%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % T H E E M P I R E T I M E S % % ------------------------------- % % The True Hacker Magazine % % % % March 11, 1995 Issue 7 % %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% This Issues Features: # Selection Author Size - ------------------------------------ ---------------- ---- X. Introduction armitage 4k 1. Dc Dirt roach 6k 2. GL3000 Paging/Voice Retrieval System armitage 26k 3. Nokia NAM Programming dr. freeze 4k 4. Digital DNA abstract thought 7k 5. Defcon III Update dark tangent 27k 6. Are you a Hacker? redragon 2k 7. Recent Large Name Phreaker Busts anonymous source 3k 8. Hacker Learns Intelligence Secrets unknown 3k 9. OSS '94 (Third Annual) firefly 5k ------------------------------------------------------------------------------ Founder: Albatross Editor: Armitage Contributors: Abstract Thought, Dr. Freeze, Firefly, ReDragon, Roach, The Dark Tangent. Special Thanks: The Anonymous Source, Grayarea, Invalid Media. Noelle, Panzer, Sevenup, =========================================================================== -=- The Empire Times -=- Introduction Well it's been a while since the last issue came out, which is good and bad. The good news is that we have a real good issue, and the bad news is that it took longer than we wanted it to take. There has been a large response to Empire Times, I guess people want it. The mailing list has grown to be bigger than we expected it to be. I supose we should stay around. We will. The last issue was somewhat 95% media of hackers. This issue we have more technical articles like earlier issues. If anyone would like to join us in producing empire times, please feel free to email me. I've read alot in recent magazines and have seen alot on tv recently about hackers, and it makes me sick. I don't think the perceptions are accurate. Even though it bothers me, being the laid back individual I am I don't let it get to me. Maybe that is my fault, maybe it is good though. I want to send out a message to all the covert hackers and phreakers. Not many people have such talents that some of us have. Use them wisely, and think about what you are doing before you do it. I am not saying hacking is bad (no no, why would anyone think that?). I am just saying that think about what you are doing and how you can get caught. I don't want people to get locked up like Mitnick and others. Watch yourselves. I'm going to keep it short and sweet. This is definatly a period of busts. Many many fellow hackers have gone 'down'. That is something that most people consider the worst thing that could ever happen to a member of the computer underground. Till the next Empire Times, armitage@dhp.com ============================================================================== -=- The Empire Times -=- Issue 7, File 1 of 9 DC Dirt #2 roach@tmok.res.wpi.edu roach@cult.empire.org <--- try this one! I ran the first article of DC Dirt. It looks like the coast is clear. I better say what I want before that huge hacker gang beats me up... ----- Rumor #1 DC Posse?!?!? Rumor has it there is a new 'Posse' in the DC area. They call themselves (oh, take a guess!) 'DC Posse' or 'DC p0sse' or 'DC p0ss3' or other inane k-rad statements. The grapevine has told me these guys are bad. What the definition of bad is, I don't know. Blah. Come on you guys, couldn't you have picked another name? DC Dirt would-be names for DC Posse/DC p0sse/DC p0ss3: 1) LoD 2 --- The search for Lex Luthor (startrek joke) 2) iCE WaTeR --- We make better ansi's, and goddamn proud of it. 3) The Dream Team 2 --- We will crack 1 - 3 year warez. Not to put down this 'DC Posse', but really guys, be more original. ----- Rumor #2 DiscoDan's box is clearing out. DiscoDan has had enough trouble with stupid hackers. Almost being rm -rf'd, and UMD on his case has not been a great experience for him. He is cleaning out all of his users. Shit. The same thing happened with Lgas' box a year ago. When will people learn not to hack from friend's sites? ----- Rumor #3 Did y-windoze really get busted? Last issue I said rumor had it that Y-windex was busted. Now I hear from sources that no, he wasn't busted. He just wants you to think he was busted. Now Dc Dirt has heard that Y-windoze may have started the rumor himself. DC Dirt is confused. But then, DC Dirt is for rumors, not real fact. I talked to Y-windex the other day. He seems alive and kicking. He is running out of money, for he doesn't have a new job yet. He Better get some if he's going to stay around the washington area. ----- Rumor #4 Someone is busting unregistered WWiV boards. Supposedly some ding-dong named Equalizer is turning these boards in? Does anyone have specifics on this rumor? I imagine there are unregistered WWiV bbs' all over the DC area. This is really stupid. ----- Rumor #5 Kewp coming to DC? Rumor has it, Kewp, who made ISS, or Internet Security Scanner, is going to DC 2600 this February. I also hear the almighty TK and KL will be there to greet him. Too bad they only come around when someone from out-of-state is here. ----- Rumor #6 DC Kamakize is not a Narc. Maybe since there are two Kamakize's on the IRC, this lead to the confusion. But Kamakize told DC Dirt that he never was a fed, Narc, or anything. "Just Homeysan and Tiphoid making this shit up." he is quoted. DC Dirt has met Kamakize, and doesn't think he is a Narc either. ----- Rumor #7 SummerCon in the Wind? DC Dirt has heard that there might be a SummerCon in the DC area. Everyone was planning for one last year. But one of the main reasons it never came to be was because of HOPE. Other reasons that did not help were trying to find an Airport, metro, and a cheap hotels around the DC area. Maybe someone has finally figured out a plan to put all three together. SummerCon in DC would be just kewlin. Other Names for SummerCon in DC: BustCon '94 -- the only convention that is in a Federal Building! FedCon '94 -- Which is the hacker? Which is the fed? ParanoidCon '94 -- Not just your regular con...A "DC, FBI, CIA, Police, and any other agency down the road" Con. They do all seem to have a same theme, don't they? :) ----- Rumor #8 Just what did BLAH say on the IRC? DC Dirt was talking to BLAH on the #hack the other day: *BLAH* yeah I understand, I like the sound of Candlebox though *BLAH* great group to fuck to, you can quote me on that! Oh really, BLAH? ----- Rumor #9 Shadowdancer Busted? Shadowdancer, a supposed member of the DC p0ss3, was busted. No, not because he was hacking .mil's or .gov's...he got busted for hacking UMD. Ironic, isn't it? He was "+ +" the .rhosts file of a librarian he knew. How he got the librarian to access her account, Shadow Dancer didn't say. Librarians beware! We are going to hack your accounts! Bwahahahahahahahaha... ----- Rumor #10 UMD annex is loggin phone numbers. Thats right UMD hackers, it seems that now our beloved hacker hangout is now loggin our phone numbers. Sigh. atdt 301403XXXX CONNECT 9600/ARQ/V32/LAPM/V42BIS Annex Command Line Interpreter * Copyright 1991 Xylogics, Inc. Checking authorization, Please wait... ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This was never there before. Also, if you use CallerID, you will get hung up by UMD. Looks like you need to try and find another dialin, folks. WELCOME TO THE UMCP/CSC DIAL-UP SERVICE If you have any questions, please contact the CSC Consulting Lab at (301) 405-1500 or consult@umail.umd.edu Unauthorized access to a computer system is a violation of Article 27, Section 146 of the Annotated Code of Maryland. Computer Science Center terminal servers will only access hosts owned by the campuses of the University of Maryland System. 403-4333 and 403-4444: 2 hour idle limit campus extension 34333: 30 minute idle limit Dialup sessions lasting longer than 12 hours will be terminated. ----- Rumor #10 Empire now has Waffle, with Internet access! Albatross finally got off his lazy butt, and got Empire bbs a UUCP feed. So now anyone who is on Empire can read the Usenet, and have an internet email address at: yourname@cult.empire.org Yes, become part of Alabtross' Empire. Email me, Armitage, or root (Albatross himself) for the Empire's number. DC hack scene is becoming integrated with the net now. ============================================================================== -=- The Empire Times -=- Issue 7, File 2 of 9 The Glenayre GL3000 Paging and Voice Retrieval System by armitage (armitage@dhp.com) Welcome ------- I am glad you decided to read this article. This article will explain the basis of what this system is, show many features, and guide you through a few basic operations (pager reactivation, and meet-me setup). This system is one of many different paging systems, but I have found many scattered through the nation, so if you are wondering what you can do with all those carriers found while scanning, compare them to the login screen shown later in the article. Summary ------- The Glenayre GL3000 paging and voice retrieval system is a fully featured digital radio paging terminal which also provides integrated voice mailbox facilities. I'm sure this is not important, but so you know, the gl3000 family comes in 5 different respective sizes (es, s, m, l, and xl). All of the systems have same features except the only thing that differs is their bandwith, and their capibilities. Analog and digital paging formats are supported, it provides for tone only, voice, numeric, and