CRYPT NEWSLETTER 30 March - April 1995 Editor: Urnst Kouch (George Smith, Ph.D.) Media Critic: Mr. Badger (Andy Lopez) INTERNET: 70743.1711@compuserve.com Urnst.Kouch@comsec.org crypt@sun.soci.niu.edu COMPUSERVE: 70743,1711 IN THIS ISSUE: Cliff Stoll's "Silicon Snake Oil" . . . Confusion to your enemies: another brief tale of mystery and intrigue . . . "Network Security" and Protect Your Privacy", two books from Prentice Hall reviewed . . . A Kevin Mitnick time line . . . Hell's Angel Ralph "Sonny" Barger . . . Crypt Newsletter white paper on TECHNOQUACK: Part 1: The Golden Pizzle of Information; Part 2: You and the entropic heat death of the universe; Part 3: Sifting corporate pseudo-data . . . Rock 'n' rollin, groovy-lookin' Dan Farmer's excellent adventure . . . Crypt Newsletter WWW page . . . much more. CLIFF STOLL CAN'T SAY THAT, CAN HE? or NOTHIN' BUT GOOD TIMES AHEAD IN "SILICON SNAKE OIL" I don't know if Cliff Stoll ever met historian Christopher Lasch, but if he did they certainly would have had a lot to talk about. Just before his death, Lasch closed his last book, "The Revolt of the Elites" with a biting assessment of the current mania with technology: "Those wonderful machines that science has enabled us to construct have not eliminated drudgery, as . . . other false prophets so confidently predicted, but they have made it possible to imagine ourselves as masters of our fate. In an age that fancies itself as disillusioned, this is the one illusion - the illusion of mastery that remains as tenacious as ever." Stoll's "Silicon Snake Oil: Second Thoughts on the Information Highway" (Doubleday) is steel-plated with the same underlying idea, that much of what is said blindly exTOLLing networks, interconnectivity and computing is illusory - at best exaggerated, at worst, completely fabricated. Of course, there have been other books which hoe the same row. Lauren Ruth Wiener's "Digital Woes" and Theodore Roszak's The Cult of Information," both excellent, come to mind. But neither deliver the same engaging personal style Stoll effortlessly inserts into "SSO" which is a greater read for it. The book deals directly with the mysterious mental disease that is now infecting large numbers of seemingly rational and very vocal people: That computers are the new philosopher stones of American society, capable of transforming the lead of inequality, crumbling public education; unresponsive, corrupt political processes; stagnant career opportunity; or the moribund sex life into different varieties of revitalized techno-alchemical gold. And it means for the greater part of the making of "Silicon Snake Oil," Stoll must have been sleeping with his bullshit detector plugged in. However, he's more gracious, calling it his "bogometer." To wit: "In physics, you measure the brightness of light with a photometer and voltages with a voltmeter. Bogosity -- the degree to which something is bogus - is measured with a bogometer," Stoll writes. "Alan November, a consultant for the Glenbrook high schools in Illinois, believes that today's students are in the test preparation business. In the May/June 1994 issue of _Electronic Learning_, he says that pupils will soon build information products that can be used by clients around the world. Teachers, in turn, will become brokers 'connecting our students to others across the nets who will help them create and add to their knowledge.' That one pegged my bogometer." Mine too. Passages like these are a delight to the closet curmudgeon. A mere thirty pages earlier, Stoll notes "I've also noticed that the computer cognoscenti hang on to their jobs by creating systems where they are at the chokepoints of the organizations. Workers who don't know computers get trampled, discounted or pushed to the side." As for information being free? Bah, Stoll indicates. "I hear this from those who duplicate software or break into computers. It's techno-Marxism -- abolish private property and we'll all be happy." The Free Software Foundation, writes Stoll, claims "that copyrights harm society by preventing the free flow of information." You can tell he doesn't believe much of it. Slogans and cyber-aphorisms of this nature are conveniences in 1995, usually used to rationalize the process of someone else, but never the individual spouting said cliches, being ripped off. I would suspect little, if any, of this will endear Stoll to the disciples of the church of Toffler now encamped within the gilded walls of the mainstream media. That's good. He also has doubtless alienated the cypherpunks movement by essentially stating that while their technical accomplishments are neat, the problem they're trying to solve - the preservation of information privacy through the employ of cumbersome, almost unusable anonymous remailers and cumbersome, almost unusable encryption technology - looms trivial in the