From: cmeinel@t... Date: Tue Jul 10, 2001 3:47 pm Subject: Inside Happy Hacker, July 10. 2001 Inside Happy Hacker July 10, 2001 ___________________________________________________________ See the Happy Hacker web site at http://www.happyhacker.org. Firewall or web babysitter program blocks you? Try http://happyhacker.org. Still doesn't work? Try entering 206.62.52.30 in the location window of your web browser. Or, try "Lyraprox" from www.lyracom.com, it defeats firewalls that block us. Inside this issue: · New at the Happy Hacker web site · Draft Cybercrime Treaty would outlaw most hacker and computer security books and web sites · Def Con: why it sucks, why it doesn't suck · Hackers at Large conference · The Latest Way to Telnet *** New at the Happy Hacker web site: More info than ever on how to break into Windows 95, 98 and ME computers. Read about it in Chapter 14 of Meinel's book "Überhacker! How to Break into Computers" http://happyhacker.org/uberhacker/ch140.shtml *** Draft Cybercrime Treaty - Arrgghhh!!!! Could it really happen? Could people like Bugtraq's Aleph One and me (Carolyn Meinel) become branded as international criminals for distributing programs and instructions for how to break into computers? Check out these stories: http://www.securityfocus.com/news/58 http://www.computerworld.com/cwi/story/0%2C1199%2CNAV47_STO53469%2C00. html http://www.wired.com/news/politics/0%2C1283%2C40134%2C00.html http://www.zdnet.com/zdnn/stories/news/0%2C4586%2C2664493%2C00.html http://news.bbc.co.uk/low/english/sci/tech/newsid_1072000/1072580.stm Read the draft version of the treaty here: http://conventions.coe.int/treaty/EN/projets/cybercrime.htm The parts that have us sweating are: Article 6 - Illegal Devices Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law when committed intentionally and without right: a.the production, sale, procurement for use, import, distribution or otherwise making available of: 1.a device, including a computer program, designed or adapted [specifically] [primarily] [particularly]for the purpose of committing any of the offences established in accordance with Article 2 - 5; 2.a computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed with intent that it be used for the purpose of committing the offences established in Articles 2 - 5; a.the possession of an item referred to in paragraphs (a)(1)and (2) above, with intent that it be used for the purpose of committing the offenses established in Articles 2 - 5. A party may require by law that a number of such items be possessed before criminal liability attaches. Article 13 - Sanctions and measures 1.Each Party shall take the necessary measures to ensure that the criminal offences established in accordance with Articles 2 - 11 are punishable by effective, proportionate and dissuasive sanctions and measures. In particular, each Party shall ensure that the offences established in accordance with Articles […](21) and those referred to in Article 21, paragraph 1,when committed by natural persons, are punishable by penalties involving deprivation of liberty which can give rise to extradition. 2.Each Party shall ensure that legal persons held liable in accordance with Article 12 shall be subject to effective, proportionate and dissuasive criminal or non-criminal sanctions, including monetary sanctions. *** Def Con: Why it sucks, why it doesn't suck I (Carolyn Meinel) am going to Def Con, the Las Vegas hackers' convention once again this weekend. For details, see http://defcon.org Why Def Con sucks: It's totally phony. It's run by a federal contractor to spy on, seduce and in general screw around with hackers. Their press room feeds phony hackers peddling phony media stories. The winners of the Capture the Flag and Bastard Operator from Hell games are rigged. Ninety percent of the people who attend are either total newbies, phonies, undercover agents, or tourists. Most speakers convey little of technical value. The large criminal element in attendance does lots of property damage. Don't try swimming in the conference hotel (Alexis) pool - it quickly fills with broken glass. Creeps try to prey sexually on underage kids. Some of these guys are into sadomasochistic sex. Drunks stagger around smoking dope. Why Def Con doesn't suck: A few awesome hackers and brilliant computer security experts attend. You will find them at the Capture the Flag game capturing and analyzing packets, testing their intrusion detection systems and tools such as session hijackers. If you want to match faces with handles (and with some ingenuity, real names), Def Con positively rocks. You can meet me and buy my autographed books at the Loompanics table, or see me at the Capture the Flag game. So… don't go there