|
==Phrack Classic== Volume Three, Issue 32, File #10 of 12 KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL K N I G H T L I N E Issue 001 / Part I 17th of November, 1990 Written, compiled, and edited by Doc Holiday KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL --- Welcome to the 5th year of Phrack and the first edition of KnightLine! --- SunDevil II: The witch-hunt continues.. I hate to start out on such a sour note, but: Inside sources have reported an enormous amount of Secret Service activity in major U.S. cities. Furthermore, sources claim that new investigations are underway for the prosecution of all Legion Of Doom members. The investigations have "turned up" new evidence that could bring about the sequel to SunDevil. This information comes from reliable sources and I suggest that all precautions should be taken to protect yourselves from a raid. Some good advice to follow: A> Refrain from using "codes", or other means to commit toll fraud. B> Further yourselves from those who are overwhelmed with desire to tell you their recent conquests of computer systems. C> Refrain from downloading or storing stolen Unix source code. D> Get rid of anything that might incriminate you or your peers. E> Stay cool, calm, and collected. The Conflict has submitted a file to KL about what to do IF YOU ARE raided. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Simple Guidelines To Follow If You Encounter Law Enforcement Agents In An Unfriendly Situation The current state of the Computer Underground is an extreme turmoil. The recent threat of another series of witchhunt raids has put many people into a state of paranoia, and rightfully so. Noone needs to deal with all the bullshit associated with a bust. I am offering a few guidelines to follow if you encounter a precarious situation instigated by a law enforcement agent; of course, it is up to you to decide what you want to do. Of the people whom I have spoken with, these will be some of the best steps to follow if you receive an unexpected visit. Probably the first thing you would want to do if you receive an unfriendly visit from Joe Fed is to READ the damn warrant. Find out why you have been chosen, and what they are looking for. Also, remember that if they have only a search and seizure warrant, they are warranted only to confiscate items on your premises; however, if they are serving a subpoena, they may take what they need, on or off your premises. So, in essence, the clean-house preventive measure may or may not be useful to you. An important thing to do when Agent Foley (or one of his lesser evil counterparts) comes knocking on your door is to cooperate fully. Drop a lot of "Yes sir"/"No sir" answers; respond politely. You're in no position to be a smart ass, and being friendly surely can not hurt you. Another important thing to remember, although it is almost opposite of the aforementioned, has to do with what to say. In essence, do not say a fucking thing if you are questioned! Remember, anything you say or do can and WILL be used AGAINST you in a court of law. Simply reply, "I can not answer any questions without counsel", or "I first must contact my attorney." You need not answer a damn thing they ask of you without an attorney present, and it would most probably be very detrimental to do so. This hint parallels the previous one. No matter what you do, do not reply to any question with "I don't know anything", or any simple derivation of that phrase. If you do, and you are indicted, you will be reamed in court. The presence of that statement could greatly damage your defense, unless you are conditionally mental or something. In essence, those are all you should need. What I have outlined is very simple, but logical. You need to keep a level head at least while they are on site with you; get pissed off/psycho later, after they leave. If you are currently an active member of the Computer Underground, you may wish to lose anything that is important to you, at least temporarily. Why? Well, the analogy I was given follows that: if you were suspected of racketeering, the feds could execute a search and seizure on your property. If they can prove by 51% that ANY of the confiscated material COULD have been used in your suspected racketeering, it is forfeited (i.e. you lost it, for good). The forfeiture stands whether or not you are indicted or convicted! So, you would be entirely screwed. All of the aforementioned steps are important. Those are all I really have to offer. I suggest that you get clean before the sweep occurs, and that you stay clean until after the sweep clears. Exercise extreme caution. Keep your head high, and keep your back to the wall (otherwise, it would be quite possible to find a knife lodged in it). Stay safe, and good luck! The Conflict 11-13-1990 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ***UPDATE.11/16/90: 3 Hackers are DOOMED to prison Frank Darden (Leftist), Adam Grant (Urvile), and Robert Riggs (Prophet) were sentenced Friday. Robert, who was currently on probation before the incident was sentenced to 21 months in a federal prison. Frank and Adam were received sentences of 14 months. All three were ordered to pay $233,000 in restitution. Kent Alexander, an assistant U.S. attorney who prosecuted the case, was not available for comment. --- This is not good for the Underground at all. I'm sure the government will use