Copy Link
Add to Bookmark
Report
Northern Phun Co Issue 13
________ _________________________
\_____ \ / _____________________ \
__ \ \/ /____________ ___ \ )
) \ \ / \________ ) / / )/
/ / ) / ___ / / / /
______ ________/ / / / / /__/ / / (___________ ______
(_____( (__________/ (__/ / /(____( (_______________) )_____)
/ /
/ /
/ /
\ ( MF
--------------------------- \/ ------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
N O R T H E R N P H U N C O .
N U M E R O T R E I Z E ú P R E M I E R F V R I E R 9 4
Dans ce treizime numro de NPC:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ú
:
|
- -ÄÄÅÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÂÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ-- - ú
³ +:SUJET:+ ³ +:AUTEUR:+ ³
³ú - -ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ´ú - -ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ´
³ Table des matires / Disclaimer ³ -=ThE PoSSe=- ³
³ ditorial de NPC #13 ³ Blitzkreig ³
³ The postman always quote twice ³ Votre Courrier ³
³ Datapac
Qubec ³ Gurney Halleck ³
³ Phiber Optik en prison ³ Emmanuel Goldstein ³
³ Karl Kirouac et la GRC ³ Hellraiser ³
³ Encore les journalistes! ³ Santa Claus ³
³ A bas Clipper! ³ Dave Banisar ³
³ Scurit C2 ³ Gurney Halleck ³
³ Datapac mondial ³ L0grus! ³
³ Def Con II ³ Dark Tangent ³
³ H-P Faq ³ The Underground ³
³ LLC Faq 1.0 ³ Murdock ³
³ Don Quichotte nous a possds! ³ Blitz & L0grus! ³
³ Un nouveau Magz: SPHEAR ³ The Sphear staff ³
³ TouchStar Services ³ Mastertronics ³
³ Fiction et Cie. ³ alt.2600 ³
³ Read the news... | -=ThE PoSSe=- ³
ú - --ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÅ--
|
:
ú
NPC are: Officiers Collaborateurs
Blitzkreig Mastertronics
Kermit Paranoid
Atreid Bevatron Murdock
Santa Claus L0grus!
The SubHuman Punisher
Gurney Halleck
Crime Lord
Invits spciaux: Hellraiser et beaucoup d'autres!
DISCLAIMER - AVERTISSEMENT
Ce magazine n'est pas recommand aux gens qui portent un Pacemaker,
aux mes sensibles, et aux moralisateurs. Tenez-vous le pour dit,
et abstenez-vous!
Ceci va probablement tre le disclaimer le plus long de l'histoire
des magazines underground car, sur les conseils de gens
gnralement bien verss dans le domaine (vous savez que les
avocats rclament 150$ de l'heure? Chi!) une mise au point
exhaustive doit tre faite avant de vous permettre de poursuivre
votre lecture (et non pas de poursuivre Northern Phun Co.: vous
tes pas drles!).
1) Tous les articles de ce magazine ne sont publis qu'
titre
d'information. L'application de une ou des technique(s)
explique(s) dans ces pages peuvent entraner la mort, des
blessures srieuses, l'impuissance, la perte de votre virginit,
des poursuites judiciaires embtantes, le bris de votre ordinateur,
la nomination de Camil Samson
la tte du Parti Libral ou, pire
encore, vous pourriez devenir comme vos parents!
2) Northern Phun Co., qui est un organisme
but non-lucratif, avec
une vocation quasiment philanthropique, ne sera en aucun temps tenu
pour responsable de l'irresponsabilit des auteurs qui publient des
articles dans ces pages. L'entire responsabilit, et la preuve de
la vracit desdits articles, revient aux auteurs. On est mal
parti, l
, les enfants...
3) Les officiers clairement identifis de Northern Phun Co. sont
seuls habilits
parler au nom du groupe, et NPC ne serait tre
tenu pour responsable de la conduite (ou de l'inconduite) des
collaborateurs de NPC sur les babs de la plante Terre. De plus,
seuls les textes des officiers de Northern Phun Co. sont vrifis
pour leur exactitude.
4) La lecture de Northern Phun Co., quoique rjouissante, peut
entraner aussi des problmes de sant mentale et des cas de
pilosit manuelle.
5) Northern Phun Co accepte,
priori, de publier tous les textes
touchant au H/P/C/A/V-et-le-reste qui lui seront soumis. NPC
refusera, par contre, tout texte encourageant la discrimination
d'une ou des personne(s) en fonction de leur origines ethniques, de
leur religion ou de leur sexe. Si vous voulez bouffer du ngre,
engagez-vous plutt dans la police...
6) Northern Phun Co. tient
rappeler
ses lecteurs qu'il faut
soigneusement se brosser les dents aprs chaque repas. Et n'oubliez
pas la soie dentaire!
Est-ce que a suffit l
?
O nous rejoindre?
------------------
D
la nature "volatile" de notre produit, les babs qui nous
supportent le sont tout aussi. Ceci dit:
Vous avez toutes les chances de pogner un des officiers de NPC sur
les babs PUBLICS suivants (on pousse la perversion jusque l
!).
Light BBS : 418-651-5664
Black Palace : 418-831-1602
The Cannibal Cookhouse : 418-657-4442
Terminus (Baie-Comeau ) : 418-295-2854
OverBoard (Sherbrooke) : 819-569-7239
Un beau fou de Drummondville nous a consacr son babillard.
Ouvrez grands vos yeux! Si vous savez compter, a fait -7- nodes!
La Station: 819-474-8010
6158
7601
2016
7475
1816
5239
Il y a aussi un bab qui vous offre une messagerie anonyme pour
NPC, comme au bon vieux temps de Mdic!
The Inferno: 418-647-2731
Si votre babillard public (hors 418) dsire ouvrir une section
NPC, n'hsitez pas
nous contacter. C'est gratuit!
Nous sommes aussi (naturellement) sur les boards pirates de
Qubec. En fait, sur Workshop, il y a tous les officiers de NPC
qui prennent un bain de soleil... C'est comme qui dirait notre
H.Q. underground.
Nous ne publions plus de numero de VMB. Dsol, mais on les
perdait
mesure qu'on les publiait, alors... Un coup des coches,
je suppose...
Nous avons aussi une adresse Internet pour e-mail:
npc@sietch.ci.net
Vous pouvez trouver NPC (ze magz) sur plein de boards Internet. Par
exemple, faites un ftp sur:
etxt.archive.umich.edu
Et allez dans la section \pub\Zines\NPC
Et si malgr tout a vous n'tes pas capable de nous rejoindre,
appelez l'Arme du Salut, et demandez Roger...
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
VOULEZ-VOUS UNE SALADE DE CHOU
CRMEUSE OU VINAIGRE?
DITORIAL #13
par
-=BLITZKREIG=-
Bonjour les tout p'tits! Tonton Blitz est de retour! En
thorie, c'est toujours Atreid Bevatron qui est maintenant
l'diteur de NPC, mais il s'est fait porter ple cette semaine, et
j'ai appris
la DERNIERE minute que je devais prparer un NPC 13
pour hier... Ceci pos, j'espre SINCEREMENT pour Atreid qu'il est
est mourant...
Ca me fait tout de mme plaisir de vous reparler aprs quatre
mois d'absence aux commandes de la "machine NPC" (vous pensiez que
je l'avais oubli, celle-l
? ;-) . Pas que nous ayions perdu tout
contact, non, loin de l
. On se parle encore souvent (vous n'avez
pas gar mon numro de tlphone, au moins?), on s'crit, et je
suis toujours
l'coute de vos commentaires... mme des plus
STUPIDES!!!
L'un de nos gentils lecteurs m'a tlphon la semaine dernire
pour me demander si j'avais cout le reportage du Point Mdia
(Radio-Canada) sur Internet et l'autoraute lectronique. Plus
prcisment, il me demandait si je n'tais pas inquiet d'ouvrir un
site Internet alors que Vidotron lance Vidoway phase II. Je lui
ai promptement rpondu que, oui, j'ai cout l'mission, et que
deux, il y aura probablement autant de similarits entre Vidoway
et LLC qu'entre un crapaud et un talon. coutez, je ne vous ferai
pas l'insulte de vous raconter tout ce qu'on trouve sur I-net: vous
en avez dj
une bonne ide. Pensez-vous vraiment que Vidotron,
qui est l
UNIQUEMENT pour faire du cash, va se mettre
offrir aux
qubcois des milliers de services gratuits? Vidotron, mes chers
amis, ne veut pas de cybernautes, il veut des CYBERCONSOMMATEURS.
Relisez bien votre prospectus: Vidoway 2 se targue de pouvoir vous
permettre de commander du St-Hubert
partir de votre tlviseur,
de vous permettre de voir votre compte d'Hydro, et d'effectuer
certaines transactions bancaires. En gros, je viens de vous dcrire
Vidoway 2. On espre de plus faire entrer rapidement dans la danse
Eaton et quelques gros magasins, afin de vous laisser faire vos
emplettes bien assis sur votre sofa, et y connecter quelques clubs
vido.
En clair, Vidoway 2 s'adresse prcisment aux gens qui
achtent dj
des zirconiums cubiques annoncs
la tl. Et c'est
dfinitivement le public que fuit LLC. coutez, les mecs (oups!
Pardon Criminal Mind!), vous aurez beau avoir un service comme
Vidoway 25 ou 2000, vous allez toujours demeurer un cochon de
consommateur
qui ont offre quelques larmes d'interactivit, tant
que votre carte de crdit est bonne. Et c'est a que vous appellez
de la comptition? Je crois que je vais dormir tranquille cette
nuit...
-----
Avec un peu de chance, le prochain NPC va concider avec
l'ouverture de LLC (je sais, je sais: a ressemble de plus en plus
une promesse de programmeur!), et nous allons dbuter un nouveau
chapitre dans l'histoire du cyberspace qubcois. Dj
,
aujourd'hui, avec le numro de NPC que vous consultez prsentement,
vous avez un avant-got de ce que le mariage LLC-NPC pourra faire.
Une bonne moiti de ce numro 13 nous provient directement de gens
rencontrs sur Internet, et sans se forcer, encore! D'ici quelques
mois, ce magazine va prendre des allures dantesques: on va
probablement tre capables de publier un truc, toujours gratuit, de
plus de 1 meg par MOIS! Je considre personnellement ce numro 13,
mont en quelques heures, comme une simple bauche de ce que
l'avenir nous rserve. Attachez bien vos tuques!
-----
Je vous laisse maintenant
votre lecture, non sans prendre le
temps de saluer Mastertronics, une nouvelle recrue de Montral,
Murdock, un bon bougre qui s'occupe de notre FAQ, et le retour de
Crime Lord, qui nous crit du fin fond de son Australie adore. On
se retrouve dans quelques semaines sur LLC, o venez nous dire
bonjour au rave de vendredi, au Muse de la Civilisation. NPC y
sera avec ses ordinateurs, of course...
Greets to L0grus for is successful LordCon!
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
THE POSTMAN ALWAYS QUOTE TWICE
Votre courrier
From: George <@.MCGILL.>
Subject: Consoles
Salut les mecs.
Please forgive my french, but that's about as good as it gets...
Anyhow, I was wondering if you guys know where I can get a console
copier for the SEGA genesis in Montreal.
I remember you guys mentionning something in one of your texts...
Anyhow, try and get back to me sometime soon...
BTW, I love your mag, but you should really support some Montreal
boards better. I know that Rebel had an NPC section, but no one
ever posts there, and even if they do, you guys never respond.
Is there a place on the net where I can find your files (I have
vols. 1-12, I am wondering about the future volumes...)
Later.
Captain America
---------------
Blitz rpond - Hum... Pour le copieur SNES, je sais pas. Pour les
mags, comme je l'ai dit dans mon dito, NPC va tre disponible
officiellement sur Internet dans moins d'un mois (mais tu peux dj
les trouver
des endroits comme....). Ds que LLC va tre ouvert,
a va barder! Merci de nous lire!
---------------
Message #6/10 in Confrence Npc (Pri) - Local - [Local]
From : Master Of Puppets
To : Atreid Bevatron
Subject: FUMiGENE Man!
Hehehehe.... Une p'tit recette de mononcle Cool Hand pour
faire des FUMIGENES....
Materiel:
- Salptre En Poudre (Nitrate de potassium)
- Sucre Blanc
- Une vieille casserole
- Une plaque de tle ou une assiette, et recouvrez-la de Saran Wrap
en masse.
Prparation:
1. Mettre 100 mg de salptre dans une casserole.
2. Mettre une meme quantit de sucre blanc dans cette mme
casserole.
3. Crisser le feu
HIGH - Allumez le fan, a boucane!!!
4. Brassez beaucoup, pour ne pas que a prenne en pain.
5. Aprs que le mlange ait donn une pte uniforme chaude,
tendez la totalit du mlange sur la plaque pralablement
prpare. Laissez refroidir.
6. Une fois la substance
la temperature de la pice, recouvrez le
dessus de la plaque de Saran Wrap. (Donc la pte est
compltement recouverte de Saran Wrap) Mettez-la dehors au gros
frette, ou dans le conglateur.
7. Une fois le tout gel dur, prenez une hache et ptez le mlange
en morceaux de grosseur de votre choix. (Enlevez l'assiette
avant...)
8. Recouvrez les morceaux de Kleenex et de tape electrique. Laissez
scher, et ensuite allumez....
That's All!
Vous pouvez rajouter d'autres substances, pour alimenter la
combustion.... Donnez-moi des nouvelles sur vos expriences avec
cette substance...
CoOl HaNd
---------------
Blitz rpond - <Kof kof> Je vois mme plus <kof kof> les touches de
mon clavier. Merci Cool!
---------------
#42/42 ([Public]) [AREA: NPC Talks]
Sent : 26-Jan-94 15:54
From : Mphisto
Subj : J'haiis l'hiver si frette...
Des rves gisent, gels...
A c't'heur' qu'on est dans l'mois d'janvier
C'est l'temps de geler ben dur
A moins d'rester dans l'enchassure
A r'garder l'jardin de givre ben dessin.
Avant qu'l'hiver nous encabane
Y avait le rve Internet
Qu'une gang de pique-assiette
A tout ananti dans la chicane.
Y en a encor' queqs'uns qui s'parlent
De la pluie pis du beau temps
Mais chez la plupart des gens
L'rve d'vasion est en cavale.
Eh oui! la neige blanche en belle ouate
Comme nos beaux rves pis nos espoirs,
C'est pas long qu'a r'tourne en bouette
Un'fois qu'elle a touch l'trottoir.
-------------
Blitz rpond - .....snif,snif! Comme c'est beau Mphisto! Allons
allons, le rve n'est pas mort, mon enfant, et je suis surpris que
tu n'aies pas plus confiance en moi! LLC va vivre, tu vas voir, et
il va surgir du nant froid et sale avant le premier perce-neige!
Le printemps va arriver tt cette anne dans le cyberspace du 418!
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
L'annuaire complet de Datapac
Qubec
par
Gurney Halleck
Voici finalement la liste complte de tous les numros de
Datapac
Qubec. Avec la venue prochaine de DAS v3.0 (Datapac
Address Scanner) et les petits problmes avec les forces de l'ordre
au sujet de Datapac, je cherchais un moyen de rduire le risque
d'tre retrac en scannant sur Datapac. Alors l'ide m'est venue de
scanner seulement une vingtaine d'adresses avec chaque numro.
Lorsqu'on a pass
travers l'annuaire, on recommence...
Le moyen optimal de procder serait bien sr de scanner
partir d'une phortress, mais n'ayant pas encore les moyens de me
payer un portatif, l'annuaire Datapac devra faire l'affaire. Le
voici donc:
647-0170 - Datapac - 9600 bps /ARQ/V32/MNP
647-0182 - Datapac - 2400 bps
647-0387 - Datapac - 2400 bps
647-0639 - Datapac - 2400 bps
647-0690 - Datapac - 2400 bps
647-1038 - Datapac - 1200 bps
647-1057 - Datapac - 2400 bps
647-1091 - Datapac - 1200 bps
647-1096 - Datapac - 9600 bps /ARQ/V32/MNP
647-1131 - Datapac - 2400 bps
647-1164 - Datapac - 9600 bps /ARQ/V32/MNP
647-1167 - Datapac - 2400 bps
647-1277 - Datapac - 1200 bps
647-1301 - Datapac - 9600 bps /ARQ/V32/MNP
647-1309 - Datapac - 9600 bps /ARQ/V32/MNP
647-1353 - Datapac - 1200 bps
647-1354 - Datapac - 1200 bps
647-1384 - Datapac - 2400 bps
647-1386 - Datapac - 2400 bps
647-1389 - Datapac - 1200 bps
647-1390 - Datapac - 1200 bps
647-1396 - Datapac - 1200 bps
647-1397 - Datapac - 1200 bps
647-1525 - Datapac - 2400 bps
647-1529 - Datapac - 2400 bps
647-1534 - Datapac - 2400 bps
647-1554 - Datapac - 2400 bps
647-1583 - Datapac - 2400 bps
647-1604 - Datapac - 2400 bps
647-1712 - Datapac - 2400 bps
647-1720 - Datapac - 2400 bps
647-1722 - Datapac - 2400 bps
647-1789 - Datapac - 1200 bps
647-1792 - Datapac - 2400 bps
647-1794 - Datapac - 2400 bps
647-1797 - Datapac - 2400 bps
647-1813 - Datapac - 2400 bps
647-1815 - Datapac - 2400 bps
647-1873 - Datapac - 2400 bps
647-1902 - Datapac - 2400 bps
647-1914 - Datapac - 2400 bps
647-1923 - Datapac - 9600 bps /ARQ/V32/MNP
647-2070 - Datapac - 2400 bps
647-2073 - Datapac - 2400 bps
647-2291 - Datapac - 2400 bps
647-2300 - Datapac - 2400 bps
647-2305 - Datapac - 2400 bps
647-2376 - Datapac - 9600 bps /ARQ/V32/MNP
647-2389 - Datapac - 9600 bps /ARQ/V32/MNP
647-2396 - Datapac - 2400 bps
647-2421 - Datapac - 2400 bps
647-2430 - Datapac - 9600 bps /ARQ/V32/MNP
647-2464 - Datapac - 1200 bps
647-2465 - Datapac - 1200 bps
647-2472 - Datapac - 1200 bps
647-2534 - Datapac - 2400 bps
647-2548 - Datapac - 2400 bps
647-2571 - Datapac - 1200 bps
647-2593 - Datapac - 2400 bps
647-2602 - Datapac - 2400 bps
647-2625 - Datapac - 2400 bps
647-2662 - Datapac - 1200 bps
647-2664 - Datapac - 1200 bps
647-2666 - Datapac - 1200 bps
647-2670 - Datapac - 1200 bps
647-2676 - Datapac - 1200 bps
647-2679 - Datapac - 1200 bps
647-2680 - Datapac - 1200 bps
647-2681 - Datapac - 2400 bps
647-2682 - Datapac - 1200 bps
647-2686 - Datapac - 1200 bps
647-2687 - Datapac - 1200 bps
647-2689 - Datapac - 1200 bps
647-2691 - Datapac - 1200 bps
647-2692 - Datapac - 1200 bps
647-2693 - Datapac - 1200 bps
647-2694 - Datapac - 1200 bps
647-2697 - Datapac - 1200 bps
647-2698 - Datapac - 1200 bps
647-2700 - Datapac - 1200 bps
647-2838 - Datapac - 2400 bps
647-2996 - Datapac - 1200 bps
647-2997 - Datapac - 1200 bps
647-2998 - Datapac - 1200 bps
647-3028 - Datapac - 9600 bps /ARQ/V32/MNP
647-3093 - Datapac - 2400 bps
647-3175 - Datapac - 2400 bps
647-3181 - Datapac - 2400 bps
647-3199 - Datapac - 2400 bps
647-3637 - Datapac - 2400 bps
647-3661 - Datapac - 2400 bps
647-3682 - Datapac - 2400 bps
647-3777 - Datapac - 9600 bps /ARQ/V32/MNP
647-3788 - Datapac - 2400 bps
647-3789 - Datapac - 1200 bps
647-3839 - Datapac - 2400 bps
647-3845 - Datapac - 9600 bps /ARQ/V32/MNP
647-3875 - Datapac - 2400 bps
647-3921 - Datapac - 2400 bps
647-3959 - Datapac - 2400 bps
647-3974 - Datapac - 1200 bps
647-3999 - Datapac - 2400 bps
647-4021 - Datapac - 2400 bps
647-4030 - Datapac - 2400 bps
647-4056 - Datapac - 2400 bps
647-4089 - Datapac - 300 bps
647-4090 - Datapac - 300 bps
647-4092 - Datapac - 300 bps
647-4098 - Datapac - 300 bps
647-4128 - Datapac - 300 bps
647-4129 - Datapac - 300 bps
647-4240 - Datapac - 1200 bps
647-4311 - Datapac - 1200 bps
647-4314 - Datapac - 1200 bps
647-4318 - Datapac - 1200 bps
647-4338 - Datapac - 2400 bps
647-4352 - Datapac - 1200 bps
647-4472 - Datapac - 2400 bps
647-4482 - Datapac - 2400 bps
647-4596 - Datapac - 2400 bps
647-4607 - Datapac - 1200 bps
647-4685 - Datapac - 300 bps
647-4686 - Datapac - 300 bps
647-4687 - Datapac - 300 bps
647-4688 - Datapac - 300 bps
647-4690 - Datapac - 300 bps
647-4691 - Datapac - 300 bps
647-4692 - Datapac - 300 bps
647-4693 - Datapac - 300 bps
647-4694 - Datapac - 300 bps
647-4695 - Datapac - 300 bps
647-4696 - Datapac - 300 bps
647-4697 - Datapac - 300 bps
647-4698 - Datapac - 300 bps
647-4699 - Datapac - 300 bps
647-4748 - Datapac - 2400 bps
647-4793 - Datapac - 2400 bps
647-4921 - Datapac - 1200 bps
647-4974 - Datapac - 2400 bps
647-5904 - Datapac - 2400 bps
647-5911 - Datapac - 2400 bps
647-5913 - Datapac - 9600 bps /ARQ/V32/MNP
647-5916 - Datapac - 1200 bps
647-5924 - Datapac - 1200 bps
647-5926 - Datapac - 1200 bps
647-5927 - Datapac - 1200 bps
647-5942 - Datapac - 1200 bps
647-5963 - Datapac - 2400 bps
647-5972 - Datapac - 2400 bps
647-5992 - Datapac - 2400 bps
647-6417 - Datapac - 1200 bps
647-6426 - Datapac - 2400 bps
647-6437 - Datapac - 1200 bps
647-6438 - Datapac - 1200 bps
647-6462 - Datapac - 9600 bps /ARQ/V32/MNP
647-6473 - Datapac - 2400 bps
647-6485 - Datapac - 1200 bps
647-6810 - Datapac - 2400 bps
647-6838 - Datapac - 2400 bps
647-6840 - Datapac - 2400 bps
647-6848 - Datapac - 2400 bps
647-6886 - Datapac - 9600 bps /ARQ/V32/MNP
647-6975 - Datapac - 2400 bps
647-6976 - Datapac - 2400 bps
647-6977 - Datapac - 2400 bps
647-6978 - Datapac - 2400 bps
647-9052 - Datapac - 2400 bps
647-9182 - Datapac - 2400 bps
647-9242 - Datapac - 9600 bps /ARQ/V32/MNP
647-9524 - Datapac - 2400 bps
Bonne chance
tous, et
la revoyure!
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
No Time For Goodbyes
Phiber Optik's Journey to Prison
par Emmanuel Goldstein
Intro par Crime Lord
Premirement, un gros bonjour d'Australie, o je rside
maintenant! Vivement l'ouverture de LLC, qu'on puisse se jaser
tous les jours!
Les fans de 2600 connaissent bien Emmanuel (aka Eric Corley),
diteur du clbre magazine. C'est un peu le pendant amricain de
Blitzkreig, si on veut ;-) Et Phiber Optik tait son bras droit.
Phiber est, au moment o vous lisez ces lignes, en prison. Pour
connatre toute l'histoire, pour lire sur cette saga judiciaire,
jetez un coup d'oeil
THE HACKER CRACKDOWN.
Mais nous publions ici, plusieurs mois avant 2600, un texte
indit, un road movie prenant sur le chemin vers les portes du
pnitencier...
--------------
It was almost like looking forward to something. That's the
feeling we all had as we started out on Thursday evening, January
6th - one day before Phiber Optik (hereafter called Mark) was to
report to federal prison in Schuylkill, Pennsylvania for his
undefined part in an undefined conspiracy. We were all hackers of
one sort or another and this trip to a prison was actually a sort
of adventure for us. We knew Mark's curiosity had been piqued as
well, though not to the point of outweighing the dread of the
unknown and the emotional drain of losing a year of life with
friends, family, and technology.
There were five of us who would take the trip down to
Philadelphia in a car meant for four - myself, Mark, Walter, Roman,
and Rob. The plan was to meet up with 2600 people in Philadelphia
on Thursday, drive out to Schuylkill and drop Mark off on Friday,
drive back and go to the Philadelphia 2600 meeting, and return
later that evening. It sure sounded better than sending him away on
a prison bus.
Knocking on the door of his family's house in Queens that
frigid night, a very weird feeling came over me. How many times had
I stood there before to take Mark to a conference, a hacker
meeting, a radio show, whatever. Today I was there to separate him
from everything he knew. I felt like I had somehow become part of
the process, that I was an agent of the government sent there to
finish the dirty work that they had begun. It doesn't take a whole
lot to join the gestapo, I realized.
I talked to Mark's father for the very first time that night.
I had chatted with his mother on a number of occasions but never
his father before then. He was putting on as brave a front as he
could, looking at any glimmer of optimism as the shape reality
would take. The prison wouldn't be that bad, he would be treated
like a human being, they'd try to visit on the weekends, and
anything else that could help make this seem like an extended
vacation. As long as he learns to keep his mouth shut and not annoy
anyone, he'll be all right. Of course, we both knew full well that
Mark's forthright approach *always* managed to annoy somebody,
albeit usually only until they got to know him a little. Imagining
Mark fading into the background just wasn't something we could do.
Everything in Mark's room was neatly arranged and ready to
greet him upon his return - his computer, manuals, a videotape of
"Monty Python and the Holy Grail" with extra footage that a friend
had sent him (I convinced him to let me borrow it), a first edition
of "Hackers" that Steven Levy had just given him, and tons of other
items that could keep anyone occupied for hours. In fact, he was
occupied when I got there - he and Walter were trying to solve a
terminal emulation problem. My gestapo duties forced me to get him
going. It was getting late and we had to be in Philadelphia at a
reasonable time, especially since it was supposed to start snowing
at any moment. And so, the final goodbyes were said - Mark's mother
was especially worried that he might forget part of his medication
or that they'd have difficulty getting him refills. (In fact,
everyone involved in his case couldn't understand why Mark's
serious health problems had never been mentioned during the whole
ordeal or considered during sentencing.) The rest of us waited in
the car so he could have some final moments of privacy - and also
so we wouldn't have to pretend to smile while watching a family
being pulled apart in front of us, all in the name of sending a
message to other hackers.
Our drive was like almost any other. We talked about the
previous night's radio show, argued about software, discussed
nuances of Star Trek, and managed to get lost before we even left
New York. (Somehow we couldn't figure out how the BQE southbound
connected with the Verrazano Bridge which led to an extended stay
in Brooklyn.) We talked about ECHO, the system that Mark has been
working on over the past year and how, since Wednesday, a couple of
dozen users had changed their last names to Optik as a tribute. It
meant a lot to him.
When you're in a car with five hackers, there's rarely any
quiet moments and the time goes by pretty quickly. So we arrived in
Philadelphia and (after getting lost again) found our way to South
Street and Jim's Cheesesteaks, a place I had always wanted to take
Mark to, since he has such an affinity to red meat. Jim's is one of
my favorite places in the world and we soon became very comfortable
there. We met up with Bernie S. and some of the other Philadelphia
hackers and had a great time playing with laptops and scanners
while eating cheesesteaks. The people at Jim's were fascinated by
us and asked all kinds of questions about computers and things.
We've had so many gatherings like this in the past, but it was
pretty cool to just pull into a strange city and have it happen
again. The karma was good.
We wound up back at Bernie S.'s house where we exchanged
theories and experiences of our various cable and phone companies,
played around with scanners, and just tried to act like everything
was as normal as ever. We also went to an all-night supermarket to
find Pennsylvania things: TastyKakes, Pennsylvania Dutch pretzels,
and pickles that we found out were really from Brooklyn. We managed
to confuse the hell out of the bar code reader by passing a copy of
2600 over it - the system hung for at least a minute!
It was around five in the morning when one of us finally asked
the question: "Just when exactly does Mark have to be at this
prison?" We decided to call them right then and there to find out.
The person answering the phone was nice enough - she said he had
until 11:59 pm before he was considered a fugitive. This was very
good news - it meant a few more hours of freedom and Mark was happy
that he'd get to go to the Philadelphia meeting after all. As we
drifted off to sleep with the sun rising, we tried to outdo each
other with trivial information about foreign countries. Mark was
particularly good with obscure African nations of years past while
I was the only one who knew what had become of Burma. All told, not
a bad last day.
Prison Day arrived and we all got up at the same moment (2:03
pm) because Bernie S. sounded an airhorn in the living room. Crude,
but effective.
As we recharged ourselves, it quickly became apparent that
this was a very bizarre day. During the overnight, the entire
region had been paralyzed by a freak ice storm - something I hadn't
seen in 16 years and most of the rest of us had never experienced.
We turned on the TV - interstates were closed, power was failing,
cars were moving sideways, people were falling down.... This was
definitely cool. But what about Mark? How could we get him to
prison with roads closed and treacherous conditions everywhere? His
prison was about two hours away in the direction of wilderness and
mining towns. If the city was paralyzed, the sticks must be
amputated entirely!
So we called the prison again. Bernie S. did the talking, as
he had done the night before. This time, he wound up getting
transferred a couple of times. They weren't able to find Mark's
name anywhere. But that good fortune didn't last - "Oh yeah, I know
who you're talking about," the person on the phone said. Bernie
explained the situation to them and said that the State Troopers
were telling people not to travel. So what were we to do? "Well,"
the friendly-sounding voice on the other end said, "just get here
when you can get here." We were overjoyed. Yet more freedom for
Mark all because of a freak of nature! I told Bernie that he had
already been more successful than Mark's lawyer in keeping him out
of prison.
We spent the afternoon getting ready for the meeting, watching
The Weather Channel, and consuming tea and TastyKakes in front of
a roaring fire. At one point we turned to a channel that was
hawking computer education videos for kids. "These children," the
fake schoolteacher was saying with equally fake enthusiasm, "are
going to be at such an advantage because they're taking an early
interest in computers." "Yeah," we heard Mark say with feigned glee
from another room, "they may get to experience *prison* for a
year!" It took about 45 minutes to get all of the ice off our cars.
Negotiating hills and corners became a matter of great concern. But
we made it to the meeting, which took place in the middle of 30th
Street Station, where all of the Amtrak trains were two and a half
hours late. Because of the weather, attendance was less than usual
but the people that showed up were enthusiastic and glad to meet
Phiber Optik as he passed by on his way up the river.
After the meeting we found a huge tunnel system to explore,
complete with steampipes and "Poseidon Adventure" rooms. Everywhere
we went, there were corridors leading to new mysteries and strange
sights. It was amazing to think that the moment when everybody
figured Mark would be in prison, here he was with us wandering
around in the bowels of a strange city. The karma was great. But
then the real fun began. We decided to head back to South Street to
find slow food - in fact, what would probably be Mark's last
genuine meal. But Philadelphia was not like New York. When the city
is paralyzed, it really is paralyzed. Stores close and people stay
home, even on a Friday night. We wanted to take him to a Thai place
but both of the ones we knew of were closed. We embarked on a
lengthy search by foot for an open food place. The sidewalks and
the streets were completely encased in ice. Like drunken sailors in
slow motion, we all staggered down the narrow streets, no longer so
much concerned with food, but just content to remain upright.
People, even dogs, were slipping and falling all around us. We did
our best to maintain dignity but hysterical laughter soon took over
because the situation was too absurd to believe. Here we were in a
strange city, unable to stand upright in a veritable ice palace,
trying to figure out a way to get one of our own into a prison. I
knew it was going to be a strange trip but this could easily beat
any drug.
