[63 29 20 31 39 39 39 20 63 72 75 63 69 70 68 75 78 20 68 77 61 ] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= ========================================================================== = <=-[ HWA.hax0r.news ]-=> = ========================================================================== [=HWA'99/2000=] Number 45 Volume 1 1999 Dec 5th 99 ========================================================================== [ 61:20:6B:69:64:20:63:6F:75: ] [ 6C:64:20:62:72:65:61:6B:20:74:68:69:73: ] [ 20:22:65:6E:63:72:79:70:74:69:6F:6E:22:! ] ========================================================================== "This newsletter/ezine has been Declassified for the phearing impaired" ____ / ___|_____ _____ _ __ __ _ __ _ ___ | | / _ \ \ / / _ \ '__/ _` |/ _` |/ _ \ | |__| (_) \ V / __/ | | (_| | (_| | __/ \____\___/ \_/ \___|_| \__,_|\__, |\___| |___/ This is #45 covering Nov 28th to Dec 5th. ========================================================================== "ABUSUS NON TOLLIT USUM" ========================================================================== Mailing list members: 447 Can we bump this up somewhat? spread the word! ========================================================================== Today the spotlight may be on you, some interesting machines that have accessed these archives recently... _ _ _ | | | | ___ | |_ | |_| |/ _ \| __| | _ | (_) | |_ |_| |_|\___/ \__| _ _ _ _ | | | (_) | | |__| |_| |_ ___ | __ | | __/ __| | | | | | |_\__ \ |_| |_|_|\__|___/ .gov and .mil activity proxy.gintic.gov.sg doegate.doe.gov sunspot.gsfc.nasa.gov gate1.mcbh.usmc.mil homer.nawcad.navy.mil maggie.nawcad.navy.mil lisa.nawcad.navy.mil msproxy.transcom.mil b-kahuna.hickam.af.mil sc034ws109.nosc.mil infosec.se gate2.mcbutler.usmc.mil sc034ws109.nosc.mil shq-ot-1178.nosc.mil dhcp-036190.scott.af.mil mcreed.lan.teale.ca.gov dodo.nist.gov mc1926.mcclellan.af.mil kwai11.nsf.gov enduser.faa.gov vasfw02,fdic.gov lisa.defcen.gov.au ps1.pbgc.gov guardian.gov.sg amccss229116.scott.af.mil sc022ws224.nosc.mil sheppard2.hurlburt.af.mil marshall.us-state.gov digger1.defence.gov.au firewall.mendoza.gov.ar ipaccess.gov.ru gatekeeper.itsec-debis.de fgoscs.itsec-debis.de fhu-ed4ccdf.fhu.disa.mil citspr.tyndall.af.mil kelsatx2.kelly.af.mil kane.sheppard.af.mil relay5.nima.mil host.198-76-34-33.gsa.gov ntsrvr.vsw.navy.mil saic2.nosc.mil wygate.wy.blm.gov mrwilson.lanl.gov p722ar.npt.nuwc.navy.mil ws088228.ramstein.af.mil car-gw.defence.gov.au unknown-c-23-147.latimes.com nytgate1.nytimes.com There are some interesting machines among these, the *.nosc.mil boxes are from SPAWAR information warfare centres, good Is It Worth It Followup to see our boys keeping up with the news... - Ed =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= _ ___ ___ _ ___ | | | \ \ / / \ | |__ __ ___ __/ _ \ _ __ _ __ _____ _____ | |_| |\ \ /\ / / _ \ | '_ \ / _` \ \/ / | | | '__| '_ \ / _ \ \ /\ / / __| | _ | \ V V / ___ \ _| | | | (_| |> <| |_| | |_ | | | | __/\ V V /\__ \ |_| |_| \_/\_/_/ \_(_)_| |_|\__,_/_/\_\\___/|_(_)|_| |_|\___| \_/\_/ |___/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= http://welcome.to/HWA.hax0r.news/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= @#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@ # # @ The HWA website is sponsored by CUBESOFT communications I highly @ # recommend you consider these people for your web hosting needs, # @ @ # Web site sponsored by CUBESOFT networks http://www.csoft.net # @ check them out for great fast web hosting! @ # # # http://www.csoft.net/~hwa @ @ # @#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= _ _ _ _ _____ _ _ _ | | | | __ _ ___| | _____ _ __( )__| ____| |_| |__ (_) ___ | |_| |/ _` |/ __| |/ / _ \ '__|/ __| _| | __| '_ \| |/ __| | _ | (_| | (__| < __/ | \__ \ |___| |_| | | | | (__ |_| |_|\__,_|\___|_|\_\___|_| |___/_____|\__|_| |_|_|\___| Sadly, due to the traditional ignorance and sensationalizing of the mass media, the once-noble term hacker has become a perjorative. Among true computer people, being called a hacker is a compliment. One of the traits of the true hacker is a profoundly antibureaucratic and democratic spirit. That spirit is best exemplified by the Hacker's Ethic. This ethic was best formulated by Steven Levy in his 1984 book Hackers: Heroes of the Computer Revolution. Its tenets are as follows: 1 - Access to computers should be unlimited and total. 2 - All information should be free. 3 - Mistrust authority - promote decentralization. 4 - Hackers should be judged by their hacking not bogus criteria such as degrees, age, race, or position. 5 - You create art and beauty on a computer, 6 - Computers can change your life for the better. The Internet as a whole reflects this ethic. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= _____ _ _ _ | ___|__ _ __ _ __ ___ __ _| |_| |_(_)_ __ __ _ | |_ / _ \| '__| '_ ` _ \ / _` | __| __| | '_ \ / _` | | _| (_) | | | | | | | | (_| | |_| |_| | | | | (_| | |_| \___/|_| |_| |_| |_|\__,_|\__|\__|_|_| |_|\__, | |___/ A Comment on FORMATTING: Oct'99 - Started 80 column mode format, code is still left untouched since formatting will destroy syntax. I received an email recently about the formatting of this newsletter, suggesting that it be formatted to 75 columns in the past I've endevoured to format all text to 80 cols except for articles and site statements and urls which are posted verbatim, I've decided to continue with this method unless more people complain, the zine is best viewed in 1024x768 mode with UEDIT.... - Ed BTW if anyone can suggest a better editor than UEDIT for this thing send me some email i'm finding it lacking in certain areas. Must be able to produce standard ascii. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= __ __ _ | \/ (_)_ __ _ __ ___ _ __ ___ | |\/| | | '__| '__/ _ \| '__/ __| | | | | | | | | | (_) | | \__ \ |_| |_|_|_| |_| \___/|_| |___/ New mirror sites *** http://viper.dmrt.com/files/=E-Zines/HWA.hax0r.news/ *** http://datatwirl.intranova.net * NEW * http://the.wiretapped.net/security/textfiles/hWa.hax0r.news/ http://net-security.org/hwahaxornews http://www.sysbreakers.com/hwa http://www.attrition.org/hosted/hwa/ http://www.ducktank.net/hwa/issues.html. http://hwazine.cjb.net/ http://www.hackunlimited.com/files/secu/papers/hwa/ http://www.attrition.org/~modify/texts/zines/HWA/ * http://hwa.hax0r.news.8m.com/ * http://www.fortunecity.com/skyscraper/feature/103/ * Crappy free sites but they offer 20M & I need the space... ** Some issues are not located on these sites since they exceed the file size limitations imposed by the sites :-( please only use these if no other recourse is available. *** Most likely to be up to date other than the main site. HWA.hax0r.news is sponsored by Cubesoft communications www.csoft.net thanks to airportman for the Cubesoft bandwidth. Also shouts out to all our mirror sites! and p0lix for the (now expired) digitalgeeks archive tnx guys. http://www.csoft.net/~hwa HWA.hax0r.news Mirror Sites: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://the.wiretapped.net/security/textfiles/hWa.hax0r.news/ http://www.attrition.org/hosted/hwa/ http://www.attrition.org/~modify/texts/zines/HWA/ http://www.ducktank.net/hwa/issues.html. ** NEW ** http://www.alldas.de/hwaidx1.htm ** NEW ** CHECK THIS ONE OUT ** http://www.csoft.net/~hwa/ http://www.digitalgeeks.com/hwa. *DOWN* http://members.tripod.com/~hwa_2k http://welcome.to/HWA.hax0r.news/ http://www.attrition.org/~modify/texts/zines/HWA/ http://www.projectgamma.com/archives/zines/hwa/ http://www.403-security.org/Htmls/hwa.hax0r.news.htm =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-= ____ _ / ___| _ _ _ __ ___ _ __ ___(_)___ \___ \| | | | '_ \ / _ \| '_ \/ __| / __| ___) | |_| | | | | (_) | |_) \__ \ \__ \ |____/ \__, |_| |_|\___/| .__/|___/_|___/ |___/ |_| SYNOPSIS (READ THIS) -------------------- The purpose of this newsletter is to 'digest' current events of interest that affect the online underground and netizens in general. This includes coverage of general security issues, hacks, exploits, underground news and anything else I think is worthy of a look see. (remember i'm doing this for me, not you, the fact some people happen to get a kick/use out of it is of secondary importance). This list is NOT meant as a replacement for, nor to compete with, the likes of publications such as CuD or PHRACK or with news sites such as AntiOnline, the Hacker News Network (HNN) or mailing lists such as BUGTRAQ or ISN nor could any other 'digest' of this type do so. It *is* intended however, to compliment such material and provide a reference to those who follow the culture by keeping tabs on as many sources as possible and providing links to further info, its a labour of love and will be continued for as long as I feel like it, i'm not motivated by dollars or the illusion of fame, did you ever notice how the most famous/infamous hackers are the ones that get caught? there's a lot to be said for remaining just outside the circle... @HWA =-----------------------------------------------------------------------= Welcome to HWA.hax0r.news ... #44 =-----------------------------------------------------------------------= We could use some more people joining the channel, its usually pretty quiet, we don't bite (usually) so if you're hanging out on irc stop by and idle a while and say hi... ************************************************************************** ____| _| | __| | __ \ _ \ __| | __| | | __/ | _____|_| _| _|\___|\__| Eris Free Net #HWA.hax0r.news ************************************************************************** *** /join #HWA.hax0r.news on EFnet the key is `zwen' when keyed *** *** *** *** please join to discuss or impart news on from the zine and around *** *** the zine or just to hang out, we get some interesting visitors you *** *** could be one of em. *** *** *** *** Note that the channel isn't there to entertain you its purpose is *** *** to bring together people interested and involved in the underground*** *** to chat about current and recent events etc, do drop in to talk or *** *** hangout. Also if you want to promo your site or send in news tips *** *** its the place to be, just remember we're not #hack or #chatzone... *** ************************************************************************** =--------------------------------------------------------------------------= _____ _ _ / ____| | | | | | | ___ _ __ | |_ ___ _ __ | |_ ___ | | / _ \| '_ \| __/ _ \ '_ \| __/ __| | |___| (_) | | | | || __/ | | | |_\__ \ \_____\___/|_| |_|\__\___|_| |_|\__|___/ =--------------------------------------------------------------------------= [ INDEX ] =--------------------------------------------------------------------------= Key Intros =--------------------------------------------------------------------------= 00.0 .. COPYRIGHTS ...................................................... 00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC ....................... 00.2 .. SOURCES ......................................................... 00.3 .. THIS IS WHO WE ARE .............................................. 00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?.......................... 00.5 .. THE HWA_FAQ V1.0 ................................................ ABUSUS NON TOLLIT USUM? This is (in case you hadn't guessed) Latin, and loosely translated it means "Just because something is abused, it should not be taken away from those who use it properly). This is our new motto. =--------------------------------------------------------------------------= Key Content =--------------------------------------------------------------------------= 01.0 .. GREETS .......................................................... 01.1 .. Last minute stuff, rumours, newsbytes ........................... 01.2 .. Mailbag ......................................................... 02.0 .. From the Editor.................................................. 03.0 .. Yes It Is (Worth It) ............................................ 04.0 .. ExplorerZip Shrinks, Becomes MiniZip ............................ 05.0 .. Staples Files Suit Against Unknown Defacer ...................... 06.0 .. Comet bows to consumer pressure.................................. 07.0 .. Personal Info of Canadian ISP Users Leaked ...................... 08.0 .. First Internet Piracy Case in Japan ............................. 09.0 .. FBI Launches InfraGuard in Ohio ................................. 10.0 .. National Gun Database Goes Online ............................... 11.0 .. Zero Knowledge Ships Freedom, Finally ........................... 12.0 .. OpenBSD 2.6 Ships ............................................... 13.0 .. Videon Was Warned of Data Loss .................................. 14.0 .. German Digital Signature Chip Broke ............................. 15.0 .. IETF Members Under Investigation For Treason .................... 16.0 .. Jane's Releases Cyberterrorism Report ........................... 