alphanumeric paging. Features -------- Voice Mail Box Features ----------------------- The voice mail box feature of the system complements the pager router system very nicely. This voice mail system is just like any other, so I won't go into detail over it. Programming Mailbox access code Main menu : 1 Subscriber Information Menu : 1 Search for subscribers to edit/create Meetme access code Supervisors Main Menu : 5 System Setup Menu : 3 Trunk Setup Menu : 11 Meet-me parameters Audio Billboard Supervisors Main Menu : 5 System Setup Menu : 9 Voice Storage and Mailbox Setup Menu : 2 Voice Mailbox Setup parameters Pager Alert Supervisors Main Menu : 5 System Setup Menu : 3 Trunk Setup Menu : 10 Callere Notification Message Setup Voice Main Menu Hierarchy ------------------------- Supervisor's Main Menu 1 < Subscriber Information Menu 1 < Edit/Create Subscribers 2 < Delete A Subscriber 3 < Report Subscriber Information 4 < Report Extended Group Members 5 < Report Unused Customer Numbers 6 < Report Initialized Centirecords 7 < Stop Current Report in Progress 8 < Send Test Page 9 < Block Change Subscribers 10 < Delete Several Subscribers 11 < Clear Subscriber Call Statistics 12 < Report Pager Type Summary 13 < Block Create Subscribers 2 < User Number Information 3 < System Activity Monitoring and Logging Menu 1 < Trunk Status & Activity Monitor 2 < UOE Status & Activity Monitor 3 < Buffer Memory Status & Activity Monitor 4 < Transmit Queue Status Activity Monitor 5 < Voice Storage Usage Activity Montior 6 < Voice Storage Report Setup 7 < Voice Storage File Activity Monitor 8 < Activity Logging Setup 9 < Activity Logging Monitor 10 < Subscriber Database Information 11 < System CPU Activity Monitor 12 < Memory Pool Status Monitor 13 < RTC Status & Activity Monitor 14 < RTC Diagnostic Console 4 < System Maintenance Menu 1 < Save Database and System Setup Parameters to floppy 2 < Add Customer Numbers 3 < Remove Customer Numbers 4 < Change Customer Numbers 5 < System Setup Menu 1 < System Parameters 2 < Subscriber Setup Menu 1 < Subscriber Default Parameters 2 < Subscriber Reoprts Default Parameters 3 < Trunk Setup Menu 1 < Individual Trunk Parameters 2 < Trunk Group Parameters 3 < Trunk Card Parameters 4 < Common Trunk Parameters 5 < Common Trunk Statistics 6 < Common Trunk End of Call Parameters 7 < Roaming Caller Location Code Setup 8 < Digital Trunk Card Alarm Parameters 9 < Digital Trunk Address Signalling Protocal 10 < Caller Notification Message Setup 11 < Meet-me Parameters 4 < Buffer Memory Setup Menu 1 < Individual Buffer Memory Parameters 2 < Common Buffer Memory Parameters 5 < Universal Output Encoder (UOE) Setup Menu 1 < Individual UOE Parameters 2 < Common UOE Parameters 3 < UOE Test 6 < Transmitter Controller Setup Menu 1 < Individual Transmitter Controller Parameters 2 < Common Transmitter Controller Parameters 7 < Page Routing Setup Menu 1 < Logical Area Parameters 2 < Coverage Region Parameters 8 < Printer and Serial Port Setup Menu 1 < Serial Port Configuration Parameters 2 < Printer Message Parameters 9 < Voice Storage and Mailbox Setup Menu 1 < Voice Storage Setup Parameters 2 < Voice Mailbox Setup Parameters 3 < Voice Mailbox Retrieval Mode Key Translation Map 4 < Language Syntax Configuration 10 < Pager Parameter Setup Menu 1 < PUP/Repeat Page Options 2 < PUP/Repeat Page Function Code Setup 3 < Voice To Alpha Transcription Setup 4 < Numeric/Voice Function Code Setup 11 < RTC Port Configuration Parameters 6 < Remote Sign-on 7 < Network Menu 1 < Operator Services Menu 1 < Netmail Transmission 2 < Netmail Configuration 2 < Network Setup Menu 1 < Common Network Parameters 2 < Network Port Configuration Parameters 3 < Network Node Configuration Parameters 4 < Frequency Code to Coverage Region Map 3 < Network Activity Menu 1 < Port Status and Activity Monitor 2 < Node Status and Output Queue Activity Monitor 8 < Traffic Statistics Menu 1 < Statistics Parameters 2 < Report Statistics 9 < Superhex Patch Screen Operations ---------- *** Quick Reference Key Usage*** - Deletes character to the left - Redraws Screen UP - Moves pointer up DOWN - Moves pointer down System Menus and Options - Navigating the System -------------------------------------------------- ***Changing Subscriber Info*** Screen Shot Below ----------------------------------------------------------------------------- GLENAYRE GL3000 PAGING TERMINAL Version 3.06 1. User Number:________ 2. Password: Optional Feature Status Agency: ON Networking: ON RTC: ON Meet-me: ON Software Creation Date: MMM DD/YY HH:MM:SS Command: ----------------------------------------------------------------------------- Logging in is the first step, as you can see you are prompted for a user number and password. The Default for every account is unpassworded, the password does not echo on the screen. Please Note that the menu options are configured by the access level of your account, (for example, an administrators account will have more options than a base operators account). The Menus displayed in this article account that a supervisors account is being used. Screen Shot Below ----------------------------------------------------------------------------- GLENAYRE GL3000 PAGING TERMINAL Version 3.06 1. Subscriber Information Menu 2. User Number Information 3. System Activity Monitoring and Logging Menu 4. System Maintenance Menu 5. System Setup Menu 6. Remote Signon 7. Network Menu 8. Statistics Menu 9. SUPERHEX Patch Screen Currently Signed On: User 1 System Supervisor Command:_________ ----------------------------------------------------------------------------- This is the Main menu of the system. On a normal operators account, not all of the options will be available. *** To Add (Reactivate a pager) *** You want to is Add or "Create" a subscriber. Go to menu 1 (Subscriber Information Menu). Screen Shot Below ----------------------------------------------------------------------------- SUBSCRIBER INFORMATION MENU 1. Edit/Create Subscribers 2. Delete a Subscriber 3. Report Subscriber Information 4. Report Extended Group Members 5. Report Unused Customer Numbers 6. Report Initialized Centi records 7. Stop Current Report in Progress 8. Send Test Page 9. Block Change Subscribers 10. Delete Several Subscribers 11. Clear Subscriber Call Statistics 12. Report Pager Type Summary 13. Block Create Subscribers Command:____________ ----------------------------------------------------------------------------- Now you need to go into option 1 again, to Create a new subscriber. Screen Shot Below ----------------------------------------------------------------------------- Record 1 of 900 SEARCH FOR SUBSCRIBER TO EDIT/CREATE Page 1 of 2 1. Customer Number: _____ 17. Language Choice: 2. Partition: 18. Answer Type: 3. Agency Number: 19. Custom Answer: 4. Encoding Format: 20. PUP/Repeat Option: 5. Service Type: 21. Group PUP Option: 6. Capcode: 22. Repeat Voice: 23. Mailbox Type: 24. Purge Time (Hrs): 7. A-Tone Length: 25. Maximum Messages: 8. B-Tone Length: 26. Voice Time: 9. Account Number: 27. Activate Caller Pwd: 10. Account Status: 28. Access/Caller Pwd: 11. Account Code: 29. Autoretrieval: 12. Valid: 30. Meet-me: 13. Customer Absent: 31. Secondary Number: 14. Coverage Region: 15. Priority: 34. Extended Group: 35. Sort Field #1: 37. Sort Field #2: 36. Sort Order #1: 38. Sort Order #2: Command: ----------------------------------------------------------------------------- It is important at this point, not to enter information into any field other than field number 1, as after you enter the customer number, you enter the other information later. If you are entering a new subscriber, you want to enter a customer number that is not being used. There will be a record number in the top left to show you which records are being used. In this example we will use number 1. So enter the new number and then . The type CREATE into the command line. Screen Shot Below ----------------------------------------------------------------------------- Record 1 of 900 SEARCH FOR SUBSCRIBER TO EDIT/CREATE Page 1 of 2 1. Customer Number: 1____ 17. Language Choice: ENGLISH 2. Partition: A 18. Answer Type: SYS 216 3. Agency Number: 0 19. Custom Answer: YES 4. Encoding Format: TWOTONE 20. PUP/Repeat Option: NO 5. Service Type: VOICE 21. Group PUP Option: NONE 6. Capcode: 000001F1 22. Repeat Voice: 3 A=0 B=0 23. Mailbox Type: VOICE 24. Purge Time (Hrs): NO PURGE 7. A-Tone Length: 8 25. Maximum Messages: 10 8. B-Tone Length: 16 26. Voice Time: 8 9. Account Number: 4 27. Activate Caller Pwd: YES 10. Account Status: 3 28. Access/Caller Pwd: ####/#### 11. Account Code: 7 29. Autoretrieval: NO 12. Valid: YES 30. Meet-me: NO 13. Customer Absent: NO 31. Secondary Number: 14. Coverage Region: 1 15. Priority: 5 34. Extended Group: NO 35. Sort Field #1: 37. Sort Field #2: 36. Sort Order #1: 38. Sort Order #2: Command: ----------------------------------------------------------------------------- The values that are filled into this screen are the defaults that were set by the supervisor. Provided you have all the technical information on the unactivated pager you have, you will transcribe the pagers technical information into this record. List of fields Field 1 - Customer Number Customer number, you may not use wild cards. Field 2 - Partition Any Partition Letter may be used. ['A'..'Z'] or a NOT sign followed by a partition letter. Field 3 - Agency Number You may use any search conditions except