servi ce kind; or
of a computer program, computer, computer (c)a program or data held in any partic-
system, or computer networ k. " ular computer.
Despi te bei ng adverti sed as an open Anyone who dishonestly obtains an elec-
hotspot network and despi te the owner bei ng tronic communications service and intends
unaware of hi s use of the network, an offi cer to avoid paying for that service is guilty of an
deter mi ned that usi ng the networ k from a car ofence under section 1 25. A person found
i nstead of i nsi de the coffee shop consti tuted guilty of the offence will be liable to a fine
u nauthori zed access. I n an i ntervi ew wi th or imprisonment, or both. Under subsection
newspapers, the man stated he was checki ng (2), i t is not an offence under this section to
hi s emai l s i nce he knew the cafe had a publ i c obtain a service mentioned i n section 297( 1 )
network. Ul ti matel y the fel ony charge was of the Copyright, Designs and Ptents Act
dropped and the man pai d a $400 fi ne and 1 988. This section replaces section 42 of
served 40 hours of commun i ty servi ce. t he Telecommunications Act 1 984 which is
I n s i mi l ar cases, a Wash i ngton man was repealed by Schedule 1 9.
arrested i n 2006 for use of a coffee shop's Of addi t i onal si gni fi cant i nterest:
wi rel ess network from hi s car wi thout maki ng 302. I t is an offence under subsection
a purchase after coffee shop owners cal l ed ( 1 ) for a person to have in his possession or
the pol i ce and an Al aska man was arrested under his control anything, including data,
for us i ng the wi rel ess network i nstal l ed which may be used for or in connection with
i n the publ i c l i brary after hours from the obtaining an electronic communications
parki ng l ot. service with the intent to use the thing or to
Th i nk the l aws agai nst us i ng publ i c allow i t to be used to obtain, or for a purpose
networks affect onl y the Un i ted States? Th i nk connected with the obtaining of an elec
agai n. I n 2005 a London man was arrested tronic communications service dishonestly
and fi ned 500 for usi ng an open network The recent ar rests pertai n i ng to use of
and i n August 2 007 a man i n Chi swi ck was open wi rel ess networks have not made
arrested whi l e usi ng an open access poi nt menti on of secti on 302 however, l i ke
wh i l e outdoors. Both men were charged wi th recentl y passed l aws i n Germany bann i ng
offenses under the Communi cati ons Act and the use or possess i on of tool s wh i ch mi ght
ulumH Z
l
[
0 oJ
s purposes, sect i on may
present a si gn i fi cant probl em.
Obvi ous l y every si t uat i on menti oned
here i s di fferent - some occurred l ate at ni ght,
cast i ng a suspi ci ous ai r regardl ess of poss i bl e
i ntent i ons. Other cases wou l d appear t o be
perfect l y l egi t i mate uses of open networks.
Al l that can be sai d i s to beware us i ng open
wi rel ess networks and be s ure the owners
don ' t mi nd you doi ng so. And buy a cup of
coffee i f you ' re goi ng to use the networ k at
the shop down the road. They' re doi ng you
the favor of gett i ng onl i ne.
References
Fraudulent Access to Computer Systems
Act, Mi ch i gan, USA:
http : / /www. legislature . ri . gov/ ( S ( l 0 1 2
-dymlulehlrfw14cruj 5 5 ) ) /rileg . aspx?page
-=getObj ect&obj ectNare=mcl - 7 5 2 - 7 9 5
New Hampshire Ttle LXII Criminal Code,
New Hampsh i re, USA:
http : / /www. gencourt . state .
-nh . us /rsa/html /LXI I / 6 3 8 / 6 3 8 - 1 7 . htm
Communications Act of 2||, Un i ted
Ki ngdom:
http : / /www. opsi . gov . uk/ s i/ s i2 0 0 6 / 2 0 0 6 1
-0 3 2 . htm
http : / /www . opsi . gov . uk/acts / en2 0 0 3 /
-2 0 0 3en2 1 . htm
Computer Misuse Act of l VV|, Uni ted
Ki ngdom:
http : / /www . opsi . gov . uk/acts/ acts 1 9 9 0 /
-Ukpga_1 9 9 0 0 0 1 8_en_l . htm
by MS3FGX
ware cur rent l y supports) i nto a Wi Fi AP
MS3FGX@gmai l . com
for your OS and Wi i systems. The probl em
The Ni ntendo Wi Fi USB Connector
i s, those are the onl y devi ces the Wi Fi
(wh i ch from now on I wi l l si mpl y refer t o as
Connector wi l l wor k wi t h. Ni ntendo' s sof
the Wi Fi Connector) i s a product rel eased
ware makes i t so that any devi ce connect i ng
by Ni ntendo i n 2005 for use wi t h thei r
to the AP needs to go t hrough i ts propr i etary
OS handhel d, and more recent l y thei r Wi i
authenti cati on system.
consol e. The Wi Fi Connector i s desi gned
Wou l dn' t i t be ni ce to have a soft AP l i ke
as an al ternati ve to standard Wi Fi networks
that whi ch works wi th a l l your other Wi Fi
(wh i ch both t he OS and Wi i use t o access
devi ces? Or perhaps you want a decent USB
t he I nternet for var i ous functi ons) , wi t h the
Wi Fi adapter that you can use under Li nux
i ntended advantages bei ng automated setup
wi th nati ve dr i vers? Lucki l y for us, we can do
and secur i ty. I t i s avai l abl e i n most el ec-
a l l of that and more wi th the Wi Fi Connector.
t roni cs and game stores, and current l y costs
I t j ust takes a bi t of hacki ng.
$35 to $40.
Wi ndows
Hardware wi se, the Wi Fi Connector i s
By fol l owi ng these steps you wi l l be abl e
s i mpl y a rebranded Buffal o WLI - U2- KG54-AI
to do two very i mportant th i ngs wi th your
adapter. Th i s devi ce was most l i kel y chosen
Wi Fi Connector, two t hi ngs whi ch shou l d
due t o t he fact that i t uses t he USB versi on
never have been l i mi ted i n the fi rst pl ace.
of the RT2 500 chi pset (a l so known as the
Fi rst, you wi l l be abl e to use the Wi Fi
RT2 5 70) , one of t he few ch i psets t hat can be
Connector as a standard Wi Fi adapter,
used as a softwa re AP under Wi ndows. The
al l owi ng you to con nect to exi st i ng wi rel ess
software i tsel f on the other hand i s tota l l y
networks, ru n NetStumbl er, and s o on. More
propr i eta ry to Ni ntendo, i ncl udi ng the
i mporta nt l y, you can unl ock the soft AP func
aut hent i cat i on method used.
t i on of the Wi Fi Connector to work wi th any
So that ' s very i nterest i ng and al l , but
Wi Fi devi ce, not j ust Ni ntendo' s .
what does i t real l y mean? Basi cal l y, t he Wi Fi
Accompl i s hi ng t hi s wi l l requi re two sepa
Connector al l ows you to turn your Wi ndows
rate hacks, one bu i l di ng on top of the other.
XP computer ( the onl y OS Ni ntendo' s soft-
We wi l l fi rst modi fy the or i gi nal Buffal o WLI -
l
[
0 o+
Z%
[
ZH0
U2- KGS4-AI dr i vers to work wi th the Wi Fi
Connector, and t hen hex edi t the confi gu
rat i on software from a di fferent USB Wi Fi
adapter ( but one wi th the same chi pset)
whi ch wi l l gi ve us more control over the
devi ce t han Wi ndows al one al l ows.
Before begi nni ng, I shou l d note that t hi s
i s onl y tested and confi rmed t o work on
Wi ndows XP, and wi l l probabl y work on
Wi ndows 2 000 as wel l . Unfortunatel y, I
have no i dea if th i s wi l l work on Vi sta, and
have no way t o test i t mysel f. I wou l d be very
i nterested i n hear i ng from anyone who t r i es
t hi s on Vi sta, worki ng or not.
Driver Modifi cation
To get started, downl oad the dr i vers from
the Buffal o s i te:
http : / /www. buffalotec h . com/ support/
-getflel ? U2KG5 4 1 - 0 1 - 0 2 - 0 0 0 2 . zip
Extract the w:n2 0 0 0 di rectory fr om the
archi ve onto your computer and open i t up.
I nsi de you wi l l see the fi l e NETU2G5 4 . INF,
whi ch i s what we need to modi fy for the
dr i vers to appl y to the Wi Fi Connector.
Make s ure to remove the read-onl y protec
t i on on th i s fi l e, then open i t i n Notepad.
Fai r l y cl ose t o t he top of t he fi l e you wi l l see
a sect i on wi t h the headi ng, [ Adapters ] . Th i s
i s t he l i st of devi ce I Ds that Wi ndows uses
to determi ne what hardware the dr i ver wi l l
work wi t h.
We need t o change the devi ce | that
i s l i sted here to match that of the Wi Fi
Connector. To do t hi s, s i mpl y del ete t he
exi st i ng devi ce | from t he top l i ne USB\
VID_0 4 1 1 &PID_0 05E and repl ace i t wi th
USB\VID 0 4 1 1 &PI D 0 0 8B.
Afer
-
you havo changed the devi ce |,
save the fi l e and cl ose i t .
You can now proceed wi t h the i nstal l a
t i on of the modi fi ed dr i ver. I f you al ready had
the offi ci al Ni ntendo software and dr i vers
i nstal l ed on your mach i ne, make s ure these
are compl etel y removed before conti n u i ng.
