Founded By: | _ _______ Guardian Of Time | __ N.I.A. _ ___ ___ Are you on any WAN? are Judge Dredd | ____ ___ ___ ___ ___ you on Bitnet, Internet ------------------+ _____ ___ ___ ___ ___ Compuserve, MCI Mail, Ø / ___ ___ ___ ___ ___________ Sprintmail, Applelink, +---------+ ___ ___ ___ ___ ___________ Easynet, MilNet, | 26OCT90 | ___ ______ ___ ___ ___ FidoNet, et al.? | File 60 | ___ _____ ___ ___ ___ If so please drop us a +---------+ ____ _ __ ___ line at ___ _ ___ elisem@nuchat.sccsi.com Other World BBS __ Text Only _ Network Information Access Ignorance, There's No Excuse. Network Thought Machine [2] Guardian Of Time And The Net NIA---NIA---NIA---NIA---NIA---NIA---NIA Early Apple Phreaking Days Those that don't know, I was busted, back in 1980, and I will explain in this file, what lead up to me being busted, what happened, how I got out of it. 1980, I got my first computer which was an Apple //e for a Xmas Present, and I immediately started out in the world of Apple Phreaking. Thanks to a friend of mine (The Mad Cracker (409) (BTW, How is Nuclear School? hehehe)), we began our trail, meeting up w/ a person by the name of Joe Nowak from Michigan. Joe was the person that taught both of us, who where just young pups at that time, what Phreaking was, gave us the rules to follow, how to phreak, how to hack, how to crack, everything. I created my first handle, which was The Rammaster, as you can tell, I quickly changed it to my present one. My friend, dreamt up the handle of The Mad Cracker (even though at the time, he NEVER cracked anything that later changed). We had our handles and we where ready for the Apple Pirate World. Apple Pirates at that time, where the cream of the crop w/ Jack The Ripper, Taran King running The Metal Shop AE, in Houston there was Wizzardry, Sub Station Charlie, and the infamous Mines Of Moria (w/ the Tele Trials!), and the 414 Group (busted for breaking into a Hospital Computer and altering vital records), Phrack was just a dream to be made, and the ever so popular Apple Cat Modems and running 10 megs with Ascii Express Professional. Just for a side note, those of you who don't know what AE (Ascii Express) was, it made all of us IBM people look bad for having Ratio's, for AE was LEECH and LEECH it was, you would dial into an AE line, get the prompt, and then you would have the capability (if your access was allowed), to d/l everything in whatever disk drives or harddrives where set up. Meaning you could call and d/l all of the latest game and never worry about Ratio's for the ratio was set up something like 1 u/l for every 1000 d/ls or mostly they never had any ratio's on there at all. As the year progressed, many AE lines became part of BBS's (GBBS) as a door, and only the "Elite" or "Pirate Access" users would have access to it. By 1982 most of the AE lines had gone away and left where phrases like "running AE off of my 2 double sided double density 5 1/4 inch disk drives". Those people where generally considered lame. Comparison would be like calling up an Em/2 board running off of an IBM w/ 2 3 1/2 inch drives and having PART of the latest game in the Xfer Section. Those days people had massive parties, brought their Apples over and just did MASSIVE coppying, for their copy protection was crude, and well with Locksmith 5.0 you could crack just about everything under the sun. Pirating was in, and phreaking was in, for there was not even a thought of ESS, or of Operation Sundevil. Black Boxing was just being figured out, by the telco company, and they figured out a way of "listening" for the device, but hey, w/ our trusty Apple Cat modems we just didn't send a pure 2600 htz tone and that solved that problem, but then the Telco company got wise to that. Well as years progressed, the phone company started getting their act together there was rumors flying in and out of every major BBS that people where starting to be arrested. The term 'BUSTED' came into play, which meant, being caught by either the Feds, or by the Telco Company, while you where phreaking off of their system. Also ESS was just starting to be testing in rural areas... Soon BBS's started to go "private", the term "elite" no longer meant someone w/ a special talent, or an infamous computer handle (Count Zero, Jack The Ripper), the term started to apply to BBS's. The BBS initself, became "elite". About the same time this was happening, BBS INFOFORMS came up, testing ones ability. The idea at the time was to get onto said Elite BBS, you just passed a simple test. Fill out this Questionaire and if you answered the questions accurately then there was a chance you could get onto this Elite BBS. Problem w/ that was shortly aftwards, Acronym Lists started floating around. Funny how someone w/ absolutely no knowledge on a given subject, could pass the toughest questionaire w/out blinking an eye. How To Phreak files started to pop up everywhere, people where pumping out text files left and right. Many people tested these files out w/out every thinking of what they where doing, and again many people where caught