|
==Phrack Inc.== Volume Three, Issue 27, File 11 of 12 PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN P h r a c k W o r l d N e w s PWN PWN ~~~~~~~~~~~ ~~~~~~~~~ ~~~~~~~ PWN PWN Issue XXVII/Part 2 PWN PWN PWN PWN June 20, 1989 PWN PWN PWN PWN Created, Written, and Edited PWN PWN by Knight Lightning PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Robert T. Morris Suspended From Cornell May 25, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Taken from the New York Times Cornell University has suspended the graduate student identified by school officials as the author of "the Internet worm." In a May 16th letter to Robert Tappan Moris, age 23, the dean of the Cornell University Graduate School said a university panel had found him guilty of violating the school's Code of Academic Integrity. He will be suspended until the beginning of the fall semester of 1990, and then could reapply. No criminal charges have been filed against Morris. A federal grand jury this year forwarded its recommendations to the Justice Department, which has not taken any action. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Justice Department Wary in Computer Case May 28, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Matthew Spina (Syracuse Herald-American) "Is Washington Fearful Of Losing A Landmark Trial?" Some computer experts theorize that the Justice Department, afraid of bungling what could become a landmark computer case, still doesn't know how to treat the Cornell student whose computer worm slithered nationwide in November, 1988. A further concern in Washington: A trial in the case might embarrass the Department of Defense if its scientists are asked to detail how their computers were among the thousands crippled by the worm. For several months, the decision on how to charge 23-year-old Robert T. Morris, Jr. had been before Mark Richard, a deputy assistant attorney general. Within the last few weeks, Richard made a decision that now is being reviewed by an assistant attorney general, according to a computer professional who has been talking with the Justice Department. "I thought we would have heard something from Washington by now," said Andrew Baxtoer, the assistant U.S. attorney who in November and December presented the case to a grand jury in Syracuse. The grand jury's report was sent on the the Justice Department, which refuses to comment publicly on the matter because Morris has not been indicted. "Within the next two weeks I assume that a decision will be made," said one official. "If they decide to begin an expensive trial, they have to make sure they win so as not to damage future attempts to prosecute under that law," said Eugene H. Spafford, an assistant professor at Purdue University whose analysis of the worm has helped federal investigators. "If they decide not to prosecute, and the total thing that happens is he gets suspended (from Cornell), I will be outraged." So far, Cornell has taken the only disciplinary measure against Morris, suspending him for the 1989-90 academic year. But the graduate student left the computer science department early in November, the day after the worm spread out of a computer in Upson Hall. Morris, a computer science graduate student, has been called the author of a rogue computer program, called a worm, that was spread from a Cornell University computer. The program was designed to reproduce and infect any computer linked to the Internet, a network shared by colleges, research centers and military institutions. However, experts say an error caused the program to replicate out of control, sending thousands of copies into thousands of computers. If Morris is to be charged with a felony, prosecutors would then have to show he intended to destroy or extract information. Proving that would be difficult since the program neither destroyed nor removed information from any computer. To convict Morris on most lesser charges, prosecutors would have to show he intended to harm computers. Prosecutors also could use a misdemeanor charge requiring them to prove only that Morris gained access to a federal government computer. The worm did reach computers at the Army Ballistics Research Laboratory and NASA's Langley Research Center, among others. Some computer experts wonder, though, if Defense Department officials will be reluctant to testify publicly about how their computers were penetrated -- even those computers holding non-classified information. In February, at a computer convention in San Diego, Defense Department computer experts detailed some security improvements made to the network since November, but then refused to release copies of their presentation to people at the seminar. The FBI -- which enforces the Computer Fraud and Abuse Act of 1986 -- and some people in the computer industry are pushing for a vigorous prosecution to display a strong case against computer hacking. Others in the industry, including some of Morris' friends from Harvard University and Cornell, urge leniency because he was trying to demonstrate security flaws with computers. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Other articles about Robert Tappan Morris, Jr. and the Internet Worm are; "Computer Network Disrupted By 'Virus'" (11/03/88) PWN XXII/Part 2 "Virus Attack" (11/06/88) PWN XXII/Part 2 "The Computer Jam: How It Came About" (11/08/88) PWN XXII/Part 2 "US Is Moving To Restrict {...} Virus" (11/11/88) PWN XXII/Part 2 * "FBI Studies Possible Charges In Virus" (11/12/88) PWN XXII/Part 2 "Big Guns Take Aim At Virus" (11/21/88) PWN XXII/Part 3 "Congressman Plan Hearings On Virus" (11/27/88) PWN XXII/Part 3 "Pentagon Severs Military {...} Virus" (11/30/88) PWN XXII/Part 3 * "Networks Of Computers At Risk From Invaders" (12/03/88) PWN XXII/Part 4 * "Computer Virus Eradication Act of 1988" (12/05/88) PWN XXII/Part 4 * "Breaking Into Computers {...}, Pure and Simple" (12/04/88) PWN XXIV/Part 1 * "Cornell Panel Concludes Morris {...} Virus" (04/06/89) PWN XXVI/Part 1 * - Indicates that the article was not directly related to Robert Morris, but did discuss him as well as the Internet Worm incident. _______________________________________________________________________________ SouthernNet's Anti-Hacker Psychological Con Game April 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ WARNING! Your call is being intercepted! Error: Setting may not be changed by callers. Welcome to: S o u t h e r n N e t I n c. You have reached the SouthernNet Fraud Department, the authorization code you are attempting to use is not valid. Hacking and illegal use of codes are violations of state and federal laws. We are currently conducting an investigaion for code abuse in your area and we are coordinating the investigation with law enforcement authorities. Persons identified hacking or abusing codes will be prosecuted to the full extent of the law. I'll see you soon, Hacker Tracker - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hold for additional information: Hacker Tracker is unavailable right now; however, you may avoid possible arrest and/or prosecution by calling Hacker Tracker in person. You may contact Mr. Tracker between the hours of 9:00 AM and 5:00 PM Eastern Standard Time, Monday - Friday, simply by dialing the access number you have just used and code number 101010 or 011010 if the access you have used requires a seven digit code. Just hold the line for 10 seconds and your call will automatically be routed to Mr. Tracker at no charge to you. This is *NOT* a trick and it will be the intention of SouthernNet Inc. to settle this matter without involving law enforcement authorities if you cooperate with our fraud department 100%. It will certainly be to your advantage to contact Mr. Tracker as this will reflect your own decision to assist and avoid prosecution by our company!!! I'll be expecting your call. Hacker Tracker Hold a sec... Engaging Auto Page for Hacker Tracker... 50 seconds till disconnect 40 seconds till disconnect 30 seconds till disconnect 20 seconds till disconnect 10 seconds till disconnect 5 seconds till disconnect NO CARRIER [Do you think anyone believed this and actually called "Hacker Tracker?" -KL] _______________________________________________________________________________ What's Happening: Computer Security Up June 4, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Taken from Gannett Westchester Newspapers [Comments in brackets from Delta-Master] High-tech companies are spending 64% more [than they previously spent] on computer security, according to a recent survey conducted by the National Center for Computer Crime Data in Los Angeles. The group surveyed 3,500 law enforcement agencies and computer security experts about computer crime. The prosecution rate is also up -- 6.4% in 1988 from only 2.4% during 1987. Contrary to popular image, computer hackers aren't always young boys. The study found that 32% of those arrested for computer crimes were female, while only 14% were under 21. The study said 45% of hackers were 25 to 30 years old. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Comments from Delta-Master ~~~~~~~~~~~~~~~~~~~~~~~~~~ I do not know about you people, but the public's confusion about hackers starts to bother me when they make errors. Seriously, I know of only a few hackers over the age of 21. The fact that the newspapers also equate the thug-like computer criminals with the mastermind-criminal type hacker (you guys) is also pretty annoying, wouldn't you agree? One key phrase you must note: "32% OF THOSE ARRESTED." Oh well, such are the mistakes of newspapers. _______________________________________________________________________________ Public Service Commission Bans Operator Companies April 24, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By Jerri Stroud (St. Louis Post-Dispatch) The Missouri Public Service Commission voted 4-1 last week to ban providers of so-called alternative operator services