-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = - WELCOME TO THE SECOND ISSUE OF - = = - -=>PHANTASY<=- - = = - A MONTHLY PUBLICATIOM AND NEWSLETTER OF - = = - THE - = INTERNATIONAL = - INFORMATION - = RETREIVAL = - GUILD - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Volume Number One,Issue Number Two Dated 11/12/90 Table of Discontents: [1] The IIRG meets the FBI (Part 2) [2] Hacker Information and Where to obtain it [3] High-Explosives for Fun and Profit [4] The I.I.R.G. attends the 8th Annual Ct. CES Show [4] PHANTASY NEWS [5] Listing of PHANTASY Distribution Sites OFFICIAL DISLAIMER... All information in PHANTASY is from USER contributed material The Publishers and Editors of PHANTASY and THE IIRG disclaim any liability from any damages of any type that reader or user of information contained within this newsletter may encounter from the use of said information. PHANTASY is (C) 1990 by The IIRG IIRG and INTERNATIONAL INFORMATION RETREIVAL GUILD is (C) 1982 Editors Note- PHANTASY is a Free-world Publication Distribute Freely -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section One: The International Information Reteival Guild Meets the FBI (Part Two) To Clarify a few things,Let us just state we're reporting on how this informal gathering took place. We in NO-Way trusted this agent or took anything he said seriously. Several of us are former military service members and know the Governments Policy of DISINFORMATION. We're just reporting on what took place at this meeting and nothing more. We believe that this Agents comments should be taken for there entertainment value only and nothing more. Now on with Part II... FBI AGENT-I guess a senator Ribicoff back in 1979,he had the foresight to institute the proposed legislation in that area. It took them from 1979 to 1984 to finally get the bill passed,and out of our office there's only been two prosecutions since 1984. and you look at some of the reasons why and one of the biggest ones would be they don't want to report it. A bank doesn't want to report they have someone in there computer fooling around with all there accounts. They don't want to let people know that basically there money is unsafe and that at any moment there accounts can be all fouled up,Which usually there fouled up nine out of Ten times anyway. Anonymous-It takes a while for people to realize things are being manipulated, I'm a computer operator and if somebody was logging onto our system illegally it would be hard to find out until after a while. FBI AGENT-Thats why I alluded to the beginning,with a lot of cases it takes so long to figure out whats going on and then it takes even longer to identify the problem. I know in Federal Court its called the Counterfeit Access Device and Computer Fraud Act, thats based on illegal or unauthorized access to a computer that in itself is a crime because getting into one of the computers that has the protected items such as Natinal Defense,(anything along those lines) so the mere accessing of those is a Federal Crime. The other ones go beyond that, You have to obtain information and you have to make a fianancial gain. Then the penalties are accordingly, the one regarding the Defense Systems and things like that carries up to a Ten year imprisonment and up to a Fifty Thousand Dollar Fine. The ones where you make a fianancial gain, your penalty is as much up to twice the gain you made plus up to Twenty years in Jail. So everything depends on whats been obtained. The third aspect of the crime that I guess is a watered down version of what Senator Ribicoff had proposed has to do with getting in a computer and destroying or changing different files. That carries with it up to a Ten year imprisonment and up to twice as much as the damage you caused or fianancial gain as your fine. Then all three of those have the Conspiracy Statute thats attached to them where more than three people have to actually take part in the Conspiracy. That crime,I mean that Statute seems to be pretty significant. Like I said, Who do you have thats going to sit down all day and actually try to develop a case. Thats what you don't have in Law Enforcement right now, You don't have anyone that specifically looks for computer crimes, they have to be reported. Its not like the drug cases where you can walk right down the street and and find someone somewhere in the city of (DELETED) selling drugs. You can find that anywhere in any city. Its the same way as a Crime Patrol Police Officer can go around and find someone breaking into cars, nobody is going to be able to sit there and right now and justify there existence what would be computer crimes. What it takes I guess is one hand washing the other,the people whose