by the phone co, for being stupid. As 1988 passed, the "Old Group" as most of us are now called, have either pulled out or went into hiding. Many of the later 80's people are still around, probably laughing at this file now (hehehehe, I am), and well it is a shame, but what have we to look for? Todays phreakers/hackers are uneducated people. I don't mean to sound like I know what I'm doing b/c I don't either. I pulled out in 1983 and haven't phreaked since. But as I scan BBS hacking/phreak bases I see the exact same thing that was started back in 1983. The home computer was priced just right, so just about every middle class person could afford one. People went out bought one, bought a modem, and just started away at BBSing coming across those dreaded Bad BBS's or those "Underground BBS's". People don't read the old text files anymore, there where many ground rules laid down by many text file magazines (Phrack, Lod, etc) you did a certain thing and not this, and the reason why you don't do it THIS way is b/c you will get busted, yet people don't read the warning label that says danger anymore why? I was busted, as I mentioned earlier, but what happened? Nothing special, I got this registered letter in the mail, which contained about 5 pages worth of BBS numbers, I checked against my own records (I kept detailed records of what code what service, what time and what BBS I called), narrowed down a 10,000.00$ bill down to around 2500$. I don't remember the exact figures but it was around those mentioned. If I refused to pay the bill, I would then appear in Galveston County's local District Court. I mailed in a letter stating that I had made only certain calls, attatched a sheet that contained all my codes used, numbers dialed (fax machines where still in testing...), and they returned my letter accepting the offfer I proposed to them. Remember todays carders, phreakers, and hackers, are reckless, uncaring for the system they aquire, the service they use, or the cards they card off of. People are not what they used to be, times have changed, and they have changed for the worse (my opinion), if we do not start re-educating people about what to do and what not to do, and making sure that people do not abuse our knowledge then Operation Sundevil will be a fairly common word etched in our minds. People that card, don't be so damned stupid, carding to your house? Jesus, what moron would do that? Someone w/ a modem and pc. Someone that is uneducated, and someone that should be stopped. I close this small file w/ a quote from a respected BBS User in our Community: 1980's Hacker: A person who hacked into a system w/ the sole intent on learning the system, inside and out. To better educate oneself, w/ no thought of harm or destructive means. 1990's Hacker: A person who hacks into a system w/ the sole intent of destructive purposes. No benefit has come of this type of hacker. Today the word hacker means to break into a system for malice intent. Why has this happened? I propose that question to you. I hope that some of you will recall that more and more people are being busted, it is no longer anyones fault, but YOUR own for being busted, the rules have been layed down for years now, you just need to re-educate yourself and learn something... Guardian Of Time NIA---NIA---NIA---NIA---NIA---NIA---NIA "Whats In A Name? : Brad Templeton" People keep trying to figure out what an electronic forum (or bulletin board) is in traditional terms -- common carrier or publication. I think that it is not analogous to any of the old forms, and a new type of law has to be created to apply to it. There are 4 types of BB today: A) The completely open BB with no supervision (USENET newsgroup, some BBS operations) B) The supervised open BB. (most BBS, GEnie, CIS forums, etc.) C) The heavily supervised BB. (Prodigy, moderated USENET group) D) The fully edited electronic publication D is a direct analog of the traditional publication. C is very close, but not quite. A is close to the "common carrier" model, but does not match it exactly. B has little analog in traditional publishing. All four are of course(*) deserving of constitutional protection of free speech. For all are published forms of expression. The closest thing to A is common carrier or enhanced service provider status, where the carrier is not liable for what is transmitted. However there are many differences. For one, I have not heard of a "public broadcast" common carrier, where messages are sent to arbitrary members of the public who request the material. The closest analog might be Ham radio, although Hams are licenced and thus not classed as general public. They are also restricted in use. Of course "Ham radio" is a thing, not an organization. In addition, most type A systems do have some controls and checks and balances. They do not have the "service to anybody who asks is mandatory" rule of common carriers. I would view each individual author as the publisher, and the system owner as a tool in this case. On the other hand, I would support the right of system owners