global picture. In fact, "Silicon Snake Oil" gores so many sacred cows in cyberspace it's guaranteed the author will be regarded like a dysenteric hog loose in the streets of Mecca on some parts of the net. That would be a shame because "Silicon Snake Oil" has genuine heart. There's not a mean bone in it; neither will you find the sour breath of the corrosive cynic. Paradoxically, Stoll confounds the reader's expectations by appearing to be a hopeless romantic in everyday life, and, by contrast, the nets, where he is up to his neck in connections and still very obviously in love with the pulse of the cursor. In the end, "Silicon Snake Oil" is saying the future could be a pretty dim, brutish place if we trade the critical and analytical capacity, stuff that ain't broke, a real voice on the end of the telephone line or the tough teacher for the newest software, indigestible floods of valueless, curiosity-numbing information or glib futurology that is simply faster and louder than real life. That's a great message from a killer of a book. CONFUSION TO YOUR ENEMIES, PART I: ANOTHER VERY BRIEF TALE OF MYSTERY AND INTRIGUE Virus-programmer Clinton Haines, a science student at the University of Queensland and native of Brisbane, Australia, makes it into the newsletter this month for making himself the Dark Avenger of Oz. [For those unfamiliar with the name "Dark Avenger," consult glossary at end of piece.] Over the past three years, "Confusion to your enemies" could have been Haines' motto. Originally known as Harry McBungus, later as Terminator-Z and Talon in Oz-cyberspace, Haines busied himself over a series of viruses which came to be known as the NoFrills family. Around 1991, one of the first of the NoFrills viruses, X-Fungus/PuKE, heavily infected SunCorp, a government-operated insurance company which has since been privatized. SunCorp, which employs quite a bit of Novell software, found its networks blasted off-line by NoFrills and the event splashed into Australian newspapers. According to members of virus-writing groups with which Haines was associated, he took the opportunity to contact local newsmen who subsequently turned over his identity to just about anyone who wanted it. Following the SunCorp incident, Haines was interviewed by Australian federal agents. During the free-for-all, according to other virus writers, the inventive Haines attempted to stymie the investigation by informing his interrogators that Terminator-Z and Harry McBungus were the names of different computer hackers who had written viruses mistakenly attributed to him. Around the same time, Haines applied for membership in the predominantly North American virus-writing group, NuKE. Paradoxically, Haines had written the original X-Fungus/PuKE/NoFrills virus which struck SunCorp with an eye toward satirizing the same band of hackers. Another of the NoFrills viruses - named Daeman - then found its way into PC networks operated by Australian Telecom, sufficiently incommoding the company so that the Australian federales were again summoned. This led to squabbling, recriminations and an eventual falling out with Haines' North American cybercolleagues who evidently became suspicious the Australian was trying to thrust the notoriety for the Daeman debacle onto them. The complete source code to the Daeman virus was immediately released into the public domain of cyberspace in the electronic publication, NuKE Infojournal, edited by the North American group. Since then Haines has advertised an on-again-off-again relationship with the same group of virus programmers he pretends to make fun of. In early March of this year, the NoFrills virus again fritzed Australian networks, this time those belonging to the Australian Taxation Office. This was seen as tactically unfortunate, since Haines had claimed retirement from virus-writing. The Australian Taxation Office is regarded as balefully as the IRS in the United States. However, Haines reputation as a virus-writer in international cyberspatial circles remains solid, even gaining in stature. Rod Fewster, an Australian representative of the Dutch Thunderbyte anti-virus software company, had befriended Haines, recognized Harry McBungus' technical brilliance as a virus writer and publically mused on the Fidonet on the consequences of infecting the Australian Taxation Office and it getting in the way of a good programming career. Recently, Qark, another Australian virus-writer, informally commented that it was his opinion Haines was, in all respects, a world-class virus programmer and that it was Harry McBungus' original appearance in the Australian press at the time of the SunCorp/X-Fungus incident which inspired him to take up his present hobby as a programmer of software of the same nature. Glossary: 1. Dark Avenger: the name given to the Bulgarian virus writer elevated to the stature of