Computer underground Digest Sun Nov 8, 1992 Volume 4 : Issue 56 Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Copy Editro: Etaion Shrdlu, Junior CONTENTS, #4.56 (Nov 8, 1992) File 1--Response to the Virus Discussion File 2-- Carnegie Commission on S&T Policy and Long-Term Goals File 3--THIRD ANNUAL XMASCON/H0H0CON File 4--Re: Worship SPERF of be engulfed in SunDevil Jr. ][+ File 5--Computer Info off-limits to Federal Prisoners File 6--These Computer Abusers Cost us nearly $100 Billion Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM; on Genie in the PF*NPC RT libraries; from America Online in the PC Telecom forum under "computing newsletters;" on the PC-EXEC BBS at (414) 789-4210; in Europe from the ComNet in Luxembourg BBS (++352) 466893; and using anonymous FTP on the Internet from ftp.eff.org (192.88.144.4) in /pub/cud, red.css.itd.umich.edu (141.211.182.91) in /cud, halcyon.com (192.135.191.2) in /pub/mirror/cud, and ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. European readers can access the ftp site at: nic.funet.fi pub/doc/cud. Back issues also may be obtained from the mail server at mailserv@batpad.lgb.ca.us. European distributor: ComNet in Luxembourg BBS (++352) 466893. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: 02 Nov 1992 16:07:19 -0500 (EST) From: Guido Sanchez Subject: File 1--Response to the Virus Discussion I've some qualms about this article. It seems that The Dark Adept is, while trying to clear up some common misconceptions, contributing to the ignorance of the computer community at large. Perhaps this was his goal in writing this article, I really don't know. As a writer of viruses and a pillar of spam in the virus writing community , I'd like to clear up some misconceptions on the points raised by The Dark Adept. Let's start off with his definition of viruses.. > What is a virus? > ++++++++++++++++ > A virus is a tiny program that attaches itself to other programs. It does > in fact operate as a biological virus does. It finds a victim program and > infects it with a copy of itself. Then when the victim program is > unsuspectingly run, the virus now inside it is activated. At this point, > it can do one of two things: infect another program, or cause mischief. This is innocent enough, but not altogether true. A virus doesn't always attach itself to another program. If they merely did that, they would be NoWhere near as virulent as the anti-viral community would like John Q. Netrunner to believe. The only efficient way that we are going to get our stuff to spread is to utilize the boot sector of a diskette to contain virulent code. Not file infectors, but actual disk infectors. Once this diskette goes into another computer, that system has a much higher risk than if a mere infected program were to be run. Another array of misleading points being: > How do people catch viruses? > ++++++++++++++++++++++++++++ > Yikes! Here's where all the rumors are! You cannot get a virus from a modem, > a printer, a CRT, etc. Viruses only come from other programs. So, whenever ^^^^^^^^^^^^^^^^^^^ Wrong, as I said before > you add a program to your hard disk or run one off of a floppy, you stand > a chance of catching a virus. Data files (files that are not programs, like > text for your wordprocessor) cannot contain viruses. Only programs can > contain viruses. On IBM PC's, programs usually end in ".exe" or ".com" and > are the files that you run. The programs are the only ones that can contain > viruses. Also overlooking the .SYS, .OVL, and .APP files to name a few which can be infected by file infectors. The data files, true, cannot contribute to the spread of a virus, but they might be corrupted or overwritten with the virus signatures depending on the type of virus. > The only way to activate the virus is to run the program. Say for example > you got a new program called "game.exe". You put it on your hard drive, > but you never run it (i.e., you never tried it). Even if game.exe has a virus > in it, you WILL NOT catch it. The program has to be run at least once to make > the virus active. Wrong again, re the boot sector argument. > Another thing is batch files. These are files on IBM PC's that end in ".bat". > These DO NOT contain viruses. However, .bat files run other programs. So > if the .bat file runs a program that has a virus, the virus WILL be activated. > The cause is NOT the .bat file, but the program that was run BY the .bat > file. This is part fact, part ignorance. On Vx BBSs, there have been seen batch file viruses. That is a batch file which, when run, would use the debug program and insert viral code into memory, subsequently executing it. In this case and others, the cause is both the .BAT file and the DEBUG.EXE program. > What do viruses do? > +++++++++++++++++++ > Well, a number of things. Some erase your disks. Others print silly > messages to your screen. In any case, a virus is not written like other > programs are. It uses things that other programs normally don't. If your > computer is infected by a virus, whenever you turn on the machine that > virus is in the memory, and even if all it does is print "I want a cookie," > it can still interfere with other programs since they don't expect it to > be there. Supposedly, there are some viruses and trojans which can cause physical damage to hardware. Example, the HEADKILL Trojan which supposedly ruins the head of the victim hard drive . Some viruses could overwrite the disk as to not be recognizeable as a DOS compatible disk at all. Taking advantage of a user's ignorance, the STIFFY virus uses the Media Descriptor Table to re-define A: to an 8 inch disk drive no matter what it previously was. It inter-cepts COMMAND.COMs error message and prints a phallic insult, and obviously the acceptable format could not be used, causing massive efforts towards retrieving the 'lost' drive. The TURKEY virus supposedly alters cathode ray dispersion to 'melt' the monitor. Point being that there ARE some annoying little buggers out there, not all of them mere data corruptors or spreaders. > Tell me more about these things... > ++++++++++++++++++++++++++++++++++ > Ok. Viruses can only be made for specific machines. By this I mean > that a virus that infects IBM PC's will NOT be able to infect Macs. > There may be a tiny tiny chance if your Mac is running something like > an IBM Emulator that a virus may cause problems, but in general, if > you have a non-IBM compatible computer, and you can't run IBM software, > then you can't catch IBM viruses and vice-versa. BIG misconception there, buddy. The SHIBOLETH virus, for example, executes MAC code to test for machine type. If there is no error, it runs the MAC section of the viral code. If so, it runs the IBM section of the code. It's rather clumsy, but it DOES withstand transferral to MAC from IBM and back. > + It might miss some or give you false results, so don't rely on it > completely. You MIGHT say that. It takes maybe 4 seconds to render a virus unscannable by McAfee's or Norton. Simply putting in a small NoWhere loop or using an executable compression program and removing the header will usually get the virus through scanners. What about the boot sector infectors mentioned above? Usually on Vx BBSs a dropper program is given out that will 'drop' the virus into the boot sector of the designated drive. Yes, they're THAT user friendly :). > +++Detectors+++ > +++++++++++++++ > What the detectors do is watch for virus activity. For example, some > viruses try and erase your hard disk. What a detector does is sit in > the background and watches for an illegal or abnormal attempt to do > something to the hard disk. Then all sorts of alarms and bells go off > ("Warning Will Robinson! Warning!") and the detector tries to stop > the virus from doing it. Some will also ask you if you want to allow > whatever action is taking place since you might actually be trying to > format your hard disk. This is PARTLY true. What these memory resident things do is keep an eye on specific DOS interrupts and notify the user if a certain interrupt function is being attempted. More often than not these are the interrupts 13h and 21h. Such memory resident alarms can be easily disabled by handling the error quietly or grabbing the interrupt before the memory resident alarm does. > You must know that the detector only checks program files. It would be a > real pain if every time you changed your term paper the detector went off. > However, this is not a weakness since only program files can contain > the viruses. Again, partly true. Integrity Master v1.23 by Wolfgang Stiller keeps track of the crcs of all files and stores them in files called ID.)( . Changing the values in these files or removing them altogether is a common virus technique. > However, since I took a shot at McAfee, I must also state this: I have > known people to use McAfee's software and be 100% satisfied with no > complaints. They like McAfee's software and continue to use it. It > works for them and meets their needs. I hate both McAfee and his software, > and I refuse to use it ever, so you must decide for yourself. Oh, leave John alone :). The least I can say is at least his product is free to the public. I myself prefer Fridrik Skulason's F-PROT program. Not only does it check for more than one virus signature, the heuristic scan is formidable to viruses. It checks for viral-like code, not signatures. It's just one step closer to having a scanner disassemble the program. > "BBS's are the major cause of virus spreading" > ++++++++++++++++++++++++++++++++++++++++++++++ > FALSE FALSE FALSE!! The major cause of virus spreading is LAN's and > also copying from friends. BBS's merely store