to restrict *who* has access, if not necessarily what they say. Type B is also a new animal. Such systems are supervised, but supervised after-the-fact. ie. any user can post any message, but the SYSOP/supervisor/moderator can delete things after the fact. The amount of this deletion ranges from almost none to moderate. Sometimes it is there as an option, but never actually practiced. This needs a new type of law. Type C is very close to a publication, and may not need a new type of law. In this case, all messages must be approved before they go out -- ie. they pass through a human being first. This is not too different from a classical publication. However, in most such cases, the editors do not truly act as editors. They merely select material based on appropriateness to a forum. Only because the law requires it do they also sometimes attempt to remove libel and criminal activity. The editors almost never select material to match their own views, and it is not assumed that postings reflect the editor's views. Thus in A and B it is clear that the author is the publisher and the system is the medium. In C the author and system operator are jointly involved in publication. In D the system operator is the publisher, and the author is just the author. What new types of law? This we can discuss. Type A: Authors fully responsible for their postings. No liability for SYSOP unless illegal activity deliberately encouraged. (ie. "The Phone Phreak BBS" might have a liable SYSOP, but "Joe's Amiga BBS" would not be liable if somebody posts a phone credit card number.) NO complete anonymity. Author's names need not be revealed in the forum itself, but a record should exist for the authorities in case of libel or other illegal activity by an author. The sysop must maintain this list in return for the limit of SYSOP's liability. (Note SYSOPS still have the right to delete material, but not the obligation.) Type B: Authors continue to be responsible for their postings. SYSOPS responsible for illegal material which they are aware of but do not delete in a timely fashion. Anonymity possible, if desired. Type C: Authors responsible together with SYSOPS for postings. If Author warrants to SYSOP that material is legit, most liability goes to Author. SYSOP must not permit any obviously illegal material, and delete any material found to be illegal ASAP. Type D: Standard publication. No new law. -- NIA---NIA---NIA---NIA---NIA---NIA---NIA "Musing On Constituionality : Karl Lehenbauer" In article <1990Sep20.221955.10879@spectrum.CMC.COM> lars@spectrum.CMC.COM (Lars Poulsen) writes: >By analogy, it may not be unreasonable to hold the "publisher" (i.e. the >owner/SYSOP) jointly liable with the poster for whatever appears on the >bulletin board. >Indeed, this may require that the SYSOP not allow unmoderated discussion >except within closed user groups whose members have all signed a pledge >of responsible behaviour and are all known to the SYSOP. >Seems pretty reasonable to me ... If this were the case, it would be the end of Usenet. Further, it would have a chilling effect on free speech via bulletin boards. As a sysop, I would have to be very careful to never allow anything out that was in the least bit controversial, and would always want to err on the side of not allowing a message to go out unless I was really sure there was no chance of me getting in trouble for it. Shouldn't the poster of the message be accountable for its contents? Or by your reasoning, shouldn't the phone company have to listen to *all* the phone conversations going on at any time to make sure nothing illicit was being said, done or planned? They tried this in Eastern Europe, you know. Further, this would be a new and time-consuming burden on sysops and introduce potentially long delays in messages getting out. If a sysop let a bad message go out and it was gatewayed to a bunch of other machines, or one was forged or somehow illicitly injected into the network, by your reasoning wouldn't the owner/sysops of all the machines the message went to be liable? If that were the case, it would definitely be the end, because nobody has the resources to monitor, for example, all the traffic on the Usenet. I used Prodigy several times, and it is a heavily censored system, i.e. Prodigy's censors examine every article posted before it goes into the message base, and people on it were complaining that the censors were capricious, arbitrary and would not state reasons why specific articles had been censored. Not only is there nothing like talk.religion.*, talk.politics.