greatest virus-writer in the world (0r "dean of virus writers") by another Bulgarian named Vesselin Bontchev. Programed Dark Avenger Mutation Engine and Eddie computer virus, among others. Symbolic leader of the "Bulgarian computer virus factory." Long-range inspiration for American virus writer, Priest. For additional notes see back issues, "The Virus Creation Labs." 2. NuKE: North American hacker group. Prime-movers: Rock Steady, Nowhere Man (author of original Virus Creation Laboratory software), John Buchanan. Now inactive. CONFUSION TO YOUR ENEMIES, PART II: YOUNG, FAST & SCIENTIFIC: AUSTRALIAN VIRUS WRITER NO NERD: ENJOYS RUGBY, DAD A TENNIS PRO COACH [by Peter Young] Old Clint Haines blew his cover in February after the tax virus hit so my [original] promise to keep his ID to myself is null and void. Clint wrote a virus called K-Mart [sometimes refered to as X-Fungus] under the name of Harry McBungus in late 1991 and in February 1992 it infected the largest financial institution in Queensland, Suncorp, forcing the organization to quarantine 100 workstations and 12 servers while it purged the virus. The virus escaped into the wild because Haines had a habit of giving diskettes containing it to schoolmates he didn't like. He later refined it and in its next incarnation it was tagged No Frills. A version of No Frills hit Australian Telecom's International Business Offices almost a year to the day after the Suncorp infection. Telecom had to isolate and rebuild 1000 PCs on Novell networks. Coincidentally or otherwise, the No Frills attack on the Australian Tax Office this year again took place in February. Haines was 15 when he wrote the original Suncorp virus, refered to on this piece as K-Mart. He's well over six feet tall, plays the Aussie version of gridiron - that's rugby - and bears no resemblance to the skinny nerd of stereotypic virus writer legend. He's come up through private schools and is the child of separated or divorced parents. His dad is a tennis pro coach. Haines doesn't regret writing the NoFrills viruses but does rue that his association with them may cost him the option of a career in computing. He told me his first reaction when a new No Frills hit is reported is a surge of delight that it's still out there working its magic and hasn't been retired to a virus museum or old folk's home. On the heels of the thrill comes an anxiety attack while he wonders whether some hammer is about to fall on him. He's 19 and an undergraduate taking a science degree at the University of Queensland. He's majoring in biochemistry and . . . here's a scary thought . . . thinks biological viruses are fascinating. [Thanks to Roger Thompson of Thompson Network Software and Peter Young who provided timely material for this set of articles.] REVIEWED: "NETWORK SECURITY: PRIVATE COMMUNICATION IN A PUBLIC WORLD" AND "PROTECT YOUR PRIVACY: A GUIDE FOR PGP USERS" "We believe the reason most computer science is hard to understand is because of jargon and irrelevant details. When people work with something long enough they invent their own language, coming up with some meta-architectural framework or other, and forget the rest of the world doesn't talk or think that way," write Charlie Kauffman, Radia Perlman and Michael Speciner in the intro to "Network Security: Private Communication in a Public World" (Prentice Hall). Yay! That got the newsletter's attention and for the greater part of this book, the authors stick to their claim. "Network Security" is a well written textbook with a dry sense of humor which, presumably, immediately dooms it in the world of institutional education. The chapter on "notation," or terminology, is a case in point: "Computer science is filled with ill-defined terminology used by different authors in conflicting ways, often by the same author in conflicting ways. We apologize in advance for probably being guilty sometimes ourselves." The authors then go on to anti-define the term "hacker." "We do not use the term _hacker_ to describe the vandals that break into computer systems . . . the criminals termed 'hackers' are not brilliant and accomplished. It is really too bad they not only steal money, people's time and worse, but they've also stolen a beautiful word that had been used to describe some remarkable and wonderful people." And then they choose the name "Trudy" ("since it sounds like _intruder_") to label malicious hackers. Well, the lead-in was pretty good. The chapter devoted to malicious software is an interesting read. The varieties of viruses and booby-trapped software are loosely dubbed "digital pests" which is all that's really necessary to understand the basic concepts of replicating, damaging software. It's in marked contrast to vendors within the security software industry who often go out of their way at conventions to coin new and confounding names for