computers are being accessed have got to want to come forward,and have to want to provide the help after they do. Now do I have any questions? Knighthack- What about prosecuting Computer Piracy Violations,have there been any. FBI AGENT- As towards illegaly copying software,No. They seem to be more concerned with theft of computer services. Now as far as the state level I know we've had none in our offices. Anonymous- What do you mean By theft of Computer Services? Mercenary- He means hacking into Compuserve or another pay for access service or using Government computers with a valid users Id and password. Old Timer-Like the young guy in California who was tying up the DOD's Sattelite system and bouncing his signal to Europe FBI AGENT-Well let me ask you.. How safe do you feel our computer systems are? Knighthack- If its got a modem attached to it and its online its unsafe. Mercenary- But of course, None of us here would do that now, Right Guys? Whole room- Laughter FBI AGENT-Tell me more about that California case, How did he get into the Department of Defense's System? Old Timer-Apparently he hacked into the system and was an experienced sattelite person and figured out how to get into there operating system, he's serving time now It wasn't too publicized. FBI AGENT- Well like I said we don't find out too much up here ourselves we have to watch CNN. At this Point the meeting broke into small individual talking groups and we departed before everyone else. We do have some documents that were distributed and will be presenting those later in Upcoming issues. This was a meeting of a local Users group in which we were invited to attend by there president and would thank him here. Any Anonymous comments were made by a Local User and we didn't catch his name. Section Two: Hacker Information and Where to Obtain It. One of the most frequently asked questions the IIRG receives from the multitude of new day Hackers and Phreaks is where do I obtain information on phreaking and hacking. Now I don't want to get into a psychological debate on what a new day hacker is,but lets for safetys sake say its a kid who just got a modem and happened to grab a copy of Phantasy off of a bulletin board or had obtained another hack/phreak electronic newsletter. Ok,they've taken that first plunge and its wetted there appetites for more information. Now they run down to there local pc-mart and look through its racks of books and magazines and the few articles they did manage to find portray a hacker as a budding Charlie Manson behind a keyboard. Well the IIRG has had enough of these portrayals by the media and we've decided to assign Section 2 of every upcoming Phantasy as a brief article on where to obtain information for novices or the curious. The very first step of a curious novice would be to obtain a private mail box,preferably NOT a Post Office Box. There are plenty of private mail services springing up and finding one close to your home should be no problem. These addresses are usually called Suites or just use a number. The price range on these boxes is usually 6 to 9 dollars a month and can be easily afforded even by a teenager. I said preferably NOT a post office box for two simple reasons, One,I distrust any government agency and find they cooperate very easily when they want to. And Two, if you do receive more "covert" mail its just a good idea not to be involed with any branch of the government. Ok,now that you've run out and gotten a mailbox you say "Well now what the Hell do I do with it?", Well thats a good question and an easily answered one,you fill it up son! Now the very first thing we suggest is laying aside some serious cash or hitting up the slush fund for your expenses. Because expenditures for hacking information aren't cheap and especially figuring this after what you've probably spent on your equipment. We're not saying that all these books or equipment are needed for your library,there just nice to have around. We advise sending for these Books: 1. Defending Secrets,Sharing Data: New locks and Keys for Electronic Information GPO Stock Number:052-003-01083-6 Last Known Price:$8.50 Available From: Superintendent of Documents Government Printing Office Washington,DC 20402-9325 2. Get the Privacy Catalog from Eden Press They've got too many titles to list, but some of the best we like are: Privacy:How to get it,How to Enjoy it. #400 $18.95 Are you now or have you ever been in the FBI Files? #403 $12.95 Electronic Record Systems and Individual Privacy #614 $14.95 Telephone Security #652 $9.95 Telephone Debugging #653 $15.95 A Study of Telephone Records #630 $19.95 Call 1-800-338-8484 for there catalog. 