*, soc.motss on Prodigy (they dropped a forum in which fundamentalist Christians and homosexuals and homosexual rights advocates were going at it, although they claimed it was for a different reason), but you can't even mention or talk about most products by name because advertising is a big part of their revenue base (about 20% of your display is permanently dedicated to advertising when using it -- ads are continually updated in this area the whole time you're on) and they don't want anyone to get free advertising. Consequently messages of the "Yeah, I bought a Frobozz 917 and it works really well" are censored. If this is IBM's view of the future of personal electronic communications (Prodigy is a joint-venture of IBM and Sears), and there is every reason to believe it is since this is what they chose to provide, it is a bleak future indeed. (The reason they do this, I think, is that Prodigy is supposed to be a "family" system. Under your one account you can set up logins for your other family members. So they don't want anything in there that some kid is going to read. But that restricts everything on the system to a very low common denominator, namely that every message must be so inoffensive that *nobody* is going to be offended by it... and that is censorship. -- -- uunet!sugar!karl -- Usenet access: (713) 438-5018 NIA---NIA---NIA---NIA---NIA---NIA---NIA From ¤The Age‡, 12th October, 1990, Melbourne, Australia. By Leon Gettler, Communications reporter. Is it all over between PETA and LES since she found out about the LEOPARD? Was SID linked to the MAFIA? And where did DRACULA fit into all this? Was he really a VAMPIRE or just one of the DAGS? Confused? Just consult the Telecom staff dictionary, an introduction the to world of tele-babble. Insiders in every profession have their jargon, but no one generates it faster than telecommunications engineers. Take, for instance the story of the chap sent to Cairns on an emergency mission several years ago when the phone system was wiped out by flood. He designed the Cairns restoration and provisioning program. No prizes for working out the acronym. "It just rolled off the tongue," said a Telecom official this week. Step into the world of telecommunications and you find yourself in a sea of acronyms and jargon. Some examples: DNA (does not answer), DND (did not dial), MBC (major business customer), HC&F (heat, coil and fuse), LIBFA (line bearer fault analysis), DELY (delivery), CIE (customer interface equipment), PP (prompt public telephone) and TTT (terminatng trunk tandem). Traditionally, acronyms have been used to help us remember terminology. Usage has transformed many into ordinary words. Queensland and Northern Territory Aerial Services is always Qantas. The Australian and New Zealand Army Corps gave us Anzac, the North Atlantic Treaty Organisation is NATO. But Telecom Australia seems to have done the reverse. It produced DRACULA (data recording and concentrator unit for line applications), VAMPIRE (videotex access monitoring and priority incident reporting equipment), LEOPARD (local engineering operations processing and analyses of recorded data), MAFIA (maintenance and fleet information analysis), SULTAN (subscribers' universal line testing access network), CARGO (complaints analysis recording and graphing organisation), CATNAP (computer-aided network assessment program) and DAGS (digit-absorbing group selector). In many ways, Telecom employees are lucky. They can see PARIS (product accounting and reporting information system) or even MARS (microfiche auto-retrieval system). They don't even need a MAP (manual assistance position), the work station for telephonists. Telephone operators-turned-philosophers can turn to PLATO (programmed evaluation review technique) over a few POTS (plain old telephone services) of CIDER (costing input, data editing and reporting) or SODA (service order debit advice). and romantics can contemplate EROS (emitter-receiver for optical systems). But things can get confusing, too. COLDEWS (computerised lines depot external works scheduling) does not cover grass in the morning. And TACONET is short for Telecom Australia computer network, not tapas tucker. Similarly, CONTRAFAST is not a Nicaraguan health regime but the consolidated trunk forecast. Are Telecom employees happy with the ALP (associated line prime) after the [Australian] Labor Party's national conference last month? And does COM (computer output to microfilm) suggest that the reds have escaped from under the beds and infiltrated the phone exchanges? The names are also a worry. There are nine males (REX, JACK, SID, DAVID, LARS, LES, LEN, MARC AND SAM) but only four females (PETA, DAISY, DOT AND SUSIE). Koorie and other non-English names do not get a mention. And what about the indelicacy of TART (TACONET availability and response time monitoring) and TIT (technician in training)? ---------------------- Don't blame me if my fingers did not type what my eyes saw! Danny [Moderator's Note: Thanks for taking the time to type in such a clever report. Speaking of obscure acronyms, everyone must know of CARE, the organization which provides assistance to other countries in need. But do you remember what the letters mean? Committee on American Relief in Europe. And lest we forget, the zip in the postal Zip Code refers to the Zone Improvement Plan. Seriously. PAT] NIA---NIA---NIA---NIA---NIA---NIA---NIA "Vanessa Layne: Education And Cyberspace" I *can* think of a (hopefully) beneficial use to young people of Cyberspace. It all started with a high school aged