various classes of essentially rubbish computer viruses. Unfortunately, the authors do goof up their one boldface definition of a virus, the _polymorphic_ variety. They seem to think polymorphic viruses have the ability to magically shuffle the order of their instructions. Not so. The better pieces of detection software which decrypt these heavily encrypted viruses on the fly and identify them on the basis of the machine code exposed beneath the repealed encryption wouldn't work if the authors' beliefs were reality. Actually, no software scanner would work at detecting such a virus. In any case, the precise nature of polymorphic computer viruses is of little interest or practical use to the general reader, so the book is no worse for this very small error. "Network Security" devotes quite a bit of space to the convoluted topic of electronic mail security, too. In the section "Annoying Test Format Issues" the authors get down to the ugly reality of e-mail transit on a worldwide network composed of wildly different machines, software and fiendishly idiosyncratic systems administrators. "When sending a text message to someone on other systems, we'd like the message to appear to the human on the receiving end about the way it looked to the human who sent it. This is a messy, boring problem . . . The usual method of solving problems like these is to define a [standard] format . . . Unfortunately, there is no single standard . . . format." What? And the reader still wishes to encrypt all his trivial sex talk with Privacy Enhanced Mail (tm), too? "Network Security" is also peppered with trenchant asides which ease the heavy-lifting in chapters on the mathematics of encryption, software geek-ese and robust network design. The appendixes are a useful, if oddly done, bibliography and a glossary with whimsical definitions for various examples of techno-gobble like "zero knowledge proof" as "what you write when you're faking an answer on your math test." Cool. Much less interesting, but the recipient of superior publicity, is William Stallings' "Protect Your Privacy: A Guide for PGP Users," also published by Prentice Hall. Perfectly crafted, "Protect Your Privacy" could very well be the final word on Phil Zimmerman's Pretty Good Privacy e-mail encryption program. It contains everything you need to now about PGP: origins, rationale, implications, nuts, bolts and proper usage. However, for the average computer user, it's "Who cares?" PGP remains, at best, non-essential for the typical on-line addict, at worst, a pain-in-the-ass addition of overhead to electronic mail. Pretty Good Privacy may, indeed, have spread simply because it was an idea whose time has come, a revolution in technology so sweeping no one could ignore it. Uh, sure. I prefer a simpler explanation: it was hyped to monstrous proportion by everyone in cyberspace and almost as many from the mainstream media. Back in the real world, in the last two years the majority of people who've pinged me with requests to engage in Pretty Good Privacy protected e-mail pattycake have used the program only for sex appeal. Behind the wall of impressive "military-grade" encryption came little but annoying gossip or day-to-day chitter-chatter which only the utterly mad would be interested in snooping. And so the U.S. government wants to try and pillory PGP programmer Phil Zimmerman for loosing this software on the world? There really is no God. THE KEVIN MITNICK TIMELINE 1978 - Kevin Mitnick meets phone phreak Roscoe of Roscoe gang while harassing a HAM radio operator on the air in Southern California. 1980 - Eddie Rivera writes cover story on Roscoe Gang for LA Weekly magazine. 1980 - December - Roscoe Gang, including Kevin Mitnick, invade computer system at US Leasing. 1981 - Roscoe, Kevin Mitnick and an accomplice bluff way into PacBell's downtown office after hours and burgle documents and manuals. Susan Thunder, paramour of Roscoe and member of Roscoe Gang, squeals on Mitnick and PacBell burglary to Los Angeles district attorney's office investigator. Mitnick's home in San Fernando Valley searched; Mitnick, Roscoe and accomplice subsequently arrested. 1982 - Roscoe pleas guilty to conspiracy and fraud. Sentence: 150 days in jail. Accomplice gets thirty. Mitnick gets ninety day diagnostic study by juvenile justice system, plus a year probation. Kevin Mitnick and Lenny DiCicco enter USC campus and begin using student computers for hacking. Eventually, campus police arrest Mitnick and DiCicco, handcuff them to office benches. USC drops any charges but Los Angeles Police Department computer crime unit pursues Mitnick case. Mitnick sent to juvenile prison in Stockton, California, for breaking probation. Sentence: 6 months. 