the outcome of this to their advantage in speeding up the momentum of prosecuting hackers. In their eyes, everyone is in LOD. Dale Boll, a special agent of the Secret Service in Washington, said "Telephone companies are preparing for a retaliation from the hacking underworld and are beefing up security at all ends of the wire." I can't verify or validate these rumors of retaliation. But I can say if you are going to do some sort of retaliation, I would think twice-- It could make things worse. This is not a "game" we are playing. No, it's reality. And I'm sured Frank, Adam, and Rob are feeling it right now. --- A few words from Erik Bloodaxe on the sentences: "I'm not surprised in the least at the sentencing. However, I'm sure the three of them are. I wish I could ask them if all the singing was worth-while in the long-run. How can anyone hope to make a deal with federal officals, who with in the past year, resorted to such lies and deceit. Everyday I think all this will be over and I can get on with my life and possibly use my own computer to write a term paper without fear of it's confiscation due to who or what I know or have seen or done in the past. Perhaps this will end eventually, but until then Mr. Cook will play on the peoples inherient fear of technology and exploit everyone in his past on his personal crusade for his own twisted view of justus. Are you or have you ever been a member of the Legion of Doom? Tell me, do you believe in reincarnation Senator McCarthy?" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "The weirdest part of my dream was... when I woke up." And now.... .. ANNOUNCING: The first annual, X M A S C O N '90 Where: Houston, TX When: December 28th-30th 1990 Who: All Hackers, Journalists, and Federal Agents Well, it's getting closer.. XmasCon is next month and we plan on having the biggest gathering of Hackers & Feds since SummerCon '88! This event was going to be private until word got out. A journalist (unnamed) found out about the private event and decided to make it public news in the magazine for which he writes. Well, after seeing the words: "XMASCON" in a magazine with less readers than Phrack, we decided to announce it ourselves. So, here it is-- Your OFFICIAL invitation to the gathering that should replace the painful memories of SummerCon'90 (SCon'90? What do you mean? there was a SummerCon this year? HA. It surprised me too). Hotel Information: La Quinta Inn 6 North Belt East (713) 447-6888 (Located next to Intercontinental Airport) Fees: $44.00+TAX a night (single) $56.00+TAX a night (double) Government Discount (With ID) $49.00+TAX a night (single) $37.00+TAX a night (double) 1-800-531-5900 Call for reservations in advance. Please tell the registar that you are with XmasCon'90. Everyone is welcome to attend, and I do mean EVERYONE. Take care & see you at HoHoCon! --DH _______________________________________________________________________________ F R O M T H E W I R E HEADLINE Thirteen Arrested For Breaking Into University Computer Byline: PAT MILTON DATE 08/16/90 SOURCE The Associated Press (ASP) Origin: FARMINGDALE, N.Y. (Copyright 1990. The Associated Press. All Rights Reserved.) * FARMINGDALE, N.Y. (AP) _ Thirteen computer hackers ranging in age from 14 to 32 were charged Thursday with breaking into the mainframe computer at a university in Washington state and causing costly damage to the files. One of the suspects is a 14-year-old high school student from New York City who is also a suspect in last November's break-in of an Air Force computer in the Pentagon, according to Senior Investigator Donald Delaney of the New York State Police. The student, who used the name "Zod" when he signed onto the computer, is charged with breaking into the computer at the City University of Bellevue in Washington in May by figuring out the toll-free telephone number that gave students and faculty legitimate access to the system. "Zod," who was not identified because he is a minor, maintained control over the system by setting up his own program where others could illegally enter the system by answering 11 questions he set up. More than 40 hackers across the country are believed to have gained illegal access to the system since May, Delaney said. As a result of the break-in, university files were altered and deleted, and consultants must be hired to reprogram the system, Delaney said. In addition to the arrests, search warrants were executed at 17 locations on Thursday where officers confiscated $50,000 worth of computers and related equipment. Three more arrests were expected. Two of the 13 arrested were from Long Island and the rest were from the New York boroughs of Brooklyn, Queens, Manhattan and the Bronx. Farmingdale is on Long Island. The 13 were charged with computer tampering, computer trespass, unauthorized use of a computer and theft of services. The juveniles will be charged with juvenile delinquency. The investigation began two months ago after a technician at the university noticed "error message" flashing on the computer screen, indicating someone had entered the system illegally. The suspects were traced through subpoenaed telephone records. * Many hackers break into private computer systems for the pure satisfaction of cracking the code, and also to obtain sometimes costly computer programs, Delaney said. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - _______________________________________________________________________________ HEADLINE US Sprint helps business customers battle PBX fraud DATE 09/25/90 SOURCE BUSINESS WIRE (BWR) KANSAS CITY, Mo.--(BUSINESS WIRE)--US Sprint Wednesday announced its corporate security department will help the company's business customers battle PBX fraud. After producing significant results in fighting code abuse US Sprint is directing their efforts to help their business customers in identifying and preventing computer hackers from infiltrating their business customer's owned or leased telephone switching equipment. ``Unauthorized use of our long-distance service has been greatly reduced through increased detection, prevention, investigation and prosecution efforts,'' said Bob Fox, US Sprint vice president corporate security. ``Now rather than attacking a long-distance carrier's network in * an attempt to steal authorization codes, computer hackers are attacking private companies' and governmental agencies' Private Branch Exchanges (PBX's). Computer hackers break into private telephone switches in an attempt to reoriginate long-distance calls, which are then billed to the businesses. Fox says a business may not discover its telephone system has been ``hacked'' until their long-distance bill is received and then it may be too late. Help is on the way however. US Sprint has started a customer support program to help the company's business customers to combat the situation. Del Wnorowski, US Sprint senior vice president-general counsel said, ``The new program is customers about the potential for telecommunications fraud committed through their owned or leasesd switching equipment and to assist them in preventing this type of illegal activity.'' US Sprint is a unit of United Telecommunications Inc., a diversified telecommunications company headquartered in Kansas City. CONTACT: US Sprint, Kansas City. Phil Hermanson, 816/276-6268 _______________________________________________________________________________ HEADLINE Fax pirates find it easy to intercept documents DATE 09/10/90 SOURCE Toronto Star (TOR) Edition: METRO Section: BUSINESS TODAY Page: B4 (Copyright The Toronto Star) --- Fax pirates find it easy to intercept documents --- TOKYO (Special) - Considering that several years ago enthusiastic hackers began breaking into computer systems worldwide to steal valuable information, it could only have been a matter of time before the same problem surfaced for facsimile machines. Now, officials of Nippon Telegraph and Telephone Public Corp. report evidence that this has been happening, not only in their own country but around the globe. Apparently, anyone with just a little knowledge of electronics can tap fax messages being sent from one of these relatively unsophisticated machines to another, with the duplication printed out on the pirate's facsimile machine. Both the sender and the receiver of the faxed document remain completely unaware that they have been bugged. "I shudder to think of some of the business documents which only recently moved over my company's fax machines being examined by our competitors," one Tokyo executive nervously admits when informed that there has been a proliferation of tapping. "You don't think the tax people are doing it too?" he then asks in mock terror. It is certainly a frightening thought. The technique involves making a secret connection with the telephone line of the party whose fax messages are to be intercepted. That is all too easy to accomplish, according to officials of Nippon Telegraph and Telephone. Apart from a few special cases, very little has been done to guard against outside tapping. As a result, one of the most vulnerable areas - and one most businessmen and women now should begin to feel unsure of - is the privacy or security of the facsimile machine. Technical attention to this problem is in order. "The idea that somewhere out there is 'Conan the Hacker' who is reading my fax correspondence as readily as I do sends chills up my spine," says one American businesswoman here. "There could be a lot of trouble for me and up to now I didn't even realize it was possible." It is not only possible, but easy. Ordinary components available at any electronics store can be used. With these in hand, tappers can rig up a connection that sets off a warning signal, without the sender or receiver realizing it, whenever a fax message passes along the telephone line. Considering the growing volume of highly confidential material being sent and received via fax equipment, the resulting leaks can be considered highly dangerous to the security of corporate information. In Japan alone it is estimated that there are 3.7 million machines in operation. Given the nature of these tapping operations, it would appear to be extremely difficult for companies to determine whether they are suffering serious damage from this process. In addition, it is clear that a great many corporations have yet to realize the extent of the threat to their privacy. "If more business executives recognized what is going on," suggests one Japanese security specialist, "they would move now to halt the opportunity for leaks and thus protect their corporations from this type of violation." He went on to note that third parties mentioned in fax messages also can be badly hurt by these interceptions. Fortunately, manufacturers are producing machines capable