student/friend of mine who had dyslexia (one of many) and was diagnosed rather late in his school career... Well, my friend had (after much sweat and tears and tutoring and really great supportive parents, teachers and counsilors) learned to read at age level ability, more or less. More, because he was very smart; less, because no matter how wonderful your tutoring is, it can't make up for lost practice. In addition , (his greatest problem in fact) was that he just couldn't articulate his ideas in print. He had trouble with literature because he was so busy reading the words and just figuring out what the sentences said, he missed the relevence of the give passage. Myself and another of his teachers and he discussed what woul d be the most helpful to him. We knew he needed practice reading sheer volumes of text, good and bad, to learn differences in quality and style. We knew it shoul d be interesting (no Dickens [pardon me if *you're* a raving rabid Dickens fan, but...]) about things that were immediately relevant, at least to the people writing the material. The material had to be communicating its ideas rather straight-forwardly, like a in a letter or essay. But it couldn't be plain factual information...it had to communicate emotion, and demonstrate attemps to convince the reader. And we knew he needed practice trying his own hand at communicating, not just writing reports on what he had read, but real writing trying to *communicate* his ideas and feelings. And he needed lots of feedback, not just ››you missed a semicolon'' but ››What did you mean by THAT crack mister?!'' He needed practice at honing an argument, and describing things clearly and concisely. So we got him an account. One of the fascinating phenomina I have noticed, in myself and others, is how much better a person becomes (usually) at communicating via print after doing it over the net for a while. When a person first begins using newsgroups, emailing lists, and (here at MIT) discuss and zephyr, usually s/he will try to communicate by typing down what it was they (damnit, I *will* use the plural for a gender indefinite pronoun) would have said out loud, if what they were responding to were a spoken conversation. This tends to fail miserably (though I have known people who always sounded funny when they talked because they talked as they read and wrote, who then ›e-sounded' fine here in Cyberspace). I once heard that 90% of all realtime communication is via body language. I'm not so sure that is unreasonable. Certainly printed-out speach is odd stuff. The raised eyebrows, which turned a demand into a statement of mock-dismayed-disbelief, disappear. The turning up of the lips which made an insult a friendly tease disappear. The grating pulled out note of mockery which makes a bald statement into its very inverse disappears. How many times have you seen what was originally supposed to be sarcasm interpreted to be opposite of what the sender intended? Printed-out speach is raw, and cold, and its impact is not lessened by any cloaking tones: it does not pull its punches. So the culture here developed :) :( :‡ ;) :P and ///italics/// and *emphasis* and so forth to try to let the reader know when the ››speaker'' would have done such things in realspace. But they are not adequate for most of the subtleties people wish to get across. So they wind up honing their skill with written English, often from reflex and not conscious determination...you keep plugging away at the argument until 1) you are understood 2) your account gets nuked enough that you decide it's not worth it. First, usually, people figure out about the tone implicit in word choice . People, when speaking, and at first on the net, will vehemently deny such a thin g exists. But there is obvious difference between ››I think you are incorrect'' and ››I think you're wrong'' and that difference is in implied attitude. Next, people seem to pick up on supporting arguments (like when you're nth grade teach er harassed you about writing essays w/ three paragraphs of support for your three points?)...if you hear ››What makes you say that?!'' ››Who ever heard of such a thing?'' ››Well *i've* seen...'' enough times, you begin to respond ››Well, whe n I...'' or ››I noticed...'' or ››Well haven't you seen...'' The more a person writes in Cyberspace, the more it seems s/he is able to see the mood and point of other writers. Something in a person's subconsciou s goes ››gee, I said something in just that way when I was tired.'' People get better at this. If you are not clear in Cyberspace, someone is *going* to misunderstand you (yes, someone will probably if you are clear as well, but no need to encoura ge it). If you are not concise (my sin [if you hadn't noticed]) your letter will be flushed before it is read. If either happens you are GOING to be FLAMED. An d if you really gave a damn about what you were trying to tell people, you will try again, on another tack, or clarifying your previous statements (all the whil e making mental notes not to let yourself be misunderstood the same way