We ate like kings in a Greek place somewhere for a couple of
hours, then walked and crawled back to the cars. The plan now was
to take Mark to prison on Saturday when hopefully the roads would
be passable. Actually, we were all hoping this would go on for a
while longer but we knew it had to end at some point. So, after a
stop at an all-night supermarket that had no power and was forced
to ring up everything by hand, we made it back to Bernie's for what
would really be Mark's last free night. It was well after midnight
and Mark was now officially late for prison. (Mark has a reputation
for being late to things but at least this time the elements could
take the blame.) We wound up watching the "Holy Grail" videotape
until it was practically light again. One of the last things I
remember was hearing Mark say how he wanted to sleep as little as
possible so he could be awake and free longer.
We left Bernie's late Saturday afternoon. It was sad because
the aura had been so positive and now it was definitely ending. We
were leaving the warmth of a house with a fireplace and a
conversation pit, journeying into the wild and the darkness with
wind chill factors well below zero. And this time, we weren't
coming back.
We took two cars - Bernie and Rob in one; me, Mark, Walter,
and Roman in the other. We kept in touch with two way radios which
was a very good idea considering the number of wrong turns we
always manage to make. We passed through darkened towns and alien
landscapes, keeping track of the number of places left to go
through. We found a convenience store that had six foot tall beef
jerky and Camel Light Wides. Since Mark smokes Camel Lights (he had
managed to quit but all of the stress of the past year has gotten
him right back into it), and since he had never heard of the wide
version, I figured he'd like to compare the two, so I bought him a
pack. I never buy cigarettes for anyone because I can't stand them
and I think they're death sticks but in this case I knew they'd be
therapeutic. As we stood out there in the single digits - him with
his Wides, me with my iced tea - he said he could definitely feel
more smoke per inch. And, for some reason, I was glad to hear it.
Minersville was our final destination but we had one more town
to pass through - Frackville. Yeah, no shit. It was the final dose
of that magical karma we needed. As we looked down the streets of
this tiny town, we tried to find a sign that maybe we could take a
picture of, since nobody would ever believe us. We pulled up to a
convenience store as two cops were going in. And that's when we
realized what we had been sent there to do.
Bernie S. went in to talk to the cops and when he came out, he
had convinced them to pose with Mark in front of their squad car.
(It didn't really take much convincing - they were amazed that
anyone would care.) So, if the pictures come out, you can expect to
see a shot of Phiber Optik being "arrested" by the Frackville
police, all with big smiles on their faces. Frackville,
incidentally, has a population of about 5,000 which I'm told is
about the distribution of Phrack Magazine. Kinda cosmic.
So now there was nothing left to do. We couldn't even get lost
- the prison was straight ahead of us. Our long journey was about
to come to a close. But it had been incredible from the start;
there was no reason to believe the magic would end here. The prison
people would be friendly, maybe we'd chat with them for a while.
They'd make hot chocolate. All right, maybe not. But everybody
would part on good terms. We'd all give Mark a hug. Our sadness
would be countered by hope.
The compound was huge and brightly lit. We drove through it
for miles before reaching the administration building. We assumed
this was where Mark should check in so we parked the cars there and
took a couple of final videos from our camcorder. Mark was nervous
but he was still Mark. "I think the message is 'come here in the
summer,'" he said to the camera as we shivered uncontrollably in
the biting freeze.
As we got to the door of the administration building, we found
it to be locked. We started looking for side doors or any other way
to get in. "There's not a record of people breaking *into* prison,"
Bernie wondered out loud. It was still more craziness. Could they
actually be closed?
I drove down the road to another building and a dead end.
Bernie called the prison from his cellular phone. He told them he
was in front of the administration building and he wanted to check
somebody in. They were very confused and said there was no way he
could be there. He insisted he was and told them he was in his car.
"You have a *car* phone?" they asked in amazement. When the dust
settled, they said to come down to the building at the end of the
road where I was already parked. We waited around for a couple of
minutes until we saw some movement inside. Then we all got out and
started the final steps of our trip.
I was the first one to get to the door. A middle-aged
bespectacled guy was there. I said hi to him but he said nothing
and fixed his gaze on the five other people behind me.
"All right, who's from the immediate family?"
"None of us are immediate family. We're just--"
"Who's the individual reporting in?"
"I'm the individual reporting in," Mark said quietly.
"The only one I need is just him."
The guard asked Mark if he had anything on him worth more than
$100. Mark said he didn't. The guard turned to us.
"All right, gentlemen. He's ours. Y'all can depart."
They pulled him inside and he was gone. No time for goodbyes
from any of us - it happened that fast. It wasn't supposed to have
been like this; there was so much to convey in those final moments.
Mark, we're with you... Hang in there... We'll come and visit....
Just a fucking goodbye for God's sake.
It caught us all totally off guard. They were treating him
like a maximum security inmate. And they treated us like we were
nothing, like we hadn't been through this whole thing together,
like we hadn't just embarked on this crazy adventure for the last
few days.
The karma was gone.
From behind the door, a hooded figure appeared holding
handcuffs. He looked through the glass at us as we were turning to
leave. Suddenly, he opened the outer door and pointed to our
camera. "You can't be videotaping the prison here," he said. "All
right," I replied, being the closest one to him and the last to
start back to the cars. As I turned away, he came forward and said,
"We gotta have that film." "But we didn't take any pictures of the
prison!" I objected. "We gotta take it anyway," he insisted. We all
knew what to do. Giving up the tape would mean losing all
recordings of Mark's last days of freedom. The meeting in
Philadelphia, slipping down the icy streets, hanging out in
Bernie's house, Frackville.... No way. No fucking way.
Roman, who had been our cameraman throughout, carefully passed
off the camera to Bernie, who quickly got to the front of the
group. I stayed behind to continue insisting that we hadn't filmed
any part of their precious prison. I didn't even get into the fact
that there are no signs up anywhere saying this and that it
appeared to me that he was imposing this rule just to be a prick.
Not that I would have, since Mark was somewhere inside that
building and anything we did could have repercussions for him.
Fortunately, the hooded guard appeared to conclude that even if he
was able to grab our camera, he'd probably never find the tape. And
he never would have.
The hooded guard stepped back inside and we went on our way.
If it had been dark and cold before, now it was especially so. And
we all felt the emptiness that had replaced Mark, who had been an
active part of our conversations only a couple of minutes earlier.
We fully expected to be stopped or chased at any moment for the
"trouble" we had caused. It was a long ride out of the compound.
We headed for the nearest major town: Pottsville. There, we
went to the only 24 hour anything in miles, a breakfast/burger
joint called Coney Island of all things. We just kind of sat there
for awhile, not really knowing what to say and feeling like real
solid shit. Roman took out the camcorder and started looking
through the view screen. "We got it," he said. "We got it all."
Looking at the tape, the things that really hit me hard are
the happy things. Seeing the cops of Frackville posing and laughing
with Mark, only a few minutes before that ugly episode, puts a
feeling of lead in my stomach. I'm just glad we gave him a hell of
a sendoff; memories of it will give him strength to get through
this.
What sticks with me the most is the way Mark never changed,
right up to the end. He kept his incredible sense of humor, his
caustic wit, his curiosity and sense of adventure. And he never
stopped being a hacker in the true sense. What would a year of this
environment do to such a person?
Our long ride back to New York was pretty quiet for the most
part. Occasionally we'd talk about what happened and then we'd be
alone with our thoughts. My thoughts are disturbing. I know what I
saw was wrong. I know one day we'll realize this was a horrible
thing to do to somebody in the prime of life. I don't doubt any of
that. What I worry about is what the cost will be. What will happen
to these bright, enthusiastic, and courageous people I've come to
know and love? How many of us will give up and become embittered
shells of the full individuals we started out as? Already, I've
caught myself muttering aloud several times, something new for me.
Mark was not the only one, not by far. But he was a symbol -
even the judge told him that at the sentencing. And a message was
sent, as our system of justice is so fond of doing. But this time
another message was sent - this one from Mark, his friends, and the
scores of other hackers who spoke up. Everybody knew this wasn't
right.
All through this emotional sinkhole, our tears come from
sadness and from anger. And, to quote the Clash, "Anger can be
power."
Now we just have to learn to use it.
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
KARL KIROUAC EST UN INFORMATEUR
par Hellraiser
Intro par The SubHuman Punisher
Vous avez peut-tre ramass ce fichier sur certains babs. Je
ne sais pas ce que vous en avez pens, mais nous on trouve que
cette histoire n'est pas claire. Enfin, constatez par vous-mmes et
faites nous part de vos commentaires... Ceci dit, c'est la toute
premire fois que j'entends que j'ai t bust pour avoir vendu des
copieurs SNES. Franchement...
En passant, la GRC m'a retourn mon matriel, le tout intact.
J'attends encore qu'on me convoque pour savoir de quoi je me suis
rendu coupable...
-------------
Ce fichier est destin
tous les SysOps et aux usagers
frquentant les BBS Pirates ou privs, selon le cas. Je dsire vous
informer que j`ai eu accs aux fichiers de la GRC ( Gendarmerie
Royale Du Canada ) par le biais de mon modem le 19 Dcembre
23
heures 45.
J'ai fait le tour des documents concernant les BBS Pirates et
privs et j'y ai dcouvert une fuite... Un jeune de 14 ans du nom
de Karl Kirouak sous l'alias de Jumping Kid ou tout rcemment cel
fut chang pour Nasgul. J'y ai vu que ce petit drle avait dnonc
3 BBS, 4 personnes ayant rapport au domaine en tant que
fournisseurs de logiciels, fournisseurs de matriel informatique
drob et ce que l'on appelle communment "trasheurs de babs".
Comment ce jeune idiot a fait pour avoir ses informations?
- Je me suis inform auprs de mes contacts sur le domaine et, j'ai
russi
apprendre que cette "pourriture" aurait trouv ses
informations en ouvrant des BBS... 1 public du nom de Battle Field
et 1 pirate qui fonctionne encore sous le nom de Subway Of Dungeon
- 418-529-5899 - Mot de passe pour les nouveaux usagers : ELM
STREET. Il aurait de ce fait eu des numros de BBS pirates et bien
videmment comme sur tous les BBS pirates, des usagers appels
"lites". Il aurait, parat-il, dnonc les BBS qui ne l'auraient
pas accept
cause d'une mauvaise rputation ou de la faible
vitesse de son modem ( 2400 soit-dit en passant ).
Les lites, tant qu'
eux, ils se sont laisss prendre par
cette "impuret"... Celui-ci demandait, et je cite:" T'aurais-tu
par hasard un HD vol
me vendre please? Ou bedon une couple de
Warez?". Evidemment, de ce fait, il a pris en note ses
conversations et, les a donn
la GRC.
Quels BBS a-t-il dnonc
la GRC?
- Voici la liste des 3 BBS ayant ts dnoncs par cette "chiure"
ainsi que les noms des SysOps.
þ Dark Side Of Reality - Master Of Darkness
þ CraftWorld's - Slum Dweller
þ The Doors of Perception - The Shaman
Qui a-t-il dnonc
la GRC?
Voici la liste des personnes ayant t dnonces par cette "merde".
þ Subhuman Punisher
Pour avoir vendu des copieurs SNES.
þ Radioactive Virus
Pour avoir fait SBBSFIX pour obtenir la liste des usagers de
Thunder BBS.
þ Clone
Pour tre pntr sur les BBS sous l'alias de Fvladimir Kroutchefv
et s'tre fait au dessus de 10 faux noms sur World Vision.
þ Android
Son modem Zyxel est un modem vol. Il l'aurait pay 150$.
--------------------------
Bon jusqu'
prsent vous avez le got selon moi de lui faire
pter la cervelle ou de lui arracher les couilles (Oops! Il en a
pas...).
Ce petit mongol aurait dnonc toutes ces personnes car il ne
voulait pas que son BBS soit aperu... Il aurait aussi selon mes
sources, sous son vrai nom en plus, envoy une dizaine de virus ou
trojans sur Light BBS - 651-5664 ... Il est dans le Trashcan
maintenant.
--------------------------
Que faire?
- On ne peut pas faire grand chose contre lui sauf de le mettre
dans les trashcans de tous les BBS, qu'ils soient publics ou
pirates, car ce petit crisse va essayer de vous trouver des points
faibles et vous drober des informations. Appelez sur son Board et
retournez-lui tous les virus qu'il a envoy sur les BBS juste pour
vous faire chier et se sentir plus intelligent.
--------------------------
Envoyez a sur tous les BBS, Karl est une crisse de "puanteur"
qui mrite de ne plus avoir de modem!
HellRaiser
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
LES JOURNALISTES RADOTENT...
par Santa Claus
On a publi, rcemment, un article dans le journal Voir, celui
qui est gratuit, concernant le piratage informatique. Rien
d'tonnant, les gens ne savent plus de quoi parler. On nous
prsente comme une espce de gros mchants loups, des "Big
Brothers", comme l'indique le titre de l'article en question. Ce
qui m'tonne par contre, c'est qu'on nomme toujours les autorits
suprieures par "Monsieur, Professeur, Sergent, etc...". Les
gentils compagnons du peuple. Les protecteurs de la libert. Les
imbciles qui ont crit ce texte ont l'air d'y croire dur comme
fer, ce qu'on peut leur dire, c'est: GET REAL!
----------------------------------------------------------------
Les pirates de l'informatique
ARSENE LUPIN VS BIG BROTHER
Le Cyberspace a attir une nouvelle race de hors-la-loi: les
pirates de l'informatique, qui peuvent s'infiltrer dans
peu prs
tous les ordinateurs de la plante. Gouvernement, entreprises,
coles, rien ne leur rsiste. [Belle intro, on se croirait dj
dans super-Mario Bros.]
Par: Berclay Fortin et Denis Poissant
La chambre d'un adolescent. Une boite de pizza, un poster de
Nirvana, un ordinateur, un modem. Banal. Mais attention! Voil
le
lieu de nombreux dlits...
Un appel
la polyvalente, quelques prouesses au clavier, et hop!
les mauvaises notes grimpent de 30%. [Hmm...] Un appel dans une
grosse compagnie, le bon mot de passe, et hop! les secrets
industriels deviennent accessibles. Avec les bons outils et un peu
d'imagination, les possibilits qui s'ouvrent aux pirates
informatiques - les hackers dans le jargon - font peur. coute de
conversation tlphonique, [Et c'est
nous qu'on associe
l'coute tlphonique! Et la GRC la-dedans??? Ah! oui! Ce sont les
gentils! Ils ont le droit, bien sr!] dtournement d'argent,
accs
de l'information supposment confidentielle. De plus en
plus, on rapporte des cas de messageries vocales vandalises, de
numros de cartes de crdit vols... et de factures qui grimpent
vertigineusement. [A noter, encore ici, on dit "VOLS". Il faut
croire que le social engineering n'est plus ce qu'il tait...]
"Les gens peuvent obtenir de l'information illgalement de toutes
sortes de faons", admet le sergent Robert Fillion, [Bob!] de la
nouvelle brigade de crimes informatiques de la GRC
Montral. "Il
y a une augmentation de ce genre de crimes." "Chaque enqute est en
soi un apprentissage", commente pour sa part Robert Caston(-)gay,
responsable des enqutes relies au piratage informatique de la GRC
Qubec. Quelques ordinateurs, des manuels d'instruction, des
modems: les quatre enquteurs montralais et leurs deux collgues
de Qubec sont bien quips pour patrouiller l'autoroute digitale.
[Quelle jolie comparaison! j'en vibre
mort, en dedans de
moi-mme, sur la route
page des mes sentiments les plus
dcapots]
Mais les hackers ne sont pas
pied eux non plus. Dans le comfort
de leur maison, ils font damner la police. Sans se salir les mains,
Merlin l'Emmerdeur, Kermit, Santa Claus, Lex Luthor, Knightmare et
plusieurs centaines d'autres
travers le monde, aux surnoms aussi
tranges pntrent par effraction dans les systmes informatiques.
[Et mal renseign, en plus! Merlin un pirate: HA!]
"Pour moi c'est un jeu, confie Simon, 19 ans. Faut tre meilleur
que le systme. Le dfi, c'est de possder l'information, et de la
mettre dans ton carnet de notes." Pour la plupart, c'est un sport.
La chasse
l'information. Une fois capture, l'info est attache
sur le toit de l'ordinateur [HAHAHAHAHAHAHAHA!!!] et ramene
la
maison. [mpff!!!] Comme un trophe, on l'accroche au mur. Et on
raconte ses meilleures histoires de chasse aux confrres sur des
babillards lectroniques privs.
"Les jeunes en bas de 18 ans font a pour le kick", explique Greg,
21 ans, tudiant en gnie. [Wow!] "D'autres font a pour l'argent.
Moi, c'est pour apprendre comment fonctionnent les systmes. J'aime
pas a tre victime de la technologie.", ajoute- t-il en tirant de
sa poche un petit bidule mettant des bips-bips. "Ce son simule le
bruit que fait un 25 sous en entrant dans un tlphone public. Le
gadget marche trs bien. Il suffit de changer le cristal
l'intrieur."
C'est la base du hacker: savoir frauder les compagnies de
tlcommunications. Son billet gratuit pour le cyberspace.
Piqueurs de codes
Chez Bell Canada,
Montral, la mfiance rgne depuis la
drglementation des services interurbains. A l'entre, on doit
donner notre nom et pingler une carte sur son manteau. Srieux,
l'espionnage industriel.
Le directeur de la scurit, Jacques Desjardins, nous amne dans
une petite pice. Il nous demande nos papiers de journalistes. Nous
n'en avons pas. Il appelle au journal pour vrifier si nous ne
sommes pas des imposteurs, puis revient. "Dsol, mais on ne peut
pas prendre de chances. Il ne faut pas devenir paranoaque, mais
faut faire attention
ce qu'on dit." Sage. Les hackers sont
souvent matres du social engineering: se faire passer pour un
autre afin d'obtenir de l'information spcialise.
Les hackers sont aussi spcialistes dans la fraude interurbaine.
Avant 1991, aux tats-Unis, les transporteurs ont perdus 1.5
milliard de dollars en interurbains "vols", et 3 milliards l'anne
suivante. En 1993, on parle d'environ 4 milliards. "Au Canada il se
perd plusieurs dizaines de millions de dollars par anne", estime
Jacques Desjardins, sans vouloir avancer de chiffre prcis. "Ce
n'est pas du domaine public."
Pour frauder, pas besoin d'tre un hacker. Il suffit d'obtenir le
numro de carte d'appel d'une autre personne. L'expert va dans les
endroits publics, regarde par-dessus l'paule d'un voyageur qui
pitonne son code, le prend en note, puis l'utilise ou le revend.
Le hacker plus sophistiqu, lui, prfre s'infiltrer dans les
systmes tlphoniques des entreprises et faire ses appels
leurs
frais. Une simple bote vocale peut lui servir de base d'opration.
Lorsqu'il a dcouvert un tuyau, il s'empresse de le refiler
ses
petits copains. "Si le fraudeur est attrap, a devient difficile
de le rendre responsable de la totalit de la perte", explique
Jacques Desjardins.
[La seule partie raliste, sans commentaires.]
Surveillez vos vidanges
Son rservoir
essence plein, le hacker peut ensuite cogner aux
portes de tous les systmes informatiques. Et pas besoin de tout
dynamiter pour pntrer. La cl l'attend souvent sous le
paillasson... Plusieurs mots de passe sont en effet ridicules. "99%
des incidents sont relis
des mots de passe dficients", soutient
Pierre Cormier, responsable de la scurit informatique
l'Universit du Qubec
Montral (UQAM). C'est quoi un mot de
passe dficient? Nom, numro d'assurance sociale, nom de son chum,
de sa mre, de son chat...
"Toutes les compagnies sont vulnrables", indique Jacques
Desjardins. "Le principe fondamental en sret informatique, c'est
que les employs ne doivent accder qu'
ce dont ils ont besoin
pour faire leur travail. Un rseau a beau tre priv, l'ajout d'un
seul modem ouvre la porte
tout le rseau." Il est important de
bien calfeutrer. C'est petit, un hacker. Une malheureuse fissure et
il se faufile... "Les compagnies doivent verrouiller leurs portes",
avertit le sergent Robert Fillion. [Bob!] De bonnes serrures ne
suffisent pas, il faut aussi vrifier ses vidanges. "a n'a pas
d'allure le stock que tu peux trouver dans les vidanges des grosses
compagnies!" confie Greg avec enthousiasme. "Des mots de passe, des
listes de codes d'accs..." A Bell, on a compris. "Les informations
doivent maintenant tre dchiquetes... et c'est appliqu", dit
Jacques Desjardins. [Mon cul! ouais!]
Mme quand leurs portes sont dfonces, les compagnies oublient
souvent de poursuivre les dlinquants. "Gnralement on ne
publicise pas ce genre de choses", explique Pierre Trudel,
professeur de droit des communications
l'Universit de Montral.
"Les banques et les autres victimes prfrent rgler ces choses l
l'interne pour ne pas saboter la confiance du public." a
dpend... "Quand une personne pogne une facture de 250 000 $ en 28
jours (c'est arriv au Canada), elle change d'attitude pas mal
vite!" affirme le sergent Robert Fillion. [Bob!] Dans les
compagnies, on se la boucle. Impossible de soutirer une seule
syllabe sur le sujet
qui que ce soit.
"C'est rendu tellement facile de hacker, affirme Greg, qu'il n'y a
mme plus de challenge! Les compagnies sont en retard sur nous. a
a l'air arrogant, mais c'est comme a." Un vrai hacker. Hautain.
litiste. Fier. Ridiculisant [Surtout ridiculis,
l'heure qu'il
est...] l'industrie, mais mourrant d'envie de travailler pour une
grosse bote comme... Bell.
Les nouveaux cow-boys
Impossible d'enlever de la tte des hackers leur sentiment de
supriorit. Ils se voient comme la nouvelle lite technologique,
les pionniers du nouveau monde informatique. [C'est Greg qui t'a
dit a?]
Le hacker moyen commence sa carrire avec de vulgaires lance-pois.
"Moi, j'ai dbut avec un petit 2400, raconte Simon." Mais l'envie
de possder un bazooka le hante. "a m'a pris des plus gros modems
pour aller chercher de plus gros jeux aux tats- Unis."
[conclusion: Simon est un mchant Gilles. Il va chercher son K-RaD
3l33t3 StuFF aux U.S.! (C'est un VRAI Hacker)]
Petit
petit, il apprend des trucs, s'abonne au Hacker Quaterly,
joint un des nombreux groupes internationnaux de hackers, Phalcons
Skism (SKISM: Small Kids Into Sick Methods), et communique avec les
autres membres par babillard lectronique. Dans les noms de
groupes, le PH (Phone) remplace toujours le F. Des champions de
l'ironie. Phortune 500, The Phirm, IBM Syndicate, on se moque des
autorits. Cas clbre: tous les appels achemins au poste de
police de Delray Beach, Floride, aboutissaient dans un sex hotline
de New-York...
Bien sr, les organisations secrtes et gouvernementales fascinent
le hacker. A partir du systme de leur universit, des tudiants
qubcois ont cogn
la porte de la NASA, de la Maison-Blanche et
attir l'attention. Le CIA a apell l'Universit pour savoir ce qui
se passait. A Qubec, l'anne dernire, des hackers ont pntr 4
fois dans le rseau informatique du Conseil excutif du
gouvernement qubcois. "Ils ne cherchaient que la gloire, estime
Greg. Ceux qui font a se font pogner tout de suite." [Ah ouais?]
Mais le hacker n'a pas le choix. S'il ne parle pas de ses bons
coups, il n'existe pas. Il doit montrer ses meilleures prises.
Voil
son talon d'Achille. Le hacker pche par vanit. "Leur gros
problme, c'est qu'ils se vantent toujours de leurs coups",
explique le sergent Robert Fillion [Bob!] . "Le hacker se fait
souvent arrter
cause de ses dfauts humains", ajoute-t-il en
souriant.
Dlicieux paradoxe... [Mchant malade]
La CIA sur le coup
Chaque hacker a son propre code d'thique. Les lois? Pffff...
"C'est illgal, mais je n'ai aucun problme avec a", lance Greg,
au sujet de la fraude interurbaine."
Ils n'ont tout simplement pas l'impression d'enfreindre la loi. Ils
ne tuent, ni ne blessent personne. Et puis aucun antcdent
judiciaire n'existe, surtout au Canada, pour leur foutre la
trouille. Les lois sont claires, pourtant: pas le droit de voler un
service de tlcommunication, d'utiliser un ordinateur sans
autorisation, de dtruire ou modifier des donnes informatiques.
Mais les victimes ont peur de se montrer au grand jour, et les
juges ne saisissent pas toujours bien les nuances des crimes.
Contrairement aux biens matriels, l'information est intangible.
Combien "vaut" telle ou telle fraude? Difficile
dire. Mme quand
un hacker fait pour 200 000$ d'interurbains, il ne voit pas o est
le crime l
-dedans. [Les juges sont si intelligents!]
Avant de comdamner les hackers, il faut d'abord les attraper. Les
meilleurs, ceux qui ne se vantent pas sur tous les toits, sont durs
pincer. "Au moins 99% n'ont pas l'expertise pour effacer leurs
traces", estime Pierre Cormier de l'UQAM. Mais les autres sont plus
dangereux. Ils mettent des gants blancs, falsifient leurs
empreintes digitales, brouillent les pistes. "Un hacker de Tokyo
peut faire son coup ici, et un hacker qubcois peut frauder au
Mexique. Difficile d'enquter dans ces circonstances."
Gambadant d'un systme
l'autre, les hackers se bidonnent. Mais
les victimes ne rient pas. Aux tats-Unis, en 1990, la police
lanait un raid sans prcdent dans le millieu hacker. Le systme
informatique de AT&T s'tait effondr (de lui-mme, semble-t-il),
et on a souponn un complot. Confiscations d'ordinateurs dans
plusieurs villes, procs... tout pour donner l'exemple.
Aujourd'hui, les systmes informatiques contrlent tout, partout.
Alors on imagine les pires scnarios. "Le gouvernement a peur qu'on
trouve des secrets militaires, qu'on parte des missiles", dit Greg.
Dans le film War Games (1984), un adolescent passe
un cheveu de
dclencher la 3e guerre nondiale. Exagr, videmment. Ce qui l'est
moins, c'est tout le fric qui circule sur les lignes tlphoniques
et qui peut tre intercept, dtourn. Parlez-en
la compagnie
Volkswagen, qui a perdu 260 millions de dollars de cette faon
rcemment. "Tout est faisable, avance Simon. Ce qui prend le plus
de guts, c'est de se prsenter
la banque avec une valise et de
sortir 100 000$." [Pour aller chercher du StUff WareZ KRaD aux
U.S.!]
Afin de pourchasser adquatement les terroristes et les
blanchisseurs d'argent de tout acabit, le gouvernement amricain
s'est dot d'un gros bolide, le Federal Financial Crimes
Enforcement Network, qui a accs
toutes sortes d'informations
confidentielles. Un gros char, propuls par les systmes
informatiques du CIA, du FBI, du Service Secret, de l'IRS, etc.
Efficace, pas de doute. Mais peut-tre aussi l'embryon de Big
Brother.
Nos hackers disent ne rien faire de "trop" illgal. Ni banques, ni
trucs militaires, ni espionnage industriel. Mme pas pour du fric?
Allez les gars! Soyez... honntes. "Quelqu'un me donnerait 10 000$
pour faire quelque chose, je pense que je dirais oui", admet
finalement Greg.
N'oubliez pas ceci: non, a n'arrive pas qu'aux autres. La
prochaine fois que vous entrez votre code tlphonique dans un
endroit public, regardez donc derrire vous.
Quelqu'un pourrait fouiner...
[Quel ramassis de bullshit!]
----------------------------------------------------------------
De retour
Santa...
L'ennui la-dedans, c'est qu'il identifie tout les pirates au mot
"Hacker". Simon,
l'entendre, est plutt un Warez Puppy. Son
crime,
lui, fait peut-tre partie comme de ceux hackers, mais ne
s'y baigne-t-il pas plus? Il fraude la Loi sur les Copyrights!
Mais Bob ne semble pas vouloir faire grand chose avec lui... Vous
savez combien de fric Microsoft se ferait si tout le monde
utilisant MicroSoft Windows payait sa version? Je ne suis mme pas
sur de pouvoir deviner le nombre de zros dans tout a.
Pourquoi, alors, pointe-on les hackers du doigt? Parce que c'est
moins facile de courir tout simplement aprs les copieurs! Parce
qu'il n'ont absolument rien pour contrer le phnomne! Parce que
n'importe quel juge, ou sergent, ou agent
la scurit chez BCE,
ou n'importe quel fonctionnaire a sa copie de Windows, du Dos 6.0,
d'une dizaine de jeux, qu'il n'a pas pay. C'est combien de
milliards, tout ce fric??? Plus, en tout cas, que ce dont on se
plaint ici. Bande de pleurnichards!
DORMEZ, MES BREBIS, SATAN EST A L'OEUVRE! - Jsus.
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
Electronic Petition to Oppose Clipper
par Dave Banisar
pour
Computer Professionnals for Social Responsability (CPSR)
Intro par Kermit
Il y a de cela quelques numros, je vous avais bassin un
papier sur Clipper, le chip d'encryption propos par
l'administration Clinton. Je ritre l'exploit (!!!) en vous
soumettant le contenu de la ptition propose par le CPSR. NPC
says: sign this!
-------
On January 24, many of the nation's leading experts in
cryptography and computer security wrote President Clinton and
asked him to withdraw the Clipper proposal.
The public response to the letter has been extremely
favorable, including coverage in the New York Times and numerous
computer and security trade magazines.
Many people have expressed interest in adding their names to
the letter. In response to these requests, CPSR is organizing an
Internet petition drive to oppose the Clipper proposal. We will
deliver the signed petition to the White House, complete with the
names of all the people who oppose Clipper.
To sign on to the letter, send a message to:
Clipper.petition@cpsr.org
with the message "I oppose Clipper" (no quotes)
You will receive a return message confirming your vote.
Please distribute this announcement so that others may also express
their opposition to the Clipper proposal.
CPSR is a membership-based public interest organization. For
membership information, please email cpsr@cpsr.org. For more
information about Clipper, please consult the CPSR Internet Library
- FTP/WAIS/Gopher CPSR.ORG /cpsr/privacy/crypto/clipper
===================================================================
The President
The White House
Washington, DC 20500
Dear Mr. President:
We are writing to you regarding the "Clipper" escrowed
encryption proposal now under consideration by the White House. We
wish to express our concern about this plan and similar technical
standards that may be proposed for the nation's communications
infrastructure.
The current proposal was developed in secret by federal
agencies primarily concerned about electronic surveillance, not
privacy protection. Critical aspects of the plan remain classified
and thus beyond public review.
The private sector and the public have expressed nearly
unanimous opposition to Clipper. In the formal request for comments
conducted by the Department of Commerce last year, less than a
handful of respondents supported the plan. Several hundred opposed
it.
If the plan goes forward, commercial firms that hope to
develop new products will face extensive government obstacles.
Cryptographers who wish to develop new privacy enhancing
technologies will be discouraged. Citizens who anticipate that the
progress of technology will enhance personal privacy will find
their expectations unfulfilled.
Some have proposed that Clipper be adopted on a voluntary
basis and suggest that other technical approaches will remain
viable. The government, however, exerts enormous influence in the
marketplace, and the likelihood that competing standards would
survive is small. Few in the user community believe that the
proposal would be truly voluntary.
The Clipper proposal should not be adopted. We believe that if
this proposal and the associated standards go forward, even on a
voluntary basis, privacy protection will be diminished, innovation
will be slowed, government accountability will be lessened, and the
openness necessary to ensure the successful development of the
nation's communications infrastructure will be threatened.
We respectfully ask the White House to withdraw the Clipper
proposal.