1984 - Mitnick working for Great American Merchandising, a company operated by acquaintance of family. Begins running unauthorized TRW credit checks and calling PacBell from Great American. Company manager reports Mitnick to district attorney's office again. Mitnick's home again searched. Mitnick goes into hiding. 1985 - Mitnick resurfaces in Los Angeles, contacts DiCicco who is now working for Hughes in El Segundo. Mitnick comes to Hughes and logs onto Dockmaster, National Security Agency's public system. DiCicco subsequently fired from Hughes. Mitnick enrolls at Computer Learning Center, Los Angeles. Meets future wife. 1987 - Mitnick invades system at Santa Cruz Operation. Santa Cruz police travel to Los Angeles to search apartment where call coming into SCO originates. It belongs to Mitnick's girlfriend. Mitnick and girlfriend subsequently arrested and charged with unauthorized access to a computer. Charges against girlfriend dropped. Mitnick's representation bargains felony charge down to misdemeanor. Sentence: three years probation. During period, Mitnick marries girlfriend. 1988 - Pierce College authorities contact LAPD about Kevin Mitnick and Lenny DiCicco misusing campus systems. Mitnick and DiCicco now enrolled in computer class at Pierce. Mitnick and DiCicco again become targets of LAPD investigation. Mitnick attempts to pull down job at Security Pacific. LAPD detective tips company. Mitnick ejected from premises. Pierce College begins disciplinary action against Mitnick and DiCicco. Both expelled. They appeal unsuccessfully. Jet Propulsion Laboratory computer break-in Pasadena, CA, profiled in Los Angeles Times. Attributed to Mitnick and DiCicco in John Markoff's "Cyberpunk". Mitnick using DiCicco's workplace as jumping off point for hacking. DiCicco begins talking to FBI. With DiCicco cooperating, FBI arrests Mitnick for invading Digital Equipment Corporation systems and allegedly stealing software. DiCicco also indicted. Government proceeds to attempt to convict Mitnick on four felony counts. Defense eventually gets prosecution to accept idea that Mitnick addicted or psychologically compelled to actions. Mitnick convicted and given one year sentence at Lompoc, California. DiCicco pleads guilty to one felony. Sentence: 5 years probation, community service. Mitnick and wife separate. 1992 - Mitnick working at private investigating firm in Calabasas while on probation. FBI arrives to arrest Mitnick for alleged break-ins at PacBell. Mitnick again goes into hiding. 1994 - California Department of Motor Vehicles issues $1-million warrant for Mitnick's arrest on charges of fraudulently trying to acquire driver identification. Mitnick traced to Seattle, Washington, where he allegedly worked as a computer "trouble-shooter." Mitnick once again on move. Christmas - Mitnick accused of invading security expert Tsutomu Shimomura's system in San Diego. 1995 - Mitnick hacks The WELL in Sausalito, California. Few mention WELL security is routinely broken. The WELL, security-wise, is known as a "hot" system. Mitnick and Shimomura become media sensations after hacker's arrest in Raleigh, North Carolina. Tracked by Shimomura, news hounds overhype events into Dark Hacker v. rock'n'rollin,' groovy lookin' computer security guru White Knight story. Mitnick continually portrayed as obese, foul-looking dump. Reality shows Mitnick well-groomed, rather fit. Mitnick alleged to have broken into Netcom, stealing credit card base in process. Netcom's credit card base said to be commonplace on 'Net. Miramax announces aim of producing movie based on life and times of Kevin Mitnick. [Sources: The Los Angeles Times, John Markoff's "Cyberpunk" (Simon & Schuster), LA Weekly.] THE AMERICAN OUTLAW: A BRIEF LOOK AT HELL'S ANGELS MAXIMUM LEADER RALPH BARGER Dear Mr. President: On behalf of myself and my associates I volunteer a group of loyal americans for behind the lines duty in Viet Nam. We feel that a crack group of trained gorillas would demoralize the Viet Cong and advance the cause of freedom. We are available for training and duty immediately. Sincerely, Ralph Barger Jr. Oakland, California President of Hell's Angels "[The Hells Angels] were a menacing bunch. They were the kind of people Hitler recruited for the Brownshirts. They liked to party and drink beer and stomp on people." --from E. Jean Carroll's "Hunter: The Strange and Savage Life of Hunter S. Thompson" When considering the case of alleged criminal hacker Kevin Mitnick, it is interesting to look briefly at the example of a bona fide American outlaw, Ralph "Sonny" Barger, the legendary leader of the Hell's Angels Motorcycle Club. Although appearing in countless newspapers, magazines and books since 1967, Barger never achieved the notoriety the fugitive Mitnick garnered in the first quarter of 1995. Although Mitnick has served only brief stints in prison for relatively minor charges, Barger recently celebrated getting off two years parole after serving four years in federal prison for conspiracy to dynamite a rival national motorcycle gang, according to a recent article in the Los Angeles Times. By his own account in the Times, Barger spent "most of the '70's in prison . . . 