----MESSAGE-BEGIN---- [9002180852.AA15847@ucbarpa.Berkeley.EDU] <1990020100250000> From: CJS@cwru.BITNET Newsgroups: misc.security Subject: DDN Security Bulletin 90-01 Message-ID: <9002180852.AA15847@ucbarpa.Berkeley.EDU> Date: 1 Feb 90 00:25:00 GMT Sender: usenet@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 74 Approved: security@rutgers.edu Posted: Thu Feb 1 01:25:00 1990 Just thought you all might find this of interest. *********************************************************************** DDN Security Bulletin 90-01 DCA DDN Defense Communications System 25 Jan 90 Published by: DDN Security Coordination Center (SCC@NIC.DDN.MIL) (800) 235-3155 DEFENSE DATA NETWORK SECURITY BULLETIN *********************************************************************** SECURITY VIOLATION REPORTING a. Initial Notification. Any DDN user (person/department/agency) having knowledge of a suspected network security violation must contact the appropriate Defense Communications Agency OC/ACOC (Operations Center/Area Communications Operations Center) to report the violation. If possible, reporting should be via secure means. Secure and commercial telephone numbers to DCA Operations Centers are: WESTHEM/CONUS OC has KY3-2222; STU III (DSN) 312-746-1849; (COMM) 202-692-5726/2268 or 1-800-451-7413. PACIFIC ACOC has STU III (DSN) 315-456-2777; (COMM) 808-656-2777. EUROPEAN ACOC has KY3-6429; STU III (DSN) 314-430-5703; (COMM) 49-0711-680-5703. The SCO or MC supervisor will request the following information: (1) Identity of caller: -What is caller's name and phone number -Where is caller calling from (organization) -Where is caller calling from (city & state) -What is the caller's DDN network address (2) Details about the incident: -When did the violation occur -What happened -How did the violation occur (if known) -What damage was done -What has the subscriber done about the violation -What networks are they connected to -What software is being used - Version -How many subscribers are known to be affected -How many subscribers are vulnerable (if known) -Who else has been notified - Names & phone numbers (3) Anything else the caller wishes to report Once a suspected violation is reported and the above information collected, the PACIFIC and EUROPEAN ACOCs will immediately relay this information back to the DCAOC (WESTHEM/CONUS) for action. b. Follow-on Network Information via the Security Coordination Center. DCA, through direction provided by the DDN Network Security Officer (NSO), will provide rapid and reliable follow-on information on security exposures, fixes, and concerns via the SCC. Distribution of information is accomplished via DDN Security Bulletins. Network security and management personnel are encouraged to pay close attention to these bulletins as they may be of great assistance either in preventing network security problems or in solving existing problems. DDN Security Bulletins will be published on as "as needed" basis. Note: this bulletin starts a new numbering scheme for DDN Security Bulletins. From now on, all bulletin numbers, including those of previously issued bulletins, will follow the form YY-NN, where YY is the year the bulletin is issued and NN is the number of the bulletin for that year. Thus, this is DDN Security Bulletin 90-01; it is online at NIC.DDN.MIL as SCC:DDN-SECURITY-90-01. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020105063900> Date: Thu, 1 Feb 90 13:06:39 PST From: faigin@aerospace.aero.org Subject: Call for Papers --> 6th Annual Computer Security Applications Conf. To: security@rutgers.edu CALL FOR PAPERS AND PARTICIPATION Sixth Annual Computer Security Applications Conference December 3-7, 1990 Tucson, Arizona The Conference Operational requirements for civil, military, and commercial systems increasingly stress the necessity for information to be readily accessible. The Computer Security Act of 1987 requires that all Federal agencies take certain actions to improve the security and privacy provided by federal computer systems. Accomplishing both operational and security requirements requires the application of the maturing technology of integrated information security to new and existing systems throughout their life cycle. This conference will explore technology applications for both civil and military systems; the hardware and software tools and techniques being developed to satisfy system requirements; and specific examples of systems applications and implementations. Security policy issues and standards will also be covered during this five day conference. Papers, Tutorials, and Vendor Exhibits Technical papers and tutorials that address the application of integrated information security technologies in the civil, defense, and commercial environments are solicited. Original research, analyses and approaches for defining the computer security issues and problems identified in the Conference's interest areas; secure systems in use or development; methodological approaches for analyzing the scope and nature of integrated information security issues; and potential solutions are of particular interest. We are also interested in vendor presentations of state-of-the-art information security products. INSTRUCTIONS TO AUTHORS: Send five copies of your paper or panel proposal to Dr. Ronald Gove, Program Chairman, at the address given below. Tutorial proposals should be sent to Dr. Dixie Baker at the address given below. We provide "blind" refereeing; put names and affiliations of authors on a separate cover page only. It is a condition of acceptance that manuscripts submitted have not been published. Papers that have been accepted for presentation at other conferences should not be submitted. Papers