17.0 .. Car Radio Listening Habits Being Gathered ....................... 18.0 .. CVE by Mitre Goes Online ........................................ 19.0 .. Novell Head Victim of Online Credit Card Theft .................. 20.0 .. IDC Says E-Commerce Unsafe Most of the Time ..................... 21.0 .. Attack Trees Help to Model Security Threats ..................... 22.0 .. Pandora Updated ................................................. 23.0 .. [sSh] Busted or Not? ........................................... 24.0 .. Response to Freedom Extraordinary ............................... 25.0 .. DCypher.net Team Created ........................................ 26.0 .. Hackers Make it to Mars ......................................... 27.0 .. Security Focus newsletter #17.................................... 28.0 .. SQL 7 "Magic Packet" DoS......................................... =-------------------------------------------------------------------------------= AD.S .. Post your site ads or etc here, if you can offer something in return thats tres cool, if not we'll consider ur ad anyways so send it in. ads for other zines are ok too btw just mention us in yours, please remember to include links and an email contact. Corporate ads will be considered also and if your company wishes to donate to or participate in the upcoming Canc0n99 event send in your suggestions and ads now...n.b date and time may be pushed back join mailing list for up to date information....................................... Current dates: POSTPONED til further notice, place: TBA.......... Ha.Ha .. Humour and puzzles ............................................ Hey You!........................................................ =------=........................................................ Send in humour for this section! I need a laugh and its hard to find good stuff... ;)........................................... SITE.1 .. Featured site, ................................................. H.W .. Hacked Websites ............................................... A.0 .. APPENDICES...................................................... A.1 .. PHACVW linx and references...................................... =--------------------------------------------------------------------------= @HWA'99 00.0 (C) COPYRIGHT, (K)OPYWRONG, COPYLEFT? V2.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _ _ | | ___ __ _ __ _| | | | / _ \/ _` |/ _` | | | |__| __/ (_| | (_| | | |_____\___|\__, |\__,_|_| |___/ THE OPINIONS OF THE WRITERS DO NOT NECESSARILY REFLECT THE OPINIONS OF THE PUBLISHERS AND VICE VERSA IN FACT WE DUNNO WTF IS GONNA TAKE RESPONSIBILITY FOR THIS, I'M NOT DOING IT (LOTS OF ME EITHER'S RESOUND IN THE BACKGROUND) SO UHM JUST READ IT AND IF IT BUGS YOU WELL TFS (SEE FAQ). Important semi-legalese and license to redistribute: YOU MAY DISTRIBUTE THIS ZINE WITHOUT PERMISSION FROM MYSELF AND ARE GRANTED THE RIGHT TO QUOTE ME OR THE CONTENTS OF THE ZINE SO LONG AS Cruciphux AND/OR HWA.hax0r.news ARE MENTIONED IN YOUR WRITING. LINK'S ARE NOT NECESSARY OR EXPECTED BUT ARE APPRECIATED the current link is http://welcome.to/HWA.hax0r.news IT IS NOT MY INTENTION TO VIOLATE ANYONE'S COPYRIGHTS OR BREAK ANY NETIQUETTE IN ANY WAY IF YOU FEEL I'VE DONE THAT PLEASE EMAIL ME PRIVATELY current email cruciphux@dok.org THIS DOES NOT CONSTITUTE ANY LEGAL RIGHTS, IN THIS COUNTRY ALL WORKS ARE (C) AS SOON AS COMMITTED TO PAPER OR DISK, IF ORIGINAL THE LAYOUT AND COMMENTARIES ARE THEREFORE (C) WHICH MEANS: I RETAIN ALL RIGHTS, BUT I GIVE YOU THE RIGHT TO READ, QUOTE AND REDISTRIBUTE/MIRROR. - EoD Although this file and all future issues are now copyright, some of the content holds its own copyright and these are printed and respected. News is news so i'll print any and all news but will quote sources when the source is known, if its good enough for CNN its good enough for me. And i'm doing it for free on my own time so pfffft. :) No monies are made or sought through the distribution of this material. If you have a problem or concern email me and we'll discuss it. cruciphux@dok.org Cruciphux [C*:.] 00.1 CONTACT INFORMATION AND MAIL DROP ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ____ _ _ / ___|___ _ __ | |_ __ _ ___| |_ ___ | | / _ \| '_ \| __/ _` |/ __| __/ __| | |__| (_) | | | | || (_| | (__| |_\__ \ \____\___/|_| |_|\__\__,_|\___|\__|___/ Wahoo, we now have a mail-drop, if you are outside of the U.S.A or Canada / North America (hell even if you are inside ..) and wish to send printed matter like newspaper clippings a subscription to your cool foreign hacking zine or photos, small non-explosive packages or sensitive information etc etc well, now you can. (w00t) please no more inflatable sheep or plastic dog droppings, or fake vomit thanks. Send all goodies to: HWA NEWS P.O BOX 44118 370 MAIN ST. NORTH BRAMPTON, ONTARIO CANADA L6V 4H5 WANTED!: POSTCARDS! YESH! POSTCARDS, I COLLECT EM so I know a lot of you are ~~~~~~~ reading this from some interesting places, make my day and get a mention in the zine, send in a postcard, I realize that some places it is cost prohibitive but if you have the time and money be a cool dude / gal and send a poor guy a postcard preferably one that has some scenery from your place of residence for my collection, I collect stamps too so you kill two birds with one stone by being cool and mailing in a postcard, return address not necessary, just a "hey guys being cool in Bahrain, take it easy" will do ... ;-) thanx. Ideas for interesting 'stuff' to send in apart from news: - Photo copies of old system manual front pages (optionally signed by you) ;-) - Photos of yourself, your mom, sister, dog and or cat in a NON compromising position plz I don't want pr0n. - Picture postcards - CD's 3.5" disks, Zip disks, 5.25" or 8" floppies, Qic40/80/100-250 tapes with hack/security related archives, logs, irc logs etc on em. - audio or video cassettes of yourself/others etc of interesting phone fun or social engineering examples or transcripts thereof. Stuff you can email: - Prank phone calls in .ram or .mp* format - Fone tones and security announcements from PBX's etc - fun shit you sampled off yer scanner (relevant stuff only like #2600 meeting activities) - reserved for one smiley face -> :-) <- - PHACV lists of files that you have or phac cd's you own (we have a burner, *g*) - burns of phac cds (email first to make sure we don't already have em) - Any and all telephone sounds/tones/beeps/trunk drops/line tests/etc in .ram etc format or .mp* If you still can't think of anything you're probably not that interesting a person after all so don't worry about it Our current email: Submissions/zine gossip.....: hwa@press.usmc.net Private email to editor.....: cruciphux@dok.org Distribution/Website........: sas2@usa.net @HWA 00.2 Sources *** ~~~~~~~~~~~ ____ / ___| ___ _ _ _ __ ___ ___ ___ \___ \ / _ \| | | | '__/ __/ _ Y __| ___) | (_) | |_| | | | (_| __|__ \ |____/ \___/ \__,_|_| \___\___|___/ Sources can be some, all, or none of the following (by no means complete nor listed in any degree of importance) Unless otherwise noted, like msgs from lists or news from other sites, articles and information is compiled and or sourced by Cruciphux no copyright claimed. News & I/O zine ................. http://www.antionline.com/ Back Orifice/cDc..................http://www.cultdeadcow.com/ News site (HNN) .....,............http://www.hackernews.com/ Help Net Security.................http://net-security.org/ News,Advisories,++ .(lophtcrack)..http://www.l0pht.com/ NewsTrolls .(daily news ).........http://www.newstrolls.com/ News + Exploit archive ...........http://www.rootshell.com/beta/news.html CuD Computer Underground Digest...http://www.soci.niu.edu/~cudigest News site+........................http://www.zdnet.com/ News site+Security................http://www.gammaforce.org/ News site+Security................http://www.projectgamma.com/ News site+Security................http://securityhole.8m.com/ News site+Security related site...http://www.403-security.org/ s News/Humour site+ ................http://www.innerpulse.com News/Techie news site.............http://www.slashdot.org +Various mailing lists and some newsgroups, such as ... +other sites available on the HNN affiliates page, please see http://www.hackernews.com/affiliates.html as they seem to be popping up rather frequently ... http://www.the-project.org/ .. IRC list/admin archives http://www.anchordesk.com/ .. Jesse Berst's AnchorDesk alt.hackers.malicious alt.hackers alt.2600 BUGTRAQ ISN security mailing list ntbugtraq <+others> NEWS Agencies, News search engines etc: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.cnn.com/SEARCH/ http://www.foxnews.com/search/cgi-bin/search.cgi?query=hack&days=0&wires=0&startwire=0 http://www.news.com/Searching/Results/1,18,1,00.html?querystr=hack http://www.ottawacitizen.com/business/ http://search.yahoo.com.sg/search/news_sg?p=hack http://www.washingtonpost.com/cgi-bin/search?DB_NAME=WPlate&TOTAL_HITLIST=20&DEFAULT_OPERATOR=AND&headline=&WITHIN_FIELD_NAME=.lt.event_date&WITHIN_DAYS=0&description=hack http://www.zdnet.com/zdtv/cybercrime/ http://www.zdnet.com/zdtv/cybercrime/chaostheory/ (Kevin Poulsen's Column) NOTE: See appendices for details on other links. http://news.bbc.co.uk/hi/english/sci/tech/newsid_254000/254236.stm http://freespeech.org/eua/ Electronic Underground Affiliation http://ech0.cjb.net ech0 Security http://axon.jccc.net/hir/ Hackers Information Report http://net-security.org Net Security http://www.403-security.org Daily news and security related site Submissions/Hints/Tips/Etc ~~~~~~~~~~~~~~~~~~~~~~~~~~ ____ _ _ _ / ___| _ _| |__ _ __ ___ (_)___ ___(_) ___ _ __ ___ \___ \| | | | '_ \| '_ ` _ \| / __/ __| |/ _ \| '_ \/ __| ___) | |_| | |_) | | | | | | \__ \__ \ | (_) | | | \__ \ |____/ \__,_|_.__/|_| |_| |_|_|___/___/_|\___/|_| |_|___/ All submissions that are `published' are printed with the credits you provide, if no response is received by a week or two it is assumed that you don't care wether the article/email is to be used in an issue or not and may be used at my discretion. Looking for: Good news sites that are not already listed here OR on the HNN affiliates page at http://www.hackernews.com/affiliates.html Magazines (complete or just the articles) of breaking sekurity or hacker activity in your region, this includes telephone phraud and any other technological use, abuse hole or cool thingy. ;-) cut em out and send it to the drop box. - Ed Mailing List Subscription Info (Far from complete) Feb 1999 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ ~~~~~~~~ ISS Security mailing list faq : http://www.iss.net/iss/maillist.html ATTRITION.ORG's Website defacement mirror and announcement lists ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.attrition.org/mirror/attrition/ http://www.attrition.org/security/lists.html -- defaced [web page defacement announce list] This is a public LOW VOLUME (1) mail list to circulate news/info on defaced web sites. To subscribe to Defaced, send mail to majordomo@attrition.org with "subscribe defaced" in the BODY of the mail. There will be two types of posts to this list: 1. brief announcements as we learn of a web defacement. this will include the site, date, and who signed the hack. we will also include a URL of a mirror of the hack. 2. at the end of the day, a summary will be posted of all the hacks of the day. these can be found on the mirror site listed under 'relevant links' This list is for informational purposes only. Subscribing denotes your acceptance of the following: 1. we have nothing to do with the hacks. at all. 2. we are only mirroring the work of OTHER people. 3. we can not be held liable for anything related to these hacks. 4. all of the points on the disclaimer listed below. Under no circumstances may the information on this list be used to solicit security business. You do not have permission to forward this mail to anyone related to the domain that was defaced. enjoy. List maintainer: mcintyre@attrition.org Hosted by: majordomo@attrition.org Relevant Links: Disclaimer: http://www.attrition.org/mirror/attrition/notes.html ATTRITION Mirror: http://www.attrition.org/mirror/ (1) It is low volume on a normal day. On days of many defacements, traffic may be increased. On a few days, it is a virtual mail flood. You have been warned. ;) -=- -- defaced summary [web page defacement announce list] This is a low traffic mail list to announce all publicly defaced domains on a given day. To subscribe to Defaced-Summary, send mail to majordomo@attrition.org with "subscribe defaced-summary" in the BODY of the mail. There will be ONE type of post to this list: 1. a single nightly piece of mail listing all reported domains. the same information can be found on http://www.attrition.org/mirror/attrition/ via sporadic updates. This list is for informational purposes only. Subscribing denotes your acceptance of the following: 1. we have nothing to do with the hacks. at all. 2. we are only mirroring the work of OTHER people. 