programs that you can copy > and most people who run BBS's try and make sure none of them have viruses. > A BBS is just copying from a friend over a modem. BBS's do not need to > be shut down or restricted because of viruses. It is up to *you* to > protect yourself from *any* program contamination no matter where > you copy the program from (i.e., a friend or BBS). Well, I do acknowledge that the threat BBSs pose to virulence is minimal, but only because 99% of the time only executable viruses are downloaded and inadvertently run. It's not often an unsuspecting user downloads a 900k TD0 file and gets infected :). Point being that virulence in executable files is minimal compared to that of boot sectors, hence the BBSs ineffectiveness. > Some of you may have heard of Virus Exchange BBS's. Let me explain what > this is: > > (etc...) > > Now on these virus exchange BBS's, they 99% of the time just have virus > SOURCE FILES not virus programs. The source files CANNOT cause infection. > They must be fed to an assembler or a compiler first to become a program. > Remember that for a virus to become active it must be run as a program. > These BBS's do not distribute virus programs, but virus source files. When is the last time you've been on a Vx BBS? I would say that 99% of them possess and strive for the executables, and couldn't care less about the sources. The reason being that Vx sysops usually just care about the power and prestige of having 100+ viruses. Rarely do they actually run the viruses to see if they are. Point being the WHORE! virus, a copy of COMMAND.COM renamed to show how inefficient Vx sysops are at checking the authenticity of their files. They're similar to pirate BBSs in a way, only caring about having the viruses and most of the time not using them. The average pirate BBS will have the latest releases and they'll be downloaded, etc, but maybe 5% of the people downloading will actually use the programs. Viruses are like this. They are usually just a commodity, and only the small 1% care about the source and validity of the files. > For right now, let me just say that in a nutshell, Virus Exchange BBS's do > NOT DIRECTLY cause infections. I think even the so-called "experts" would > agree with that. But of course! Where do you think they get THEIR viruses? :) > "The first virus was written by..." > +++++++++++++++++++++++++++++++++++ > No one knows. However, if you were to ask me, I will say the first > virus was written by the first person who made copy-protection. Why? Or cares, really. I'm sure there are those out there that know of the COREWARS story, so I'll spare relating it here. > "They endanger National Security and the military!" > +++++++++++++++++++++++++++++++++++++++++++++++++++ > Hahahahahahaha! All I have to say is that most viruses (like 99.9%) > attack only personal computers, and any military or government that depends > on personal computers for national security and weaponry has more problems > than viruses. And furthermore, what are they doing letting missile officers > run MacPlaymate on the missile control computer anyhow? Well, most govt. security installations do run LANs, and not only are they susceptible to viruses, there are several viruses designed to seek out and foul up LAN systems. Frankly, PCs are cheaper and more efficient than mainframes from the 80s, and they are used in a wider scope than you'd believe. Well, I'd say that the most likely place to find these virus authors, in step with the end note, are echomail nets designed for virus authors. Like.. * VX_NET - Virus Exchange NET, an up-and-coming non-partisan net. Directed towards unity and making fun of the anti-viral community. * Phalcon/Skism NET - The virus echos are a place for learning, and you can contact the members on this net. * [NuKE] Net - Another net from a virus group, get in contact with them on it. * VIRUS_INFO on FIDO - Surprisingly enough, virus authors abound there with fake names, contributing to confusion and getting a good laugh at the expense of the anti-viral crew. Interestingly enough, there's been some progression of rivalry between the pro-viral and anti-viral communities . Way back when, virus authors released their wares. Then, the anti-viral communities recognized that they could either (i) be altruistic in their ways and help their fellow man or (ii) make a quick buck off of human suffering. They wrote anti-viral wares and organized. The virus authors did not like this. They themselves organized and now have become more Anti-Anti-Viral than Pro-Viral. I have no idea what significance this progression has, and leave it to you capable readers to determine what will happen. Yes, virus authors are in it now more for making fun and avenging themselves of the anti-viral authors, who in turn do the same in their programs. Etc, Etc, Etc. So here's what I do. On