and tutorial proposals must be received by May 18, 1990. Authors will be required to certify prior to June 20, 1990, that any and all necessary clearances for publication have been obtained, that they will attend the conference to deliver the paper, and that the paper has not been accepted elsewhere. Authors will be notified of acceptance by July 30, 1990. Camera ready copies are due not later than September 19, 1990. Material should be sent to: Dr. Ronald A. Gove Dr. Dixie B. Baker Technical Program Chair Tutorial Program Chair Booz-Allen & Hamilton Inc. The Aerospace Corporation 4330 East-West Highway P.O. Box 92957, MI/005 Bethesda, MD 20814 Los Angeles, CA 90009 (301) 951-2395 (213) 336-7998 Gove@dockmaster.ncsc.mil baker@aerospace.aero.org Areas of Interest Include: GOSIP C3I Systems ISO/OSI Security Architecture Policy and Management Issues Advanced Architectures SDNS Trusted DBMSs and Operating Risk/Threat Assessments Systems Network Security Public Law 100-235 Medical Records Security Current and Future Trusted State-of-the-Art System Technology Trusted Products Space Station Requirements Certification, Evaluation, and Accreditation Reviewers and Prospective Conference Committee Members Anyone interested in participating as a reviewer of the submitted papers, please contact Dr. Ron Gove at the address given above. Those interested in becoming members of the conference committee should contact Dr. Marshall Abrams at the address below. Additional Information For more information or to receive future mailings, please contact the following at: The MITRE Corporation Marshall Abrams 7525 Colshire Drive Conference Chairman McLean, VA 22102 (703) 883-6938 abrams@mitre.org Diana Akers or Victoria Ashby Publicity and Publication Chairs (703) 883-5907 or (703) 883-6368 akers%smiley@gateway.mitre.org ashby%smiley@gateway.mitre.org ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020109140000> Date: Thu, 1 Feb 90 15:14 CST From: david paul hoyt Subject: RE: Request for help To: security@pyrite.rutgers.edu > I would like to know the titles of a few books I would recommend browsing through the papers from the 'IEEE Symposium on Security and Privacy.' There are good survey articles, as well as more vertical papers. The (delivered) papers are also an excellent source of references to other articles. david | dhoyt@vx.acs.umn.edu ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002172346.AA11818@ucbarpa.Berkeley.EDU] <1990020122202000> From: simsong@prose.cambridge.ma.us (Simson L. Garfinkel) Newsgroups: misc.security Subject: Sequential allocation of resource handles Message-ID: <9002172346.AA11818@ucbarpa.Berkeley.EDU> Date: 1 Feb 90 22:20:20 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 22 Approved: security@rutgers.edu Posted: Thu Feb 1 23:20:20 1990 Sequential allocation of UIDs is not a problem (UIDs are allocated by the system administrator, not by the kernel). On a computer system with mixed security levels (ie: running both top-secret and unclassified processes), you could use the fact that seqeuntial pid's are allocated as a means of communication between a covert process at the top-secret classification level and an unclassified process. The covert sending process could fork 20 times (killing the parent) in a 10 second period to signify a '1', and fork not at all to indicate a '0'. To receive the bits (assuming that the 'ps' command is forbidden for security reasons), the receiving process could fork once (killing the parent), and then measure what the increment of its pid is, comparing it with the background increment. You could use an error correction scheme to improve reliability. Not the highest baud rate, but it is information transfer. I do not think that you could earn a B2 rating if you had this chanel open. Simson L. Garfinkel The Christian Science Monitor simsong@prose.cambridge.ma.us 617-450-2480 ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002172230.AA11104@ucbarpa.Berkeley.EDU] <1990020221535000> From: faatzd@TURING.CS.RPI.EDU (Don Faatz) Newsgroups: misc.security Subject: Re: Blown Card Key Unit Message-ID: <9002172230.AA11104@ucbarpa.Berkeley.EDU> Date: 2 Feb 90 21:53:50 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 13 Approved: security@rutgers.edu Posted: Fri Feb 2 22:53:50 1990 Another interesting aspect of card key systems is determining what they should do if power to them does fail. Usually it is undesirable to have them power off to unlocked because that blows security. On the other hand, a very scary thing happened to me at one job site - the power failed, the key locks powered off to LOCKED - but there was no way to UNLOCK the doors manually from inside. 100 people were locked INSIDE the 4th floor of an office building - all fire exits were OUTSIDE the locked doors. We were very secure - but not very safe...... < Date: 2 Feb 90 22:34:20 GMT From: virtech!jje@uunet.uu.net (Jeremy J. Epstein) Subject: Re: Request for help To: misc-security@uunet.uu.net Try "Cryptography & Data Security" by Dorothy Denning, (c) about 1982 (Addison Wesley, I think, but I'm not sure). An excellent introduction to the subject, with many good references. I took it as a course from Dorothy at Purdue, and was not disappointed! -- Jeremy Epstein TRW Systems Division 703-876-4202 jje@virtech.uu.net ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002202358.AA04288@ucbarpa.Berkeley.EDU] <1990020514244300> From: AZM@CU.NIH.GOV Newsgroups: misc.security Subject: Re: criminal intelligence Message-ID: <9002202358.AA04288@ucbarpa.Berkeley.EDU> Date: 5 Feb 90 14:24:43 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 15 Approved: security@rutgers.edu Posted: Mon Feb 5 15:24:43 1990 > I often