======================================================== +HCU Maillist Issue: 231 05/26/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: echo.de #2 Subject: Books on the web ARTICLES: -----#1------------------------------------------------- Subject: echo.de Hello Everyone Hello Fravia Thank you for your help, but it looks like the problem must be at my ISP and I can not complain because its Free. cheers Rundus ______________________________________________________ Get Your Private, Free Email at ********************** -----#2------------------------------------------------- Subject: Books on the web Hey all, I know this is not really cracking related, but it is a sad fact that it is not possible to find certain books on the web (yet)... Over the past 6 Months I spent quite some money on books and am trying to find a way to share it with our "community" :-) I have access to a Mac with flatbed scanner; Can someone point me to a good OCR program ? The books I can provide (and which are IMO interesting) include - Master Class Assembly - Mastering Turbo Assembler - Applied Cryptography - The C++ Primer - Adventures in UNIX Socket Programming (applies to Winsock to a certain extent, too) - Schulman's Unauthorized Win95 I am rather inactive right now in cracking due to the absence of a x86 CPU in my house and lack of time, but I know that these books contain a shitload of Info many newbies can certainly use... HalVar ______________________________________________________ Get Your Private, Free Email at ********************** =====End of Issue 231=================================== ======================================================== +HCU Maillist Issue: 232 05/31/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: Re: Books on the Web. #2 Subject: A nice protection #3 Subject: gthorne - 2600 letter #4 Subject: .ps files and security ARTICLES: -----#1------------------------------------------------- Subject: Re: Books on the Web. Many free (=trial) OCR programs are on the Web: TextBridge, TypeReader,CuneiForm,WinOcr to read Latin/Cyrillic printed caracters, you have to try them; they are huge to download, about 10 Mb. OmniPage OCR program is not free. Very searched and expensive (over $1000) OCR programs are: SDK; those for handwritten texts, for non- Latin/Cyrillic caracters, image recognition programs. Good chance. AZ111. -----#2------------------------------------------------- Subject: A nice protection While messing around with some games I want to copy, I found a nice copy protection used by a game. Not only the normal "Check for CD drive" bullshit but an interesting trick which avoids lamers from copying it. More is comming soon if I have more time cause I'm leaving in a few minutes for a three-day-holiday-trip. TWD -----#3------------------------------------------------- Subject: gthorne - 2600 letter Message Body = Hi all, Back in march, I posted a letter to 2600 magazine, and only remembered it when i saw the newest one on the newsstand recently basically, 2600 - the hacker quarterly (for those of you who came in late) stands for ideals such as free speech and learning, as well as getting important events noticed that affect the world and our rights in general any time the government, or a policing organization bullies you, without you having any say, or the p pubc hearing about it, you have lost why should big companies who pay people to be what we do get status as upstanding individuals or groups, when we who do this for no financial gain are treated as criminals? (if you arent being paid to do it - you are a crook) the people who played reversii on nt workstation to turn it into nt server are the good guys, imagine that - if we had done this, people would have dismissed it as the act of criminals rather than the exposing of one corporate scheme by a respected organization... this goes back to the definition of 'freedom fighters' and 'terrorists' in the media it all depends on what side you are on. dont anyone take me as saying that it always works this way as i a convinced there are truly terrorists and truly freedom fighters - what i am refering to is popular media and their decision for you as to which it should be for the swaying of p pubc opinion well - off my soapbox, here is the letter that i had sent, and was surprised to see in the 2600 with an answer - but then maybe i shouldnt be so surprised ;) hopefully we can continue to bridge the gap between hackers and crackers and make the world be safer for us - i refer here to the french cracker crackdown that just happened and to many more busts for apparently to the world what must be worse than mass murder... reversii i knew the letter would be posted late since the magazine is quarterly, but paper publishing leaves a nice permanent record that we were here * * * spring 1998 issue, page 38 - article title: clampdown Dear 2600: For those of you interested in current events in related topics, **************** was shut down in the second week of February. This was done by the Software Publishers' Association who have quite a pull in corporate software distribution. The majority of USA distribution corporations are part of this organization ************* The interesting thing to note is that we who worked on the texts and databases at cracking.net are reverse engineers, effectively hackers who break software codes rather than UNIX machines and other mainframes (though some of us do double duty and work on server hacking as well). Some of my work has been based on code in 2600 in the past and present, and so I can say for certain, that our goals are not much different - just the tools and the OS involved. Why was it shut down? Apparently someone saw a crack for the shareware app (s)he had written and reported it to SPA who then put pressure on the admins to close the server. It is sad that today in the realm of hacking/cracking this can happen, and does not appear much different to me than someone getting mad that bugtraq or rootshell.com exists and forcing it "off the air" so to speak, or even Phrack which so recently