Pl ug the Wi Fi Connector i nto t he
computer. When the Found New Hardware
Wiz ard starts, sel ect Install from a list
or a specifc location ( Advanced ) . Then
tel l i t to search for the dr i ver i n the di rec
tory where the modi fi ed NETU2G5 4 . INF fi l e i s
l ocated and cl i ck Next.
After the i nstal l at i on, you shou l d see an
i con i n your system tray i ndi cati ng that a
new wi rel ess devi ce has been i nstal l ed but
not confi gu red ( i t wi l l l ook l i ke a computer
wi th waves comi ng out and a red X)
.
If you di dn' t get any errors, your Wi Fi
Connector i s now recogni zed as a Buffal o
WL/ - U2- KGS4-AI by Wi ndows. You can now
use it as you wou l d any other Wi Fi adapter.
But what fu n is that? Let ' s move al ong and
get i t worki ng as a soft AP.
Software Modificati on
Si nce Wi ndows onl y i ncl udes very bas i c
Wi Fi confi gurati on ut i l i t i es, we need t o go out
and fi nd our own t o confi gu re a soft AP. To do
thi s we wi l l hex edi t the software for another
devi ce ( the ASUS WL- 1 67g) whi ch uses the
same chi pset as the Wi Fi Connector.
The software we need can be l ocated at:
http : / / d l s vr0 1 . as u s . com/ pub / ASUS /
-wireless /WL- 1 6 7 g/Utility 2 9 3 3 . z ip
Downl oad the arch i ve, ex'ract i t, and ru n
setup . exe to start the i nsta l l er. But don ' t try
to start i t once i t i s i nstal l ed. You wi l l onl y
get errors about no su i tabl e devi ces bei ng
found.
To modi fy the software, you ar e goi ng
t o need t o us e a hex edi tor t o once agai n
change t he devi ce | from t he i ntended
hardware to that of the Wi Fi Connector.
You wi l l need a hex edi tor that has a good
repl ace functi on, or el se t hi s is goi ng to be a
very tedi ous modi fi cat i on . Speci fi cal l y, you
want one that i s abl e to retai n the str i ngs you
want to repl ace after you have saved and
opened another fi l e.
I wou l d suggest XVI 32 i f you don ' t al ready
have a hex edi tor you are comfortabl e wi th.
I t ' s sma l l , free, and i ts robust repl ace func
t i on makes the fol l owi ng modi fi cati ons a
breeze.
Us i ng you r hex edi tor, navi gate to where
the ASUS Ut i l i ti es are i nstal l ed, wh i ch by
defaul t wi l l be:
C : \Program Files \ASUS\WLAN Card utili
ties\
I nsi de of t hi s di rectory there are seven
fi l es you need to modi fy to get the software
to recogn i ze the Wi Fi Connector. They are:
AsAuthen . dll
Center . exe
Mobile . exe
StMonitor . exe
TShoot . exe
Wireless . exe
Wizard . exe
The modi fi cati on is exact l y the same for
each fi l e, so once you get i nto the rhythm of
i t, you shou l d be abl e to bl ow through them
pretty qu i ck.
Open the fi rst fi l e ( i t does n' t matter whi ch
order you do t hem i n) i n your hex edi tor
and repl ace a l l occurrences of USB\VID_
OB05&PID 1 7 0 6 wi th USB\VID 0 4 1 1 &PI D 0 0 8B.
After pl aci ng al l of the nstances n that
fi l e, save i t and open the next one. Each fi l e
shou l d have at l east one occurrence i n i t , so
i f your edi tor is sayi ng that noth i ng has been
repl aced, doubl e check that you have the
proper devi ce I Ds typed i n .
After a l l of t h e fi l es have been hex edi ted,
there i s sti l l one more step you must perform
ulumH Zl
[0 oo
before you can r un the software.
Open up My Computer and navi gate to the
fol l owi ng di rectory:
C : \Program Files \ASUS\WLAN Card
Utilities\Driver\winXP\AP\
I nsi de th i s di rectory you shou l d see a fi l e
named rt2 5 0 0usb . sys . You need t o copy
thi s fi l e to:
C : \WINDOWS\ system3 2 \ drivers\
Wi ndows wi l l ask you i f you want to
overwnte the exi sti ng fi l e, cl i ck Yes .
Now make s ure the Wi Fi Connector
i s pl ugged i n and cl i ck on the ASUS WLAN
Control Center i con. You are probabl y goi ng
t o see a bunch of error and status messages
when you fi rst start I t up, but there i s onl y
one you need t o l ook at r i ght now.
There shoul d be a wi ndow named wire
less Option open. I n th i s wi ndow you need
to make s ure that opti on whi ch says Onl y
us e our WLAN utilities i s sel ected, and
t hen cl i ck OK. A wi zard wi l l now start, cl i ck
on Cancel t o cl ose i t , and then OK on the
message that wi l l res ul t.
The ASUS WLAN Card Settings wi ndow
shou l d now show the Buffal o WLI - U2-
KG54-AI al ong wi t h some i nformati on about
i t. I f you see thi s screen then the software
was modi fi ed correct l y.
Soft AP Configuration
Now that the Wi Fi Connector i s bei ng
detected by t he ASUS WLAN Uti l i t i es, we
can make the appropri ate adj ustments for i t
t o r un i n AP mode. The ASUS software makes
th i s very s i mpl e, and i t onl y takes a mi nute
or two to confi gure everythi ng.
Open the ASUS WLAN Control Center and
cl i ck on the Confg i con l ocated on the l eft
si de. On thi s new page you shou l d see a tab
on the top that says Soft AP. Cl i ck on i t.
Cl i ck the radi o button next to Soft AP
Mode to change the operat i ng mode of the
Wi Fi Connector. Under that you shou l d see a
di agram of a bas i c network, and a bi t farther
ASUS wLAHCrd5etnngs
Stalus
Config
About
Unk State
Sa:e Configuration
)
hMcel
elp
l
[
0 o
BIIC ,Erf'phon 50ftAP Access [ontrol j
SoftAP I STA Mode
.tation Mode
IACtd5eh
Status
Config
Survey
A",
Link State
Sae Configuration
QK
g 1ancel
y J:elp
Status Conntion I P Conlig ,
{O14] BUFFALO WLIU2KG54YB W"eless LN Adapter
AswClation State Not associated
SS|a
MAC<ddes 0OD:08:[4 D2-F3
cue0o|
Current Data Rate 11 Mbp
Radio Stale Radio On
down a box that says Available Network
Connections. Cl i ck on the devi ce that i s
cur rentl y connect i ng you t o t he I nter net ( i t
does n' t m
T..aI
arm9 exe 02000850 , copy to 02000000 , size 000a57b8
arm7 exe 02380000 , copy to 02380000 , size 000279d4
Total size 000cd18c (840076)
man_log : Client 00 : 09 :bf : Od : 9b : b3 has been authenticated
ran_log : Cl ient OO :09 : bf :Od : 9b : b3 is now associated -- data exchange beginning shortly
wmb_data : Client 00 : 09 : bf : Od : 9b : b3 has been waiting 1 . 000000 seconds - begining download
wmb_data : Got hel lo reply
wmb_data : Name complete - cl ient is "MS3FGX
wrb_data : Got response to RSA
send_data : OOOOc2e8 out of OOOa57b8 (ARM9)
send_data : 000187c8 out of OOOa57b8 (ARM9)
send_data : 00024ca8 out of 000a57b8 (ARM9)
send_data : 00031188 out of 000a57b8 (ARM9)
send_data : 0003d668 out of 000a57b8 (ARM9)
send_data : 00049b48 out of 000a57b8 (ARMS)
send_data : 00056028 out of 000a57b8 (ARM9)
send_data : 00062508 out of 000a57b8 (ARMS)
send_data : 00068ge8 out of 000a57b8 (ARM9)
send_data : 0001aec8 out of 000a57b8 (ARM9)
send_data : 000873a8 out of 000a57b8 (ARM9)
send_data : 00093888 out of OOOa57b8 (ARM9)
send_data : 0009fd68 out of 000a57b8 (ARMS)
send_data : 00006a50 out of 000279d4 (ARM?)
send_data : 00012f30 out of 000279d4 (ARM7)
send_data : 0001f410 out of 000279d4 (ARt17)
data_ack : TRANSFER COMPLET for OO :09 : bf : Od :9b : b3
starter : Client OO :09 : bf : Od :9b :b3 is starting
man_log : Client 00 :09 : bf :Od : 9b :b3 has left
ulumH 2
l
[
0
bash# depmod -a
Once you have i nstal l ed the modi fi ed
dr i ver, pl ug i n t he Wi Fi Connector. You
an
veri fy the modul e has proper l y l oaded l i ke
so:
bash# lsmod grep nin_rt2 S 7 0
nin rt2 S 7 0 1 5 7 5 0 4 1
| you j ust get a bl ank l i ne after ru nni ng
that command, someth i ng has gone wrong.
Doubl e check that you copi ed the modul e
to the proper di rectory and t hen r un depmod
agai n.
Once t he dr i ver i s i nstal l ed and l oaded
up, you wi l l need to confi gure the devi ce.