12 or 13 years . . . Not much considering all the fun I've had." Prosecutors attempted to convict the Hell's Angel in 1972 on a murder beef dealing with the charge Barger killed a man who sold the Angels bad drugs. But, said Barger, "I was found innocent . . . " Indeed, Mitnick's rep rates him as a dilettante public menace, at least next to the deeds of the Hell's Angels. In 1994, for example, the group has been connected with three deaths: an execution in a Rockford, Ill., motorcycle shop; and two non-Angel bikers killed in a gunfight at a raceway in New York. There have also been bombings at Angels affiliates in Chicago and Rockford. Barger points out, however, that the majority of incidents of this type are perpetrated against members of the Angels own class. Although there are many so-called "biker" films, Hollywood has been unable to make a picture chronicling Barger and the Hell's Angels since the group's inception in 1957. By contrast, Miramax has already committed to fielding a motion picture on the life and times of Kevin Mitnick. Barger has never cooperated with mainstream moviemakers although an independent producer has made claims about finally fielding a Hell's Angels script this year. Today Barger still lives in Oakland with his wife Sharon. He maintains a custom motorcycle shop; she promotes Sonny Barger T-shirts on the side. The Times commented they are merchandising Sonny Barger's Cajun Style Salsa. At the beginning of the '80's, Barger lost his larynx to cancer. Now he speaks through a throat patch. "I'm certain I went to prison because I used cocaine . . . I don't know exactly how to explain it, other than you do a lot of stupid things you wouldn't do if you weren't loaded," said Barger to the Times. [Ralph "Sonny" Barger - American Legend T-shirts: Sharon Barger, POB 4708, Oakland, CA 94605] CRYPT NEWSLETTER SPECIAL INSERT: IDENTIFYING TECHNOQUACK I. THE GOLDEN PIZZLE OF INFORMATION SPEAKS: NICHOLAS NEGROPONTE INSISTS WORLD TO BE TRANSFORMED BY DIGITAL BUTLERS & ADVERTISING NEWS [No, this is NOT made up.] As the blitzkrieg of the Toffler media-Wehrmacht continues its double-pincer attack deep into the rear of American credulity, MIT Media Lab FeldMarschall Nicholas Negroponte is ever in the vanguard. Promoting his new book, "Being Digital" (Knopf), in the pages of Business Books Journal (Volume 6, No. 1), Negroponte predicts "digital butlers" are the great agents of change for the future. "Ten years from now, your telephone will not ring in the middle of dinner with some dumb machine or human trying to sell you something," writes Negroponte. "Instead you will be advised in a timely, unobtrusive way about things you might really be interested in knowing about, because you are in the market for a canoe, new car or white truffle." The "digital butler" will be the drone you use to inform the world of your need for a white truffle. It will diligently perform this duty in the background like a faithful English manservant. "Television will become like book reading, a medium of choice, one you pick up when you want, and curl up in bed with if you wish," Negroponte continues. [Forgive the Crypt Newsletter for laughing. The newsletter foolishly thought TV was already a "medium of choice."] "The big issue in the future of TV - not books - is advertising, which will just have to become news, not noise," says Negroponte. II. HOW YOU CAN TELL WHEN YOU'RE ADDING TO THE PROBLEM OF INFORMATION OVERLOAD THUS HASTENING THE INEVITABLE ENTROPIC HEAT DEATH OF THE COSMOS (or 10 MASTER STROKES TO MENTUFACTURY) 1. Your electronic mail sign-off contains a line like "Finger @sententious.dork.edu for PGP key." 2. You have something to do with the MIT Media lab. 3. You are a hobbyist who mistakes being a voyeur 40 hours a week with genuine experience. 4. You have your own World Wide Web home page because . . . well, because your hat size is greater than your in-seam, actually. 5. You fancy yourself a manager of a bulletin board system for shareware, nude pictures of girls or gay men, pirated software, computer viruses, adult chat, Star Trek debate, UFO's, holistic health, astronomy and boring picture files cribbed from NASA or any combination of such. 6. You spend time on Internet Relay Chat asking others to marry you or discussing your excess or lack of intestinal flatulence. 7. You often tell complete strangers of your findings on an international conspiracy uniting the "Bilderbergers," the TriLateral Commission, the reborn Man-God George Bush and an industrialist research venture aimed at implanting carcinogenic lithium metal chips in the index fingers of all US citizens. 8. You have the latest minor version of Pretty Good Privacy. 