my 'underground e-leet Vx' BBS, I make all viruses and other files free on the first call. There's even a command to download entire file bases. Meaning, if you release all of these viruses to your users, they in turn set up BBSs and become Vx sysops themselves. Hopefully, besides using viruses as a commodity, the fledgling sysop will look at a few of the pro-viral utilities and some of the source code. Perhaps the sysop will want to maybe get in on this ASM thing and learn a thing or two, perhaps the sysop will become a virus writer over time. Thus, like the viruses we propagate, we propagate. We force nothing into the minds and computers of others, it's all part of curiosity and voluntary. We help people to find their calling in whatever field of modem-dom they like. I know it's an empty desire, to want other sysops to do the same, but it's a desire nonetheless. In conclusion, I just wanted to clear up some things about both viruses and the pro-viral community. May you all find your calling and make it possible for others to do the same, as that sysop long ago did the same, custom made to do just that . In spirits, Guido Sanchez Oh yes, and if you are interested in the theory of thought viruses, more information can be obtained on the BBS Nun-Beaters Anonymous, 708/251-5094. Thank you for your 'time'. ------------------------------ Date: Mon, 2 Nov 1992 08:20:24 -0500 From: "(Gary Chapman)" Subject: File 2--Carnegie Commission on S&T Policy/Long-Term Goals The Carnegie Commission on Science, Technology, and Government has released a new report on democracy and science and technology policy, entitled, "Enabling the Future: Linking Science and Technology to Societal Goals" (September 1992). The report was prepared by a small panel that was a subset of a larger group studying the entire range of science and technology policy issues; the larger group's report has not yet been released. The panel on long-term social goals was chaired by H. Guyford Stever, who was director of the National Science Foundation during the Ford administration, White House Science Adviser to both Nixon and Ford, and president of Carnegie-Mellon University from 1965 to 1972. Panel members included Harvey Brooks of Harvard University; William D. Carey, former head of AAAS; John Gibbons, director of the Congressional Office of Technology Assessment; Rodney Nichols, head of the New York Academy of Sciences; James B. Wyngaarden, foreign secretary of the National Academy of Sciences and former head of the National Institutes of Health; and Charles Zracket, former CEO of the MITRE Corporation and now a Scholar-in-Residence at the Kennedy School at Harvard University. This report begins as follows: The end of the Cold War, the rise of other economically and scientifically powerful nations, and competition in the international economy present great opportunities for the United States to address societal needs: policy- makers may now focus more attention on social and econo- mic concerns and less on potential military conflicts. In the next decade and those that follow, the United States will confront critical public policy issues that are intimately connected with advances in science and technology. . . . Policy issues will not be resolved by citizens, scientists, business executives, or government officials working alone; addressing them effectively will require the concerted efforts of all sectors of society. Further on, a passage worth quoting at some length: We believe that American faces a clear choice. For too long, our science and technology policies, apart from support of basic research, have emphasized short-term solutions while neglecting longer-term objectives. If this emphasis continues, the problems we have encountered in recent years, such as erosion of the nation's indust- rial competitiveness and the difficulties of meeting increasingly challenging standards of environmental quality, could overwhelm promising opportunities for progress. However, we believe there is an alternative. The United States could base its S&T policies more firmly on long-range considerations and link these policies to societal goals through more comprehensive assessment of opportunities, costs, and benefits. We emphasize the necessity for choice because there is nothing inevitable about the shape of the future: the policy decisions we make today will determine whether historic opportunities will be seized or squandered. . . As Frank Press, President of the National Academy of Sciences, said recently, "Without a vision of the future, there is no basis for choosing policies in science and technology that will be appropriate for the years ahead." The panel says that their report does not propose societal goals that should be met by changing S&T policy; "we believe this is primarily a political process," the report says. The report