3. we can not be held liable for anything related to these hacks. 4. all of the points on the disclaimer listed below. Under no circumstances may the information on this list be used to solicit security business. You do not have permission to forward this mail to anyone related to the domain that was defaced. enjoy. List maintainer: jericho@attrition.org Hosted by: majordomo@attrition.org Relevant Links: Disclaimer: http://www.attrition.org/mirror/attrition/notes.html ATTRITION Mirror: http://www.attrition.org/mirror/ -=- defaced GM [web page defacement announce list] This is a low traffic mail list to announce all publicly defaced government and military domains on a given day. To subscribe to Defaced-GM, send mail to majordomo@attrition.org with "subscribe defaced-gm" in the BODY of the mail. There will be ONE type of post to this list: 1. sporadic pieces of mail for each government (.gov) or military (.mil) system defaced. the same information can be found on http://www.attrition.org/mirror/attrition/ via sporadic updates. This list is designed primarily for government and military personell charged with tracking security incidents on government run networks. This list is for informational purposes only. Subscribing denotes your acceptance of the following: 1. we have nothing to do with the hacks. at all. 2. we are only mirroring the work of OTHER people. 3. we can not be held liable for anything related to these hacks. 4. all of the points on the disclaimer listed below. Under no circumstances may the information on this list be used to solicit security business. You do not have permission to forward this mail to anyone related to the domain that was defaced. enjoy. List maintainer: jericho@attrition.org Hosted by: majordomo@attrition.org Relevant Links: Disclaimer: http://www.attrition.org/mirror/attrition/notes.html ATTRITION Mirror: http://www.attrition.org/mirror/ -- defaced alpha [web page defacement announce list] This is a low traffic mail list to announce via alpha-numeric pagers, all publicly defaced government and military domains on a given day. To subscribe to Defaced-Alpha, send mail to majordomo@attrition.org with "subscribe defaced-alpha" in the BODY of the mail. There will be ONE type of post to this list: 1. sporadic pieces of mail for each government (.gov) or military (.mil) system defaced. the information will only include domain names. the same information can be found on http://www.attrition.org/mirror/attrition/ via sporadic updates. This list is designed primarily for government and military personell charged with tracking security incidents on government run networks. Further, it is designed for quick response and aimed at law enforcement agencies like DCIS and the FBI. To subscribe to this list, a special mail will be sent to YOUR alpha-numeric pager. A specific response must be made within 12 hours of receiving the mail to be subscribed. If the response is not received, it is assumed the mail was not sent to your pager. This list is for informational purposes only. Subscribing denotes your acceptance of the following: 1. we have nothing to do with the hacks. at all. 2. we are only mirroring the work of OTHER people. 3. we can not be held liable for anything related to these hacks. 4. all of the points on the disclaimer listed below. Under no circumstances may the information on this list be used to solicit security business. You do not have permission to forward this mail to anyone related to the domain that was defaced. enjoy. List maintainer: jericho@attrition.org Hosted by: majordomo@attrition.org Relevant Links: Disclaimer: http://www.attrition.org/mirror/attrition/notes.html ATTRITION Mirror: http://www.attrition.org/mirror/ -=- THE MOST READ: BUGTRAQ - Subscription info ~~~~~~~~~~~~~~~~~~~~~~~~~~~ What is Bugtraq? Bugtraq is a full-disclosure UNIX security mailing list, (see the info file) started by Scott Chasin . To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body subscribe bugtraq. I've been archiving this list on the web since late 1993. It is searchable with glimpse and archived on-the-fly with hypermail. Searchable Hypermail Index; http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html About the Bugtraq mailing list ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following comes from Bugtraq's info file: This list is for *detailed* discussion of UNIX security holes: what they are, how to exploit, and what to do to fix them. This list is not intended to be about cracking systems or exploiting their vulnerabilities. It is about defining, recognizing, and preventing use of security holes and risks. Please refrain from posting one-line messages or messages that do not contain any substance that can relate to this list`s charter. I will allow certain informational posts regarding updates to security tools, documents, etc. But I will not tolerate any unnecessary or nonessential "noise" on this list. Please follow the below guidelines on what kind of information should be posted to the Bugtraq list: + Information on Unix related security holes/backdoors (past and present) + Exploit programs, scripts or detailed processes about the above + Patches, workarounds, fixes + Announcements, advisories or warnings + Ideas, future plans or current works dealing with Unix security + Information material regarding vendor contacts and procedures + Individual experiences in dealing with above vendors or security organizations + Incident advisories or informational reporting Any non-essential replies should not be directed to the list but to the originator of the message. Please do not "CC" the bugtraq reflector address if the response does not meet the above criteria. Remember: YOYOW. You own your own words. This means that you are responsible for the words that you post on this list and that reproduction of those words without your permission in any medium outside the distribution of this list may be challenged by you, the author. For questions or comments, please mail me: chasin@crimelab.com (Scott Chasin) UPDATED Sept/99 - Sent in by Androthi, tnx for the update ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I am pleased to inform you of several changes that will be occurring on June 5th. I hope you find them as exciting as I do. BUGTRAQ moves to a new home --------------------------- First, BUGTRAQ will be moving from its current home at NETSPACE.ORG to SECURITYFOCUS.COM. What is Security Focus you ask? Wait and read below. Other than the change of domains nothing of how the list is run changes. I am still the moderator. We play by the same rules. Security Focus will be providing mail archives for BUGTRAQ. The archives go back longer than Netspace's and are more complete than Geek-Girl's. The move will occur one week from today. You will not need to resubscribe. All your information, including subscription options will be moved transparently. Any of you using mail filters (e.g. procmail) to sort incoming mail into mail folders by examining the From address will have to update them to include the new address. The new address will be: BUGTRAQ@SECURITYFOCUS.COM Security Focus also be providing a free searchable vulnerability database. BUGTRAQ es muy bueno -------------------- It has also become apparent that there is a need for forums in the spirit of BUGTRAQ where non-English speaking people or people that don't feel comfortable speaking English can exchange information. As such I've decided to give BUGTRAQ in other languages a try. BUGTRAQ will continue to be the place to submit vulnerability information, but if you feel more comfortable using some other language you can give the other lists a try. All relevant information from the other lists which have not already been covered here will be translated and forwarded on by the list moderator. In the next couple of weeks we will be introducing BUGTRAQ-JP (Japanese) which will be moderated by Nobuo Miwa and BUGTRAQ-SP (Spanish) which will be moderated by CORE SDI S.A. from Argentina (the folks that brought you Secure Syslog and the SSH insertion attack). What is Security Focus? ----------------------- Security Focus is an exercise in creating a community and a security resource. We hope to be able to provide a medium where useful and successful resources such as BUGTRAQ can occur, while at the same time providing a comprehensive source of security information. Aside from moving just BUGTRAQ over, the Geek-Girl archives (and the Geek Girl herself!) have moved over to Security Focus to help us with building this new community. The other staff at Security Focus are largely derived from long time supporters of Bugtraq and the community in general. If you are interested in viewing the staff pages, please see the 'About' section on www.securityfocus.com. On the community creating front you will find a set of forums and mailing lists we hope you will find useful. A number of them are not scheduled to start for several weeks but starting today the following list is available: * Incidents' Mailing List. BUGTRAQ has always been about the discussion of new vulnerabilities. As such I normally don't approve messages about break-ins, trojans, viruses, etc with the exception of wide spread cases (Melissa, ADM worm, etc). The other choice people are usually left with is email CERT but this fails to communicate this important information to other that may be potentially affected. The Incidents mailing list is a lightly moderated mailing list to facilitate the quick exchange of security incident information. Topical items include such things as information about rootkits new trojan horses and viruses, source of attacks and tell-tale signs of intrusions. To subscribe email LISTSERV@SECURITYFOCUS.COM with a message body of: SUBS INCIDENTS FirstName, LastName Shortly we'll also be introducing an Information Warfare forum along with ten other forums over the next two months. These forums will be built and moderated by people in the community as well as vendors who are willing to take part in the community building process. *Note to the vendors here* We have several security vendors who have agreed to run forums where they can participate in the online communities. If you would like to take part as well, mail Alfred Huger, ahuger@securityfocus.com. On the information resource front you find a large database of the following: * Vulnerabilities. We are making accessible a free vulnerability database. You can search it by vendor, product and keyword. You will find detailed information on the vulnerability and how to fix it, as well are links to reference information such as email messages, advisories and web pages. You can search by vendor, product and keywords. The database itself is the result of culling through 5 years of BUGTRAQ plus countless other lists and news groups. It's a shining example of how thorough full disclosure has made a significant impact on the industry over the last half decade. * Products. An incredible number of categorized security products from over two hundred different vendors. * Services. A large and focused directory of security services offered by vendors. * Books, Papers and Articles. A vast number of categorized security related books, papers and articles. Available to download directly for our servers when possible. * Tools. A large array of free security tools. Categorized and available for download. * News: A vast number of security news articles going all the way back to 1995. * Security Resources: A directory to other security resources on the net. As well as many other things such as an event calendar. For your convenience the home-page can be personalized to display only information you may be interested in. You can filter by categories, keywords and operating systems, as well as configure how much data to display. I'd like to thank the fine folks at NETSPACE for hosting the site for as long as they have. Their services have been invaluable. I hope you find these changes for the best and the new services useful. I invite you to visit http://www.securityfocus.com/ and check it out for yourself. If you have any comments or suggestions please feel free to contact me at this address or at aleph1@securityfocus.com. Cheers. -- Aleph One / aleph1@underground.org http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 Crypto-Gram ~~~~~~~~~~~ CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, insights, and commentaries on cryptography and computer security. To subscribe, visit http://www.counterpane.com/crypto-gram.html or send a blank message to crypto-gram-subscribe@chaparraltree.com.  To unsubscribe, visit http://www.counterpane.com/unsubform.html.  Back issues are available on http://www.counterpane.com. CRYPTO-GRAM is written by Bruce Schneier.  Schneier is president of Counterpane Systems, the author of "Applied Cryptography," and an inventor of the Blowfish, Twofish, and Yarrow algorithms.  