Runni ng the fol l owi ng commands as root
wi l l get the Wi Fi Connector set up to start
sendi ng out WMB demos:
bash# ifconfig ninusbO up
bash# iwpriv ninusbO rfmontx 1
bash# iwconfig ninusbO mode Monitor
-channel 13 rate 2M
You wi l l now need to down l oad the
Ni nWMB package from:
http : / /mas scat . afraid . org/ ninds /wif_
-apps . php
To bu i l d these appl i cati ons, s i mpl y r un
the fol l owi ng commands:
bash# bunzip2 NinWMB_2 0 0 6 0 6 0 9 b. tar . bz
bash# tar xvf NinWMB_2 0 0 6 0 6 0 9 b. tar
bash# cd . /NinWMB_2 0 0 6 0 6 0 9b
bash# make
Once i nstal l ed, you wi l l r un the wmbhost
progra
.
m by gi vi ng i t the i nterface you want
to use, the channel , and t he . nds fi l e i tsel f.
Make s ure to run wmbhost as root, otherwi se
it wi l l not r un and you wi l l j ust get errors.
bash# cd wmbhost/
bash# . /wmbhost -i ninusbO -c 13 fle
-name . nds
Then start up your Ni ntendo DS, sel ect
Fun with
I nt e rnet
DS Download Play, and fol l ow the on-screen
prompts to downl oad and run the software.
Of course, you wi l l need some . nds fi l es
to actual l y do anyth i ng. As these downl oads
are freel y ava i l abl e over the ai r from demo
ki os ks runni ng i n most maj or retai l ers and
have never been sol d, they are consi dered
l egal to di stri bute. As far as anyone current l y
knows, at l east.
You can downl oad some demos at the
fol l owi ng si tes:
http : / /davr . org/ds2 /demos/
http : / /wiki . akkit . org/Downloadable_Ds_
-Demos
Concl usi on
The Wi Fi Connector i s a usefu l devi ce,
even i f you don ' t own a DS or Wi i . At $40 i t
certai nl y i s not t he cheapest adapter you can
buy, but there i s no questi on that i t i s al so
more capabl e t han most devi ces you wi l l
fi nd o n the shel f a s wel l .
Whether you are run n i ng Wi ndow
or L i nux, you wi l l be abl e to use the WI FI
Connector i n some uni que ways that are not
poss i bl e wi th most other devi ces. I n addi t i on,
due t o i ts speci al i zed nature and software,
the Wi Fi Connector l i kel y won ' t swi tch chi p
sets i n l ater producti on r uns; whi ch is often
a concern when buyi ng Wi Fi hardware for
use wi th L i nux.
I n t he end, t he Ni ntendo Wi Fi USB
Connector offers some tantal i zi ng possi
bi l i t i es consi der i ng i ts pr i ce and avai l abi l ity,
even if Ni ntendo does n t know i t.
I would like to thank Wafe for laying the
groundwork for the 50ft AP conversion and
masscat for his invaluable help and excellent
sofware. Special thanks to my wife, as well
as everyone I don ' t hate.
by route
I nt er net cafe where, for a very reasonabl e
Recent l y when t rave l i ng t o Phucket I
pr i ce </sar casm> of approxi matel y 3 00
stayed at a resort a l ong t he Kamal a Beach
baht ( around ten Aust ra l i an dol l ars at t he
stri p. After a week i n Bangkok and now
t i me) , I wou l d be gi ven a prepri nted code t o
i nto my second week at Phucket I began
access one of t hree PCs connected ( al bei t
suffer i ng technol ogy depravat i on and
s l owl y) to t he I nt er net for 60 mi nutes. Ten
sought t he nearest I nt er net cafe. Fortu-
bucks may not sou nd over pr i ced for a fou r
natel y for me ( and ot hers) t he resort offered
star resort on the beach, but the average
i ts guests an a i r condi t i oned s ma l l sca l ed
dai l y i ncome for a l ocal was arrund
l
[
0 o
Z%
[
ZH0
baht . numer ous s hares di s pl ayed ( most empty),
Anyway, back to the I nternet cafe and even a s pace for the good fol ks wor ki ng
servi ce. The set up offered MSN access,
i n t he ki tchen. F unny. . . I never not i ced
MS Offi ce, I nternet Expl orer 5 . 0, Notepad,
d i gi tal room servi ce. After gett i ng bored
and a few other apps. The PCs t hemsel ves
of attempt i ng to read broken Engl i s h, my
were bes i de t he desks and fu l l y accessi bl e,
i nterest t ur ned towards t hei r l oggi ng capa
a comfortabl e cha i r and decent per i ph-
bi l i t i es. A qu i ck browse to t he . exe' s home
eral s wer e provi ded and, best of al l , I had
d i rectory on s hared . \ was al l i t t ook t o
a chance t o get out of t he heat and cool off
wi th some good O| fash i oned geeki ng.
fi nd l og. txt. A fa i r l y massi ve unencrypted
When you fi rst t ur n the 1 7" LCDs on,
strai ght text fi l e t hat l i sted dates, t i mes, and
you are confronted wi t h a l ogi n screen
codes used to access a l l th ree PCs. To make
consumi ng t he ent i re desktop. You r onl y
th i ngs even eas i er, i t l ogged how l ong each
opt i on i s to enter a l ogi n code and cl i ck
ses s i on l asted. So after l oadi ng t he text fi l e
OK. Al l s hortcuts fai l ed t o cl ose th i s screen
i nto a qui ck VBA app I wrote, I now had
or even pr ompt for more opti ons . I was
a l i st of a l l codes whose sess i ons sti l l had
cur i ous i f t here was i n fact a way around val i d t i me r emai n i ng. Great, I t hought, as
th i s software and j ust how u p t o date thei r I copi ed these down i n a s ma l l notepad,
secur i ty was. Ear l i er that day, I had read
tur ned the I nter net cafe app back on, and
a l ocal a rt i cl e expl ai n i ng how far beh i nd
rebooted t he Pc. After retur n i ng t he PC
thei r I nter net access was, average speeds,
back to t he state i t was i n when I found i t,
coverage, etc.
I went to the bar, had a whi s key and l i me,
So I di sappoi ntedl y entered my al pha-
and refl ected on my after noon ' s act i vi t i es.
n u mer i c l ogi n code and was taken to the
h d d f d h
typi cal Wi nXP desktop, where t he onl y out
T e next ay I retur ne rom oi ng t e
of pl ace i tem was t he l arge counter i n t he
"tour i sty" t h i ng and headed to t he I nter net
top r i ght hand cor ner that counted down
cafe for anot her l ook around. I l ogged i n
my remai n i ng usage t i me. Tas k Manager
wi th one of t he val i d codes I had s cr i bbl ed
was di sabl ed and so was r i ght cl i cki ng. I
down, and u p popped MSN Messenger.
cou l dn ' t termi n ate t h i s cou nter. B ut, u nfor-
The thoughtfu l person before me had obvi
t unatel y for t h i s resort, t hat i s where t he
ous l y r un out of usage t i me ( when t he t i me
secur i ty stopped.
r uns out, t he l ogi n screen opens aga i n -
I thought most l i kel y when these PCs pi ty i f you ' re doi ng you r on l i ne ban k i ng at
were booted up i n the mor n i ng the staff the t i me) . A l essor person wou l d have read
l ogged them i nto Wi ndows and t hrough
thei r ema i l and had some fun, but I wasn ' t
startup, msconfi g, or t he regi stry, th i s
i nterested. I wanted t o know what down
I nternet cafe software l oaded, d i sab l i ng
l oad rest r i ct i ons were i n pl ace. So I opened
a l l speci al keys and consumi ng t he ent i re
I E and vi s i ted 2600, thc, packetstor m,
screen. I was r i ght . I opened msconfi g
etc. but not once was I rest r i cted from
and found i netcafe. exe u nder t he startup
accessi ng these pages. I t hen proceeded
tab. I t cou l dn ' t be that easy, I t hought. So
I u nchecked t hi s opt i on and rebooted t he
t o down l oad and set up a keyl ogger. Once
Pc. I was n ' t ter r i bl y wor r i ed about bei ng
the keyl ogger was i n pl ace and wor ki ng, I
caught "tamper i ng wi t h t hei r computers" as
removed any trace I was t here, and wal ked
I had gi ven a fake name and room n umber
u p to recepti on.
when recei vi ng my 60 mi n ute code.
After a good 20 mi nutes, no one had
Up came t he B I OS and so t oo di d a
any i dea what I was t ryi ng to tel l t hem and
B I OS password prompt . Not i c i ng i t was
I don ' t th i n k they actual l y cared. Bl an k
r un n i ng AWARD bi os, I r emembered s mi l es were a l i i recei ved.
an ol d backdoor AWARD used around I ' d l i ke to al so add that upon retu r n i ng
seven years ago. I entered AwARD_Pw
home a l l efforts to l ocate t he vendor of th i s
and i n I l ogged. Here' s where i t j ust gets
software were usel ess. It appeared they
l azy. Wi ndows l ogged me strai ght i n wi t h
wer e no l onger i n busi ness and wi th code
no furt her aut hent i cati on, and I was now
l i ke that i t ' s not hard to see why.
connected to t he net. No code to track me
from and no t i me restr i ct i ons .
Whi l e what I have j ust descr i bed i s n' t
t he most techn i cal hack, i t does demon
To be honest I was a l i ttl e di sappoi nted i t
t ook fou r mi nutes t o c i rcu mvent thei r secu-
strate j ust how poor s ome secur i ty i s . Never
r i ty so I started l ooki ng around. They had
u nderesti mate anyone the way they u nder
esti mate you .
ulumH Zl
[
0 oY
by Barrett Brown
Ah, the L i brary: Reposi tory of wi sdom,
fr i end of the homel ess and anonymous
computer user s. Li brari es everywhere offer
a wi de var i ety of servi ces. One of the l atent
servi ces they provi de are t he keepi ng of
patron and empl oyee records, wi th every
t hi ng from contact i nformati on, check-out
h i story, fi ne management, and, i n the worst
cases, soci al secur i ty numbers and other
goodi es.
