==Phrack Inc.== Volume Two, Issue 24, File 12 of 13 PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN P h r a c k W o r l d N e w s PWN PWN ~~~~~~~~~~~ ~~~~~~~~~ ~~~~~~~ PWN PWN Issue XXIV/Part 2 PWN PWN PWN PWN February 25, 1989 PWN PWN PWN PWN Created, Written, and Edited PWN PWN by Knight Lightning PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Shadow Hawk Gets Prison Term February 17, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ An 18 year old telephone phreak from the northside/Rogers Park community in Chicago who electronically broke into U.S. military computers and AT&T computers, stealing 55 programs was sentenced to nine months in prison on Tuesday, February 14, 1989 in Federal District Court in Chicago. Herbert Zinn, Jr., who lives with his parents on North Artesian Avenue in Chicago was found guilty of violating the Computer Fraud and Abuse Act of 1986 by Judge Paul E. Plunkett. In addition to a prison term, Zinn must pay a $10,000 fine, and serve two and a half years of federal probation when released from prison. United States Attorney Anton R. Valukas said, "The Zinn case will serve to demonstrate the direction we are going to go with these cases in the future. Our intention is to prosecute aggressively. What we undertook is to address the problem of unauthorized computer intrusion, an all-too-common problem that is difficult to uncover and difficult to prosecute..." Zinn, a dropout from Mather High School in Chicago was 16-17 years old at the time he committed the intrusions, using his home computer and modem. Using the handle "Shadow Hawk," Zinn broke into a Bell Labs computer in Naperville, IL; an AT&T computer in Burlington, NC; and an AT&T computer at Robbins Air Force Base, GA. No classified material was obtained, but the government views as 'highly sensitive' the programs stolen from a computer used by NATO which is tied into the U.S. missile command. In addition, Zinn made unlawful access to a a computer at an IBM facility in Rye, NY, and into computers of Illinois Bell Telephone Company and Rochester Telephone Company, Rochester, NY. Assistant United States Attorney William Cook said that Zinn obtained access to the AT&T/Illinois Bell computers from computer bulletin board systems, which he described as "...just high-tech street gangs." During his bench trial during January, Zinn spoke in his own defense, saying that he took the programs to educate himself, and not to sell them or share them with other phreaks. The programs stolen included very complex software relating to computer design and artificial intelligence. Also stolen was software used by the BOC's (Bell Operating Companies) for billing and accounting on long distance telephone calls. The Shadow Hawk -- that is, Herbert Zinn, Jr. -- operated undetected for at least a few months in 1986-87, but his undoing came when his urge to brag about his exploits got the best of him. It seems to be the nature of phreaks and hackers that they have to tell others what they are doing. On a BBS notorious for its phreak/pirate messages, Shadow Hawk provided passwords, telephone numbers and technical details of trapdoors he had built into computer systems, including the machine at Bell Labs in Naperville. What Shadow Hawk did not realize was that employees of AT&T and Illinois Bell love to use that BBS also; and read the messages others have written. Security representatives from IBT and AT&T began reading Shadow Hawk's comments regularly; but they never were able to positively identify him. Shadow Hawk repeatedly made boasts about how he would "shut down AT&T's public switched network." Now AT&T became even more eager to locate him. When Zinn finally discussed the trapdoor he had built into the Naperville computer, AT&T decided to build one of their own for him in return; and within a few days he had fallen into it. Once he was logged into the system, it became a simple matter to trace the telephone call; and they found its origin in the basement of the Zinn family home on North Artesian Street in Chicago, where Herb, Jr. was busy at work with his modem and computer. Rather than move immediately, with possibly not enough evidence for a good, solid conviction, everyone gave Herb enough rope to hang himself. For over two months, all calls from his telephone were carefully audited. His illicit activities on computers throughout the United States were noted, and logs were kept. Security representatives from Sprint made available notes from their investigation of his calls on their network. Finally the "big day" arrived, and the Zinn residence was raided by FBI agents, AT&T/IBT security representatives and Chicago Police detectives used for backup. At the time of the raid, three computers, various modems and other computer peripheral devices were confiscated. The raid, in September, 1987, brought a crude stop to Zinn's phreaking activities. The resulting newspaper stories brought humiliation and mortification to Zinn's parents; both well-known and respected residents of the Rogers Park neighborhood. At the time of the younger Zinn's arrest, his father spoke with authorities, saying, "Such a good boy! And so intelligent with computers!" It all came to an end Tuesday morning in Judge Plunkett's courtroom in Chicago, when