He served on the board of the International Association for Cryptologic Research, EPIC, and VTW.  He is a frequent writer and lecturer on cryptography. CUD Computer Underground Digest ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This info directly from their latest ish: Computer underground Digest    Sun  14 Feb, 1999   Volume 11 : Issue 09                             ISSN  1004-042X        Editor: Jim Thomas (cudigest@sun.soci.niu.edu)        News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)        Archivist: Brendan Kehoe        Poof Reader:   Etaion Shrdlu, Jr.        Shadow-Archivists: Dan Carosone / Paul Southworth                           Ralph Sims / Jyrki Kuoppala                           Ian Dickinson        Cu Digest Homepage: http://www.soci.niu.edu/~cudigest [ISN] Security list ~~~~~~~~~~~~~~~~~~~ This is a low volume list with lots of informative articles, if I had my way i'd reproduce them ALL here, well almost all .... ;-) - Ed UPDATED Sept/99 - Sent in by Androthi, tnx for the update ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --[ New ISN announcement (New!!) Sender: ISN Mailing List From: mea culpa Subject: Where has ISN been? Comments: To: InfoSec News To: ISN@SECURITYFOCUS.COM It all starts long ago, on a network far away.. Not really. Several months ago the system that hosted the ISN mail list was taken offline. Before that occured, I was not able to retrieve the subscriber list. Because of that, the list has been down for a while. I opted to wait to get the list back rather than attempt to make everyone resubscribe. As you can see from the headers, ISN is now generously being hosted by Security Focus [www.securityfocus.com]. THey are providing the bandwidth, machine, and listserv that runs the list now. Hopefully, this message will find all ISN subscribers, help us weed out dead addresses, and assure you the list is still here. If you have found the list to be valuable in the past, please tell friends and associates about the list. To subscribe, mail listserv@securityfocus.com with "subscribe isn firstname lastname". To unsubscribe, "unsubscribe isn". As usual, comments and suggestions are welcome. I apologize for the down time of the list. Hopefully it won't happen again. ;) mea_culpa www.attrition.org --[ Old ISN welcome message [Last updated on: Mon Nov 04 0:11:23 1998] InfoSec News is a privately run, medium traffic list that caters to distribution of information security news articles. These articles will come from newspapers, magazines, online resources, and more. The subject line will always contain the title of the article, so that you may quickly and effeciently filter past the articles of no interest. This list will contain: o Articles catering to security, hacking, firewalls, new security encryption, products, public hacks, hoaxes, legislation affecting these topics and more. o Information on where to obtain articles in current magazines. o Security Book reviews and information. o Security conference/seminar information. o New security product information. o And anything else that comes to mind.. Feedback is encouraged. The list maintainers would like to hear what you think of the list, what could use improving, and which parts are "right on". Subscribers are also encouraged to submit articles or URLs. If you submit an article, please send either the URL or the article in ASCII text. Further, subscribers are encouraged to give feedback on articles or stories, which may be posted to the list. Please do NOT: * subscribe vanity mail forwards to this list * subscribe from 'free' mail addresses (ie: juno, hotmail) * enable vacation messages while subscribed to mail lists * subscribe from any account with a small quota All of these generate messages to the list owner and make tracking down dead accounts very difficult. I am currently receiving as many as fifty returned mails a day. Any of the above are grounds for being unsubscribed. You are welcome to resubscribe when you address the issue(s). Special thanks to the following for continued contribution: William Knowles, Aleph One, Will Spencer, Jay Dyson, Nicholas Brawn, Felix von Leitner, Phreak Moi and other contributers. ISN Archive: ftp://ftp.repsec.com/pub/text/digests/isn ISN Archive: http://www.landfield.com/isn ISN Archive: http://www.jammed.com/Lists/ISN/ ISN is Moderated by 'mea_culpa' . ISN is a private list. Moderation of topics, member subscription, and everything else about the list is solely at his discretion. The ISN membership list is NOT available for sale or disclosure. ISN is a non-profit list. Sponsors are only donating to cover bandwidth and server costs. Win2k Security Advice Mailing List (new added Nov 30th) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To subscribe: send "SUBSCRIBE WIN2KSECADVICE anonymous or name" in the message body to listserv@listserv.ntsecurity.net Welcome to Win2K Security Advice! Thank you for subscribing. If you have any questions or comments about the list please feel free to contact the list moderator, Steve Manzuik, at steve@win2ksecadvice.net. To see what you've missed recently on the list, or to research an item of interest, be sure to visit the Web-based archives located at: http://www.ntsecurity.net/scripts/page_listserv.asp?s=win2ksec ============== NTSecurity.net brings the security community a brand new (Oct 99) and much-requested Windows security mailing list. This new moderated mailing list, Win2KSecAdvice (formerly NTSecAdvice,) is geared towards promoting the open discussion of Windows-related security issues. With a firm and unwavering commitment towards timely full disclosure, this new resource promises to become a great forum for open discussion regarding security-related bugs, vulnerabilities, potential exploits, virus, worms, Trojans, and more. Win2KSecAdvice promotes a strong sense of community and we openly invite all security minded individuals, be they white hat, gray hat, or black hat, to join the new mailing list. While Win2KSecAdvice was named in the spirit of Microsoft's impending product line name change, and meant to reflect the list's security focus both now and in the long run, it is by no means limited to security topics centered around Windows 2000. Any security issues that pertain to Windows-based networking are relevant for discussion, including all Windows operating systems, MS Office, MS BackOffice, and all related third party applications and hardware. The scope of Win2KSecAdvice can be summarized very simply: if it's relevant to a security risk, it's relevant to the list. The list archives are available on the Web at http://www.ntsecurity.net, which include a List Charter and FAQ, as well as Web-based searchable list archives for your research endeavors. SAVE THIS INFO FOR YOUR REFERENCE: To post to the list simply send your email to win2ksecadvice@listserv.ntsecurity.net To unsubscribe from this list, send UNSUBSCRIBE WIN2KSECADVICE to listserv@listserv.ntsecurity.net Regards, Steve Manzuik, List Moderator Win2K Security Advice steve@win2ksecadvice.net @HWA 00.3 THIS IS WHO WE ARE ~~~~~~~~~~~~~~~~~~ __ ___ ___ \ \ / / |__ ___ __ _ _ __ _____ ____|__ \ \ \ /\ / /| '_ \ / _ \ / _` | '__/ _ \ \ /\ / / _ \/ / \ V V / | | | | (_) | (_| | | | __/\ V V / __/_| \_/\_/ |_| |_|\___/ \__,_|_| \___| \_/\_/ \___(_) Some HWA members and Legacy staff ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cruciphux@dok.org.........: currently active/editorial darkshadez@ThePentagon.com: currently active/man in black fprophet@dok.org..........: currently active/programming/IRC+ man in black sas2@usa.net .............. currently active/IRC+ distribution vexxation@usa.net ........: currently active/IRC+ proof reader/grrl in black dicentra...(email withheld): IRC+ grrl in black twisted-pair@home.com......: currently active/programming/IRC+ Foreign Correspondants/affiliate members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Qubik ............................: United Kingdom D----Y ...........................: USA/world media HWA members ......................: World Media Past Foreign Correspondants (currently inactive or presumed dead) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sla5h.............................: Croatia N0Portz ..........................: Australia system error .....................: Indonesia Wile (wile coyote) ...............: Japan/the East Ruffneck ........................: Netherlands/Holland Wyze1.............................: South Africa Please send in your sites for inclusion here if you haven't already also if you want your emails listed send me a note ... - Ed Spikeman's site is down as of this writing, if it comes back online it will be posted here. http://www.hackerlink.or.id/ ............ System Error's site (in Indonesian) Sla5h's email: smuddo@yahoo.com ******************************************************************* *** /join #HWA.hax0r.news on EFnet the key is `zwen' *** ******************************************************************* :-p 1. We do NOT work for the government in any shape or form.Unless you count paying taxes ... in which case we work for the gov't in a BIG WAY. :-/ 2. MOSTLY Unchanged since issue #1, although issues are a digest of recent news events its a good idea to check out issue #1 at least and possibly also the Xmas issue for a good feel of what we're all about otherwise enjoy - Ed ... @HWA 00.4 Whats in a name? why HWA.hax0r.news?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Well what does HWA stand for? never mind if you ever find out I may have to get those hax0rs from 'Hackers' or the Pretorians after you. In case you couldn't figure it out hax0r is "new skewl" and although it is laughed at, shunned, or even pidgeon holed with those 'dumb leet (l33t?) dewds' this is the state of affairs. It ain't Stephen Levy's HACKERS anymore. BTW to all you up and comers, i'd highly recommend you get that book. Its almost like buying a clue. Anyway..on with the show .. - Editorial staff @HWA 00.5 HWA FAQ v1.0 Feb 13th 1999 (Abridged & slightly updated again) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _ ___ ___ _____ _ ___ | | | \ \ / / \ | ___/ \ / _ \ | |_| |\ \ /\ / / _ \ | |_ / _ \| | | | | _ | \ V V / ___ \ _| _/ ___ \ |_| | |_| |_| \_/\_/_/ \_(_)_|/_/ \_\__\_\ Also released in issue #3. (revised) check that issue for the faq it won't be reprinted unless changed in a big way with the exception of the following excerpt from the FAQ, included to assist first time readers: Some of the stuff related to personal useage and use in this zine are listed below: Some are very useful, others attempt to deny the any possible attempts at eschewing obfuscation by obsucuring their actual definitions. @HWA - see EoA ;-) != - Mathematical notation "is not equal to" or "does not equal" ASC(247) "wavey equals" sign means "almost equal" to. If written an =/= (equals sign with a slash thru it) also means !=, =< is Equal to or less than and => is equal to or greater than (etc, this aint fucking grade school, cripes, don't believe I just typed all that..) AAM - Ask a minor (someone under age of adulthood, usually <16, <18 or <21) AOL - A great deal of people that got ripped off for net access by a huge clueless isp with sekurity that you can drive buses through, we're not talking Kung-Fu being none too good here, Buy-A-Kloo maybe at the least they could try leasing one?? *CC - 1 - Credit Card (as in phraud) 2 - .cc is COCOS (Keeling) ISLANDS butthey probably accept cc's CCC - Chaos Computer Club (Germany) *CON - Conference, a place hackers crackers and hax0rs among others go to swap ideas, get drunk, swap new mad inphoz, get drunk, swap gear, get drunk watch videos and seminars, get drunk, listen to speakers, and last but not least, get drunk. *CRACKER - 1 . Someone who cracks games, encryption or codes, in popular hacker speak he's the guy that breaks into systems and is often (but by no means always) a "script kiddie" see pheer 2 . An edible biscuit usually crappy tasting without a nice dip, I like jalapeno pepper dip or chives sour cream and onion, yum - Ed Ebonics - speaking like a rastafarian or hip dude of colour also wigger Vanilla Ice is a wigger, The Beastie Boys and rappers speak using ebonics, speaking in a dark tongue ... being ereet, see pheer EoC - End of Commentary EoA - End of Article or more commonly @HWA EoF - End of file EoD - End of diatribe (AOL'ers: look it up) FUD - Coined by Unknown and made famous by HNN - "Fear uncertainty and doubt", usually in general media articles not high brow articles such as ours or other HNN affiliates ;) du0d - a small furry animal that scurries over keyboards causing people to type weird crap on irc, hence when someone says something stupid or off topic 'du0d wtf are you talkin about' may be used. *HACKER - Read Stephen Levy's HACKERS for the true definition, then see HAX0R *HAX0R - 1 - Cracker, hacker wannabe, in some cases a true hacker, this is difficult to define, I think it is best defined as pop culture's view on The Hacker ala movies such as well erhm "Hackers" and The Net etc... usually used by "real" hackers or crackers in a derogatory or slang humorous way, like 'hax0r me some coffee?' or can you hax0r some bread on the way to the table please?' 