wild cards. Field 4 - Encoding Format Any encoding format name, or a not sign followed by an encoding format. Field 5 - Service Type You may use any service name, or a not sign w/service type name. Service Names VOICE TONE-ONLY NUMERIC ALPHANUMERIC NUMERIC/VOICE MAILBOX ONLY ROAMER 0 TONE ONLY GREETING ALPHAMAIL TAS MEET-ME AUTORETRIEVAL Field 6 - Capcode You may use wild card characters to replace digits. Field 7,8 - A,B-Tone Length You can use any search but the wild card search. Field 9 - Account Number You can use any search but the wild card search. Field 10 - Account Status You can use any search but the wild card search. Field 11 - Account Code You can use any search but the wild card search. Field 12 - Valid YES or NO (valid/invalid account number) Field 13 - Customer Absent YES or NO (absent customer or not) Field 14 - Coverage Region You can use any search but the wild card search. Field 15 - Priority You can use any search but the wild card search. Field 16 - Trace Calls YES or NO Field 17 - Language Choice Simply enter a language of choice. Field 18 - Answer Type Use any search. Field 19 - Customer Answer YES, NO, INSERT, or APPEND Field 20 - PUP/Repeat Option Field 21 - Group PUP Option Field 22 - Repeat Mailbox You can use any search but the wild card search. Field 23 - Mailbox Type You can enter: NO MAILBOX VOICE NUMERIC BOTH Field 24 - Purge Time (Hrs) You can use any search. Field 25 - Maximum Messages You can use any search but the wild card search. Field 26 - Voice Time You can use any search but the wild card search. Field 27 - Activate Caller Password YES or NO Field 28 - Access/Caller Password Field 29 - Autoretrieval YES or NO Field 30 - Meet-me YES or NO to have this subscriber given access to meet-me features. Field 31 - Secondary Number You can use any search but the wild card search. Field 34 - Extended Group YES or NO Now we will move on to the second page of the Section Screen Shot Below ----------------------------------------------------------------------------- Record 1 of 900 SEARCH FOR SUBSCRIBER TO EDIT/CREATE Page 2 of 2 Extended Group Members 81. Customer Number: 41. System Recording: 82. Customer Number: 42. Empty Data Pages: 83. Customer Number: 43. Primary Numbers: 84. Customer Number: 85. Customer Number: 86. Customer Number: 87. Customer Number: 88. Customer Number: 89. Customer Number: 90. Customer Number: Statistical Fields: 91. Customer Number: 51. Number of Calls 92. Customer Number: 52. Mailbox Storage 93. Customer Number: 53. Character Count: 94. Customer Number: 54. Meet-me Time (mins): 95. Customer Number: 55. Date Created: 96. Customer Number: 56. Date Altered: Command: ----------------------------------------------------------------------------- This page has little signifigance besides if you are using extended group members. The one thing that is important is field 56. Look out. ***Setting up a Meet-me and its settings*** Screen Shot Below ----------------------------------------------------------------------------- GLENAYRE GL3000 PAGING TERMINAL Version 3.06 1. Subscriber Information Menu 2. User Number Information 3. System Activity Monitoring and Logging Menu 4. System Maintenance Menu 5. System Setup Menu 6. Remote Signon 7. Network Menu 8. Statistics Menu 9. SUPERHEX Patch Screen Currently Signed On: User 1 System Supervisor Command:_________ ----------------------------------------------------------------------------- First you want to go into choice "5", The System Setup Menu. Screen Shot Below ----------------------------------------------------------------------------- SYSTEM SETUP MENU 1. System Parameters 2. Subscriber Setup Menu 3. Trunk Setup Menu 4. Buffer Memory Setup Menu 5. Universal Output Encoder (UOE) Setup Menu 6. Transmitter Controller Setup Menu 7. Page Routing Setup Menu 8. Printer and Port Setup Menu 9. Voice Storage and Mailbox Setup Menu 10. Page Parameter Setup Menu 11. RTC Port Configuration Parameters Command:_________ ----------------------------------------------------------------------------- >From this menu you want to go to the trunk setup menu which is choice "3". Screen Shot Below ----------------------------------------------------------------------------- TRUNK SETUP MENU 1. Individual Trunk Parameters 2. Trunk Group Parameters 3. Trunk Card Parameters 4. Common Trunk Parameters 5. Common Trunk Statistics 6. Common Trunk End Of Call Parameters 7. Roaming Caller Location Code Setup 8. Digital Trunk Card Alarm Parameters 9. Digital Trunk Address Signalling Protocol 10. Caller Notification Message Setup 11. Meet-me Parameters Command:_________ ----------------------------------------------------------------------------- >From this menu you want to select "11. Meet-me Parameters". Screen Shot Below ----------------------------------------------------------------------------- MEET-ME PARAMETERS 1. Length of Time to Play Initial Ring(s): 2. Wait Time Before Sending Meet-Me Page(s): 3. Meet-Me Help Message Interval(s): 4. Maximum Number of Meet-Me Help Message(s): 5. Tone Played While Waiting for Meet-Me: 6. Disable Disconnect Digital During Connection: 7. Meet-Me Maximum Hold Time (min): 8. Maximum Simultaneous Meet-Me connections: 9. Prompt for Access Code Before Meet-Me: Command:_________ ----------------------------------------------------------------------------- There is online help to guide you to conduct this meet-me. So go with the system on this one. Glossary of Terms ----------------- I have listed some terms you might have trouble with while you are playing around with this system, this is nowhere near as many as there are, but the most vital are listed below. Address - 1. The telephone number dialed by a calling party which identifies the party called. 2. A location or destination in a computer program. Bell 103 - The North American standard for 300 bps modems. Bell 212A - The North American standard for 1200 bps modems. Blocking - The process of grouping data into transmission blocks. The inability of a pabx to service connection requests, usually because its switching matrix can only handle a limited number of connections simultaneously. Blocking occurs if a call request from a user cannot be handled due to an insufficient number of paths through the switching matrix; blocking thus prevents free stations from communicating. Borscht - Acronym for the functions that must be performed in the Central office at the subscriber's analog interface of a digital system. (battery, overvoltage, ringing, supervision, coding, hybird, and test) Broadband - A communication system with a large bandwidth. Channel - Electronic communications path, usually of 4,000 Hz (voice) bandwidth. Crossbar - A type of telephone switch. Crossbar Switch - (In PABX technology) a switch that has multiple vertical paths, multiple horizontal paths, and electromagnetically operated mechanical means for connecting any vertical path with any horizontal path. Modern PABXs often use an electronic version of the crossbar switch. Data - In phone systems: any information other than speech or tones. Data Set - The telephone companies term for a modem. Decoder - A device that converts information into another form of signals. (A DTMF decoder converts dtmf tones to numerican dtmf values) Dial Long Line - Special Service device which extends loop signalling distance. Digital - Variable as opposed to constant. Data characters are coded in discrete, seperate pulses or signal levels. Contrast with Analog. Duplex - Simultaneous two-way independant transmissions in both directions. Echo - A faint return of transmitted data. ESS - (Electronic Switching System): A telephone switching machine using electronics, often combined with electro-mechanical crosspoints, and usually with a stored program computer as the control element. FCC - (Federal Communications Commision): A government agency that monitors and regulates all use of the electromagnetic spectrum for communications. Handshake, Handshaking - A preliminary process that is part of a communications protocal that establishes a data connection. Interface - The connection between two seperate and distinct mechanical or computerized systems. Interoffice Trunks - Shared facilities connecting CO switches. Link - A communications circuit. Local CO - Central office (end office) capable of switching calls between local subscriber circuits. Local Loop - The voice-band channel connecting the subscriber to the central office. Logging - Recording data associated with a system. Multiplexing - The division of a transmission facility into two or more channels. Network - An interconnection of copmuter systems, terminals, or data communications facilities. Parameters - Selectible variables designed for system uses. Port - A computer interface capable of attaching a communication protocol. PBX or PABX - (Private Branch Exchange) A system providing switching in an office or building. Voice PABX - Voice only PABX for voice circuits. ---------------- I hope you could use this information. If anyone has any questions or comments, or is wondering if they can get manuals to this system somehow, please feel free to email me, I will assist you as much as my schedule will allow. I would like to thank erikb for telling me to write this, abstract thought for pointing out all my spelling errors among other things, panzer for everything he has done, and all the dc hackers. Knowledge is the nemesis of all evil, Digital Anarchy!!! Later, and remember to always cover your tracks in anything you do. Armitage armitage@dhp.com finger/email for PGP key if desired. ============================================================================== -=- The Empire Times -=- Issue 7, File 3 of 9 Nokia Cellular NAM Programming by Dr. Freeze FOR AUTHORIZED DEALER USE ONLY NOKIA 100 SERIES CELLULAR HANDPORTABLE TELEPHONE NAM PROGRAMMING INSTRUCTIONS The Nokia 100, 105 Series handportable CMT uses an EEPROM NAM that can be programmed directly from the standard user keypad. In order to access the NAM, you must enter the special access code currently programmed into the phone. Once the programming mode is accessed, NAM parameters are loaded by entering them into the display and "storing" them to selected memory locations. Be sure to obtain all parameters before proceeding. ACCESS NAM PROGRAMMING MODE: 1. Turn the phone on. (DUH!) 2. Enter the NAM access code. The factory default is: *3001#12345 3. Enter [STO] 00. 