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
Implementation of C2 Level of security under Unix
par
Gurney Halleck
Intro par Blitzkreig
On s'est achet C2! On a eu un bon deal pour le programme
(original) crit pour SCO Unix. Et on va l'installer sur LLC. Vous
le savez, nous sommes un tantinet proccups par la scurit de
LLC. Un, la fable du cordonnier mal chauss, trs peu pour nous,
nous l'avons dit. LLC va tre cit en exemple comme systme dont la
scurit est leve. Deux, on se mfie des petits twits qui
feraient des gorges chaudes parce qu'ils ont russi a "planter" le
systme de NPC... Quoi qu'ils ne vivraient pas assez longtemps pour
s'en vanter. Et trois, ce qui est peut-tre le plus important
mes
yeux, on ne voudrait pas que quelqu'un se serve de LLC pour
commettre des actes illgaux. On sait pertinemment que le systme
va tre surveill, en amont, par la GRC. Et je n'investis pas des
dizaines de milliers de dollars dans une entreprise qui risquerait
de se faire fermer par les autorits. Je suis cingl, mais pas au
point de risquer de tout perdre financirement.
On s'est achet C2, donc. Voici un petit texte de Gurney (qui
devrait paratre dans le prochain Phrack) sur ce que reprsente ce
programme de scurit. En passant, vous pouvez vous procurer C2
pour votre Unix pour environ 90$US. C'est le prix que charge...
Leur numro de tlphone est le...
-------------------
As both the number and uses of computers have increased, so
too has the need for reliable security standards. Accordingly, the
United States Department of Defense developed a collection of
security standards ans assembled them into the Trusted Computer
Standards Evaluation Criteria, more commonly known as the Orange
Book. C2 which is only one of several security levels, is by no
means the highest, but it is the level used by more and more of the
business-oriented UNIX vendors, meaning, you'll encounter more and
more of them around.
C2 security addresses total system security, including the
physical machine, the software, backups, and the information stored
on the physical media. If the sysadmin follows the C2 guidelines,
the end result is what is called a "trusted" system. But this
system is only as "trusted" or "secure" as the physical machine and
media.
Under C2, at the physical level, care is taken to restrict the
users who can access the system console, which is where the disk
drives and keyboard are. By restricting access to the console, the
number of users who could alter the boot process with a different
bootable disk is limited. In addition, the software distributions
must be protected. What good would it be to lock access to the
machine if the UNIX disks are right besides the system? Anyone
could boot the system form those floppy disks, override the
software protections, and access the data.
The same is also true for backup media, if the backup media is
freely accessible, then anyone can access the data by reading the
backup tapes.
Trusted vs. Secure
^^^^^^^^^^^^^^^^^^
Because no computer yet developed is completely free from
risks, computer systems are not referred to as "secure", but rather
as "trusted". A trusted system is defined as one that has a higher
degree of control over the users on the system and the
corresponding data. A trusted system prevents, or at least
identifies, unauthorized access to the system.
C2 Basics
^^^^^^^^^
A collection of concepts and ideas, some of them more logical
than physical, form a large part of the definition of a trusted
system. I will now review those concepts and ideas.
The heart of the trusted system is the "trusted computing
base", or TCB. The base includes a collection of databases that
store information on users, devices, and files, to detect
unauthorized access. A wide variety of programs also form part of
the computing base, which is the operating system's enforcement
mechanism.
A "subject" in a C2 environnement is an entity such as a
process, which is a program running on the UNIX system. "Objects"
are such items as devices, files and interprocess communication
objects, like semaphores and shared data.
The primary issue addressed by C2 security is accountability.
An action is accountable only if it can be traced back to a single
person. If there is any possibility that more than one person could
have taken the action, then there is no accountability. Most UNIX
systems lack accountability because the actions taken cannot be
traced back to a single user. Take the account "root" for example.
Most sites use it for administering their systems because it is the
only account which can do it all. It is not uncommon for several
people in an organization to know the root password, so that all
can perform the routine system administration tasks.
This pratice is one of the security holes in traditional UNIX.
The question can be asked "Who removed that file?" and all can
claim innocence, knowing that there is no way to trace their
actions. In a trusted system, however, each real user is associated
with a real account, and specific privileges and authority are
granted to each user. This will be discussed in more detail later.
The Discretionary Access Control (DAC) mechanism determines if
a given user has the access rights to a given "object". On most
UNIX systems, this object protection is implemented through the
standard UNIX permissions mechanisms, consisting of permissions
bits for the owner of the file, the group owner, and all other
users, as illustrated in the following:
-----------------UNIX permissions revisited-----------------------
The row of numbers above each example shows the octal
representation of the actual permission bits. The number in
brackets at the end of the line is the octal value of the
permission field.
a) The typical permission bit fields
4 2 1 4 2 1 4 2 1 (777)
- r w x r w x r w x
----------- ----------- -----------
owner group other
b) Set User ID. If the 's' in the execute field of the file is
upper case 'S', then there is no execution permission on this file.
4
4 2 1 4 - 1 4 - 1 (4755)
- r w s r - x r - x
------------
SUID
c) Set Group ID. See above note.
2
4 2 1 4 - 1 4 - 1 (2755)
- r w x r - s r - x
-----------
SGID
d) Sticky bit. This has become used to prevent users from being
able to remove files they don't own in public directories such as
/tmp.
1
4 2 1 4 - 1 4 - 1 (1755)
- r w x r - x r - t
-----------
"sticky bit"
-------------------------------------------------------------------
The DAC mechanism allows specific users to modify the Set User
ID (SUID) and the Set Group ID (SGID) bits and make ownership
changes, and it removes the extended permissions whenever a file is
copied.
You may think that this is all there is regarding permissions,
but in fact there is more. Authorizations are used to grant a given
user access to a particular action. C2 security provides for two
types of authorizations: kernel and subsystem. Kernel
authorizations are associated with processes and allow a process to
perform certain actions depending upon its authorization level.
Subsystem authorizations are associated with individual users and
allow a user to perform certain functions in the system. For
example, manipulation of the Line Printer (lp) subsystem requires
that the user have the lp authorization. The lp authorization
allows the user to access commands such as lpadmin to perform
printer maintenance.
Logging into a C2 trusted system involves a few additional
checks besides the usual password checking performed for a typical
UNIX system. The trusted system searches the password in the
password file as usual and validates the user provided that the
password is in fact the correct password. A record is kept for each
user account defining when the user last successfully and
unsuccessfully logged in to the system. This is an easy way for
users to see if their account is being violated, provided they
haven't disabled the reporting mechanism. In addition, C2 imposes
further controls enforced on password generation, making passwords
unusable that would be accepted on non-C2 trusted systems.
The major component in providing accountability to a C2 is the
Audit Mechanism. Auditing is not just an extension of the
traditional UNIX process accounting system. With process
accounting, the system keeps limited records regarding what
processes where executed on the system and who executed them. It
keeps no records regarding what objects (files or devices) were
accessed.
Auditing corrects this weakness of process accounting. A wide
variety of system events can be monitored, providing an audit trail
or record of all actions taken by every user on the system. Using
this audit trail, which according to the Orange Book must be kept
until that iteration of the Operating System is destroyed, the
System Administrator, Audit Administrator, or Security Office could
review it to determine when a specific action occurred, what
happened, and who was involved.
Finally, there are the Protected Subsystems. These subsystems
make use of the SUID and SGID bits to restrict access to only those
users who are members of that group. Even though it may appear that
a particular command is SGID belongs to a particular group, that
command is not necessarily part of the subsystem. At the same time,
simply putting the user in the desired group is not enough, there
are other authorizations which typically must also be granted.
The Trusted Computing Base Filesystem
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The files that make up the databases for the TCB are scattered
in several different directory hierarchies. The majority of the
files and programs required to maintain the TCB are in the /tcb
directory structure, as shown here:
-------------------------the /tcb directory-----------------------
/tcb
|
+---bin
|
+---files
| |
| +---audit
| | |
| | +---help
| |
| +---auditparms
| |
| +---auth
| | |
| | +---a...z
| |
| +---no_luid
| |
| +---subsys
| |
| +---rootcmds
|
+---lib
| |
| +---auth_scripts
| |
| +---relax
| |
| +---high
| |
| +---improved
| |
| +---low
| |
| +---traditional
|
+---audittmp
|
+---audit1
|
+---audit2
------------------------------------------------------------------
The user information is only partially stored in the
/etc/passwd file. Example:
--------------Trusted system password file entry-------------------
Login Name
| Password Place Holder
| | Comment
| | | Login Shell
| | | |
v v v v
ghalleck:x:1000:100:Gurney Halleck:/u/ghalleck:/bin/csh
^ ^ ^
| | |
| | Home directory
| Group ID
User ID
-------------------------------------------------------------------
The /etc/passwd file contains a 'x' where the password would
normally be. Additional user information is stored in the /tcb
directory structure, under /tcb/files/auth/[a-z]/{username}, where
the [a-z] to the corresponding directory with the same first letter
as the user's name. For example, my login name is ghalleck, so the
information on my user account will be found in the directory
/tcb/files/auth/g. The contents of this file is shown here with an
explanation of each entry.
-----------Sample contents of /tcb/files/auth/g--------------------
This example shows comments on the entry. The '# text' notes do NOT
appear in the file.
ghalleck:u_name=ghalleck:\ # Actual user name
:u_id#1000:\ # User ID
:u_pwd=MWUNe/plrPqck:\ # Encrypted password
:u_type=general:\ # User Type
:u_succhg#746505937:\ # Last Successful Psword Change
:u_unsuccgh#746506114:\ # Last Unsuccessful Pswd Change
:u_pswduser=ghalleck:\ #
:u_suclog#747066756:\ # Last Successful Login
:u_suctty=tty02:\ # Last Successful Login on tty
:u_unsuclog#747150039:\ # Last Unsuccessful Login
:u_unsuctty=tty04:\ # Last Unsuccessful Lgin on tty
:u_numunsuclog#1:\ # Number of Unsuccessful Logins
:u_lock@:\ #
:chkent: #
------------------------------------------------------------------
Information for the Terminal Control Database is also stored
under /etc/auth. This is where unsuccessful logins on each terminal
device are logged. When the maximum is reached, the terminal device
is locked or disabled until the system administrator clears the
lock. The locking mechanism makes it easier for the system
administrator to see if there is a potential problem with someone
trying to gain access to the system. The /etc/auth directories are
illustrated here:
-----------------The /etc/auth directory---------------------------
/etc/auth
|
+---subsystems
|
+---systems
------------------------------------------------------------------
And the primary Terminal Control file is illustrated and explained
here:
---------------Terminal control databases entry-------------------
This example shows comments on the entry. The '# text' notes do NOT
appear in the file.
tty01:\
:t_devname=tty01:\ # identifies that this is tty01
:t_uid=ghalleck:\ # last user who logged in
:t_logtime#747066876:\ # when they logged in
:t_unsucuid=ghalleck:\ # last unsuccessful login
:t_unsuctime#746710243:\ # when that login was
:t_prevuid=root:\ # who was next to last user
:t_prevtime#747066869:\ # when they logged in
:chkent:
-------------------------------------------------------------------
Administrative Roles
^^^^^^^^^^^^^^^^^^^^
Just as in an organization, an individual typically has a
primary role and several secondary roles, so too does a user on a
computer system. The different roles can be used to grant users
specific access to the parts of the system for which they will have
administrative responsability. The following insert identifies the
administrative roles recognized by C2:
--------------------C2 Administrative roles-----------------------
ROLE Subsystem AREA
Authorization
System Administrator su This permits the user to
use the 'su' command to
switch to other users.
Audit Administrator audit Manipulate, configure, and
get reports from the audit
system
Account Administrator auth Create and manipulate user
accounts
Operator backups Filesystem Backups
Cron Administrator cron Manipulate and configure
the cron subsystem.
Printer Administrator lp Configure and maintain the
Line Printer system.
------------------------------------------------------------------
Note that the apparent correlation between the administrative
roles and the protected subsystems is somewhat misleading. In fact,
the issue is more complicated than this suggests. The primary
benefit to assigning roles is to distribute the work, that is, to
allow people to perform certain tasks without needing to use the
root account, thereby keeping the accountability intact.
Administrative roles are logical ones. This means that nowhere
in the SCO system is a specific person identified as, say, the
audit administrator. Rather, this association is performed by
granting the associated privileges using the System Administration
Shell, or sysadmsh.
Protected subsystems often require that a user also have some
kernel authorization in order to perform various operations. Here
is a list of kernel authorizations and explanations of how they
work:
--------------------Kernel Authorizations--------------------------
Authorization Purpose
configaudit Allows the user to configure the audit system by
modifying the audit parameters. This is not assigned
to anyone other than the Audit Administrator.
writeaudit Gives the ability to write audit records to the
audit trail. (Normally, users wouldn't have this,
but a process would need this to write audit
records.) This is not assigned to anyone other than
the audit administrator.
execsuid This allows the user to run SUID programs. If the
user does not have this authority, SUID programs
will not execute for this user.
chmodsugid This gives the ability to set or remove the SUID,
SGID or sticky bits on files or directories using
the chmod program.
chown This authority determines if the user can change
the ownership of an object. This is enforced even if
the user is the owner of the object. Without this
authorization, only root can change the ownership.
suspendaudit This authority allows the process to suspend the
auditing of its activities. This is not assigned to
anyone other than the audit administrator.
-------------------------------------------------------------------
Now here is a list of the different protected subsystems,
their related subsystems and their related kernel authorisations.
-----------Kernel authorisations required by subsystem------------
Subsystem Kernel
audit configaudit, writeaudit, suspendaudit, execsuid
auth chown, execsuid
backup execsuid
lp chown
cron execsuid, chown, chmodsugid
sysadmin execsuid, chown, chmodsugid
-------------------------------------------------------------------
Password Control
^^^^^^^^^^^^^^^^
Password control is a critical aspect of security on any
system, and trusted systems focus intense attention on this area.
The enhanced password control mechanisms are modeled after the
United States Department of Defense Password Managment Guideline,
the Green Book. It enforces much more stingent controls for users
who can pick their own passwords.
The authorization administrator can specify which users can
choose their own passwords and which must have passwords generated
for them by the system. Once the system chooses the password, it
can be subjected to simple or extensive checking. Simple checking
looks for circular shifts of the login name. Extensive mode checks
a large system dictionary of words that cannot be used as
passwords.
Another feature of the trusted environment: user accounts can
be locked. For example, if the user attempts to login but
consistently types the wrong password, then that user's account
will be locked by the system. This is the system's attempt to
detect and control a possible break-in. The system administrator
may apply an administrative lock. In both cases, the user will get
a message upon attempting to login stating that the account is
locked and that the user should see the system administrator.
Reports can be generated about user login activity on the
system, as shown in the following:
--------------------Login activity report--------------------------
Login Activity Report
System sietch
Sun Jan 9 09:39:53 1994
User Name Successful login Unsuccessful login #Failed lck?
---- ---- ---------- ----- ------------ ----- ------- ----
adm NEVER NEVER None N
asg NEVER NEVER None Y
audit NEVER NEVER None N
auth NEVER NEVER None N
bin NEVER NEVER None N
cron NEVER NEVER None N
deamon NEVER NEVER None N
dos NEVER NEVER None N
ghalleck Fri Jan 7 10:32:36 Fri Jan 7 07:45:57 1 N
ingres NEVER NEVER None N
listen NEVER NEVER None N
lp NEVER NEVER None N
mmdf NEVER NEVER None N
network NEVER NEVER None N
nouser NEVER NEVER None N
nppp NEVER NEVER None N
nuucp NEVER NEVER None N
root Sat Jan 8 08:43:06 Mon Jan 3 07:30:41 2 N
sys NEVER NEVER None N
sysinfo NEVER NEVER None N
uucp NEVER NEVER None N
-------------------------------------------------------------------
The report lists each user in the password file, and reports
on the last successful and unsuccessful logins for that account. It
also notes the number of failed logins and if the account is
locked. If the locked field is set to "Y", then the user is unable
to login until the system administrator unlocks the account.
Terminal Management
^^^^^^^^^^^^^^^^^^^
Before moving on to Auditing, I want to discuss terminal
control. As I mentioned earlier, the TCB records system activity on
terminals. This is especially important as the terminal is the
gateway to the system. A trusted system allows a predifined number
of unsuccessful login attempts before disabling or locking
(depending on security level being enabled) the terminal device.
The default number for C2 systems is 5. This means that after five
unsuccessful login attempts, the terminal is locked and all later
login attemps will be advised that the terminal is disabled.
The following report, which is created from the system
administration shell, lists the current login states of the various
terminals on the system:
-------------------Terminal login activity report------------------
Login Activity Report
System sietch
Sun Jan 9 09:42:42 1994
Last Good Login Last Bad Login Last logout
Tty Name User Name Date User Name Date User Name Date #Failed
--- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- -------
console UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty01 root 09/01/94 root 08/01/94 root 09/01/94 1
tty02 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty03 root 09/01/94 UNKNOWN NEVER root 09/01/94 0
tty04 root 09/01/94 root 09/01/94 root 09/01/94 6
tty05 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty06 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty07 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty08 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty09 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty10 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty11 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
tty12 UNKNOWN NEVER UNKNOWN NEVER UNKNOWN NEVER 0
-------------------------------------------------------------------
This is for all terminals, including the network terminal
ports. This report lists the last good and bad logins, indicating
who and when, the last logout on that port, and the number of
failed attempts to login. Notice that tty04 has had six
unsuccessful login attempts.
System Auditing
^^^^^^^^^^^^^^^
The primary reason for implementing C2 security is to be able
to find out what everyone is doing with the available computing
resources. For sites concerned about confidential information, C2
provides a means of tracking access. Through auditing it is
possible to see who and what processes accessed any file in the
system.
The audit system consists of several components:
- The kernel audit mechanisms, which generates audit records based
upon the user process activity through kernel system calls
- The audit device drivers, /dev/audit and /dev/auditw
- The audit compaction deamon, which reads the audit records and
processes them into a collection of files
- The sysadmsh audit interface
- The data reduction and analysis facilities
The Kernel Audit Mechanisms
^^^^^^^^^^^^^^^^^^^^^^^^^^^
The kernel audit mechanisms tracks user activity through the
system calls that each process executes to perform work. For
example, the open(S) system call is classified as a "make object
available" event. It makes the object, and the data, available to
the program for reading and, if authorized, for update. However, if
a user who doesn't have the necessary permission attemps to open
the file for write or update, a Discretionary Access Control (DAC)
denial is recorded for that file. System calls can be selectively
enforced.
A few system calls, such as getpid(S), which returns the PID
of a process, are not considered a threat to security and so are
not audited.
The Audit Device Driver
^^^^^^^^^^^^^^^^^^^^^^^
The audit device drive is responsible for:
- accepting audit records from the kernel audit mechanism and from
trusted utilities.
- creating and writing the audit trail files
- providing audit trail data to the audit deamon for compaction
- providing for selective audit-record generation based upon event
types, user IDs, and group IDs.
The audit device interacts like any other, except that only
those processes with configaudit or writeaudit authorization can
successfully open the device. In this fashion, only those processes
that have been deemed trusted can open and interact with the audit
device. There is no need to worry about lost records because of
many processes writing to it. The driver takes care of merging all
of the records into the audit trail. However, only the audit deamon
can read from the device.
The audit driver maintains the audit trail as a sequence of
audit collection files. Each time you restart auditing, a new
session is started. And audit data file grows very quickly.
Interaction with this file is done through the system
administration shell.
The Audit Compaction Deamon
^^^^^^^^^^^^^^^^^^^^^^^^^^^
This deamon is a trusted program which runs in the background
whenever auditing is running. The purpose of this deamon is to read
records from the audit device and to provide a compaction and
logging mechanism. In this case, compaction means actually
compacting the information into a size which is suitable for
storage. It is not uncommon for a single user system to generate
over 200Kb of audit data per hour! The compaction deamon can reduce
the required space by 60%. This greatly saves on the amount of disk
space required to store the audit records.
The Audit Interface
^^^^^^^^^^^^^^^^^^^
The audit or system administrator interacts with the audit
system through the system administration shell, sysadmsh. This
allows for configuring the audit system parameters, maintaining the
subsystem authorizations, and reviewing the audit reports.
The Data Reduction and Analysis Facility
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This facility examines audit trails from previous or current
sessions to analyze and report on the activity within the session.
What Is Being Audited?
^^^^^^^^^^^^^^^^^^^^^^
The events available for audit, on both a system-wide basis
and a per-user basis are listed in the following:
---------------------List of audit events-------------------------
A. startup/shutdown
B. login/logoff
C. process create/delete
D. make object available
E. map object to subject
F. object modification
G. make object unavailable
H. object creation
I. object deletion
J. DAC changes
K. DAC denials
L. admin/operator actions
M. insufficient authorization
N. resource denial
O. IPC functions
P. process modifications
Q. audit subsystem events
R. database events
S. subsystem events
T. use of authorizations
-------------------------------------------------------------------
For each event, system administrators can selectively control
whether the event is audited or not by changing the System Audit
Event Mask. This mask is global to the entire system. The audited
event list can be done during auditing. For each user, the event
mask can also be adjusted. While the global event mask can only be
on or off for each event, the user audit mask can be set to:
- always audited
- never audited
- use the system default to define whether the event is audited
The user event mask overrides the global mask, so different
users can be have more or fewer events audited on a per-user basis.
Guidelines for Auditing
^^^^^^^^^^^^^^^^^^^^^^^
To be effective at auditing, some guidelines must be set for
the system that define what will be audited and when. The audit
system is extremely flexible and can be customized to allow for
tracking the desired events.
If a system operator uses preselection to determine which user
IDs or events he wants to audit, it will consume less disk place
(unless, of course, he decides to audit everything). However there
is a drawback: if the event he wants to look for hadn't already
been specified for audit, he won't find instances that occured
before he added it. For this reason, it is typical for system
operators to select all events for auditing, and to be selective
when generating the report.
Reports
^^^^^^^
The SCO C2 report generator can generate several predifined
reports, including:
- DAC denials
- Logins and logoffs
- Admin actions
- All objects
- Authorisations
- Denials
But the system administrator can create other reports to suit their
own needs.
The following is typical information available at the
beginning of every audit system report:
------------------------Common report data------------------------
***** Audit Data Reduction Program *****
Audit session number: 1
Collection system name: sietch
Collection file count: 49
Compaction file count: 1
Total audit records: 38445
Total uncompacted size: 2377854
Total compacted size: 887236
Data compression rate: 62.69
Collection start time: Tue Jan 4 09:35:52 1994
Collection end time: None
-------------------------------------------------------------------
- The audit session record number, which is incremented every time
auditing is started, usually on system boot.
- The collection system name, which is the name of the namelist
- The number of files that make up the collection set
- The number of files composing the compacted data
- The total audit records in the set
- The total uncompacted size in bytes
- The percent of data compression
- The start of data collection for the session
- The end of data collection for the session
- The information regarding what was included int he report
The following contains three sample records from the
Discretionary Access Control Denials report. These entries show a
successful open, file permission change, and a file ownership
change:
--------------------Sample Audit Record---------------------------
Process ID:2002 (*INC*) Data/Time: Tue Jan 4 09:39:00 1993
Luid: uucp Euid: uucp Ruid: uucp Egid: uucp Rgid: uucp
Supp groups: uucp
Event Type: Access denial
System call: Open Mode: Read
Oject: /tcb/files/subsys/root
Result: Failed-EACCESS (Access denial)
Security policy: discretionary
Process ID:2001 (*INC*) Data/Time: Tue Jan 4 09:41:13 1993
Luid: uucp Euid: uucp Ruid: uucp Egid: uucp Rgid: uucp
Supp groups: uucp
Event Type: Discretionary access change
System call: Chmod
Oject: /tmp/croutHFAa00234
Old Values for UID: 5 GID: 6 Mode: 100600
New Values for UID: 5 GID: 5 Mode: 100644
Result: Successful
Process ID:2086 (*INC*) Data/Time: Tue Jan 4 09:45:32 1993
Luid: uucp Euid: uucp Ruid: uucp Egid: uucp Rgid: uucp
Supp groups: uucp
Event Type: Discretionary access change
System call: Chmod
Oject: /usr/spool/uucp/LTMP.2086
Old Values for UID: 5 GID: 6 Mode: 100444
New Values for UID: 5 GID: 5 Mode: 100444
Result: Successful
-------------------------------------------------------------------
Aside from the reports identified above, it is also possible,
through the reports interface in the system administration shell,
for the system administrator to define his own parameters for a
report, and then generate it.
Caveats
^^^^^^^
There are a couple of caveats to running auditing on a system.
It does consume disk space, at approximately 200Kb per hour per
user! And to be truly C2 compliant, these records must be kept on
some accessible storage medium until the system is reinstalled.
Finally there is a performance hit, which is dependant of the CPU
power of the machine.
Conclusions
^^^^^^^^^^^
C2 isn't for everyone, and because some people may feel that
their every action is being watched (as it is), there may be some
reluctance to running C2 where it is not formally required (like
non-military computers). So don't expect to see a C2 compliant UNIX
systems around here any time soon, except on LLC of course!
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
______________________________
/ \
\ Datapac 3101 Hacking Guide /
/ by l0gRuS! \
\______________________________/
Introduction
~~~~~~~~~~~~
Bienvenue dans le monde merveilleux de DATAPAC, un monde plein
d'opportunits pour le hacker averti. L'intrt dans DATAPAC rside
surtout dans le fait que c'est un excellent point de dpart pour un
hacker dbutant. DATAPAC est simple et facile
comprendre, tant et
si bien que mme un WaReZ PuPpIe moyen devrait *PEUT-ETRE* pouvoir
s'y retrouver. DATAPAC est le rseau PSN (Packet Switching Network)
X.25 de Telecom Canada, un groupement de plusieurs compagnies de
tlphone au Canada, incluant Bell.
DATAPAC est un rseau bti dans le but de procurer des
services de transfert de donnes
haute-vitesse aux compagnies.
Comment entrer dans DATAPAC?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Le numro du port public (ouais, public, c'est lgal les mecs)
2400bps pour la rgion de Qubec est le 647-3181. Voici une liste
des Ports Publics pour le Canada entier. Cette liste a t ralise
par The Lost Avenger/UPi et je lui en donne tout le crdit.
- Datapac 3101 Public Dial Ports -
-----------------------------------------------------------------
Province 110 Bps Auto 300 Bps 1200 Bps Auto 2400 Bps Auto
City 0 - 110 0 - 1200 0 - 2400
Area Code Bps Bps Bps
-------------------------------------------------------------------------------
Alberta - 403
Airdrie 234-7740
Banff 762-5080 762-5458
Calgary 264-9340 290-0213 265-8292
Drayton Valley 542-3926
Edmonton 420-0185 423-4463 429-4368
Fort McMurray 791-2884 743-5207 790-9490
Fort 421-0221
Saskatchewan
Grande Centre 594-7383
Grande Prairie 539-0100 539-6434 538-2443
Leduc 421-0250
Lethbridge 329-8797 329-8755 327-2004 320-8822
Lloydminister 875-4769 875-6295
Medicine Hat 526-7427 526-6587 529-5521 528-2742
Peace River 624-1621 624-8082
Red Deer 343-7374 343-7200 342-2208 341-4074
St-Albert 421-0280
Sherwood Park 421-0268
Stony Plain 421-0236
-------------------------------------------------------------------------------
British Columbia - 604
Abbotsford 850-0041 850-0042
Campbell River 286-0703 286-0094
Cranbrook 489-4171 489-3588
Dawson Creek 782-9402 782-9177
Kamloops 374-6314 374-5941 374-9510 374-4580
Kelowna 860-0391 860-0331 860-9762 861-5218
Nanaimo 753-6491 754-8291
Nelson 393-3656
Port Alberni 723-1057
Powell River 485-9453
Prince George 564-1088 564-4060 562-8469 561-2152
Prince Rupert 624-9472 624-4951
Terrace 635-7359 635-7221 638-0238
Vancouver 689-8601 687-7144 662-7732
Vernon 54245 549-5285
Victoria 388-4360 388-9300 386-0900 380-7955
Whistler 932-6420
Williams Lake 398-6377 398-7227
-------------------------------------------------------------------------------
Manitoba - 204
Brandon 725-0961 725-0878 727-6609 726-1899
Dauphin 638-9244 638-9906
Flin Flon 687-8285 687-8241
Morden 822-6171 822-6181
Portage La
Prairie 239-1166 239-1688
Selkirk 785-8625 785-8771 482-4005
Steinbach 326-9826 326-1385
The Pas 623-7409
Thompson 778-6461 778-6451
Winnipeg 475-2740 943-4488 943-1912
-------------------------------------------------------------------------------
New Brunswick - 506
Bathurst 548-4461 548-4581 546-1306
Campbellton 759-8561 759-8571
Edmundston 739-6621 739-6611
Fredericton 455-4301 454-9462 454-4525 453-1918
Moncton 854-7078 854-7510 853-0551
Newcastle 622-4451 622-8471
Saint John 693-7399 642-2231 633-1689
Woodstock 328-9361 328-9351
-------------------------------------------------------------------------------
Newfoundland - 709
Burin/
Marystown 279-4188 279-4077
Carbonear/
Harbour Grace 596-1911 596-1931
Clarenville 466-3808
Corner Brook 634-1839 634-1469 634-9946
Gander 256-4130 256-2804
Goose Bay/
Happy Valley 896-2458 896-2491 896-9770
Grand Falls 489-4930 489-4020 489-1243
Goose Bay
Labrador 944-7781
St John's 726-4920 726-5501 739-6337
Stephenville 643-9682
-------------------------------------------------------------------------------
Northwest Territories - 403
Cambridge Bay 983-8870
Fort Simpson 695-8870
Fort Smith 872-8870
Hay River 874-8870
Inuvik 979-8870
Yellowknife 873-8870
-------------------------------------------------------------------------------
Nova Scotia - 902
Amherst 667-5035 667-5297
Bridgewater 543-6850 543-1360
Halifax 477-2000 477-8000 453-8100
Kentville 678-1030 678-2096
New Glasgow 755-6050 755-6150 755-4590
Sydney 539-1720 564-1400 564-1450 539-5912
Truro 662-3258 662-3773 893-0231
Yarmouth 742-2899
-------------------------------------------------------------------------------
Ontario - 416
Ajax-Pickering 428-0240
Aurora 841-1702
Brampton 791-8900 791-8950 796-3811
Clarkson 823-6000 823-6030
Cobourg 372-1222
Fort Erie 871-9270
Hamilton 523-6800 523-6900 523-6920
Milton 875-3075
Newmarket 836-1015 836-9022
Niagara Falls 357-2702 357-2770
Oshawa 579-8920 579-8950
St. Catharines 688-5620 688-5640 687-1104
Toronto 868-4000 868-4100 979-1619
Uxbridge 852-9791
Welland 788-1200 788-1230
Whitby 430-2944
-------------------------------------------------------------------------------
Ontario - 519
Brantford 758-5900 758-5910 758-5222
Chatham 351-8910 351-8920 351-8935
Galt 622-1714 622-1780
Guelph 763-3600 763-3630 763-3621
Kitchener/ 741-4010 741-4030 741-4080
Waterloo
London 432-2500 439-1100 432-2550
Orangeville Owen Sound 371-590
Sarnia 339-9100 339-9111 339-9140
Simcoe 428-3200
Stratford 273-5052 273-5751
St. Thomas 633-9900
Tillsonburg 688-3322
Windsor 973-1000 973-1020 973-1096
Woodstock 421-7100 421-7200
-------------------------------------------------------------------------------
Ontario - 613
Belleville 969-1500 969-1520
Brockville 345-4670 345-4942 345-1260
Chalk River 589-2175 589-2117
Cornwall 936-0030 936-0040
Deep River 584-3308
Kingston 541-3000 541-3015 546-3220
Ottawa 567-9100 567-9300 567-4431
Pembroke 735-2391
Perth 267-7570
Renfrew 432-8172
Smiths Falls 283-8671
Trenton 969-1400 969-1420
-------------------------------------------------------------------------------
Ontario - 705
Alliston 435-2510
Barrie 721-2400 721-2450 721-2414
Bracebridge 645-1333
Collingwood 444-2985
Huntsville 789-1781
Lindsay 324-8083
Midland 526-9776
North Bay 495-4449 495-4459
Orillia 327-3000 327-3006
Peterborough 749-6000 749-6010
Sault Ste 945-0600 945-0620
Marie
Sudbury 673-9654 671-4600 671-4630
Timmins 268-9505 268-9661
-------------------------------------------------------------------------------
Ontario - 807
Thunder Bay 623-9644 623-3270
-------------------------------------------------------------------------------
Prince Edward Island - 902
Charlottetown 566-5002 566-5934 566-4797
Summerside 336-1721
-------------------------------------------------------------------------------
Quebec - 418
Alma 668-6178
Chicoutmi/
Jonqui 545-2272 545-2290 543-0186
Baie-Comeau 296-9113 296-8611
Gaspe 368-1377 368-2352
Hauterive 589-8899 589-2911
La Malbaie 665-7501
Montmagny 248-1383
New Carlisle 752-6651 752-6621
Quebec 647-4690 647-2691 647-3181
Rimouski 722-4694 722-4696 725-4700
Riviere du 867-4024
Loup
Roberval 275-7246
Sept-Iles 962-8402 962-7634
St George 227-4692 227-4690
Beauce
St-Felicien 679-9620
Thetford Mines 338-0101
Trois Pistoles 851-2166
----------------------------------------------------------------------------Cha
Granby 375-1240 375-4184
Joliette 759-8340 759-8381
Lachute 562-0251
Montreal 878-0450 878-0640 875-9470
Sorel 743-3381 743-0101
St Jean Sur 346-8779 347-6211
Richilieu
St Jerome 432-3453 432-3165
St Sauveur 227-4696
Ste Hyacinthe 774-9270 774-9991
Valleyfield 377-1260 377-1680
-------------------------------------------------------------------------------
Quebec - 819
Amos 732-7683
Buckingham 986-5897
Drummondville 477-7151 477-7153
L'Annonciation 275-7902
Louiseville 228-9451
Mont Laurier 623-1401
Rouyn/Noranda 797-1166 797-0062
Shawinigan 537-9301
Sherbrooke 566-2770 566-2990 564-8714
Ste Agathe 326-1805
Trois Rivieres 373-2600 373-2603 373-1037
Val D'Or 825-3900 825-3904
Victoriaville 752-3295
-------------------------------------------------------------------------------
Saskatchewan - 306
Estevan 634-8946 634-3551
Melfort 752-1950 752-5544
Moose Jaw 694-0474 693-7611 694-1828 694-6422
North
Battleford 445-1925 446-2694
Prince Albert 922-4233 922-4234 763-0106
Regina 565-0111 565-0181 55-7758 66
Swift Current 778-3901 778-3921
Weyburn 842-8985 842-1260
Yorkton 782-5601 783-4663
-------------------------------------------------------------------------------
Yukon - 403
Whitehorse 668-3282
-------------------------------------------------------------------------------
Bon, allez dans votre programme de communication, et appellez
le port public le plus prs de chez-vous. Lorsque vous tes
connects, tapez un point (.) suivi d'enter. DATAPAC devrait vous
rpondre comme ceci:
DATAPAC: XXXX XXXX
Le mask XXXX XXXX est le numro du port public ou vous vous
tes connects. Le port public de Qubec a le numro 4820 0093.