of preventing hackers from tapping into the system. In some cases, newly developed fax machines use code systems to defend information transmitted. But these tap-proof facsimile machines are not yet in general use. Makers of the new "protected" facsimile machines predict that once the business communities around the globe become aware of the threat they will promptly place orders for replacements and junk their old equipment as a simple matter of damage control. The market could prove extremely large. Those few leak-proof fax machines now in operation depend upon scrambling messages, so that even if a pirate taps into the telephone line leading to the unit, the intercepted message is impossible to read. Nippon Telegraph and Telephone, for example, claims that it would require a hacker using a large computer more than 200,000 years to crack the codes used in its own pirate-proof fax. This ultimately may prove to be something of an exaggeration. Although in Japan and many other countries this kind of tapping clearly is illegal, it remains nearly impossible to track down electronic eavesdroppers. As far as is known, none of these snoopers have been identified and dragged into court. Security specialists in Japan claim that there may be thousands of fax hackers who get their kicks out of intercepting and reading other people's business mail, with few using the information for illegal purposes or actively conveying it to third parties. _______________________________________________________________________________ HEADLINE Inmate behind scams Byline: JOHN SEMIEN DATE 09/11/90 SOURCE THE BATON ROUGE SUNDAY ADVOCATE (BATR) Section: NEWS Page: 1-B (Copyright 1989 by Capitol City Press) There wasn't much inmate Lawrence "Danny" Faires couldn't buy, sell or steal with a telephone call from his jail cell in Miami when his million-dollar fraud ring ran afoul of the U.S. Secret Service in 1989. That was the year Faires used a portable computer with an automatic dialing program to "hack out" access codes to the long-distance lines of Telco Communications Inc., a Baton Rouge-based phone company. Telco officials were alarmed when they spotted 1,500 attempts at gaining unauthorized access to the company's long-distance service in a single 12-hour period in January 1989. Convinced that an organized fraud scheme was at work, Telco called Resident Agent Phil Robertson, who heads the service's Baton Rouge office. "They told me they felt they were being attacked by hackers who had discovered their long-distance access lines and who were hacking out personal identification numbers belonging to their customers," Robertson said Monday. "You are billed based on your pin (access) number. The computer hacker had located several of their 800 numbers and had entered digits hoping it would be a valid pin number." Using computer records, Robertson said agents were able to isolate 6,000 fraudulent Telco calls that were made during a three-week period of January. More than a third of those calls were traced to a cell block in the Dade County Interim Detention Center that has been home for Faires for the past four years. Faires is awaiting trial in Miami on first-degree murder charges. "As it turned out, all of the inmates in this cell block are awaiting trial," Robertson said. "One of the inmates, Danny Faires, had a computer in his cell attached to a modem, and he turned out to be the hacker." "All he had to do was plug his modem in, let it make the calls and check his printout for the numbers that came back good," the agent said. In checking out the other bogus Telco calls, agents uncovered a massive credit card scam. A federal grand jury in Milwaukee, Wis., linked both scams to Faires and alleged associates of the inmate across the country in a Feb. 27 indictment of six people on federal wire and access device fraud. Fairies, an unindicted co-conspirator in the case, last week said he has spent the past three years applying his previous experience as a computer systems analyst and programmer to a lap-top, portable computer provided by one of the prison guards. He describes the results as "doing business with America" at the expense of large credit card and telecommunications companies. Faires said he attacked Telco's system by chance after receiving one of the company's access numbers in a group of assorted access codes acquired by his associates. "It was just their misfortune that we became aware that they had a system there that was easily accessible," Faires said in a telephone interview. "I was given their access number, along with Sprint and MCI, I guess virtually every company in America we got." Faires said he used the stolen, long distance phone time and other stolen credit card numbers to access networks with credit information from major department stores and mail order businesses. "You come up to the door and the door is locked," he said. "You have to buy access. Well, I bought access with credit cards from another system. I had access codes that we had hacked. "I could pull your entire credit profile up and just pick the credit card numbers that you still had some credit in them and how many dollars you had left in your account and I would spend that," Faires said. "My justification was, I don't know the creditor and he had no knowledge of it so he won't have to pay it." However, Faires said he now thinks of the trouble the illegal use of