4. Verify that "STORE NOT DONE" appears in the display. If "NOT ALLOWED" appears, check to see if you have entered the access code correctly. Note: If "NOT ALLOWED" appears after a few programming attempts, the access code has been changed or an error has occured and the phone will have to be returned to Nokia for repair. (BUMMER!) ENTER SPECIAL NAM PARAMETERS (Memory Location 01): 5. Press and hold the [CLR] key until the display clears. 6. In one long string, enter the special NAM parameters according to the format of Example 1 below. Enter each emergency number (such as 911 or *911) followed by the pound (#) key, the Language Code followed by the asterisk (*) key, and the desired four digit lock code. Language Codes: 0 = English, 1 = French, 2 = Spanish. Note 1: Emergency numbers entered in memory location 01 can be used while call restrictions are active and when the phone is locked. Note 2: The first number entered in the list of emergency numbers is used for the Speed Dial (9) key. Example 1: Pound Key________________ _________Asterisk Key \ \ / 9 1 1 # * 9 1 1 # 0 * 1 2 3 4 / / \ \_______Lock Code Emergency numbers__/_________/ \_________Language Code 7. Enter [STO] 01 [STO]. ENTER MOBILE PHONE NUMBER (Memory Location 02 or 04): 8. Press and hold the [CLR] key until the display clears. 9. Enter the correct 10-digit phone number. 10. For Primary NAM, enter [STO] 02 [STO]. For Optional NAM, enter [STO] 04 [STO]. ENTER SYSTEM PARAMETERS (Memory Location 03 or 05): 11. Press and hold the [CLR] key until the display clears. 12. In one long string, enter the system parameters according to the format of Example 2 below. Be sure to separate each parameter with an asterisk (*). Do not place an asterisk before or after the string. Example 2: System ID_____ ____Group ID Mark \ / 3 4 * 1 * 1 * 3 3 4 * 1 5 * 1 5 / / \ \ Access Method____/ / \ \_Access Overload Class Local Use Mark______/ \______Initial Paging Channel 13. For Primary NAM, enter [STO] 03 [STO]. For Optional NAM, enter [STO] 05 [STO]. VERIFY NAM INFORMATION: 14. Press and hold the [CLR] key until the display clears. 15. Use the up/down arrows to scroll through locations 01 through 05. 16. Verify that the information for each memory location is correct. 17. To exit the programming mode, power the phone off and then back on. If "NAM ERROR" appears on the display, programming was done incorrectly and must be repeated. The above information was taken from the Nokia Programming Guide, and was typed pretty much as it appears there. The author assumes no responsibility for any damages caused by any errors in the above information. The above information is for educational purposes only, and the author in no way advocates the use of said information to defraud any cellular carrier. HAVE PHUN!!! Dr. Freeze ============================================================================== -=- The Empire Times -=- Issue 7, File 4 of 9 Digital DNA by abstract thought (abstract@thought.dgsys.com) Life:=the state of an organism characterized by the capacity for metabolism, growth, reaction to stimulus, and reproduction. You may be wondering, why the meaning of life. Well, I want you to keep it in mind as you continue to read this article... Viruses. Everyone is familiar with those little miscreant programs infecting computers around the world. They sometimes consume files, cpu cycles, and other things we value, and the almost always hinder productivity. Rarely is a virus completely eradicated as they are continually reproducing and inoculating other files and computers. There is a reason why computer viruses are called viruses. It is because they are *exactly* like biological viruses. Both are incredibly small. Where the biological viruses are at least half as small as the cells they infect, digital viruses are similarly smaller than the files they infect. While viruses inject string os protein called DNA into their host cells, their computer counterparts inject strings of code, a digital DNA. Later, those host cells or programs spread their malevolent viruses to neighboring targets. Now that the fact that biological viruses and digital viruses are identical has been established, on to the big question. Are computer viruses, and other programs, alive? Viruses are one example. The computer viruses meet the same requirements for life that the biological ones do. They have a metabolism by consuming cpu cycles. Growth is evident in their infecting of programs, going from a small piece of code into a healthy sized executable file. Reaction to stimuli is evident in many viruses. For example, the diamond.105 virus infecting my computer science disk. The stimulus is being in memory for about 5 minutes, at which point a diamond of little ascii diamonds appear and dance around consuming whatever is on the screen. Reproduction is hardly a question, there is no doubt that viruses reproduce. So in conclusion, viruses are alive. No, I'm not comparing computer viruses to humans. Clearly, life does not mean intelligence. Computer viruses may be alive, but they do lack intelligence, much like biological viruses. And no, they are not natural life. They are as artificial as the computers they inhabit. But still, they are alive. Viruses are hardly the only life that programmers have created. In a local high school science fair there were two major computer exhibits. One was a simple program tracing genetic material through a simulated colony. Not exactly fulfilling the requirements for life. The other, however, was very interesting. The project was a colony of competing creatures. Each had their own individual DNA coding that governed the way the moved and reacted to stimulus. They had a limited life span, based on successful growth and metabolism. As for reaction to stimuli, they would avoid simulated poisons and consume the other life forms. This is another example of an artificial life form. Another popular trend in computer science is cellular automata. In one cellular automata, the life cycle began with a clump of cells. These cells would only survive if they could move to a position neighboring two other cells. Any more or any less and the cell could possibly die. The cells would react to neighboring cells and find the best position to move to. If they lived long enough, they would be able to reproduce, thus sustaining the colony. Again, the qualities of life are shown in a program. Tom Ray, currently a scholar at the Advance Telecommunications Research Institute International in Kyoto, Japan, is also convinced that programs can live. His reasoning...he breeds digital organisms. As a biologist, his initial intent was to study evolution. Evolution, however, is a long process, so he resorted to creating his specimens. After creating his own operating system (so that if there are any escapee programs they won't work on other computers), he introduced "the Ancestor". The Ancestor was an 80- byte long worm. It was the first and last worm Ray ever created. After being set free on Tierra, the digital ecosystem/operating system Ray created, the Ancestor bred and spread. A 79-byte mutant variation evolved and started to compete with it's predecessors. Later came 45-byte worm, then a 51, and the smallest, a 22-byte creature. Each worm had it's self-replicated brethren, each competing for the necessary cpu cycles to live and reproduce. However, something startling happened. Symbiotic relationships formed. The 45 and 51-byte worms evolved into viruses lacking the genetic code to reproduce. They would infect the larger species and use their code to reproduce. In the process, the larger worms would receive immunity from other parasites because they didn't register in the memory. These evolutionary powerhouses, with tighter codes than most human programmers can dream of, have not only shown the possibility for digital life, but a digital ecosphere like the earth. Tierra became a jungle of worms and viruses competing, evolving, and living. There is no doubt that there is artificial life. Again, I'm not saying that programs are at the same level humans or other organic life. Yet, it would be hard to say that some programs are not artificial life. But that is my opinion, and I would like to hear yours. If have any thoughts, comments, or ideas about this, tell me. And if you agree or disagree, let me know why, and if you have some examples, even better. You can e- mail me at abstract@thought.dgsys.com. Maybe if the