instead addresses the process of defining social goals and shaping policy to meet them. There are five major recommendations of the panel: 1. Establishment of a nongovernmental National Forum on Science and Technology Goals. This Forum, says the report, would "assemble a broad-based and diverse group of individuals who are both critical and innovative, and who can examine societal goals and the ways in which science and technology can best contribute to their achievement." This group would also sponsor meetings and research, and would eventually propose "specific long-term S&T goals in both national and international contexts, and identify milestones in achieving them." The panel proposes two options for the convening of such a National Forum: under the umbrella of the National Academies, or as a new, independent, nongovernmental organization. 2. The panel says that "Congress should devote more explicit attention to long-term S&T goals in its budget, authorization, appropriation, and oversight procedures." The panel recommends annual or biennial hearings on long-term S&T goals before the House Committee on Science, Space, and Technology. 3. The panel suggests that federal government agencies supporting science and technology policy should be directed to aid the Congress in assessing long-term S&T goals, such as OTA and the Congressional Budget Office. 4. The same goes for executive branch agencies, particularly the White House Office of Science and Technology Policy and the Office of Management and Budget. 5. Finally, federal departments and agencies should contribute to the process of developing long-term goals by coordinating R&D efforts and sponsoring extramural research that helps support analysis and vision. The panel does propose some potential societal goals that might be addressed through the process the report recommends. The goals are very broad and include education; personal and public health; cultural pluralism; economic growth; full employment; international cooperation; worldwide sustainable development; and human rights, among other very expansive goals. The report also identifies the "players" that should be part of the process of policymaking. These include the above-mentioned components of the federal government, state governments, academia, industry, and nongovernmental organizations. In the latter category, the panel mentions professional societies in science and technology, environmental organizations, and the National Academies complex, which includes the National Academy of Sciences, the Institute of Medicine, the National Academy of Engineering, and the National Research Council. The report very admirably concludes with a quote from Einstein: "The concern for man and his destiny must always be the chief interest of all technical effort: Never forget it among your diagrams and equations." Copies of the 72-page report are available for free from: The Carnegie Commission on Science, Technology, and Government 10 Waverly Place, 2nd Floor New York, NY 10003 (212) 998-2150 (voice) (212) 995-3181 (fax) Gary Chapman Coordinator The 21st Century Project Computer Professionals for Social Responsibility Cambridge, Massachusetts chapman@lcs.mit.edu ------------------------------ Date: Mon, 2 Nov 92 21:58 CST From: dfx@NUCHAT.SCCSI.COM(dFx International Digest) Subject: File 3--THIRD ANNUAL XMASCON/H0H0CON [Updated Announcement - October 27, 1992] dFx International Digest and cDc - Cult Of The Dead Cow proudly present : The Third Annual X M A S C O N AKA H 0 H 0 C O N "WE KAN'T BE ST0PPED!" Who: All Hackers, Journalists, Security Personnel, Federal Agents, Lawyers, Authors and Other Interested Parties. Where: Allen Park Inn 2121 Allen Parkway Houston, Texas 77019 U.S.A. Tel: (800) 231-6310 Hou: (713) 521-9321 Fax: (713) 521-9321, Ext. 350 When: Friday December 18 through Sunday December 20, 1992 HoJo's Says NoNo To HoHo ~~~~~~~~~~~~~~~~~~~~~~~~ HAY!^@!*%!$1#&! We beat our own record! This year, thanks to one certain person's complete stupidity and ignorance, we managed to get kicked out of our first chosen hotel 4 months in advance. Needless to say, this caused some serious confusion for those who called to make reservations and were told the conference had been canceled. Well.. it hasn't been. The story is long, but if you wish to read exactly what happened, check out CuD 4.45. The conference dates are still the same, but the hotel has changed since what was originally reported in the first update, which made it's way throughout Usenet and numerous other places, including CuD 4.40. If you haven't heard about the new location, please make a note of the information listed above. What Exactly Is HoHoCon? ~~~~~~~~~~~~~~~~~~~~~~~~ HoHoCon is something you have to experience to truly understand. It is the largest annual gathering of those in, related to, or wishing to know more