showed trumpet winsock reverse engineering (the type topic our students/colleagues cover in the course of our work and publish on our servers). Being a student and s teacher of the reverse engineering arts, and a rather well-known one in my field, I feel like it is important for this information to be placed in your magazine for posterity to sho others how people today can shut down anything they choose by threatening lawsuits with backing from people like Microsoft. Glad to see the monetary woes are not keeping you down. Greythorne The Technomancer (2600 posted this reply:) Thanks for the support. We also support the knowledge you were trying to get out before your site was shut down. If enough people maintian pressure on the SPA and their tactics, they will wither away. It is their destiny. * * * It certainly would be nice, eh friends? +Gthorne -----#4------------------------------------------------- Subject: .ps files and security Actually I begin studying internal structure of post-script files and editing them. As they are not normal text files, I wonder how one can be sure that a malicious code or virii are not incorporated in them. Browsing them with a usual antivirus-program would have no effect. Since such files were proposed in our list, I would like to know opinion of more advanced readers. Thanks in advance, even for brief hints. AZ111. =====End of Issue 232=================================== ======================================================== +HCU Maillist Issue: 233 06/01/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: Hackers/Crackers ARTICLES: -----#1------------------------------------------------- Subject: Hackers/Crackers Hye gthorne, hey all, Somebody here has probably already heard this rant :-), but I am sure it's worth repeating: >it all depends on what side you are on. dont anyone take me as saying >that it always works this way as i a convinced there are truly Unfortunately our so-called 'free' media is in no way free. When people refer to 'free' media, they usually mean media not influenced by government; what they fail to see is the major influence big business has on the media: If the media starts reporting things that money doesn't like, they withdraw their ads and the media is screwed. I've seen this happen to two newspapers I worked with on a medium scale, god knows how bad it is on bigger scales such as TV. This is btw. a scheme that repeats itself throughout society (whether this is good or bad depends on your viewpoint): TV used to be Governmentally funded, so it was certainly influenced by the Government. Now it is privately funded, so it is influenced by the rich. We took power out of the hands of the representatives WE ELECTED and gave this power to the rich. PROPAGANDA_MODE_OFF :-) >hopefully we can continue to bridge the gap between hackers and >crackers and make the world be safer for us - i refer here to the I think that cracking & hacking will continue to rely more on each other in the future. NT is taking over, that means that the source for your OS is not freely available any more. So you can't just search for a lazy programmer who used strcpy() instead of strncpy() and try to exploit it, you have to dive into the assembly listings and search for stack vulnerabilities...which is where us crackers come in, who else has more experience in looking at windows-assembly ? :-) What the guys at L0pht did with IE4 was definitely a hell of a reversing job, and I'd just encourage all crackers who are looking for something new: Get a paper on Stack Overflows (Aleph One's is pretty good), take your favourite internet application and have a look where you can smash that app. Try to get Ring0, sources are on stones site :-) Plus: If you ever manage to find a hole in a M$ program, publish it to Bugtraq and you can be sure that you just did more damage to Microsoft than 10 cracks could :-) Security holes are always widely talked about in the media, especially if they're M$'s fuckups :-) >french cracker crackdown that just happened and to many more busts Erm, I am a bit far away here from european media, can you tell us some more about it ? BTW: Are there any plans to resurrect something like cracking.net ? As you can see often enough, cracking sites are subject to a constant flux right now :-(, having a "safe haven" could do wonders... HalVar ______________________________________________________ Get Your Private, Free Email at ********************** =====End of Issue 233=================================== ======================================================== +HCU Maillist Issue: 234 06/02/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: gthorne - french events #2 Subject: gthorne - regarding cracking.net ARTICLES: -----#1------------------------------------------------- Subject: gthorne - french events Message Body = If you are interested in learning more about french raids on crackers, read this bit of information - which was given to me by someone who needs to remain anonymous for the purposes of this posting this is mostly a reprint from a letter i posted elsewhere so if you recognise it you dont need to re-read it :) use this page to translate for those of you who have less french knowledge than my nearly 10 year old translator skills... ********************************************************* here are some pages with information on the events news site... ******************************************** a related cracker site... ********************** +gthorne -----#2------------------------------------------------- Subject: gthorne - regarding cracking.net Message Body = cracking.net is staying down, which is not a surprise to me one thing that might be handy - we may be able to use some protected group such as 2600 to host our site it is something i have thought about for a long time they have backing, legally and corporately - so if 2600 is able to help us out, it may yet be a major way to solve this considering that the 2600 archives contain cracks and such, it cant be that far fetched I am thinking about doing a new letter to