the judge imposed sentence, placing Zinn in the custody of the Attorney General or his authorized representative for a period of nine months; to be followed by two and a half years federal probation and a $10,000 fine. The judge noted in imposing sentence that, "...perhaps this example will defer others who would make unauthorized entry into computer systems." Accepting the government's claims that Zinn was "simply a burglar; an electronic one... a member of a high-tech street gang," Plunkett added that he hoped Zinn would learn a lesson from this brush with the law, and begin channeling his expert computer ability into legal outlets. The judge also encouraged Zinn to complete his high school education, and "become a contributing member of society instead of what you are now, sir..." Because Zinn agreed to cooperate with the government at his trial, and at any time in the future when he is requested to do so, the government made no recommendation to the court regarding sentencing. Zinn's attorney asked the court for leniency and a term of probation, but Judge Plunkett felt some incarceration was appropriate. Zinn could have been incarcerated until he reaches the age of 21. His parents left the courtroom Tuesday with a great sadness. When asked to discuss their son, they said they preferred to make no comment. Information Collected From Various Sources _______________________________________________________________________________ FBI National Crime Information Center Data Bank February 13, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By Evelyn Richards (Washington Post) "Proposed FBI Crime Computer System Raises Questions on Accuracy, Privacy -- Report Warns of Potential Risk Data Bank Poses to Civil Liberties" On a Saturday afternoon just before Christmas last year, U.S. Customs officials at Los Angeles International Airport scored a "hit." Running the typical computer checks of passengers debarking a Trans World Airlines flight from London, they discovered Richard Lawrence Sklar, a fugitive wanted for his part in an Arizona real estate scam. As their guidelines require, Customs confirmed all the particulars about Sklar with officials in Arizona - his birth date, height, weight, eye and hair color matched those of the wanted man. Sklar's capture exemplified perfectly the power of computerized crime fighting. Authorities thousands of miles away from a crime scene can almost instantly identify and nab a wanted person. There was only one problem with the Sklar case: He was the wrong man. The 58-year old passenger - who spent the next two days being strip-searched, herded from one holding pen to another and handcuffed to gang members and other violent offenders - was a political science professor at the University of California at Los Angeles. After being fingered three times in the past dozen years for the financial trickeries of an impostor, Sklar is demanding that the FBI, whose computer scored the latest hit, set its electronic records straight. "Until this person is caught, I am likely to be victimized by another warrant," Sklar said. Nowhere are the benefits and drawbacks of computerization more apparent than at the FBI, which is concluding a six-year study on how to improve its National Crime Information Center, a vast computer network that already links 64,000 law enforcement agencies with data banks of 19 million crime-related records. Although top FBI officials have not signed off on the proposal, the current version would let authorities transmit more detailed information and draw on a vastly expanded array of criminal records. It would enable, for example, storage and electronic transmission of fingerprints, photos, tattoos and other physical attributes that might prevent a mistaken arrest. Though controversial, FBI officials have recommended that it include a data bank containing names of suspects who have not been charged with a crime. The proposed system, however, already has enraged computer scientists and privacy experts who warn in a report that the system would pose a "potentially serious risk to privacy and civil liberties." The report, prepared for the House subcommittee on civil and constitutional rights, also contends that the proposed $40 million overhaul would not correct accuracy problems or assure that records are secure. Mostly because of such criticism, the FBI's revamped proposal for a new system, known as the NCIC 2000 plan, is a skeleton of the capabilities first suggested by law enforcement officials. Many of their ideas have been pared back, either for reasons of practicality or privacy. "Technical possibility should not be the same thing as permissible policy," said Marc Rotenberg, an editor of the report and Washington liaison for Computer Professionals for Social Responsibility, a California organization. The need to make that tradeoff - to weigh the benefits of technological advances against the less obvious drawbacks - is becoming more apparent as nationwide computer links become the blood vessels of a high-tech society. Keeping technology under control requires users to double-check the accuracy of the stored data and sometimes resort told-fashioned paper records or face-to-face contact for confirmation. Errors have plagued the NCIC for many