_ _ _/B\_ _/W\_ (* *) Phrack #64 file 3 (* *) | - | | - | | | Phrack World News | | | | | | | | compiled by The Circle of Lost Hackers | | | | | | | | | | (____________________________________________________) The Circle of Lost Hackers is looking for any kind of news related to security, hacking, conference report, philosophy, psychology, surrealism, new technologies, space war, spying systems, information warfare, secret societies, ... anything interesting! It could be a simple news with just an URL, a short text or a long text. Feel free to send us your news. Again, we need your help for this section. We can't know everything, we try to do our best, but we need you ... the scene needs you...the humanity needs you...even your girlfriend needs you but should already know this... :-) 1. Speedy Gonzales news 2. One more outrage to the freedom of expression 3. How we could defeat the Orwellian Narus system 4. Feeling safer in a spying world 5. D-Wave computing demonstrates a quantum computer -------------------------------------------- --[ 1. _____ _ / ___| | | \ `--. _ __ ___ ___ __| |_ _ `--. \ '_ \ / _ \/ _ \/ _` | | | | /\__/ / |_) | __/ __/ (_| | |_| | \____/| .__/ \___|\___|\__,_|\__, | | | __/ | |_| |___/ _____ _ | __ \ | | | | \/ ___ _ __ ______ _| | ___ ___ | | __ / _ \| '_ \|_ / _` | |/ _ \/ __| | |_\ \ (_) | | | |/ / (_| | | __/\__ \ \____/\___/|_| |_/___\__,_|_|\___||___/ _ _ | \ | | | \| | _____ _____ | . ` |/ _ \ \ /\ / / __| | |\ | __/\ V V /\__ \ \_| \_/\___| \_/\_/ |___/ -Speedy News-[ There is no age to start hacking ]-- http://www.dailyecho.co.uk/news/latest/display.var. 1280820.0.how_girl_6_hacked_into_mps_commons_computer.php -Speedy News-[ Eeye hacked ? ]-- http://www.phrack.org/eeye_hacked.png -Speedy News-[ Anarchist Cookbook ]-- The anarchist cookbook version 2006, be careful... http://www.beyondweird.com/cookbook.html -Speedy News-[ Is Hezbollah better than Israeli militants? ]-- http://www.fcw.com/article96532-10-19-06-Web -Speedy News-[ How to be secure like an 31337 DoD dude ]-- https://addons.mozilla.org/en-US/firefox/addon/3182 -Speedy News-[ Hi I'm Skyper, ex-Phrack and I like Phrack's design! ]-- http://conf.vnsecurity.net/cfp2007.txt -Speedy News-[ The most obscure company in the world ]-- http://www.vanityfair.com/politics/features/2007/03/spyagency200703? printable=true¤tPage=all A "MUST READ" article... -Speedy News-[ Terrorism excuse Vs freedom of information ]-- http://www.usatoday.com/news/washington/2007-03-13-archives_N.htm -Speedy News-[ Zero Day can happen to anyone ]-- http://www.youtube.com/watch?v=L74o9RQbkUA -Speedy News-[ NSA, contractors and the success of failure ]-- http://www.govexec.com/dailyfed/0407/040407mm.htm -Speedy News-[Blood, Bullets, Bombs, and Bandwidth ]-- http://rezendi.com/travels/bbbb.html -Speedy News-[ The day when the BCC predicted the future ]-- http://www.prisonplanet.com/articles/february2007/260207building7.htm -Spirit News-[ Just because we like these websites ]-- http://www.cryptome.org/ http://www.2600.com/ --[ 2. One more outrage to the freedom of expression by Napoleon Bonaparte The distribution of a book containing a copy of the Protocols of the Elders of Zion was stopped in Belgium and France by Israeli lobbyists. The authors advance that the bombing of the WTC could be in relation with Israel. It's not the good place to argue about this statement, but what is interesting is that 6 years after 11/09/01 we read probably more than 100 theories about the possible authors of WTC bombing: Al Qaeda, Saoudi Arabia, Irak (!) or even Americans themselves. But this book advances the theory that _maybe_ there is something with Israel and the diffusion is forbidden, just one month after its release. Before releasing this book, the Belgian association antisemitisme.be read it to give his opinion. The result is apparent: the book is not antisemitic. The only two things that could be antisemitic in this book are: - the diffusion of "The Protocols of the Elders of Zion" in the annexe of the book. If you take a look on Amazon, you can find more than 30 books containing The Protocols. - the cover of the book which show the US and Israeli flags linked with a bundle of dollars. Actually you can find the same kind of picture on the website of the Americo-Israeli company Zionoil: http://www.zionoil.com/ . And the cover of the book was designed before the author found the same picture on Zionoil's website. Also, something unsettling in this story is that the book was removed on the insistence of a Belgian politician: Claude Marinower. And on the website of this politician, we can see him with Moshe Katsav who is the president of Israel and recently accused by Attorney General Meni Mazuz for having committed rape and other crimes... http://www.claudemarinower.be/uploads/ICJP-israelpresi.JPG So why the distribution of this book was banned? Because the diffusion of "The Protocols of