them regarding the french cracker situation i know it will be late when it is printed in the fall issue (or later if printed at all) but the idea is to get out in circles of people who are allies the kind of situations that are happing in our related universe i have an idea that if we get to know them, it might very well solve our little cracking.net dilemna it may not be feasible, or even more than a fantasy, but it is the best idea i have come up with to date any other ideas are of course welcome +gthorne =====End of Issue 234=================================== ======================================================== +HCU Maillist Issue: 235 06/03/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: gthorne - security for newbies (and oldbies too) ARTICLES: -----#1------------------------------------------------- Subject: gthorne - security for newbies (and oldbies too) Message Body = SECURITY OUTLINE FOR SELF PRESERVATION ON THE NET More and more people are asking me about security on the net - usually it is people asking me about credit card safety... 'is it okay if i use my credit card on the net?' of which the answer is the same as when you say: 'can i use my card on the phone?' ...because no matter what SSL security or whatever is used on the browser end to the server, usually the server uses a mailer to send the results to the owner of the system, and it is never encrypted (ie: e-mail is insecure... duh) Back to the point of this letter: it is more and more necessary to protect your identity and data as the self-imposed data cops out there get more and more like hanging judges with execution squads going out and getting people and taking them in or firing them (spa, french data cops, peeping-tom employers, etc...) the question i hear repeated often to the letter is 'how can i keep myself safe from these people' first of all i want to say that it is tedious and un-fun to do what it takes to preserve the anonymity of yourself and your files... one must be beyond meticulous, anal and truly obsessive about it to insure that they 'have nothing on you' when the time comes that they might have a looksee into your private affars much of this may sound like common sense, but if everyone had the same set of common sense, there would never be any hackers or crackers in jail that said, lets go into the simplest point --- how do the cops know to look for you? they hear about you the number one thing that cops do is ask around, they get people to turn in their friends, they talk to others in the same field, they contact administrators and bosses the only cases where this is not true --- it is still true basically there is always a 'rat' - in the case of the net, one can be one's own rat (bragging about ones own exploits is as bad or worse than a 'friend' or a boss or relative telling the world about your dealings. if your nickname is out, dont record it on your hard drive or in your notes - that way no one can say it really is you dont let people call you the name in real life - it must be a private thing that only the alternate world of the web must become familiar with, and not attached in any way to our real names THIS IS HARD! - over the years we get attached to our handles and become known by them - which is our nature, but not safe by any means remember that this little paper is on how to keep secure, not a paper describing what we do, but what we ought to do even if we are too weak to comply - i wasnt kidding when i said that it is tedious and hard work to protect your identity often, it has been necessary to adopt a secondary lesser-known handle for p pubc, so that one can keep anonymity when one really needs it in special situations do not call this an alias, it is a bad word that cops and credit bureaus love to use when referring to shady characters this is your pen name, or handle (both of which have less stigma attached than alias or a.k.a.) as with most bad martial arts movies of the seventies and earlier, it has always been pointed out that the 'best defence is not to be there' this refers in our case to both identities and files not only does one want the pseudonym to be unrelated to self in the real world, but files with shaky topics need to also be distanced from self as well again this is not easy... methods involve the net and encryption (encryption may not be available in your country, such as france in particular which has only recently made available the SSL in web browsers, without it being a felony) the hacker kevin mitnick (who thinks of himself more as someone who just spends alot of time reading and social engineering) used the net method - basically he kept nothing on his hard drive or at home, and left everything on remote servers anonymously in this case, unless the authorities knew where to look, there would be no physical evidence of anything he had ever done again, most people are unwilling to do this, for fear of data loss or whatever reason, but that doesnt mean it isnt important! if you need to have at least something - you need to encrypt it or so obfuscate it that it doesnt look like what it really is if you can... PGP EVERYTHING! over the years it has been good to see articles in the computer underground digest describing how pgp has saved them - one in particular was a woman who worked in a small country in i believe the peace corps or ministry, basically with a bunch of needy people the government decided they needed the list of names of these people since they were working with non-nationals - meaning the USA, and they had her incarcerated for weeks, until realizing they werent going to get the pgp password from her and the data on her hard drive was safe from them, and so were the people who would mose surely have 'disappeared' if their names had been discovered well, things are relatively less drastic for most... but the need is still there here is a blueprint for a rather intense set of security: 1) military level pgp pair (preferrably pgp version 262) using a relatively long pass phrase 2) keep private key on a separate set of disks, not on the