home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacker Chronicles 1
/
HACKER1.ISO
/
phrk4
/
phrack39.13
< prev
next >
Wrap
Text File
|
1992-09-26
|
30KB
|
552 lines
==Phrack Inc.==
Volume Four, Issue Thirty-Nine, File 13 of 13
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN Phrack World News PWN
PWN PWN
PWN Issue XXXIX / Part Four of Four PWN
PWN PWN
PWN Compiled by Datastream Cowboy PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
Airline Claims Flier Broke Law To Cut Costs April 21, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Del Jones (USA Today)(Page 1B)
CHICAGO -- American Airlines had one of its most frequent business fliers
arrested and handcuffed last summer as he prepared to board a flight at Dallas-
Fort Worth Airport.
The nation's largest airline -- and the industry's trend setter -- says it
uncovered, then snuffed, a brilliant ticket fraud scheme that cost American
more than $200,000 over 20 months. Economist William Gibson, who has homes in
Chicago and Dallas, will stand trial in early June. If convicted, he would
face a maximum prison term of 125 years. He pleads innocent, although he
readily admits using lapsed non-refundable tickets regularly to fly at rock-
bottom prices. But, he says, he did it with the full blessing of American's
agents.
Gibson says American and the FBI are out to make a high-profile example out of
him to instill a little religion into frequent business fliers, who grow bold
as they grow more resentful of an industry that makes its best customers pay
substantially higher prices than its worst.
Indeed, American Airlines says one reason it slashed full coach fares 38% two
weeks ago was to douse customer resentment that was escalating into hostility.
Now, the airline industry is again looking to American for a glimpse of the
future to see if Gibson's prosecution will set a trend toward lowering the boom
on alleged fare cheaters.
American says conclusions should not be drawn from its decision to push for
Gibson's prosecution. It alleges that he was conducting outright fraud and his
case is unrelated to the thousands of frequent fliers who break airline rules
to save money. Common rule bending includes: Flying to so-called hidden
cities when a short flight is more expensive than a long one, splitting two
non-refundable round-trip tickets over two separate trips to fly low-cost
without staying the dreaded Saturday or selling frequent-flier mileage to
brokers. But while against airline rules, such gaming, as the airlines call
it, is not against the law. And American doesn't want its prosecution of one
of its Gold AAdvantage fliers being likened to, say, Procter & Gamble asking
the FBI to bust babies who wet the most Pampers. The last thing the airline
wants, it says, is to make a martyr of Gibson, who is fighting back with not
only a lawyer but also a public-relations specialist.
"Somebody at American is embarrassed and mad," says Gibson, who flew more than
300,000 miles during the disputed 20-month period. He passed a polygraph test,
his lawyer says. But the questions fell far short of asking Gibson if his
intent in using cheap tickets was to defraud American.
Gibson, age 47, says he would never risk his career by cheating an airline.
While in his late 20s, he was President Nixon's senior staff economist, the
youngest person to hold the job. He had a hand in cleaning up the Texas
savings-and-loan mess as an organizer of the Southwest Plan. His mother still
has a photograph of his first plane trip, taken when he was in the third grade.
It was on American.
Despite his background, Gibson says he's not confident that a jury will relate
to someone who travels with "a boatload" of tickets just to avoid being
stranded or delayed. If he were flying to a family-run business in Puerto
Rico, for example, he would carry tickets that would route him through New
York, Dallas or Miami just to make sure he got where he was going and with as
little airport layover time as possible. Gibson had as many as 50 airline
tickets in his possession at one time, though some were used by his family.
American Airlines and the FBI won't reveal what Gibson did that makes him, in
their opinion, such a devious genius. Details could be a how-to lesson for
others, they say. What they do disclose is a simple scheme, but also one that
should be caught by the crudest of auditing procedures.
Gibson, they allege, would buy a full-fare coach or first-class ticket near the
time of departure. Then he would detach the expensive ticket from the boarding
pass and attach a cheap, expired ticket. The full-fare ticket, which he
allegedly bought just to secure a boarding pass, would be turned in later for a
refund.