the Elders of Zion" is dangerous? Maybe but... You can find on Internet or amazon some books like "The Anarchist Cookbook" which is really more "dangerous" than the "The Protocols of the Elders of Zion". In this book you can find some information like how to kill someone or how to make a bomb. If we have to give to our children either "The Anarchist Cookbook" or "The Protocols of the Elders of Zion", I'm sure that 100% of the population will prefer to give "The Protocols of the Elders of Zion". Simply because it's not dangerous. So why? Probably because there are some truth in this book. The revelations in this book are not only about 11/09/2001 but also about the Brabant massacres in Belgium from 1982 to 1985. The authors advances that these massacres were linked to the GLADIO/stay-behind network. As Napoleon Bonaparte said: "History is a set of lies agreed upon". He was right... [1] http://www.antisemitisme.be/site/event_detail.asp?language=FR&eventId =473&catId=26 [2] http://www.ejpress.org/article/14608 [3] http://www.wiesenthal.com/site/apps/nl/content2.asp?c=fwLYKnN8LzH&b =245494&ct=2439597 [4] http://www.osservatorioantisemitismo.it/scheda_evento.asp?number=1067& idmacro=2&n_macro=3&idtipo=59 [5] http://ro.novopress.info/?p=2278 [6] http://www.biblebelievers.org.au/przion1.htm --[ 3. How we could defeat the Orwellian Narus system by Napoleon Bonaparte AT&T, Verizon, VeriSign, Amdocs, Cisco, BellSouth, Top Layer Networks, Narus, ... all theses companies are inter-connected in our wonderful Orwellian world. And I don't even talk about companies like Raytheon or others involved in "ECHELON". That's not new, our governments spy us. They eavesdrop our phones conversation, our Internet communications, they take beautiful photos of us with their imagery satellites, they can even see through walls using satellites reconnaissance (Lacrosse/Onyx?), they install cameras everywhere in our cities (how many cameras in London???), RFID tags are more and more present and with upcoming technologies like nanotechnologies, bio-informatics or smartdusts system there is really something to worry about. With all these systems already installed, it's utopian to think that we could come back to a world without any spying system. So what we can do ? Probably not a lot of things. But I would like to propose a funny idea about NARUS, the system allowing governments to eavesdrop citizens Internet communications. This short article is not an introduction to Narus. I will just give you a short description of its capacities. A more longer article could be written in a next release of Phrack (any volunteer?). So Narus is an American company founded in 97. The first work of NARUS was to analyze IP network traffic for billing purpose. In order to accomplish this they have strongly contributed to the standardization of the IPDR Streaming Protocol by releasing an API Code [1] (study this doc, it's a key to break NARUS). Nowadays, Narus is also included in what I will call the "spying business". According to their authors, they can collect data from links, routers, soft switches, IDS/IPS, databases, ..., normalize, correlate, aggregate and analyze all these data to provide a comprehensive and detailed model of users, elements, protocols, applications and networks behaviors. And the most important: everything is done in real time. So all your e-mails, instant messages, video streams, P2P traffic, HTTP traffic or VOIP can be monitored. And they doesn't care about which transmission technology you use, optical transmission can also be monitored. This system is simply amazing and we should send our congratulations to their designers. But we should also send our fears... If we want to block Narus, there is an obvious way: using cryptography. Nowadays, it's quite easy to send an encrypted email. You don't even have to worry about your email client, everything it's transparent (once configured). The problem is that you need to give your public key to your interlocutor, which is not really "user friendly". Especially if the purpose is simply to send an email to your girlfriend. But it's still the best solution to block a system like Narus. Another way to block Narus is to use steganography, but it's more complicate to implement. In conclusion, there is no way to stop totally a system like Narus and the only good way to block it is to use cryptography. But we, hackers, we can do something against Narus. Something funny. The idea is the following: we should know where a Narus system is installed! First step. An organization, a country or simply someone should buy a Narus system and reverse it. There are a lot of tools to reverse a system, free or commercial. Since the purpose of Narus is to analyze data, the main task is parsing data. And we know that systems parsing data are the most sensitive to bugs. So a first idea could be to fuzzing it with random requests and if it doesn't