hard drive, and encrypted * - could install a secure desktop of some sort as well my favorite method on DOS machines is to have a floppy using KOH (virus like encryptor) that allows you to encrypt a floppy rather deeply with a pass phrase it encrypts and decrypts on the fly as long as you have entered the pass phrase, so it is nice and transparent to you (just write protect your stuff you dont want encrypted though or you may have to use your pass phrase to get into all your stuff over time if you use KOH alot) for windows there are a ton of methods, though about the simplest - which will at least keep the average loonies out... is to install pgp on a read/write protected zip disk therefore they will again need to have a passcode to use pgp and get to your private key 3) when you delete something, make sure it is REALLY GONE ... for dos, realdel (real delete) is a good option and someone who wishes to remain nameless pointed out the windows 95 shredder at: ********************************************* I have not played with it yet, as it was just sent to me today, but it is worth looking at for those who came in late, some of our previous letters referred to true drive wipe security requiring at least 7 times overwriting a hard drive with zeroes and then ones alternating if you think this stuff isnt for you, remember that a friend of mine has a friend who is in prison because someone sent him some child porn and his hard drive crashed... he went to have it repaired and the technician called the police on him and thats all she wrote. (he didnt ask for the images - but being there was all it took for guilt) 4) when people start showing up acting nice to you and telling you how good your work is... be suspicious, lay low, and if you must respond use the anonymous remailers ****************** still has a nice mixmaster remailer this tactic has only recently saved one of our own, so no matter how paranoid that sounds, wouldnt you raher be paranoid for a time then spend that time in prison? bad things come in the form of 'sent mail' folders and 'messages history' in the case of ICQ which act as roadmaps to not only everything devious you ever planned, but also the people who will go down with you if the federales read them 5) cops like groups - they love to get a 'crime ring' as they see it, and tend not to go after lone individuals - unless that lone individual is one who has caused real damage (again this is in the eye of the beholder) if you ever do get into a situation, never reveal anything the cops will say they 'cant help you if you dont cooperate' ...this is where attorneys are good, they have attorney-client-privelage which means the cops cant touch it if you dont want them to the cops will use you and your friends and family if they can in order to put you away, often offering deals to make up for the fact that they wont have any info on you that you dont give them yourself - if you see no true deal offer rather than 'we wanna help you' then there isnt one, they do lie to get their way - dont let them fool you basically to rebterate the most important point - if you dont have incriminating evidence on you, then it cant be used against you if none of the above works for you, you can always burn much of your evidence as well, printouts especially sometimes that is the only way to assure that something will not be found - even in todays information age we do love a hardcopy that sits around like a sore thumb for the completely anal, someone gave me a program a while back that has the sole purpose of wiping everything including partitions from a hard drive... floppy of death so to speak i think the reason i never wrote one of those in the past was simply the thought, 'how do i test this safely...' bringing up the next point that i almost forgot to remove it from drive A when i first took a look at it (caught it as the machine was rebooting) a good panic button like this is a necessary evil, as much of the evidence against you will be on your own machine the less floppies you have to erase the better, because if you are in any time crunch when they come looking for you there will be no time to do anything but flip one switch (which should be the 'reboot' switch and one of those disks in the drive just waiting to make the kill) also: do not keep a list of passwords, but if you must, PGP IT! there is nothing more unsafe than a list of accounts with unencrypted usernames and passwords next to them, especially when your important data is on them (and of course if the accounts do not belong to you) well, thats enough for now, and if you forget most of this just remember to ENCRYPT, ANONYMIZE, SPEAK NOT OF YOUR DEEDS IN PUBLIC, and TRULY ERASE what you do not HIDE ON THE NET take care, and be safe +gthorne =====End of Issue 235=================================== ======================================================== +HCU Maillist Issue: 236 06/05/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: To Gthorne #2 Subject: Resource Editors #3 Subject: re: security ARTICLES: -----#1------------------------------------------------- Subject: To Gthorne Gthorne, Thanks for your excellent (as usual) advice on security. Can you please make that floppy of death available? I have thought about writing a simple bat file running a wipe prog like you refered to. The problem is time. If one got busted, there is no way a prog could wipe todays multi-gig HD's in time. Your pgp encryption of sensitive stuff is the best idea. Wiping is not necessary. Your thoughts are always respected and appreciated by me. zinger -----#2------------------------------------------------- Subject: Resource Editors Yesterday, I bought CD with the demo version of Globalink's PowerTranslator software. I want to remove the initial splash screen using a resource editor as it is ugly and also to save space. However, the file is large and it takes a few seconds to load up with BRW. I delete the resource, but when try to save, I get a "Unable to Allocate Memory" error. I've got 64mb RAM and have tried BRW under win95 and NT4SP3. Any