I recent l y began worki ng at a Un i versi ty
l i brary whi ch uses the wor l d' s most popul ar
software for managi ng database i nforma
t i on. The front end of thi s program i s a web
powered and j ava-based pl atform cal l ed
Mi l l en n i u m whi ch accesses the I NNOPAC
backend.
I NNOPAC was created i n 1 985 by I nno
vati ve I nterfaces as a UNI X-based system for
publ i c access to catal ogues and modul es
to support catal ogi ng, ci rcul at i on, seri al s
and acqui si t i ons. I n 1 993 t he fi rst annual
I NNOPAC Users Group ( l UG) conference
was hel d representi ng over 1 50 l i brar i es
and 3 00 members . I n 1 998 Mi l l enni um was
l aunched and has conti nued to expand func
t i onal i ty to i ncl ude database management,
acqui si t i ons, seri al s, i nter l i brary l oan and
management report i ng functi onal i ty. Today
there are over 1 200 I nnovati ve I nterfaces
i nsta l l at i ons ar ound the wor l d in near l y 2 0
l anguages.
What does thi s mean to us and why do
we care? Wel l , for starters t he F BI seems to
care and that al ways makes my ears perk
up. As you ' ve surel y heard by now the F BI
has been t ryi ng t o us e t he Ptr i ot Act t o get
access to l i brary patron records wi t h mi xed
success. Besi des the FBI , there are terror
i sts, l awyers, pr i vate detecti ves, and a l l sorts
of other peopl e who may want access to
someone' s patron record, wi t h or wi thout
permi ssi on.
The defaul t i nterface for empl oyee
connect i on to I NNOPAC at my l i brary i s
t o tel net t o t he I NNOPAC server ( the same
server whi ch i s connected to the I nternet
for publ i c web searches of the l i brary cata
l ogue) and l ogi n wi th a standard username
and password. The fi rst several t i mes I di d
t hi s I di dn' t th i nk much of i t . But I began to
wonder . . . cou l d I tel net from a shel l account
outsi de the l i brary i nter nal domai n and l og
i n usi ng an employee user name (thus gi vi ng
me access t o some admi ni strati ve functi ons) ?
Yep, s ure enough, no probl em tel neti ng r i ght
i n there and gett i ng access fr om across the
country. I wondered i f any other systems
wer e sti l l usi ng i ndi scr i mi nate tel net.
So I went to Googl e and searched for
inurl : innopac and found a vi rt ual pl ethora
of i nnopac l i brary servers. Al l the servers
that were l i sted somethi ng innopac . xxx . edu
were the most obvi ous choi ce. I tel neted i nto
some from a l l over the country. Some had
tel net di sabl ed, some had j ust regu l ar publ i c
ci rcul at i on functi ons enabl ed, but t he others,
oh yes, there were many others. They had
the same fami l i ar tel net l ogi n that I get from
my own l i brary.
The i mpl i cati ons are that any i nterl oper
on a l i brary network can set up a packet
sni ffer and get admi n passwords to the
I NNOPAC database, then tel net i n from
wherever they pl ease. I t ' s l i ke patron records
are easy candy, and remember that t hi s i s
t he most wi del y used l i brary system i n t he
wor l d. Bei ng the good whi te hat that I am
I reported my concerns t o t he I T depart
ment and got some l ackl uster response. They
j ust di dn' t seem to care. Next I posted my
concern to t he l UG mai l l i st and got many
responses. The maj or i ty of responses were
frustrated l i brary empl oyees who have been
pus hi ng t hi s i ssue for years. I t i s a matter of
utter s i mpl i ci ty to di sabl e tel net access and
i nterface wi t h I NNOPAC t hrough SSH, but
for some reason i t ' s j ust not happeni ng.
And so, as my fi nal attempt to hel p the
securi ty of l i brary patron i nformati on every
where I am wri ti ng t hi s art i cl e for 2600. I t
i s my s i ncerest hope that t hi s wi l l have a
more posi ti ve effect t han my tal ks wi th t he
I T peopl e.
http : / /ww. frstamendmentcenter . org/
"news . aspx? id= 1 5 7 0 2
http : / /w. innopacusers . org
http : / /ww. iii . com/
http : / /w. iii . com/mil l / inde" . lhtml
l
[
C Z%
[
ZHC
ne Lt !e and e
Pmer t c an e p
LCogarl
Thi s story is about me and peopl e l i ke me.
I work on a hel p desk and have been doi ng so
for many years. I am a techni cal war veteran
so to speak and there are many l i ke me. I have
seen three desks that I have worked on go to
I ndi a and I have seen good fri ends get l ai d off.
I am tappi ng out some of my observati ons and
cr i t i ci sms of the hel p desk i ndustry and how
great peopl e get ki cked around i n i t.
Li teral l y most peopl e that work on hel p
desks for some t i me fi nd that they have
become what I woul d cal l a techni cal guru.
Especi al l y if you reach that next pi nnacl e of
Ti er Two. Basi cal l y, hel p desks have di ferent
l evel s. Ti er Zero i s a non-techni cal i ni t i al cal l
taki ng person. They wi l l take the i nformati on
and have a Ti er One work on the i ssue and
contact the customer back. Ti er Zeros are
onl y used as overfl ow i n c
se the
e is an i ssue
wi th the phone system or I f al l Ti er Ones are
busy. Ti er Ones are more techni cal but they
must keep thei r cal l s wi thi n a certai n t i me
range, meani ng i f the cal l s start headi ng for
ten mi nutes, then they have been on the cal l
too l ong. Ti er Twos work j ust underneath the
devel opment staff and are abl e to work outsi de
normal real ms of techni cal support. What I
mean is that they are peopl e who have proven
that they can thi nk outsi de the box. They test
i ssues and fi nd possi bl e sol uti ons, and to some
extent even wri te code. I f the probl em i s deter
mi ned to be a code i ssue after massi ve testi ng
then the i ssue i s sent to Ti er J (the devel oper)
for a possi bl e code patch or addi t i onal fi xes
for new code rel ease of the product.
I personal l y have worked a mai nframe
Ti er Two desk for the past si x years. I moved
from New York to Charl otte, NC in 2001 and I
started worki ng for I BM as a contractor. I was
h i red by a company cal l ed Sykes vi a a phone
i ntervi ew. I had worked on two other hel p
desks previ ousl y and I had supported many
di fferent products. I was h i red for my massi ve
experi ence and I started on a Ti er One desk
here i n Charl otte. Wi thi n t hree months I was
approached and asked i f I wou l d consi der Ti er
Two because management had noti ced that I
had the ski l l s of what they cal l ed a troubl e
shooter. Basi cal l y I cou l d t hi nk outsi de of
si mpl y l ooki ng in documents to fi x i ssues, pl us
I had a pretty good phone personal i ty and the
cl i ents l i ked me. I cou l d cal m the harshest
customer down with a few cl ean j okes and
by projecti ng the confi dence that they woul d
concl ude my cal l wi t h them mi nus t he i ssue
ulumH Z
that they had cal l ed about.
When I became a Ti er Two and was bei ng
trai ned by other Ti er Twos, one of the trai ners
remarked to me that the reason they l i ked me
i s that I never asked the same questi on twi ce.
Basi cal l y I retai ned knowl edge and never
needed hel p on the same i ssue twi ce. After
my fi rst month I was known as a bug fi nder,
meani ng I woul d fi nd bugs in code and submi t
i t t o the devel opment group.
Now l et's shoot up t o today. Afer worki ng
on t hi s desk for years now, a l l the peopl e that
trai ned me have moved on to other j obs and
most of the peopl e under me I trai ned. I BM
was forced t o h i re me because some sort of
contract di spute wi th Sykes forced my company
out. I BM was cheap though. I nstead of hi ri ng
me at fu l l cost and as a fu l l empl oyee they
hi red me as a suppl emental . What t hi s means
i s they can pay me l ess than others and y
t
sti l l expl oi t my tal ents. I BM Char l otte has t
.
hl s
tri ck they pu l l . Say that a major company l i ke
a newspaper or restaurant contracts I BM for
thei r hel p desk. Normal l y that contract wou l d
say t hat I BM wi l l provi de, as an exampl e,
1 2 dedi cated hel p desk agents to t hem. But
i n real i ty those 1 2 woul d al so be support i ng
other desks eventual l y (they ki nd of s l i p them
i n) , doubl i ng and tri pl i ng thei r cal l vol ume.
Thi s saves on h i ri ng 24 more peopl e for two
other desks and I BM keeps the profits. So l et's
put t hi s i nto perspecti ve. I BM is contracted to
provi de for three compani es, 1 2 peopl e each,
for a total of Jb peopl e. I n real i ty they provi de
onl y 1 2 peopl e and save tons of money, and I
am sure i ncrease the bonuses of peopl e above
al l of us. They al so keep a few extra contrac
tors around to answer some overfl ow, and of
course i f a customer vi si ts they can dedi cate
1 2 peopl e to the customer cause wh i l e they
are on si te.
They mai nl y do t hi s wi th Ti er One desks
but recentl y they have been doi ng t hi s wi th
Ti er Twos. Ti er Twos now seem to have to
answer Ti er One and Ti er Zero cal l s from
t i me to t i me. Anythi ng for one of the worl d's
ri chest compani es to squeeze more money
out of its empl oyees. Sorry, I know I shou l d
not take corporate pol i cy personal l y, but now
I am the guy doubl i ng cal l s and I am the guy
gett i ng l ai d off to i ncrease someone's bonus.