wonder if there are people who make a living > as a criminal and we just do not know it. Now you've got the idea. If they are smart, and successful, then they are also annonymous. Smart criminals don't make mistakes, don't get caught, and live very comfortable lives. As a sidecar to the above, consider the intelligent, capable burglar. He breaks into homes that contain valuable artifacts, and usually steals only the most valuable items. How does the burglar know where the good stuff is, and how does he know which are the most valuable items? That's the sort of information only an insurance company, or a police force, through its Operation ID, would have available. Kokkor Hekkus ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020705150600> Date: Wed, 07 Feb 90 10:15:06 EST From: "Paul T. Winkfield" Subject: Re: criminal intelligence To: security@pyrite.rutgers.edu I notice the same thing that Jim had mentioned, what criminals take advantage of are people/organizations who often do stupid things that allow crimes to be committed ie: leaving car keys in car; open windows; faulty audit practices, etc. Here in Philly there are known families who's sole career is thief. Who is less intelligent; the drug seller or user? I hate people who goes around yelling about intelligence levels of any group; in my book; getting caught committing the crime is stupidity. Now everyone say Watergate!!! No6..The Prisoner ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020714040400> Date: Wed, 7 Feb 90 22:04:04 PST From: Cassius_Gaius_Longinus@cc.sfu.ca Subject: cordless privacy To: security@pyrite.rutgers.edu I am no lawyer, but I think you ony need the consent of one of the parties in order to legally record a phone conversation - at least that is the case here in Canada. So, if it's ok for the LEA to tape the end being 'broadcasted', the 'right' extends to the other party, no? ~~~~ BITNET: usereaxe@sfu; INTERNET/ARPA: cassius_longinus@cc.sfu.ca UUCP: ...!ubc-cs!cc.sfu.ca!cassius_longinus If all else fails: CIS: 73040,2210; or a1254@mindlink.uucp Disclaimer:I work for myself. I stand behind my words! SO THERE! 'Cute' remark:"Every law is an infraction of liberty." -- Jeremy Bentham ~~~~ ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020715200000> Date: Wed, 07 Feb 90 21:20 CST From: GREENY Subject: Remote Alarm systems To: > ...connect to a central office via phone lines... Nope, not any more. Now Ademco has a long range wireless xmitter (two way, or one way) which hooks up to your alarm system and can act as the stand alone transmission device or as a redundant circuit to the phone line connection. Basically, in the one way connection, the xmitter sits idle if not triggered and does nothing (except send in an ACK signal to tell the receiver at the central station "I'm Here, everything's cool"), until the alarm is triggered. When the alarm is triggered it sends the account #, and "popped" zone over the radio waves (about 900 MHz), and is repeated by local "nodes" till received by the CS.... The two way model is continously sending Acks back and forth to the CS, but has a 6 minute "drop out" window in case of intereference.....costs more to monitor per month, but is twice as secure.....something like a UL AA rating... bye for ow but not for long... Greeny ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020802281100> Date: Thu, 8 Feb 90 10:48:11 -0500 (EST) From: Thomas Neudecker Subject: Caller ID To: security@pyrite.rutgers.edu Recently I have been having some annoying people trying to breakin to a BBoard. This/these people come in via a modem. Now that Bell is providing caller id service in some areas I was wondering if I could capture the number of the caller and add it to the activity log I keep. Most of the normal caller id boxes only store the last three numbers so adding it would only be a partial solution. How does caller id work? Can the signal be captured via a modem? Is it prefixed to the first or to all packets? Tom Neudecker Carnegie Mellon ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020805231300> Date: Thu, 8 Feb 90 10:23:13 EST From: shz@packard.att.com (Seth Zirin) Subject: Re: cop detectors To: misc-security@att.att.com >Would it be possible to build a police radio detector that detected >the emissions from the local oscillators of the radios? This would be pretty sophisticated gear. Police use several VHF and UHF bands and civilian radios operate within fairly close range of the police frequencies. Detecting police while ignoring tow trucks, buses and utility company radios would require selective detection of many frequency ranges on several bands. Seth Zirin ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020806005000> Date: Thu, 08 Feb 90 12:00:50 CST From: Ed finnell Subject: Re: RACF databases on electronic disk To: security@pyrite.rutgers.edu SSD stands for solid state device as opposed to spinning ferrous oxide. Think STK SSD are backed by spinning Winchesters or the like. Anybody who puts precious stuff on this type device is asking for big trouble. They break a lot. If they insist on doing this,I can only address paging and RACF. Should use as secondary paging only, newer levels of VM figure out which devices are responding and eventually start using "better thruput" devices. If used as primary can't IPL when they fail(and they will). Haven't seen a shop where RACF was a large enough bottleneck to risk this. Don't think they're even going to put RACF on them just some "look up" files. Cached devices like IBM 3880-23 or 3990-3 provide sufficient performance for RACF datasets on a "properly tuned" storage farm. This type of outage is a small concern to us, but valid. RACF runs a secondary