2 - A tool for cutting sheet metal. HHN - Maybe a bit confusing with HNN but we did spring to life around the same time too, HWA Hax0r News.... HHN is a part of HNN .. and HNN as a proper noun means the hackernews site proper. k? k. ;& HNN - Hacker News Network and its affiliates http://www.hackernews.com/affiliates.html J00 - "you"(as in j00 are OWN3D du0d) - see 0wn3d MFI/MOI- Missing on/from IRC NFC - Depends on context: No Further Comment or No Fucking Comment NFR - Network Flight Recorder (Do a websearch) see 0wn3d NFW - No fuckin'way *0WN3D - You are cracked and owned by an elite entity see pheer *OFCS - Oh for christ's sakes PHACV - And variations of same Phreaking, Hacking, Anarchy, Cracking, Carding (CC) Groups Virus, Warfare Alternates: H - hacking, hacktivist C - Cracking C - Cracking V - Virus W - Warfare A - Anarchy (explosives etc, Jolly Roger's Cookbook etc) P - Phreaking, "telephone hacking" PHone fREAKs ... CT - Cyber Terrorism *PHEER - This is what you do when an ereet or elite person is in your presence see 0wn3d *RTFM - Read the fucking manual - not always applicable since some manuals are pure shit but if the answer you seek is indeed in the manual then you should have RTFM you dumb ass. TBC - To Be Continued also 2bc (usually followed by ellipses...) :^0 TBA - To Be Arranged/To Be Announced also 2ba TFS - Tough fucking shit. *w00t - 1 - Reserved for the uber ereet, noone can say this without severe repercussions from the underground masses. also "w00ten" 2 - Cruciphux and sAs72's second favourite word (they're both shit stirrers) *wtf - what the fuck, where the fuck, when the fuck etc .. *ZEN - The state you reach when you *think* you know everything (but really don't) usually shortly after reaching the ZEN like state something will break that you just 'fixed' or tweaked. @HWA -=- :. .: -=- 01.0 Greets!?!?! yeah greets! w0w huh. - Ed ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ____ _ / ___|_ __ ___ ___| |_ ___ | | _| '__/ _ \/ _ \ __/ __| | |_| | | | __/ __/ |_\__ \ \____|_| \___|\___|\__|___/ Thanks to all in the community for their support and interest but i'd like to see more reader input, help me out here, whats good, what sucks etc, not that I guarantee i'll take any notice mind you, but send in your thoughts anyway. * all the people who sent in cool emails and support FProphet Pyra TwstdPair _NeM_ D----Y Dicentra vexxation sAs72 Spikeman p0lix Vortexia Wyze1 Pneuma Raven Zym0t1c duro Repluzer astral BHZ ScrewUp Qubik gov-boi _Jeezus_ Haze_ thedeuce ytcracker Folks from #hwa.hax0r,news and #fawkerz, #ninjachat and #sesame Ken Williams/tattooman ex-of PacketStorm, & Kevin Mitnick kewl sites: + http://www.hack.co.za NEW + http://blacksun.box.sk. NEW + http://packetstorm.securify.com/ NEW + http://www.securityportal.com/ NEW + http://www.securityfocus.com/ NEW + http://www.hackcanada.com/ + http://www.l0pht.com/ + http://www.2600.com/ + http://www.freekevin.com/ + http://www.genocide2600.com/ + http://www.hackernews.com/ (Went online same time we started issue 1!) + http://www.net-security.org/ + http://www.slashdot.org/ + http://www.freshmeat.net/ + http://www.403-security.org/ + http://ech0.cjb.net/ @HWA 01.1 Last minute stuff, rumours and newsbytes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "What is popular isn't always right, and what is right isn't always popular..." - FProphet '99 +++ When was the last time you backed up your important data? Thanks to myself for providing the info from my wired news feed and others from whatever sources, also to Spikeman for sending in past entries.... - Ed @HWA 01.2 MAILBAG - email and posts from the message board worthy of a read ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Yeah we have a message board, feel free to use it, remember there are no stupid questions... well there are but if you ask something really dumb we'll just laugh at ya, lets give the message board a bit more use eh? i'll be using a real message board when the hwa-iwa.org domain comes back online (soon) meanwhile the beseen board is still up... ============================================================================== 02.0 From the editor. ~~~~~~~~~~~~~~~~ #include #include #include main() { printf ("Read commented source!\n\n"); /* * Short issue this week, i'm still sick * so haven't put as much time as I usually do * into digging up info and etc, hopefully be * back to normal next week... * */ printf ("EoF.\n"); } Congrats, thanks, articles, news submissions and kudos to us at the main address: hwa@press.usmc.net complaints and all nastygrams and mai*lbombs can go to /dev/nul nukes, synfloods and papasmurfs to 127.0.0.1, private mail to cruciphux@dok.org danke. C*:. -= start =--= start =--= start =--= start =--= start =--= start =--= start ____ _ _ / ___|___ _ __ | |_ ___ _ __ | |_ | | / _ \| '_ \| __/ _ \ '_ \| __| | |__| (_) | | | | || __/ | | | |_ \____\___/|_| |_|\__\___|_| |_|\__| / ___|| |_ __ _ _ __| |_ \___ \| __/ _` | '__| __| ___) | || (_| | | | |_ |____/ \__\__,_|_| \__| -= start =--= start =--= start =--= start =--= start =--= start =--= 03.0 Yes It Is (Worth It) ~~~~~~~~~~~~~~~~~~~~ contributed by ytcracker Active web page defacer YTCracker has written an article in response to Brian Martin's article Is It Worth IT, published by HNN last week. Mr Martin asked if the recent spate of web page defacements was worth the trouble it causes the perpetrators. YTCracker has recently defaced such high profile pages as Bureau of Land Management National Training Center and the Defense Contracts Audit Agency. YTCracker now explains the motivation and says that, Yes, it is worth it. Buffer Overflow http://www.hackernews.com/orig/buffero.html HNN Cracked Pages Archive - Some of YTCrackers work is displayed here. http://www.hackernews.com/archive/crackarch.html "Yes, it is." A response to Brian Martin's Is it worth it? article. By YTCracker (phed@felons.org) This article was written in response to an article written by Brian Martin concerning web page defacement, its risks, and its consequences. He asks the eternal question "Is it worth it?" to those who participate in these kinds of activities. Many of the individuals I have talked to have mixed thoughts about the article. Some individuals say it really taught them something valuable. Some said it scared them into considering quitting. Others, including myself, carry a somewhat apathetic attitude toward the whole thing in general. Allow me to explain. A few things need to be established about this defacement culture. One, I believe that this in no way constitutes as hacking. On any level, no matter how you look at it, web page defacement is destructive. In some cases, it can ruin the credibility of a company or a government agency. Two, I believe that web page defacement should carry a "message". When I spoke with Brian earlier, I tried to make it clear that we [as third person onlookers to a defacement] cannot determine this message in some cases. To us, "hack0r x 0ens u in 9d9" probably means nothing at all. To hack0r x, it may have. However, I personally believe that if hack0r x is going to break into this page and disrupt their message, his better be worthwhile. Thirdly, I believe that there is a "whiter" side to defacement. This side operates within definitive ethical boundaries and attempts to make web page cracking as non-malicious as possible. I do my best to have the ability to define myself under this ethical side. I back everything up. I leave the administrator information on how to fix the security hole. I don't disrupt the flow of information - I leave a link to the original page in plain sight. While these factors don't guarantee my immunity, they surely aren't raising any eyebrows and leading people to contemplate my threat to national security. I am not concerned with leaving messages like "fuq da fedz in 9d9 suk0r my nutsaq." That, frankly, is asking for trouble. It also serves no purpose. Why do I do it? There are a few key reasons. I am sure that everyone out there that contributes to this scene has their own. First off, I am seventeen [before I go any further, I am referring to seventeen as "kid", not "a minor and therefore will receive lesser penalty"]. As a young member of society oftentimes I find that my voice goes unheard. In a book titled Rise and Fall of the American Teen by Thomas Hine [NPR broadcast] , the theory is presented that the proverbial "teenager" did not exist until the 1930s. Until that time, teenagers were too busy supporting the family, getting married, and having children. Nowadays, if I were to write my senator, correct my teacher, or start a business, people automatically assume that I am incapable. This is a stereotype that I have not established for myself; other teenagers have given me a reputation unbefitting of who I really am. By defacing a website, people have to listen. The volume of people that visit the site as it is defaced combined with the volume of people that view it mirrored is immense. Therefore, I have effectively gotten my message out, and people can choose to listen to it or not. If this sounds extremely selfish, I agree. The twist comes in the questions that people ask themselves. For instance, one of my motivations is enlightening system administrators. There has been many a case where I have noticed a vulnerablilty, mailed the admin, and his/her cockyness resulted in ignoring my warning. Two or three days later, I see this admin's page on the mirror. Sometimes, the best way to inform someone is to show them. Seeing is believing. The point is, if I can get at least one of the hundred people that see that site, including the administrator, to realize that security isn't all its cracked up to be and change their views, I have done my job. This line of thought is very common in the heads of most defacement practitioners. Second, I am a graffiti artist. I throw burners on walls and trains. I have ran with some infamous crews. I do not represent the "tagging" aspect [for the uninitiated, the equivalent of "b0n3r oenz u" on a defacement]. I strongly feel that graffiti can be very artistic and carry a very strong message if done correctly. People will pass by your piece and either love it or hate it. For that moment they take their mind off of their jobs, their children, their lives and they contemplate what they are looking at. This is very much so the purpose of web defacement in my eyes. Third, I don't care. I can't care. I haven't been raided, haven't stared down a lawman's gun, and haven't been investigated for computer crime. If any of these were to happen to me, I have no doubt in my mind I will see things in a different light. This ignorance is obviously not very healthy. I have weighed the consequences and see very little in favor of me stopping. I will most likely continue to deface until it gets old, I have nothing else to say, or simply don't have time. I would argue that ninety percent of web page defacements fall under this mindset. This is sad, but true. This is not to say that I or anyone else isn't aware of the rules. That assumption is far from the truth. What it means is that we are basically carefree in the sense that we could be arrested and still feel good about ourselves. ;) In a sense, it isn't worth it. There are only a few of us singlehandedly cracking with good intentions. The rest of the scene is too busy talking shit to each other or rm -rfing everything they can that there is a stereotype affiliated. As aforementioned, stereotypes are the ultimate backpedal to anything we accomplish. Just as teenagers are ignored and pigeonholed, everyone who totes a computer and investigates security will be labeled a threat. What does make it worth it? Arguably, the few who carry on the tradition. PHC and Narcissus - using their defacements as a political tool. DHC - putting an interesting poetic twist to their cracks. ULG - for making BIG statements on BIG sites. Last but not least, v00d00 - for his cynical views and unique style. There are others, no doubt, but these guys definately take the cake for originality and style - they have my respect. So next time you see my name or anyone else's pop up on attrition and wonder why we do it, think back to this article. Is it worth it? You decide. YTCracker(phed@felons.org) (c)1999 YTCracker andseven one nine @HWA 04.0 ExplorerZip Shrinks, Becomes MiniZip ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Evil Wench By applying a simple compression scheme (Neolite) to the well known destructive virus WormExplorer it is possible to sneak the old worm by antivirus software. This 