work doing some reversing. Once a bug is detected (and for sure, there IS at least one bug), the next step is to exploit it. Difficult task but not impossible. The most interesting part is the next one: the shellcode. There are two possibilities, either the system where Narus is installed has an outgoing Internet connexion or there isn't an outgoing Internet connexion. If not, the shellcode will be quite limited, the "best" idea is maybe just to destroy the system but it's not useful. What is useful is when Narus is installed on a system with an outgoing Internet connexion. We don't want a shell or something like that on the system, what we want is to know where a Narus system is installed. So what our shellcode has to do is just to send a ping or a special packet to a server on Internet to say "hello a Narus is installed at this place". We could hold a database with all the Narus system we discover in the world. This idea is probably not very difficult to implement. The only bad thing is if we release the vulnerability, it won't take a long time to Narus to patch it. But after all, what else can we do? Again, as Napoleon said: "Victory belongs to the most persevering". And hackers are... [1] http://www.ipdr.org/public/DocumentMap/SP2.2.pdf --[ 4. Feeling safer in a spying world by Julius Caesar At first, it's subtle. It just sneaks up on you. The only ones who notice are the paranoid tinfoil hat nutjobs -- the ones screaming about conspiracies and big brother. They take a coincidence here and a fact from over there and come up with 42. It's all about 42. We need cameras at ATM machines, to catch robbers and muggers. Sometimes they even catch a shot of the Ryder truck driving by in the background. People get mugged in elevators, so we need some cameras there too. Traffic can be backed up for a while before the authorities notice, so let's have some cameras on the highway. Resolution gets better, and we can catch more child molestors and terrorists if they can record license plates and faces. Cameras at intersections catch people running red lights and speeding. We're getting safer every day. Some neighborhoods need cameras to catch the hoods shooting each other. Others need cameras to keep the sidewalks safe for shoppers. It's all about safety. Then one day, the former head of the KGIA is in charge, or arranges for his dimwitted son to fuck up yet again as president of something. Soon, we're at war. Not with anyone in particular. Just Them. You're either with us, or you're with Them, and we're gonna to git Them. Our phone calls need to me monitored, to make sure we're not one of Them. Our web browsing and shopping and banking and reading and writing and travel and credit all need to be monitored, so we can catch Them. We'll need to be seached when travelling or visiting a government building because we might have pointy metal things or guns on us. We don't want to be like Them. It's important to be safe, but how can we tell if we're safe or not? What if we wonder into a place with no cameras? How would we know? What if our web browsing isn't being monitored? How can we make sure we're safe? Fortunately, there are ways. Cameras see through a lens, and lenses have specific shapes with unique characteristics. If we're in the viewing area of a camera, then we are perpendicular to a part of the surface of the lens, which usually has reflective properties. This allows us to know when we're safely in view of a camera. All it takes is a few organic LEDs and a power supply (like a 9V battery). Arrange the LEDs in a circle about 35mm in diameter, and wire them appropriately for the power supply. Cut a hole in the center of the circle formed by the LEDs. Now look through the hole as you pan around the room. When you're pointing at a lens, the portion of the curved surface of the lens which is perpendicular to you will reflect the light of the LEDs directly back at you. You'll notice a small bright white pinpoint. Blink the LEDs on and off to make sure it's reflecting your LEDs, and know that you are now safer. Worried that your Internet connection may not be properly monitored for activity that would identify you as one of Them? There are ways to confirm this too. Older equipment, such as carnivore or DCS1000 could often be detected by traceroute, which would show up as odd hops on your route to the net. As recently as 2006, AT&T's efforts to keep us safe showed up with traceroute. But the forces of Them have prevailed, and our protectors were forced to stop watching our net traffic. Almost. We can no longer feel safe when seeing that odd hop, because it doesn't show up on traceroute anymore. It will, however, show up with ping -R, which requests every machine to add its IP to the ping packet as it travels the network. First, do a traceroute to find out where your ISP connects to the rest of the net; [snip] 5 68.87.129.137 (68.87.129.137) 28.902 