3. A liitle old, its from 1985 but still a nice book to read THE COMPUTER UNDERGROUND by M. Harry Order #L40036 Price-$14.95 This book is available from several sources and the order number given here is from ANVIL Publishing. There Catalog is HUGE!!,get a copy call 1-915-755-2665 4. CRB Research sells the Computer Underground as well as many other worthwhile titles,but definitly grab. The Hackers Handbook Cat# HACK $12.95 Order there catalog for $1.00 CRB Research Books P.O. Box 56 Commack,NY. 11725 Well That should cover the basics,like I said some of the catalogs you'll go crazy over,theres always something for everyone in them. But now onto more books and magazines, Go down to your local book store and look these titles up,or have them order them for you.. 1. Old but good reading- Out of the Inner Circle by Bill Landreth 1985 by Microsoft Press $9.95 2. Hackers by Steve Levy- A good guide for the Ethics of a hacker.. Dell Publishing Company 1984 $4.50 3. The Cuckoos Egg by Clifford Stoll Originally out in hardback at $19.95,but at the time of the editing of this article its now in the stores on paperback (Story of the Hannover Hacker and his ultimate downfall) 4. Definitly and an absolute must,Subscribe to: 2600:The Hackers Quarterly Call (516)-751-2600,or FAX line (516)-751-2608 There are many more worthwhile books and magazines that could be listed on and on, But we feel these selections will present to you a good broad range of topics and interests. Some other worthy footnotes would be to look up Consumertronics,they offer a large but expensive listing of hacker/phreaker related material,(ED NOTE-Call (505)-434-0234) and to find a bbs that has a large selection of Hacker Text files such as PHANTASY,PHRACK,CUD,ATI etc. The IIRG's BBS along with many others offer these files and finding them is no real difficulty. This should drain your checkbook effectively for a while,or at least till next months article on what is useful and noteworth on your newly obtained hacker library. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Section 3: High Explosives for Fun and Profit! By:(Name withheld by Request) EDITORS NOTE:The Procedures discussed in this article are extremely dangerous. Therefore,the Author and publisher (The IIRG) disclaim any liability from any damages or injuries of any type that the reader or user of information contained within this article may encounter from the use of said information. This article is intended for entertainment purposes only! Since Hacking is truly a state of mind and a Hacker can branch his talents into many fields,I present this article to you on the God given rights of this country and my constitutional right of Freedom of speech. Ever since a lazy summer day in the Maine backwoods,spent blowing off fireworks with my father and uncle,I've had a true love for explosives of almost any type. A six year stint in the Marines only further encouraged this love of noise. What I present here to you are some well known formulas with a sprinkle of my own modifications. This first formula will allow you to concoct roughly the equivalent of dynamite,not a military grade explosive but a great fishing bait! First obtain some Potassium Chlorate, a rather cheap and easy to acquire chemical usually obtainable at any chmeical distributor. If they ask you what you need it for,do what I do and claim your picking it up for your company and have no idea,the boss just sent you to get it. I have this routine down pat and even stick around with the owner of the warehouse and have coffee. If they really are curious claim its for Hydroponics experiments. Now take the KC1O3 (Potassium Chlorate) and grind it into a fine powder almost the rough equivalent of flour or talcum powder. This is a must! Carefully measure 5 level teaspoons of Vaseline and place in a plastic bowl with 5 level teaspoons of beeswax. Then pour 1/3 of a cup of white gas (Coleman liquid fuel) and dissolve the wax and vaseline mixture. Now take 90 premeasured level teaspoons of powdered KC1O3 and hand knead it into the bowl and form into blocks as the mixture hardens or place in cardboard rolls (towel or toilet paper) and seal with wax. Your explosive is now done but requires a blasting cap to set it off and since these are almost impossible to obtain legally,here a do it yourself cap. Get some .25 ID (inner diameter) aluminum tubing at the old hardware store get some hexamine tablets down at the old military surplus shop and grind into a fine powder like the above KC1O3 Take 2 1/2 tablespoons of crushed hexamine and mix with 4 1/2 tablespoons of Citric acid (available at most grocery stores) in a glass jar mix well with stirring rod and add 1 tablespoon of 20-30% peroxide and place jar in a cool spot for 12 hours Run mixture through a coffee