database that we can switch to on the fly should we lose the primary RACF volume. We also make regular copies of the databases and could do standalone restores if required. Further, a new feature of the 3990 is dual write capability. That is while updating files on a volume the same files are updated on the clone. Should anything happen to primary, the clone automagically kicks in. Being of the conservative ilk, waiting to see who's tried this(successfully) ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020807450000> Date: Thu, 8 Feb 90 12:45 EST From: WHMurray@dockmaster.ncsc.mil Subject: Answerback To: security@rutgers.edu >This is a purplexing problem ... why do manufacturers still >put an answerback buffer in computer terminals ... The complete answer to this question will have to await a day when I have more time. The short answer is that both de facto and de jure standards require it. Note also that there are more than ten milllion terminals and another ten million terminal emulators with this "feature" already deployed; nothing that the vendors do now is likely to have any effect on the exposure for a decade or more. William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020809450000> Date: Thu, 8 Feb 90 15:45 CST From: douglas@ddsw1.mcs.com (Douglas Mason) Subject: Credit Card Fraud... To: misc-security@rutgers.edu Something interesting that I heard was going on at [eastern college] was that a couple of students were able to get a hold of a credit-card magnetic stip recorder somehow. They also stole purses, wallets, anything that they could get their hands on that had credit cards in it. After doing the above, they would dig through dumpsters (we all know that story) and pick up carbons or other receipts that have credit card numbers on them, and make a list of valid card numbers. Using the encoding machine, they then erased the old card number off of the magnetic strip (which had probably been reported stolen by this time) and encoded on that same strip one of the card numbers that they had picked up out of the dumpsters. So now they have say a MasterCard with an invalid number embossed on the front of it, and a different-but-valid account on the magnetic strip. What good is this? Plenty good for the clever thief! They then went into shopping malls or anywhere that the credit-card validation machines were the all-too-familiar "slide the card through and read the number off the mag strip" type. The merchant would authorize the card successfully and get an approval code, then run the card though and get a paper receipt. The merchants never check the card number on the authorization machine display and compare it to that of the card! When the merchants send in the credit card slips to the bank, they of course come back, and I imagine it takes a long time to figure out what exactly happened. Merchants beware! -Douglas Mason -- Douglas T. Mason | douglas@ddsw1.UUCP or dtmason@m-net | ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002212349.AA04081@ucbarpa.Berkeley.EDU] <1990020815302900> From: shz@packard.att.com (Seth Zirin) Newsgroups: misc.security Subject: Re: Break-In, Are You Vunerable ??? Message-ID: <9002212349.AA04081@ucbarpa.Berkeley.EDU> Date: 8 Feb 90 15:30:29 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 8 Approved: security@rutgers.edu Posted: Thu Feb 8 16:30:29 1990 >They got in through the ceiling. Turns out that our walls only extended >up to the suspended ceiling, not the real ceiling a few feet above that. A motion detector like a curtain PIR (passive infrared) can easily detect this type of intrusion. Curtains can protect ceilings and walls and even create protected areas or zones within an otherwise open room. Seth Zirin ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003010245.AA02578@ucbarpa.Berkeley.EDU] <1990020818005000> From: EFINNELL@ua1vm.BITNET (Ed finnell) Newsgroups: misc.security Subject: Re: RACF databases on electronic disk Message-ID: <9003010245.AA02578@ucbarpa.Berkeley.EDU> Date: 8 Feb 90 18:00:50 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 22 Approved: security@rutgers.edu Posted: Thu Feb 8 19:00:50 1990 SSD stands for solid state device as opposed to spinning ferrous oxide. Think STK SSD are backed by spinning Winchesters or the like. Anybody who puts precious stuff on this type device is asking for big trouble. They break a lot. If they insist on doing this,I can only address paging and RACF. Should use as secondary paging only, newer levels of VM figure out which devices are responding and eventually start using "better thruput" devices. If used as primary can't IPL when they fail(and they will). Haven't seen a shop where RACF was a large enough bottleneck to risk this. Don't think they're even going to put RACF on them just some "look up" files. Cached devices like IBM 3880-23 or 3990-3 provide sufficient performance for RACF datasets on a "properly tuned" storage farm. This type of outage is a small concern to us, but valid. RACF runs a secondary database that we can switch to on the fly should we lose the primary RACF volume. We also make regular copies of the databases and could do standalone restores if required. Further, a new feature of the 3990 is dual write capability. That is while updating files on a volume the same files are updated on the clone. Should anything happen to primary, the clone automagically kicks in. Being of the conservative ilk, waiting to see who's tried this(successfully) ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020818480000> Date: Thu, 8 Feb 90 23:48 EST From: Dan Wheeler Subject: WordPerfect file encryption To: security@pyrite.rutgers.edu An article by John Bennett (_Cryptologia_, October, 