suggestions as to why this happens or alternative resource editors that cope with large files? BTW, when I first saw the 30 day trial, for some reason it reminded me of timelock so I checked the directory and found: tl221mn.dll and sv221mn.dll. I took a cursory look at them under hiew and it looks similar to timelock, but I haven't really investigated it properly. If it is timelock, then it is a natural progression to put a front on it to stop it from being instantly recognised. Cracking it directly is easy and there isn't anything interesting. ~~ Ghiribizzo -----#3------------------------------------------------- Subject: re: security >THIS IS HARD! - over the years we get attached to our handles >and become known by them - which is our nature, but not safe >by any means I know the feeling. I started Ghiribizzo out as a low security nym but probably should have been more secure. Undergoing 'reincarnations' isn't a bad measure to take. >my favorite method on DOS machines is to have a floppy >using KOH (virus like encryptor) that allows you to encrypt >a floppy rather deeply with a pass phrase About a year ago, I heard that an AV program could find and remove the encryption. It was called One-half, I think. If this is true, then KOH offers no real protection. There are various secure file systems available which make encyption more or less transparent - though you'd better check to see that it offers the level of protection you require. Cypher newsgroups will probably have the info you will need. This can be combined with the 'floppy of death' principle. Being able to supply a password to either decrypt or overwrite on bootup (or overwrite and place an innocous setup on the wiped disk). If you know you're in trouble, after you wipe your disk (securely). It may be worth selling it (somewhere far away in a car boot sale). I'm not sure how cheap it is to recover data that has been overwritten multiple times, but if you think you've done something that would make it likely that someone would try to recover overwritten data, it's better to be safe than sorry. When using IRC or direct comms, make sure you are using someone else's account. Someone who has no relation to you at all and is hopefully on the other side of the country. Universities are also very good. You can basically walk into any University unchallenged and use their resources. Install a keylogger and you will have a few accounts in a few minutes. When I was writing my legality of cracking essay, I used the law libraries and computer centres of Sheffield University and King's College London. Universities are great resouces and are free! As gthorne says, it's no fun having to post every email through an anonymizer. You'll need to judge for yourself what level of security you require. Stay safe, Ghiribizzo =====End of Issue 236=================================== ======================================================== +HCU Maillist Issue: 237 06/05/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: Re: Security ARTICLES: -----#1------------------------------------------------- Subject: Re: Security Hi this is Muso, well I agree that most people are not sensitive at all about the security issues on the internet. The most people think, everything is so fast and complicated that no-one can catch their e-mail... Additionally the commercial companies fire marketing-bla-bla on the users, that everything is nice and save. It's even hard to get the people used to use PGP if they send e-mails. For e-mails I think the best an securest way is to use services like HotMail etc. and than even use an remailer. Further all mails to the remailer should be encrypted with PGP. However, I think the best thing to do is to use a secure and transparent file-system. I would lile to see a PGP file-system. Wouldn't it be a nice project for HCU to develop a secure file-system? I never would trust a commercial 'secure' file-system at all... I know that a file-system development-kit for NT exists, for Linux the thing would be easier to do. Does someone has an idea how to get the NT file-system development-kit? It would be a very interesting project. Just an other note for all of us: Have you heard that the so loved guys from Time-Lock are cooperating with an other company (sorry, don't have the name at hand but I can get it) which makes a product like ZipLock or something like this... well, the cometion continues :-)) ... Muso ... ... ... =====End of Issue 237=================================== ======================================================== +HCU Maillist Issue: 238 06/07/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: topics for meditations #2 Subject: gthorne - re: letters #3 Subject: "Panic Switch" #4 Subject: NetXRay ARTICLES: -----#1------------------------------------------------- Subject: topics for meditations Having recently entered a large computer library, I examined their cryptology shelf: many modern books on its history, methods, code breakers..., except on the usage of the computers in this field. The were many spy stories and "disclosures" from the cold war period, very few of them speak of the code breaking attempts. The subject is so sensitive, that it even cannot be used for desinformation on a public scale. Very little is known about NSA, nothing about its counterpart in USSR, France, GB. Maybe the end of the cold war was due to a decisive history on this front, as it was during the second world war, where the German code was broken by the British and the Japanese by the USA? I read in a computer dictionary: "The Internet, in its first incarnation as the ARPAnet, was designed to serve military institutions". Are you sure it has stopped to serve those institutions? Maybe it was intentionally ceded to the civil institutions to control world-wide communications? Or to distroy communications control system in rival countries? It is probable that all PGP messages are already decryptable on the NSA (not corps!) level, and as France is not so advanced, it has introduced its own restrictions. The proposed (or imposed) restrictions