the credit cards has caused his victims in their efforts to straighten out damaged credit records. "I remember I took a course once that was called computer morality about the moral ethics to which we're morally bound," he said. "It's like a locksmith. Even though he can open a lock, he's morally bound not to if it's not his lock. I violated that." The vulnerability of credit card companies to hackers is the subject of an unpublished book that Faires said he has written. Faires said his book includes tips on how businesses and others can safeguard access to their credit, but added that there may be no way to be completely safe from hackers. "It's untitled as yet," he said about the book. "We're leaving that open. I'm waiting to see if they electrocute me here, then I'm going to put something about "I could buy it all but couldn't pay the electric bill.' " [This guy is a real toon -DH] While Faires has not been formally charged in connection with the scheme, last week he said he was sure charges will be forthcoming because "there is no question about my involvement." The other six alleged conspirators are John Carl Berger and George A. Hart Jr. of Milwaukee, Wis.; Charles Robert McFall and Victor Reyes of San Antonio, Texas; Steven Michael Skender Jr. of West Allis, Wis.; and Angelo Bruno Bregantini of Marshville, N.C. All six men are charged with conspiracy to commit access device and wire fraud. Berger, Skender, Reyes and Bregantini also are charged separately with multiple counts of wire fraud. The indictments are the first criminal charges generated by Operation Mongoose, an ongoing Secret Service probe of credit card and long-distance telephone access fraud. The charges allege that Faires has had access to a telephone since his arrest and imprisonment in Miami in 1986, an allegation that has prompted a separate probe by Miami authorities. That phone was used to make frequent calls to a building on Brookfield Road in Brookfield, Wis., where another alleged unindicted co-conspirator, Fred Bregantini, operates various businesses, according to the indictment. The indictment said Faires and Fred Bregantini were "at the hub" of the telephone and credit card scam. The two men are accused of collecting credit card numbers and telephone access codes from other defendants in the case and using the numbers to purchase merchandise, services and "other things of value." Robertson said agents believe the members of the ring copied many of these stolen numbers from credit card receipts retrieved from the trash cans of various businesses. He said the practice, commonly called "dumpster diving," is a widely used method in credit card fraud. [`dumpster diving' eh? -DH] While some of the defendants helped make purchases on the stolen cards, the indictment alleges that others provided addresses used for the shipment of the stolen goods. The goods included gold coins, plane tickets, computer equipment, tools and stereo equipment. Robertson said agents are still tallying the cost of the scam to Telco and other companies but that the damage has already climbed past $1 million. Herbert Howard, president of Telco, on Friday said the company lost from $35,000 to $40,000 in revenues from illegal calls and in additional expenses for researching Faires' use of access codes. "It was really a learning experience for us because this is the first time this has happened," Howard said about his 2-year-old company. "I think it's a fear of all long-distance companies. It's very fortunate that we caught it as quickly as we did." _______________________________________________________________________________ HEADLINE No, I'm not paranoid, but who is No. 1? Byline: DENISE CARUSO Column: INSIDE SILICON VALLEY DATE 08/21/90 SOURCE SAN FRANCISCO EXAMINER (SFEX) Edition: FIFTH Section: BUSINESS Page: D-16 (Copyright 1989) THOUGH I didn't plan it that way, this week proved to be a perfect time to start renting old episodes of "The Prisoner" - that very dark, very paranoid British spy series from the early '60s which foresaw a bleak future in which "een-formation" was of paramount importance, no matter whose "side" you were on. Every well-paid company representative from every telephone service provider in North America earned his or her keep this week, fielding calls from blood-thirsty members of the press corps who also wanted "een-formation" about whether or not the huge long-distance snafu with AT&T was a "hack" (an illegal break-in) or some form of computerized germ warfare. I'm happy that the answer was "no," but of course the event opens a rather nasty can of worms: has AT&T's problem tipped off the hacker community that the phone network is vulnerable? "That's a very good question," said one network engineer I spoke with last week. But, he assured me, his network was totally secure and had all kinds of safeguards built in to prevent either outside penetration or the introduction of a software virus to the system. I hope he's right, but I must admit, I've heard that song before. Here, for example, is an excerpt from an anonymous piece of electronic mail I received last week, slightly edited to correct grammatical imperfections: "It may be of interest to you to know, if I wanted to have "fun," "evil" deeds could be done by remote control, up to and including shutting down every ESS (electronic switching station) office in North America. "Less evil and more