about the computer underground (or those just looking for another excuse to party). Attendees generally include some of the most notable members of the "hacking/telecom" community, journalists, authors, security professionals, lawyers, and a host of others. Last year's speakers ranged from Bruce Sterling to Chris Goggans and Scot Chasin of Comsec/LoD. The conference is also one of the very few that is completely open to the public and we encourage anyone who is interested to attend. Or, as Jim Thomas put it in CuD 4.45: "For the past few years, a conference called "XmasCon" (or HoHoCon) has been held in Texas in December. As reported previously (CuD #4.40), it will be held again this year from 18-21 December. For those unfamiliar with it, XmasCon is a national meeting of curious computer aficionados, journalists, scholars, computer professionals, and others, who meet for three days and do what people do at other conferences: Discuss common interests and relax." Hotel Information ~~~~~~~~~~~~~~~~~ The Allen Park Inn is located along Buffalo Bayou and is approximately three minutes away from Downtown Houston. The HoHoCon group room rates are $49.00 plus tax (15%) per night, your choice of either single or double. As usual, when making reservations you will need to tell the hotel you are with the HoHoCon Conference to receive the group rate. Unlike our previously chosen joke of a hotel, the Allen Park Inn is not situated next to an airport and this may cause a small inconvenience for those of you who will be flying to the conference. The hotel is centrally located so you can fly in to either Intercontinental or Hobby airport but we are recommending Hobby as it is 15 miles closer and much easier to get to from the hotel. Here's where it may get a little confusing - If you arrive at Hobby, you will need to take the Downtown Hyatt Airport Shuttle to the Hyatt, which departs every 30 minutes and will cost you $6.00. When you get to the Hyatt, get out of the shuttle with your luggage (for those who may not of figured that out yet) and use any of the nearby payphones to call the Allen Park Inn (521-9321) and tell them you need a ride. It's just like calling Mom when you need a ride home from glee club! The hotel shuttle will be around shortly to pick you up and take you to the aforementioned elite meeting place, and that ride is free. If all this is too much for you, you can always take a cab directly to the hotel which will run you about $20. If you arrive at Intercontinental, you will need to board the Airport Express bus and take it to the Downtown Hyatt ($9). Once there, just follow the same instructions listed above. We are in the process of trying to get the hotel to provide constant airport transportation during the conference, but they've yet to give us a definite answer. It is quite possible that we will have our own shuttle to bus people between the airports and hotel, so if you'd prefer a faster and more direct method of transportation, it would be helpful to mail and let us know what time you'll be arriving and at what airport. This will give us a chance to coordinate things more efficiently. Check-in is 3:00 p.m. and check-out is 12:00 noon. Earlier check-in is available if there are unoccupied rooms ready. Free local calls are provided, so bring dem 'puterz. I don't know if cable is free also, so those who wish to rekindle the memories of yesteryear may want to bring their screwdrivers. The hotel has both 24 hour room service, and a 24 hour restaurant, The Nashville Room. Call it a wacky coincidence, but the hotel bar is called the ATI room and like most of Houston's similar establishments, closes at 2 a.m. Good thing Tony still works at Spec's... This time around, the hotel is placing the conference guests in the rooms surrounding the courtyard/pool area. We are once again encouraging people to make their reservations as soon as possible for two reasons - first, we were told that if you wait too long and the courtyard rooms are all taken, there is a chance that you'll be situated at the complete opposite end of the hotel, which isn't so bad if you don't mind walking all that way back and forth outside in December. Secondly, there is no other hotel exactly next door to this one (the closest is about 5 minutes away or so), so if for some odd reason all the rooms get rented, you'll get to do some nifty traveling every night. Directions ~~~~~~~~~~ For those of you who will be driving to the conference, the following is a list of directions on how to get to the hotel from most of Houston's major freeways that bring traffic in from out of town: I-45 North or South: Exit Allen Parkway on the inside (left side) of the freeway. Take the Studemont/Montrose exit off Allen Parkway, then make a u-turn at the bridge and head back towards downtown. The hotel will be on the right hand side. 290: Take 290 to 610 South, then take I-10 East towards downtown. Exit Studemont. Right on Studemont, left on Allen Parkway. The hotel will be on the right hand side. I-10 West: Exit Studemont. Right on Studemont, left on Allen Parkway. The hotel will be on the right hand side. I-10 East: Take I-10 East to I-45 South and follow the same directions from I-45 listed above. I-59 North or South: Take I-59 to I-45 North and follow the same directions from I-45 listed above. Call the hotel if these aren't complete enough or if you need additional information. Conference Details ~~~~~~~~~~~~~~~~~~ HoHoCon will last 3 days, with the actual conference being held on Saturday, December 19 in the Hermitage Room, starting at 11:00 a.m. and continuing until 5 p.m. or earlier depending on the number of speakers. We are still in the planning stages at the moment, primarily due to time lost in finding a new hotel and getting contracts signed. We have a number of speakers confirmed (yes, Goggans will be speaking again) and will try to finalize the list and include it in the next update. We are definitely still looking for people to speak and welcome diverse topics (except for "The wonders and joys of ANSI, and how it changed my life"). If you're interested in rattling away, please contact us as soon as possible and let us know who you are, who you represent (if anyone), the topic you wish to speak on, a rough estimate of how long you will need, and whether or not you will be needing any audio-visual aids. We would like to have people bring interesting items and videos again this year. If you have anything you think people would enjoy having the chance to see, please let us know ahead of time, and tell us if you will need any help getting it to the conference. If all else fails, just bring it to the con and give it to us when you arrive. We will also include a list of items and videos that will be present in a future update. If anyone requires any additional information, needs to ask any questions, wants to RSVP, or would like to be added to the mailing list to receive the HoHoCon updates, you may mail us at: dfx@nuchat.sccsi.com drunkfux@freeside.com drunkfux@ashpool.freeside.com 359@7354 (WWIV Net) or via sluggo mail at: Freeside Data Network Attn: HoHoCon/dFx 11504 Hughes Road Suite 124 Houston, Texas 77089 We also have a VMB which includes all the conference information and is probably the fastest way to get updated reports. The number is: 713-866-4884 You may also download any of the conference announcements and related materials by calling 713-492-2783 and using the username "unix", which is unpassworded. The files will be in the "hohocon" directory. Type "biscuit" if you wish to gain an account on the system. You can find us there too. Conference information and updates will most likely also be found in most computer underground related publications, including CuD, Informatik, NIA, Mondo 2000, 2600, Phrack, World View, etc. We completely encourage people to use, reprint, and distribute any information in this file. Stupid Ending Statement To Make Us Look Good ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ HoHoCon '92 will be a priceless learning experience for professionals (yeah, right) and gives journalists a chance to gather information and ideas direct from the source. It is also one of the very few times when all the members of the computer underground can come together for a realistic purpose. We urge people not to miss out on an event of this caliber, which doesn't happen very often. If you've ever wanted to meet some of the most famous people from the hacking community, this may be your one and only chance. Don't wait to read about it in all the magazines and then wish you had been there, make your plans to attend now! Be a part of what we hope to be our largest and greatest conference ever. Remember, to make your reservations, call (800) 231-6310 and tell them you're with HoHoCon. ------------------------------ Date: Wed, 04 Nov 92 17:06:15 EST From: anonymous@mindvox.phantom.com Subject: File 4--Re: Worship SPERF of be engulfed in SunDevil Jr. ][+ ((MODERATORS' NOTE: The following is in response to the Greenburgh, NY, "computer hacker bust" reported in NEWSBYTES and reprinted in CuD #4.55)). Ok, Look... They were confused all right? If you were a teenager with hormones, eating too much pizza and trying to master the art of smoking cigarettes, you'd be confused too. But that's not the point of this story, this is: It was a dark and stormy night; a shot rang out; the door slowly creaked open and a martian chick with three tits peered into the darkly lit confines of the room casting a hellish green light upon the masses of huddled hackerdom within. She drew open the door and proclaimed: "Well, like you know you aren't supposed to be that many guests in here right?" 