for fun unless you have really sick tastes. If what you want is knowledge and to meet amazing people, spend your time at the Capture the Flag game (or with me), and don't stay the Alexis Hotel because the drunks will keep you awake all night. *** Hackers at Large conference Hackers At Large 2001: debating the future of the Internet. From August 9th until August 12th, the campus of the University of Twente will feature a congress that is unique in its kind: Hackers at Large, orHAL 2001. The congress expects to receive thousands of guests from all over the world and from many different disciplines to debate issues ranging from advanced technical issues regarding some obscure aspect of the Internet to easy-to-understand lectures on some of the dangers of the information society, as well as many, many other topics. But more than debate, the guests at HAL2001 take ample time to get on-line, relax, build and discuss cool stuff, and engage in good old analog interfacing. The congress is unique in that the participants bring their tent and their computer, which is connected to a large high-speed outdoor computer network that provides high bandwidth Internet connectivity for everybody. On-site power generators provide all these computers with the necessary power: more than 1.5 mega-Watts. Some of the people that are organizing HAL 2001 were also involved in the former hacker movement in The Netherlands: those responsible for the late hackers' magazine Hack-Tic and for setting up the first Internet Service Provider in The Netherlands called ``XS4ALL''. But also many people from Dutch universities, companies and other Internet Service Providers participate in making this event possible. The HAL2001 convention is the fourth in a series that has been running every four years since 1989. Quite a few of the participants at "The Galactic Hacker Party" (1989), "Hacking at the End of the Universe" (1993)and "Hacking in Progress" (1997) have been instrumental in bringing about the changes that are upon us today. HAL2001 is for those that can truly celebrate the Internet and embrace new technologies, without forgetting their responsability to tell others that all these wonderful new technologies come with new risks to the individual and to society as a whole. Sponsors: The HAL 2001 organization would like to thank the sponsors for making this event possible: XS4ALL Internet BV www.xs4all.nl XS4ALL foundation University of Twente www.utwente.nl NLnet foundation www.nlnet.nl USENIX www.usenix.org ITSX www.itsx.com GorillaPark www.gorillapark.com Board of HAL foundation: Cor Bosman Jaco Lockhorst Rop Gonggrijp HAL-staff: Gerrit Hiddink Eric Slachmuylders Contact Information: URL: http://www.hal2001.org Gerrit Hiddink grit@h... tel: (+31) (0)53-4892425 fax: (+31) (0)53-4892452 *** The Latest Way to Telnet Date: Mon, 21 May 2001 16:15:15 +0000 (UTC) From: Grek To: Carolyn Meinel Subject: Tech update.... Not sure if you knew this or not, but I thought I would advise. I recently discovered that I can telnet from my cellphone. This seems to me a wonderful way to hack and learn more about hacking to and from a cellphone. The service that provides this is http://trancell.com You might check that out and if you have a wireless device such as a wireless phone capable of accessing the internet, you might give it a shot. I am sooo, stoked. Espically that I am still a neophyte. Hope this helps you with some more tech updates. TheColor for TheColorCypher EnCrypt to DeCrypt free information. 00000000 3C76 6F69 6420 456E 4372 7970 7465 6454 6F64 6573 00000014 6372 616D 626C 6569 743E ------------------------------------------- Grek may be a neophyte, but his realization of the power of being able to telnet from a cell phone is the soul of hacking! If you have never telnetted before, here's an easy way to try out this basic and essential hacker tool. Go to http://happyhacker.org/wargame/ and simply click on the link to any hacker wargame computer. If it doesn't work, click on another link until you get one up. If this doesn't work, your computer or online connection has a serious problem. To learn more about telnet, see http://happyhacker.org/gtmhh/begin11.shtml ___________________________________________________________________ This is a list devoted to *legal* hacking! If anyone plans to use any information in this Digest or at our Web site to commit crime, go away! We like to put computer criminals behind bars where they belong! Unix editor Mike Miller unixeditor@t...; Windows editor Greggory Peck wineditor@t... Clown Princess: Carolyn Meinel cmeinel@t... Happy Hacker, Inc. is part of a 501 (c) (3) tax deductible organization ___________________________________________________________________