filter,pour rubbing alcohol over mix in filter (four or five spoons worth),to clean mix. Let powder dry on towel and prepare tube, Crimp one end of tube ( 3 1/2 inces long total) fill tube with powder and place very thin wire into mix in tube or a model rocket igniter,seal with glue and allow to dry. Ok,take your homemade cap,place into your main charge and run about 50 feet of wire from fuse to a 12 volt battery When its all clear hook up your juice (Voltage) and kiss that charge goodbye. Some of my favorites are blasting for fish,make sure charge is totally watertight in this case or blasting out old stumps. JUST BE CAREFUL,The CAPS are EXTREMELY SHOCK SENSITIVE and are powerful enough to blow your hand off. Have Phun,and be careful. I had a blast for sure! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section 3: The I.I.R.G. Attends the 8th Annual Connecticut Computer and Electronics Show By:Mercenary On November 7th the I.I.R.G. Attended the 8th Ct. CES show, The show seemed to be smaller than last year but the IIRG picked through the venders booths with the zeal of drowning men looking for a life preserver. Vagabond spent a large portion of his time dealing with a SNET represenative discussing the workings of the CONN-NET system but was able to get some valuable information from some other venders as well which we'll present in this article. Knighthack seemed to have a good laugh when the Prodigy demonstraters couldn't seem to get on the system. (P.S.-He had to show em how) Myself,well I sat through the Intro to Lans Seminar and the Wiring your Network Seminar but couldn't take any more after that. Heres what we were able to dig up at the show though, 1. Intergrated Services Digital Network Applications in the Army Environment It seems that the U.S. army is trying to develop specific end user applications which solely depend upon the ISDN technologies of the Army. The ARMY has identitfied the ISDN as part of the communications archetectures of the future. Extensive field trials of ISDN have been conducted to demonstrate the potential benefits of such technology. But the limited number of user applications has prevented the full realization of such services. 2. It seems the NAVY is concentrating on Computer Security Problems in a BIG way. We saw 8 specific Computer Security projects laid out for developers. 2A-High Assurance Trusted Systems-Seems there investigating new approches for achieving high assurance for trusted systems that accomadate innovative designs. 2B-Characteristics of Processing Elements with Respect to Multilevel Security. 2C-Security Features for Work-Stations-seems they want better techniques. 2D-Technology to Establish and Support the Role of Man in Computer Security Systems. 2E-Expert System for Multilevel Security. 2F-The Inference Problem in Multilevel Secure database Management systems. 2G-Placement of Network Security Services for Secure Data Exchange 2H-Composibility Constraints Of Multilevel Secure Systems -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IIRG Disclaimer-All the above information was PUBLIC DOMAIN information placed in open View for the PUBLIC at the 8th Annual CES Show. and in no way compromises any agency or vendor as these are open contracts for proposed Equipment placed on the open FREE market for Bidding. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Section 4: Hacker News and Interesting Footnotes (More Info obtained at show) By:Vagabond MIT'S ATHENA TECHNOLOGY MAYNARD, Mass."Athena," the innovative computing environment developed at the Massachusetts Institute of Technology (MIT), will be up and running at two new campuses this winter. North Carolina State University (NCSU) and Iowa State University (ISU) signed contracts totaling $7 million with Digital Equipment Corporation to install the Athena systems software and link together hundreds of Digital workstations. On each campus, the result will be a large-scale, high- performance network designed to support students, faculty, and researchers using UNIX based systems. "Athena offers a new model for managing large numbers of workstations in a network," said Barry Braunstein, Digital manager of Research and Science/Engineering Solutions in the Education Market. "Computing resources are centrally managed and highly accessible to users completely location independent. Users can walk up to any workstation on the network and log on, and access the same files, software, and electronic mail." Athena software services developed at MIT are freely redistributable. Digital is offering support in planning, installation, and staff training to universities who want to adopt the system. At Iowa State, the Athena environment will include users from engineering, the