10 cops burst in, no 50, yeah that's better, they drew uzi's as the SWAT team swooped down from the sky; Yuri, knowing what he had to do, ate the monitor and burnt the coded disks while the masses ran around in little circles and swallowed the drugZ, booZe and Jelly donuts. The police drew their guns, then took out their nightsticks instead and beat on the hackers for the amusement value, making racial slurs all the while as they forced the pre-teen girls to strip and let them take photographs. ..meanwhile, unnoticed in the corner, DETH HEYD began an incantation to summon SATAN and FUCK THEM ALL TO GODDAMN FUCKING HELL IN UPPERCASE PhA MEMBER NOT YET IN BIG TROUBLE AND THEY'RE COMING TO GET HIM, BECAUSE *THEY* WATCH WITH UNBLINKING EYES AND _BIDE_ THEIR TIME UNTIL THE MOMENT IS RIGHT AND THEN___ well we'll have none of that, so the world's first underground BBS lives once more, and Yuri picks up the phone and RUN! calls us and generally FLEE! says silly things with OH NO! the smoke still coming out of his ears SHIT! because he is truly freaking out and believes he will go to hell now. Shit happens, ya know, sum of it is pretty bad, some of it ain't --it is not quite as tragic as we were led to believe, because if you don't believe in the power of THE WORD then what is there? Sperf is EVIL PaTriCK/legi!()n of PhAnt0mZ ps: Hi! Lotta dudes got picked up over the weekend/Monday, including the man we know and love as Murdering Thugly. Grunt. It seems to be largely ok, as in mild riot/teenage gang-bang, gone slightly askew when k0dez karDz and K0kAine entered the picture. They were naughty, naughty BAD BAD BAD. ()()f z00m! ------------------------------ Date: 05 Nov 92 18:19:30 EST From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: File 5--Computer Info off-limits to Federal Prisoners COMPUTER INFORMATION OFF LIMITS FOR FEDERAL PRISONERS WINDOWS magazine reports John D. Caulfield, Warden of the Federal Prison Camp at Eglin Air Force Base in Florida, has forbidden the distribution of their publication to prisoners in his facility. The publication received a letter from Warden Caulfield after sending an issue to an un-named inmate. The complete letter is reprinted on page 288 of the October 1992 issue. The letter says in part... I have reviewed the publication entitled WINDOWS, the July 1992 issue, that was mailed to, (NAME REMOVED), a resident of this facility, and have found the programming contents to be unacceptable for introduction into this facility. Program Statement 1232.3 entitled "Personal Computers" S13, PG, states, "There will be no training in programming techniques, programming languages, or computer repair." Due to the information cited above, the July publication entitled WINDOWS is not suited for introduction into this facility. No further explanation is given by the Warden. One wonders why the institution feels the need to censor this information. It is true that it is of limited usefulness while incarcerated, because the inmate probably wouldn't have access to a computer to use, but if anything this should _allow_ the distribution of technical information, not inhibit it. Publications are often censored because of the disruption they might cause within the facility. Clearly an inmate attempting to learn C++ without access to a CPU is a threat to no one. CuD intends to contact the Warden for more information regarding this bizarre rule and will report any additional information in a future issue. ------------------------------ Date: 04 Nov 92 18:32:54 EST From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: File 6--These Computer Abusers Cost us nearly $100 Billion ((MODERATOR'S NOTE: Software piracy, according to the SPA, represents up to $4 billion in losses. "Hacker" crime constitutes a few billion more, according to some law enforcment assessments. Insider computer abuse constitutes at least $15-20 billion more, in the eyes of others. Add them all up, and the costs fall far short of the most devastatingly dangerous computer abuser of all: THE COMMON PC USER! Perhaps it's time to legislate against this scourge of society, organize federal dragnets in a national crackdown, and prosecute those responsible for the following crimes to the fullest extent of the law)). +++++++ DOES THIS HELP PUT THE SOCIAL COSTS OF THE CU IN PERSPECTIVE? Newsweek reports that approximately $97 Billion of the US gross domestic product is being 'futzed away' by workers spending too much time 'polishing' their work on PC's. SBT, a California software firm, has found that playing around with fancy fonts, over elaborate spreadsheets, overpolishing material with snazzy graphics, and endless rounds of 'just one more re-write' are among the chief time wasters. (From: Communications of the ACM. Nov '92 p. 13) ------------------------------ End of Computer Underground Digest #4.56 ************************************