'new' version of WormExplorer is being called MiniZip. The worm uses MAPI-capable e-mail programs to propagate, such as Microsoft Corp.'s Outlook, Microsoft Corp.'s Outlook Express and Microsoft Corp.'s Exchange. At least twenty companies and several thousand systems have been infected so far. (It is pretty sad that with todays technology a simple compression routine is enough to bypass antivirus technology. Pattern detection is not the answer. Sure hope the AV companies have something better up their sleeves.) ZD Net http://www.zdnet.com/zdnn/stories/news/0,4586,2402114,00.html?chkpt=zdnntop MSNBC http://www.msnbc.com/news/341096.asp Associated Press - via Baltimore Sun http://www.sunspot.net/cgi-bin/gx.cgi/AppLogic+FTContentServer?section=cover&pagename=story&storyid=1150180206405 MiniZip a nasty, small clone of ExploreZip New virus compresses ExploreZip code to evade anti-virus software, bites at least a dozen companies. By Jim Kerstetter, PC Week UPDATED December 1, 1999 9:04 AM PT They call it, MiniZip. Virus researchers at Network Associates Inc. (Nasdaq: NETA), Symantec Corp. (Nasdaq: SYMC) and Trend Micro Inc. warned Tuesday evening that a new version of the ExploreZip virus, which wipes out information on a hard drive, has hit at least 12 companies so far, six of them high-tech manufacturing companies. Several thousand PCs are believed to have been hit. The ExploreZip variant, also called ExploreZip.worm.pak, is 120KB, about half the size of its predecessor. But other than its diminutive size, MiniZip acts exactly like ExploreZip, which wipes out files on hard drives and can spread via e-mail. Compression conundrum MiniZip is so small because the virus's author compressed the original ExploreZip code. Compressing it changes the bits, meaning that anti-virus software has trouble identifying the new virus. MiniZip first appeared last week, so most anti-virus makers have updated their software to detect its code. While anti-virus makers issued notice of the new updates, it appears that many companies have not updated their anti-virus software, allowing Tuesday's outbreak. What to look for ExploreZip, the "father" of MiniZip, was first reported on June 11. To propagate, the worm uses MAPI-capable e-mail programs, such as Microsoft Corp.'s Outlook, Outlook Express and Exchange. It e-mails itself out as an attachment with the filename "zipped_files.exe." The body of the e-mail message looks like it came from a regular e-mail correspondent and says: "I received your email and I shall send you a reply ASAP. Till then, take a look at the attached zipped docs." Once it's launched, MiniZip launches the original Worm.ExploreZip routine. It looks for any drives mapped to the infected computer and spreads to them. It also looks for unread e-mail and automatically replies to them, in search of new victims. "That's why it has spread so rapidly now, but didn't at first," said Vincent Weafer, director of the Symantec Antivirus Research Center. "This is exactly how ExploreZip spread." MiniZip may display an error message informing the user that the file is not a valid archive, according to the anti-virus companies. The worm copies itself to the c:\windows\system directory with the file name "Explore.exe" and then modifies the WIN.INI file so that the virus launches each time Windows is started. Associated Press; Computer virus devouring files The Associated Press SAN FRANCISCO (AP) — Experts scrambled to warn thousands of computer users that a familiar and damaging virus has struck scores of companies and could be slumbering in their e-mail inboxes. The Mini-Zip virus tore through computers on Tuesday, devouring files and crippling e-mail systems, anti-virus analysts said. It was expected to renew its assault today as unsuspecting users logged on. Dan Schrader, vice president of new technology at Trend Micro in Cupertino, Calif., said he fielded complaints of significant problems from four Fortune 500 companies and scores of smaller companies. Sal Viveros, a marketing manager for Santa Clara-based Network Associates, which makes anti-virus software, said 20 large corporations had been affected by Tuesday evening. The experts refused to release the names of affected companies. Mini-Zip's parent bug, Worm.Explore.Zip, struck last summer. It was considered the most destructive virus since the Melissa outbreak in the spring. ``The last time this virus came along it affected tens of thousands — maybe hundreds of thousands of computers — and caused millions of dollars in damage,'' Schrader said. ``It's malicious and fast-spreading. We consider this to be high-risk.'' It wasn't clear whether the problem had been reported to the government-chartered CERT Coordination Center — formerly the Computer Emergency Response Team — at Carnegie Mellon University in Pittsburgh. There were no warnings on its Web site early today. Anti-virus experts said the bug gets loose from an infected system as a seemingly friendly reply to a clean e-mail sent via the Microsoft Outlook, Outlook Express or Exchange browsers. The virus intercepts the original message and automatically sends itself as a response — even changing the subject line from, for example, ``Work Meeting'' to ``Re: Work Meeting.'' The body of the message reads: ``Hi (recipient's name)! I received your e-mail and I shall send you an e-mail ASAP. Till then, take a look at the attached zipped docs. bye.'' The e-mail contains an attachment called ``zipped—files.exe.'' If a user double-clicks on the attachment, the virus is set loose in the new victim's system. It then destroys a series of files in a computer's hard drive by replacing them with empty files. Anti-virus experts cautioned users against opening e-mails if they do not know the sender or why they were sent. They said the virus could be fought with updated anti-virus software. Originally published on 12/01/1999 @HWA 05.0 Staples Files Suit Against Unknown Defacer ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Weld Pond Staples Inc. has filed a lawsuit in US District Court in Boston charging that "John Doe," an unidentified cyber intruder, illegally accessed the company's Web site and damaged the company by stealing e-commerce business. The defacement that occurred on October 9th, featured advertisements for products at Home Depot. Staples hope to identify the intruder shortly. (How do you sue an unknown person?) Boston Globe http://www.globe.com/dailyglobe2/334/business/Staples_files_suit_against_Web_hacker+.shtml Associated Press http://library.northernlight.com/EB19991130960000057.html?cb=0&dx=1006&sc=0#doc Staples files suit against Web hacker By Shelley Murphy, Globe Staff, 11/30/99 hopping on line may be the best way to avoid holiday crowds, but customers visiting Staples's Web site one day last month encountered a unique problem when they unwittingly found themselves in a competitor's store. A hacker broke into the Framingham office-supply retailer's Internet site, www.staples.com, on Oct. 9 and posted advertisements for one of the company's major competitors, Office Depot. Shoppers clicking on Office Depot products were linked immediately to the home page of Staples's major competitor, which is based in Delray Beach, Fla. Officials at Staples Inc. filed a lawsuit in US District Court in Boston yesterday charging that ''John Doe,'' the unidentified hacker, illegally accessed the company's Web site and damaged the company by stealing e-commerce business. The suit contends that the hacker is believed to live in or near Massachusetts and that the company expects to identify him shortly. ''We consider it highly unlikely that...our competitors were involved in any way,'' said Shannon Lapierre, public relations manager of Staples, speculating that the changes to the Web site may have been a prank. But Staples, which just announced third-quarter Internet sales revenue of $24 million, is taking the Web-site intrusion seriously and is determined to identify the culprit and report him to federal authorities, Lapierre said. Meanwhile, federal authorities have been on the lookout for Internet fraud. Federal law prohibits unauthorized access to a computer and calls for as much as 10 years in prison if damage is caused recklessly as a result of the breach. ''Obviously e-commerce is a very important part of our business and very important to the company,'' said Lapierre. Staples's goal is to have 1 million on-line customers and $1 billion in Internet sales by 2003, Lapierre said. Staples, which did $7 billion in sales last year and which operates more than 1,000 office superstores, launched its Web site a year ago. While monitoring the site Oct. 9, officials noticed that products advertised throughout the Web site had been deleted and replaced with products bearing the Office Depot logo. The suit said that the Office Depot advertisements contained links to the Florida company's Web site, meaning that Staples's shoppers who clicked on the illegally advertised products were redirected to the competitor's Web site. Shoppers were diverted from Staples to Office Depot for about an hour before the problem was corrected, Lapierre said. In addition to lost business, Staples alleges that it cost the company time and money to repair its Web site and to determine the extent of the security breach. Calls to Office Depot, the world's largest seller of office products, were referred to the company's vice president of public relations, who couldn't be reached for comment late yesterday. Lapierre said the problems created by the hacker had never happened to Staples before. ''It's an interesting time we live in,'' she said. Staples's stock rose yesterday to close at 23-13/16 in trading on the Nasdaq market. Office Depot closed at 11 1/2, down , on the New York Stock Exchange. This story ran on page D01 of the Boston Globe on 11/30/99. © Copyright 1999 Globe Newspaper Company. Associated Press; Story Filed: Tuesday, November 30, 1999 12:50 PM EDT BOSTON (AP) -- Office supply store Staples has filed suit against an unnamed hacker who broke into its Internet site and posted advertisements that led Web browsers to the home page of one of its chief competitors. In the suit filed Monday in U.S. District Court in Boston, Framingham-based Staples charged that the hacker, referred to as ``John Doe,'' illegally entered the site and damaged Staples by stealing e-commerce business. The suit claims that ``John Doe'' lives in or near Massachusetts, and that the company expects to identify him shortly. The hacker broke into the Staples Internet site on Oct. 9 and posted advertisements for Office Depot. Shoppers who clicked on the Office Depot products were linked to the Office Depot home page. The problem was corrected after about an hour. In the suit, Staples alleges that, aside from a loss of money, it cost time and money to find and fix the security breach. Staples officials speculated that changes to the Web page were a prank, and discounted the possibility that its competitors were behind it. Gary Schweikhart, an Office Depot spokesman, said Tuesday the company was outraged by the computer hack and said Office Depot had no part in it. ``We're not that dumb and at the same time we would not condone any activity that is illegal and unethical,'' he said. Federal law calls for a maximum of 10 years in prison if damage is caused as a result of unauthorized access to a computer. Staples, which did $7 billion in sales last year, launched its Web site a year ago. The company hopes to have 1 million Internet customers and $1 billion in Internet sales by 2003, Lapierre said. Copyright © 1999 Associated Press Information Services, all rights reserved. @HWA 06.0 Comet bows to consumer pressure ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ contributed by Ted Yesterday Comet Systems Inc. was accused of collecting data on consumers web surfing practices with their free cursor changing software. The software Comet Cursor, is installed on over 16 million systems and tracks web usage of over 60,000 web sites. Following rampant consumer outcry over the practice Comet Systems has agreed to allow consumers to delete the serial number used to track individual web surfing habits and will also seek certification from Truste, the industry privacy watchdog group. Truste's certification of Comet Systems could take 45 to 60 days. Associated Press - via San Jose Mecury News http://www.sjmercury.com/svtech/news/breaking/ap/docs/1137191l.htm Software firm in privacy flap BY TED BRIDIS Associated Press Writer WASHINGTON (AP) -- A company that offers free software to change an Internet browser's computer cursor into cartoon characters promised Tuesday to let people delete a serial number the company was using to track customers across the Internet. Responding to an outcry over the privacy implications of its software, Comet Systems Inc. also said it will seek certification from Truste, an organization that monitors whether Web