I n a l i ttl e under two weeks I wi l l be h i tti ng t he
unempl oyment l i nes. I wi l l i f needed provi de
fol l ow-ups and updates al ong wi th further
detai l ed i nformati on about the depl et i ng army
of hel p desk agents in the Un i ted States.
l
[
0
880l8
LOOKING FOR A GRASS ROOTS TECHNI CAL SECURITY
CONFERENCE TO GO TO THIS YEAR? Si gn up today for Security
Education Conference Toronto (www.SecTor.ca). Dubbed the "Bl ack
Hat of the North, " SecTor runs two ful l days, November 20-21 . The
event features keynotes from North America's most respected and
trusted experts. Speakers are true security professionals wi th depth
of understandi ng on topi cs that matter. Many have never presented
i n Canada, and never all at one event!
CELEBRATE COMPUTER HISTORY AT THE VINTAGE
COMPUTER FESTIVAL. The mi ssion of the Vintage Computer
Festival i s to promote the preservation of "obsolete" computers by
offering peopl e a chance to experience the technol ogies, peopl e, and
stori es that embody the remarkabl e tale of the computer revol ution.
The VCF features a speaker series, a hands-on exhi bi ti on of l i ve,
worki ng vintage computers from al l eras of computer history, a
marketplace, a fi l m festival, and more! This year we celebrate 1 0
years of the VCF, so thi s event wi l l be the biggest and best ever. For
more information, vi si t http://www. vintage.org. The game i s afoot!
www.vi ntage.org/special/2007/vcfx/
THE LAST HOPE Jul y 1 8-20, 2008. The Hotel Pennsyl vani a, New
York City. Thi s i s it . . .
f0f 58I0
J!NX-HACKER CLOTHING/GEAR. Ti red of bei ng naked? JI NX.com
has 300+ Ts, sweatshirts, stickers, and hats for those rare ti mes
that you need to leave your house. We've got swag for everyone,
from the buddi ng nOObl et to the vintage geek. So take a five mi nute
break from surfing prOn and check out http://www. JI NX. com. Uber
Secret-Speci al -Mega Promo: Use "2600v24n03" and get 1 0% off
of your order.
SIZE *DOES* MATER! The Twin Towers may be gone forever but
a detailed image sti l l exists of the massive 374-foot radio tower that
was perched atop One World Trade Center. This hi gh qual ity glossy
col or poster i s avail abl e i n two sizes ( 1 6"x20" and 20"x30") and
makes a spectacular gift for engineers, scientists, radio &television
buffs, or anybody who appreciates a uni que, rarely seen view of
the World Trade Center. Visit www.wtc-poster.us for sampl es and to
order your own poster.
VENDI NG MACHI NE JACKPOTTERS, Go to
www. hackershomepage.com for EMP Devices, Lock Pi cks, Radar
Jammers & Controversial Hacki ng Manual s. 407-965-5500
MAKE YOUR SOFTWARE OR WEBSITE USER FRI ENDLY wi th
Foxee, the fri endl y and interactive cartoon bl ue fox! Not everyone
who will navigate your website or software appl i cation wi l l be an
expert hacker, and some users will need a little help! Foxee i s a
hand-ani mated Mi crosoft Agent character that wi l l accept i nput
through voice commands, text boxes, or a mouse, and interact wi th
your users through text, ani mated gestures, and even di gital speech
to hel p guide them through your software wi th ease! Foxee supports
10 spoken l anguages and 31 written languages. She can be added
to your software through C++, VB6, al l . Net l anguages, VBScri pt,
JavaScri pt, and many others! Natively compati bl e with Mi crosoft
Internet Explorer and can work with Mozi l l a Firefox when used with
a free pl ug-i n. See a free demonstration and purchasi ng information
at www.foxee.net!
I P access devices, Vol P products, parental control products, and
ethernet switches. We pri de ourselves on providing the hi ghest level
of technical expertise and customer satisfacti on. Our commitment to
you . . . No surprises! Buy with confidence! Security and Privacy i s our
busi ness! Vi si t us at http://www.OvationTechnol ogy.eom/store. htm.
PHONE HOME. Ti ny, sub-mi niature, 7/1 0 ounce, programmable!
reprogram mabie touch-tone, multi-frequency (DTMF) dialer whi ch
can store up to 1 5 touch-tone di gi ts. Uni t i s hel d agai nst the
tel ephone recei ver' s mi crophone for di al i ng. Press R HOME" to
automatically dial the stored di gits whi ch can then be heard through
the ul tra mi niature speaker. Ideal for E. T. ' s, chi l dren, Al zhei mer
vi cti ms, lost dogS/chi mps, si gnificant others, hackers, and computer
wi zards. Gi ve one to a boy/gi rl friend or to that potenti al " someone"
you meet at a pary, the supermarket, school , or the mal l ; with your
pre-programmed tel ephone number, he/she wi l l al ways be abl e to
cal l you! Al so, ideal if you don' t want to " di scl ose" your telephone
number but want someone to be abl e to cal l you l ocal l y or long
distance by telephone. Key ring/cl i p. Li mited quantity avai l abl e.
Money order only. $24. 95 + $3. 00 5tH. Mai l order to: PHONE HOME,
Ni mrod Di vi si on, 331 N. New Ballas Road, Box 41 0802, CRC,
Mi ssouri 631 41 .
REAL WORLD HACKING: Interested i n rooftops, steam tunnel s,
and the l i ke? Read the al l -new Access Al l Areas, a guidebook to the
art of urban expl orati on, from the author of I nfi l trati on zi ne. Send
$20 postpai d i n the US or Canada, or $25 overseas, to PO Box 1 3,
Station E, Toronto, ON M6H 4E1 , Canada, or order onl i ne at
www.infil tration.org.
FREEDOM DOWNTI ME ON DVD! Years i n the maki ng but we hope
it was worh the wait. A doubl e DVD set that i ncl udes the two hour
documentary, an i n-depth interview with Kevi n Mi tni ck, and nearly
three hours of extra scenes, lost footage, and mi scel l aneous stuf.
Plus capti oni ng for 20 (that's right, 20) l anguages, commentary track,
and a lot of thi ngs you' l l just have to find for yourself! The entire two
di sc set can be had by sendi ng $30 to Freedom Downti me DVD,
PO Box 752, Mi ddl e I sl and, NY 1 1 953 USA or by ordering from our
onl i ne store at http://store. 2600. com. (VHS copies of the film sti l l
avail abl e f or $1 5. )
CABLE T DESCRAMBLERS, New. Each $40 + $5. 00 shi ppi ng,
money order/cash onl y. Works on anal og or analog/digital cabl e
systems. Premi um channel s and possi bl y PPV depending on system.
Compl ete wi th 1 1 Ovac power supply. Purchaser assumes sal e
responsi bi l i ty for noti fyi ng cabl e operator of use of descrambler.
Requires a cabl e lV converter (Le., Radio Shack) to be used with the
uni t. Cabl e connects to the converter, then the descrambler, then
the output goes to lV set tuned to channel 3. CD 9621 Ol i ve, Box
28992-TS, Ol i vettet Sur, Mi ssouri 631 32. Emai l :
cabledescramblerguy@yahoo. com.
80IN8l00
RENEGADE BLACK SHEEP TECH ENTREPRENEUR i n process
of putting flesh on the bones of an encrypted voice communications
project. Do you have experience i n the deep details of VoIP/SIP
protocols, network traffic anal ysis, bi l l i ng system construction, PtoP
routi ng, and so on? Interested i n working with a top-end team to
bui l d a worl d-changi ng tool for regular folks around the world to use
i n thei r everyday l i ves? Contact me at wrinko@hushmai l . com.
TV-B-GONE. Turn off lVs i n publ i c pl aces! Ai rpors, restaurants,
N8M00
bars, anywhere there' s a lV. See why everyone at HOPE Number Six
I AM COLLECTING the direct (non-tol l -free) tel ephone numbers that
loved i t. Turni ng off TVs really i s fun. $20.00 each.
will connect directly to the airport ai rl i ne counters of the fol l owi ng
www.lVBGone.com
airlines: Ameri can, Conti nental , US Air, Southwest, Delta, Northwest,
NET DETECTIVE. Whether you' re just curi ous, trying to locate or find
and United i n major cities so that if I am ever bounced or a flight i s
out about peopl e for personal or busi ness reasons, or you' re l ooki ng
del ayed or cancel ed, I can reach someone di rectl y and personall y
for peopl e you' ve fal l en out of touch wi th, Net Detective makes it al l
wi th a non 800 number who can do somethi ng i mmediately. The
possi bl e! Net Detective i s used worldwide by private investigators
airport airline counter personnel usually know i mmediately and/or
and detectives, as wel l as everyday people who use it to find lost
can rebook, etc. without delay. Please emai l :
relatives, ol d hi gh school and army buddi es, deadbeat parents, lost
us. ai rl i nes@yahoo. com.
loves, peopl e that owe them money, and just pl ai n ol d snoopi ng
HELP! I want to set up a voice bri dge chat l i ne for hackers but need
around. Visit us today at www.netdetective. org. uk.
the software. Cal l me at (21 3) 5958360 (Ben) or
JEAH. NET supports 2600 because we read too! JEAH. NET
www. UndergroundCl assifieds. com.
s
s
.t`s
c
f
O
.