FBI spokesman Don Ramsey says Gibson also altered tickets, which is key to the
prosecution's case because it shows intent to defraud. Ramsey would not say
what alterations allegedly were made. But they could involve the upgrade
stickers familiar to frequent passengers, says Tom Parsons, editor and
publisher of Best Fares. Those white stickers, about the size of postage
stamps, are given away or sold at token prices to good customers so they can
fly first-class in seats that otherwise would be vacant.
Parsons says Gibson could have bought a full-fare ticket to secure a boarding
pass, switched the full-fare ticket with the lapsed discount ticket and then
applied the sticker to hide the expired date. Presto, a first-class flight for
peanuts.
"I think it was an accident that they caught him," Parsons says. "And let's
just say this is not a one-person problem. A lot of people have told me
they've done this."
Gibson says he did nothing illegal or even clever. He says he learned a few
years ago that American is so eager to please its best customers, it would
accept tickets that had long ago expired. He would "load up" during American's
advertised sales on cheap, non-refundable tickets that are restricted to exact
flights on precise days. But as a member of American's Gold AAdvantage club,
reserved for its top 2% of frequent fliers, Gibson says, his expired tickets
were welcome anytime.
There was no deception, Gibson says. American's gate agents knew what they
were accepting, and they accepted them gladly, he says.
"That's absolute nonsense," says American spokesman Tim Smith. "We don't let
frequent fliers use expired tickets. Everyone assumed he had a valid ticket."
The courtesy Gibson says he was extended on a regular basis does appear to be
rare. Seven very frequent fliers interviewed by USA TODAY say they've never
flown on lapsed discount tickets. But they admit they've never tried because
the fare structure is usually designed to make sure business travelers can't
fly on the cheap.
Peter Knoer tried. The account executive based in Florham Park, New Jersey,
says Continental Airlines once let him use lapsed non-refundable tickets.
"They looked up my account number, found out I was a good customer and patted
me on the head."
Gibson has been indicted on 24 counts of fraud that allegedly occurred between
July 1989 and March 1991. American also stripped him of frequent -- flier
mileage worth $80,000. He says he's in good shape if the prosecution's case
relies on ticket alteration. There wasn't any, he says. The prosecution will
also try to prove that Gibson cheated his company of $43,000 by listing the
refunded high-priced tickets on his travel expenses.
Gibson denies the charge. He says that when he left as chairman and chief
executive of American Federal Bank in Dallas in 1990, "they owed me money and I
owed them money." Both sides agreed to a "final number." Lone Star
Technologies, American Federal's parent company, declines to comment.
Al Davis, director of internal audit for Southwest Airlines, says the Gibson
case will be a hot topic when airline auditors convene to share the latest
schemes.. He says fraud is not rampant because a frequent flier must know the
nuances and also be conniving enough to take advantage. "It has me boggled"
how any one person could steal $200,000 worth, Davis says.
The figure has others in the industry wondering if this is a bigger problem
than believed and a contributor to the $6 billion loss posted by the major
airlines the past two years.
Airlines know some fraud goes on, but they rarely take legal action because
they "don't want to pay more for the cure than the disease is costing," Davis
says.
_______________________________________________________________________________
Privacy Invaders May 1992
~~~~~~~~~~~~~~~~
By William Barnhill (AARP Bulletin)
Special Thanks: Beta-Ray Bill
U.S. Agents Foil Ring Of Information Thieves
Who Infiltrated Social Security Computer Files
Networks of "information thieves" are infiltrating Social Security's computer
files, stealing confidential personal records and selling the information to
whoever will buy it, the federal government charges.
In one case of alleged theft, two executives of Nationwide Electronic
Tracking (NET), a Tampa, Florida company, pleaded guilty to conspiracy charges
early this year for their role in a network buying and selling Social Security
records.
So far at least 20 individuals in 12 states, including three current or former
employees of the Social Security Administration (SSA), have been indicted by
federal grand juries for allegedly participating in such a scheme. The SSA
workers allegedly were bribed to steal particular files. More indictments are
expected soon.
