Recently I was slandered by K2, who is a member of numerous underground
organizations including ADM and w00w00, and who is an employee of a large
international security company called CORE-ST (formerly known as CORE-SDI).
K2 claims that I'm a member of a group known as ~el8 which annually 
publishes an ezine that is centered around hacking.

Because I am op'd in #phrack on efnet, and many of the other people there
(myself included) find the ~el8 magazine to be a good source of entertainment
and information that can't be found anywhere else, he has decided that we are
all responsible for the magazine and that we are all involved in some degree
of illegal hacking.

While I cannot speak for others, I myself have no involvement in ~el8 other
than the fact that openly discuss the materials in a public forum, and 
ridicule those who have already exposed by the magazine.  I have no knowledge
of who is involved in this publication, nor do I care to know.

What is more interesting is K2's own involvement and support of illegal
hacking, and the fact that he openly sponsors disinformation campaigns 
revolving around themes of nondisclosure and causing mischief within the
infosec community.

The statements I make solely reflect my own interpretations of publically
available materials and I make no claim that said interpretations are any
representation of this person's true motivations.  As a tax-paying American
citizen, a registered voter, and civil right advocate, I have no fear of 
sharing my thoughts with the public, for this is one of the most beloved 
rights ensured to every American -- the right to free speech.

First, quoting from the following BUGTRAQ post from K2 (which can be found at
http://www.securityfocus.com/archive/1/137482):

        OK, hold on a second....  The following "snip snip" is a little long...
        and I have not verified it, (a guaranteed DoS though).
        talkd, A DEFAULT service.

Here he talks about a nonexploitable "dos" condition in a default inetd service
in OpenBSD.  Examination of the actual problem shows that it is not exploitable
(some claim it is, but no evidence has been made public to suppor that claim),
and how he figures it's a "dos" condition when it automatically respawns via
inetd defeats most logic.  

He asks that every bug be granted a security advisory, whether it is an actual
security problem or not.  To me, it sounds like this is when he began an ADM
supported disinformation / FUD (cDc anyone?) campaign, and encouraged that the
security mailing lists be flooded with useless information to prevent the 
discussion of more important issues.

Next, we take a look at one of K2's posts to the anti.security.is message board
,
which is historically archived on web.archive.org.  The following quote can be
read directly from:
http://web.archive.org/web/20010726185201/anti.security.is/chat/spjall_thradur.
php?id=60&bordid=1&efni=General+discussions&msgcnt=5

        What I don't understand sometimes is the way that for the most part... 
        the big reason to post info to an open forum is to "secure the internet
        through disclosure". Thereby, helping people... How nice... we can
        make a difference, we are actually... helping the world...
        YAAAAAAAAAAA&@*($&!*!

        heh  more likely not... What I see going on is mostly stories about kid
s
        who find themselves in a whole LOT OF TROUBLE!!!  Most kid out there ca
n
        not possibly grasp the consequences of his action, so why not the peopl
e
        with "blah blah years in the field...", take action instead?  maybe ful
l
        discuss is NOT what is needed.

        What carries a heavier toll?  kiddy damage vs. nondisclosure damage?

Wait, K2 is now supporting nondisclosure?  Is this the same person who earlier
was trying to get mailing lists flooded with useless bug information?  Further,
he makes a statement saying "most kid out there can not possibly grasp the 
consequences of his action", but what does he do later?  He sends out a 
slanderous email, with the personal contact information of a 16 year old boy,
stating that this individual is engaging in illegal activities which has 
resulted in a lot of grief to the individual.

Now, we'll look a little further into the same thread and we see K2 saying:

        1) all the bugs I posted were already patched.
        2) only made 1 LOCAL(not even root) exploit out of 3(locals).
        3) did not make possible 2 remotes!!!!

        I think that's responsible.  Don't you?

Oh, here he admits the "severity" of what he has recently disclosed, but sort
of sways away from discussing the talkd "hole".  I really can't fathom why he
manages to get all the high paying jobs that he has had recently (IBM, now
CORE-ST).  Examine his further posts to anti.security.is via the Internet 
Archive for a better look at the mind of this individual.

Now, if one is to believe all that they read in ~el8 (I suspect it is a mixture
of fact and fiction, but only those responsible for the magazine and those who
were "victims" can know definitively), it can be assumed that K2's own machines
were comprimised, and that effectively K2 was thoroughly humiliated.  His 
response to the matter appears to be "narcing" on the people who he suspects is
responsible.

ADM sponsored the antisecurity movement, and K2 is a member of ADM.  K2 prides
himself on being a blackhat (check google.com, I can't find the article to 
quote right now -- there is a news article somewhere discussing CanSecWest
speakers, where K2 identifies himself as being a blackhat), and yet when he is 
publically humiliated by other blackhats, he turns and tries to create legal
problems for those he believes to be responsible.  Further one can find other
members of ADM promoting the backdooring of software distributions as part of
their antisecurity campaign to increase a state of insecurity.  Please, take 
no pity upon him in any way.

As you can see in the mass mail he has sent out to many people, which can be
viewed at:
        http://www.eurocompton.net/~fuk/phrack/NARC.3.txt

K2 states, amongst other things:

        nwonknu
        ~nwonknu@dsl-65-187-119-141.telocity.com

        ...

        the ~el8 crew


        any questions?

        --
        K2

I connect directly to IRC networks from my home IP, rather than from a shell
or BNC of some sort, and make no secret about my identity.  I am not a criminal
,
and I have nothing to hide.  This does not imply that people who do use shells
and BNC's are criminals, and I think we should all respect one's right to 
privacy.  Unless K2 has some evidence that I am involved in this publication in
any way, or that I engage in any sort of criminal activity, I demand an 
immediate and public apology for his slanderous actions.  Further I reserve all
rights to pursue legal action against K2 for his slander, which I fully intend
on doing, and upon receipt of such apology I make no indication that I will 
forfiet any claim to legal action against him.

I wrote this document on July 15th, 2002, and I have every intention of calling
his employer (Ivan Arce) at COREST tomorrow to discuss the further ramification
s
of K2's slanderous statements against myself.

If you're a lawyer and are willing to help in this matter, please contact me.  
If you have any questions about who I am, or about what I have written, please
also contact me.  If you want to otherwise bother me about anything, I'm on 
efnet frequently.  You also may mail me at your leisure.

nwonknu@#phrack/efnet
nwonknu@hushmail.com