Tapez ensuite SET 2:1 suivi d'enter. Maintenant vous devriez voir
ce que vous crivez.
Les NUAs
~~~~~~~~
Network User Address. DATAPAC, simplifions au coton, c'est
comme un autre systme de tlphone, qui fonctionne uniquement
data, et qui est constitu de NUA plutt que de numros de
tlphone. Le NUA est donc une addresse qui vous guide
travers
DATAPAC jusqu'
un ordinateur remote.
Ds que vous tes connects sur DATAPAC vous devriez essayer
de contacter le DIS (Datapac Information Center). Son addresse est
le 92100086, que vous entrez aprs le (. <cr>) ou le (SET 2:1 <cr>)
(Toutes vos commandes seront interprtes sans le SET 2:1, mais
c'est quand mme plaisant de voir ce qu'on ecrit). De l
, vous avez
accs
une foule d'informations concernant l'utilisation du rseau
et ses tarifs (vous verrez o on paye plus tard. Jusqu'ici tout est
gratos). Le DIS devrait pouvoir vous tre d'un grand secours en ce
qui concerne votre apprentissage du rseau DATAPAC.
Certains NUAs utilisent le pattern
8 chiffres (ex. 4820
0093), les NUA hors-Canada utilisent le pattern 1+DNIC+NUA (DNIC=
Datapac Network Identifier Codes). Voici, toujours de TLA/UPi, la
liste des DNIC pour plusieurs pays:
- Datapac Network Identifier Codes (DNIC) -
Country Network's Name DNIX
------- -------------- ----
Alaska Alascom
Argentina Arpac
Arpac 7222
Austria Datex-P 2322
Datex-P Ttx 2323
Ra 2329
Australia Austpac 5052
Otc Data Access 5053
Austpac 5054
Bahamas Batelco
Bahrain Bahnet
Barbados Idas 3423
Belgium Dcs 2062
Dcs 2068
Dcs 2069
Bermuda Bermudanet 3503
Brazil Interdata 7240
Renpac 7241
Renpac 7248
Renpac 7249
Cameroon Campac 6242
Canada Datapac 3020
Globedat 3025
Cncp 3028
Cayman islands Idas 3463
Chad Chad 6222
Chile Entel 7302
Chile-Pac 7303
Vtrnet 7305
Entel 7300
China Ptelcom 4600
Colombia Coldapaq 7322
Costa rica Racsapac 7120
Racsapac 7122
Racsapac 7128
Racsapac 7129
Cyprus Cytapac 2802
Cytapac 2807
Cytapac 2808
Cytapac 2809
Denmark Datapak 2382
Datapak 2383
Djibouti Stipac 6382
Dominican republic Udts-I 3701
Egypt Arento 6020
Finland Datapak 2441
Datapak 2442
Digipak 2443
France Transpac 2080
Nti 2081
Transpac
2089
French antillies Transpac 2080
French guiana Transpac 2080
French polynesia Tompac 5470
Gabon Gabonpac 6282
Germany (west) Datex-P 2624
Datex-C 2627
Greece Helpak 2022
Hellaspac 2023
Greenland Kanupax 2901
Guam Isds-Rca 5350
Pacnet 5351
Guatemala Guatel 7040
Guatel 7043
Honduras Hondutel 7080
Hondutel 7082
Hondutel 7089
Hong Kong Intelpak 4542
Iatapak 4545
Inet Hong Kong 4546
Hungary Datex-P 2160
Datex-P 2161
Iceland Icepak 2740
India Gpss 4042
Indonesia Skdp 5101
Ireland Eirpac 2721
Eirpac 2724
Israel Isranet 4251
Italy Itapac 2222
Itapac 2227
Ivory coast Sytranpac 6122
Jamaica Jamintel 3380
Japan Globalnet 4400
Ddx-Ntt 4401
Nisnet 4406
Kdd Venus-P 4408
Kdd Venus-C 4409
Nici 4410
Korea (south) Dacom-Net 4501
Dns 4503
Kuwait Bahnet 4263
Lebanon Sodetel 4155
Luxembourg Luxpac 2704
Luxpac 2709
Macau Macaupac 4550
Malaysia Maypac 5021
Mauritius Mauridata 6170
Mexico Telepac 3340
Morocco Morocco 6040
Netherlands Datanet-1 2040
Datanet-1 2041
Dabas 2044
Datanet-1 2049
Netherland Antillies Netherland Antillies 3620
North Marianas Pacnet 5351
New Caledonia Tompac 5460
New Zealand Pacnet 5301
Niger Nigerpac 6142
Norway Datapac Ttx 2421
Datapak 2422
Datapac 2423
Panama Intelpaq 7141
Intelpaq 7142
Peru Dicotel 7160
Philippines Capwire 5150
Capwire 5151
Pgc 5152
Gmcr 5154
Etpi 5156
Portugal Telepac 2680
Sabd 2682
Puerto Rico Udts-I 3300
Udts-I 3301
Qatar Dohpac 4271
Reunion Transpac 2080
Rwanda Rwanda 6352
San Marino X-net 2922
Saudi Arabia Alwaseed 4201
Senegal Senpac 6081
Singapore Telepac 5252
Telepac 5258
South Africa Saponet 6550
Saponet 6551
Saponet 6559
Spain Tida 2141
Iberpac 2145
Sweden Datapak Ttx 2401
Datapak-1 2402
Datapak-2 2403
Switzerland Telepac 2284
Telepac 2289
Taiwan Pacnet 4872
Pacnet 4873
Udas 4877
Thailand Thaipac 5200
Idar 5201
Togo Togopac 6152
Tortola Idas 3483
Trinidad Datanett 3745
Textet 3740
Tunisia Red25 6050
Turkey Turpac 2862
Turpac 2863
Turks & Caicos Idas 3763
United Arab Emirates Emdan 4241
Emdan 4243
Tedas 4310
Uruguay Urupac 7482
Urupac 7489
USSR Iasnet 2502
US Itt-Udts 3103
Tymnet 3106
Telenet 3110
US Virgin Islands Udts-I 3320
United Kingdom Ipss-Bti 2341
Pss-Bt 2342
Mercury 2350
Mercury 2351
Hull 2352
Yugoslavia Yugopac 2201
Zimbabwe Zimnet 6482
Comment trouver des NUAs valides?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
En scannant. De bons programmes existent
ce sujet, dont le
DAS (Datapac Address Scanner), un produit qubcois qui porterait
srement la mention Qualit Quebec si cette organisation laissait
une place
des dbrouillards comme nous. A ce que je sache,
scanner des NUAs sur DATAPAC n'est pas plus illgal que scanner des
numros 1-800. Il existe aussi une foule de programmes un peu plus
"bas-de-gamme", que vous trouverez sur tout bon babillard
Hack/Phreak de la rgion. La plupart des NUAs d'intrt ont huit
chiffres, et une majorit d'entre eux dans le pattern XXX00XXX.
Voici une liste des rponses que DATAPAC pourrait vous retourner
aprs l'inscription d'un NUA:
CALL CONNECTED TO XXXX XXXX
Dans la vie, certaines choses s'expliquent d'elle-mmes.
CALL CLEARED -- ADDRESS NOT IN SERVICE
Le NUA que vous avez essay n'existe pas.
CALL CLEARED -- DESTINATION BUSY
Le/Les points de connection du systme sont tous occups,
r-essayez plus tard.
CALL CLEARED -- TEMPORARY NETWORK PROBLEM
Plutt clair a aussi, essayez de nouveau plus tard.
CALL CLEARED -- ACCESS BARRED
Le systme que vous souhaitez rejoindre n'accepte pas votre
connection car vous (votre NUI, souvent) ne faites pas partie de
son User Group. C'est un systeme priv, finalement.
CALL CLEARED -- COLLECT CALL REFUSED
Le systme que vous dsirez appeler n'accepte pas de payer vos
frais d'appel (sucks!). Pour avoir accs
ce systme, il faut
avoir un NUI valide (voir plus loin pour les NUIs).
D'autres messages plus weird pourraient vous sauter au visage, mais
ce point vous devriez dj
avoir compris que Joe Average
80 de
Q.I. peut tout piger a sans problme.
Et les NUIs?
~~~~~~~~~~~~
Network User Identifier. Le NUI est le numro qui vous
identifie vis-
-vis le systme Datapac. Tant que vous n'avez pas
entr de NUI, vous tes anonyme aux yeux de DATAPAC. Les NUIs ont
entre 6 et 8 chiffres de long, et ont tous des passwords
(videmment). La principale fonction d'un NUI pour Telecom Canada
est de savoir
qui envoyer la facture pour les services qu'ils ont
utilis. ATTENTION! Il est _TRES_ imprudent d'essayer de scanner
pour des NUI, je ne recommande ce genre de pratique
personne. Le
possesseur d'un NUI a donc plusieurs avantages sur celui qui n'en
a pas:
1- Le systme remote ne vous renvoie plus
cause qu'il n'accepte
plus les frais; les frais sont chargs
votre NUI (c'est bien le
vtre, non? ;).
2- Si votre NUI fait partie de certain User Groups, cela peut vous
donner accs
certains systmes privs. Normalement vous devez
contacter l'administrateur du systme en question pour faire partie
de son User Group.
3- Votre NUI peut vous donner accs
plusieurs rseaux amricains
et trangers via DATAPAC. Telenet, Tymnet, Autonet, Acunet et
Dasnet en sont quelques exemples.
4- Vous avez (oh-oh) accs
des outdials data dans plusieurs
villes du Canada, ce qui en soit est plus qu'intressant.
Pour vous logger sous votre NUI, inscrivez au prompt de
DATAPAC:
NUI Votre_NUI <cr>
PASSWORD: Votre_Password
Si tout est conforme, DATAPAC vous rpond avec le message
suivant:
DATAPAC: network user identifier Votre_NUI active.
Si votre password n'est pas bon:
DATAPAC: network user identifier error.
Si en cours d'appel vous voulez mettre votre NUI
off et
redevenir anonyme pour DATAPAC, entrez la commande suivante:
NUI off <cr>
DATAPAC: network user identifier not active.
Bien sr, nous savons tous que vous dsirez dj
acqurir
votre propre NUI, car utiliser celui d'une autre personne est
ILLEGAL!!!!!!!<g>. Dans ce cas, contactez le DIS, il se fera un
plaisir de vous informer sur les derniers tarifs en matire de
crossage. Communication should be free, someone?
Sur quoi je tombe en scannant des NUAs, papa?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Oh, sur bien des choses, fiston. DATAPAC est un paradis pour
l'enthousiaste des tlcommunications (lire hacker) que tu es. En
voici quelques-unes:
-) HP-2000 (-
Les Systmes HP (pas Hack/Phreak! Hewlett-Packard!) runnent le
systme MPS. Ce systeme est reconnu au prompt tout cute que voici:
:
Pour logger, il faut suivre la procdure suivante:
:hello (job id),(username)(user password).(account name),(group
name)(group password)
Pour plus d'information, lisez le texte de Kermit et Crime
Lord paru sur le sujet il y a de cela quelques NPC.
-) UNIX et les clones (-
Un des systmes le plus largement utilis (sinon le plus
utilis). Vous rpond habituellement avec un petit greeting et un
prompt comme celui-l
:
login:
Tout en minuscules, n'oubliez pas a pour l'user ID.
-) PrimOS (-
Assez rpandu, ce systme vous reoit avec un des messages
suivants:
Primenet 22.1.1.R11 MDTOR
ou
Primecon 18.23.06
Plusieurs variantes sont aussi possibles, mais vous avez not
le 'Prime'. Certains systmes vous reoivent aussi avec le prompt
ER! qui peut aussi apparatre si vous appuyez sur enter. Pour
logger, inscrivez:
login <Votre_ID>
Voici quelques accounts/passwords
essayer:
Admin Admin
Guest Guest
Prime Prime Or Primos
Primenet Primenet
System Prime or Systems
Test Test
-) TOPS (-
Pas trs rpandu comme systme. Le prompt est celui-ci:
.
Tapez 'systat' pour avoir une liste des accounts online. Vous
devriez tre capables de tenter un login aprs a.
-) VAX/VMS (-
The Subhuman Punisher a dj
parl de celui-l
. Le systme VAX
est une cration de Digital Equipement Corporation et runne l'OS
VMS (Virtual Memory System). Voici le prompt:
Username:
Password:
Attention! VMS informe l'usager de toute tentative d'accs
manqu
son account alors faites gaffe, c'est plutt safe de
l'extrieur. Voici quelques defaults accounts/passwords:
Decnet Decnet
Guest Guest
Demo Demo
Operator Operator
Default Dec
Enfin, nous pourrions nous terniser ternellement sur le
sujet, lisez des t-philes parues sur les diffrents OS, ils sont
tous accessibles de DATAPAC.
Conclusion
~~~~~~~~~~
Et voil
, les portes de l'univers DATAPAC vous sont maintenant
ouvertes, il ne vous reste plus qu'
y pntrer. J'espre que vous
aurez bien du fun sur ce merveilleux rseau (le paradis, je vous
jure) et revenez-nous (hopefuly!) le mois prochain pour un petit
quelque chose d'autre de mon cru. Alors,
la prochaine!
l0gRuS!
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
DEF CON ][ Convention Initial Announcement
par Dark Tangent
What's this? This is the initial announcement and invitation
to DEF CON ][, a convention for the "underground" elements of the
computer culture. We try to target the (Fill in your favorite word
here): Hackers, Phreaks, Hammies, Virii coders, programmers,
crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks,
Futurists, Artists, Etc..
WHO: You know who you are, you shady characters.
WHAT: A convention for you to meet, party, and listen to some
speeches that you would normally never hear.
WHEN: July 22, 23, 24 - 1994
WHERE: Las Vegas, Nevada @ The Sahara Hotel
So you heard about DEF CON I, and want to hit part ][? You heard
about the parties, the info discussed, the bizarre atmosphere of
Las Vegas and want to check it out in person? Load up your laptop
muffy, we're heading to Vegas!
Here is what Three out of Three people said about last years
convention:
"DEF CON I, last week in Las Vegas, was both the strangest and the
best computer event I have attended in years."
-- Robert X. Cringely, Info World
"Toto, I don't think we're at COMDEX anymore."
-- Coderipper, Gray Areas
"Soon we were at the hotel going through the spoils: fax sheets,
catalogs, bits of torn paper, a few McDonald's Dino-Meals and lots
of coffee grounds. The documents disappeared in seconds."
-- Gillian Newson, New Media Magazine
DESCRIPTION:
Last year we held DEF CON I, which went over great, and this year
we are planning on being bigger and better. We have expanded the
number of speakers to included midnight tech talks and additional
speaking on Sunday. We attempt to bring the underground into
contact with "legitimate" speakers. Sure it's great to meet and
party with fellow hackers, but besides that we try to provide
information and speakers in a forum that can't be found at other
conferences.
While there is an initial concern that this is just another excuse
for the evil hackers to party and wreak havok, it's just not the
case. People come to DEF CON for information and for making
contacts. We strive to distinguish this convention from others in
that respect.
WHAT'S NEW THIS YEAR:
This year will be much larger and more organized than last year. We
have a much larger meeting area, and have better name recognition.
Because of this we will have more speakers on broader topics.
Expect speaking to run Saturday and Sunday, ending around 5 p.m.
Some of the new things expected include:
> An INet connection with sixteen ports will be there, _BUT_ will
only provide serial connections because terminals are too hard to
ship. So bring a laptop with communications software if you want to
connect to the network. Thanks to cyberlink communications for the
connection.
> There will be door prizes, and someone has already donated a Cell
Phone to give away.
> Dr. Ludwig will present his virii creation awards on Sunday.
> A bigger and better "Spot The Fed" contest, which means more
shirts to give away.
> More room, we should have tables set up for information
distribution. If you have anything you want distributed, feel free
to leave it on the designated tables. Yes, this year there will be
a true 24 hour convention space.
> A 24 hour movie / video suite where we will be playing all type
of stuff. VHS Format. Mail me with suggested titles to show, or
bring your own.
> Midnight Tech Talks on Friday and Saturday night to cover the
more technical topics and leave the days free for more general
discussions.
WHO IS SPEAKING:
I was going to run a list of the current speakers we have lined up,
but at this point things are still fluid. In a few months when the
speakers list is more solidified I will release it. I'll name the
poeple who have committed to attending in the next announcement.
Trust me.
WHERE THIS THING IS:
It's in Las Vegas, the town that never sleeps. Really. There are no
clocks anywhere in an attempt to lull you into believing the day
never ends. Talk about virtual reality, this place fits the bill
with no clunky hardware. If you have a buzz you may never know the
difference. It will be at the Sahara Hotel. Intel as follows:
The Sahara Hotel: 1.800.634.6078
Room Rates: Single/Double $55, Tripple $65, Suite $120
(Usually $200) + 8% tax
Transportation: Shuttles from the airport for cheap
NOTE: Please make it clear you are registering for the DEF CON
][ convention to get the room rates. Our convention space price is
based on how many people register. Register under a false name if
it makes you feel better, 'cuz the more that register the better
for my pocket book. No one under 21 can rent a room by themselves,
so get your buddy who is 21 to rent for you and crash out. Don't
let the hotel people get their hands on your baggage, or there is
a mandatory $3 group baggage fee. Vegas has killer unions.
OTHER STUFF:
If you check out Wired like 1.5 or 1.6 there was a blurb about the
new Luxor hotel with it's total VR experience. It looks like the
first true VR ride/experience for a group of people, it seats
eight. Intense. A friend was just over there, and tested out the
various rides. Not to be outdone the new MGM grand (Largest hotel
in the world) has a ride called the R360 which is basically a
gyroscope they trap you into with goggles. We should get a group
together and make a mass trek over there and check it out.
If enough people are interested I'll call and see if we can book a
time to reserve space for a bunch of us. Both are within walking
distance.
I'll whip up a list of stuff that's cool to check out in town there
so if for some reason you leave the awesome conference you can take
in some unreal sites in the city of true capitalism.
MEDIA:
Some of the places you can look for information from last year
include:
New Media Magazine, September 1993
InfoWorld, 7-12-1993 and also 7-19-1993 by Robert X. Cringely
Gray Areas Magazine, Vol 2, #3 (Fall 1993)
Unix World, ???
Phrack #44
COST:
Cost is whatever you pay for a hotel room split however many ways,
plus $15 if you preregister, or $30 at the door. This gets you a
nifty 24 bit color name tag (We're gonna make it niftier this year)
and your foot in the door. There are fast food places all over, and
there is alcohol all over the place but the trick is to get it
during a happy hour for maximum cheapness.
UPDATE:
I wanted to thank whoever sent in the anonymous fax to Wired that
was printed in issue 1.5 Cool deal!
Dan Farmer posted his paper on unix security on the net, and I've
put a copy of it on the ftp site if you want to grab it and take a
look. It's called "zen.txt"
I've received more scanned images from last year, and they will be
put on the ftp site.
FOR MORE INFORMATION:
For InterNet users, there is a DEF CON anonymous ftp site at
cyberspace.com in /pub/defcon. There are digitized pictures,
digitized speeches and text files with the latest up to date info
available.
For email users, you can email dtangent@defcon.org for more
information.
For non-net people call:
The Alliance BBS [612] 251.8596 16.8k speed Dual Standard Open
Access. 24 Hours. Users get full access on 1st call. iirg disto
site, Syncro Net, text files galore. Sysop: Metal Head (The huge
guy from last year) A DEF CON directory is maintained here
For Snail Mail send to: DEF CON, 2709 E. Madison Street Suite #102,
Seattle, WA, 98112
For Voice Mail and maybe a human (me), 0-700-TANGENT on an AT&T
phone.
A DEF CON Mailing list is maintained, and the latest announcements
are mailed automatically to you. If you wish to be added to the
list just send email to dtangent@defcon.org. We also maintain a
chat mailing list where people can talk to one another and plan
rides, talk, whatever. If you request to be on this list your email
address will be shown to everyone, just so you are aware.
[Note: We need some good list-serv software for BSD, if anyone
knows where to find some, please e-mail me.]
STUFF TO SPEND YOUR MONEY ON:
> Tapes of last years speakers (four 90 minute tapes) are available
for $20
> DEF CON I tee-shirts (white, large only) with large color logo on
the front, and on the back the Fourth Amendment, past and present.
This is shirt v 1.1 with no type-o's. These are $20, and
sweatshirts are $25.
> Pre-Register for next year in advance for $15 and save half.
> Make all checks/money orders/etc. out to DEF CON, and mail to the
address above.
If you have any confidential info to send, use this PGP key to
encrypt:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3
mQCrAiyI6OcAAAEE8Mh1YApQOOfCZ8YGQ9BxrRNMbK8rP8xpFCm4W7S6Nqu4Uhpo
dLfIfb/kEWDyLreM6ers4eEP6odZALTRvFdsoBGeAx0LUrbFhImxqtRsejMufWNf
uZ9PtGD1yEtxwqh4CxxC8glNA9AFXBpjgAZ7eFvtOREYjYO6TH9sOdZSa8ahW7YQ
hXatVxhlQqve99fY2J83D5z35rGddDV5azd9AAUTtCZUaGUgRGFyayBUYW5nZW50
IDxkdGFuZ2VudEBkZWZjb24ub3JnPg==
=ko7s
-----END PGP PUBLIC KEY BLOCK-----
The next announcement will have more updated information. I'll hold
off on naming the speakers unless they commit to attending. It
looks to be a great line up.
- The Dark Tangent
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
THE HACK PHREAK FAQ
par The Underground
Intro par Coaxial Karma
Ma maigre contribution ce mois-ci se rsume
quelques bonnes
adresses sur Internet, pour celui qui a soif de connaissances.
ftp.eff.org
phred.pc.cc.cmu.edu
quartz.rutgers.edu
uglymouse.css.itd.umich.edu
grind.isca.uiowa.edu
zero.cypher.com
cert.sei.cmu.edu
etext.archive.umich.edu
Jetez un coup d'oeil aux gophers suivants:
gopher.eff.org 5070
gopher.wired.com
J'ai aussi trouv un BBs o on peut telnetter, UIowa bbs. L'Adresse
est bbs.isca.uiowa.edu. D'ailleurs, les posts qui suivent ont t
tirs de ce babillard. Nous n'avons pas eu le temps de vrifier
toutes les assertions qu'ils contiennent. C'est le genre de FAQ
indigeste qu'on trouve ici et l
...
----------------------
Now a few things that get frequently asked:
WHAT IS A RED BOX AND HOW DO I MAKE ONE?
First note: a redbox is merely a device which plays the tone a
payphone makes when you insert money. You just play it through the
mike on the handset. You would think that the Phone Co. would mute
the handset until you put a quarter in, and perhaps they are
starting to build phones like that, but I have yet to see one.
What you need:
- Radio Shack 33 memory Pocket Tone Dialer
- 6.4- 6.5536 megahertz microprocessor crystal (also available at
Radio Shack, if they don't have them in stock they will order one
for you.)
- A solder gun.
- Someone who can point out the microprocessor crystal in the Tone
Dialer.
Instructions:
1) Open up the back of the tone dialer. Use a screwdriver.
2) Locate microprocessor crystal. It should be toward the right
side. It will be smaller than the 6.4mhz one you bought, but
othrwise vaguely similar. It is basically capsel-shaped, with two
electrodes coming out of the bottom which are soldered onto a
circuit board.
3) De-solder, and de-attach, crystal. Heat the solder that the
crystal is seated in; remove crystal.
4) Attach 6.4mhz crystal. It is easier just to use the solder which
is already there from the old crystal, that way there is less
chance of you dropping hot solder somewhere it shouldn't be and
lose everything. Heat first one drop of solder with the solder gun,
and seat one electrode of the 6.4mhz crystal in it, then do the
same with the other. This is the easiest part to mess up, be
careful that both drops of solder don't run together.
5) Put cover back on. You are done.
How to use: Five presses of the "*" key will make the quarter
sound. I think fewer presses make nickel/dime sounds, but I can't
remember specifically. Here in Michigan, you can simply hold it up
to the handset and press memory recall button 1 (where you have
conveniantly recorded five *'s. Read the tone dialer directions on
how to do this.) and get a quarter credit, _IF_ you are calling LD.
Keep making the tone to get additional credits. There is a maximum
number of credits you can have at once.
Here in 313, to make a local call, this, for some reason, does not
work. You need to first put in a real coin, then you can use the
redbox for additional credits. There is a way around this, however:
Call the operator, and ask her to dial your number for you. She
should do this without asking why, it is a regular service. If you
need an excuse, say the "4" key isn't working, or something. She
will ask you to insert your money. At this point use the redbox. If
all goes well, she dials your number and you're in business. If she
says "Will you do that one more time," or "Who is this," or any
variations, hang up and walk away.
-taken from a forgetten poster in the underground>
HOW DO I MAKE FAKE MAIL?
login in to port 25 of any internet server (eg oberlin.edu 25)
type helo
type mail from:(name of person)
type rcpt to:(person who gets mail)
the mail server should ok each time after each name. If it does not
type vrfy and then the name of the person, retype the command, it
should say ok now.
type data
enter you letter
to send letter type a "." on an empty line.
then type quit
This is tracable by any sysadmin... don't harrass people this way.
If the person receiving the mail uses a shell like elm he/she will
not see the telltale fake message warning "Apparently-To:(name)".
Even if they did, most people wouldn't know what it means anyway.
-taken from a post by Beelzebub in the Underground>
WHAT DOES SALTING VENDING MACHINES DO?
When you take concentrated salt water (a high concentration of
salt) and squirt it into the change slot (preferably where the
dollar bills come in, though some say it doesn't matter), the salt
will short circuit the machine and out will pour change and
hopefully sodas.
HOW DO I GET A HOLD OF 2600?
2600 is a technical journal put out by hackers and is available by:
mail:
2600
PO Box 752
Middle Island, NY 11953
PH:516-751-2600
or by email:
2600@well.sf.ca.us
WHERE IS A GOOD PLACE TO FIND INFORMATION ON EXPLOSIVES AND OTHER
OTHER TOPICS RELATING TO THE UNDERGROUND?
Loompanics is one of the major distributors of material relating to
the underground including explosives. You can get the catalogue by
mailing:
Loompanics unlim
p.o. box 1197
port townsend, wash 98368
HOW TO GET FREE MOVIES
1)EXAMINE THE BACK OF YOUR TV. SET. FIND THE TV.ANTENNA TERMINALS
(THESE ARE THE ANTENNA TERMINALS THAT THE CABLE SERVICE IS HOOKED
UP TO). GET A PIECE OF ANTENNA WIRE (ABOUT 3 FEET LONG). STRIP ONE
END OF THE WIRE AND ATTACH IT TO THE VHF TERMINALS ALONG WITH THE
CABLE. TUNE IN TO ONE OF THE MOVIE SERVICES AND ADJUST THE FINE
TUNER UNTIL YOU GET THE CLEANEST PICTURE. GUT OFF ABOUT 1/4 INCH OF
THE ANTENNA WIRE AND ADJUST THE FINE TUNER. CONTINUE TO DO THIS
UNTIL YOU GET A NEARLY PERFECT PICTURE (YOU SHOULD NOT HAVE TO CUT
OFF MORE THAN 6 INCHES OF THE ANTENNA WIRE). GET A PIECE OF
ALUMINUM FOIL AND WRAP IT AROUND THE ANTENNA WIRE SLIDE IT UP AND
DOWN UNTIL YOU HAVE A PERFECT PICTURE. THIS IS A SIMPLE YET
EFFECTIVE WAY TO GET MOVIES FOR FREE. MORE IN DEPTH INFORMATION ON
DESCRAMBLERS AND CONVERTERS MAY BE OBTAINED BY WRITING TO CABLE
FACTS, BOX 711-R, PATASKALA,OH. 43062. THEY HAVE AN EXCELLENT
PUBLICATION AVAILABLE FOR $8.95.
The Underground>
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
FAQ 1.0 officiel sur LLC par Murdock
------------------------------------------
Archive-name: llcfaq10.txt
Last-modified: 13 janvier 1994
Version: 1.0 official release
FAQ officiel sur LLC
====================
(c) Copyright 1993 Murdock. Not for commercial use except by
permission from author, otherwise may be freely copied. Not to
be altered. Please credit if quoted.
Sommaire
========
Ce FAQ regroupe de l'information concernant LLC. Il ne s'agit pas
d'une version dfinitive car le projet est en constante volution.
La dernire version de llcfaq sera toujours disponible sur Sietch
BBS.
Le lecteur de ce FAQ est encourag
le distribuer gratuitement.
Le dbut des questions porte l'en-tte <#.#> ou #.# est le numro
de la question.
<0.0> : Qu'est-ce que c'est un FAQ ?
<0.1> : A qui s'adresse ce FAQ ?
<1.0> : Qu'est-ce que c'est LLC ?
<1.1> : Hein ? On m'avait dit que c'tait une coop ?
<2.0> : Qu'est-ce que c'est Internet ?
<2.1> : Qu'est-ce que l'on retrouve sur Internet ?
<3.0> : Qu'est-ce que c'est Usenet ?
<3.1> : Qu'est-ce que l'on retrouve sur Usenet ?
<4.0> : Qu'est-ce que LLC rendra disponible
ses usagers ?
<4.1> : Quel sera l'quipement de LLC ?
<4.2> : Comment fonctionnera LLC ?