t
i
b
-
S
a-sk web
50f9l008
hosti ng, 1 00% private and secure domain registration sol uti ons and
HAVE A PROBLEM WITH THE LAW? DOES YOUR LAWYER NOT
aggressivemerchant sol uti ons! 2600 readers' setup fees are waived
UNDERSTAND YOU? Have you been charged wi th a computer
at JEAH. NET.
related cri me? Is someone threateni ng to sue you for somethi ng
NETWORKI NG AND SECURITY PRODUCTS avail abl e at
technol ogy related? Do you j ust need a lawyer that understand IT
OvationTechnol ogy. com. We' re a suppl i er of Network Security and
and the hacker cul ture? I 've publ ished and presented at HOPE and
Internet Privacy products. Our online store features VPN and firewall
Defeon on the law facing technology professionals and hackers al i ke.
hardware, wi rel ess hardware, cabl e and DSL modems/routers,
I'm both a lawyer and an IT professi onal . Admitted to practice law
l
[
0 Z
Z%
[
ZH0
in Pennsylvani a and New Jersey. Free consul tation to 2600 readers.
http://muentzlaw.com al ex@muentzl aw. com (21 5) 806-4383
PIMP YOUR WI RELESS ROUTER! hl1p:llpacketprotector.org. Add
VPN, IPS, and web AV capabi l ities to your wireless router wi th free,
open-source firmware from PacketProtector.org
HACKER TOOLS TREASURE BOX! You get over 650 l i nks to
key resources, plus our proven tricks for rooting out the hard-to
fi nd tool s, instantly! Use to build your own customized hacker
(AHEM, network security) tool ki t. http://FortressDataProtection.
com/securitybook
ADVANCED TECHNICAL SOLUTIONS. #422 - 1 755 Robson Street.
Vancouver, B.C. Canada V6G 3B7. Ph: (604) 928-0555. Electronic
countermeasures - fi nd out who i s secretly videotaping you or
buggi ng your car or office. "State of the Art" detection equi pment
uti l i zed.
I NCARCERATED 2600 MEMBER NEEDS COMMUNITY HELP
to bui l d content i n free classified ad and "l ocal busi ness directory"
i n 50 countries. John Lambros, the founder of Boycott Brazi l , has
launched a FREE classified ad, want ad, and local business directory
i n 50 global markets. The mission i s si mpl e: "free help to bi l l i ons of
people l ocating jobs, housi ng, goods and services, social activities,
a gi rlfriend or boyfriend, community information, and just about
anythi ng el se i n over one mi l lti on neighborhoods throughout the
world al l for FREE. HELP ME OUT! SPREAD THE WORD! Please
vi si t www.NoPayClassifieds.com and add some content. I t will take
al l of five or ten mi nutes. Links to "No Pay Cl assifieds" are also
greatly appreciated.
SUSPECTED OR ACCUSED OF A CYBERCRI ME I N ANY
CALIFORNI A OR FEDERAL COURT? Consul t wi th a semantic
warrior committed to the liberation of information. I am an aggressive
cri mi nal defense lawyer speci al i zi ng i n the fol l owi ng types of cases:
cri mi nal copyright i nfri ngement, unauthorized computer access, theft
of trade secrets, identity theft, and trademark i nfri ngement. Contact
Omar Figueroa, Esq. at (41 5) 986-5591 , at omar@stanfordal umni .
org, or at 506 Broadway, San Francisco, CA 941 33-4507. Graduate
of Yale College and Stanford Law School , and Gerry Spence's Trial
Lawyers Col l ege. Compl i mentary case consultation for 2600 readers.
Al l consultations are strictly confidential and protected by the
attorney-client pri vi l ege.
INTELLIGENT HACKERS UNI X SHELL. Reverse. Net i s owned
and operated by i ntel l igent hackers. We believe every user has the
right to onl i ne securi ty and privacy. I n today' s hosti l e anti -hacker
atmosphere, i ntel l igent hackers requi re the need for a secure pl ace
to work, compil e, and explore wi thout big-brother l ooki ng over
their shoulder. Hosted at Chi cago Equi ni x with Juni per Filtered
DoS Protection. Mul ti pl e FreeBSO servers at P4 2.4 ghz. Affordable
pri ci ng from $5/month wi th a money back guarantee. Lifetime 26%
di scount for 2600 readers. Coupon code: Save2600. http://www.
reverse. net
ANTI-CENSORSHI P L1NUX HOSTI NG. Kaleton Internet provides
afordable web hosti ng, email accounts, and domain registrations
based on dual processor P4 2.4 GHz Linux servers. Our hosti ng
pl ans start from onl y $8. 95 per month. Thi s i ncl udes support for
Python, Perl , PHp MySQL, and more. You can now choose between
the USA, Singapore, and other offshore locations to avoid censorshi p
and guarantee free speech. We respect your privacy. Payment can
be by E-Gol d, PayPal , credit card, bank transfer, or Western Uni on.
See www.kaleton.com for detai l s.
ARE YOU TI RED of receiving pi les of credit card offers and other
postal spam? You can' t just throw them i n the trash or recycle them
as someone coul d get a hol d of them and use them to steal your
i denti ty. You can' t just let them pi l e up on your ki tchen tabl e. So
instead you have to be bothered wi th shreddi ng and di sposi ng of
them. Wel l , not anymore. Operati onMai l Back. com has a free sol uti on
for you. Al l costs of disposal i ncl udi ng delivery wi l l be paid by the
company responsi bl e for sendi ng the stuff to you. Stop wasting
your valuable time dealing with messes other people are responsi bl e
for creati ng. Check out our newl y redesigned website for compl ete
information and take back your mai l box.
BEEN ARRESTED FOR A COMPUTER OR TECHNOLOGY
RELATED CRI ME? Have an i dea, i nventi on, or busi ness you want to
buy, sel l , protect, or market? Wish your attorney actual l y understood
you when you speak? The Law Office of Mi chael B. Green, Esq.
i s the solution to your 2 1 st century legal probl ems. Former SysOp
and member of many private BBS's si nce 1 981 now available to
directly represent you or bridge the communications gap and assist
your current legal counsel . Extremely detailed knowl edge regarding
cri mi nal and civil l i abi l ity for computer and technol ogy related actions
( 1 8 U. S. C. 1 028, 1 029, 1 030, 1 031 , 1 341 , 1 342, 1 343, 251 1 , 251 2,
ECPA, OMCA, 1 996 Telecom Act, etc. ) , domai n name di sputes,
i ntel l ectual property matters such as copyrights, trademarks,
licenses, and acquisitions as wel l as general busi ness and corporate
law. Over eleven years experience as i n-house legal counsel to a
computer consul ti ng busi ness as wel l as an over 20 year background
i n computer, telecommuni cati ons, and technol ogy matters. Publ ished
law review articles, contributed to nationall y publ ished books, and
submitted briefs to the United States Supreme Court on Internet and
technology related issues. Admitted to the U. S. Supreme Court, 2nd
Ci rcui t Court of Appeals, and al l New York State courts and fami l i ar
wi th other j urisdictions as wel l . Many attorneys wi l l take your case
without any considerati on of our cul ture and wi l l see you merely as
a source of fees or worse, wi th i l l -conceived prejudices. My office
understands our culture, i s sympathetic to your situation, and wi l l
treat you wi th the respect and understandi ng you deserve. No fee
for the i niti al and confi denti al consultation and, if for any reason we
cannot hel p you, we wi l l even try to fi nd someone else who can at no
charge. So you have nothi ng to lose and perhaps everythi ng to gai n
by contacting us fi rst. Vi si t us at: http://www. computorney.com or
cal l 51 6-9WE-HELP (51 6-993-4357).
00000l8
OFF 7HE HOOK i s the weekl y one hour hacker radio show
presented Wednesday ni ghts at 7: 00 pm ET on WBAI 99. 5 FM i n
New York City. You can al so tune i n over the net at www.2600.
com/offthehook or on shortwave i n North and South Ameri ca at
741 5 khz. Archives of al l shows dating back to 1 988 can be found
at the 2600 site i n mp3 format! Shows from 1 988-2006 are now
avail abl e i n DVD-R high fidelity audi o for onl y $1 0 a year or $1 50 for
a lifetime subscri pti on. Send check or money order to 2600, PO Box
752, Mi ddl e I sl and, NY 1 1 953 USA or order through our onl i ne store
at http://store. 2600. com. Your feedback on the program i s always
welcome at oth@2600. com.
INFOSEC NEWS i s a privately run, medi um traffic l i st that caters to
the di stri buti on of information security news articles. These articles
come from such sources as newspapers, magazi nes, and onl i ne
resources. For more information, check out:
http://www.infosecnews.org.
CHRISTIAN HACKERS' ASSOCIATION: Check out the web page
http://www. christianhacker.org for details. We exist to promote a
communi ty for Chri stian hackers to di scuss and i mpact the realm
where faith and technology intersect for the purpose of seeing l i ves
changed by God' s grace through faith i n Jesus.
PHONE PHUN. http://phonephun. us. Bl og devoted to interesting
phone numbers. Share your finds!
F0f808I8
I N SEARCH OF CONTACTS, pen pal s, and friends worldwide.
Incarcerated SWM, bl ond hair, gray eyes, 6', 1 80 I bs, will reply to al l .
Interested and experi enced i n hacki ng, privacy, off-shire banki ngl
trusts, counterintel l i gence and electronic warfare, or anythi ng you
want to talk about. Send cards, letters, and photos - will respond to
al l . D. Coryel l , T681 27/D3-247, PO Box 8504, Coal i nga, CA 932 1 0.