again, unless it is a deliberate firestarter tactic). So people inprove, and surprizin g to say (for all those insulting Humanitites out there), people who use the net for communication, get better at using the printed word, both to express themselves and to glean the insights of other writing. I don't think it is necessarily so that we'll all become Shakespears, but maybe it will help some kids understand what he was saying about people. Computers cannot solve nearly as many problems in education as many teachers seem to hope, but surely Cyberspace is not evil, and may be a benefit in varying degrees to those kids who need it. And certainly its computer science benefits are not the only ones, and maybe not even it's greatest. Cyber - space is the greatest communications network in history to date, and perhaps can help teach what today is that most relevant of skills: the use of the printe d word. Vanessa Layne dagoura@athena.mit.edu NIA---NIA---NIA---NIA---NIA---NIA---NIA "Triva Of A Hacker: Bob Bickford" In article <748@public.BTR.COM> techie@public.BTR.COM (Bob Vaughan) writes: > >A friend of mine posed an interesting trivia question. > >What was the system manager password for the Burroughs 6700 >at the Universty Of The Pacific in 1977? > >This password was included in a utility program that the TA's used >for job control (they weren't allowed to have the system manager >password, so the program had a line that allowed the utility to >run as the system manager) > >Please reply by email. > >Thanks in advance > I'm the friend. Here, I'll make this even easier: 1) The TA's utility was written in the Burroughs - specific variant of the ALGOL language called "DCALGOL"; it used the construct REPLACE MYSELF.USERCODE BY "XXXXXXX/YYYYY." to change its permissions to the system manager's. The TA's were very interested in the DCALGOL language; I distinctly recall being in the computer center with them late one night as they waited breathlessly for the compiler to come online so they could try out an MCP-modifying program that they'd written. It worked, as I recall, which was rather scary. (Yes, MCP means Master Control Program, as in the movie TRON. No, I don't know if they were thinking of the Burroughs machines when they wrote the movie.) 2) The name of the utility was "LOOKING-GOOD". When I obtained that usercode/password combination, one of the things I did was to print out a source-code listing of same, which I still have. (I was then invited to the Dean's office for a morning chat.... ah, the trials and irresponsibilities of youth.) I realize now, looking at it, that it's *horribly* bad code, but in 1977 I didn't know any better. 3) I was at UOP from September of 1976 through January of 1978; the password being queried about was in use in the Spring of 1977. They changed it, obviously, after my little adventure..... 4) I obtained this totally by accident; I was curious as to how the TA's utility worked, and printed out the object code. Before I arrived at UOP, that was illegel and would crash the system every time; I didn't know that and had crashed the system twice earlier in the year by printing the wrong file. So they "fixed" it; what you got was a page full of question-marks, with any quoted strings from the source code appearing in cleartext form. So when I printed out the object to LOOKING-GOOD, there were lots of strings lying around in it, including one that said XXXXXXX/YYYYY. which I immediately recognized as an ALGOL usercode/password string. So I tried it...... and was immediately caught (but not before I'd made a printout of the program, as mentioned above). When they explained to me what the ramifications of having that knowledge were, I got real scared. BTW, the LOOKING-GOOD object file had the security attributes "CLASSA-OUT" which meant that *anybody* could read it and print it out as I had done. I pointed that fact out to them...... and the Dean had a few hard words with the computer center manager. His name was Jerry (no, that won't help you guess the password) but he was later replaced by a friend whom I had introduced to the B6700 that year named Ed. Ed helped me late one night to print out a voluminous system logging file that also turned out to have lots of sensitive security info in it; we left one copy of the printout on Jerry's desk the next morning (Ed took the other, I don't think he ever did anything with it) along with instructions that *any* user could use to print the same thing out with. We were playful and harmless; I gather that a year or so later some guys came along that tried to repeat my stunt but with malign intent: they were caught, and prosecuted. I'm revealing all this now because I've finally stopped using that password as my own on any system, and because it makes a rather interesting challenge as a trivia question. A harmless one, too. -- Robert Bickford ¤apple,pacbell,hplabs,ucbvax‡!well!rab rab@well.sf.ca.us "A Hacker is any person who derives joy from discovering ways to circumvent limitations." NIA---NIA---NIA---NIA---NIA---NIA---NIA [OTHER WORLD BBS]