level do not reveal the real country's possibilities; they are designed for official court procedures. There are unconfirmed and unofficial reports indicating that certain countries use their military institutions to break codes in the civil communications on the national and international scale. Is it a new battlefield? That's why a reduction (even a dissolution!) of conventional armies? Last year crackers&hackers were designed as a security preoccupation in USA, and now it is in France! Many other countries are more preoccupied with a rival character of Internet communications, than with crackers stories. In fact, most of the software editors are in USA, France, GB; the losses resulting from Warez sites fall on those countries, and oher countries are reluctant to spend the national money to search for crackers, and prefer to spend it for controlling domestic communications, and are very annoyed by the PGP usage. It is also probable that our list is being attentively read by different foreign secret services. So do not reveal the result of your research to those services. Reveal it only to your best and reliable friends. AZ111. -----#2------------------------------------------------- Subject: gthorne - re: letters Message Body = thanks to you all for responding to my rather lengthy letter ;) some thoughts i have: the virus removers detect KOH (some idiots in the usenet i have had the displeasure of conversing with actually assume that makes it a virus and whined alot) it is possible that the scanner could read the passphrase, and then decrypt the whole disk and rewrite it - using its key format as well... i would love to see it work though, and my first bet is that most virus scanners do not remove the encryption, but all of koh: meaning that all data lost on the disk that does not mean that some do not remove it fully... and this would make it rather useless if you had the right tool (but anything to make it just that much more annoying for them to find data such as a private key would be nice) regarding the floppy of death to erase hard drives, go to my website at greythorne.home.ml.org and get to my orcpaks/more directory you will see it there called hdkill.zip --- be careful with it! ghiri mentioned universities... great tool! one of my favorite methods of using them - requires a web browser often the machines in a computer lab allow no access to anything but the browser (in dos or win machines this isnt much of a problem, but this method works for all - even dumb terminals) usually these places have at least one in the lab that have a telnet which is accessible, in poorly configured lynx browsers you could type !telnet and get telnet to run, or you could type telnet:// in a web browser what if these dont work? a trick that tends to work when none of these do requires a bit of forethought basically make a website with a links page on it somewhere on the net, and put a telnet link in the page to your favorite servers you login on then submit the hell out of it to search engines basically - on machines where i could not do anything but use a search engine, i could use it to search for my name (greythorne isnt that hard to find on the net anyway so it was easier for me than most... but not a problem if your search engine postings were adequate) you could then find yourself on a page, click the hyperlink and viola you are in telnet session even if lynx is designed not to let you type telnet as a command (note that card catalog computers are the ones that usually fall for this trick the most easily since some people are smart enough to delete telnet.exe from win boxes, though most i have seen do not) it really blows people's minds when they actually see you using the card catalog machine to attain full internet access (irc and whatever) though most of the time if you look like you are being busy, they tend not to pay any attention or even have a clue as to what you are up to the icing on the cake is when you find the library access number from the university in question, dial it, then use one of these tricks to get free internet access usually calling the computer services at the university, claiming that you are a student or family of a student and need to know what the library dialup number is, they are usually glad to help i have used this on a multitude of occasions when on the road granted this method isnt great for graphical viewing, but sometimes as i am sure you are all aware, it is just fine to get ahold of your email or browse text only anyway from lynx on one of your own unix accounts waiting patiently on the net maybe someday i will find a way to make slirp (slip/ppp emulator) or some other allow for slip connection though all those hoops, but for now i havent gotten it to work - if it is even possible though the term program from linux probably has no problems with it at all well if i am not careful i will keep writing and writing and none of you will want to finish it all, so i go before i start becoming a nuisance ;) +gthorne -----#3------------------------------------------------- Subject: "Panic Switch" >a good panic button like this is a necessary evil, as much >of the evidence against you will be on your own machine >the less floppies you have to erase the better, because >if you are in any time crunch when they come looking for you >there will be no time to do anything but flip one switch >(which should be the 'reboot' switch and one of those disks >in the drive just waiting to make the kill) A friend of mine has "developed" a system which seems to be rather efficient to me: He wired a cheap self-defense "Tazer" (How ever you call those things with the ridicilously high voltage and low Ampere) so that he only has to flip one switch and his HD gets tazed. The question is now of course whether this will be enough to truly kill all data on the disks itselfves, but it will with a high certainity destroy the elecronics of the HD itself. I still think that data can be recovered in special labs in this case, but I wouldn't count on it. HalVar ______________________________________________________ Get Your Private, Free Email at ********************** -----#4------------------------------------------------- Subject: NetXRay Hi this is Wings, I'm very glad to join this list. first time. :) These days, I'm trying to crack the NetXray demo version. because it can only analysis 5 packets. I think I have find the register ways. but It seems this can't resolve the 5 packets problem. Is anyone know of it? The question is I can't find the point of NetXRay begining to capture packet. :( ... Wings =====End of Issue 238=================================== ======================================================== +HCU Maillist Issue: 239 06/08/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: crypto books #2 Subject: re: letters #3 Subject: Tazer on HD?! #4 Subject: Kill Switch #5 Subject: commercial hardware #6 Subject: gthorne - floppy of death important info #7 Subject: gthorne - pgpfone ARTICLES: -----#1------------------------------------------------- Subject: crypto books >>> Having recently entered a large computer library, I examined their cryptology shelf: many modern books on its history, methods, code breakers..., except on the usage of the computers in this field. <<< Try a University mathematics library. Crypto books are quite rare, but you should be able to find some. Try searching for crypto academics in Universities that may turn up some results. ~~ Ghiribizzo -----#2------------------------------------------------- Subject: re: letters >that does not mean that some do not remove it fully... I have heard that one-half actaully recovers the data. >you will see it there called hdkill.zip --- be careful with it! There is also a commercial as part of the Norton Utilities which does a wipe (I mentioned this in a previous post). >>> the icing on the cake is when you find the library access number from the university in question, dial it, then use one of these tricks to get free internet access usually calling the computer services at the university, claiming that you are a student or family of a student and need to know what the library dialup number is, they are usually glad to help <<< This is exactly what I do. Most Universities have a dial-up service and you can simply walk to their IT help desk and pick up dialup information leaflets or ask them for help. I've never been asked for ID. Universities also usually have an internal phone system and the dialup is sometimes on an internal number which means you can hook up a laptop to an internal line. ~~ Ghiribizzo -----#3------------------------------------------------- Subject: Tazer on HD?! >He wired a cheap self-defense "Tazer" Tazers are devices which shoot out an electrified bolt to stun someone from a distance. There are also things called stun guns which spark across two contacts and needs to be used close up. I don't think the setup will do much to the platters and I would imagine that the data could easily be recovered. This form of recovery isn't just for organisations with TLAs; there are some data recovery companies which will do just this sort of thing for you. ~~ Ghiribizzo -----#4------------------------------------------------- Subject: Kill Switch Hello Everyone >A friend of mine has "developed" a system which seems to be >rather efficient to me: He wired a cheap self-defense "Tazer" >(How ever you call those things with the ridicilously high >voltage and low Ampere) so that he only has to flip one switch >and his HD gets tazed. The question is now of course whether >this will be enough to truly kill all data on the disks itselfves, >but it will with a high certainity destroy the elecronics of the HD >itself. >I still think that data can be recovered in special labs in >this case, but I wouldn't count on it. My thoughts on this, is that would it have any impact on the Platter or Platters because the high voltage would over-saturate the Transistors (blowing them up)and thus create an open circuit. Whether the voltage is higher enough to physically exposed the transistors and cause particles to physically damage the platter. I maybe wrong on this. cheers Rundus ______________________________________________________ Get Your Private, Free Email at ********************** -----#5------------------------------------------------- Subject: commercial hardware Hello Everyone This is abit of a whinge. Having not so long ago brought a Diamond video card and having display problems. I contacted Diamond and I finally got a reply from a oerson,they were not interested (great after sales services). Anyway fixed all but one of the problems. Iam now thinking of updating my video card to 3D. Can anyone recommend an video card with good after sales service from the company? cheers Rundus ______________________________________________________ Get Your Private, Free Email at ********************** -----#6------------------------------------------------- Subject: gthorne - floppy of death important info Message Body = newbcrack ran the floppy of death he gave me, and tested it: apparently it erases partition info, doesnt clear data (yet) that apparently makes it possible to still red data, so the next step is making it make one partition and erase it that wont be too hard considering the partition removal is the bizarre part anyway just thought i might give you guys this important info before you started playing with the pentagon's files ;) heheee! +gthorne -----#7------------------------------------------------- Subject: gthorne - pgpfone Message Body = trying out pgpfone with friends (now that it seems to have finally gone over the 1.0 median) *********************************** i am interested in hearing if anyone has already made use of it and any security concerns about its usage of more direct interest to me is nonverbal, in other words 'pgp chat' of some kind that can be used (hopefully without requiring unix) which can be used ip to ip like icq chat would be i probably need not explain any further than that +gthorne =====End of Issue 239=================================== ======================================================== +HCU