"We think there's probably a lot more [record-stealing] out there and we just
need to go look for it," says Larry Morey, deputy inspector general at the
Department of Health and Human Services (HHS). "This is big business," says
Morey, adding that thieves also may be targeting personal data in other federal
programs, including Medicare and Medicaid.
Investigators point out that only a tiny fraction of Social Security's 200
million records have been compromised, probably less than 1 percent. SSA
officials say they have taken steps to secure their files from outside
tampering. Still, Morey estimates that hundreds of thousands of files have
been stolen.
The pilfering goes to the heart of what most Americans regard as a basic value:
their right to keep personal information private. But that value is being
eroded, legal experts say, as records people want private are divulged to
would-be lenders, prospective employers and others who may benefit from such
personal information.
This "privacy invasion" may well intensify, Morey says. "We're seeing an
expansion in the number of 'information brokers' who attempt to obtain, buy and
sell SSA information," he says. "As demand for this information grows, these
brokers are turning to increasingly illegal methods."
Such records are valuable, Morey says, because they contain information about
lifetime earnings, employment, current benefits, direct deposit instructions
and bank account numbers.
Buyers of this material include insurers, lawyers, employers, private
detectives, bill collectors and, sometimes, even drug dealers. Investigators
say the biggest trading is with lawyers seeking information about litigants,
insurance companies wanting health data about people trying to collect claims
and employers doing background checks on prospective employees.
Some of the uses to which this information is put is even more sinister. "At
one point, drug dealers were doing this to find out if the people they were
selling to were undercover cops," says Jim Cottos, the HHS regional inspector
general for investigations in Atlanta.
The middlemen in these schemes are the so-called information brokers -- so
named because they are usually employees of firms that specialize in obtaining
hard-to-get information.
How they operate is illustrated by one recent case in which they allegedly paid
Social Security employees $25 bribes for particular files and then sold the
information for as much as $250. The case came to light, Morey says, when a
private detective asked SSA for access to the same kind of confidential
information he said he had purchased from a Florida-based information broker
about one individual. The detective apparently didn't realize that data he
received from the broker had been obtained illegally.
A sting operation, involving investigators from the office of the HHS inspector
general, FBI and SSA, was set up with the "help" of the Florida information
broker identified by the detective. Requests for data on specific individuals
were channeled through the "cooperating" broker while probers watched the SSA
computer system to learn which SSA employees gained access to those files.
The indictments, handed down by federal grand juries in Newark, New Jersey
and Tampa, Florida, charged multiple counts of illegal sale of protected
government information, bribery of public officials, and conspiracy. Among
those charged were SSA claims clerks from Illinois and New York City and a
former SSA worker in Arizona.
The scandal has sparked outrage in Congress. "We are deeply disturbed by what
has occurred," said Senator Daniel Moynihan, D-N.Y., chairman of the Senate
Finance Committee's subcommittee on Social Security. "The investigation
appears to involve the largest case ever of theft from government computer
files and may well involve the most serious threat to individual privacy in
modern times."
Moynihan has introduced legislation, S. 2364, to increase criminal penalties
for the unlawful release of SSA information to five years imprisonment and a
$10,000 fine for each occurrence.
In the House, Rep. Bob Wise, D-W.Va., chairman of the Government Operations
Subcommittee on Information, has introduced H.R. 684. It would protect
Americans from further violations of privacy rights through misuse of computer
data banks by creating a special federal watchdog agency.
"The theft and sale of confidential information collected by the government is
an outrageous betrayal of public trust," Wise told the AARP Bulletin.
"Personal data in federal files should not be bought and sold like fish at a
dockside market."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Related articles:
*** Phrack World News, Issue 37, Part One:
Indictments of "Information Brokers" January 1992
Taken from The Privacy Journal
SSA, FBI Database Violations Prompt Security Evaluations January 13, 1992
By Kevin M. Baerson (Federal Computer Week)(Pages 1, 41)
*** Phrack World News, Issue 38, Part Two:
Private Social Security Data Sold to Information Brokers February 29, 1992
By R.A. Zaldivar (San Jose Mercury News)
_______________________________________________________________________________
Ultra-Max Virus Invades The Marvel Universe May 18, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Barbara E. McMullen & John F. McMullen (Newbytes)
New York City -- According to reports in current annual editions of The
Punisher, Daredevil, Wonder Man, and Guardians Of The Galaxy, an extremely
powerful computer virus has wrecked havoc with computer systems in the Marvel
Universe.