<4.3> : LLC aura une section FTP 'made in Quebec' ?
<4.4> : Le site aura-t-il son propre muds ?
<5.0> : Quels newsgroups seront disponibles ?
<5.1> : De quoi aura l'air mon adresse sur le systme ?
<5.2> : Le FTP est-il limit ?
<6.0> : Quand et o ouvrira LLC ?
<6.1> : Wow ! Je veux embarquer ! Ca va me coter combien tout
cela ?
<6.2> : Qui gre LLC et comment les contacter...
<6.3> : A quoi m'attendre avec LLC pour bientt ?
<7.0> : On m'a dit que LLC tait une gang de hackers, pirates,
[autres noms dans le mme genre] ?
<7.1> : LLC servira-t-elle
des activits illgales ?
<7.2> : Mon courrier priv sera-t-il 'priv' ?
<7.3> : Qui est responsable de mon accs ?
<8.0> : Comment contacter l'auteur de ce FAQ...
<8.1> : Je veux plus d'info sur Internet, Usenet...
<8.3> : Je veux plus d'info sur LLC...
<9.0> : Remerciements et sources d'infos.
------------------------------------------------------------------
<0.0> Qu'est-ce que c'est un FAQ ?
: FAQ est un acronyme anglais signifiant Frequently Asked
Questions. C'est un texte dans lequel sont regroupes les questions
les plus souvent poses (ainsi que leurs rponses) sur un sujet
donn.
<0.1> A qui s'adresse ce FAQ ?
: Ce FAQ s'adresse
ceux ayant entendu parler de LLC et qui
dsirent en connatre davantage sur ce point. Ce FAQ s'adresse
galement
ceux voulant se tenir
jour concernant l'ensemble du
projet de LLC.
<1.0> Qu'est-ce que c'est LLC ?
: LLC signifie Libert, Libert, Chrie ! C'est le nom d'une
compagnie
but non-lucratif qui s'est donn pour mandat de fournir
un accs lgal, public et accessible
tous sur Internet ainsi qu'
Usenet, cela pour la region 418.
<1.1> Hein ? On m'avait dit que c'tait une coop ?
: Afin de pouvoir bnficier d'arrangements financiers trs
avantageux, LLC est devenu une cie. Rien ne change pour l'usager,
part qu'il n'y a plus de parts sociales
payer.
<2.0> Qu'est-ce que c'est Internet ?
: Voici une courte dfinition [tire et traduite de whatis_i.txt]
:
" Une question souvent pose est celle-ci : "Qu'est-ce
qu'Internet ?". La question est souvent pose car il n'y a pas de
consensus sur la rponse qui dcrirait le mieux Internet. Internet
peut tre vu sous le rapport de ses protocoles communs comme tant
l'ensemble physique des 'routers' et circuits le composant, comme
tant un ensemble de ressources qui sont partages ou mme comme
tant une attitude par rapport
l'interconnection et
l'intercommunication. Quelques dfinitions passes se rsumaient
ceci :
* un rseau de rseaux bas sur les protocoles TCP/IP
* une communaut de personnes qui utilise et dveloppe ces
rseaux
* un ensemble de ressources atteignables par ces rseaux
Aujourd'hui Internet est une ressource globale reliant des
millions d'usagers. Bien que les rseaux formant Internet soient
bass sur des protocoles standards, Internet a aussi des 'gateways'
vers d'autres rseaux et services qui sont bass sur d'autres
protocoles."
Pour plus d'info sur Internet voir le point 8.1
<2.1> Qu'est-ce que l'on retrouve sur Internet ?
: On retrouve tout d'abord d'autres sites situs
travers le
monde, accessibles en direct, en temps rel, et tout
fait
gratuitement. Sur ces sites on retrouve des fichiers sharewares,
publics domains, etc... Le contenu de ces fichiers est aussi vaste
que l'info disponible sur un ordinateur : cela va de sources en
Unix jusqu'aux images graphiques des vues prises par Voyager.
On peut aller chercher ces fichiers en faisant du FTP :
" File Transfer Protocol (FTP)
Un protocole permettant
un usager sur un site d'atteindre
et de transfrer des fichiers vers un (ou d'un) autre site sur le
rseau. Egalement, FTP est habituellement le nom du programme que
l'usager invoque pour excuter le protocole. " [tir et traduit de
int_glos.txt]
Vu la quantite norme d'informations sur Internet, des
utilitaires servant
ramasser cette information (par exemple,
savoir sur quels sites tel fichier se trouve) sont disponibles via
le biais de services tels que archie, gopher, prospero, veronica,
WAIS, WWW :
" archie
Un systme qui ramasse, indexe et distribue automatiquement
l'information sur Internet. La premire implantation d'archie a
servi
indexer un rpertoire de noms de fichiers de tous les sites
permettant l'anonymous FTP
travers Internet. Des versions
subsquentes ont servi
ramasser d'autres types d'informations."
[tir et traduit de int_glos.txt]
Mais Internet c'est plus que des fichiers, c'est galement des
millions d'usagers
travers le monde. Pour communiquer avec eux,
plusieurs moyens existent, le premier peut consister
envoyer un
email
une personne :
" Electronic Mail (email)
Un systme dans lequel un usager d'ordinateur peut echanger
des messages avec d'autres usagers d'ordinateurs (ou groupes
d'usagers) via un rseau de communication. Le email est l'un des
usages les plus populaires d'Internet." [tir et traduit de
int_glos.txt]
Des groupes de messageries sont disponibles. Usenet est un rseau
offrant de tels groupes. [voir 3.0 et suivant]
On peut 'dialoguer' ou 'chatter'
plusieurs sur Internet via le
IRC :
" Internet Relay Chat (IRC)
Un protocole mondial de 'party line' qui permet a un usager
de converser avec d'autres en temps rel. " [tir et traduit de
int_glos.txt]
Pour obtenir de l'info sur un autre usager, on peut lui faire un
'finger' :
" finger
Un programme qui affiche de l'information sur un (ou
plusieurs) usager(s) en particulier 'logged' sur le systme local
ou un systme 'remote'." [tir et traduit de int_glos.txt]
Il existe aussi des 'jeux', ou mieux, des espaces virtuels, qu'on
regroupe sous le nom de muds :
" Multi-User Dungeon (MUD)
Jeux d'aventures, de rles ou de simulations qu'on joue sur
l'Internet. Ces jeux peuvent contenir des combats, des piges ou de
la magie. Les joueurs interagissent en temps rel et peuvent
changer le 'monde' dans le jeu
mesure qu'ils jouent. " [tir et
traduit de int_glos.txt]
Ceci n'est qu'un ventail des possibilits qu'offre Internet.
<3.0> Qu'est-ce que c'est Usenet ?
: " Usenet
Un ensemble de milliers de 'newsgroups' nomms par le sujet
qu'ils reprsentent, les ordis qui utilisent les protocoles pour
Usenet et les personnes qui lisent et crivent dans Usenet. Ce
n'est pas tous les sites Internet qui souscrivent
Usenet et tous
les sites Usenet ne sont pas sur Internet. " [tir et traduit de
int_glos.txt]
<3.1> Qu'est-ce que l'on retrouve sur Usenet ?
: On retrouve des newsgroups, ce sont des messageries qui portent
sur un sujet donn. Ces messageries sont divises en plusieurs
groupes.
"Les groupes qui sont distribus mondialement sont diviss en
sept (7) grandes classifications : "news", "soc", "talk", "misc",
"sci", "comp" et "rec". Chacune de ces organisations est divise en
groupes et sous-groupes suivant le sujet discut." Les voici
suivies de deux (2) _exemples_ de newsgroups qu'on y retrouve (il
existe des milliers de newsgroups en tout).
"comp" Topics of interest to both computer professionals and
hobbyists, including topics in computer science, software
source, and information on hardware and software systems.
comp.ai.shells Artificial intelligence applied to shells.
comp.virus Computer viruses & security. (Moderated)
"sci" Discussions marked by special and usually practical
knowledge, relating to research in or application of the
established sciences.
sci.bio.ecology Ecological research.
sci.virtual-worlds Virtual Reality - technology and culture.
(Moderated)
"misc" Groups addressing themes not easily classified under any
of the other headings or which incorporate themes from multiple
categories.
misc.books.technical Discussion of books about technical topics.
misc.legal Legalities and the ethics of law.
"soc" Groups primarily addressing social issues and
socializing.
soc.penpals In search of net.friendships.
soc.politics Political problems, systems, solutions.
(Moderated)
"talk" Groups largely debate-oriented and tending to feature
long discussions without resolution and without appreciable amounts
of generally useful information.
talk.abortion All sorts of discussions and arguments on
abortion.
talk.politics.space Non-technical issues affecting space
exploration.
"news" Groups concerned with the news network and software
themselves.
news.newsites Postings of new site announcements.
news.newusers.questions Q & A for users new to the Usenet.
"rec" Groups oriented towards the arts, hobbies and
recreational activities.
rec.games.video.arcade Discussions about coin-operated video
games.
rec.video.cable-tv Technical and regulatory issues of cable
television.
Ces newsgroups 'mondiaux' sont (habituellement) distribus
travers tout USENET -- ce qui signifie une distribution mondiale.
Tous les groupes ne recoivent pas une telle distribution. Certains
sites prennent seulement un sous-ensemble des groupes les plus
'techniques', et les groupes plus controverss ne sont souvent pas
distribus sur plusieurs sites (ces groupes sont souvent regroups
dans les classifications "talk" and "soc")...
Il existe des groupes dans d'autres sous-categories, mais ils
sont locaux
des institutions, des rgions gographiques, etc...
" [tir et traduit de newsgrp.zip]
Ou bien ils demandent qu'on paie des frais afin de les recevoir.
Voici une liste _partielle_ de groupes ainsi que quelques
_exemples_ de newsgroups qu'on y retrouve (il existe des milliers
d'autres newsgroups) :
"
'Alt' is a collection of newsgroups that is being distributed by
a collection of sites that choose to carry the groups.
alt.archery Robin Hood had the right idea.
alt.fan.tolkien Mortal Men doomed to die.
'Bionet' is a newsgroup hierarchy for topics interesting to
biologists.
'Biz' is for those interested in the world of business products
around them -- in particular, computer products and services. This
includes product announcements, announcements of fixes and
enhancements, product reviews, and postings of demo software.
'ClariNet' hierarchy consists of newsgroups gatewayed from
commercial news services and other ``official'' sources. A feed of
the ClariNet groups requires payment of a fee and execution of a
license.
'RELCOM' is the hierarchy of Russian-language newsgroups
distributed mostly on the territory of the former Soviet Union
(non-CIS countries included).
'VMSnet' is for topics of interest to VAX/VMS users (but not
necessarily VMS-specific).
Pour une liste complte des newsgroups, il y a le fichier
newsgrp.zip disponible sur Sietch BBS (voir 8.1)
<4.0> Qu'est-ce que LLC rendra disponible a ses usagers ?
: Le but premier de LLC est d'offrir un accs
Internet, alors
Usenet, le email, le FTP, IRC, Telnet, les muds, talk, finger,
knowbot, WWW, les utilitaires tels Archie, Gopher, Veronica et WAIS
seront disponibles, entre autres. Une interface babillard sera
disponible afin de simplifier les fonctions. En partant, le systme
offrira l'anonymous FTP pour le reste d'Internet (voir 4.3). Aprs
quelques mois, un muds situ sur LLC sera disponible pour tout
Internet aussi (voir 4.4).
<4.1> Quel sera l'quipement de LLC ?
: La meilleure faon est de l'illustrer par un diagramme [dit et
tir de npc-012.txt]
"
I
I Ligne de 56 kbps high (NO maximum throughput)
I
I
I
Modem V-35
I
I
#######
####### Router NetBlazer
#######-------------------------------------###
| ### 386-16 usag
|
|
| .-----------------------###### Serveur de Terminal
########## ######
#Sun Sparc# .------------######------------¿
# 2-clone # |.-----------######-----------¿|
########### ||.----------######----------¿||
| | ||| || || |||
| | ||| || || |||
| | ||| || || |||
| | ||| || || |||
| | Serie de ||| || || |||
| | 10 modems ||| || || |||
| | ||| || || |||
| ############ ||| || || |||
| # muds # ||| || || |||
| ############ ||| || || |||
| @|| @| |@ ||@ 10 usagers
| @| @ @ |@ contents!
| @ @
############
# Site FTP #
############
1) Utilit de chaque pice du systme
Une compagnie fournit une 56 kbps high, jusqu'
present la
dite compagnie (dont on doit taire le nom pour le moment) n'a pas
fix de limite de gigs par mois (i.e. the sky is the limit). Ce
sont les deux lignes parallles qui entrent
gauche en haut du
dessin. Cette ligne, si l'entente est signe, cote 2400$ par mois,
en plus des frais de dpart.
Cette ligne entre sur un modem special, un V-35, qui cote
environ $500. Lui-mme est ensuite connect sur un router
NetBlazer. On garde en permanence un 386 (usag si possible)
branch pour contrler le flot du trafic et grer les adresses. Il
y aura l
un autre 386 qui servira de site FTP. Ainsi qu'un autre
qui servira pour le Mud.
Le router NetBlazer est lui-mme reli
l'ordinateur central
de LLC, lequel sera un clone SPARC 2. Il faudra probablement y
rajouter un gig de disque dur (1000$), et un lecteur CD-Rom.
A droite du SPARC 2, il y a un serveur de terminal ($3000US),
probablement de marque Annex, branch sur 10 modems (10 x 400$US),
eux-mmes branchs sur 10 lignes tlphoniques Centrex, une ligne
par 10 usagers. C'est par ces lignes que vous allez entrer. Les 10
modems seront des Zyxels upgradables au v.fast.
En gros, c'est a. Ce que vous ne voyez pas, dans le dessin,
c'est une gnratrice de secours (appele couramment UPS) qui, en
cas de panne (on est au Qubec, n'est-ce pas!), va prvenir les
usagers sur le systme et fermer le tout EN DOUCEUR, de faon
ce
qu'il ne plante pas. Prvoyons aussi un 1000$ de programmes, un
tape backup DAT (1000$), et quelques gugusses. "
<4.2> Comment fonctionnera LLC ?
: LLC fonctionnera sous la forme d'un babillard. Les points 4.0 et
4.1 introduisent bien cette question. En plus, le systme sera
quip du caller-id. Seulement deux (2) numros de tlphone par
usager seront permis. Chaque usager aura un espace-disque de deux
(2) megs extensible pour la priode en ligne. Par exemple, s'il va
FTP pour huit (8) megs d'un site
son espace-disque, cela se fait
en 56 kps (a dpend des sites mais prenons cette vitesse par
dfaut). L'usager a donc huit (8) megs de fichiers qu'il peut
downloader du bab vers chez lui
la vitesse de son modem (v.fast,
v.32bis, etc...). En dedans des prochaines 24 heures, il faudra que
son espace-disque revienne dans les alentours de deux (2) megs.
LLC offrira un lecteur/diteur offline pour les newsgroups et
le email, sur le principe de QWK. Sietch BBS sera un exemple de
l'interface-systme que l'on retrouvera sur LLC (
peu de choses
prs). Naturellement, les gens, en connectant, auront le choix
d'aller directement au shell Unix(pour les pros), ou d'aller au
babillard (pour les moins aventureux).
<4.3> LLC aura une section FTP 'made in Quebec' ?
: En effet, ds son ouverture, le site permettra
quatre (4)
autres usagers d'Internet de venir faire de l'anonymous FTP sur
LLC. Dans cette section seront regroups tous les documents,
programmes, .mods (format de musique) et dmos faits
Qubec.
<4.4> Le site aura-t-il son propre muds ?
: Oui, quelques mois aprs l'ouverture, LLC sera dot de son propre
mud. Le 'sujet' du mud sera dvoil en temps opportun.
<5.0> Quels newsgroups seront disponibles ?
: L'ensemble des newsgroups non-payants francais et anglais sera
support. Si un usager veut un newsgroups dans une autre langue, il
pourra en faire la demande. Le plus souvent elle sera honore.
Aprs six (6) mois, LLC prvoit supporter certains newsgroups
payants tels Clarinet.
<5.1> De quoi aura l'air mon adresse sur le systme ?
: Si vous vous appelez Captain Kangooroo vous devriez avoir
l'adresse captain.kangooroo@llc.org
<5.2> Le FTP est-il limit ?
: Non, aucune limite (
part le temps) est fixe pour le FTP.
<6.0> Quand et o ouvrira LLC ?
: Si tout va bien, LLC sera oprationnel le 1er mars 1994. Tout
l'quipement sera situ dans un local lou au nom de la cie.
<6.1> Wow! Je veux embarquer ! Ca va me coter combien tout cela ?
: Il faut dans un premier temps comprendre que c'est assez coteux
d'tre sur Internet. Par exemple, une compagnie new-yorkaise
(mindvox) demande 18 $ US par mois pour un tel accs. Plus prs de
nous, Communication Accessibles Montreal demande 25 $ par mois. Ici
dans le 418, l'Universite Laval demande
peu prs 90 $. Tous ces
cots reprsentent des services
peu prs gaux. Etant une cie
but non-lucratif, LLC veut avant tout offrir un accs Internet pour
tous. C'est pourquoi deux (2) tarifs seront offerts. Le premier est
de 25 $ par mois et le second de 35 $ par mois.
La journe de 24 heures (appele ici grille_journe) sera divise
en deux (2) priodes : accs_jour et accs_soir (valide les sept
(7) jours de la semaine).
Voici un rsum :
accs_jour : de 3:00 AM a 16:59 PM., cela cote 1 point / minute
accs_soir : de 17:00 PM a 02:59 AM., cela cote 2 points / minute
si je paie 25 $ : je recois 3600 points pour le mois
avec un maximum de 120 points / grille_journe
soit un maximum de deux (2) heures dans
l'accs_jour ou d'une (1) heure dans
l'accs_soir.
si je paie 35 $ : je recois 7200 points pour le mois
avec un maximum de 240 points / grille_journe
soit un maximum de quatre (4) heures dans
l'accs_jour ou de deux (2) heures dans
l'accs_soir.
Le systme s'occupera de calculer le cot en points dans les
diffrentes priodes de la journe.
<6.2> Qui gre LLC et comment les contacter...
: La compagnie a
sa tte Mario Cantin.
Pour le contacter, faites un mail sur Sietch BBS (656-9451)
Blitz. Ou pour l'appeler par voix, composez le 692-4711.
<6.3> A quoi m'attendre avec LLC pour bientt ?
: En ce moment, Blitz attend de signer pour la ligne de 56 kbps. Et
si tout va bien, le 20 fevrier le tout sera oprationnel. De cette
date jusqu'
l'ouverture officielle du 1er mars, des sances
d'information pour les usagers seront dispenses. Par la suite, et
ce jusqu'au 1er mars, ces mmes usagers pourront utiliser LLC
gratuitement. Un tirage au sort dterminera l'ordre dans lequel les
personnes auront leur sance.
<7.0> On m'a dit que LLC tait une gang de hackers, pirates,
[autres noms dans le genre] ?
: Faux, LLC regroupe des avocats, analystes, mdecins, programmeurs
et tudiants, entre autres. Mme un (ou des?) membre de la GRC
tait prsent aux runions ! On ne peut pas tre plus lgal ! :)
Ces gens ont en commun l'ide d'accder
Internet.
<7.1> LLC servira-t-elle
des activits illgales ?
: Comme indiqu au point 1.0, le but premier de LLC est d'offrir un
accs public, LEGAL et accessible
tous les usagers. Les warez ne
seront pas tolrs. De plus, comme le veut le devoir de tout
citoyen canadien, si un oprateur du systme se rendait compte de
quelque chose de 'louche' dans l'activit d'un usager, les mesures
ncessaires seront prises afin d'assurer l'intgrit du systme.
<7.2> Mon courrier priv sera-t-il 'priv' ?
: Oui, l'oprateur du systme ne lira pas le courrier priv
moins
qu'une plainte n'ait t dpose et que cela demanderait une telle
lecture.
<7.3> Qui est responsable de mon accs ?
: Chaque usager du systme est responsable de son propre accs
ainsi que de son courrier. Le systme offre une protection via
l'utilisation d'un mot de passe pour chaque usager ainsi que du
retraage des appels via le caller-ID. Dans tous les cas, si une
personne autre que l'usager entre sur le systme en utilisant
l'acompte de l'usager, peu importe la faon dont la personne a
accd
l'acompte, l'usager est le premier responsable et non le
systme.
<8.0> Comment contacter l'auteur de ce FAQ ?
: La meilleure faon c'est de me laisser un message sur Sietch BBS
(656-9451). Faites 'mail' et, au destinataire, inscrivez 'murdock'.
C'est une excellente faon de m'envoyer d'autres questions que
j'aurais oubli.
<8.1> Je veux plus d'info sur Internet, Usenet...
: Les fichiers suivants sont disponibles sur les meilleurs babs :
ftp_faq.zip : FAQ sur les anonymous FTP.
internet.zip : 'Tour guide' d'Internet avec couleurs.
int_glos.zip : Internet glossary. Definition des termes
rencontres sur Internet.
intnet.zip : Big Dummy Guide to Internet. Tour guide
d'Internet.
newsgrp.zip : Liste + descriptions des newsgroups sur Usenet.
surf10.zip : Surfing The Internet. Tour guide d'Internet.
u_faq.zip : FAQ sur Usenet.
u_rules.zip : Rules pour ecrire sur Usenet.
usenet.zip : Liste de quelques newsgroups sur Internet
whatis_i.zip : What is Internet ? Reponse a la question.
whatis_u.zip : What is Usenet ? Reponse a la question.
zen10a.zip : Zen and the art of Internet. Tour guide
d'Internet.
Bien entendu, il en existe d'autres mais ceux-ci devraient
rpondre
pas mal de questions.
<8.2> Je veux plus d'info sur LLC...
: Les NPC sont gnralement une bonne source d'info. N'oubliez pas
que le projet volue et ce qui est dit dans un numro peut ne plus
s'appliquer. La conference sietch.discussion.internet sur Sietch
BBS devrait tre une bonne place pour les infos.
Lisez le dernier LLCFAQ.
Envoyez un mail
Blitzkreig.
<9.0> Remerciements et sources d'infos.
: Je remercie les usagers de Sietch BBS qui ont repondu
mes
questions sur Internet et LLC : Blitz, Gurney Halleck, Evil-e,
l0grus!, Kermit, entre autres.
Mes sources d'infos furent les textes cits au point 8.1, les
NPC, diffrentes confrences sur Fidonet ainsi que des dtails
ramasss par-ci par-l
.
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
L'AFFAIRE RENOUVEAU POLITIQUE
par l0gRuS!, collaborateur
NPC.
Les faits sont l
. Il n'y a pas si longtemps, une liste au
contenu bizarre est apparue sur les babillards pirates de la rgion
de Qubec. La liste contenait les noms, adresses et mots de passe
des usagers du babillard Renouveau Politique. Les rumeurs ont fait
bon train, et c'est devenu clair pour tout le monde: Renouveau
Politique avait donn des informations
la GRC. Pas un drame,
remarquez. La GRC a ces informations depuis belle lurette, tant
soit peu qu'ils sachent utiliser un bottin tlphonique. Les jours
ont pass et on en a quelque peu parl. Puis, de nouvelles rumeurs
firent surface: la maison de Robert Bertrand, SysOp du Renouveau
Politique, aurait t mystrieusement endommage, et Mr. Bertrand
rejetterait le blme sur NPC.
Donner la version d'NPC uniquement aurait t
quelque
part une obstruction de la vrit, alors nous avons contact Robert
Bertrand et son SysOp associ (le nom m'chappe), qui nous a
gentiment (quoique froidement) donn quelques minutes de son temps.
Robert Bertrand a fait la liste. Selon lui, NPC l'aurait
vole (de l'ordinateur du Renouveau Politique ou Music Art BBS) et
l'aurait ensuite publie. Il dit en avoir les preuves. Il nie par
contre l'avoir envoye
la GRC; il n'a dnonc que les "Fraudeurs
Informatiques". Depuis la parution de la liste, le Renouveau
Politique a t victime d'une de ces fraudes, mais Robert Bertrand
nous assure que le babillard est maintenant hors de danger. Il va
sans dire qu'il souponne NPC d'avoir commis cet acte. Selon ce que
j'ai pu comprendre, il est galement vrai que la maison de Mr.
Bertrand aurait t endommage, et l
encore il souponne NPC. Il
affirme qu'un "baveux" (Atreid Bevatron) l'aurait appel le
lendemain de l'incident et lui aurait demand si quelque chose
tait arriv
sa maison. Selon Robert Bertrand, c'est une preuve
de sa culpabilit. Selon NPC, Atreid ne voulait qu'avoir la
confirmation de la rumeur.
Il va sans dire que la version de NpC est la plus credible,
et ce sans parti-pris. Seule une backdoor de SBBS aurait permis
un membre de NpC d'aller chercher le texte qui n'tait pas online,
et
ma connaissance personne ii n'en connait (il est d'ailleurs
fort probable que si c'tait le cas, elles seraient dj
publie).
Aussi nos informations tendent
confirmer que la liste aurait t
capture du Music Art BBS par un ami du SysOp (que nous ne
nommerons pas pour des raisons videntes), qui l'aurait donn
un
illustre inconnu, Ray Decay, qui l'aurait
son tour donn
un
illustre asshole, Nazgul, qui l'aurait donn
Evil-E et de la
jusqu'
Blitzkreig. C'est un peu long comme chaine pour que NPC y
soit impliqu, non? Aussi, j'tais en confrence avec Atreid
Bevatron juste avant qu'il n'appelle Mr. Bertrand, et si je ne me
trompe pas c'est moi et Evil-E (un autre hacker de la rgion) qui
lui avons appris le fait.
La vrit? Robert Bertrand nous indique que nous allons la
connatre dans peu de temps. Peut-on croire
des arrestations?
Alors restez sur le qui-vive, et je serai des premiers
vous
informer des dveloppements tranges de cette affaire.
l0gRuS!
----------
QUELQUES AJOUTS SUR CETTE SOMBRE HISTOIRE
par Blitz
Ecoutez, moi non plus je ne crois pas que Bertrand soit un
dlateur de la GRC (enfin, pas au moment o il a compos la liste).
Je crois juste que c'est un fieff idiot qui s'est fait prendre les
culottes baisses. Cet hallucin notoire s'est accoquin avec le
sysop de Musical (ou Music quelque chose, mais je ne crois pas que
ce soit Music Art) BBS, qu'on m'indique comme un parano certifi et
certifiable. S'il ne prend pas ses mdicaments, le monde commence
rapidement
chavirer pour lui. Ce sysop, dont le nom m'chappe, a
d en conter des vertes et des pas mres
Bertrand, toutes le
fruit de son imagination de crtin congnital. Et Bertrand, en
tant un autre, a tout gob. Souvenez-vous, dans NPC 10, quand je
le flicitais pour son babillard: pourquoi aurais-je voulu, moi ou
quelqu'un d'autre de NPC, l'emmerder? Mais Bertrand est, nous
l'avons dit, un amateur de la pire espce. Derf, Mphisto, et
plusieurs d'entre vous lui ont ainsi parl, lorsqu'il a dcid de
fermer les messageries sur son board. "Ca a pas de bon sang, un
board sans messagerie", lui avons-nous dit. "C'est comme un
sandwich au jambon sans jambon!". Mais lui a prtendu qu'il pouvait
trs bien faire fonctionner un board sans messagerie... Et plus
personne n'a jamais appel sur son board.
L'amateur qui arrive dans le portrait et qui pense tout
connatre. Vous savez trs bien comment on appelle a, je suppose:
un LAMER!
En ce qui concerne le bris de sa rsidence: je demande
voir!
Une autre connerie monumentale profre par un imbcile qui ne sait
plus quoi inventer pour expliquer ses bourdes. Mais de quelles
bourdes s'agit-il? Eh bien, mes amis, voici, non-censure, la
fameuse liste qui circulait. Vous allez voir, c'est plein de
conneries! Hell! J'y ai mme dcouvert des collaborateurs de NPC
que je ne connaissais pas!
Cette liste, je l'ai dit, n'est pas censure. C'est dans le
secret que des minables comme Bertrand et des cas patents comme
l'autre sysop vivent leurs plus belles heures, tirent leur pouvoir.
Enlevez le secret, et ils redeviennent des minables.
---------
Le 27 novembre 1993
LES PROFESSIONNELS
NOMS PASSWORD NAISSANCE ALIAS TEL.
RICHARD BLAINE JEANBASILE 02-08-60 BLITZKREIG 692-3028 MODEM
692-4711 RS.
SON VRAI NOM: MARIO CANTIN
Il est fondateur ou responsable de NORTHERN PHUN CO
Il travaille ou a travaill avec le conseiller de la Ville de
Qubec : Rjean Lemoine.
..................................................................
JOHN BEDFORD 12NPC12 30-06-75 ATREID BEVATRON 623-3221(FAUX)
Il est le responsable de Northern Phun Co pour la prsentation du
numro 11. Les responsables s'interchangent...
Son vrai nom:
Alex (Alexandre) Bourget, 686, rue de Brabant, Ste-Foy
rs. 650-9537; fax ou modem: 623-3221
Fausse adresse donne: 686, de la Bonne Aventure.
..................................................................
Jean-Franois Landry jef! 04-61-73 JEF 831-7461 faux
a envoy SBBSFIX pour prendre la liste de nos usagers.
Il travaille ou c'est son nom emprunt avec
Daniel Lacroix Ansi Maker 06-09-74 " C " 831-3386 faux
...................................................................
Christophe Corbin ATLANTIC 10-02-79 Dark Master 836-3286
En dialoguant (chatting) "Doit faire quelque chose pour
devenir membre..."
................................................................
Jonathan Forgues formate 19-01-80 dixon Master 628-5575 home
662-9583 data
A dj
fait un minimum de 6 babillards.
Voulait m'aider en ouvrant des doors
Il a treize ans et trs dbrouillard
Il a t rejet de Bab-Kath.
................................................................
LES EMMERDEURS DE SYSTEME -- TROUBLE - FETE ---
LOUISE MAILLOUX FUCK YOU 30-05-74 LA MATRAQUEUSE 658-7142
TRAVAILLE AVEC OU DEMEURE AVEC OU S'AMUSE AVEC OU EST
VINCENT TASIAUX BEEP 12-06-75 MANGEUR DENOUILLES 681-1097
.................................................................
MARTIN DUBE JASON 4-11-71 ANDROID 627-5531
Va dans les messageries et il y a beaucoup de "va chier et
mange de marde. " Son niveau ne va pas plus haut...
.................................................................
Yves Sauv bouchon 6-03-72
Zonorglub the master 845-4324
reli avec le npc.... Pas plus.
................................................................
Franois Villeneuve Kissing 9-12-76 The extremist 849-6308
reli avec le npc. Pas plus.
................................................................
Martin Gravel Q12we3 21-11-72 ups 687-3516
Un claireur pour les amants des npc.
C'est propre.
................................................................
Jean-Marc Rioux Merlin 31-03-48 medium 838-1755 bon
Participe
la ralisation des crits dans le npc sous le nom
du vieux mde.
Donc peut prsenter diverses facettes..... laquelle est la
bonne....
.................................................................
Raoul Carrier red squirrel 28-04-36 mephisto 628-2839
Un nouvel amant des npc.
Ici, il est dans le thrascan. Notre premier.
Aime les messageries simplement pour prendre des textes des
autres et les commenters.....
Rien de positif.
..................................................................
Autres noms sans commentaires:
Patrick Cloutier test! 12-10-71 Aladin 651-8330
...............
Stphan Bdard RPFNVHGB 4-03-69 THE KEYMAN mo 835-3388
rs 835-3352
..............
Stphane Proulx Le mort. 15-0976 The Scripter 889-8039
..............
Nicolas Roberge 20 ans 827-5524 faux 827-3962 faux
Exporte un document qui l'amne directement au dos.
cette exportation a t envoye chez MUSIC ART BBS
..............
Denis Roy
..............
Jean Pelletier
..............
Eric Bernier
..............
Linda Cloutier
..............
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
Sphear DigiZine issue #1
UN NOUVEAU MAG DANS LE CYBERSPACE!