fun might be to shut down the stock market for a day, scramble all transactions, or even send it down in a tail spin! Banks aren't immune either. This may sound very darkside, but people must have what is needed to fight back if things go bad!" Not disturbing enough? Try this one on for size: Back in July of '89, I wrote of a story in the premier issue of the magazine Mondo 2000 that detailed how one might set about hacking automatic teller machines (ATMs). That story contained everything but the blueprints for the device, which the magazine's editors didn't print because they thought it would be irresponsible to do so. But now, a student-owned Cornell University publication called "Visions Magazine" - for which Carl Sagan is creative adviser - has asked the article's author, Morgan Russell, for rights to reprint the article in its entirety, including device blueprints. These kinds of stories are disturbing, yet somehow I've always expected they would happen, a reaction that's similar to the way I feel when I watch "The Prisoner." No. 6, as he's called, cries out at the beginning of every episode, "I am not a number! I am a free man!" His will to resist is sufficient to fend off the authorities who believe their need for the "een-formation" in No. 6's head gives them the right to try to control his movements and thoughts, using - of course - only the most impressive technology. Of course, the science-fiction fantasy of impressive technology in the '60s, when "The Prisoner" was created, was as authoritarian and centralized as the governments using it. Not many faceless authorities back then were predicting a near-future where all classes of people had access to, could afford and knew how to use powerful technology. (I'm sure it would have ruined their supper if they had.) Neither did they envision today's growing class of technological sophisticates - whether self-taught PC hackers or trained computer scientists - who, by virtue of their knowledge, could cripple, disable, or otherwise confound the system which spawned them. Have any opinion you'd like about the right or wrong of it. Fact is, whether it's the phone network or a bank teller machine, the more we rely on technology, the less we can rely on technology. Though this fact can make life unpleasant for those of us who are victimized by either the machines we trust or the people who know how to fidget with them, there is something strangely comforting about knowing that, after all, a computer is still only as trustworthy as the humans who run it. Write CONTACT: Denise Caruso, Spectra, San Francisco Examiner P.O Box 7260 San Francisco, CA 94120. (Denise MCI Mail (Denise Caruso) - CompuServe (73037,52) - CONNECT (Caruso) _______________________________________________________________________________ HEADLINE US Sprint to Supply Soviet Venture With Switches DATE 09/17/90 SOURCE WALL STREET JOURNAL (WJ) WASHINGTON -- US Sprint Communications Corp. said it obtained U.S. government approval to supply a Soviet joint venture with packet switches that can greatly improve telecommunications services between the Soviet Union and other countries. The imminent shipment of these switches was announced by William Esrey, chairman and chief executive officer of United Telecommunications Inc., shortly after completing a visit to the Soviet Union with Commerce Secretary Robert Mosbacher and the chief executives of other U.S. companies. United Telecommunications is the parent of US Sprint. The export license that US Sprint expects to obtain as early as this week will be the first license for telecommunications equipment granted by the U.S. under the new, relaxed regulations for shipping technology to the Soviet Union, Esrey said. * The Soviet venture, Telenet USSR, will be owned by a US Sprint subsidiary, Sprint International, and the Soviet Ministry of Post and Telecommunications and the Larvian Academy of Sciences, a Soviet research group. The Commerce Department doesn't discuss details of individual license applications, but Mosbacher has publicly supported technology tie-ups between the U.S. companies represented in his traveling group and potential Soviet partners. US Sprint appears to be leading the race among American telecommunications companies to establish solid ties in the Soviet Union. An earlier proposal by U S West Inc. to lay down part of an international fiber-optic line across the Soviet Union was rejected by U.S. authorities because of the advanced nature of the technology. US Sprint's packet switches, however, appear to be within the new standards for permissible exports to the Soviet Union. The switches are used to route telephone calls and control traffic in voice, facsimile and digitalized data transmission. These eight-bit switches are one or two generations behind the comparable systems in use in Western countries, but are still good enough to sharply improve the ability of Sprint's Soviet customers to communicate with other countries, Esrey's aides said. The company declined to discuss the value of its investment or to disclose how many switches will be sold. US Sprint said its venture will operate through new, dedicated satellite lines that will augment the often-congested 32 international lines that currently exist for Moscow-based businesses. Esrey said he expects the venture to be in operation before the end of this