9. You film low rent pornography and pass it off as a computer game. Or, you film a low rent 15-minute movie starring washed up actors and pass it off as a computer game. Or, you enjoy low rent porn stars and washed up movie actors being paraded around in 15-minute movies passed off as computer games. 10. You confuse science and American culture. Often. III. INFORMATION WEEK MAGAZINE: A GOLDMINE OF CORPORATE PSEUDO-DATA AND TECHNOQUACK AT THE SUPERMARKET NEWS STAND FOR ONLY $2.95 [This ISN'T made up either. Honest.] In the March 20 issue of Information Week magazine staffers Kolbasuk McGee and Michael Fillon determined that "honesty is still the best policy." They interviewed Las Vegas consulting firm Lousig-Nont & Associates and were told that people with "high integrity . . . tend to possess desirable employment characteristics." "Honest workers are frequently more productive, sociable and punctual, and are less apt to abuse sick time or otherwise steal from their employers," insisted Gregory Lousig-Nont, a suit whose photo exuded a comfy amount of warm, hand-wringing sensitivity. Lousig-Nont's claims were buttressed by an impressive sounding "independent" college test that only coincidentally employed his honesty questionnaire. Honesty is still the best policy - whew, the mind reals at the sheer audacity and backbone of the finding. The issue also included a sprawling, written, info-mercial for Database Associates International. Paraphrasing, it said something like this: "A data collection is a [collection] of data of interest to a specific user or group of users. Data collections are derived from the base data created by the data acquisition component. The services provided by the management component include a data maintenance service for deriving new data collections from warehouse base data and a distribution service for exporting warehouse data . . ." A color chart illustrated the flow of data and "meta data" from the data warehouse to a red tank of mixed data and "meta data" outside the data warehouse proper. Data, data, everywhere! Boy howdy! IV. GLOSSARY OF TERMS: 1. Golden Pizzle of Information: authority figure used to declaiming in the dialect of technoquack, e.g., director of MIT Media Lab, et al. 2. "Honesty is the best policy": a convenient slogan, irrelevant to this editorial insert. 3. mentufactury: A kind of pompous term for bullshitting, especially the variety associated with flacking for your information business, hardware, software or the Internet. 4. meta-data: see pseudo-data 5. pseudo-data: test results, charts, bar graphs, numbers and statistics produced by the convergence of mentufactury and technoquack. Sometimes known as advertising. 6. technoquack: 1. an individual, e.g. a consultant or member of the Alvin Toffler Wehrmacht, who specializes in mentufactury; 2. the speechifying of a technoquack or someone who hasn't quite become one yet. DAN AND VIETSE'S EXCELLENT ADVENTURE! Surely John McAfee and the programmer of the Michelangelo computer virus were smiling as the US national media once again went into overdrive this March mentufacturing the spectacle of yet another rock 'n' rollin,' groovy-lookin' security whiz-bang named Dan Farmer, his cyberpal Vietse Somethingorother, and their alleged hacker tool from the Inferno, SATAN. SATAN, a piece of software said to be the ultimate Unix/Internet hacking/information sniffer, was said to be "like a gun, and this is like handing the gun to a 12-year old," trumpeted the Los Angeles Times, accompanied by a picture of rock 'n' rollin, groovy-lookin' Dan Farmer duded out in combat fatigues and saucily perched on his computer workstation at Silicon Graphics. "It's like distributing high-powered rocket launchers throughout the world free of charge, available at your local library or school, and inviting people to try them out by shooting somebody," echoed the San Jose Mercury News. "I hope some crazy teen doesn't get ahold of one," added the Oakland Tribune. Noticeably absent from any of the news pieces was any description of the reality of SATAN: that it was an almost indigestible lump of cobbled-together software and documentation designed to operate on the most high-powered, resource-equipped computers. Farmer's SATAN documentation, which actually looks like the result of putting three hundred computer geeks in a windowless room and letting them run wild on word processors for a couple of months, is a combination of code, program database, and the hyper-text-markup-language used to program displays on the Internet's World Wide Web. If you had the patience and curiosity to sift through it before firing up SATAN, you found the program's requirements for normal operation are about 32 megabytes of computer memory and the power of a Sun/Sparc workstation, which translated for the techno-groupies at the nation's