Maillist Issue: 240 06/09/1998 -------------------------------------------------------- Send Articles To:......................... ************* Info, Help, Unsubscription, etc:....... **************** Web Repository.........................hcuml.home.ml.org ======================================================== CONTENTS: #1 Subject: gthorne - crypto book #2 Subject: re: Next Generation of Crackers #3 Subject: floppy of death #4 Subject: the tazer (kind of) ARTICLES: -----#1------------------------------------------------- Subject: gthorne - crypto book Message Body = barnes and noble a while back - i go 'applied cryptography ed. 2' a rather deep book touted on the front cover to be the one that the NSA never wanted published (wired magazine not only said that, they also said that it is the best intro the writer for wired had ever seen into the crypto world) like i said, it is quite a book it comes with C source code which is why i bought it the ISBN is: 0-471-11709-9 and as usual its a good $50.00 usa cost +gthorne -----#2------------------------------------------------- Subject: re: Next Generation of Crackers Greetings Everyone, Greetings Ghiribizzo, >>>>When I first started writing tutorials, I tried to recruit new crackers. I released the crack for a program into Usenet with a message attached basically saying "if you want to learn how to do this yourself take a look at this web page..". Although there may be some new crackers due to this, I found that I got more attention from the 'plz crack this' lot than from anyone actually wishing to learn. I think in the end, the next generation of crackers will find us, not the other way around. <<< Based on my own personal experience, I agree all most entirely with what Ghiribizzo had to say regarding 'new crackers' finding 'us' rather that 'we' finding them. Nothing is ever handed down to us for free, we all in one way or another, have to make a commitment to ourselves to seek out information that we know we can use to our advantage. This mailing list for example, while not *too* difficult to find if you are willing to follow bread crumbs is sufficient to filter out those who *really* want to learn and those who are *curious* about cracking. I know now that you cannot recruit crackers from writing tutorials since those reading them don't *yet* know themselves what waits for them round the next corner. Many shall try and follow the paths (yes paths for there are many avenues to *cracking*) and attain a basic understanding of how to make a *crack* and progress no further, then there are those who seek out the *real* knowledge that lies behind the *cracks*. 'Tainted' knowledge from reading 'other' peoples tutorials should not be our worry, isn't it a fact that we all develop our own personal methods and skills to solving a given problem in our own way which, can be ultimately attributed to something we've either *read* or *heard* somewhere!. Yes, knowledge is our tool, our trade, but it doesn't guarantee that we will encourage others to follow the same road we have chosen. Having now read all of +ORC's lessons (the ones I could find that is) I came to this conclusion, which perhaps you may or not agree with. +ORC's lessons stand out from everyone else's tutorials because he is able to inspire *others* interested in *cracking* to go beyond their own pre-conception of what *cracking* is all about and to make the reader aware, that there is more to just *cracking* a program, that there has to be an understanding between you and the underlining code before you can truly say that you have *cracked* the program. My own views on *cracking* follow this same theme, only I say that the protection system used in a program is but a single function within a large and unfriendly section of code, it's the logic that lies 'behind' the creation of this protection system that we must first *crack* before we can understand how to *crack* it. I apologize to everyone if this seems a bit too philosophical but it's what I believe in and what's gotten me where I am today and where it will take me tomorrow.. My thanks and appreciation goes to all for sharing your knowledge and hope that what I have to offer, someone will equally find useful..:) The Sandman -----#3------------------------------------------------- Subject: floppy of death hello all, just wanted to give the background on my 'floppy of death' toy. it's a script for debug that zeroes out your partition information. handy for quickly erasing multiple partitions. i originally got it for trying to rescue a dying hard drive that wouldn't fdisk, format, etc. anyway... i am no hardware expert. but i think that since all it does is zero out the partition information (the particular script i passed along to gthorne is for a 2.01Mb hard drive), i have to assume the data is still accessible through whatever data recovery tools you want to use. i used it to quickly erase a linux partition the other night. that was just for convienience. but yesterday (dont laugh) i got virused. the little bugger hooked damn near everything i needed to fix the problem. i couldn't even pop into softice and look at what was going on. so i popped in the handy 'floppy of death' and cleaned it the brute force way ;-) oh well, i find windows seems to run better when wiped out and reinstalled every month or so anyway... thanks for everything you people have taught me. it amazes me when i look at all the great knowledge that comes through here and the other 'quality' venues. please continue to teach. its appreciated. newbcrack -----#4------------------------------------------------- Subject: the tazer (kind of) greets again, here's an article in phrack 52 by agent steal (written from prison). he talks of a lot of the legal ramifications of hacking, and adds a section about avoiding detection. it was an interesting read. ******************************* his hard drive killer is mentioned in 'Part III > C. More Protection' later folks, newbcrack =====End of Issue 240===================================