year. _______________________________________________________________________________ HEADLINE BT Tymnet Introduces Additional XLINK Services DATE 09/09/90 SOURCE DOW JONES NEWS WIRE SAN JOSE, Calif. -DJ- BT Tymnet Inc. said XLINK Express, a family of new, bundled, port-based, synchronous X.25 (XLINKs) services, is available. The XLINK service offers customers lower cost X.25 host access to its TYMNET network, the company said in a news release. XLINKs are leased-line private access port services for X.25 interfaces at speeds up to 19.2 bits per second and supporting up to 64 virtual circuits. XLINK Express includes port access, leased line, modems, software, and free data transmission. Prior to XLINK Express, customers requiring a 9.6-bit-per-second leased line for standard X.25 host connectivity would typically pay about $1,500 monthly for their leased line, modems and interface. With XLINK, customers can now be charged a monthly rate of $900, the company said. BT Tymnet Inc. is a unit of British Telecom plc. _______________________________________________________________________________ HEADLINE Hacker may be taunting the FBI; Whiz suspected of invading U.S. army computer Credit: PENINSULA TIMES TRIBUNE DATE 04/10/90 SOURCE Montreal Gazette (GAZ) Edition: FINAL Section: NEWS Page: F16 Origin: PALO ALTO, Calif. (Copyright The Gazette) --- Hacker may be taunting the FBI; Whiz suspected of invading U.S. army computer --- PALO ALTO, Calif. - The computer prodigy wanted on suspicion of invading a U.S. army computer may be taunting FBI agents by defiantly talking to his hacker buddies on electronic bulletin boards while he eludes a manhunt, authorities said. The mysterious Kevin Poulsen, a former Menlo Park, Calif., resident described by many as a computer genius, is outsmarting the FBI and apparently has the savvy to make this game of hide-and-seek a long contest. No, investigators are not getting frustrated, FBI official Duke Diedrich said. "It's just a matter of time. We've got our traps and hopefully one day we'll be able to get the mouse." Authorities have issued an arrest warrant for the former SRI International computer expert. He has been at large since at least Jan. 18, when federal officials revealed allegations of a sensational computer conspiracy. The FBI says Poulsen, 24, is the mastermind of a complex computer and telephone-system invasion that included breaking into an unclassified army computer network, snooping on the FBI and eavesdropping on the calls of a former girlfriend. FBI agents believe he may be in southern California, but because he is apparently still hooked up to a national network of hackers, he could be using his friends to hide just about anywhere, Diedrich said. Poulsen is adept at manufacturing false identification and knows how to use the phone system to cover traces of his calls. Agents believe his hacker talk on electronic bulletin boards is perhaps "a way of taunting law enforcement officials," Diedrich said. Poulsen may be back to his old tricks, but "he's not hiding with the usual bunch of hackers," said John Maxfield, a computer security consultant and former FBI informant. Maxfield, known nationally as a "narc" among young hackers, said he had underground sources who said Poulsen was rumored to be living alone in a southern California apartment. Poulsen's computer chatter could lead to his downfall, Maxfield said. Many hackers are electronic anarchists who would be happy to turn in a high-ranking hacker, thereby pushing themselves up the status ladder, he said. But Poulsen probably has access to a steady flow of cash, so he doesn't have to get a job that might lead to his arrest, Maxfield said. With his expertise, Poulsen could easily crack the bank computers that validate cash transactions and then credit his own accounts, Maxfield said. The FBI isn't desperate, but agents have contacted America's Most Wanted, a television show that asks viewers to help authorities find fugitives. Poulsen's mother, Bernadine, said her son called home just after police announced there was a warrant for his arrest, but he had not called since. During the brief call, "He just apologized for all the stress he was causing us." The fugitive's motivation baffles Maxfield. The self-described "hacker tracker" has conducted investigations that have led to dozens of arrests, but the Poulsen-contrived conspiracy as alleged by the FBI is strange, he said. Most teen-age hackers are thrill seekers, he explained. The more dangerous the scam, the bigger the high. But Poulsen is 24. "Why is he still doing it?" Maxfield asked. Poulsen, alias "Dark Dante" and "Master of Impact," was a member of an elite hacker gang called Legion of Doom. [Poulsen was never a member of the group -DH] The 25 or so mischievous members are now being arrested one by one, Maxfield said. They consider themselves misfits, but smart misfits who are superior to the masses of average people who have so labelled them, he said. [Baha, Maxfield really cracks me up -DH] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Kevin recently had a 15 minute television debut on NBC's "Unsolved Mystries". The program showed renactments of Kevin breaking into CO's and walking around his apartment filled with computers and other 'listening' devices (as the show called them). I personally got a kick out of the photographs he took of himself holding switching equipment after a break-in at a