sciences, and a variety of other disciplines. "The initial focus of the project is to stimulate high-quality research by putting powerful tools into the hands of our faculty and graduate students," said George Strawn, Director of Iowa State's Computation Center. Strawn said that researchers will benefit from speed and power of workstations, and from the 'visualization' of research data, which is made possible by computer graphics, things not previously available in their existing computing environment. The network will also make it easier to connect to off-campus resources such as the National Science Foundation's supercomputers. At North Carolina State University, the network's primary function is to support engineering education. "In the `real world,' computers are an integral part of engineering," said William Willis, Director of Engineering Computing Operations. "Yet there's no consistent exposure to computers in the undergraduate curriculum. Our goal is to ensure that a new generation of students is comfortable using these modern tools." This fall, only freshmen engineering students will use the Athena environment. Over time, all engineering students will use the workstations for design projects, simulation and modeling, sharing data, writing papers, and solving homework problems. Braunstein explained that Project Athena resolved many technical problems that had made it expensive and technically difficult to manage UNIX workstations in a network. Two key areas were system security and the cost of network management. "Athena's `Kerberos' network authentication system ensures a very high level of security," said Braunstein. "And the automated `Moira' Service Management System makes it possible to deploy a large number of workstations in a cost-effective way, using a client-server model, under central management. "Cost-conscious institutions can support a large-scale environment with a relatively small staff. For example, MIT runs an installation of 1,000-plus workstations with a staff of six people in hardware operations and systems administration" Both NCSU and ISU had similar reasons for choosing to work with Digital. Strawn explained, "Iowa State has a long relationship with Digital, dating back to the 1960s. For this project, Digital workstations offered excellent price/performance, and Digital's proposal was the most innovative in terms of the Athena software." Dr. Willis said, "In implementing the Athena technology, NCSU was really looking for a partner. We reviewed three excellent proposals. But Digital had much more experience with Athena and has much stronger educational programs." -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= DECstation is a trademark of Digital Equipment Corporation. UNIX is a registered trademark of American Telephone & Telegraph Co. Project Athena, Kerberos Authentication Service and Moira Service Management System are registered trademarks of Massachusetts Institute of Technology. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= A STEALTH MODEM No,we've not been staring at the CRT too long,it seems that the Air Force is trying to develop a Tactical Modem for Stealth Communications. The Trend towards intelligent jamming mandates demands that future tactical communications systems possess Electronic Counter-countermausures (ECCM) responsive formats. A modem processing modular architechture is needed that supports up to 50 MHz input sampling rate while providing the needed adaptive processing. It must be an adaptive modem that can receive signals corrupted by real world interference. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Section 5: Phantasy Distribution Sites Phantasy's Distributions Site's have changed,we apologize if you called a board and didn't find the Mag. But were organized a little better now and these will be the permanent sites as long as these systems are up and operating. 1. IIRG Headquarters- The Rune Stone BBS - 1200/2400 Baud 24 Hours Call for the Earliest possible releases of Phantasy and other IIRG files. Our system will be going private so call Now while you still can, at (203) 485-0088. 2. Lightning Systems- 24 hours - at (414) 363-4282 3. Sycamore Elite- 24 Hours - at (815) 895-5573 4. TAP BBS at (502) 499-8933 To get PHANTASY by mail on a 1.2 meg or 360K floppy mail the following to this address: Mail 12 Disks and $5.00 in stamps to The I.I.R.G. 862 Farmington Ave Suite-306 Bristol,Ct. 06010 Specify Format of Disk Please! We will include any of the IIRG's releases for that month on disk (Space Permitting) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- END THIS ISSUE OF PHANTASY =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- (C)IIRG 1990 May Odin Guide Yor Way!