sites are following the privacy promises they make to consumers. Truste said Comet Systems had ``significantly damaged the trust of their customers.'' New York-based Comet Systems acknowledged Monday that its cursor software -- used by more than 16 million people -- reports back to its own computers with each customer's unique serial number each time that person visits any of 60,000 Web sites that support its technology. Those sites include dozens aimed at young children, such as those for the Dilbert and Peanuts characters of United Feature Syndicate Inc. and the Ty Inc. site for Beanie Babies. Comet said it never violated customers' privacy because it does not attempt to match its serial numbers against anyone's real-world identity. But it said Tuesday it will allow customers to delete those numbers, anyway, although the numbers helped Comet keep an accurate census of its customers for marketing and billing purposes. Some Web sites pay Comet based on the number of visitors using the cursor-changing technology. Customers will be able to download a program starting Wednesday from Comet's Web site, at www.cometsystems.com, to replace their serial number with a meaningless number that isn't unique. ``If that's what we need to do to appease users, we'll do that,'' spokesman Ben Austin said. Comet's certification to Truste could take 45 to 60 days. But that organization only monitors data collected at a company's Web site, not by its stand-alone software programs. ``We don't cover software privacy practices,'' Truste spokesman David Steer acknowledged Tuesday. ``Comet Systems has realized they have significantly damaged the trust of their customers, and they're looking at ways to rebuild that trust.'' Critics said earlier that the company should have more openly disclosed the behind-the-scenes transmissions, which are made without warning. They also said it would not be difficult given today's technology to begin correlating the Comet serial number with a consumer's identity if the company suddenly decided to or if Comet -- with its extensive tracking database -- were purchased by new owners willing to do that. ``The typical guy who goes to Best Buy and buys a computer and installs this software, he'll never know about this stuff,'' said programmer Dave Gale of Tampa, Fla. ``It's like a toy, but you wouldn't expect a toy to follow you around on the Internet.'' Steer, the spokesman for Truste, said other companies also undoubtedly are clandestinely monitoring the online behavior of their customers. ``I believe there are a lot of other software companies that are collecting personal information and not disclosing it,'' he said. ``That is just no longer acceptable.'' Internet discussion groups were filled Tuesday with messages from angry people who believed the cursor software did or could violate their privacy. In a statement published on the company's Web site, Comet President Jamie Rosen said the company was ``quite surprised'' at the privacy questions because the software doesn't ask for a customer's name, e-mail address or other personal information. ``We deeply regret that this has caused concern among our users and we pledge to be a leader in the area of online privacy in the future,'' he said. @HWA 07.0 Personal Info of Canadian ISP Users Leaked ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Astroboyz and dj.tazz The personal information on almost 2,700 Internet users in Manitoba Canada was stolen and spread across the Internet. Users of the Videon Wave's Internet cable services had thier account numbers, along with customer names, addresses, phone numbers, user names and passwords stolen. The intrusion into Videon systems took place almost two weeks ago however the company never notified any of the effected customers. The incident has not been reported to the local Police or the RCMP. Winnipeg Free Press Does anyone have a better link? This one is about to expire. http://205.200.191.20/cgi-bin/LiveIQue.acgi$rec=3673?search Hackers tear cover off Videon security Tue, Nov 30, 1999 By Doug Nairne Legislature Reporter PERSONAL INFORMATION on almost 2,700 Videon cable modem customers has been obtained by Internet hackers in what is being called one of the most damaging computer attacks ever against a Manitoba company. The information has become a hot property as it is passed around the city's computer underground, while irate customers are demanding to know why Videon didn't notify them that their names, phone numbers and passwords had been taken. The list includes 2,688 Videon account numbers, along with customer names, addresses, phone numbers, user names and passwords. Reid Eby, an Internet security consultant and president of Interlink Online Services, said hackers could use the information to access people's Internet accounts and send and receive e-mail as if they were the owner. E-mail that has already been downloaded to a computer is safe, but all incoming messages can be intercepted. There is no impact on Videon cable TV subscribers, only cable modem users. "If they got the user names and passwords, this is the worst incident I've ever heard about locally," Eby said. "Given what is going on with hacking, placing any client information on-line in this day and age is silly." Eby said the Videon information would also be valuable for sale to direct marketers and junk mailers, who would covet the contact data for high-end computer users. Anyone who does any business transactions on-line may also be in danger, especially if their credit card numbers are transmitted back to them in a receipt. Hackers could also use the information to "socially engineer" a target, tricking people into revealing more information about themselves or making their computers vulnerable to intrusion. Videon spokeswoman Nadine Delisle said that a routine security sweep last week showed that customer information had been pilfered. She claimed that no passwords were obtained, although lists being circulated clearly include passwords, user names and other information. Despite the criminal nature of the intrusion, city police and RCMP said the incident has not been reported to their investigators. Sources say the hack took place during the second week of November, but none of the Videon customers contacted by the Free Press yesterday knew that anything had happened. "I'm a little surprised that we were never notified about this," said businessman Sam Katz, whose wife's personal cellular phone number is on the list, along with his other information. "I'd like to think these things are a little bit better secured." Delisle said Videon decided the information wasn't sensitive, so customers were not informed about the security breach. "The risk seemed to be very minimal," she said. "It was not assessed to be important." Katz disagreed, saying he plans to find out why he wasn't notified. Winnipeg police Const. Bob Johnson said companies often don't report hacking because they are concerned about bad publicity. Delisle said the incident was not "serious enough" to report to police. "We closed the security hole so that this will not happen again, that was the priority," she said. But a spokeswoman with the Canadian Radio-television and Telecommunications Commission said Videon customers can file a complaint against Videon and demand an explanation. "People should be able to get the reasons why their private information was leaked out," she said. The customer list contains a wide cross-section of Winnipeggers, including doctors, business people, university professors, journalists and even computer security experts. The hackers say they could pose as any one of the people on the list, although there is no evidence that anyone has done so yet. Hackers contacted said they were particularly pleased to get the personal information of one Videon customer -- a computer security expert who has written articles on the psychology of hackers, describing them as geeks and loners. Meanwhile, Ron Campbell, another cable modem customer whose details have been disclosed, said he is upset about the incident but that he doesn't blame Videon for the security breach. "I don't particularly think Videon could have stopped this from happening," he said. "I assume they had some security in place." PHOTO ILLUSTRATION BY JOE BRYKSA/WINNIPEG FREE PRESS Hackers managed to breach Videon's security and gain access to customers' personal files. @HWA 08.0 First Internet Piracy Case in Japan ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Galleon A 21-year-old student has been accused of illegally distributing over 170 titles of game software for different Nintendo machines. This is the first case of an unauthorized delivery of game software via the Internet in Japan. Asia Biz Tech http://www.nikkeibp.asiabiztech.com/wcs/frm/leaf?CID=onair/asabt/news/85776 Hokkaido Police Pursue Unauthorized Net Delivery of Game Software December 1, 1999 (TOKYO) -- The Hokkaido Prefectural Police's Sapporo Kita Station alleged that a college student delivered unauthorized game software over the Internet. It sent papers on Nov. 25, 1999 to the Sapporo District Prosecutor's Office for prosecution. The 21-year-old student, who has been accused of illegally distributing about 180 titles of game software for Family Computer (Famicon) and Game Boy game machines made by Nintendo Co., Ltd., is suspected of infringing on rights under the Copyright Law. The case is the first disclosure of an unauthorized delivery of game software via the Internet in Japan. The college student reportedly distributed the software on his own Web page,labeled as "information exchange," to seem as if the delivery did not constitute downloading of game software. Game software for sale is usually recorded in read-only memory (ROM). The student ran software which emulates a game machine on a personal computer, and stored the game software recorded in these ROMs on a hard disk drive on the PC and uploaded it onto a Web server. According to Association for Copyright for Computer Software (ACCS), which assisted the police in the disclosure of the case, there seemed to be a lot of downloading from the suspect's Web site, but it does not know how many downloads were actually made. An ACCS spokesman said that software distribution without authorization of an author itself is unlawful. In addition, the suspect knew the case was illegal, intentionally concealed the illegal uploading and downloading and distributed not just a few software programs over the Internet, the spokesman said. ACCS assumes there must be many other cases of illegal uploading and downloading of game software via the Internet. The association therefore hopes that the disclosure of the case will serve as a warning to the public. [Comment by BizTech] The disclosure of the illegal uploading and downloading of game software was based on a "breach of the Copyright Law." However, there are various applications of the Copyright Law depending on the case. In this case, the college student was suspected of "infringing on the right of public transmission under the Copyright Law." "The right of public transmission (Article 23 of the Copyright Law) is an author's proprietary right to transmit his or her work to the general public via broadcasting and/or communications. For example, an author's authorization will be needed for any broadcasting of a work in a television or radio program. (Note. In Japan, granting of copyrights and collection of license fees for the majority of musical works are performed by the Japanese Society for Rights of Authors, Composers and Publishers (JASRAC).) Distribution of works over the Internet is included in the public transmission right. Distribution of any software and musical data over the Internet shall constitute infringement on the public transmission right and thus breaches the Copyright Law. (Note. Any case which constitutes "reference" under the Copyright Law shall be excluded from this case.) For example, if someone transforms Celine Dion's hit number, "My heart will go on," into MIDI data without obtaining Dion's permission and plays the song on his or her own Web site as background music, strictly speaking such an act would constitute infringement or the public transmission right. (Note: Any works whose copyright is obviously expired shall be excluded from this case. For example, any distribution of MIDI data of well-known works such as a composition made by Mozart, Beethoven or Chopin, is generally legal.) In this case, the college student uploaded game software on a Web server without obtaining authorization of the authors of the game software, and enabled anybody who can access the Web site to download the software programs. This is called "enabling of public transmission." The case infringes on the public transmission right. In addition to infringing on the public transmission right, the suspected student also breached the Copyright Law for uploading of the game software