CO. _______________________________________________________________________________ HEADLINE Amtrak Gets Aboard SDN Byline: BETH SCHULTZ DATE 10/25/90 SOURCE COMMUNICATIONS WEEK Issue: 267 Section: PN Page: 58 (Copyright 1989 CMP Publications, Inc. All rights reserved.) WASHINGTON - Amtrak, always looking for ways to reduce the amount of government funding it takes to keep it on track, has switched its long distance traffic onto a virtual private network-taking advantage of an AT&T promotion that saved the railroad $250,000. Though Amtrak realized the cost-savings potential of AT&T's Software Defined Network (SDN) as early as May 1987, it took until last spring for the company to move full-speed ahead with implementation of that virtual private network service. "We had led the horse to water, but we couldn't make it drink," said Jim West, an AT&T national systems consultant. But in April of this year, AT&T removed the last obstacle in the railroad's way, said Amtrak's chief network engineer Matt Brunk. At that time, AT&T began running a special promotion that waived the installation fee for connecting sites to the SDN. Until then, Amtrak, based here, could only afford adding locations piecemeal. Plagued by network abuse, Amtrak began tracking the potential of SDN as a means of solving that problem as soon as AT&T announced its SDN rates in December 1986. Describing the severity of its toll-fraud problem, Brunk told of a seven-day stint in 1985 during which hackers tallied $185,000 in unauthorized charges. By the end of that year, toll fraud on Amtrak's network reached in excess of $1 million. Before the days of the virtual private network, the only way to clean up this abuse was through a toll-free "800" service configuration and PBX remote access, which Amtrak implemented at the end of 1985. "We changed the policy and procedures for all users, limiting the capabilities of remotaccess," Brunk said. But Amtrak needed to further patrol its network, and after studying AT&T's SDN, as well as competitive offerings, the railroad ordered in May 1987 the first portion of what would this year become a 300-site SDN. The initial order included AT&T Accunet T1.5 circuits for just two stations, one in Chicago and one here. Used to replace the 800 service, these 1.544-megabit-per-second direct connections were used to "provide secure remote access to on-net numbers for numerous users," Brunk said. Equally important, Amtrak also signed up for the Network Remote Access Fraud Control feature, which gives it a single point of control over the network. "What Amtrak ordered then was not really a network, because it was feature-specific," said AT&T national account manager Sharon Juergens. The company has not billed back or dropped any toll fraud since it began using the SDN remote access feature, Brunk said. "Anyone with PBX remote-access capability and :heavy! volume not using SDN as a vehicle is doing their company a disservice." Originally a beta-test site for the SDN's security-report feature, Amtrak has since come to rely heavily on that option, too. With the exception of some group codes, a warning is sent if spending on any user code exceeds $60 per month. "We begin investigating immediately," Brunk said. "We are now proactive, instead of reactive." Today, 40 Amtrak locations have switched-access connections to the SDN; 260 sites are linked through dedicated means, whether through voice-grade analog circuits or high-speed T1s. "The users' traffic is discounted, on a single billing statement, and in effect, :the SDN! links them to the company. This is our corporate communications glue," Brunk said. "But this is only the beginning. Not only have we provided a service, but also we have provided a bright future. We have set ourselves up for competitive gain." Spending Stabilized And the company has stabilized telecommunications expenditures. In 1985, Amtrak spent $26 million on telecom equipment and services. Four years later, Brunk estimated the railroad will spend just $1 million more. He said contributing factors to this will be the SDN, upgrading from outdated analog PBXs to digital PBXs and replacing some PBX installations with local Bell-provided centrex service. Network savings resulting from reduced call-setup time alone, Brunk added, will reach $74,000 this year. "In a nutshell, we have improved transmission quality, network management and maintenance, and reduced costs," Brunk said. "The users have gained a single authorization code accessing multiple applications, improved quality and support." Cost savings aside, Amtrak also took into consideration applications available off the SDN. "At the time, of what was available, we really liked everything about SDN," Brunk said. The Amtrak network is supported by the dedicated access trunk testing system. This system lets Amtrak test access lines, thus aiding the company in activating and deactivating authorization codes. And Amtrak is testing the AT&T Alliance dedicated teleconferencing service. With the teleconferencing service, Amtrak can reduce internal travel expenditures: Users can access the system remotely via an 800 number, or on demand. Amtrak operators can connect teleconferencing calls at any time. "The quality is fantastic, but the cost is even better because it's all connected to the SDN," said Brunk. _______________________________________________________________________________