years, but an extensive effort to improve record-keeping has significantly reduced the problem, the FBI said. Tapped by federal, state and local agencies, the existing FBI system juggles about 10 inquiries a second from people seeking records on wanted persons, stolen vehicles and property, and criminal histories, among other things. Using the current system, for example, a police officer making a traffic stop can fine out within seconds whether the individual is wanted anywhere else in the United States, or an investigator culling through a list of suspects can peruse past records. At one point, the FBI computer of the future was envisioned as having links to a raft of other data bases, including credit records and those kept by the Immigration and Naturalization Service, the Internal Revenue Service, the Social Security Administration and the Securities and Exchange Commission. One by one, review panels have scaled back that plan. "There's a lot of sensitive information in those data bases," said Lt. Stanley Michaleski, head of records for the Montgomery County [Maryland] police. "I'm not going to tell you that cops aren't going to misuse the information." The most controversial portion of the planned system would be a major expansion to include information on criminal suspects - whose guilt has not yet been established. The proposed system would include names of persons under investigation in murder, kidnapping or narcotics cases. It would include a so-called "silent hit" feature: An officer in Texas, for instance, would not know that the individual he stopped for speeding was a suspect for murder in Virginia. But when the Virginia investigators flipped on their computer the next morning, it would notify them of the Texas stop. To Michaleski, the proposal sounded like "a great idea. Information is the name of the game." But the "tracking" ability has angered critics. "That [data base] could be enlarged into all sorts of threats - suspected communists, suspected associates of homosexuals. There is no end once you start," said Rep. Don Edwards (D-Calif.), whose subcommittee called for the report on the FBI's system. The FBI's chief of technical services, William Bayse, defends the proposed files, saying they would help catch criminals while containing only carefully screened names. "The rationale is these guys are subjects of investigations, and they met a certain guideline," he said. So controversial is the suspect file that FBI Director William Sessions reportedly may not include it when he publicly presents his plan for a new system. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - A case similar to Sklar's was that of Terry Dean Rogan, who was arrested five times because of outstanding warrants caused by someone else masquerading as him. He finally settled for $50,000 in damages. _______________________________________________________________________________ Legal Clamp-Down On Australian Hackers February 14, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By Julie Power (The Financial Review) Federal Cabinet is expected to endorse today draft legislation containing tough penalties for hacking into Commonwealth computer systems. It is understood that the Attorney-General, Mr. Lionel Bowen, will be proposing a range of tough new laws closely aligned with the recommendations of the Attorney-General's Department released in December. Mr. Bowen requested the report by the Review of Commonwealth Criminal Law, chaired by Sir Harry Gibbs, as a matter of urgency because of the growing need to protect Commonwealth information and update the existing legislation. Another consideration could be protection against unauthorized access of the tax file number, which will be stored on a number of Government databases. If the report's recommendations are endorsed, hacking into Commonwealth computers will attract a $48,000 fine and 10 years imprisonment. In addition, it would be an offense to destroy, erase, alter, interfere, obstruct and unlawfully add to or insert data in a Commonwealth computer system. The legislation does not extend to private computer systems. However, the Attorney-General's Department recommended that it would be an offense to access information held in a private computer via a Telecom communication facility or another Commonwealth communication facility without due authority. _______________________________________________________________________________ Multi-Gigabuck Information Theft February 8, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By Bob Mitchell (Toronto Star)(Edited for this presentation) A man has been arrested and charged with unauthorized use of computer information, following a 2-month police investigation. The suspect was an associate of a "very big" Toronto company: "A company that people would know, with offices across Canada." Police are keeping the company's name secret at its request. They say the perpetrator acted alone. A password belonging to the company was used to steal information which the company values at $4 billion (Canadian). This information includes computer files belonging to an American company, believed to contain records from numerous companies, and used by large Canadian companies and the United States government. "We don't know what this individual was planning to do with the information, but the potential is unbelievable. I'm not saying the individual intended to do this, but the program contained the kind of information that could be sold to other companies," said Lewers. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Further investigation of the above details led to the following; Multi-Gigabuck Value Of Information Theft Denied February 17, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Different facts about the information theft were reported two days after the original story. The information in this article is from the Toronto Globe & Mail. The article is headlined "Computer Information Theft Detected By Security System, Company Says." And it begins as follows: "The theft of information from a company's computer program was detected by the firm's own computer security system. Mike Tillson, president of HCR Corporation, which specializes in developing computer software, said yesterday an unusual pattern of computer access was noticed on the company's system last week." The article continues by saying that police reports valuing the "program" at $4 billion (Canadian) were called grossly exaggerated by Tilson: "It's more in the tens of thousands of dollars range." He also said that the illegal access had been only a week before; there was no 2-month investigation. And asked about resale of the information, he said, "It's not clear how one would profit from it. There are any number of purposes one could imagine to idle curiosity. There is a possibility of no criminal intent." The information not being HCR customer data, and Tilson declining to identify it, the article goes on to mention UNIX, to mumble about AT&T intellectual property, and to note that AT&T is not in the investigation "at this stage." _______________________________________________________________________________ More Syracuse Busts February 6, 1989 ~~~~~~~~~~~~~~~~~~~ St. Elmos Fire was arrested after a supposed friend turned him in to the police and signed an affidavit. His crimes include hacking into his school's HP3000 and the FBI and Telenet are trying to get him for hacking into another HP3000 system in Illinois. However, it was the "friend" that was actually the person responsible for the damage done to the computer in Illinois. The problem is that Telenet traced that calls to Syracuse, New York and because of the related crimes, the authorities are inclined to believe that both were done by the same individual. St. Elmos Fire has already had his arraignment and his lawyer says that there is very little evidence to connect SEF to the HP3000 in Syracuse, NY. However,, nothing is really known at this time concerning the status of the system in Illinois. Information Provided by Grey Wizard _______________________________________________________________________________ Television Editor Charged In Raid On Rival's Files February 8, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >From San Jose Mercury News TAMPA, Fla. (AP) - A television news editor hired away from his station by a competitor has been charged with unlawfully entering the computer system of his former employer to get confidential information about news stories. Using knowledge of the system to bypass a security shield he helped create, Michael L. Shapiro examined and destroyed files relating to news stories at Tampa's WTVT, according to the charges filed Tuesday. Telephone records seized during Shapiro's arrest in Clearwater shoed he made several calls last month to the computer line at WTVT, where he worked as assignment editor until joining competitor WTSP as an assistant news editor in October. Shapiro, 33, was charged with 14 counts of computer-related crimes grouped into three second-degree felony categories: Offenses against intellectual property, offenses against computer equipment and offenses against computer users. He was released from jail on his own recognizance. If convicted, he could be sentenced to up to 15 years in prison and fined $10,000 for each second-degree felony count. Bob Franklin, WTVT's interim news director, said the station's management discovered several computer files were missing last month, and Shapiro was called to provide help. Franklin said the former employee claimed not to know the cause of the problem. At a news conference, Franklin said: "Subsequent investigation has revealed that, at least since early January, WTVT's newsroom computer system has been the subject of repeated actual and attempted 'break-ins.' The computers contain highly confidential information concerning the station's current and future news stories." The news director said Shapiro was one of two people who had responsibility for daily operation and maintenance of the computer system after it was installed about eight months ago. The other still works at WTVT. Terry Cole, news director at WTSP, said Shapiro has been placed on leave of absence from his job. Shapiro did not respond to messages asking for comment. Franklin said Shapiro, employed by WTVT from February 1986 to September, 1988, left to advance his career. "He was very good at what he did," Franklin said. "He left on good terms." _______________________________________________________________________________