in Missouri because allowing the companies to operate is "not in the public interest." Alternative operator services companies contract with hotels, motels colleges, hospitals, airports, restaurants and other facilities to provide operator assistance to customers using pay telephones or house phones. Consumer groups have complained about price-gouging by the companies nationwide. Mark Wheatley, a lawyer for the Office of Public Council, praised the commission's decision. The Office of Public Council has received numerous complaints about excessive rates and surcharges by alternative operator services companies, said Wheatley. Some alternative operator services companies also have accepted other companies' credit cards without authorization from the companies issuing the cards, he said. "We feel that it's an extremely important decision by the commission." said Wheatley. But he said he expects the companies affected by the ruling to appeal. Lawyers for the alternative operator services companies could not be reached for comment. In it's ruling, the commission said many consumers aren't aware of the rates charged by the alternative operator services companies until they receive "a bill for operator services at prices higher than those to which he is accustomed." Consumer groups say the rates often are twice or three times the rates charged by better-known long-distance companies. Even if an operator service company identifies itself when a consumer makes a call, the commission said many consumers don't understand the significance of the identification. "If the end user is not educated as to the intricacies of using an alternative operator services provider, he does not truly have a meaningful choice..." the commission said. The ruling only affects intrastate calls handled by alternative operator services companies, but it may effectively prevent the companies from providing interstate service as well. The commission specifically denied tariff requests from International Telecharge Inc. and American Operator Services Inc. The commission also directed three other companies -- Teleconnect Inc., Dial US, and Dial USA -- to file new tariffs consistent with the ruling. The ruling allows companies to operate who provide operator services in connection with their business -- long-distance carriers and local telephone companies, for example. But the commission also placed limits on these companies. Under the ruling, operator services companies must: * Identify themselves to the caller as well as to the party being billed by the call (in the case of a collect or third-party call). * Quote rates to the caller or billed party on request, without charge. * Use calling card verification procedures acceptable to the companies issuing the cards. * Post in a prominent position the company's name, detailed complaint procedures and instruction on how to reach the local telephone company operator and other long-distance carriers. * Transfer emergency traffic to the local telephone company or American Telephone & Telegraph Co. until the alternative services provider can show that it can handle emergency calls adequately. _______________________________________________________________________________ Fax Attack May 13, 1989 ~~~~~~~~~~ Taken from The Ann Arbor News "Governor's Attempt To Ban Unsolicited Advertisements Backfires!" HARTFORD, Conn - The great fax attack of 1989 -- an all-out lobbying campaign against a bill banning unsolicited facsimile advertising -- may have backfired when the governor's fax machine was jammed for hours with unwanted messages. Starting Thursday, May 11, and continuing Friday, May 12, Governor William A. O'Neill's fax machine has been beeping constantly, spitting out unwanted messages from angry businesses that advertise by fax. The businesses oppose a bill now awaiting O'Neill's signature that would prohibit them from marketing their products by fax without first obtaining the permission of the recipient. Violators would face a $200 fine. Starting Thursday morning, dozens of Connecticut businesses faxed to O'Neill's office a form letter arguing against the fax ban. The stream of fax messages was so constant (40 came in before 10 AM) that the governor's office turned off the fax machine Thursday (May 11). O'Neill's press secretary, Jon. L. Sandberg, said the governor still hasn't decided whether he will sign the bill. But aides to the governor said the persistent lobbying campaign proved how annoying unwanted messages can be. The inconvenience was compounded because the governor's office was unable to use its fax machine to receive information about spring flooding around the state. _______________________________________________________________________________ NYNEX Announces Info-Look Gateway April 28, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Introducing a new service for accessing information and more... all through your personal computer! Starting in May 1989, New York