OFFLI NE OUTLAW IN TEXAS needs some hel p i n devel opi ng
programmi ng ski l l s. Interested i n Perl and Javascri pt. Al so pri vacy i n
al l areas. Library here i s inadequate. Feel free to drop those Bi l l Me
Later cards, add me to the mai l i ng l i sts, etc . . Thanks to al l those who
have hel ped me so much al ready, you know who you are. Wi l l i am
Li ndley 822934, CT Terrel l , 1 300 FM 655, Rosharon, TX 77583-8604
PRISONER SEEKS FRIENDS to hel p with book review lookups
on Amazon by keywords. Com Sci major, thirsty to catch up to the
real world before my reentry. I have my own funds to buy books. I
only need reviews. I ' m MUO/MMORPG savy i n C++, Java, Python,
PHp MySQL. DirectX. Ken Roberts J60962. 450- 1 -28M. PO Box 9,
Avenal, CA 93204.
WHEN THE BULLET HITS THE BONE. Bored and l onel y phone
nerd. Got some ti me left i n our nation's wonderful corrections
system. Looki ng for pen pal s to hel p pass the time. Interests i ncl ude
(not l i mited to) telecom, computers, pol i ti cs, musi c (punk rock,
i ndustrial, etc. ) , tats, urban exploration. 23, white mal e, 6' 1 ", 1 90 I bs,
bl ack hai r, green eyes, a few tats. Wi l l respond to al l . Mi chael Kerr
09496-029, FCI Big Spri ng, 1 900 Si mlar Ave. , Bi g Spri ng. T 79720.
LOOKI NG FOR PEOPLE to teach me programmi ng related ski l l s. I
have not been abl e to learn very much on my own so if any of you
would l i ke to pass on your knowledge to a future hacker please
contact me. I l i ve i n hi ck-vi l l e, so I do not currentl y have the Internet
but will get reconnected i n approximately 2-3 months. Please write to
me: Cerberus at 24 Ray St. , Keene, T 76059. Any knowl edge at all
wi l l be greatly appreciated.
SEEKING NON-STAGNANT MI NDS for mutual i I I uminationl
exchange of thoughts and i deas. Three years left on my sentence
and even wi th al l my coachi ng the walls sti l l can' t carry a decent
conversation. Interests include crptography, security, conspiracy
theories, marial arts, and anythi ng computer related. Al l letters
replied to. Max Rider, SBI #00383681 D. C. C . 1 1 81 Paddock Rd. ,
Smyrna, DE 1 9977.
090dl80lZ00|
ONLY SUBSCRIBERS CAN ADVERTISE I N 2! Don' t even thi nk
about tryi ng to tEake out an ad unl ess you subscri be! Al l ads are free
and there i s no amount of money we will accept for a non-subscri ber
ad. We hope that' s cl ear. Of course, we reserve the ri ght to pass
judgment on your ad and not print it if it's amazi ngl y stupi d or has
nothing at al l to do with the hacker world. We make no guarantee as
to the honesty, righteousness, sanity, etc. of the people adverti sing
here. Contact them at your peri l . Al l submi ssi ons are for ONE
ISSUE ONLY! I f you want to run your ad more than once you must
resubmit it each ti me. Don' t expect us to run more than one ad for
you i n a si ngl e i ssue ei ther. Incl ude your address labeVenvel ope or a
photocopy so we know you' re a subscri ber. Send your ad to: 2600
Marketplace, PO Box 99, Mi ddl e I sl and, NY 1 1 953.
Deadline for Winter issue: 1 211/07.
ulumH Zl[
0 J
Z%
[
ZH0
"!OQ//C QOOO OOQ3y/O//OO//OC /O QuO0C
33//5 /5 /O O/u/OOyv//OO. ~ || dIO
STAFF
b0 O|- R- D
Emmanuel Gol dstei n
LBOU BR0 S @R
ShapeShi ft er
OV|
Dabu Ch' wal d
L C NBRB@|
Tampr uf
W| |S. Ber ni e S , Bi l l sf, Bl and
Inqui si tor, Eri c Corl ey, Dragorn, John
Drake, Paul Estev. Mr. French. Javaman,
Joe630, Ki ngpi n. Lucky225, Kevi n
Mi t ni ck, The Prophet . Redbi rd, Davi d
Ruderman, Screamer Chaoti x, Sephai l ,
Seraf, Si l ent Swi tchman, StankDawg, Mr.
Upsetter
Webmasters: Jui ntz, Kerry
Network Operat i ons: css
Qual i ty Degradati on: ml c
Broadcast Coordi nators:
J ui ntz. thai
2 (ISSN 0749-3851, USPS 003- 1 76);
Autumn Z/, Volume Z4 Issue o, is
publshed quarery by 2600 Enterprises Inc. ,
Z Flowerield, St. James, /Y /o.
Periodical postage rates paid at
St. James, /Yand additional mailing
ofices.
POSTMASTER:
Send address changes to: 2600
|L. Box 752 Mi ddl e I sl and,
NY 1 1 953-0752.
SUBSCRI PTION CORRESPONDENCE:
ZO Subscri pti on Dept. , |L. Box 752,
Mi ddl e I sl and, NY 1 1 953-0752 USA
(subs@2600. com)
IRC Admi ns: achmet, beave, carton,
dukat , enno, faul , koz, man gal a, mcfl y,
rOd3nt, rdnzl , shardy, sj . smash, xi
Inspi rat i onal Musi c: The Smi t hs,
Leon Redbone, The Pol yphoni c Spree,
Jacob Mi l l er
Shout Outs: Lur i d, Vi rgi l , Mescal i to,
Sham, Zap, tOm, gorph, Russel l , London
2600, t he peopl e of the
Chaos Camp, t he Ital i an embassy,
"Hopscotch"
RIP: Joybubbl es
Hel l o: Deetl e
YEARLY SUBSCRI PTIONS:
U. S. and Canada - $20 i ndi vi dual , $50
corporate (U. S. Funds)
Overeas - $30 i ndi vi dual , $65 corporate
Back i ssues avai l abl e for 1 984-2006 at
$20 per year, $26 per year overseas
I ndi vi dual i ssues avai l abl e from 1 988 on
at $5. 00 each, $6. 50 each overseas
LETTERS AND ARTICLE
SUBMISSIONS:
ZOEdi tori al Dept. , |L. Box 99, Mi ddl e
I sl and, NY 1 1 953-0099 USA
(letters@2600. com, arti cles@2600. com)
2Ofice Line: +1 631 751 2600
2 Fax Line: +1 631 474 2677
Copyri ght (c) 2007; 2600 Enterprises I nc.
ulumH Z
l[
0
ARGENTINA
Buenos Aires: I n the bar at San
Jose 05.
AUSTRAUA
Melbourne: Caffeine at ReVault
Bar, 16 Swanston Walk, near
Mel bourne Central Shpping
Centre 6:30 pm.
Sydney: The Crystal Pal ace, front
bar/bistro, opposite the bus station
area on George St. at Central
Station. 6 pm.
AUSTRIA
Graz: Cafe Haltestelle on
Jakomi ni platz.
BRAZIL
Belo Horizonte: Pelego' s Bar at
Assufeng, near the payphone.
6 pm.
CANADA
Alberta
Calgary: Eau Claire Market food
court by the bland yellow wal l .
6 pm.
British Columbia
Vancouver: The Steamworks,
375 Water SI.
Victoria: LV Bakery and Cafe,
1 701 Government 8t.
Manitoba
Wi nni peg: St. Vital Shoppi ng
Centre, food court by HMV.
New Brunswick
Moncton: Champlai n Mal l food
court, near KFC. 7 pm.
Ontario
Barrie: Wi l l i am' s Coffee Pub, 505
Bryne Drive. 7 pm.
Guel ph: Wi l l i am' s Coffee Pub,
492 Edi nbourgh Road South.
7 pm.
Ottawa: World Exchange Pl aza,
1 1 1 Al bert SI. , second floor.
6:30 pm.
Toronto: Col l ege Park Food
Court, across from the Taco 8el l .
Waterloo: Wi l l i am' s Coffee Pub,
1 70 University Ave. West. 7 pm.
Windsor: University of Windsor,
CAW Student Center commons
area by the large window. 7 pm.
Quebec
Montreal: Bell Amphitheatre,
1 000, rue de l a Gaucheti ere.
CHINA
Hong Kong: Paci fi c Coffee i n
Festi val Walk, Kowl oon Tong.
7 pm.
CZECH REPUBLIC
Prague: Legenda pub. 6 pm.
DENMARK
Aalborg: Fast Eddi e' s pool hal l .
Aarhus: I n the far corner of the
DSB cafe i n the railway station.
Copenhagen: Cafe Bl asen.
Sonderborg: Cafe Oruen. 7: 30
pm.
EGYPT
Port Sai d: At the foot of the
Obel i sk ( EI Mi ssal l ah) .
ENGLAND
Brighton: At the phone boxes
by the Seal ife Centre (across the
road from the Palace Pi er). 7 pm.
Payphone: (01 273) 606674.
Exeter: At the payphones,
Bedford Square. 7 pm.
London: Trocadero Shopping
Center (near Piccadi l l y Circus) ,
lowest l evel . 6: 30 pm.
Manchester: Bul l s Head Pub on
London Rd. 7 : 30 pm.
Norwich: Borders entrance to
Chapelfield Mal l . 6 pm.
Readi ng: Afro Bar, Merchants
Pl ace, off Fri ar St. 6 pm.
FI NLAND
Hel si nki : Fenniakortteli food court
(Vuorikatu 1 4) .