1987) showed that the encryption algorithm used by WordPerfect 4.2 was simple to break. It is equivalent to a Vigenere cipher with some minor complications added. I have verified that WordPerfect 5.0 uses the same algorithm. I don't yet have version 5.1, but I certainly don't expect it to be any different. Peace, Dan Wheeler ** Daniel D. Wheeler Internet: wheeler@ucbeh.san.uc.edu ** ** University of Cincinnati Bitnet: wheeler@ucbeh ** ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002221504.AA15690@ucbarpa.Berkeley.EDU] <1990020820110000> From: tihor@ACF4.NYU.EDU (Stephen Tihor) Newsgroups: misc.security Subject: Re: Computer Abuse / Product Liability / Criminal Statutes / ECPA Message-ID: <9002221504.AA15690@ucbarpa.Berkeley.EDU> Date: 8 Feb 90 20:11:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 12 Approved: security@rutgers.edu Posted: Thu Feb 8 21:11:00 1990 I am unsure of the vulnerability in DEC's standard software releases to the Morris worm. REgardless you message seems to imply that intent is a key. As with Trespass, Reckless Driving, Manslaughter, Vehicular Homicide, there are cases where intent is only an ameliorating condition, the underlying fault remains. If the result was minor no reasonable person prosecutes. If the impact was major then that level of negligence is still deserving of criminal penalties. In our society there is a requirement that we act responsibily. If we can not we should not participate or should expect to be punished for actions which harm others. All we need are some good electronic analogues for property rights in world of perfectly fungible and intangible documents and premises. ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9002281130.AA11447@ucbarpa.Berkeley.EDU] <1990020821450000> From: douglas@ddsw1.mcs.com (Douglas Mason) Newsgroups: misc.security Subject: Credit Card Fraud... Message-ID: <9002281130.AA11447@ucbarpa.Berkeley.EDU> Date: 8 Feb 90 21:45:00 GMT Sender: usenet@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 37 Approved: security@rutgers.edu Posted: Thu Feb 8 22:45:00 1990 Something interesting that I heard was going on at [eastern college] was that a couple of students were able to get a hold of a credit-card magnetic stip recorder somehow. They also stole purses, wallets, anything that they could get their hands on that had credit cards in it. After doing the above, they would dig through dumpsters (we all know that story) and pick up carbons or other receipts that have credit card numbers on them, and make a list of valid card numbers. Using the encoding machine, they then erased the old card number off of the magnetic strip (which had probably been reported stolen by this time) and encoded on that same strip one of the card numbers that they had picked up out of the dumpsters. So now they have say a MasterCard with an invalid number embossed on the front of it, and a different-but-valid account on the magnetic strip. What good is this? Plenty good for the clever thief! They then went into shopping malls or anywhere that the credit-card validation machines were the all-too-familiar "slide the card through and read the number off the mag strip" type. The merchant would authorize the card successfully and get an approval code, then run the card though and get a paper receipt. The merchants never check the card number on the authorization machine display and compare it to that of the card! When the merchants send in the credit card slips to the bank, they of course come back, and I imagine it takes a long time to figure out what exactly happened. Merchants beware! -Douglas Mason -- Douglas T. Mason | douglas@ddsw1.UUCP or dtmason@m-net | ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020901201200> Date: Fri, 09 Feb 90 09:20:12 PLT From: "Craig A. Summerhill" Subject: -- To: SECURITY@OHSTVMA I'm interested in finding a piece of software which can be used on DOS machines and run from the AUTOEXEC.BAT on startup that will disable the -- key sequence on the keyboard and prevent a warm boot to a machine. Is there such a piece of software (hopefully in the public domain or shareware markets)? Please send responses directly to me. Thanx in advance. : Craig A. Summerhill BITNET: SUMMERHI@WSUVM1 : : Assistant Systems Librarian Internet: SUMMERHI@wsuvm1.csc.wsu.edu : [Moderator tack-on: I was recently cruising Simtel and saw reference to such an item, with .asm source, I believe.. _H*] ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020902475300> Date: Fri, 9 Feb 90 09:47:53 MST From: jimkirk@outlaw.uwyo.edu (James Kirkpatrick) Subject: Privacy and cordless phones (was Re: Privacy) To: security@pyrite.rutgers.edu, faatzd@turing.cs.rpi.edu >A recent court decision held that conversations on cordless telephones are >not subject to "expected privacy" as are conversations on telephones with >cords. Hence, police can simply LISTEN to cordless telephone conversations The catch here is that it is not illegal to listen to the broadcast conversation, but it IS illegal to disclose any information you obtain. Reference the Communications Act of 1934. For example I can hear someone say "OK, drop the illegal controlled substance under the bridge and I will pick it up" but it is illegal for me to call the police and describe the pending transaction. Likewise it is illegal for the police to disclose, as evidence in court or for a search warrant, such information. It is not impossible for them to select their actions based on this info, though, such as stopping him for speeding on his way back from the pick-up and searching the car if he acts strangely. At least, that's my interpretation of the Act. It does not seem to be enforced very well of late. For example, when recording a phone call you are supposed to superimpose a beep to let the other party know the conversation is being recorded, but most (recorded) phone-in radio/TV shows do not do this (they did in the late 50's and early 60's). If my understanding of the Act is correct, the privacy is in fact surrendered but only as far as the person doing the original eavesdropping. It is illegal to record or disclose. But the first person might be taping the call or even pumping it over the company intercom, for all the second person knows! ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020902550000> Date: Fri, 9 Feb 90 07:55 EST From: Kilgallen@dockmaster.ncsc.mil Subject: Answerbacks / Vendor Liability To: security@pyrite.rutgers.edu > o I believe the law should be changed to match the anti gun statutes > ... "USE A COMPUTER IN THE COMMISSION OF A FELONY: GO TO JAIL" ... Would not a simpler rule be "Commit a felony: go to jail"? Why involve computers in the discussion? > Obligatory hacking report: I am trying to fix a generic security problem > involving the triggering of data terminal answerback buffers by whatever DEC reported repairing this vulnerability somewhere in the VMS V3 time frame (at least 5 years ago) with respect to the MAIL utility by screening text and not transmitting arbitrary control characters to recipient terminals. Since the author suggests that the "user authorization program" was originally protected against end-user access, presumably the operating system environment is not standard VMS (where the *program* allows world read). Using that technique for any programs whose output can be controlled by another user would be my suggestion. Of course nothing is going to protect the privileged user who chooses to *run* a program from an untrusted source, since that program might trigger the answerback itself or might fail to screen user data for arbitrary control characters. > FINAL COMMENT: The INTERNET virus should be treated as a product liability > question. In my opinion, DEC and SUN should pay the cost of the cleanup I was under the impression that the released version of Ultrix (the version of UNIX sold by DEC) did not have the sendmail debugging feature turned on, while some other versions of UNIX which run on VAXen did have it turned on. Restricting discussion for a moment to the vulnerability introduced by that feature(?), "Who ya gonna sue?". Do UNIX fans think the Trustees of U.C. Berkeley would allow the organization to release any software if there were such financial risks involved? > another ... is only detracting from the central fact -- today's vendors are > incapable of producing computer products without significant security (and > for that mater day to day operational) defects. Not the least factor influencing vendors is user insistance on wart-for-wart compatibility between UNIX systems. Even VMS-only users get hit if they choose the C programming language because of many bugs/misfeatures which are present in the run-time library solely to make the environment "like-UNIX". Maintaining a particular operating system definition can be incompatible with avoiding security or operational defects. The customer base cannot constrain vendors with mutually exclusive conditions. Larry Kilgallen ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020904425800> Date: Fri, 09 Feb 90 10:42:58 MDT From: "Bruce A. Carter" Subject: Re: Home security To: security@pyrite.rutgers.edu Regarding window grates, what are the options these days in security versus being able to get out from the inside quickly in case of fire or similar problem during which one would not want to be trapped inside the structure? It seems to me, in just a naive assessment, that anything that improves one of these criteria damages the other? Bruce A. Carter, Courseware Development Coordinator = Boise State University "It is intuitively obvious to the most casual observer"= 1910 University Drive ======================================================== Boise, ID 83725 InterNet/Domain: duscarte@idbsu.idbsu.edu = Office: (208) 385-1250 CREN (BITNet): duscarte@idbsu [] CompuServe: 76666,511 = Lab: (208) 385-1859 ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003010051.AA00477@ucbarpa.Berkeley.EDU] <1990020904480000> From: WHEELER@UCBEH.SAN.UC.EDU (Dan Wheeler) Newsgroups: misc.security Subject: WordPerfect file encryption Message-ID: <9003010051.AA00477@ucbarpa.Berkeley.EDU> Date: 9 Feb 90 04:48:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 11 Approved: security@rutgers.edu Posted: Fri Feb 9 05:48:00 1990 An article by John Bennett (_Cryptologia_, October, 1987) showed that the encryption algorithm used by WordPerfect 4.2 was simple to break. It is equivalent to a Vigenere cipher with some minor complications added. I have verified that WordPerfect 5.0 uses the same algorithm. I don't yet have version 5.1, but I certainly don't expect it to be any different. Peace, Dan Wheeler ** Daniel D. Wheeler Internet: wheeler@ucbeh.san.uc.edu ** ** University of Cincinnati Bitnet: wheeler@ucbeh ** ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020907453100> Date: Fri, 09 Feb 90 13:45:31 CST From: Gregg Grosshans Subject: Re: Computer Abuse / Product Liability / Criminal Statutes / ECPA To: security@pyrite.rutgers.edu Last fall at the Univ. of NE-Lincoln several students used there class (computer) accounts in one of the computer user rooms to telnet (via tcp/ip) to a computer over in Europe. That alone isn't a crime or illegal, anyone with an account can telnet where ever they want to as long as they have permission to use another computer. What they did though was play a computer game on this Europe computer (via telnet) with other