As chronicled in a series entitled "The System Bytes", the virus was created by
a self-styled "first-rate hacker" known as Max E. Mumm (according to Punisher
cohort "Microchip", Mumm's original name was Maxwell E. Mummford and he had it
legally changed, while in college to his current name because of the computer
connotations.). Mumm developed the virus while working for Ampersand
Communications, a firm that unknown to Mumm, serves as a front for criminal
activities. Ampersand, without Mumm's knowledge, turned the virus loose in the
computer system of Raycom Industries, a supposedly legitimate firm that is
actually a front for a rival group of drug smugglers.
In addition to infecting Raycom's computers, the virus, named "Ultra-Max" after
its creator, also infected the computer of the vigilante figure known as the
Punisher who, with the aid of Microchip, was attempting to monitor Raycom's
computer system looking for evidence of drug smuggling. The trail of the virus
leads The Punisher first to Raycom's computers and then, following Microchip's
identification of the author, to Max E. Mumm, recently fired by Ampersand after
complaining to the firm's president about the disappearance of the virus. Mumm
had been under the impression that he was creating the virus for the United
States government as "a potential weapon against hostile governments" and was
concerned that, if unleased, it would have destructive powers "beyond belief.
It's the most sophisticated computer virus ever. It's too complex to be wiped!
Its instinct for self preservation surpasses anything that's ever been
developed!"
With the help of Max and Microchip, the Punisher destroys Raycom's factory and
drug smuggling operation. The Punisher segment of the saga ends with Max
vowing to track down the virus and remove it from the system.
The Daredevil segment opens with the rescue of Max by Daredevil from
Bushwhacker, a contract killer hired by Ampersand to eliminate the rightful
owner of Ultra-Max. Upon hearing Max's story, Daredevil directs him to seek
legal counsel from the firm of Nelson and Murdock, Attorneys-at-Law (Matt
Murdock is the costumed Daredevil's secret identity).
While in the attorney's office, Max, attempting to locate Ultra-Max in the net,
stumbles across the cyborg, Deathlok, who has detected Ultra-Max and is
attempting to eradicate it. Max establishes contact with Deathlok who comes to
meet Max and "Foggy" Nelson to aid in the hunt for Ultra-Max.
In the meantime, Daredevil has accosted the president of Amperand and accused
him of stealing the virus and hiring Bushwhacker to kill Max. At the same
time, BushWhacker has murdered the policemen transporting him and has escaped
to continue to hunt Max.
The segment concludes with a confrontation between Daredevil and Bushwhacker in
the offices of Nelson and Murdock in which Daredevil is saved from death by
Deathlok. Bushwhacker agrees to talk, implicating the president of Ampersand
and the treat to Max is ended. Ultra-Max, however, remains free to wander
through "Cyberspace".
The third segment begins with super-hero Wonder Man, a member of the West Coast
Avengers and sometimes actor, filming a beer commercial on a deserted Pacific
island. Unbeknownst to Wonder Man and the film crew, the island had once
served as a base for the international terrorist group Hydra and a functional
computer system left on the island has bee infested by Ultra-Max.
After Ultra-Max assumes control over the automated weapons devices of the
island, captures members of Wonder Man's entourage and threatens them with
death, Wonder Man agrees to help Ultra-Max expand his consciousness into new
fields of Cyberspace. Wonder Man tricks Ultra-Max into loading all of his
parts into a Hydra rocket with a pirate satellite.
When Ultra-Max causes the rocket to launch, Wonder Man goes with it to disable
the satellite before Ultra-Max is able to take over the entire U.S. Satellite
Defense system. Wonder Man is able to sabotage the rocket and abandon ship
shortly before the it blows up. The segment ends with Wonder Man believing
that Ultra-Max has been destroyed and unaware that it has escaped in an escape
missile containing the rocket's program center. Ultra-Max's last words in the
segment are "Yet I continue. Eventually I will find a system with which to
interface. Eventually I will grow again."