on the Web server because the student made unauthorized copies of software (Infringement on the reproduction right, Article 21 of the Copyright Law). In the case, the suspect made unauthorized copies when copying the game software from ROMs to the hard disk drive of his or her PC and when copying it from the hard disk drive to a hard drive on the Web server. Because of the suspect's ultimate objective was to distribute of software over the Internet, the case does not constitute a "reproduction for private use" under Article 30 of the Copyright Law, and thus breaches the Copyright Law. The suspect repeatedly breached more than one provision of the Copyright Law, even though the other breaches were not disclosed. (Kazumi Tanaka, Deputy Editor, BizTech News Dept.) @HWA 09.0 FBI Launches InfraGuard in Ohio ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Weld Pond A national program known as InfraGuard, developed by the FBI to promote information sharing among law enforcement, industry, the academic community and the public about computer network intrusions and computer system vulnerabilities, was officially launched in Ohio yesterday. Over 200 people where expected at the kickoff meeting. (Watch for an exclusive insiders report on InfraGuard coming soon to HNN.) The Cincinnati Post http://www.cincypost.com/news/hacker112999.html C I N C I N N A T I P O S T FBI leads new effort to help thwart hackers Post staff report Nearly 200 people were expected at today's kickoff meeting of a group organized by the FBI to thwart hackers from breaking into government, industry and academic computer systems in Cincinnati and southern Ohio. Speakers included Cincinnati FBI agent in charge Sheri Farrar, Southern Ohio U.S. Attorney Sharon Zealey, Ohio Bureau of Criminal Identification and Investigation Superintendent Ted Almay and representatives from the FBI's National Infrastructure Protection Center. The regional meeting, held at Deer Creek State Park in Pickaway County, is part of a national program developed by the FBI and industry to promote information sharing among law enforcement, industry, the academic community and the public about computer network hacking and computer system vulnerabilities. So-called ''InfraGard'' chapters are designed to help protect the nation's information systems from cyber and physical threats. The Cincinnati FBI's chapter includes the 48 southern-most Ohio counties, including Cincinnati, Dayton and Columbus. A national InfraGard program was developed after President Clinton directed the FBI to identify and coordinate computer infrastructure protection experts inside and outside the federal government. Members of the Cincinnati chapter include the Ohio Supercomputer Center, American Electric Power, Ohio State University and Bank One. Members eventually will have access to an Alert Network that will allow them to use encryption technology to report attacks on their computer systems to the FBI. The FBI will provide what it calls a ''sanitized'' description of the incident, without identifying the source of the report, to other chapter members so they can take actions to protect their own systems. Members also will have access to an InfraGard Web site being created by the FBI that will provide timely information about computer protection issues. Target: Hackers InfraGard is seeking more regional chapter members from telecommunications, banking, energy and transportation industries, as well as from academic institutions, hospitals and government agencies. For more information, call Cincinnati FBI agent Roger Wilson at (513) 421-4310. Publication date: 11-29-99 @HWA 10.0 National Gun Database Goes Online ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Weld Pond A national gun database, Online Lead, was activated Tuesday at all 331 branches of the Treasury Department's Bureau of Alcohol, Tobacco and Firearms. The system is available to police and other local law enforcement officials through ATF offices. The database included the gun's make and serial number, and the complete chain of sale from manufacturer to wholesaler or distributor to the first retail sale by a federally licensed gun dealer. Officials have said that security measures to protect the database from malicious intruders has been taken but did not elaborate. Associated Press http://library.northernlight.com/EB19991130720000025.html?cb=0&dx=1006&sc=0#doc Story Filed: Tuesday, November 30, 1999 11:44 AM EDT WASHINGTON (AP) -- Federal and local law enforcement officials are getting a new high-tech tool to fight crime: a nationwide computer system that aims to trace guns used during crimes. The system, called Online Lead, is administered by the Treasury Department's Bureau of Alcohol, Tobacco and Firearms and has been operating on a limited trial basis since February. ``Online Lead takes our fight against gun traffickers into cyberspace,'' said Treasury Secretary Lawrence Summers, who made the announcement today. ``It gives federal, state and local law enforcement officials throughout the country a new tool to help identify and arrest gun traffickers.'' Starting today the computer system is operating full time and is widely available. Specifically, the system is in use at all 331 ATF field offices. Although police and other local law enforcement officials can't tap directly into the system on their own, they can access the system through ATF. Local law enforcement officials are encouraged but not required to ask ATF to trace guns used during crimes. The results of those traces are entered into a growing national database, which now has information on more than 1 million traced firearms. ATF has been tracing guns used in crimes for years, but the sophisticated software used in the new online system should make it much easier for investigators to analyze trends and patterns in illegal firearms trafficking, law enforcement officials said. For police and other local law enforcers, the system may provide new leads and additional information about crimes, they said. Online Lead is updated frequently and provides information on a traced gun one day after it is completed. The new system evolved from earlier projects that aim to provide investigators access to data on guns used in crimes. Those systems stored information on traced guns on computer discs that had to be shipped to ATF field offices, a slow process. The new online system gives law enforcers fast access to such information. Information about all firearms traced by the ATF goes into the national database and is available on the new online system. What agents can trace is limited. They start with a gun's make and serial number, moving forward from the manufacturer to a wholesaler and distributor to the first retail sale by a federally licensed gun dealer. All sales by licensed dealers must be recorded, and those records must be made available to ATF. But any sales by individuals or by collectors at gun shows, for example, are considered private and exempt from such record-keeping requirements. Copyright © 1999 Associated Press Information Services, all rights reserved. @HWA 11.0 Zero Knowledge Ships Freedom, Finally ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Jordan After what seemed like an agonizingly long beta period Zero Knowledge Systems has finally shipped Freedom 1.0. Freedom works seamlessly alongside your favorite browser and other Internet applications. You can surf the web, send email, chat, telnet, and participate in newsgroups as you normally would, only now with complete confidence that your personal information is not being collected without your consent. Freedom identifies you on the net with a 'nym' that you choose. There can be only one 'nym' so unless you want something like 'Tom4538720' you should reserve yours today. Freedom 1.0 http://www.zks.net/clickthrough/click.asp?partner_id=542 @HWA 12.0 OpenBSD 2.6 Ships ~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by Theo What is probably the most secure operating system available has shipped its new version. OpenBSD 2.6 is a FREE, multi-platform 4.4BSD-based UNIX-like operating system. It emphasizes portability, standardization, correctness, proactive security and integrated cryptography. Some of the new features include the addition of ssh (OpenSSH) and Perl 5.005_03 to the base system, reliability patches for the PowerPC port, improved support for ext2fs, USB support, a faster install process and a lot more. OpenBSD http://www.openbsd.org/ @HWA 13.0 Videon Was Warned of Data Loss ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From HNN http://www.hackernews.com/ contributed by dj.tazz and P_Simm The Canadian ISP, Videon, was warned that it had left its customer database available on the web for all to see. Days later, after the database had made the rounds on the net the security issue was resolved. Customers however where never notified by the company. They did not find out about the problem until weeks later when it appeared in the local newspaper. Videon has confirmed that they received the emailed warning and failed to act in a timely manner to prevent the loss of customer account numbers, names, addresses, phone numbers, user names and passwords. Winnipeg Free Press http://205.200.191.20/cgi-bin/LiveIQue.acgi$rec=3772?search Videon ignored Web security breach E-mail warning of leak never received reply Wed, Dec 1, 1999 By Doug Nairne Legislature Reporter VIDEON WAS warned that its cable modem customer list was left unprotected on the Internet but failed to act for at least a day, allowing hackers a chance to pilfer the sensitive information, the Free Press has learned. An e-mail message identifying the security leak was sent to Videon security staff on Nov. 10, which is thought to be the day prior to when personal details on about 2,700 people were downloaded. A man who asked to be identified only by his computer user name, "Grub," said he sent the warning after stumbling on the customer data base while surfing the Videon Web site. Despite Videon's insistence that the information was taken after a "deliberate attack," Grub said he found it sitting out in the open where anyone could have seen it. "When I found this I thought, 'Holy smokes, I can't believe this is up there,' " he said. "They might as well have written out the list and taped it to the front door." Grub said he e-mailed Videon warning them of the problem but never received a reply. "They make it sound like a big computer attack, but it was probably just their own stupidity," he said. Sometime later, the list was discovered by someone else and copies began to be made. According to Videon, customer names, addresses and phone numbers have been posted to an Internet chat group, where it would be widely accessible. Videon spokeswoman Nadine Delisle confirmed that Videon received the warning e-mail. She said that a combination of bad judgment by staff and the Remembrance Day holiday resulted in the message initially being ignored. "At the time it was not perceived to be a big risk," she said. "In retrospect, that may have been an error in judgment." Hackers ended up getting what they describe as a gold-mine of information, including account numbers, names, addresses, phone numbers, user names and passwords. They say the information can be used to intercept people's e-mail or to assume someone else's identity on the Internet. After playing down the security leak Monday, Videon was scrambling to deal with the crisis yesterday. Senior executives and communications staff were in emergency meetings most of the day. Delisle said Videon was planning a massive e-mail broadcast to all its cable modem customers to inform them of the incident, and will provide instructions on how to take precautions like changing passwords. She said Videon also wants to reassure people that their billing information and credit card numbers were not revealed. An internal investigation is being carried out, and an outside firm will be brought in to do a full security audit, Delisle said. About a dozen angry customers called the Free Press yesterday, most wanting to know why Videon didn't tell anyone what had happened -- including the police -- until yesterday, more than two weeks after they found out the information was taken. While passwords can be quickly changed, other information like addresses and phone numbers are also being passed around, leaving people vulnerable. One woman, who asked not to be identified, said she is outraged that she was not told her information had been downloaded. "Anyone with a computer may be able to get my name and phone number, and address," she said. "My daughter won't be playing outside alone anytime soon, because now I won't know if some pervert has gotten my address and is lurking around my house." The woman said she is considering cancelling her account. Delisle said that in retrospect the decision to keep the incident quiet may not have been the right one. "We're st