Intro par Atreid Bevatron
Il y a moins d'une semaine, une nouvelle gang de dudez ont
dcid de lancer (un autre) mag HP. Il s'appelle SPHEAR. Me semble
que, mme
nos dbuts, nous tions un peu moins lame que ces mecs.
C'est toujours le mme ramassis de clichs et de propos non-
vrifis. A preuve le t-file post par Coaxial dans l'article
prcdent, sur les redboxs, et le texte sur ces mmes boxes qui
suit. Enfin...
Ceci dit, il y a quand mme quelques documents gouvernementaux
qui nous renseignent sur les derniers cas de fraude. Tout n'est pas
perdu, donc. Ils ont mme inclu quelques programmes en UUENCODE
pour leurs lecteurs. Blitz me dit qu'on distribue aussi, avec ce
numro 13 de NPC, UUENCODE, pour ceux qui ne seraient pas encore
quips de cet outil qui va vous tre fort utile bientt, avec
l'ouverture de LLC.
Bonne lecture!
------------------------
sPHeAr
------
__ ___ __ ___
/ / / / / / /\ / /
\ /__/ /__/ /__ /__\ /__/
__/ / / / /__ / / / \
DigiZine
Phreaking
Hacking
Anarchy
(And AnyThing Else P/H/A/C/C/V)
Editor: Signal
Co-Editor: Mustang
File Contributions: John Deere
Signal
sPHeAr can be reached at system1x@axposf.pa.dec.com
Issue #1
[01.28.94]
Contents
--------
Articles
-+-+-+-+
RedBox Dangers
Operator Operations
Our Fuckin' Rights
Toll Fraud
Philes
+-+-+-
NewHack.Zip
Sneakers.Zip
RedBox Dangers
--------------
by Signal
All real phreakers know that a redbox is a great tool, if used
wisely. Redboxes can be used to make both local and LD calls.
However, as we know, to make a local call, one must first dial '0'
and then make up some excuse like 'excuse me operator, the 5 button
on this payphone doesn't seem to be working.' The TSPS operator
would ask you to deposit 25 cents and dial then dial the number for
you. Normally you don't need an excuse to have the operator dial a
number for you. But in recent years the operators have become
'smarter' and aware of the rat shack tone-dialer conversion.
Nowadays if you ask the operator to dial a number for you, for no
apparent reason, he/she will become suspicious almost immediatly.
Although they will place the call whether or not you give them a
reason, the will be listening to you when you place the tones.
Sometimes, I have discovered, that using a redbox to make local
calls doesn't always work, as I have had the operator inform me
that the quarter was not registering and that I was using an
electronic device. The operator then said that she was going to
call security and to please wait on the line. I think you can guess
what I did then. I have never had a problem dialing long distance
though. This is probably because it is automated when it asks for
your money. The main reason that the operator will suspect that you
are using a redbox is if the tones generated are too loud, as this
somehow impairs the TSPS's ability to detect the quarter tones. The
quarter tones generated by the phone are usually much quieter than
that of the red box. To get around this problem, hold a credit
card, or piece of thin cardboard between the redbox and the
mouthpiece. This should significantly reduce the loudness. Another
reason for the operator knowing that you are using an 'electronic
device' is that the speed of the tones produced by the redbox,
often times do not match the speeds of the phone; the redbox tones
are slightly, but noticably slower. There is no real solution to
this type of problem, oh well, there are other phones out there.
Operator Operations
-------------------
by Signal
'Hello C&P telephone, may I help you?'
We all know that TSPS operators are one of the most dangerous
around. But is life as an operator really that interesting. When
you come to think about it, you realize that although it would be
great to be an operator, think about all the potential drawbacks.
If you have ever taken a tour of either an AT&T switching station,
or a Bell station, you know that operators don't have the best
'offices' around. Personally operators must have the most routine,
and probably one of the most boring jobs around. Since the late
1980s almost all switching tasks are performed by computer, there
is really no need to have a human operator. The operator's primary
task is to oversee the computer and to take anycalls regarding
collect calls, and billing. Even with collect calls, this is now
handled by computer, where you dial 0+NPA+Nxx+xxxx and a voice
recording will ask you for your name. Basically the TSPS operators
exist to make operator-assisted calls. TSPS operators are so
dangerous because they have an ANI readout display and are known
sometimes to monitor operator-assisted calls. So is becoming an
operator really a career choice?
Our Fuckin' Rights
------------------
by Signal
Ever realize that the government has so much control it isn't even
funny anymore? Just for an example, take the 2600 incident in
November 1992 at Pentagon City. As described by both the Washington
Post and 2600 Magazine, the Secret Service agents that raided the
meeting took disks, computer equipment, and other material without
informing the people of what was happening. They also took the IDs
of the people there without any stated reasons. This act alone
shows that the government has so much control over our lives, and
that the Constitution doesn't offer as much protection as it seems
it does. It is not in this century alone that the Constitution did
not guarantee us our rights, as we can see. The government, since
it is also composed of the Judicial branch can restrict our rights,
and in some cases deny them to us and still get away with it.
Toll Fraud
----------
Excerpt from the FCC Notice for Proposed Rulemaking, CC Docket
93-292 {Talks about how the FCC is fighting it. Doesn't talk about
redboxes.. just beige boxing, and blue boxing, etc.}
Until the mid 1980s, carrier networks were the main targets
of telecommunications fraud. Fraud perpetrators might use
electronic devices or even a child's whistle to simulate carrier
switching tones that would allow them to place calls and avoid
paying for them. As carriers developed new methods to prevent these
primitive forms of toll fraud, however, perpetrators began to use
computers to access the carriers' networks.
Control over the use of telecommunications services has
increasingly shifted from carriers to individual consumers.
Technology is providing more flexible options for use of those
services. With this shift in control, however, has come a shift in
the toll fraud targets. Customers, as well as carriers, are now the
victims. Fraud involving customer-owned private branch exchanges
(PBXs) provides an example. Customers can now use a feature in
their on-premises PBX equipment to route incoming remote access
calls to an outgoing line. With this capability, a company's sales
representatives in the field can, for example, have the convenience
of placing calls that would be billed to the employer's outgoing
PBX line. Fraud perpetrators have discovered that they can call
into a PBX and then use computers or "finger hacking" to identify
the authorization code for the remote access feature connected to
the outgoing line. Once the authorization code is found or
"hacked," the perpetrator can obtain a dial tone and make outgoing
calls that are billed to the PBX owner. In some cases, the PBX
owner may also be billed for incoming 800 calls made by the
perpetrator.
Both customers and carriers suffer the effects of fraud;
industry and Secret Service estimates of annual losses range from
one to five billion dollars, in an industry in which annual
billings are approximately $175 billion. Several different types of
fraud are creating these losses:
(1) the unauthorized remote access through PBXs already
described;
(2) cellular "cloning," in which billing codes for legitimate
cellular subscribers are installed in a perpetrator's cellular
phone;
(3) the billing of operator-assisted calls to line with billing
restrictions, such as payphone lines; and
(4) "clip-on" fraud, in which the perpetrator physically attaches
a calling device directly to a phone line.
Fraud perpetrators may watch customers using calling cards at
payphones and sell the calling card numbers to others, or directly
approach consumers and ask them to accept billing to their phones
as part of a spurious "official" investigation. Industry and law
enforcement sources expect that new types of fraud will develop
even as these existing types of fraud are being combatted.
Experience has shown that those new telecommunications
technologies offering the most convenience and flexibility for
users, are often also most likely to present new toll fraud
opportunities. The Commission's goal has been, and will continue to
be, to work with consumers and the industry to find solutions to
each fraud problem without hindering the development or use of
these new technologies.
In devising these solutions, we must ensure that
telecommunications equipment and services remain accessible.
The Commission is not charged with enforcing criminal
statutes or prosecuting toll fraud perpetrators. The Department of
Justice, local law enforcement agencies, and the U. S. Secret
Service are among the agencies charged with the enforcement of
criminal statutes. Nevertheless, the Commission has taken several
steps toward developing solutions to toll fraud. First, the
Commission issued a series of "Consumer Alerts" describing the
dangers posed by telecommunications fraud and steps that can be
taken to detect and prevent it. Second, on October 9, 1992, we
convened an _en banc_ hearing on Toll Fraud. Panelists representing
telecommunications consumers, carriers, equipment vendors,
insurance providers, and law enforcement agencies presented diverse
perspectives and detailed proposals for detection, prevention, and
responsibility. (See Appendix B) Following the hearing, the
Commission encouraged further comment by holding the record on toll
fraud open until November 16, 1992. Third, the Commission has
taken action in related proceedings to address toll fraud concerns.
In July 1992, in the operator service rulemaking proceedings, the
Commission required local exchange carriers to offer services, to
reduce payphone providers' and other aggregators' exposure to toll
fraud. Earlier, in 1990, the Commission adopted standards for
direct inward dial (DID) calls which required answer supervision on
DID calls routed back to the public switched network by a PBX. This
amendment of Part 68 of the Commission's rules was initiated
because carriers were losing tens of millions of dollars of revenue
in cases where PBXs failed to return an answer supervision signal
to the central office, notifying it of a billable call. The
Commission continues to resolve formal and informal complaints that
raise toll fraud issues.
The Commission also coordinates with industry, consumers,
vendors, and law enforcement agencies. Commission staff attends
meeting with industry groups working to formulate prospective
solutions to toll fraud problems. Some fraud issues appear to have
been resolved by the industry, including, for example, dial tone
reorigination, which permits the calling party to receive a second
dial tone after the original call is terminated. The industry also
has implemented intercompany cooperation on live call tracing. Many
carriers have recently responded to the widespread concerns about
toll fraud by offering services designed to provide early detection
and prevention of the problems.
It does not appear, however, that private action can resolve
all toll fraud problems or that incentives to control fraud are
structured in the best possible way. For example, the recent
"Chartways" formal complaint proceeding presented the issue of
liability for charges associated with unauthorized calls.
Chartways, the complainant, was a private branch exchange (PBX)
owner. It learned from AT&T that an unusual volume of calls to
Pakistan was originating at its PBX. A subsequent investigation
revealed that the calls were apparently being routed through the
remote access feature of the PBX. Although Chartways informed AT&T
that the calls were unauthorized, AT&T maintained that Chartways
was liable for the related charges under the general payment
obligation of AT&T's tariffs. Chartways responded by filing a
formal complaint against AT&T with the Commission. The complaint
alleged that AT&T's attempt to collect the charges was unreasonable
and discriminatory, thus violating sections 201(b) and 202(a) of
the Communications Act. The Common Carrier Bureau denied the
complaint based on a largely stipulated record, and following the
same analysis we denied Chartways' application for review of the
Bureau decision. First, we found that the Bureau was correct in
determining that the tariff provisions at issue were clear and
definite in requiring payment for the calls, in that the tariff
provisions recognized no exception to the general payment
obligation for unauthorized usage. Next we affirmed the fining that
Chartways had control over the disputed calls. We noted that
Chartways had stipulated that it had "the capability to restrict
access to and egress from its PBX" at all times. Moreover, while
the record contained no evidence that AT&T was negligent in any way
with regard to the unauthorized calls, it also showed that
Chartways had taken no steps available to it to detect or prevent
unauthorized calling through its PBX. Finally, we agreed that
AT&T's practices in this case were not discriminatory when compared
to its liability limits on unauthorized calling card using because
calling card liability is controlled explicitly by a specific
federal statute and related regulations.
In _United Artists_, we examined the question of liability for
charges associated with unauthorized calls that were either
originated or accepted at the complainant's payphones. The
threshold issue in the case was whether United Artists was AT&T's
"customer," because only a "customer" who "orders" service could be
held liable for charges under the terms of AT&T's tariff. We
determined that the customer for the operator-assisted calls at
issue was the caller or billed party, not United Artists, the owner
of the payphones. We also found that United Artists did not
presubscribe its payphone lines to AT&T for direct-dialed service.
We then looked at whether United Artists had otherwise ordered
service from AT&T, stating that if United Artists "had failed to
take steps to control unauthorized operator-assisted and
direct-dialed calling and had, instead, installed its phones in
such a way as to allow callers to charge such calls to its payphone
lines, [United Artists] could reasonably be held to have
constructively 'ordered' service from AT&T, thus establishing an
inadvertent carrier- customer relationship." The record showed that
United Artists had adopted a number of measures designed to control
potentially fraudulent calling. For example, it told the local
exchange carrier, New York Telephone (NYT), that its lines were to
have no primary interexchange carrier at all. It also ordered
originating line and billed number screening services from NYT,
which were intended to inform operator service providers such as
AT&T of any billing restrictions on those lines. In addition to
such preventative steps, United Artists also monitored calling from
its phones and regularly reported any apparently fraudulent calling
to NYT and AT&T. Based on the record, we concluded that United
Artists did not intentionally or constructively order service from
AT&T and therefore could not be held liable as a customer for the
disputed charges.
Philes
-+-+-+
NewHack.Zip
-----------
by John Deere
Description:
compares old /etc/passwd file to a newer version of /etc/passwd and
filters out differences. Almost twice as fast as Hacker's Password
Accountant.
begin 400 NEWHACK.ZIP
M4$L#!!0 ( ,":E!N?% TWG , .4& + 3D572$%#2RY$3T-]56&/
MVD80_6[)_V&2+\=)E)!4D9)^24GA=#2] P%7FE3]L+8'O,7>1;OK<\BO[YNU
MN1"U#4C89F=FW[SW9DW_^5DJ[UOK"KK1%=/#L5"!79K0_W]^9^>U-?1R-/YN
MW/UL>SOYY<-H]L?L>W'9B7ZUI:$IL^,TD2_R-C3?T'0Q6\OS1]O0P=B6VI(-
MG?"TYT"*#+?TV*.Q.PHETU':*6@GS>R<K24:[>S4HW4Z,)4J/Y#'W9"R)L1:
MA357@5IE @5+F449%^.TV9.J*JF;)BK/;6."?T<D<'QIFZJ@OQL?*..G<($@
MJ)0I*"^5V7-!Y\QAFGAM<D:0]4S*<0RWICKAASU!AE">2XV(MAPWUUC1N"LL
MZ8!6K!/86'^OO,X!\#3$ N6V/J*F[XH"VR45@J?'EB87"T,P:=A!<]_S&<-;
M#2 16)_THF_F*P_#6%-5WGY3P@<5&M]5B>14VH<S,WUNFAA51Z JH-U'!H/0
MM=_BA: 8]%TZ<KQCQZ#M>G0VQT=Z6,]H.5FOMXO5E&[FO\WH83F=;&:K=S$"
MO$'>2W:N $GY -(V4)?QJ$PG-)COO>-%BT[L6KD#!QK<0@MVB'Z:DDG7@C+A
M![I=3JZCB[Z9H33IAX@@G*IJ"Q)"JZ&[ZD#(%:D12PP1"+V?,J0[5AY V-AF
M7R+JSSN-@,AT9>W!DT$Q1S]=TU\=(\O%>CU_#Q*6JP4N=W%F[M0!59O>9!>2
M^^B\O&)EN*#FB!VF<0*B$LJ<B#\'I](DX$J0(5?.:;5G2!$:9SSIR%)7#-DK
MKKG.@"CJR2HOOPK=MY5;XS4Z!]&+^QGYX,02@^8H$_?J]6O1WJD<I/EK5%Q;
MTCN1_^H1?%16%4 :W7#I:6V0O 7M2W8[SB-6;VL.I13GRG-$!#7UO@QTA%#_
M:@6 I94WXU "9-749HCBGV6>!M)ZTS7T9'NJ1 OL&X?CS;A/\F=S+@Y#:KNQ
M56(Z+9:[%R+/YU0<Y4BU;'PY+NB$G8Q8=NIG049AU)TWN3)4:"$N:P)WIP)@
M0"YK> C)<C[*(>;X2YH<=%%H_B*$Q'\HL\H5G@;/;_E$T_%X^ND98-F6YK&P
M9U-0?:*M6O$GY#=>&+S9+)\]%SGF40N E(&/%N9>"?%\T[E]2$'ZK@%FGB;G
MT]0S4XE]T.L)^(N.D!4?K0O1:UFSCXW43"*5O E&\4WP<Z7J3!5J9)'2F'S$
M11-)OGQ9O!KC+N_<]_+MVQ_3Y!]02P,$% @ BIJ4&\L!'1,H%P 8"X
M L !.15=(04-++D581=V:?5P4U[G'S\SLS"X+K"A*C"\PW.@FBAIE#5%
M2V+ E_JRP2BH)88@41L#=ID%O5>7M?0FL@,VR6W:A#9-$#]IHEP_J])TT507
M%D1!%#$5BR:Q:LR8-6F4%M*(N_<WLPLN!HDQ]_YSY\.7F3GG>9[SG)=YSCDS
MNV#Y,V0X>8E:12PJRP["D"1",H81,HH0DD43D@/RP590"EX%.\![8#=P@GK0
M"%K!)7 %? DZ@88A)!0, 6/ .# )Q($Y8 %(!<O!.O SD ^V@E+P*M@!W@.[
MP?O@"&@&K: =7 770"?0J% >& +&@'%@$D@"R6 >2 6KP%J0 _+!5E *7@4[
MP'M@-W@?' '-H!6T@ZO@&N@$&A;E@2%@!)@ IH X,!,8P1*P'*P#/P/YP )>
M!J^!,K =5(%J<!"T@+^ =O 9N)\CQ V^!C<!JR;D/C *1(.I8#J8"9X"R\#S
M8#TP@TU !&^"[> /8#\X!.I ._@$7 .=X :@-80, V- '$@ 26 Q2 <9( ]L
M #;P2_ K\%NP#SC GT$=: .7P=?@)J"#8!N, %'@$1 /YH,GP5*0 <S@WT$A
M>!&\!MX".\!NL _4@3;0 2@M(4/!@V 6>!(\ S8!&_@M^ 1< O\ _Y+E@]&^
M(!+$@A20 ?+!>V W>#8$?H!"4 RV@=?!F\ !_@QJP6GP.?" B%#T#3" :6 &
M2 ;I( ,\"WX*-H$MX$6P#92#=\ NL _4@T9P K2#J^ :Z 0>$*8C9#3X-_ @
MB 7Q8#YX$BP%3X.?@7SP'Z 4O I^ ]X">\#[X !P@=/@(I# %^"?(&H0QC>8
M N+ 0K "/ .RP2] ,=@&MH,_@#W@?5 #CH*SX#SX%'P!2!C&,M""42 :Z,$D
MD 22P3R0"K*!"12 3< &?@7> .^"_P8'@%/6&4+(3T F> YL )O!S\&OP!O@
M]\ ._@CV@V/@)#@-)/ %N Y4X80$ 1W@P5@P'DP%T\&/03K( ,\" 6P!+P(1
MO ;*0"78 ]X'3E OZPV%#E@--@(+* *EX%6P ^P%?P(?@./@'/@;N R^!ASB
M=3 ( R- %)@"XD "2 ;SP%-@&7@&9(-<4 V@;=!$,FBQH!'00*515&DGAI)
MU5-A3#U5&U1/?00ZP!!M/47\QQS>?SS\ X\ 0_P/.!Y^>.0 AB)X8V9>7D&N
M:16?LG9=-K]D_:I,(=MTWQU,17V'3R%\?K8I;VUN#C]ETN31_$!>Z?AG-_+S
M<M?D\$]D9YNR1PX@&AQ0ZJ-/K5F;QZ\WY:XV9;[ "YG/9^?Q0D$NO[ZG&L^A
M&GE\9HY\E;,JC\_)+I#O.)_^M*PUF3FKLU?QF5E9N>8<(6\2S\\5>&%-=@Z_
M.CLGVX3:0UO1ZF.25=2G9.7F")EK<];FK.9S<]9ME!7SLGN-3>"%7#XO,S^;
M%]:^D,T7P&I(8$6"LDR96<]#>=)4_GL?#S^\I/C3*<ZR9KJ>LA,C_LJBZ"S*
M'F(LR\+YT.=<9-HA/)-I4YS&LO5</57V$8M_KT#<ES=W@+Q7 _,\/7GV08&V
M=_<OTZ?\^@'*^.@NRKAY%V5HJ7NKX]V4_U"@[3N4_^@]EC]0WRSNO]P^OJV\
M"]]^,X!O=U/&[^^BC+8?6,9'=U'&(/J'E3$J4/\.9>@'**/_OLIPX1%T6(CR
M#!9=M92<VN8J.=M=:ME=GZ^J3%QDHNV+=KXR^8N.'=O.(C$BS<$38ZGEYQ%I
M95@84$4S/V2)G9BII*TI7EN*M_AJ1JV*#$_.0<3E<]>MZHTX<L")Y\/FYN1G
MKEOKB\PYF2]D^R4#8Y-/TI]ARIZX!O&%]R7*Q_U*M)3O^<QUINS,51OY[ UK
M\X2\Z.B%N;[T;%DU>]4$.4.0XYH_MD[R&\T3,@5S7H!-7FZ#"3UM,$%IKUM-
M9-<&-O$4KK]N./0Y&YE6:CF-]GD(4>P1.?/-GDPE7?JU1^,TQ]YFVV=S7J#-
MWCP$Q@C,S(=2*;_ILLN]&BONU8NP>_1"T3ZT ?85TR^K9<?H;SLFW*MC!3<U
M3J%_QTH'<LQJ.4W,#_@$__#=-=C>MP:J;]?@Z+W6X(_=_\<U.)3*]'%7]KYL
M+=-3DIQ[ZQ9/HHN*EP<V32D#>\M5FCI4':1+J[.HN+2R: UD4CRE!SV>"%^2
M@R)&,<4SQUA6A;;Q)=WO;RG?<_UM>T':.]N#K22C8Q#IS]Z BM_MB.S&+XC?
MC5^0WJ!UN3X_I#+Q?@2M^WU!J]1RK#Y?TR=IVUE8U!]F:>7!*EO%]#9R\8N;
MO+[$!+4_$3W*7'F+^)[!@Q9OA,^3V[I?R2BU[(VXY6=/VNN!:;*$]+Q'.<-9
M].-J5-X\51&3MGN4,USV9PBZ\N-L4L5QUN>PW!)ZZPQ*D&^("&>39(^O_-CO
M],&>FOCD:+.Z_!C4C[%RFX40K=&4FY6=EX>5HH;/-0M\[G-\4.\Z+WR6V61"
MX,0",&M-MK*BXT/[+-9T"^5EIU\\GN]_/<WS0V;=MAR-Y]7^K"#^(=]:=1S'
M/X20/T[NQO2>T90N]T!*=T.*AR*W=8T2:6Z_[=M'_Z!]X>C@NQA%#F\_?21G
ME%H^[M-'OK2Z?M)V]NDWW$G[NA5)Z4:W/<@W(=A9HWVH;\GJ>WH/!_<[1>L"
MY@^,ZS=2C;+0UWV%@@(GF9/?;:B\A;T+0^W]&X+CPP(=O_3=Y2F-T"-SZ.O^
M%51&^W#_&KZ/&US(=]?G6/_U\1D8UK^!/H5,O(M"C@<6<BBI?PWBTU!JK/1Y
MJ>4]='SQ#:OE/<H\SA^& YMC3J"AWK -<;I?\=0[B5,"IRB-]LU,REC\MJ <
M6!$QKW1V^YZ$@[<>#%7@[?^/[I GLEO;Q-M"P11G10O[K7A@'NY+ZGWZ\; D
M0=#]EPQ7T@]]B9'T0U]>]&N@WW<6W\> ? 2\J>"_MP?RT>?]Q0 &[ON6QPNQ
MF/=-"JG^)7M ,A_8?W@:#C6'];M/4?)T@^^<MVB O)<'R!O(YLE[U!N@#K>+
M#AER2U190]_)YOA P>UW%KPG7_X7QOY@]*^\#'BL=VX?AI2>&?]6JOR>[*E<
M(7-=;QK?N_J(OWTTW%Z9H^%WW;#:H;=$;XM8MTF."I3L$W9NEXP-E.P[R0[L
MS-W[?2M$9[BPC<9U*%[']GD75K890;+L&-[0(L0=9_'O&"NU7)6>NB9=^T;:
MW2W5=DKO>S+\.P/2YU@B7BVZ:HS$6KC48H]0=_NW\:^_TK$CUKFS?BE7-:(Y
MNG2I/2)*7*BM6M@<'55GX22>B)]F-&IE[4B_3%35HN9H.4]%,AI5Q!19U! 9
MR47%.JL)U7U]=^=)6\TBL6OAS8X=.[NC#,Z*#UF74CZ6=5ZB.*:$;NDAHFR?
M=!+/*!=*_%9F )T4ROAV3/+&):.I:I#T(9NH%K2)3#[G8(BTA$AOD2I-K%?Z
M@+75C2G<?IG=?HXU.+>WL=L_8[=+;-+VT^PV[@ER:!W1VT;KXT<+-W!V7/*^
M(27272U=K=6/DJYK%1?82%W4_FF48^18U,LE:^BM^I>(!X5QB2JT#V.L(E(:
MFZZ])$QT#!F\CTCS6,?DP7\B>XF4Q%J_&6^.T%MU+Q'*0:AJPDD3V*HA^WAI
M+.N"TU&LL4=V*)N^AVA;S9J]PQ.9 GH/9;MN^]#36$6LGN'Y=!55T<X61UQB
MM^K^RA[FSK 4VNUCI)QG7<9(QR9ZVQGKS-,L$9 IL514^@GK3(G%"Q:7?$^J
MJ.8(@:LBS1'N?]B?ED8S]EG2<$;2,5>*/>*Y.'&V2GK *[W@?5MI)GRP1:(M
M31MG*]#$V19Q<;9<5?S)@@?C_UGP@*=Q0Y3G^(:1GJ/QNDML0;BG.7[2IVQ!
M<'$$W-&=9Z7'F$8-<1#.-O,<*^H^9D7X*,6I1.1+8YDF:033D]EHD[-&JIH<
ME-K-."C.*-VDT^4L&_1L7\J:\5^:Z5BGU,DT*2[!E0*5IY&&,=-]\<@O&.PY
M3L=]PIJ"XN/^QA8P4BV-(2?]D;;5CN<^9CW.)ND]VG9X//>)?"W;F*UZ]RM!
M-690B-6J/\>NUW"]%9ZM&J/>HVH]+Z?_TI\N7W<U677G6$V3KW5D(^(BU<5P
M>3 8O!@UY1=80RM:^4(G%"92I*B=F%AY2'6X9-F5*L='4_$1*>%4WHBN#O',
MI<QW&;,FA+F<:7__\BR;Z_+CMH;+CT/U4N:8[LN93=:9^*IKULA]9B<";:>:
MWOX,W8I$K=,\)/92<P3.VJWZSUCM)3,&H!3N@4^1<?6%JH9DVM[6D*RRDM+_
MM)+BY)"2#%U#<MAJIF3!D,/)DTD4VL8OZGB+.;!9)39MV4SO:1.TT-S;YIBO
M$L\4)P\M61!1G#&\9,&(X@6C2A9$&IRR'AYP/--Z<8EJWCR]:-;HZS:'&,XJ
M?NFDGWBK*9*H$:8FA@N3$U7"$W,31PH/)E+" XF<\&CB""$E,518E,B;3B2T
M"TWZK=0LZ762\'&^4^QP?Q!\5G#8-=)+Q,Y+/R>XVDQ^?.%S]XZ$CX6W]38*
M6F](/R6S+OS=_8IU9AL&N4TVX-9*"XF^@0K5SIH%QPQ.?7&R1E^<H<U0*AE7
M5ZC2BPLT^G$+-!?OEYVUSCR#=@W6VUAI%)E]H<O-2+\CTNEN@Q,*RC][J$03
MNW;QDZD8BB:2CH=\/"HU$;X;$K7"(U5!MLAS;*Q<UU0IBUKNJ96'8#YOPW!T
MWU>EDQ91[O!XW BAGD9WD)+,2!HB323JY<M6N#R'Y4&:/]QS_,E4#/<^3\A0
M:ODR5Q43Z[VBI:IHG!@J<EOD$T2,,)(HL5WL@M_P)QK^3)!]@4_39_L=2)1R
MB%3N5<J;(#U+8%VMDVK)\F7N4=)BHG@4#H\&22E$VNAUJZ691!:>+7:)[1?>
MD283I:AB%&4[W*F?1V([F5KQB!B11>RZ+]W$5O\X_L^S#Y*O:Q[_,LJ5T"5D
M/9F:%LF))V*.*\JV!D71R[A.GA>_EE6+:CGKS+E$'54^CYB9\CG$%OE75JXS
M%[7-V:T]*T14VLY<?9<RW_@&_X4;HFO7C0M7W9SML\I=%[K542O1($O3EG#-
M8>J,E4^[R'Y$N?82;AHQ?"'-#9;>)F(=&T[VJ$Y)):U,;8665(00AE.1"AVI
M&$XJ1I&*,60;Q/7E-*G@20,WGIPF);H)F%74!Z?3U>'DY>Y)E56/-$<7CRY)
MIHL:5!?^+D?[$(1J1/O]X93C ?E\ECC&R&<5Y?B1/ LX,!<9(XV.+%IGU$D+
M:9UTA'9@,KJ5%H^T:KK)X/S="NMG@Q:_^;MEUD^_LM[\2M E64]\Y;\7J*3M
M\XD+ X\F-XKJN/2BSZ*V-/R:6+NGYS&'O-ZTJJ>:H\6KUH415/J*9<N?7ID1
MI3[A:"$01; \0I:M<*LQ7QJ.&LXJ+7.C(I:(-<$N849Y& EV"@]O<^I]5R-C
M7 7W=9V90<+RPO:'D:X+3(U)K4_@-,3$Z<N'$O=)\4B)*R9R&BERAQ7KII+B
MR#A2%SF)E#AA+APSS212,9E4)!)'#J4S<HN;E";02>-]]=9)T73?-AT;63\,
M+24WZ5?E4TDP%T>$<0?FT])X4AY+I%AR8 4M19+R.,R1Q!Z/Z1I2TB/DP#.T
MI)9%JN8W1T^RJ;5.@9.FD5GN#M>>5<C9H\4#ZE;%7NJ\IIILA(5T6YW+:*N3
M*))N1.B6)(:DCQFDFIP8;Z)5:EM+%=<<[2+TR.@'QDQ]).[1:=/C$Q)GS/R1
M.16+2_G#9+;)E&OB"9\I\&12J)88<TT"MD)Y_*S<]1M-:U>O$?#R:1P_9?HT
MPX3IL?SCN:9U^(1J<+[$)9*FHIF)^!4*U52>2*ZL]XC_B-OV!*U/6$(7JC<-
MU2>PID&XX39I"M'6R:H"JLEQE%R9XW&TD2N/>UA"FT)CZO*"NLXD</'$A-Q&
M<F6\9[^A50[0=86:N/H"%6+3+H>];9?#2G;A<M>NTF1A5PG22H-V.>HII%7K
M2,>NZD4DN-4<5!E_)%]E.W)14XEV8W9>^!K+MBA,QDHPU,JS/$*D"F<.YQ"<
M$2Z3=3V!,UF+5=S^/6UNS?Z];6YF_[ZVGHB?3,_ %#%DQMXV(72&O4T(:T#M
MGR/N,:D<5F)CR7+9Q!*ZQPQ^9R'-)P*G5V8C.1K;B1O3F-^<;\(9+I]A4"/;
M6DW<PXT'AA)I&$F'ZR$'1A%)2V[I<VE<FMY[/X8R@T&X4NWR-9%*7[\D!#$>
M<7YTU8^:HTUA<O%PIB$9/R.2YRQ<X4<\[B\#Y U']2]A5H!&$C34,34"X\CN
MG1C[%:)]$V#/G#*ZZ(8JGZN:Z<M!AF\</*+?4HB:F2?IQ0*-/J% *\1$<HM3
M]?5I\'&E5LVT,]>[O2TQUTMJ5ZBC],4%FF"G6>.2Z[^&N(R(IMQBR4"M4"/N
MI??8,'_@\EE/DJWO;3-/UV/MH1<+-3$G8D[FJ9A&0RNGKRL(83QVOKMC9XQ'
MK2\NA&JARAR4"H,7R KU<@R.(TI!:XG?W!R_N<<"S-7 W!&#$TYO:]?7K0QA
M;G1W[(BYH3CK-QEJ3%T*HZ4P^O3R=/CO[#$K=^[3G.. O!+ZTF/6ZHL*1Q"!