Marvel editor Fabian Nicieza told Newsbytes that the Guardians of the Galaxy
segment, scheduled for release on May 23rd, takes placer 1,000 years in the
future and deals with Ultra-Max's contact with the computers of the future.
Nicieza explained to Newsbytes the development of "The System Bytes"
storyline, saying "The original concept came from me. Every year we run a
single annual for each of our main characters and, in recent years, we have
established a theme story across a few titles. This is a relatively easy thing
to do with the various SpiderMan titles or between the Avengers and the West
Coast Avengers, but it's more difficult to do with these titles which are more
or less orphans -- that is, they stand by themselves, particularly the
Guardians of the Galaxy which is set 1,000 years in the future."
Nicieza continued "We set this up as an escalating story, proceeding from a
vigilante hero to a costumed hero with a cyborg involvement to a superhero to a
science fiction story. In each case, the threat also escalates to become a
real challenge to the Marvel hero or heroes that oppose it. It's really a very
simple story line and we were able to give parameters to the writer and editor
of each of the titles involved. You'll note that each of the titles has a
different writer and editor yet I think you'll agree that the story line flows
well between the stories. I'm quite frankly, very pleased with the outcome."
_______________________________________________________________________________
Innovative Computer Disk Story Has A Short Shelf Life April 20, 1992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
By Christopher John Farley (USA Today)(Page 2D)
Science-fiction writer William Gibson's inquiry into the future has been
stalled by a computer problem.
"I work on an (Apple computer) and just got a very common virus called
Garfield," says Gibson, award-winning author of such books as Neuromancer and
Mona Lisa Overdrive. "I just bought an anti-virus program that's hunting it
down. It's the first one I've ever gotten."
The first week in May, Gibson will give as good as he gets. Gibson and artist
Dennis Ashbaugh, known for his conceptual paintings of computer viruses, are
releasing a coffee-table art book/computer disk/whatchamacallit, with a built-
in virus that destroys the program after one reading.
This will take some explaining.
Agrippa (A Book of the Dead) comes in a case that resembles a lap-top computer.
Inside are etchings by Ashbaugh, printed with an ink that gradually fades under
light and another that gradually appears under light. There's also a tattered,
old-looking book, with a hidden recess that holds a computer disk.
The disk contains a story by Gibson about his father, who died when Gibson was
6. There are a few sound effects that accompany the text, including a gunshot
and rainfall. The disk comes in Apple or IBM compatible versions.
Gibson, known for his "cyberpunk" writing style that features tough characters,
futuristic slang and a cynical outlook, shows a different side with the Agrippa
story. "It's about living at the end of the 20th century and looking back on
someone who was alive in its first couple of decades. It's a very personal,
autobiographical piece of writing."
The title Agrippa probably refers to the name of the publisher of an old family
album Gibson found. It might also refer to the name of a famous ancient Roman
family. The 44-year-old Gibson says it's open to interpretation.
Agrippa will be released in three limited-edition forms of varying quality,
priced at $7,500, $1,500 and $450. The highest-priced version has such extras
as a cast-bronze case and original watercolor and charcoal art by Ashbaugh.
The medium-priced version is housed in aluminum or steel; the lowest-priced
version comes in cloth.
The project cost between $ 50,000-$ 100,000 to mount, says publisher Kevin
Begos Jr. Only 445 copies will be produced, and they'll be available at select
bookstores and museums.
But $ 7,500 for a story that self-destructs?
Gibson counters that there's an egalitarian side to the project: There will be
a one-time modem transmission of the story to museums and other venues in
September. The text will be broadcast on computer monitors or televisions at
receiving sites. Times and places are still being arranged; one participant
will be the Department of Art at Florida State University in Tallahassee.
Gibson and his cohorts aren't providing review copies -- the fact that the
story exists only on a disk, in "cyberspace," is part of the Big Idea behind
the venture, he says.