ms 14.221 ms 13.883 ms 6 COMCAST-IP.car1.Washington1.Level3.net (63.210.62.58) 19.833 ms * 21.768 ms 7 te-7-2.car1.Washington1.Level3.net (63.210.62.49) 19.781 ms 19.092 ms 17.356 ms Hop #5 is on comcast's network. Hop #6 is their transit provider. We want to send a ping -R to the transit provider (63.210.62.58); [root@phrack root]# ping -R 63.210.62.58 PING 63.210.62.58 (63.210.62.58) from XXX.XXX.XXX.XXX : 56(124) bytes of data. 64 bytes from 63.210.62.58: icmp_seq=0 ttl=243 time=31.235 msec NOP RR: [snip] 68.87.129.138 68.86.90.90 4.68.121.50 4.68.127.153 12.123.8.117 117.8.123.12.in-addr.arpa. domain name pointer sar1-a360s3.wswdc.ip.att.net. An AT&T hop on Level3's network? Wow, we are still safely under the watchful eye of our magnificent benevolent intelligence agencies. I feel safer already. --[ 5. D-Wave demonstrates a quantum computer by aris February the 13'th, 2007, Wave computing made a public demonstration of their brand-new quantum computer, which could be a revolution in computing and in cryptography in general. The demonstration took place at Mountain View, Silicon Valley, though the quantum computer itself was left at Vancouver, remotely connected by Internet. The Quantum computer is a hybrid construction of classical computing and a quantum "accelerator" chip: The classical computer makes the ordinary operations, isolates the complicate stuff, prepare it to be processed by the quantum chip then gives back the results. The whole mechanism is meant to be usable over networks (with RPC) to be accessible for companies that want a quantum computer but can't manage to handle it at their main office (The hardware has special requirements). [1] The quantum chip is a 16 Qbits engine, using superconductiong electronics. Previous tries to do quantum computers were made previously, none of them known to have more than 3 or 4 Qbits. D-Wave also pretends being able to scale that number of Qbits up to 1024 in 2008 ! That fact made a lot of people in scientific area skeptic about the claims of D-Wave. The US National Aeronautics and Space Administration (commonly known as NASA) confirmed to the press that they've built the special chip for D-Wave conforming their specifications. [2] Now, how does the chip works ? D-Wave hasn't released that much details about the internals of their chip. They have chosen the superconductor because it makes easier to exploit quantum mechanics. When atoms are very cold (approaching the 0K), they transform themselves into superconducting atoms. They have special characteristics, including the fact their electrons get a different quantum behaviur. In the internals, the chips contains 16 Qbits arranged in a 4x4 grid, each Qbit being coupled with its four immediate neighbors and some in the diagonals. [3] The coupling of Qbits is what gives them their power : a Qbit is believed to be at two states at same time. When coupling two Qbits, the combination of their state contains four states, and so on. The more Qbits are coupled together, the more possible number of states they have, and when working an algorithm on them, you manipulate all of their states at once, giving a very important performance boost. By its nature, it may even help to resolve NP-Complete problems, that is, problems that cannot be resolved by polynomial algorithms (we think of large sudoku maps, multivariate polynomial systems, factoring large integers ...). Not coupling all of their Qbits makes their chip easier to build and to scale, but their 16Qbits computer is not equal to the theoretical 16 Qbits computers academics and governments are trying to build for years. The impact of this news to the world is currently minimal. Their chips currently work slower than a low-range personal computer and costs thousands of dollars, but maybe in some years it will become a real solution for solving NP problems. The NP problem that most people involved in security know is obviously the factoring of large numbers. We even have a proof that it exists a *linear* algorithm to factorize a multiple of two large integers, it is named Shor's algorithm. It means when we'll have the hardware to run it, factorizing a 1024 bits RSA private key will only take two times the time needed to factorize a 512 bits key. It completely destroys the security of the public cryptography as we know it now. Unfortunaly, we have no information on which known quantum algorithms run on D-Wave computer, and D-Wave made no statement about running Shor's algorithm on their beast. Also, no claim have been given letting us think the chip could break RSA. And for sure, NSA experts probably already studied the situation (in the case they don't already own their own quantum computer). References: [1] http://www.dwavesys.com/index.php?page=quantum-computing [2] http://www.itworld.com/Tech/3494/070309nasaquantum/index.html [3] http://arstechnica.com/articles/paedia/hardware/quantum.ars