MD=8K6X!*S%8A6 4,3N@P=T#(E= A!%5B&J,6&IPN1PO;HT^3@T92TBZE>V^9
MF*B8\ GXTK2^2C#X)8XR/!;KO2N'^D>'2[D;WG.GJ(4XTCEQ(2=:-.)2[6QI
MH4=LJ+-H8AKF[,QHY!3G!L&YX)T)'>>O7V0A[)+=4E0U>ILZ]A),B$NYF!8+
M:Y1R/*BXH!7S96,ITFZ/;$/9._%R#4YQU3PIM9PO:94NWQ1/X"KFA# H0BW]
MG3'1%[5R<_T4JPVQ!=NFILI$OF PBAZNM,LISH6$?,6/3OAQJ=</V!93Y/)*
M+02FUC!^ATY:U$^F2>=NKEPFUHA=*)+WR+LQCE13C#NTFJ+=FFJ*<C-8L/@;
M.%6-#EIPTU;CZY81PLA.?#%0H0F&=-;3Z"2^0 -G/H6@:ZY<>K=XKJ2])QY5
M[K0=B94_AK1#VY=37Z!%+B<OB2OC:_)I6\TM&2WIT0Z!G,:&P TY+OAHH>P1
M<RVFQA2>)&L&']U,&XXFU.1S8HT;#]5.\8AB0$/Z%*^WA<9^4:DG;)X&WS*\
MMIK.%N9?LVU'_ XI6]!\;;<<_B;86F([Y7 CJ\0TFD8]-KOR^F[S,+%!_*O8
M.+?C'4&'54J3F*]-<5\V.-VJ.3$I7%1&;XEP5W[:*_6VL2@@_A@J=DQ[5.!0
MLW?,='Q=CW-RW>W43GGSL!,3>8^[6AC@Y(C;4Q-EB&RY2N@B"T=M9AM2.(J4
M'B1>^=N5MN?;%3<'<VF3I\ZBDP,KXX6 QR_@Q;X6GR=T4J5')UWQ^-,T.FF#
MTN,A >:)Y2=%%@VQ+-UBT7A)X:(M%LZ+'Y6B2.^WB]3(1:9[ DI"&I/"&7VE
MS41I_^$KS9<0I!2GZ=E%&(X6ASK(#%],#[737A:7^]H$NBK1NGDR$8)*ETQ&
MG%Q>S#J"5?OK*7FUXA-^6!SM($\T1W?66AW/R%E8;[:;ARKJ>+)CB".A1T'9
MFV!;4KPDHGC!\.*,$0W)HZS8ZT0B6XG,AE;#49BC'V^.GFB5MU]Y*H,3$VDC
MGC*4@N32UZRDVDI\\T0>1ICA;,(9@;<B;83 S')?%T_%M%1[O7XKLCDY]+O$
M$P>U1&P//KMQ<-?9KC-%9PE6(8LP^"8^YC*T_E=7)_ZLM9.MW\2;&&NM>I%^
MZS"Q)?B4^6+,"9?L@J'S8@8^JL4(:OR?:&87SIXKS,?E&&$.-HY6=[S5I<T;
MVWGX*W/<XI/G3[:F&N7_,BL8UXKP4ROD!751*[8K+>*9X'9A4'#G1G57.SQI
M)X;K&RC7OURP^(ULZT8F7'#S/INF8*O[/JN+RSN*FS^I9(.F#STGS)U:U^P+
M)P.,?.TZE$HBU=5QF %.7C$XNSMVN?J^%NIS>+WD^QQA2?CY(*9_!W[52["\
MZG/\#U!+ 0(4 !0 ( ,":E!N?% TWG , .4& + $ (
M !.15=(04-++D1/0U!+ 0(4 !0 ( (J:E!O+ 1T3*!< & N +
M ( ,4# !.15=(04-++D5815!+!08 @ " '( 6
M&P
M
-
end
Sneakers.Zip
------------
by Signal
Description:
Simple Text Encryption based on key-shifting (NOT at all as
effective as PGP)
begin 400 sneakers.zip
M4$L#!!0 ( "FG/!P VVHXF18 * H , 4TY%04M%4E,N15A%W9H+
M6%-7ML?7.2<Y"0$BBJ76!\01TU;44J*H$"D^0&M]I% %WT6DZ%2Q#2<PSHR0
M#E-K<L"YG?DZ;?G:CDB_?KW*=&)+.U$[&@@*0JF*O:/%::]%:P\3IV.E U8A
MN?^3!$7%>=S'W/O=X"_GG+W77GOM=?9C[1T7K=A%]]!D9C'I%?HWU[&42O1(
M.-%H(@H!0\'WP 3P$$@$:: (/ _LX%7P 8ACB*: =/ 8,(%U(!]L B6@#.P
M[X /01-H!6V@!RA9U FBP"@P"4P%:6 5R >;P+/@QZ <O A^"=X #O ^. #J
MP2?@4_ YZ 3? (8CXD$HB )Z$ ?BP70P'RP"&6 %V 2>!46@!-C J^ -4 W>
M 8? OX%SX$OP1_ ="%$0W0>BP3BP"*P&ZT ^$,!/@0WL!-7@/> $OP-?@1[0
M"Q@ED19$@W'@ 3 3+ (9( NL!P+8"DK .I[H:? \>!F\!JI #3@,&L Q\"GH
M!%\#M8IH)(@!L> A, ND@\? ,O DV S,H!R\"%X#5> MX )MX#3X _@*7 )*
M-9$&# $3@ $D@U20!C) %E@'\H$9%(.?@!? S\'+P '>!P? Q^ 4. .^!'\$
M?P'7@ _<AXX<!^+!5) *TL#]&J2!!6 5R %/@6?!3X$-[ 1O@'? >Z 5_#NX
M #K!MX /15\"$6 4& \2P#3P.%@&<L!3X&GP/'@9O :J0 W8!YK!<? )^#.X
M"B@,/@,:<"\8#>X'$\$T8 3SP$*0!58!"_@A* 6_ *^ U\$>\!MP !P&#>!S
M<!G\!5R3Z\+8UX#98!YX'"P'.6 3V Y> :^#W>#7X#!H ,? QZ =? .^ U[
M:^6YY N*!=- ,O,%GN<P%O J>!OL!PW@%/@6*)DYS+/@)? F>!^XP'%P&3"4
MRXQB<ID(+I=IU.0R'> JN#<T%[/(S<]2VY=.EBI;V5RF[!);.9+[@G:D^ZPE
MOE&6T0Z5J3*7_8(<9*K<AFOE1S#L85=E%/3:+JUVRV45G+_L<Y<4W-'M7B_9
MTQ4[MO=Y'4P2OHO3H,O#>=-]%8=Z>Z.R*@YYO5%9E3]2YS)(Z(O*LJ?SILJ7
M0W*9RFO^-#G;Z4-U+^'1GNZ3E5A<@?2&$C5_,Q/UURLH)K,@+^?I/'.A+JT@
MU[SU&6'CE@+=)-WLK;K,C?D%.9M"XA^>G#!]\@R#[EZ3.:^P4#>K8.MC>5MU
M61OR"G09>3GKM[*Z3.W&S<]LRM-EYN6:\W*WZH84% IF2ZZPQ:PSF;=L>4IN
M)3'!5N)&&Y;+'/X^$YUU^!!ILQYVF2H9%1KPF1)?+[+]>9__E3QIT#RIT'N4
MSR3&H_#B<I3/"-QFT*X,,NW*1+MC\ [\&IR?X6DKWJ1R+)ED33_BH<3;K\F:
M@A*6!FM*)HVPO'N;)L=]_YBB)98CCN^9'.I *<>00)?PEW8<NU&FXA#YHK(<
MK29'A$FZV-??.L?!0;3*ZD(&&.$X,)C0\ $5'29F@,=NRB@&RG"#RQAN5':K
M[8-6"LLT?].RR(%J'AU,@AMHU[#![0H:(]OWMZN$7:$#A9H&=_SFWAN._W 0
M-?UC]N9XMZ=K3/9T]4#5QP8IB&$:?V$^QC+DXR^D)J7[BM?NSJ";G>HV':V#
MZ B(*?X.,:BWO"7/#+=I':PO06._9>H;EF528 S)K;MUX SJ7;FJOT,,(D'+
M-+<WI.DN6F\3N\L[J5=3FNZVCVE37DYA'F8U(<^L>V)#GBY]XZ:\Q3F;\R;J
M-A;D;K*LWUB0KWLF1]@P42=LZ9_\PF9EQ\Z(C9TS=W)L=NP#=U$VJV#@7(G)
M<(;N44&WV5(HZ-;EZ7(*H%_(RX=@@67S.ES6Y0G%>9@MXY&W7I<P\>$ITR9.
MF6Z8:)@R?:CNAJJ"_,F3)^MTFD"%<[<4Y,D=[0E%<-K$C;QV.!B3(\SD,)G0
M^R6AS\&:'.$#''1XNW+0H0(Q;;\816=5E#BP2BS&"SLJN_+U?KF*0PXL$_[<
MRHN!9RPQAS^"4O]SP 2-/-X<Z7X3ONG%L+IE9!W^=' 30F7#!XBQ_*!BXVZU
MM'(2LFW;:_ILOWRG[Z:A(E)$I%2GD"TJE0)V5Z[G;K8#=E=N['\.V!WM=UV"
M7($TH]<1<YOKC(,:%%3]D2KXK'99LH)N.E33&UQK[_!BGS_[>K^0[X.:/O\B
M\7!;AJF2$'S<N7AY7@I:?6A *[R#/&^\K96WMWJ@J8_<L.6NIMYHR2 F_7H0
M$VXQ\4['GKMVAV,7W\VQLBJ5>L#4^E\<Q'/S_J%!'!3_[QC$_:K^$X/X-]_=
M,8@?"_D?&,0OAMQU$$_\[HY!_,;@)MP^B!L'%_LG#6+AZAU]C='\DP9Q[__G
M03RJYP['1M[-L7<,XONRME@VK=<MWV+1+=SX=-Z U76X3H<M07"LZ')T3V$P
M/X+I$(7#L6G#4,'62!XIMV^;I ^[I)>O!.R\3^ZICFE^.PN['2-OZY$1X8/V
MR-&W-6?"H&+^S=ON)VC7$ZC8BUV*,<VBE(JN>C@IL5>ZY\J@V[G5P?W<P/V@
MC_Q)_F!1>B P"K22C@L,!_EE^\W02N&<_\;?'U:WU Z1/E$:58+&R!7Q3HZD
MI23]BFK5"3[I0Z6](;9T]U.T>Q497+NS:'<^[=Y J;N7T4Y^+AW>1'K[&'W2
M&.$ZKLX+OE<E(]MSHJ=M_S3J^:9Z'45K8PY,9YRCQK>.C7'+)?16_0OD166\
M46%F$7#7DI2ES-9<$"8YAPU]CZ0%2F?\T-_2NR2E*JW7)EBB]%;M"\1@)[>?
M>&FBLG;8>SIIO-(-HV.4IG[9X<KL?:1ILZC?'6'DBME]C/V*_1-O<RU9O2.*
MV%JF>@4&^WK:H5V.#5HV,097]1JD/$EN4[0SD=UYQIJR3#Y?.LIO("8F^[@U
M90..&QBW_$RU3&N4P-=2:Y3G6\<::0SGF".-X"0MUVGSBG](%.<II'$^:;-O
ME]]-S2PAT9ZE2;07JQ/M2_A$^Q9%TLGB^Y/^4CS.V_R#&._'/QCE/9:D74_%
MD=[6I,EY5!QJBX(YVB=)FL4UJ\E)O#UE%8G:-23"1BE1(2)?&L^U2".Y_LQF
MNYPU2M'B9%0>SLGP)JF/S9:S["AG_UHNF?2UA4UP2=U<B]\DF%*L\#:S4&:^
M-PGYQ4.]'[.):\D<DI280\6<5,\V*TAZG[773^#7D-?5(OTK:S\Z@5\KW\LZ
MYBG>OBPH8H>$6:WZ5?2,FK_1X'F*6-4^1=LY.?UGP73YOJ?%JEU%ZI: =V0E
MXA+%^4BY,QA\Z#55Z\C0)BFIHQL%)C%4UDYFI=RENMRR[%J%\[,I!X91\JG"
MD3U=XID+.6]S%G48=S''\<'%.7;WQ=GVQHNS4?1"3FSOQ9P6:TH^WIQ:?F<.
M$E@'T[(K'^\<B1J795C"A=8H7#4[]/FDN6!!!Y0BO; I.O%(J:(QC76<;DQ3
M6*GB>2O9TL+*5VL;TR+RN?)%PXZFQ5,,?!,4=?Z*.[A-(;8\MXW==UK0H.2[
MIYT+%>(96]KP\D51MM4CRA>-M"T:7;XHVN"2RRT5+S64\'IQJ6+! KUH4>L;
MMH49SOKMTDJK?/L9,JJ%*<9((=ZH$.8^:APEW&]DA'%&7IAF'"FD&\.%)4:=
M^7ARN]"BW\',D5ZAY,^+7&*7Y\/0LX+3H99>((=.^@F.#Z5M]%C''SUO)G\N
M[-+;&91Z5?H^S>GXL^=%:TH6.KE=5N#12#@9;V3"-7/FP#"#2V]+4^MMJS6K
M_8U,;"A5Z,5%:OV#B]3G[Y.-M:9DPZ^A>KM2&DWS.GHP.;U&TN][#2X4\'\Y
MPB46*WSFXQGHBF;*QB"?@$9-@NT&HT:86AMBCUY%"7);,Z1<9H6W7NZ"13H[
MNJ/GWEJMM(3Q1";A00CW-GM"_,F<I"9I$JE6+%_I]AZ5.VG1"._'CV>@N]\R
M0H8S*Y:[:[D$7Z>&J65QX9CHG=%SD6FB&+%=[('=L&<L[)DHVP*;9LP+&F"4
M"DBJ\OGKFRBM(VA7::5Z6K'<,UK"WE&V*!(6#9'22=KJ\ZBD%)*%YXD]8GO'
M6U(\^:NRH2K[T6[] DKHYNK%)C$JEQS:KSUD/S(;WPL<0^3[NME?Q[B3>X3<
MQS.RHGGQ>-S'_L+V1G]!'^<^>4Z\*A<MJ^>M*8^2*J9J 5FXJOEDCUY.<IOY
MF)VN7LU9(:K&?N;2VXSE^C5\"]=%]][K'9<\O/VKFKT=O:J8M7#(LJRE?&N$
M:O7:-6[_^J#ICP@UBO)3.]WE9WOE4X@C19J:/2_&_ZGKS9UGQ71>7*8.AD;V
M[>2+OV#;?M5[=/O5/A)Q8]O>W>MD*!F7$JZSG&S;>[T>A0_?XJ%>K[TL4.":
MUYD0/)]*?;@-KF@7D?8J5Q=YRH:SQHI#W0AO[+@+G"%6'+K:.^#X,)"-Q+X;
M1XYR?O"D44Z](2JB8MD6@>O\H2^0UU"BO?6T$?/I_X&VQ]6-^M]I>__G %:Y
M]G)^.AG^)''ATBX2&Y21M$]Q2BIOX^JK-50=1AROH&HM58^@ZM%4'8LE?CKI
MJUBJUE$C/X%^3^7:B8@JV$,SV/V1]"^]DVMJI[:.M8TI3V/+&A4=?Y97^S L
MU5CM#T0RSG'R]2PY8^6K@G$^(D<!3L0BIFB3,Y?5FK328E8K-;%.!",WTY*0
MMI]M,;A>6VG]:DCFZZ\MMWYYV=IW6="F6H]?#CX+3.KNA>3&Q,/2];(&/KOL
MJYCG&G])UMX9A=QAGR^K]HG6L>(EZ^(H)GOE\A5KUJZ.41UWGB"(8K%LHN4K
M/2IXRG#,<-;OF>O5"236A;J%F541%.H2'MKIT@?N1L6YB^_M.3.3(@HC#D10
M3P=79U;IDWDUF7E]U7#RG!2;RMUQT=.IS!-ATTXA6W0B-41/IG(7U$4BTIA,
MU?%4;21G :,U\9DM?A=HI0F!=FNEL>RM/AT??>0>>$IVZ>6J*13*)Y+PX,&%
MK#2!JA)(2J"#*UDIFJH2$2.1(PGA&J2DJ73P2592R2*U"UO'3K:K-"Z!EZ;3
M'$^7>]]ZY.S38(+V*!(N='^CB#=!0[:]P6VR-T@,99NP=$L21]FQ0Q3QQB0S
MJU#93]3RK6/=Q(X:.RYVRM3$:=-G)"4;9Z8\8LFP% @;-^?I\LQF1-:DRQ%T
M-#E<0Z8M9GE?6ZB;L^69K>:-^1L$W0.Y#^H>GH$=ZXP$W>PMYDW8QAI<+_!&
M:BE+,<HA5DN5D3J?\8K?)NZ<R^J3E[*EJA\/UR<KS4/PP/]870I?IRF*F1;G
M,>J<[W6>IL[97B6QYO"XAL*0GC/)?!*9D=M,G1.\!PQM\@+=4*I./%*LP-JT
MU^DXO==II;VXW;NW(DW86XZTGVOV.G,9I.W74M?>_4LHM,T24I/45*2P-YU7
MU\!OW)Z.JPFN/3$80/[%4"-'>5@B%;CRN(;ABN4R3=N_<*9IFC5T8-]IC_K
MNZ<]W('W3O>O^&GL3(0(PV:^>UH(G^DX+40THO5/D2<V@T<D/IY6R"J6LOUJ
M#D:0M) $7N^/1N35V$$>A#%!=8& 8X1\A4*UK"N?/"-,!X>3= ]EP_2P@Z-)
MTM#-\GP6GZ7WW8>NS*$3KE6Y RY2Z(\L#<,:CW5^3.TCK6/-$7+U,*91_KE2
MCEEPAQ\!/5\/D#<<T[^ J E4E%"%5<G<,Z\&X'1H$)L( #JCRG&E%U7%/&U
M*8$<9 3ZP53]<Z5HF66R7BQ6ZY.+-4)<-)^9H3^2!1O7:E1<.W>EUW<B[DIY
M_4I5C-Y6K YU6=1NN?T;$,1C->4S)0.S4H5U+[M?A^5#=T![JJS]W=.6&7K$
MGGJQ5!UW/.YDH8)K-K3Q^H;B,,[KT/5V[8GSJO2V4A0M55A",J"P@U:J5J!S
M-/DKVDA!=?.#ZF8-4%<'=4T&%XS>V:YO6!O&7>_M>C/NNM_8H,IP4\8R**V
MTC4KLF&_JU^M_'+7\,Z#2D3"7WLM&GU9Z4@2..D9DE]@#:*5,$2!0Y.[+%T0
M<B=W"2$U"&.8Q0:7VWE"V5^>I4,F*F^7LGTW54SRJP@(!-(T@49PTC!_%I^I
M]ZT='NP=;O_3B/XG% L(3Y=+!][0_7*#T1Z-)4*J]\GIP6<A4N_#H$#;$7:N
M;@F\&L=(S[?^RC7B,GY!"2=M]@8T/ACTX7A_(5F%F*60"^,' ?V.6;[D:Q8>
MI:2U/MG(@)^"JL*<G;RXF!=+U.(RS3SI=WUB(WYCC&N<OV=U,^_WUA!X*W1/
M<M>Y*^>5$';+?O(75>OMJH0+4 %KXDZ4*$W29WUX$X)&+)*5I4MCO+(.N=V7
M=+)+UZOVZZBBY%QYF[2T3SR.N[CCPI HE:14FMGS&MFN[R/\%4^(7ZYNJ3'J
MBH>BZA'^%[5>Y49"D=^.;MAA4?7; =UBNEQ?10E!58DB:-#)$M7C6=)C?6N7
MBW5B#ZK\61_4PI[]#.<)W\^P'O5^AO%PB*"#;_R\"CWFPUY[7:"?C!1&=1]A
M! 5<,*S["(M>HRM6PY@O(>A^5*[=OW_)4I35Q]?.PAI3*+]F%,7$Z;?+%'VD
MB)</\52]?V5:/+), P40JUTFZU!"AV=X=$61(RJFH413UAC?6[,'NZQK,;+U
M:NH5_U#>WC\IU^RQ-R7(\58[J@WD'"G6()>7]X4U275%K+WNIHSF1NDPR*GM
M6+T@QX<>*Y6]P'T35V>.3)5+AA[;QAJ.)=<5\6*=!S/+'K')K^"VZO7V\(0_
MU>A)6:C6'U7Z['7=)[COYMF;@@;!"?" IE=N[$3[B81N><Z5B\0UFT?/FE=S
MY1W+/6*C^*G8_&C76X(6H7J+6*1)]UPTN#R*^7'I?,S-!L-<><JKT=O'HX*D
MC]"PCS3'!!XM>\O")C7T&R>WW<'LD7?0>Q#-])NK@0)>7G;Z6^+OEO@EFRTK
MX9EMRL9TGJ' KXAP.N(^ADP(8><CH&CQ^B-!K<0A,"1O4,"'PQW$AEJIQJN5
M.KW!-+56^H%7?D]A ]13R:JR$C65+'NN1.VCTB7/E? ^_*\;5.F[LTJU7&6V
M=T!-2./P*UJ@MA34]J- ;8&$$&^@6P2WTH9CMG GS0PL;.$.UJ?$[7NG!;;6
M:-T63T)(Q=)X+!8K;$IGJ.) +B.'; 'AA\0Q3IK;.K:[WNI\4LZ2HVW+<']Q
M3&]QY$SN+^#?H&-O;EL:95LTPK9Z9&/::"LV_-'(]B]/AC;#,:AC9[>.G625
MSR *%087HHEFC&S4@N2*EZRTWTJ!Q;(0/<QP-OF,H+,B;:3 S?%<$4_%G=CO
M\P6UR.KD]<\MK4!+Q>;$GGP%1K7_RM65M9%8CY<MS:1?(#S!'--]U&K1G#Q_
MLLW;U-&5X+)>+&V1=-1J_!7_26CK-#X%MZ_P)T);I_:USOBT=68+0OHEYWQ5
M*21&IY+8-+E''Q9V\@OYC^WD3G*GH.H\=XKMVJ<\=9[M4N)<I8V">QNW\J>U
M$Q&W:P./+>+Q0QH2VT//;AW:<[;G3-E90K"X!,-CTBRWH>T7/=WX9ZV/MUY+
M,G/6>M42_8Y[Q!.AIRSGXXZ[92<9NL^OUEMGQ@DJ?$^R*!?/>U18B-M883[.
M=ZR>)*M;4SB^^^AE2V+FR7,G<8XM?\NLY-PK(T^ME/>],&]>QPGQ3&B[,"2T
M>ZNJIQV6M)/AR@\8]W=N:+PFZ[J> Q,\NH!.<ZC5<Z_5S1<>P\-O%;)"\R?>
MXY9NC7M>Q\D!2JZZ P=4QAPS;_QA,3M1!]<?SJ!HU?X/V+CC)SL-KMZNO6[Z
M6Q^?C_Z13T0JT2Z$;TXBEA >W_+Y#U!+ P04 " ".J#P<5U"(P[X #I
M !@ %)%041-10O)5P@M3E4(J2Q(50C.2TW,3BTJ5LC,4W#Q#^;E*D[-
M24TN47#-2RZJ+"C1=TD%T[Q<KGDEJ44*)1FI"B6I%25IF3E 1KY"*E19"JJR
M1(7LU$H=!0V7_#SU$H6T_*+TU!*0\O*BS))4L"% >864_/(\35ZN@*+4XF(%
MFU203CM>+EZND(S,8H6 HOSTHL1<!2 S,R4U$62(0G%J<FD1Q &Z8!= K<_,
MS^/ETO#++U$(< ]0",G(+TW/ !HL!0!02P$"% 4 " IISP< -MJ.)D6
M "@* # " 4TY%04M%4E,N15A%4$L! A0 %
M @ CJ@\'%=0B,.^ Z0 8 0 @ PQ8 %)%041-15!+
4!08 @ " &X "E%P
end
Coming Attractions
------------------
Credit Card Fraud - The ways, and hows
Boxes, Boxes, Boxes - Why 'hold buttons' are not coloured boxes
A Dying Breed - Hackers & Phreakers
+------------------------+
|Till Next Time.. |
| |
| Fight The Power |
| --sPHeAr |
+------------------------+
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
TouchStar Services
par MasterTronics
Note
~~~~
Voici les services des diffrentes compagnies tlphoniques
locales (BOCs)
travers les Etats-Unis ainsi qu'
travers les
provinces du Canada. Ces services ne sont pas valides dans toutes
les rgions.
-------------------------------------------------------------------
Touches Service Description
Spcifications
-------------------------------------------------------------------
*57 Retraceur d'Appel Permet de retracer
automatiquement le dernier appel
reu. Votre compagnie de
tlphone gre probablement un
'Annoyance Call Center' qui peut
recevoir automatiquement un
message contenant le numro de
tlphone de l'appel abusif reu
ainsi que l'heure et la date de
l'appel en question. Ce numro
sera probablement surveill.
Utiliser : *57
*60 Blocage d'Appel Prvient la dernire personne
qui vous a appell de vous
rappeller
partir du mme
numro tlphonique. Aussi,
rejette les numros que vous
avez placs sur votre liste de
bloquage d'appel.
Utiliser : *60
Canceller: *80, Prestige: *50
*61 Slecteur d'Appel Permet de crer une liste de
numros vous permettant d'tre
prvenu par une sonnerie
spciale lorsque l'appel en
question est reu.
Utiliser : *61
Canceller: *81
-Note-
Si vous avez le service Mise
en Attente, vous entendrez une
tonalit spciale lorsque
l'appel en question sera reu.
*63 Transfer d'Appel Permet de choisir un autre
numro de tlphone o l'appel
doit tre transfr.
Utiliser : *63, #, numro, #
-Note-
Si vous tranfrez vos appels
des numros longue distance,
vous serez charg pour chaqu'un
de ces appels.
*66 Rappel automatique Rappelle automatiquement le
dernier numro appell.
Utiliser : *66
Canceller: *86, Prestige: *56
*67 Bloquage d'Appel A chaque appel effectu, votre
numro de tlphone n'est pas
affich sur le 'Caller ID' de la
personne que vous appellez.
Utiliser : *67
-Note-
Fonctionne uniquement avec les
CIDs et non les CLIDs et ANIs.
*69 Retour d'Appel Retour d'appel au dernier
numro, que vous ayez dcroch
ou non le tlphone.
Utiliser : *69
Canceller: *89, Prestige: *59
*70 Dsactiver Mise Si vous avez le service Mise en
en Attente Attente, permet aux personnes
qui vont vous appeller de leur
mettre un signal engag.
Utiliser : *70
*71 Confrence
trois Permet de joindre une autre
personne
votre conversation.
Utiliser : *71
*77 Rejet d'Appel Permet de rejeter les appels
Anonyme ayant un service anonyme (comme
*60). Lorsque vous activez ce
service, vous ne saurez par
contre pas
quel moment un
appel a t rejet.
Utiliser : *77
Canceller: *87
-Note-
Un message vocal peut-tre lu
l'appelleur lorsque son appel
a t rejet.
-Note, Tranfert d'Appel [*63]-
Lorsqu'un appel est transfr (forwarded)
un autre numro,
l'afficheur affichera le numro de l'appel transfr et non le
numro de l'endroit o a t transfr l'appel.
Exemple:
Faux: [ # Appelleur ] o----------> [ CID ] o--------> [ CID ]
Vrai: [ # Appelleur ] o---------. [ CID ] .-------> [ CID ]
`-----------'
ANI Automatic Number Identification
CID Caller ID
CLID Calling Line Identification
Remerciement: Mechanix
-Note, Retour d'Appel et Rappel Automatique [*66, *69]-
Si la ligne est occupe, le Retour d'Appel ainsi que le Rappel
Automatique vont automatiquement tenter d'appeler le numro dsir
toutes les minutes durant une demi-heure. Lorsque la ligne
deviendra disponible, vous allez entendre une sonnerie spciale. Si
vous ne rpondez pas, la sonnerie spciale va recommencer
sonner
toutes les cinq minutes durant la prochaine demi-heure.
Si vous avez besoin plus de renseignements, vous pouvez toujours me
contacter
: mastertronics@uworld.mtlnet.org
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
FICTION ET COMPAGNIE
Intro par Blitz
Aujourd'hui, nous vous prsentons LE texte qui a secou
alt.2600 ce mois-ci. TOUS les lecteurs de ce post se sont rouls
par terre. Et pour cause! Mais, dites-moi, est-ce VRAIMENT de la
fiction? Read on, friends...
------------
Imminent drowning of the net in sticky brown liquid
par Anon
Contents:
=========
1. Preamble
2. The Future History of PepNet
1. Preamble
===========
Fuck:
- EFF
- ClariNet
- Netcom
- the cypherpunk/objectivism/"free-speech" complex
- all other net.rapers and drones of the corporate greed fungus
who refuse to recognize the real threats to freedom of expression
on the Internet
2. The Future History of PepNet
===============================
1994
====
- July 1994:
Pepsico Inc., makers of Pepsi-Cola, announces the creation of
PepNet. PepNet will be a public-access network of BBSes, with nodes
in most major cities, providing low-cost access to images, sounds,
and text files. The press release states that Pepsico will purchase
files on a lump-sum basis for public domain distribution, and that
Pepsico believes the cost to it of the network will be offset by
the positive publicity generated.
- December 1994:
PepNet is up and running, with approximately 500 subscribers North
America-wide. The most popular download items are R-rated images
purchased from Playboy, images and sounds from popular Paramount TV
shows and movies, and the library of public-domain classics
schnorred from world.std.com. The fact that all of these are
available freely elsewhere does not seem to faze the PepNet people.
Pepsico announces the expansion of PepNet services to include
Internet services, in particular the Usenet newsgroups, on some
sites.
1995
====
- March 1995:
PepNet is a standing joke on the Internet/Usenet, but its success
proves that it will at least not be an embarrassment to Pepsico.
Pepsico starts heavily promoting PepNet in computer circles.
Pepsi releases a general-broadcast TV ad which features two
1/2-second shots of young people laughing while looking at a
computer screen and drinking Pepsi.
- August 1995:
In a major joint press release, Pepsico, Microsoft, and Apple
announce the CyberSurfBoard, a low-cost computer specialized for
connecting to nets such as PepNet. Along with the low price for
hardware and software, users get 1 month of free access and 1 hour
of free download time on PepNet.
- December 1995:
CyberSurfBoard sales are brisk. There are now approximately 20,000
subscribers to PepNet, and nodes in every major city. Magazines
such as Time, Newsweek, Sports Illustrated, and Wired, and the four
major US TV networks, have now jumped on the bandwagon and are
releasing images and sounds. Various copycat services are starting
up or in development by Philip Morris, GE, and Mitsubishi.
The success of PepNet baffles longtime Internet users, since all
the services it provides are provided better elsewhere. This point
of view does not get much coverage in the established media.
PepNet begins providing very low-cost Usenet feeds to other sites.
1996
====
- March 1996:
Coke releases an ad featuring young people talking and laughing
while looking at a computer screen and drinking Coke.
- June 1996:
Pepsico and an unnamed Chicago BBS operator reach a quiet
out-of-court settlement. The sysop was sued for allegedly harboring
and encouraging people who took images from PepNet and distributed
them free on the Internet. The sysop agrees to pay Pepsico $350,000
and to desist from operating a BBS for five years.
- September 1996:
PepNet subscribers are in the high hundreds of thousands. 20% of
all Usenet articles now flow through the sites uh-huh.pepnet.com
and/or new-gen.pepnet.com (which are really virtual sites made up
of dozens of machines each). 3% of all non-technical articles on
Usenet come from PepNet sites.
A flame war breaks out on several technical and non-technical
newsgroups about whether the presence of things like
"uh-huh.pepnet" and the line "Organization: PepNet (The Net for a
New Generation)" in the headers of Usenet messages constitutes
advertising, and if so whether it subverts NSF Internet use policy.