FRANCE
Grenoble: Eve, campus of St.
Martin d' Heres. 6 pm.
Paris: Pl ace de l a Republ i que,
near the (empty) fountai n. 6: 30
pm.
Rennes: I n front of the store "Bl ue
Box" cl ose to Pl ace de l a Repub
l i que. 8 pm.
GREECE
Athens: Outside the bookstore
Papaswtiriou O the corner of
Patision and Stournari . 7 pm.
IRELAND
Dubli n: At the phone booths
on Wicklow 8t. beside Tower
Records. 7 pm.
ITALY
Mi l an: Piazza Loreto in front of
McDonal ds.
JAPAN
Tokyo: Li nux Cafe i n Aki habara
di stri ct. 6 pm.
NEW ZEALAND
Auckl and: London Bar, upstairs,
Wellesley SI., Auckland Central .
5:30 pm.
Christchurch: Java Cafe, corner
of Hi gh 8t. and Manchester St.
6 pm.
Wel l i ngton: Load Cafe i n Cuba
Mal l . 6 pm.
NORWAY
Oslo: Osl o Sentral Train Station.
7 pm.
Tromsoe: The upper floor at Bl aa
Rock Cafe, Strandgata 1 4. 6 pm.
Trondhel m: Ri ck' s Cafe i n
Nordregate. 6 pm.
PERU
Li ma: Barbi l oni a (ex Apu Bar) , en
Alcanfores 455, Miraflores, at the
end of Tarata St. 8 pm.
SCOTLAND
Glasgow: Central Station,
payphones next to Platform 1 .
7 pm.
SOUTH AFRICA
Johannesburg (Sandton City) :
Sandton food court. 6:30 pm.
SWEDEN
Gothenburg: 2nd fl oor i n Burger
Ki ng at Avenyn. 6 pm.
Stockhol m: Outside Lava.
SWITZERLAND
Lausanne: I n front of the MacDo
beside the train station.
UNITED STATES
Alabama
Auburn: The student lounge
upstairs i n the Fay Union Bui l di ng.
7 pm.
Huntsvi l l e: Stanl ieo's Sub Vi l l a on
Jordan Lane.
Tuscaloosa: McFarl and Mal l food
court near the front entrance.
Arizona
Tucson: Borders i n the Park
Mall. 7 pm.
California
Irvine: Panera Bread, 3988
Barranca Parkway. 7 pm.
Los Angeles: Union Station,
corner of Macy &Alameda. I nside
mai n entrance by bank of phones.
Payphones: (21 3) 972-951 9,
9520; 625-9923, 9924; 61 3-9704,
9746.
Monterey: London Bridge Pub,
Wharf #2.
Sacramento: Round Table Pizza
at 1 27 K SI.
San Di ego: Regents Pi zza, 41 50
Regents Park Row #1 70.
San Francisco: 4 Embarcadero
Pl aza (i nsi de). 5:30 pm.
San Jose: Outside the cafe at the
MLK Li brary at 4th and E. San
Fernando. 6 pm.
Colorado
Boulder: Wi ng Zone food court,
1 3th and Col l ege. 6 pm.
Denver: Borders Cafe, Parker and
Arapahoe.
District of Columbia
Arlington: Pentagon City Mal l by
the phone booths next to Panda
Express. 6 pm.
Florida
Ft. Lauderdale: Broward Mal l i n
the food court. 6 pm.
Gai nesvi l l e: I n the back of the
University of Florida's Reitz Uni on
food court. 6 pm.
Melbourne: House of Joe Coffee
House, 1 220 W New Haven Ave.
6 pm.
Orlando: Fashion Square Mat i
Food Court between Hovan
Gourmet and Manchu WO|. 6 .
Tampa: University Mal l i n the
back of the food court on the 2nd
floor. 6 pm.
Georgia
Atlanta: Lenox Mall food court.
7 pm.
Idaho
Boise: BSU Student Union
Bui l di ng, upstai rs from the mai n
entrance. Payphones: (208) 342-
9700, 9701 .
Pocatell o: College Market, 604
South 8th SI.
I l l i nois
Chicago: Nei ghborhood Boys and
Gi rl s ClUb, 2501 W. I rvi ng Park
Rd. 7 pm.
I ndi ana
Evansvi l l e: Barnes and Noble
cafe at 624 S Green River Rd.
Ft. Wayne: Gl enbrook Mal i lood
court in front of Sbarro's. 6 pm.
Indianapolis: Au Bon Pai n, 901
I ndi ana Ave.
South Bend (Mishawaka):
Barnes and Noble cafe, 4601
Grape Rd.
Iowa
Ames: Memorial Union Bui l di ng
food court at the I owa State
University.
Kansas
Kansas City (Overland Park):
Oak Park Mall food court.
Wichita: Riversi de Perk, 1 1 44
Bitting Ave.
Louisiana
Baton Rouge: I n the LSU Uni on
Bui l di ng, between the Tiger Pause
& McDonal d' s. 6 pm.
New Orleans: Z'otz Coffee House
uptown at 821 0 Oak Streel. 6 pm.
Mai ne
Portl and: Mai ne Mal l by the
bench at the food court door.
Maryland
Baltimore: Barnes & Noble cafe
at the I nner Harbor.
Massachusetts
Boston: Prudenti al Center Pl aza,
terrace food court at the tabl es
near the windows. 6 pm.
Marlborough: Solomon Park Mal l
food court.
Northampton: Downstairs of
Haymarket Cale. 6:30 pm.
Michi gan
Ann Arbor: Starbucks i n The
Galleria on South University.
Mi nnesota
Bloomington: Mall of Ameri ca,
north si de food court, across
from Burger King & the bank
at payphones that don't take
incoming cal l s.
Missouri
Kansas Ci ty (Independence):
Barnes & Nobl e, 1 91 20 East
39th SI.
St. Loui s: Gal l eri a Food Court.
Springfield: Borders Books and
Musi c coffeeshop, 3300 South
Gl enstone Ave. , one block south
of Battlefield Mal l . 5:30 pm.
Nebraska
Omaha: Crossroads Mall Food
Court. 7 pm.
Nevada
Las Vegas: McMul l an' s Pub, 4650
W. Tropicana Ave. (across the
street from The Orl eans Casi no).
7 pm.
New Mexico
Albuquerque: Universi ty of New
Mexico Student Union Bui l di ng
(pl aza "l ower" l evel l ounge), mai n
campus. Payphones: 505843
9033, 505-843-9034. 5:30 pm.
New York
New York: Citigroup Center, i n the
lobby, near the payphones, 1 53
E 53rd St. , between Lexington
& 3rd.
Rochester: Panera Bread, 2373
West Ridge Rd. 7:30 pm.
North Carolina
Charlotte: South Mall food
court. 7pm.
Raleigh; Royal Bean coffee
shop on Hi l l sboro Street (next to
the Playmakers Sports Bar and
acroSs from Meredith Col l ege).
Wi l mi ngton: The Connection
lnternet Cafe, 2501 Raci ne Drive,
Raci ne Commons Shopping
Center.
North Dakota
Fargo: West Acres Mall food court
by the Taco John' s.
Ohi o
Ci nci nnati : The Brew House,
1 047 East McMi l l an. 7 pm.
Cleveland: University Ci rcl e
Arabi ca, 1 1 300 Juni per Rd.
Upstai rs, turn ri ght, second room
on left.
Col umbus: Convention center on
street level around the corner from
the food court.
Dayton: TGI Friday's off 725 by
the Dayton Mal l .
Oklahoma
Oklahoma City: Cafe Bel l a,
southeast corner of SW 89th St.
and Penn.
Tulsa: Promenade Mal l food
court.
Oregon
Portland: Backspace Cafe, 1 1 5
NW 5th Ave. 6 pm.
Pennsylvania
Allentown: Panera Bread, 31 00
West Til ghman SI. 6 pm.
Philadelphia: 30th SI. Station,
southeast food court near mi ni
post office.
South Carol i na
Charleston: Northwoods Mal l
i n the hal l between Sears and
Chi k-Fi l -A.
South Dakota
Sioux Falls: Empi re Mal l , by
Burger Ki ng.
Tennessee
Knoxvi l l e: Borders Books Cafe
across from Westown Mal l .
Memphis: Atlanta Bread Co. ,
4770 Popl ar Ave. 6 pm.
Nashvi lle: Vanderbilt University
Hill Center, Room 1 5 1 , 1 231 1 8th
Avenue South. 6 pm.
Texas
Austi n: Spi der House Cafe, 2908
Fruth St. , front room. 7 pm.
Houston: Ni nta' s Express i n front
of Nordstrom's i n the Gal l eri a Mal l .
San Antoni O: North Star Mal l
food court. 6 pm.
Utah
Salt Lake City: ZCMI Mall i n The
Park Food Court.
Vermont
Burlington: Borders Books at
Church SI. and Cherry SI. on the
second fl oor of the cafe.
Virgi ni a
Arli ngton: (see District of
Col umbi a)
Virginia Beach: Lynnhaven Mal l
on Lynnhaven Parkway. 6 pm.
Washington
Seatlle: Washington State
Convention Center. 2nd l evel ,
south si de. 6 pm.
Wisconsin
Madison: Union South (227 N.
Randal l Ave. ) on the lower level i n
the Marti n Luther Ki ng Jr. Lounge.
Payphone: (608) 251 -9909.
All meetings take place on the
first Frday of the month. Unless
otherise noted, they start at
pm local time. To star a meeting
in your city send email to
meetings@2600.com.
l[
0 Z %
[
ZH0