response is great enough, I'll write a follow-up. Hopefully you'll be seeing more from me, on this topic or others. Lastly, I'd like to thank a few people. -Armitage, thanks for the chance to write this and for all the other things you've done for me. -All my friends in my computer science class...Brad, Aaron, Mark. We had some good discussions about this and other fun things... -Everybody in the D.C. scene. I learned a lot by watching you all... You may not have seen much of me but I learned a lot from you. ============================================================================== -=- The Empire Times -=- Issue 7, File 5 of 9 Official Defcon III Update by The Dark Tangent -----BEGIN PGP SIGNED MESSAGE----- DEF CON III Convention Update #1 (1.xx.95) August 4-6th 1995 @ the Tropicana in Las Vegas XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON III Initial Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON III Initial Convention Announcement XXXXXXxxxxxxXXXXXX X X DEF CON III Initial Convention Announcement XXXXXxxxxxxxxXXXXXXX X DEF CON III Initial Convention Announcement XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON III Initial Convention Announcement XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON III Initial Convention Announcement XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON III Initial Convention Announcement XXXxxxxxxxxxxxxXXXXXXXX DEF CON III Initial Convention Announcement XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON III Initial Convention Announcement XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON III Initial Convention Announcement XXXXXXxxxxxxXXXXXXXXX X DEF CON III Initial Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON III Initial Convention Announcement XXXXXXXXXXXXXXXXXXXXXXXXXXXX X DEF CON III Initial Convention Announcement READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & This is _not_ the professional sounding announcement. Use that one to con your boss / employers out of the cost of the trip. The professional announcement will be available on the ftp site and other more serious mailing lists and news groups, etc. This is the k-RaD kriminal shout out to all u el1te haquer types that aren't in jail to attend 'da def con. werd. READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & What's this? This is an initial announcement and invitation to DEF CON III, a convention for the "underground" elements of the computer culture. We try to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers, Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks, Futurists, Artists, Criminally Insane, Hearing Impaired. WHO: You know who you are, you shady characters. WHAT: A convention for you to meet, party, and listen to some speeches that you would normally never get to hear from some k-rad people. WHEN: August 4, 5, 6 - 1995 (Speaking on the 5th and 6th) WHERE: Las Vegas, Nevada @ The Tropicana Hotel So you heard about DEF CON II, and want to hit part III? You heard about the parties, the info discussed, the bizarre atmosphere of Las Vegas and want to check it out in person? You want to do weird shit _away_ from the hotel where you could get me in trouble? Then you're just the person to attend! Sure it's great to meet and party with fellow hackers, but besides that we try to provide information and speakers in a forum that can't be found at other conferences. While there is an initial concern that this is just another excuse for the evil hackers to party and wreak havoc, it's just not the case. People come to DEF CON for information and for making contacts. We strive to distinguish this convention from others in that respect. Plus this year we have official DEF CON GOONS(c) who will pummel you until you pass out should you cause problems for other con.friendly people! Big Brother loves you! What's been said (Only the good stuff will be quoted, of course) Stevyn - "Why can eye say, it was intense! . . . the whole con just kicked ass! I totally recommend you check out the next one." Gail Thackeray, Prosecutor, "It's partly an entertaining party, it's partly a fashion statement. But it's mostly something about which the business world has no clue." Wendy Murdock, Boardwatch, "Def Con represents the tug-of-war that has always been present - people strive to get that which is just out of reach, aggravating governments and breaking rules in the process." ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: WHERE IT IS: The Tropicana has rooms reserved for the convention. Rooms are expensive. They are even more expensive if you don't book under the convention. If it is to expensive for you, please see the section below on Las Vegas www sites tha t can provide you with information on other nearby hotels that are cheaper. Check-in is 3pm, check-out time is 12 noon. Remember there is an 8% sales tax in Vegas. 65$ Single or Double room, Midweek (Mon-Thurs) 90$ Single or Double room, Weekend (Fri-Sun) 350$ One-Bedroom Suite (Call for Availability) The Tropicana, 3801 Las Vegas Blvd. So., Las Vegas, Nevada, 89109 (702) 739-2581 or (800) 468-9494 or (702) 739-2448 (Fax) Held in three conference rooms at the Tropicana hotel in Las Vegas, DEF CON promises to be interesting. The Tropicana has a huge pool (largest in the world? Anyway, lots of cool movies have been filmed with this pool in them) and in August Vegas should be about 100(f) degrees at one in the morning. What do you care? You'll be wired on caffeine and not sleeping anyway. There are numerous attractions in town from the strip bars to the local COs in case you seek distraction. The Tropicana is located right on the "Strip" with the other three corners of the street occupied by the MGM Grand (Largest hotel in the world), the Excalibur, and the Luxor (The big sense-net pyramid). If you can afford it I totally recommend spending some extra time in town.. there are too many cool things to do, especially if you have never visited. Heck, last time I got to rent and fire uzi's and MP-5 machine guns (OK, so you can do that for free in Los Angeles) see some strippers, and drink 1$ bottles of imported beer. What a place! Now you know why I chose Vegas for a location. SPECIAL EVENTS This year there will be a number of special events going down, including: [> Haquer Jeopardy [> Spot the Fed Contest [> Voice bridge [> Giveaways [> A Red Box Creation Contest [> A Video Room [> Cool Video Shit [> Scavenger Contest [> Who knows? COSTS Because of the increased costs associated with the convention this year, the price of admission will be 30$ in advance (See the end of this announcement the address to pre-register to) or 40$ at the door. This will include your goovie 24bit color name tag and a conference program. Don't forget to factor in Hotel costs, (The more people you crash with, the cheaper it is) gambling, food, gas, bail, etc. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: SPEAKERS This is a partial list of speakers for this year. More are being invited or waiting to make plans. As this list changes further announcements will be made. This should give you a flavor or what to expect, though. [> Winn Schwartau, Author of "Information Warfare" and "Terminal Compromise," is a consultant to government and the private sector regarding enterprise and national security concerns. TOPICS: "Information Warfare, the year in review" (Comedic) and "Tempest Attack Videos." [> Len Rose AKA Terminus is root at Bar Net, the largest internet provider in the world. Sun Microsystems and HP are some of their customers. After the legal fiasco Len faced years ago (as partially chronicled in "The Hacker Crackdown." This will be his first chance to speak of his experiences without the threat of having his parole revoked. TOPIC: To be decided later. [> Chris Hall of Executive Protection will be demonstrating a fully equipped "A-Team" van, a fully loaded spy mobile with all types of cool interception and surveillance goodies. Last year his talk included an overview of surveillance techniques. TOPIC: To be decided later. [> Sarah Gordon, AKA Theora, a veteran of DC II will be presenting another speech this year. Last year she organized a round table discussion with Phil Zimmermann and Presence, and revealed that the Anonymous remailer anon.penet.fi was compromised. TOPIC: Not Announced Yet. [> Curtis Karnow, former federal prosecutor and attorney focusing on intellectual property litigation and computer law. TOPIC: Agents in the telecommunications context, and "smart" software that we 'trust' to do the Right Thing. The specific issue is legal liability and responsibility for the actions of intelligent agents, and then spinning off to chat about the liability for artificial intelligence generally. Speakers will be talking Saturday and Sunday, and maybe Friday depending. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: SPECIAL EVENTS So you think you're so damn smart, eh? Think your shit doesn't stink? Right. Think you got one up on the Feds, huh? Well, now's your chance to prove it smarty-pants. Winn Schwartau will take command and moderate. ! A N N O U N C I N G ! H A C K E R J E O P A R D Y That's right. You can now prove how smart you really are. Get up on stage and question a few answers, pile up the points . . . and win big! You know the game. You know the rules. Now all you have to do is have the guts, get up on stage in front of your peers and the narcs and show us all! When? After Dark Tangent's opening speech (which we're all really looking forward to . . . [yawn] HACKER JEOPARDY starts! MIDNIGHT - DAY 1 of DEFCON. If you wanna play . . . show up. If you don't wanna play, don't show up. There will be three rounds of three people. Just like real. The winners of each round will go into the Finals and the winner of that will win 25,000 units of some foreign currency! From Dark Tangent himself! Plus: - A t-shirt three sizes to small for the women - No t-shirts for the men. - Silk jackets for everyone. - One Heineken per player per round at DT's expense. - Round trip directions to Hoover Dam - Phiber Optik's home address - Eric Bloodaxe's Blood Samples - And more . . . Contestants will be picked at random from a pool of those who want to play. If you don't wanna play, don't enter the contest. Only the elite survive! FEDS: If you get picked to play, and we ask you what your job is, YOU HAVE TO TELL THE TRUTH! If you don't, our custom Fed-O-Meter will detect your lies and off to the casinos you go! Potential categories for questions include: - - Famous Busts - Famous Narcs - UNIX Bugs - Telco Tech - "Hacking" and beware of the killer daily double. Bribing the judge is acceptable. So, in the inimitable words of Al Bundy . . . LET'S ROCK! 3rd ANNUAL SPOT THE FED CONTEST Spot the fed, win the shirt "Like a paranoid version of pin the tail on the donkey, the favorite sport at this gathering of computer hackers and phone phreaks seems to be hunting down real and imagined telephone security and Federal and local law enforcement authorities who the attendees are certain are tracking their every move.. .. Of course, they may be right." John Markhoff, NYT Basically the contest goes like this: If you see some shady MB (Men in Black) earphone penny loafer sunglass wearing Clint Eastwood to live and die in L.A. type lurking about, point him out. Just get my attention and claim out loud you think you have spotted a fed. The people around at the time will then (I bet) start to discuss the possibility of whether or not a real fed has been spotted. Once enough people have decided that a fed has been spotted, and the Identified Fed (I.F.) has had a say, and informal vote takes place, and if enough people think it's a true fed, or fed wanna-be, or other nefarious style character, you win a "I spotted the fed!" shirt, and the I.F. gets an "I am the fed!" shirt. Note to the feds: This is all in good fun, and if you survive unmolested and undetected, but would still secretly like an "I am the fed!" shirt to wear around the office or when booting in doors, please contact me when no one is looking and I will take your order(s). Just think of all the looks of awe you'll generate at work wearing this shirt while you file away all the paperwork you'll have to generate over this convention. I won't turn in any feds who contact me, they have to be spotted by others. TELEPHONE CONFERENCE BRIDGE For DEF CON III there will be a dial in conference set up. If you are overseas, or just too poor to make it to the convention this year, you can still get an idea of what is going on and participate. One part of the voice conference equipment will allow you to listen to the convention room microphone, another will allow you to ask questions during the Q&A sections of peoples speeches. A general conversation area will be up so you can chat with others at the convention, or just others dialed into the bridge. As more technical information and phone numbers become available for the bridge I will post them in future convention updates. Navigate through the voice mail maze and get free phone sex! Impress others! SPOOAH DOOPAH RAFFLE GIVE AWAY!@# Throughout the convention, between speakers and events there will be a raffle giveaway in which if your number is drawn, you win the prize. Last year's giveaway included an ancient kaypro monochrome portable, a roll of Sprint "security" tape, "Computer Warriors" evil anti-virus cartoon, a 240 meg IDE HD, and other elite things. >> All the prizes given away are donated by other convention goers, so if << >> you have any stuff to give away, please save and donate it to the con! << RED BOX BUILDING CONTEST While we don't encourage or condone the use of toll fraud devices, we do encourage creativity and expression of thought. We combine these and come up with a red box creating contest. The final device doesn't have to produce the real red box tones (Can't have people getting arrested) BUT it does have to produce some tones like with the stock crystal. This contest is inspired by last year's give away of a red box "Big Red" that looked just like a big pack of Big Red gum, but really was a red box. Elite! There was also a little girl's doll that was a red box, but the switch for that one was hidden under the dress and, well, it just wasn't given away. Come up with unique ideas! With just a Hallmark card and some spare time you can create an elite 007 style tone generating device! What will you win if yours is chosen as the most k-rad beside the envy of fellow hackers? You'll get a tee shirt and the cost of admission to the convention refunded PLUS some as-of-yet undecided prize. I bet you just can't wait to burn your fingers with your soldering iron now! THE VIDEO ROOM In one of the rooms a LCD wall projector will be hooked up connected to a VCR, and people can bring flicts to play. Stuff like Max Headroom, War Games etc. You know, the cool cheesy stuff. Also some "hacker" videos will be shown. If you have something you wanna show, bring it along. When the projector is needed in the main conference room it will be swiped for the duration. COOL VIDEO SHIT At this time we are working to see if a T1 connection is possible. If it is there will be a cu-see me connection set up with multiple video cameras in various locations. Images will also be added automatically to a WWW page for people to snag. As all this works itself out there will be further announcements. No, there will be no "Hack our server" contests, and there will be "Security Professionals" with "Diagnostic Tools" to "Correct" any people who may case the network problems. SCAVENGER CONTEST A scavenger contest is being planned. The person or group with the most number of items on the list wins the prize. (Prize undetermined as of yet) and there will be a few follow up prizes. Don't forget to carry massive amounts of water as you run about the concrete jungle, dehydration can happen just crossing the street. This is a contest for only the most k-rad. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: WHAT YOU CAN DO TO HELP DEF CON III will be planned right up until the last minute, with problems being fixed and new things being added all along.. a sort of work in progress that you get to witness in person when you show up. Hopefully it won't be too messed up when presented to the public. What can you do to help? - -> We are looking for people to speak on Personnel Information Gathering and selling. Hopefully a speaker (who could remain anonymous) in this area has experiences in gathering and selling such information. If you know of such a person, please invite them to contact me or let them know we are looking for such speakers. - -> We are looking for some people to submit artwork to be used in the convention someplace. It could be a poster, or in the program. Black and white art would be eligible for the program only. - -> Articles and interesting ftp sites, www pages, mini FAQs, etc. are all wanted for the program. Quality articles that are informative and apply to the theme of the convention. Scanner frequency lists, ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: MORE DEF CON INFORMATION The World Wide Web Page is located at: http://dfw.net/~aleph1/defcon FTP Site: ftp.fc.net /pub/defcon Mailing lists: mail majordomo@fc.net with the following statement in the body of your message: subscribe dc-announce This will set you up on the mailing list and you will receive updated information, information on the other mailing lists offered, etc. I suggest joining the dc-stuff list just so you can talk and plan with other people going to the con to coordinate rides, sharing of rooms, etc. Voice or Voice Mail: 0-700-826-4368 from a phone with AT&T LD. E-Mail: dtangent@defcon.org (The Dark Tangent) Snail Mail: 2709 E. Madison #102, Seattle, WA, 98112 BBS System to call for info if you don't have net access: Alliance Communications - +1 612 251 2511 - USRobotics HST DS 16800 NUP: New World Order Underground Information for Security Professionals and interested parties. Formerly ASU Underground in Tempe, AZ (602) & Radio Waves in MN (612). Associated Electronic News Network from American Justice Federation International Information Retrieval Guild Distro Site, Electronic Frontier Foundation MEMBER, and Phantasy Magazine Distribution Site. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: INFORMATION ABOUT LAS VEGAS NEWS GROUPS Please note the following newsgroups may or may not be designated for local distribution (Distribution: Vegas and/or nv), and is intended for all systems in the Las Vegas area or those interested in same on the same level as the la, ca, ba, ny, nyc, and other similar local higherarchies: vegas.bi Talk for bisexually natured persons vegas.config Configuration discussions for the higherarchy vegas.food Anything about food in Las Vegas vegas.for-sale For Sale/Want ads (no commercials, please!) vegas.general General discussion vegas.jobs Jobs offered and wanted in Las Vegas vegas.motss MOTSS community talk vegas.personals Personal ads - any nature vegas.singles Talk for singles vegas.test Group to test post to WWW PAGES about Las Vegas, Hotels, Things to do, etc. HTTP://www.infi.net:80/vegas/online/ HTTP://www.ocf.berkeley.edu/~iew/index.html HTTP://www.best.com/~rdc/roger/vegas.html HTTP://www.intermind.net/las.vegas.on-line/homepage.html ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: STUFF TO BUY Stuff is for sale from DEF CON I and II in case you are interested. From the first year we have audio tapes (4 90 minute tapes) for $20 and the second year (10 90 minute tapes) for $30. Descriptions of these tapes are below. DEF CON I Tapes (4) include the following speakers: Ray Kaplan, Curtis Karnow, Gail Thackary, Dead Addict, Dark Druid, Judi Clark Dan Farmer, and Dr. Mark Ludwig. DEF CON II Tapes (10) include the following speakers: Phillip Zimmermann : Keynote Speaker, PGP. Gail Thackary : Response to Mr. Zimmerman and Privacy issues. Chris Hall : Electronic Surveilance. Curtis Karnow : Recombinant Culture, Crime in the Digital Network. Dr. Mark Ludwig : Virus Creation Awards and What to do when the Feds come. Judi Clark, Mara, Fen and Marianne in a Round Table Discussion. The Dark Knight : Hacking in the U.K. Sara Gordon, Mark Aldrich, Phil Zimmerman: Internet and PGP privacy concerns. Annaliza (Torquie) : The European Underground scene. Mark Lottor : Various cellular topics. Winn Schwartau : HERF guns, Van Eck, Information Warfare Peter Beruk : The role of the SPA, general Q&A. Padgett Peterson : Anti-Virus writing, Cleaning up other peoples messes. The Jackal : A basic radio overview with Q&A. Artimage : Underground spoof and give aways. Stephen Dunifer : Radio Free Berkeley and pirate media. Damien Thorn : Random Cell information from the late night tech talks. SHIRTS are still available to buy. The ones remaining are long sleeve white with the choice of two styles. Both styles have a three color logo on the front (Red, Gray, Black) with "DEF CON". The back is either a list of strange grep key words and "inside" keywords with "Why? Because I can." at the top. Back #2 is the same back as DEF CON I with the old and "new" 4 Amendment as stated by J.P. Barlow with "Protect your rights, Encrypt your data..." at the top. The back on this style is two colors.. black lettering framed in light gray for better definition. Shirts are $20. SHIPPING : If you buy anything, please include 2.90 for priority shipping. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: LAST AND LEAST OK! Your almost ready to go. Now here is an E-Z to follow checklist of things you should take care of before throwing caution to the wind and bailing out to the dangerous and sexy-wrong world of Las Vegas. In the words of one famous (and abused) phone system: "Sit up straight, PAY ATTENTION, Listen to what your being told. (Now try again)" (Whoever can identify that phone system first gets in free) StUPh 2 D0 b3fore the C0nvent1ion: _ Check out inpho about Vegas so you know what you wanna do. _ Get a hotel room or some crash pad. _ Bring $40 for admission or pay $30 in advance. _ Bring your PGP key on disk to key sign with others. _ Bring Laptop, laplink, serial, and bizarre gender changer cables. _ Bring things to donate for the give-away raffle. _ Leave massively incriminating evidence at home. _ Police scanners can provide hours of fun in Vegas. _ Bring interesting videos to play in the video room. _ Caffeine and snacks are fun to eat. _ Don't forget any drugs or medication you may need. _ You won't need saline for your contact lenses, you won't be sleeping. _ Anything you promised your friends you would bring for them. _ Join the mailing list and arrange rides or rooms with others in advance. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: MY PGP KEY This is the unsigned version My signed version is available on the public key-servers ------BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy6v5H8AAAEEAJ7xUzvdRFMtJW3CLRs2yXL0BC9dBiB6+hAPgBVqSWbHWVIT /5A38LPA4zqeGnGpmZjGev6rPeFEGxDfoV68voLOonRPcea9d/ow0Aq2V5I0nUrl LKU7gi3TgEXvhUmk04hjr8Wpr92cTEx4cIlvAeyGkoirb+cihstEqldGqClNAAUR tCZUaGUgRGFyayBUYW5nZW50IDxkdGFuZ2VudEBkZWZjb24ub3JnPg== =ngNC ------END PGP PUBLIC KEY BLOCK----- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: WHY IS THE ANNOUNCEMENT SIGNED? Well, last year it came to my attention that some unknown person in California had modified an announcement and was having people mail their pre-registration money to them instead. It was actually pretty funny. Only one person was fooled and lost 10$. Not bad. I knew something was up when he said he had pre-registered for 10$ and had the receipt I had supposedly mailed back. I am never that organized! To avoid potential problems like this one please verify this announcement!@# My key is available for verification on public key servers, and my key-id is 46A8294D. The other key you will find on servers may be my older 1284bit key, which is still good, but just not used to sign this text. END ANNOUNCEMENT ------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLx9EqstEqldGqClNAQF+tQP/fVRMKLwHOjPFiizoFFVR0gjMnP/J/L24 1DhCJvw6ePaFAwuVHoRYenYulvoJVcRGnL+Do8ZXNqZ1Hz0oGQjcb7A0sW5BxJi6 VL6CCKIM8oCnsQQYlxvUn+omaVDXqfjcKNnehLTg0jrLAOjMUBaO9mt392MHN+Tb Icw0yVEHU1g= =Jq1x -----END PGP SIGNATURE----- ============================================================================== -=- The Empire Times -=- Issue 7, File 6 of 9 Are You a Hacker? by ReDragon Take a little quiz for me today. Tell me if you fit this description. You got your net account several months ago. You have been surfing the net, and you laugh at those media reports of the information superhighway. You have a red box, you don't have to pay for phone calls. You have crackerjack, and you have run it on the password file at a unix you got an account on. Everyone at your school is impressed by your computer knowledge, you are the one the teachers ask for help. Does this sound like you? You are not a hacker. There are thousands of you out there. You buy 2600 and you ask questions. You read phrack and you ask questions. You join #hack and you ask questions. You ask all of these questions, and you ask what is wrong with that? After all, to be a hacker is to question things, is it not? But, you do not want knowledge. You want answers. You do not want to learn how things work. You want answers. You do not want to explore. All you want to know is the answer to your damn questions. You are not a hacker. Hacking is not about answers. Hacking is about the path you take to find the answers. If you want help, don't ask for answers, ask for a pointer to the path you need to take to find out those answers for yourself. Because it is not the people with the answers that are the hackers, it is the people that are travelling along the path. -ReDragon ============================================================================== -=- The Empire Times -=- Issue 7, File 7 of 9 Recent Large Name Phreaker Busts by anonymous February 22, 1995 Did you wake up that Wednesday and decide it was a good day to get raided? Well, at least nine people had the pleasure of that experience. Rumors were slow to circulate. Even now, two weeks later, it's not clear to anyone who exactly was raided, where, why, or if they had been arrested as well. One thing all the people have in common: Southwestern Bell - or at the very least, the desire and ability to hack all the switches on the west coast. We know about Dispater (TEX), KC, Gatsby (and his girlfriend), Mark Tabas, Dr DeLam, Zibby, Phantom Phreaker, and Zero Page. While the investigation seems to be based in Dallas, Texas, the people come from different states: Illinois, Florida, Pennsylvania, Washington, California, and maybe Canada. The primary suspect? Zibby. It's rumored the phreakers had a good idea the raids were coming. So what did the FBI do, and how long have they been monitoring these people? Well, they have surveillance photos of some of the people involved. Apparently the fact that certain individuals had been together at some point in time is very interesting. Could they be fishing for a conspiracy charge, perhaps? They seemed to be very interested in confiscating bank statements and so forth; something to do with money laundering? Cellular fraud is a given. And of course, consistency being something federal investigators are known for, some cellular phones were taken, but _some_ were not. Certain people were threatened with indictments within two weeks; some were told they would probably never be disturbed again. One thing is for certain: their personal possessions will be gone for a very long time, possibly forever. A phone company employee was rumored to have stated, "it's not what they did to the switches and such, it's HOW they did it". An amusing anecdote has been told about Dispater, "Supposedly he tried three times to sell the CC numbers he had, and got ripped off every time!" Apparently, not everyone knew or approved of anyone making money off of their pursuits. It's also rumored that phone calls were made overseas to military bases in "hostile countries". There's some question about what these raids have to do with other recent events, such as the Kevin Mitnick arrest. While at least one of the people raided had connections to Mitnick, it appears that had nothing