Telephone's INFO-LOOK (tm) Gateway Service can be your link to accessing a variety of information, products and services. The INFO-LOOK Gateway simplifies on-line computer access to a variety of information providers. When you call the Gateway phone number through your modem, you'll be able to scan a menu of information services. The types of information services you may choose from include: Entertainment, business, health, food, news, weather, sports, travel, government, educational and reference information. The services, some interactive, are provided by independent companies. The INFO-LOOK Gateway is easy to use -- even if you're relatively new to using a PC. What you'll need to use the INFO-LOOK Gateway 1. Virtually any type of personal computer. 2. A modem (300, 1200, or 2400 Baud), and communications software. This enables your computer to communicate with other computers via the telephone system. 3. A New York Telephone Calling Card. If you need a New York Telephone Calling Card, (it's FREE), call your service representative whose number appears on page one of your New York Telephone bill. Charges for using the INFO-LOOK Gateway There are ** no ** Gateway enrollment fees and ** no ** monthly subscription charges. In most cases, you will be charged (New York people only): o A local call to reach the INFO-LOOK Gateway. o While you're browsing the Gateway directory of services, or moving between services, you pay $.05 a minute. o Once you connect to a service, the charge is determined by the Service Provider. Some services have a per-minute usage charge. Some services are free. The charges for each service are listed in the Gateway menu. You'll find most charges itemized on your monthly New York Telephone bill. Some Service Providers may decide to bill you separately and directly for use of their services. Call for more information: To get your free INFO-LOOK Gateway information booklet call (toll- free) 1-800-338-2720, Ext. 20, any day from 9 a.m. to 11 p.m. Note: New York Telephone does not provide or control the services offered through the INFO-LOOK Gateway Service. They are provided by independent companies, which are responsible for the content, character, and quality of their services. The predictions run $5 billion now and another $5-10 billion by 1991. [INFO-LOOK is already operating in Bell South and Bell Atlantic.] _______________________________________________________________________________ Pacific Bell Plans Access To Computers June 9, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Taken from Santa Cruz Sentinel (Section B) SAN FRANCISCO (AP) -- Pacific Bell said Thursday it hopes to compete with the popularity of television by offering people easy access to computerized libraries, bulletin boards and the use of electronic mail. PacBell's California On-line -- which will be available to anybody with a personal computer, telephone and calling card -- will be among the first in the nation to use a graphic-based system that simplifies procedures so only a rudimentary familiarity with computers is needed. "It's going to offer our customers a supplement to their current leisure activities... and among other things we've seen (in trials) a lot of people who got away from the TV," said Roger P. Conrad, director of Videotex Gateway Services. "We feel this is a more productive way for people to spend their lives and we think a lot of users are going to agree," he added. Users will pay "info-entrepreneurs" fees based on the time they use various services and will be billed on their monthly telephone statements. Unlike some on-line information services, users do not have to subscribe ahead of time. Conrad said the types of services are limited only by vendors' imaginations. PacBell will make money by selling telecommunication line use to the companies. _______________________________________________________________________________ Bulletin Boards Of Argentina June 5, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Country Code = 54 (Argentina) City Code = 1 (Buenos Aires) This list might be slightly incorrect due to the passage of time. The last update was on December 23, 1986. Name Hours Of Operation ======= Number= ---- Beta 23:00 - 6:30 802-0288 C-Mania 21:00 - 7:00 362-8843 CBM 16:00 - 12:00 90-4988 Century 21 24 hours 632-7070 Cerebruss 24 hours 47-2717 Cerebruss Information ? 48-8300 48-9886 Databank ? 44-9760 Drean Conection ? 953-2523 Los Pinos 13:00 - 19:00 21-0375 Magenta ? 392-0124 Magenta ? 392-0016 Maxes 23:00 - 7:00 542-2695 Mendieta 22:00 - 8:00 654-6999 Pirates Cove 24:00 - 6:00 783-5023 Sanctuary 24:00 - 3:00 641-4608 Soft-work 22:30 - 9:00 88-2065 TCConection 19:00 - 12:00 22-4197 The Connection 24 Hours 82-5780 The Hacker 23:00 - 7:00 748-2005 Tiger ? 784-2226 XCASA ? 611-8136 BBS-IOM 24 Hours 804-3602 Note: The settings for all systems listed above are Even, 7, 1. Contributed by Noli _______________________________________________________________________________