- October 1996:
Pepsico announces "The PepNet Eloquence Awards". The 10 people who
write the most eloquent Usenet articles of the year (in PepNet's
opinion) will receive 1 year of free access and unlimited download
time on PepNet.
Time-Warner and Pepsico announce a long-term cooperative agreement
on provision of images and services. _Time_ gives exclusive rights
to its electronic version to PepNet. Paramount bites its lip but
continues to provide images to PepNet, since it's the biggest thing
going.
1997
====
- January 1997:
The "advertising" flame war is being won by Pepsi. Many university
administrators, alerted that PepNet offers outrageously cheap
Usenet feeds, have switched to PepNet feeds. Now about 35% of
Usenet articles flow through PepNet sites.
- April 1997:
The PepNet Eloquence Awards are announced. Five US college
students, including two who argued vociferously in support of
PepNet, are among the winners.
JetStream (Philip Morris's copycat network) and Spectrum
(Mitsubishi's copycat network) now route about 8% of Usenet
articles.
1998
====
- January 1998:
The number of articles per day on Usenet is now about 30 times what
it was five years ago.
PepNet, JetStream, and Spectrum now route 80% of Usenet articles.
15% of articles on technical newsgroups are posted from sites on
these three nets. This is attributed to companies and universities
cutting back on direct Usenet feeds because of good group PepNet
rates.
Pepsico announces a modest downturn in profits. PepNet modestly
increases its user fees.
- April 1998:
_Time_ runs an article on how the three major Usenet providers are
losing money on their networks.
Pepsico makes its full financial report for the fiscal year. It
seems that its profits have dipped more sharply than it had
previously announced.
Pepsico floats a modest proposal on the net. Either:
(a) It can increase its user fees by 50% in order to save PepNet,
or
(b) It can drastically reduce the Usenet feeds it provides, or
(c) It can add the header
Sponsored-by: Pepsico, makers of Pepsi-Cola
to all articles it routes, and the header
X-Advertising: You got the right one, baby!
on all non-technical articles it routes, and cut its
advertising division instead.
- May 1998:
PepNet proponents have the edge in the resultant massive flame war.
Several people claim that the addition of advertising to Usenet was
Pepsi's intention from the start. They are labelled paranoids, and
their credit records are somehow revealed via an anonymous server
in Venezuela.
- August 1998:
Brad Templeton, the Undersecretary of Science and Information
Technology in President Quayle's administration, announces a major
shift in NSF policy. Advertising on NSF sites, "within acceptable
limits", is explicitly allowed. Cuts to financial support for
university computer networks are made.
1999
====
- March 1999:
Pepsico announces an upturn in profits. Joel Furr, the head of
PepNet since its inception, is credited with the success.
2000
====
- January 2000:
PepNet has 10 million subscribers worldwide.
95% of Usenet articles have at least 3 lines of "sponsorship" or
advertising messages.
50% of Usenet articles have at least 8 lines of advertising.
10% of the total messages on Usenet, in every newsgroup, are ads
for non-computer-related products and services.
The ailing Coca-Cola Company is taken over by Philip Morris Inc.
2020
====
Furr retires from Pepsico at age 45, with a generous pension, after
numerous accolades on his brilliance. An unauthorized biography of
him, written by Moon Unit Zappa, is released.
If the AFU ages project is right, Joel Furr will be older than 45
in 2020.
The biography gets great attention on the Internet... which is now
generally known as PepNet...
-------------------------------------------------------------------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
-------------------------------------------------------------------
READ THE NEWS, DON'T BELIEVE THE HYPE
par -=ThE PoSSe=-
The Internet Index
[format stolen from "Harper's Index"]
Compiled by Win Treese (treese@crl.dec.com), 7/8/93
Revised: 12/16/93
Annual rate of growth for Gopher traffic: 997%
Annual rate of growth for World-Wide Web traffic: 341,634%
Average time between new networks connecting to the Internet: 10
minutes
Number of newspaper and magazine articles about the Internet during
the first nine months of 1993: over 2300
Number of on-line coffeehouses in San Francisco: 18
Cost for four minutes of Internet time at those coffeehouses: $0.25
Date of first known Internet mail message sent by a head of state:
19 August 1991 by Boris Yeltsin, President Russian Soviet Republic
Date on which first Stephen King short story published via the
Internet before print publication: 19 Sept 1993
Number of mail messages carried by IBM's Internet gateways in
January, 1993: about 340,000
Number of mail messages carried by Digital's Internet gateways in
June, 1993: over 700,000
Advertised network numbers in July, 1993: 13,293
Advertised network numbers in July, 1992: 5,739
Date after which more than half the registered networks were
commercial: August, 1991
Number of Internet hosts in Norway, per 1000 population: 5
Number of Internet hosts in United States, per 1000 population: 4
Number of Internet hosts in July, 1993: 1,776,000
Round-trip time from Digital CRL to mcmvax.mcmurdo.gov in McMurdo,
Antartica: 640 milliseconds, Number of hops: 18
Number of USENET articles posted on a typical day in February,
1993: 35,000
Number of megabytes posted: 44
Number of users posting: 80,000
Number of sites represented: 25,000
Number of Silicon Valley real estate agencies advertising with
Internet mail addresses: 1
Terabytes carried by the NSFnet backbone in February, 1993: 5
Number of countries reachable by electronic mail: 137 (approx.)
Number of countries not reachable by electronic mail: 99 (approx.)
Number of countries on the Internet: 60
Amount of time it takes for Supreme Court decisions to become
available on the Internet: less than one day.
Date of first National Public Radio program broadcast
simultaneously on the Internet: 21 May 1993
Percent of Boardwatch Top 100 BBS systems with Internet
Connectivity: 21
Number of people on the Internet who know you're a dog: 0
- 30 -
Tir de Mondo 2000 - Article par Paco Xander Nathen
Force Sensing Resistors
-----------------------
Hold on to your Ohm meters - Interlink has a wonderful new
tech available for DIY cybernauts... Force Sensing Resistors: "a
polymer thick film device which exhibits a decrease in resistance
with an increase in force applied." Translated, you push on a piece
of hard plastic and it changes electrically. News gets better...
FSR "is optimized for use in human touch control of electronic
devices." Use this to mutate your desktop, your VCR, your
microwave, etc., by replacing tricky switches with plastics you can
punch.
The company has been around since about '86, when a
musician/composer/inventor wanted to build a custom instrument for
his daughter. Acoustic expression was the goal. Maybe, like me, you
watched Mick Fleetwood perform in the late 80's with a full-body
data suit for mobile electronic percussion... That was early FSR
tech. Afterwards, Interlink began to see other apps for FSR tech
and now design-ins are really taking off: aftertouch MIDI keyboards
and drum pads, mouse-on-keyboard (Everex, Zeos, et.al.), ruggedized
industrial gear, controllers for interactive CD, 2way cable TV,
ISDN videotext, etc. Marketing director Rich Siegel sez "all these
areas are driving the need for cursor devices... both integrated
and remote."
You can use FSR circs to make a rugged keyboard that
withstands hammer attacks. Or how about bodyware sensors that
interface with your PC? Build your own data gloves... Hey, what
kind-o bodyware you gonna build!? VR generally hits visual and
audio tracks, maybe some gestures, but tactile senses get left
behind. Sure, memory metals (like TiNi) and acceleration chairs
(like Disney's "Star Tours") can give tactile sensations, but where
does the garage VR hack go to find tactile input?? FSR. Oh yes,
another early FSR application was in male "potency sensors" - 2 in
thin strip with end sensors to record how the "general salutes" ...
Gee, where could that fit into VR tech?
Tech Specs: FSR lands somewhere between a force transducer and a
pressure switch - plastic, flexible, durable, VARIABLE and CHEAP -
starting around $3 per standard part. You squeeze them for
inversely proportional resistence (see graph)***. Note the
remarkably WIDE dynamic range, ergo easy/flexible interfacing. Key
phrases here are "contact-less switching" and "variable sensitivity
switching"... Imagine a large steel-plated switch (like on Coke
machines) that people bang in a cafeteria line to dispense, say,
smart drinks. Imagine somebody really low on the teleological scale
banging said switch with a hammer, in a desparate attempt. Imagine
a large dent in the metal plated switch. Now, with conventional
contact/digital tech that switch would be deceased, BUT with a
"contact-less, variable" FSR underneath instead, a smart circ just
reads the average output, then adjusts a ref voltage. Translation:
smart wares that can survive even the best B&D party. Oh yeh, a
position sensing version, FPSR, can be used for XYZ pads. Tech
notes detail 22 circs/how-to's for common FSR/FPSR design-ins,
including an HC05 microcontroller design for the software junkies.
Rich
Siegel is quick to point out that custom FSR parts can be made
for high volume designs. "I'd like to link up with someone who's
gonna be the future VR potentate." Hint, hint.
Call up Interlink, they'll send you a packet with a sample FSR on
their biz card.
Interlink Electronics 1110 Mark Ave Carpinteria, CA 93013 805 684
2100 - 805 684 8282 fax
- 30 -
TECHNOLOGY: FIRST NATION IN CYBERSPACE
Twenty million strong and adding a million new users
a month, the Internet is suddenly the place to be
Article tir de TIME Magazine (6 dcembre)
Back in the mid-1960s, at the height of the cold war, the
Department of Defense faced a tough question: How could orders be
issued to the armed forces if the U.S. were ravaged by a nuclear
assault? The communication hubs in place at the time --the
telephone switching offices and the radio and TV broadcast stations
-- were not only vulnerable to attack, they would also probably be
the first to go. The Pentagon needed a military command-and-control
system that would continue to operate even if most of the phone
lines were in tatters and the switches had melted down.
In 1964 a researcher at the Rand Corp. named Paul Baran came
up with a bizarre solution to this Strangelovian puzzle. He
designed a computer-communications network that had no hub, no
central switching station, no governing authority, and that assumed
that the links connecting any city to any other were totally
unreliable. Baran's system was the antithesis of the orderly,
efficient phone network; it was more like an electronic post office
designed by a madman. In Baran's scheme, each message was cut into
tiny strips and stuffed into electronic envelopes, called packets,
each marked with the address of the sender and the intended
receiver. The packets were then released like so much confetti into
the web of interconnected computers, where they were tossed back
and forth over high-speed wires in the general direction of their
destination and reassembled when they finally got there. If any
packets were missing or mangled (and it was assumed that some would
be), it was no big deal; they were simply re-sent.
Baran's packet-switching network, as it came to be called,
might have been a minor footnote in cold war history were it not
for one contingency: it took root in the computers that began
showing up in universities and government research laboratories in
the late 1960s and early 1970s and became, by a path as circuitous
as one taken by those wayward packets, the technological
underpinning of the Internet.
The Internet, for those who haven't been hanging out in
cyberspace, reading the business pages or following Doonesbury, is
the mother of all computer networks -- an anarchistic electronic
freeway that has spread uncontrollably and now circles the globe.
It is at once the shining archetype and the nightmare vision of the
information highway that the Clinton Administration has been
touting and that the telephone and cable-TV companies are racing to
build. Much of what Bell Atlantic and Time Warner are planning to
sell -- interactivity, two-way communications, multimedia info on
demand -- the Internet already provides for free. And because of
its cold war roots, the Internet has one quality that makes it a
formidable competitor: you couldn't destroy it if you tried.
Nobody owns the Internet, and no single organization controls
its use. In the mid-1980s the National Science Foundation built the
high-speed, long-distance data lines that form Internet's U.S.
backbone. But the major costs of running the network are shared in
a cooperative arrangement by its primary users: universities,
national labs, high-tech corporations and foreign governments. Two
years ago, the NSF lifted restrictions against commercial use of
the Internet, and in September the White House announced a plan to
make it the starting point for an even grander concept called the
National Information Infrastructure.
Suddenly the Internet is the place to be. College students are
queuing up outside computing centers to get online. Executives are
ordering new business cards that show off their Internet addresses.
Millions of people around the world are logging on to tap into
libraries, call up satellite weather photos, download free computer
programs and participate in discussion groups with everyone from
lawyers to physicists to sadomasochists. Even the President and
Vice President have their own Internet accounts (although they
aren't very good at answering their mail). ``It's the Internet
boom,'' says network activist Mitch Kapor, who thinks the true sign
that popular interest has reached critical mass came this summer
when the New Yorker printed a cartoon showing two computer-savvy
canines with the caption, ``On the Internet, nobody knows you're a
dog.''
But the Internet is not ready for prime time. There are no TV
Guides to sort through the 5,000 discussion groups or the 2,500
electronic newsletters or the tens of thousands of computers with
files to share. Instead of feeling surrounded by information,
first-timers (``newbies'' in the jargon of the Net) are likely to
find themselves adrift in a borderless sea.
Old-timers say the first wave of dizziness doesn't last long.
``It's like driving a car with a clutch,'' says Thomas Lunzer, a
network designer at SRI International, a California consulting
firm. ``Once you figure it out, you can drive all over the place.''
But you must learn new languages (like UNIX), new forms of
address (like president@whitehouse.gov) and new ways of expressing
feeling (like those ubiquitous sideways smiley faces), and you must
master a whole set of rules for how to behave, called netiquette.
Rule No. 1: Don't ask dumb questions. In fact, don't ask any
questions at all before you've read the FAQ (frequently asked
questions) files. Otherwise you risk annoying a few hundred
thousand people who may either yell at you (IN ALL CAPS!) or, worse
still, ignore you.
All that is starting to change, however, as successive waves
of netters demand, and eventually get, more user-friendly tools for
navigating the Internet. In fact, anyone with a desktop computer
and a modem connecting it to a phone line can now find ways into
and around the network. ``The Internet isn't just computer
scientists talking to one another anymore,'' says Glee Willis, the
engineering librarian at the University of Nevada at Reno and one
of nearly 20,000 (mostly female) academic librarians who have
joined the Internet in the past five years. ``It's a family place.
It's a place for perverts. It's everything rolled into one.''
As traffic swells, the Internet is beginning to suffer the
problems of any heavily traveled highway, including vandalism,
break-ins and traffic jams. ``It's like an amusement park that's so
successful that there are long waits for the most popular rides,''
says David Farber, a professor of information science at the
University of Pennsylvania and one of the network's original
architects. And while most users wait patiently for the access and
information they need, rogue hackers use stolen passwords to roam
the network, exploring forbidden computers and reading other
people's mail.
How big is the Internet? Part of its mystique is that nobody
knows for sure. The only fact that can be measured precisely is the
number of computers directly connected to it by high-speed links --
a figure that is updated periodically by sending a computer program
crawling around like a Roto-Rooter, tallying the number of
connections (last count: roughly 2 million). But that figure does
not include military computers that for security reasons are
invisible to other users, or the hundreds of people who may share
a single Internet host. Nor does it include millions more who dial
into the Internet through the growing number of commercial
gateways, such as Panix and Netcom, which offer indirect telephone
access for $10 to $20 a month. When all these users are taken into
account, the total number of people around the world who can get
into the Internet one way or another may be 20 million. ``It's a
large country,'' says Farber of the Internet population. ``We ought
to apply to the U.N. as the first nation in cyberspace.''
That nation is about to get even bigger as the major
commercial computer networks -- Prodigy, CompuServe, America
Online, GEnie and Delphi Internet Service -- begin to dismantle the
walls that have separated their private operations from the public
Internet. The success of the Internet is a matter of frustration to
the owners of the commercial networks, who have tried all sorts of
marketing tricks and still count fewer than 5 million subscribers
among them. Most commercial networks now allow electronic mail to
pass between their services and the Internet. Delphi, which was
purchased by Rupert Murdoch's News Corp. in September, began
providing its customers full Internet access last summer. America
Online (which publishes an electronic version of Time) is scheduled
to begin offering limited Internet services later this month.
People who use these new entry points into the Net may be in
for a shock. Unlike the family-oriented commercial services, which
censor messages they find offensive, the Internet imposes no
restrictions. Anybody can start a discussion on any topic and say
anything. There have been sporadic attempts by local network
managers to crack down on the raunchier discussion groups, but as
Internet pioneer John Gilmore puts it, ``The Net interprets
censorship as damage and routes around it.''
The casual visitor to the newsgroups on the Usenet (a
bulletin-board system that began as a competitor to the Internet
but has been largely subsumed by it) will discover discussion
groups labeled, according to the Net's idiosyncratic cataloging
system, alt.sex.masturbation, alt.sex.bondage and
alt.sex.fetish.feet.
On Internet Relay Chat, a global 24-hour-a-day message board,
one can stumble upon imaginary orgies played out with one-line
typed commands (``Now I'm taking off your shirt . . .''). In
alt.binaries.pictures.erotica, a user can peek at snapshots that
would make a sailor blush.
But those who focus on the Internet's sexual content risk
missing the point. For every sexually oriented discussion group
there are hundreds on tamer and often more substantial topics
ranging from bungee jumping to particle physics. Last week Virginia
college student Chris Glover responded to a distressed message from
a suicidal undergraduate in Denver. After two hours of messages
back and forth, Glover was able to pinpoint the woman's location
and call for help.
With all this variety, Internet users are unimpressed by
television's promise of a 500-channel future. The Internet already
delivers 10,000 channels, and the only obstacle that prevents it
from carrying live TV pictures is the bandwidth (or carrying
capacity) of the data lines. Some video clips -- and at least one
full-length video movie -- are already available on the network.
And last spring, writer Carl Malamud began using the Internet to
distribute a weekly ``radio'' interview show called Geek of the
Week. Malamud is undeterred by the fact that it takes a computer
about an hour over a high-speed modem to capture the 30 minutes of
sound that a $10 radio can pick up instantly for free. But
bandwidth capacity has nowhere to go but up, says Malamud, and its
cost will only go down.
The Internet, however, will have to go through some radical
changes before it can join the world of commerce. Subsidized for so
long by the Federal Government, its culture is not geared to normal
business activities. It does not take kindly to unsolicited
advertisements; use electronic mail to promote your product and you
are likely to be inundated with hate mail directed not only at you
personally but also at your supervisor, your suppliers and your
customers as well. ``It's a perfect Marxist state, where almost
nobody does any business,'' says Farber. ``But at some point that
will have to change.''
The change has already begun. NSF's contribution now
represents about 10% of the total cost of the network, and the
agency is scheduled to start phasing out its support next April,
removing at the same time what few restrictions still remain
against commercial activity. According to Tim O'Reilly, president
of O'Reilly & Associates, a publisher experimenting with
advertiser-supported Internet magazines, the system could evolve in
one of two ways: either entrepreneurs will manage to set up shop on
a free-market version of the Internet, or some consortium will take
the whole thing over and turn it into a giant CompuServe. ``That's
an outcome,'' O'Reilly says, ``that would effectively destroy the
Internet as we know it.''
As the traffic builds and the billboards go up, some Internet
veterans are mourning the old electronic freeway. ``I feel kind of
sad about it,'' says Denise Caruso, editorial director of Friday
Holdings, a publisher specializing in new media. ``It was such a
dynamic, pulsing thing. I wonder whether we shouldn't have left it
alone.'' Others see the period of uncertainty ahead as a rare
opportunity for citizens to shape their own technological destiny.
``We need . . . a firm idea of the kind of media environment we
would like to see in the future,'' warns Howard Rheingold in his
new book, The Virtual Community. While it may be difficult for
communities as diverse as those on the Internet to set their own
agenda, it seems increasingly likely that if they don't, someone
else will do it for them.
COLLEGE STUDENT'S INTERNET TALK SAVES SUICIDAL WOMAN'S LIFE
(Nov. 27) Authorities are saying a Fredericksburg, Va.,
college student saved the life of a suicidal woman in Denver who
was begging for help in a message on the Internet computer network.
When Chris Glover logged into Internet on Thanksgiving eve, he
found a message that read: "Please anybody, talk to me. I went to
the top of the fire escape. ... I wanted to jump. Please talk to
me, I'm not playing."
Glover, a Mary Washington College senior, replied, "This is
Chris. I'm here."
The Associated Press reports that for the next two hours
Glover and the 18-year-old University of Denver student sent
messages. The woman, a diabetic, said she was taking a new medicine
and thought something might be wrong with it.
"I just kept talking to her," said Glover, adding that when
eventually the woman told him she was in the computer lab in the
engineering building on the Denver campus, he called from his
Fredericksburg apartment to alert campus security there. He called
back several times to find out what had happened and finally was
told the student had been found.
Campus security Officer Mickey Harris yesterday told AP the
woman had been hospitalized and was getting counseling.
When Glover returned to his computer yesterday, a message from
Bob Stocker, director of academic computing at the University of
Denver, told him, "I thought you'd like to know your call may have
prevented a catastrophe.... I'm sure you've made someone else's
Thanksgiving a lot happier than it might have been."
- 30 -
Leeched from BYTE - novembre 1993
DIGITAL SIGNATURES
Cryptographic algorithms can create nonforgeable signatures for
electronic documents, making them valid legal instruments
par Bruce Schneier
For ages, special seals or handwritten signatures on documents
have served as proof of authorship of, or agreement with, the
contents of a document. Several attributes make the use of
handwritten signatures compelling. These include the following:
ù A signature is not forgeable and serves as proof that the
signer deliberately signed the document.
ù A signature is authentic and convinces the recipient that the
signer deliberately signed the document.
ù A signature is not reusable. It's part of the document, and an
unscrupulous person cannot transfer it to a different document.
ù Once signed, a document is unalterable.
ù A signature cannot be repudiated. Since the signature and the
document are physical objects, the signer cannot later claim
that he or she didn't sign it.
These attributes would all hold true in an ideal world; in
reality, however, none of them is completely true. Signatures canbe
forged, or they can be lifted off one piece of paper and moved to
another. Documents can be altered after they are signed. But for
simplicity's sake, I'll assume that the signatures discussed in
this article exist in an ideal world.
It would be nice to have nonforgeable signatures on computer
documents, but there are problems with this concept. First, bit
streams are easy to copy; the mere presence of such a signature
means nothing. Even if a person's signature was made difficult to
forge - if it was accompanied by a graphical image of a
fingerprint, for example -, with today's cut-and-paste software
it's all too easy to move a valid signature from one document to
another. Second, documents are easy to modify after they are
signed, without leaving any evidence of modification.
So, when you receive a piece of e-mail containing critical
information, how do you know who it is from? Can you be sure that
the "from" line isn't forged? Are you certain that someone hasn't
tampered with the document's contents during transit? If necessary,
could you prove any of this in court?
Digital signatures are an attempt to create documents that can
be mathematically and legally traced to their authors. A 'digital
signature' is a string of bits attached to an electronic document,
which could be a word processing file or an e-mail message. This
bit string is generated by the signer, and it's based on both the
document's data and the person's secret password. Someone who
receives the document can prove - both to himself or herself and to
a court - that the signer actually signed the document. If the
document is altered, the signer can also prove - to himself and to
a court - that he did not sign the altered document.
Digital Signatures Defined
Public-key cryptography can be used for digital signatures.
Public-key cryptography uses special encryption algorithms with two
different keys: a public key that everyone knows, and a private key
that only one person knows. The term 'key', as it's used here,
describes a unique bit pattern. Public-key algorithms encrypt the
contents of an electronic document using both keys. The resulting
file is an amalgam of both the public key and private keys and the
original document's contents.
This technique accomplishes several things. First, the file's
data is secure because of the private key. Because the file's data
also relies on the public key, anyone owning the public key can
verify the file's authenticity. Since this file is also a function
of the original document's contents, any alteration to the
encrypted file causes the verification to fail. Finally, it is
computationally infeasible (on the order of thousands of years) to
calculate the private key from the public key.
For example, suppose Alice signs a document for Bob using her
private key. Ignoring the mathematics for a moment, the digital
signature works like this: Alice (the signer) generates a
mathematical function of her private key and the document. This is
the signature. Bob (the verifier) then generates a mathematical
function of Alice's public key and her signature. If this function
matches the document, the signature is valid. If it does not, the
signature is not valid. The point here is that the security of the
digital signature algorithm prevents someone from pretending to be
Alice and forging her signature.
This arrangement satisfies the signature characteristics we're
looking for:
ù The document's signature is not forgeable, since only Alice
knows her private key.
ù The signature is authentic. When Bob verifies the message with
Alice's public key, he knows that she signed it.
ù The signature is not reusable; the signature is a function of
the document and cannot be transferred to any other document.
ù The signed document is unalterable; any alteration makes the
document unverifiable with Alice's public key.
ù The signature cannot be repudiated. Bob doesn't need Alice's
help to verify her signature.
Notice that these features nicely match the list of attributes
discussed earlier with regard to handwritten signatures. Best of
all, Alice and Bob don't have to meet face-to-face or exchange any
physical piece of paper. With possession of Alice's public key, Bob
can be certain that the purchase order for 10,000 widgets that he
receives from her through an e-mail service is valid.
The Digital Signature Standard
In 1991, NIST, the National Institute of Standards and
Technology, proposed the DSA (Digital Signature Algorithm) for the
then-new DSS (Digital Signature Standard). The mathematical
algorithm was developed at NSA, the National Security Agency, and
is related to other digital signature algorithms in the academic
literature (see the bibliography).
The DSA uses the following parameters:
ù 'p', which equals a prime number 2**L bits long, where 'L'
ranges from 512 to 1024 and is a multiple of 64. (In the
original standard, the size of 'p' was fixed at 512 bits. This
was changed after much criticism.)
ù 'q', which equals a 160-bit prime factor of [p-1].
ù 'g', which equals [h(p-1)/q], where 'h' is any number less
than [p-1] such that [h(p-1)/q mod p] is greater than 1.
ù 'x', which is a number less than 'q'.
ù 'y', which equals [gx mod p].
Additionally, the algorithm makes use of a one-way hash
function: the SHA (Secure High Algorithm). Details will come later;
for now, it's just H(x).
The first three parameters, 'p', 'q', and 'g', are public and
can be common across a network of users. The individual private key
is 'x'; the individual public key is 'y'.
Now back to the example. Alice wants to sign a message, 'm'.
First she generates a random number 'k' that is less than 'q'. Then
she generates 'r'=[(g**k mod p) mod q], and 's'=[(k-1 (H(m) + xr))
mod q]. The parameters 'r' and 's' are her signature. They can be
sent with her message or stored separately.
[Paranoid- Si jamais il y en a qui comprennent encore, il est
noter que "**" signifie "
la puissance", ex: b**2 = bý. Plus loin,
{} signifie un indice, comme "2" dans CO2.]
Bob wants to verify a signature, 'r' and 's', of message 'm'.
He knows 'p', 'q', and 'g', plus Alice's individual public key,
'y'. Bob computes the following:
w = s**(-1) mod q
u1 = (H(m) * w) mod q
u2 = (r * w) mod q
v = ((g**u1 * y**u2) mod p) mod q
If 'v' = 'r', then the signature is verified as Alice's.
[...]
Public and Private Keys
Certain values of 'p' and 'q' are much easier to crack than
others. If somone used one of these "cooked" moduli (i.e., values),
then his or her signature would be easy to forge. This isn't a
problem, for two reasons: The moduli for which this property holds
true are easy to detect, and these moduli are so rare that the
chances of using one when choosing a modulus randomly are
negligibly small - smaller, in fact, than the chances of
accidentally generating a composite number using a probabilistic
prime-generation routine.
[...]
The Secure Hash Algorithm
In practical implementtations, the DSA is too inefficient to
sign long documents directly. In the standard, the DSA is
implemented with the SHA. Therefore, in my example, instead of
signing a document, Alice signs the hash of the document (i.e., a
value that is generated by a hash algorithm operating on the
document's data).
The NIST and NSA disgned the SHA for use with the DSA. The
standard itself is called the SHS (Secure Hash Standard); SHA is
the algorithm used in the standard.
The SHA sppeds encryption times drastically, and since the
chances of two different documents' having the same 160-bit hash
are only one in 2**160 [1/(1.46 * 10**48)], anyone can safely trust
a signature of the hash to represent a signature of the document.
If a two-way hash function were used, it would be a trivial
matter to create multiple documents that hashed to the same value,
so anyone who signed a particular document could, in a sense, be
duped into signing a multitude of documents. Therefore, this
protocol cannot work without one-way hash functions.
The SHA accepts an arbitrary-length message input and produces
a 160-bit message-digest output. The algorithm is complicated, but
it's straightforward. First, the message is padded so that it is a
multiple of 512 bits long. Next, the algorithms appends a 1, and
then as many zeros as necessary to make the message 64 bits short
of a multiple of 512. Finally, a 64-bit value that represents the
message's length before padding is tacked onto the message.
Five 32-bit variables, as defined by the SHS, are initialized
with the following hexadecimal values:
AA = 67 45 23 00
BB = EF CD AB 89
CC = 98 BA DC FE
DD = 10 32 54 76
EE = C3 D2 E1 F0
The main loop of the algorithm then begins. It processes the
message 512 bits at a time and continues for as many 512-bit blocks
as are in the message.
First the five variables are copied into different variables:
AA into A, BB into B, CC into C, DD into D, and EE into E. The main
loop has four rounds of 20 operations each. Each operation performs
some nonlinear operation on A, B, C, and D and then does shifting
and adding.
The SHA's set of nonlinear functions are as follows:
f{t}(X,Y,Z) = XY or (not X) Z, for the first 20 operations.
f{t}(X,Y,Z) = X xor Y xor Z, for the second 20 operations.
f{t}(X,Y,Z) = XY or XZ or YZ, for the third 20 operations.
f{t}(X,Y,Z) = X xor Y xor Z, for the fourth 20 operations.
There are also four hexadecimal constants used in the
algorithm. They are as follows:
K{t} = 5A827999, for the first 20 operations.
K{t} = 6ED9EBA, for the second 20 operations.
K{t} = 8F1BBCDC, for the third 20 operations.
K{t} = CA62C1D1, for the fourth 20 operations.
The message block is transformed from 16 32-bit words (M{0} to
M{15}) to 80 32-bit words (W{0} to W{79}) by using the following
algorithm:
W{t} = M{t}, for t = 0 to 15
W{t} = W{t} -3 xor W{t} -8 xor W{t} -14 xor W{t} -16, for t = 16
to 79
If 't' is the operation number (from 1 to 80), and M{j}
represents the 'j'th sub-block of the message (from 0 to 15), and
<<<s represents a left shift of 's' bits, then the 80 operations
look like the following:
TEMP = (A <<<5) + f{t}(B,C,D) + E + W{t} + K{t}
E = D
D = C
C = (B <<<30)
B = A
A = TEMP
After all this, A, B, C, D, and E are added to AA, BB, CC, DD,
and EE, respectively, and the algorithm continues with the next
block of data. The final output is the concatenation of A, B, C, D,
and E.
Using the SHA has two other benefits besides reducing the
length of the message to be signed. The signature is kept separate
from the document, and the recipient's storage requirements for the
document and signature are much smaller.
An archival system can use this type of protocol to verify the
existence of documents without storing their contents. The contral
database could just store the hashes of files. It doesn't have to
see the files at all; users submit their hashes to the database,
and the database time-stamps the submissions and stores them. If
there is ever any disagreement as to who created a document and
when, the database could resolve it by finding the hash in its
files. This has vast implications concerning privacy: Alice could
copyright a document but still keep the document secret. Only if
she wished to prove her copyright would she have to make the
document public.
BLBLIOGRAPHY
El Gamal, T. "A Public Key Cryptosystem and a Signature Scheme
Based on Discreet Logarithms." IEEE 'Transactions on
Information Theory', July 1985.
Federal Information Processing Standards Publication. "Digital
Signature Standard." Draft, National Institute of Standards
and Technology, August 19, 1991.
Federal Information Processing Standards Publication. "Secure
Hash Standard." Draft, National Institute of Standards and
Technology, January 22, 1992.
Rivest, R.L., A. Shamir, and L. Adelman. "A Method for Obtaining
Digital Signatures and Public-Key Cryptosystems."
'Communications of the ACM', February 1978.
Schnorr, C.P. "Efficient Signature Generation for Smart Cards."
'Journal of Cryptology', vol. 4, no. 3, 1991, pp. 161-174.
- 30 -
___
-------
úAú úPúRúEúVúIúOúUúSúLúYú úUúNúKúNúOúWúNú úLúIúFúEúSúTúYúLúEú
UNKNOWN LIFESTYLE
LIFE!