to do with what happened on February 22. -------------------- Special thanks to Super Happy Fun Ball. ============================================================================== -=- The Empire Times -=- Issue 7, File 8 of 9 Hacker learns intelligence secrets -----gotten from RISKS Forum------ Subject--Hacker learns intelligence secrets The London "Independent" newspaper of 24-Nov-94 leads with a story that a "hacker" gained access to a sensitive database of telecommunications information at British Telecommunications (BT), the UK's largest (and ex-state owned) carrier. The story was also carried by all the major television and radio news programmes. Tim Kelsey, author of the Independent story, reveals that details such as telephone numbers and addresses for secret installations of the Ministry of Defence, MI5 (the British intelligence agency responsible for the UK) and MI6 (like MI5, but handles non-UK affairs). "Thousands of pages of highly confidential BT records were sent across the Internet to a young Scottish journalist, Steve Fleming, in July". Mr Fleming received the information after making a news posting asking for information on BT and hacking. The informant remained anonymous -- details of how this was achieved are not given. The hacker also gave details to Mr Fleming about how he too could access the information. He applied through an employment agency for a short-term contract at BT as a database designer, clearly stating on his CV that he was a freelance journalist. He got the job, and was able to gain access to the information because passwords were just left lying around the office. BT is still going through a major staff restructuring programme, and as a result has a large number of temporary (contract) staff. These staff need passwords to the system to legitimately carry out their jobs, but because of the constant flow of people, the passwords are often written down. Mr. Fleming learned, among other things, * The location of MI6's training centre ("spy school"), located in a non-descript building next to a pub in south London * Information about the bunker in Wiltshire where the Government would go in the event of nuclear war * Details of telephone installations at Buckingham Palace and 10 Downing Street [the Prime Minister's home], including personal lines to John and Norma Major. The system itself, the "Customer Services System", was designed and implemented by an American company, Cincinnati Bell. It is supposed to have internal mechanisms to prevent hacking (!) So, what are the risks (briefly!) 1) Allowing temporary staff passwords that allow almost any data to be retrieved. It sounds as if the security levels of the database were either non-existent, or compromised. 2) Keeping sensitive information in the same database as non-sensitive information. 3) The age-old chestnut of the uses of passwords. A BT spokesman, speaking on the "Today" programme on BBC Radio 4 confirmed that a "top level" investigation had been launched, but refused to confirm or deny that the hack had taken place. ============================================================================== -=- The Empire Times -=- Issue 7, File 9 of 9 OSS '94 by firefly OSS '94 -- Third Annual Symposium on National Security And National Competitiveness -- Open Source Solutions In its third year of existence, and my second year of attendance, Open Source Solution's international 3-day conference is a mix of government, commercial, private citizens, and hackers joining together to discuss the implications of a National Knowledge Strategy. For those of you new to this series, OSINT (or OSCINT) is the intelligence technique of using public and unclassified data from any source to meet your intelligence needs. As I wrote in the first few segments in this column, this ranges from dumpster diving to CDROM databases to the Library of Congress to social engineering. If you've read my series, you know of Robert Steele. Hell, if you went to HOPE, you know him, he gave the elite keynote address with the flashing lights and all. Robert pulls together the best and brightest to speak and hold panel discussions at this conference. The affair lasted three days at the Raddison Hotel in Alexandria. It was an intense period, the first speaker started at 8am and they went thru until almost 5. Then came the daily networking reception where people could mingle, have some drinks and talk shop, and (last year) the few college seniors who were interning there could pass out resumes' and hope for jobs. Hey, it worked for me. OSS '94 boasted over 1000 attendees, 75 corporate sponsors, and 30 volunteers. I won't bore you with the details of the plenary sessions, but will tell you that some notable members of our side of the house were in attendance. Chris Goggans, Emmanuel, Bob Stratton, Rop Gongrijpp (sp?), and a few others headed up some of the panels on the pros/cons of hackers and the influence hackers (and those who know how to REALLY use computers in general) have on the ability of a company to get OSINT. Funny, these panels were PACKED with people -- there was not even standing room. In the Goggans-Stratton panel, there were 150 people in a room designed for 50! On a side note, I think that the NASA Atlas of Mars is a new hacker item, as the NASA reps gave a copy to Emmanuel, me, and a few other hackers (more so to get rid of them, I think, but funny nevertheless as ONLY hackers took 'em) Some big speakers included: Ambassador Holmes, Assistant Secretary of Defense for Special Operations and Low- Intensity Conflict (speaking about waging wars in the depths of cyberspace); Winn Schwartau, author of Terminal Compromise and INFOWAR (speaking about Information Warfare); Paul Fuchs, Director of the Red Cross (speaking about how OSINT and computers aid humanitarian operations); Loch Johnson, WELL-KNOWN author of intelligence books (speaking on the dark future of the CIA); and Robert Steele, who presented his Knowledge Strategy Thesis to the group. For you paranoid freaks, there were about 20-40 NSA people in the crowd, identified by the cryptic nametag that said only "Department of Defense". Hmmm. They hung around by themselves in their own little cliques. Very few spoke to anyone else. Kind of makes you wonder what it would be to work for the Big Bruiser of Fort Meade. I dunno. I like to interact with people, not just PCs, codewheels, and Never Say Anything. OSS is an international event, and the premise behind it is just as large. Robert Steele's basis for forming Open Source Solutions is to not only provide cost-effective information to whoever needs it (government or private sector), but to illuminate the expanding global connections and essentially publicize the Power of Information. Steele professes the need to "Restructure and Reinvent Intelligence". For those who don't know, intelligence is not CIA stuff. It's simple information. Yes, CIA uses information and puts a TOP SECRET classification on it. That's where Steele goes nuts. He says that (and I agree with him) that by using open sources, one can obtain better information/intelligence than by only using Spooky Secret Spy Stuff, and at a VERY SMALL FRACTION of the cost. It costs more to classify and manage this classified information than it does to look for the same stuff through open sources. Overall, OSS '94 was a bounding success. If anyone is interested in OSINT, feel free to contact me at firefly@cult.empire.org or at other well-known non-government addresses. -- Firefly Resident OSINT Consultant ============================================================================== -=- The Empire Times -=- ============================================================================= The Empire Times Q & A Section. Where can I get The Empire Times? Via BBS This is provided that you are on these systems, none accept many new callers, so the #'s are not listed, that is not to be mean. It is just that the System Operators are satisfied with their user lists at the current time. [NPA] [#] [System Name] [System Operator] ----- ------------- ---------------------- ----------------- (301) PRIVATE Empire Albatross (703) PRIVATE Digital Anarchy Armitage (602) PRIVATE Unphamiliar Territory Invalid Media (+49) XXXXXXXXX Secret Techtonics Sevenup Via Anonymous FTP etext.archive.umich.edu (ftp.etext.org) /pub/Zines/Emptimes fc.net /pub/defcon/EMPIRE Via World Wide Web I'm sure it's on a few of them.. Via The Empire Times Mailinglist Mail armitage@dhp.com with "subscribe emptimes " in the context of the message. To request old issues, just put "request emptimes # " where # is the issue #. Where can I get in touch with any of the writers, or contributers? Erudite/Armitage armitage@dhp.com The Dark Tangent dtangent@defcon.org PuD C0ur13r roach@tmok.res.wpi.edu Invalid Media upt@bud.indirect.com Firefly firefly@cult.empire.org Noe11e jbowyer@marge.hq.af.mil Drunkfux drunkfux@usis.com Okinawa okinawa@madhouse.com Grayarea grayarea@netaxs.com Dr. Freeze drfreeze@cult.empire.org Can I write? Where can I send my Article Submissions? You can mail Armitage or Albatross on either Digital Anarchy or Empire. You can also mail them to me personally at armitage@dhp.com with "Submission" as the title, or in a piece of mail before it. ============================================================================== -=- The Empire Times -=- =============================================================================