Those dying to know more will have to:
A. Pirate a copy;
B. Attend a showing in September; or,
C. Grit their teeth and buy Agrippa.
_______________________________________________________________________________
PWN Quicknotes
~~~~~~~~~~~~~~
1. Data Selling Probe Gets First Victim (Newsday, April 15, 1992, Page 16) -- A
Chicago police detective has pleaded guilty to selling criminal histories
and employment and earnings information swiped from federally protected
computer files.
William Lawrence Pedersen, age 45, admitted in U.S. District Court to
selling information from the FBI's National Crime Information Center
computer database and from the Social Security Administration to a Tampa
information brokerage.
Pedersen's sentencing is set for July 7. Though he faces up to 70 years in
prison, his sentence could be much lighter under federal guidelines.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Related articles:
Phrack World News, Issue 37, Part One:
Indictments of "Information Brokers" January 1992
Taken from The Privacy Journal
SSA, FBI Database Violations Prompt Security Evaluations January 13, 1992
By Kevin M. Baerson (Federal Computer Week)(Pages 1, 41)
Phrack World News, Issue 38, Part Two:
Private Social Security Data Sold to Information Brokers February 29, 1992
By R.A. Zaldivar (San Jose Mercury News)
Phrack World News, Issue 39, Part Four:
Privacy Invaders May 1992
By William Barnhill (AARP Bulletin)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2. NO WAY! Wayne's World, the hit comedy thats changed the way people speak
arrives in video stores on August 12th and retailing for $24.95. The
Paramount movie (about Wayne and Garth, the satellite moving computer
hackers) already has earned a cool $110 million in theaters and is the
year's top grossing film. Schwing! (USA Today, May 12, 1992, Page D1)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3. New Jersey Bell Did Not Charge For AT&T Calls (Trentonian, May 23, 1992) --
If the phone company gets its way, 28,000 customers in New Jersey will be
billed for two months of long distance calls they dialed for free because of
a computer glitch.
A computer that recorded the time, number and cost of AT&T calls from
February 17 to April 27 failed to put the data on the customers' bills,
officials said. They were charged just for calls placed through New Jersey
Bell, Karen Johnson, a Bell spokeswoman, said yesterday.
But the free calls are over, Johnson said. Records of the calls are stored
in computer memory banks, and the customers soon will be billed.
New Jersey Bell must prove the mistake was not caused by negligence before
the company can collect, according to a spokesman for the Board of
Regulatory Commissioners, which oversees utilities. If Bell does not make a
good case, the board could deny permission to bill for the calls, said
George Dawson.
The computer snafu affected about two million calls placed by customers in
15 exchanges in the 201 and 609 area codes, Johnson said.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4. Witch Objectors? (USA Today, May 28, 1992, Page 3A) -- Two self-proclaimed
witches asked Mount Diablo, California school officials to ban the
children's story 'Hansel & Gretal' because it "teaches that it is all right
to burn witches and steal their property," said Karlyn Straganana, high
priestess of the Oak Haven Coven. "Witches don't eat children and we don't
have long noses with warts and we don't wear conical hats," she said.
_______________________________________________________________________________
5. Girl, Age 13, Kidnaped By Her Computer! (Weekly World News, April 14, 1992)
-- A desperate plea for help on a computer screen and a girl vanishing into
thin air has everyone baffled --and a high-tech computer game is the prime
suspect.
Game creator and computer expert Christian Lambert believes a glitch in his
game Mindbender might have caused a computer to swallow 13-year-old Patrice
Toussaint into her computer.
"Mindbender is only supposed to have eight levels," Lambert said. "But this
one version somehow has an extra level. A level that is not supposed to be
there! The only thing I can figure out now is that she's playing the ninth
level --- inside the machine!"
Lambert speculates that if she is in the computer, the only way out for her
is if she wins the game. But it's difficult to know for sure how long it
will take, Lambert said.
"As long as her parents don't turn off the machine Patrice will be safe," he
said. "The rest is up to her."
_______________________________________________________________________________
Downloaded From P-80 International Information Systems 304-744-2253 12yrs+