newspapers reads: NO TEENAGE HACKERS, AND MOSTLY EVERYBODY ELSE, INVITED. None of this stopped anyone from playing themselves as April Fools, which is perhaps what the clever Farmer intended all along. The rock 'n' rollin,' groovy-lookin,' computer security whiz-bang got his Warholian fifteen minutes of fame and then some, was fired and hired and had his software classified a bona fide "ware," guaranteeing everyone in computing creation would want a copy even if they couldn't figure out how to use it. Internet software libraries designated as SATAN stores clogged in April as everyone scrambled for the program while on-line. Those smart enough to be in the driver's seats of commercial services which charged for Internet access made a windfall in access time charges. Various corporate windbags in the business computing field took the opportunity to editorialize, complain and organize silly and ineffectual electronic protest multi-mailings to Farmer. The Internet did not crash, as formerly predicted. This week, the Associated Press ran a follow-up to Farmer and SATAN, stating at the end of the piece that "Typical home computer users are unlikely to be affected by the program." -------------------------------------------------------------------- CRYPT NEWSLETTER WORLD WIDE WEB HOME PAGE Thanks to Jim Thomas, magnanimous editor of Computer underground Digest and all around cool guy, you can now visit Crypt & The Virus Creation Labs on the World Wide Web, view pics of the author and his book, download back issues and sample a chapter from VCL! Set your graphical browser (Mosaic, Netscape, etc.) to: URL: http://www.soci.niu.edu:80/~crypt (don't forget the squiggly before the "crypt") See you there! -------------------------------------------------------------- American Eagle has just released THE VIRUS CREATION LABS: A Journey Into the Underground, a new book by Crypt Newsletter editor George Smith. Smith unravels the intrigue behind virus writers and their scourges, the anti-virus software developers and security consultants on the information highway. What readers are saying about THE VIRUS CREATION LABS: "There are relatively few books on the 'computer underground' that provide richly descriptive commentary and analysis of personalities and culture that simultaneously grab the reader with entertaining prose. Among the classics are Cliff Stoll's 'The Cuckoo's Egg,' Katie Hafner and John Markoff's 'Cyberpunk,' and Bruce Sterling's 'The Hacker Crackdown.' Add George Smith's 'The Virus Creation Labs' to the list . . . 'Virus Creation Labs' is about viruses as M*A*S*H is about war!" ---Jim Thomas, Computer underground Digest 7.18, March 5, 1995 "THE VIRUS CREATION LABS dives into the hoopla of the Michelangelo media blitz and moves on to become an engaging, articulate, wildly angry diatribe on the world of computer virus writers . . . Expert reporting." ----McClatchy NewsWire "I don't doubt that [VIRUS CREATION LABS] is entertaining and informative." ----Gene Spafford, academic UNIX security guy "The eruption of electronic publications and services has produced some genuinely novel ways to waste time. Anyone who has the time to explore the vast resources of the Internet should probably read 'The Virus Creation Labs' instead. Cynical, diverting new book . . ." ----Steven Aftergood, the Federation of American Scientists' SECRECY & GOVERNMENT BULLETIN "I like it! The writing is witty and informative [and] does a fine job of keeping the interest of the 'outsider' to the virus scene." ----Nowhere Man, infamous virus writer and programmer of the software virus-maker, the Virus Creation Laboratory kit -------------------------order form------------------------- Yes, I want to receive a copy of George Smith's "The Virus Creation Labs: A Journey Into the Underground" (ISBN 0-929408-09-8). Price: $12.95/copy plus $2.50 shipping per book. NAME: _____________________________________________ ADDRESS: __________________________________________ CITY/STATE/ZIP: __________________________________ Payment method: ___ Master Charge ___ Money Order ___ Check ___ Visa Credit Card # ___________________________________________ Expiration date _________________________________________ Name: ____________________________ Orders can be taken by voice or fax through regular phone number and/or 1-800 number in USA. COD welcome. American Eagle: 1-800-719-4957 1-602-367-1621 POB 41404 Tucson, AZ 85717 ---------------------------------------------------- George Smith, Ph.D., edits the Crypt Newsletter when he feels like it and is the author of "The Virus Creation Labs: A Journey Into the Underground." Media critic Andy Lopez lives in Columbia, SC, and is absent-without-leave. This issue was crunched by a copy of GNU EMACS, just to see if it could be done with a minimum of profanity. copyright 1995 Crypt Newsletter. All rights reserved.