users across the country and also Europe. They were caught and subjected to the Student Code conduct and the director of the University computing resources wasn't to happy that they were playing games. Now when one enters a computer user room s/he clearly sees bold sign posted stating that Hacking or game playing on university computers is more or less illegal. My thought is that those are loose terms and often applied and read in the general public. What is Hacking? Is it what people did in the late 70's with Apple II computers or Macs? Is it righting efficient code (theres plenty of people, to many that is, that right sloppy code)? Is it an intermidiate step between a new computer user and a computer guru? Is it somebody who writes in assembler or rights code(works) at very odd hours during the day? Hacking is a very non-descriptive word and must not be used or that the context its used in must be the descriptive part, which makes using the term "hacker" unnecessary. But the public has come to notice "hacker" as an icon for, corrupt, evil, criminal oriented, etc.... is what a believe a hacker was not in the mid and late 70's. ********************************************************** * : * * GREGG GROSSHANS :SR. METEOROLOGY / CLIMATOLOGY * * :___________________________________* * AGME003@UNLVM UNIV. OF NE-LINCOLN * * * ********************************************************** ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003010404.AA04227@ucbarpa.Berkeley.EDU] <1990020912550000> From: Kilgallen@dockmaster.ncsc.mil Newsgroups: misc.security Subject: Answerbacks / Vendor Liability Message-ID: <9003010404.AA04227@ucbarpa.Berkeley.EDU> Date: 9 Feb 90 12:55:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 47 Approved: security@rutgers.edu Posted: Fri Feb 9 13:55:00 1990 > o I believe the law should be changed to match the anti gun statutes > ... "USE A COMPUTER IN THE COMMISSION OF A FELONY: GO TO JAIL" ... Would not a simpler rule be "Commit a felony: go to jail"? Why involve computers in the discussion? > Obligatory hacking report: I am trying to fix a generic security problem > involving the triggering of data terminal answerback buffers by whatever DEC reported repairing this vulnerability somewhere in the VMS V3 time frame (at least 5 years ago) with respect to the MAIL utility by screening text and not transmitting arbitrary control characters to recipient terminals. Since the author suggests that the "user authorization program" was originally protected against end-user access, presumably the operating system environment is not standard VMS (where the *program* allows world read). Using that technique for any programs whose output can be controlled by another user would be my suggestion. Of course nothing is going to protect the privileged user who chooses to *run* a program from an untrusted source, since that program might trigger the answerback itself or might fail to screen user data for arbitrary control characters. > FINAL COMMENT: The INTERNET virus should be treated as a product liability > question. In my opinion, DEC and SUN should pay the cost of the cleanup I was under the impression that the released version of Ultrix (the version of UNIX sold by DEC) did not have the sendmail debugging feature turned on, while some other versions of UNIX which run on VAXen did have it turned on. Restricting discussion for a moment to the vulnerability introduced by that feature(?), "Who ya gonna sue?". Do UNIX fans think the Trustees of U.C. Berkeley would allow the organization to release any software if there were such financial risks involved? > another ... is only detracting from the central fact -- today's vendors are > incapable of producing computer products without significant security (and > for that mater day to day operational) defects. Not the least factor influencing vendors is user insistance on wart-for-wart compatibility between UNIX systems. Even VMS-only users get hit if they choose the C programming language because of many bugs/misfeatures which are present in the run-time library solely to make the environment "like-UNIX". Maintaining a particular operating system definition can be incompatible with avoiding security or operational defects. The customer base cannot constrain vendors with mutually exclusive conditions. Larry Kilgallen ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990020913305200> Date: Fri, 9 Feb 90 18:30:52 EST From: Doug Humphrey Subject: vault doors, was: locks To: "kelly@UTS.AMDAHL.COM"@mintaka.lcs.mit.edu Cc: misc-security@ames.arc.nasa.gov One thing to watch out for with thermic lances and/or plasma things if you are trying to open a safe; it will blow your whole approach if you manage to set off the smoke/heat detectors and call the fire department... ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003020538.AA06682@ucbarpa.Berkeley.EDU] <1990020916425800> From: DUSCARTE@IDBSU.IDBSU.EDU ("Bruce A. Carter") Newsgroups: misc.security Subject: Re: Home security Message-ID: <9003020538.AA06682@ucbarpa.Berkeley.EDU> Date: 9 Feb 90 16:42:58 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 11 Approved: security@rutgers.edu Posted: Fri Feb 9 17:42:58 1990 Regarding window grates, what are the options these days in security versus being able to get out from the inside quickly in case of fire or similar problem during which one would not want to be trapped inside the structure? It seems to me, in just a naive assessment, that anything that improves one of these criteria damages the other? Bruce A. Carter, Courseware Development Coordinator = Boise State University "It is intuitively obvious to the most casual observer"= 1910 University Drive ======================================================== Boise, ID 83725 InterNet/Domain: duscarte@idbsu.idbsu.edu = Office: (208) 385-1250 CREN (BITNet): duscarte@idbsu [] CompuServe: 76666,511 = Lab: (208) 385-1859 ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003020712.AA07829@ucbarpa.Berkeley.EDU] <1990021002460000> From: blackcat@NEURO.USC.EDU Newsgroups: misc.security Subject: Re: Field service spying? Message-ID: <9003020712.AA07829@ucbarpa.Berkeley.EDU> Date: 10 Feb 90 02:46:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 20 Approved: security@rutgers.edu Posted: Sat Feb 10 03:46:00 1990 >I recently got a command file called SW_INVENTORY.COM which was written >by DEC to be run by field service people to give a complete inventory >of all DEC software running on a machine. It looks for images, IF DEC FIELD SERVICE ENGINEERS ARE USING THEIR ACCESS TO YOUR SYSTEM FOR ANYTHING OTHER THAN RUNNING HARDWARE/FIRMWARE DIAGNOSTICS AND PERFORMING ROUTINE SYSTEM MAINTENANCE THEY MAY BE CHARGED UNDER AN EVER INCREASING NUMBER OF STATE AND FEDERAL COMPUTER CRIME LAWS ... AS WELL AS SUFFERING CIVIL ACTION FOR UNAUTHORIZED ACCESS, INVASION OF PRIVACY AND DISCLOSURE OF CONFIDENTIAL INFORMATION. It is understandable that a computer vendor might seek to police unauthorized distribution of their software, gather intelligence about competing vendor software installations on their iron, and learn more about customer needs in general. However, DEC should come in the front door and request this information in a straightforward way; they should not sneak in the back door to steal data like thieves in the night. IF YOU FIND SOME DEC PERSON ACTUALLY RUNNING SUCH A SCRIPT ON YOUR MACHINE ... CALL YOUR REGIONAL MARKETING MANAGER RIGHT AWAY ... AND MAKE IT CLEAR THAT THERE IS NO ACCEPTABLE REASON FOR SUCH BEHAVIOUR ... BETTER YET, LOOK INTO THIRD PARTY MAINTENANCE FROM SOMEONE WHO HAS A BETTER UNDERSTANDING ABOUT THE MEANING OF CUSTOMER CONFIDENTIALITY. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021007580000> Date: Sat, 10 Feb 90 15:58 PST From: "Ned Freed, Postmaster" Subject: Re: Field service spying? To: security@pyrite.rutgers.edu I'd very much like to have a copy of SW_INVENTORY.COM myself to aid in tracking software usage. We, like many other college sites, have blanket licenses for pretty much all the software DEC sells. We are, however, required to monitor its installation and usage on our various systems and report it to DEC. The problem is that our systems are managed by a large number of people, with varying degrees of ability/responsibility/ authority. It would be a real help if we could run something that would simply tell us what's installed, rather than relying on reports that are often forgotten or incorrect. PAKs don't help much since DEC in their wisdom provides product PAKs in an all-or-nothing fashion. It is the actual installation of the software that counts, not the PAK. As far as DEC is concerned, I fail to see how SW_INVENTORY.COM would tell them much. With the advent of CD-ROM distributions, you can install practically anything DEC sells without actually being able to use it. I suspect that this is the reason SW_INVENTORY.COM has fallen into disuse, rather than concerns about customer security. Insofar as this represents a breach of security, if you're relying on lack of physical access to prevent this sort of traffic analysis, you're dreaming. Assuming that you're honest and you're not running software you're not entitled to use, DEC's own records of software sales to you are probably a more reliable indication of what you're doing. I suppose you could pretend to buy the software for some other system (which may well be illegal), but in the long run, do you seriously think you can fool people? Note also that the software you have may in fact be a red herring; I think a look at stuff like the usernames, load averages, programs used (especially accounting logs), and so forth would be a much better place to start nosing around. And it may not be practical to deny your vendor access to this sort of information (e.g. a bug which only manifests itself under load -- I practically never see any other kind these days, now that static analysis of program code is so good). Ned Freed ned@ymir.claremont.edu ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021008200000> Date: 10 Feb 90 18:20 -0600 From: Ken Wallewein Subject: Re: Field service spying? To: Cc: > I recently got a command file called SW_INVENTORY.COM which was written I certainly wouldn't want such a program run on my system without my permission. On the other hand, there's not a lot that's beyond the reach of the FIELD account. Which is why ours is normally DISUSERed (disabled) -- that way, I know when it's being used, and why. A while ago I wrote a newsletter article lambasting DEC for not providing such tools as part of standard system software. If you know how I could get a copy, I'd appreciate the information. /kenw Ken Wallewein A L B E R T A kenw@noah.arc.cdn R E S E A R C H (403)297-2660 C O U N C I L ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021016421500> Date: Sun, 11 Feb 90 01:02:15 -0500 From: don@cs.umd.edu (Don Hopkins) Subject: Computer Abuse / Product Liability / Criminal Statutes / ECPA To: blackcat@neuro.usc.edu Cc: security@pyrite.rutgers.edu >> [...] updating the old X10 server for the ibm/pc to work with X11R4, etc. Yeah, right. Might as well have them fill in the Grand Canyon using a pair of tweezers. How about having Robert Morris implement the Gnu kernel? I'm sure he's bright enough to come up with a very secure system (much to rms's disgust). So secure that only he would know the loopholes. Morris would be dead meat if his daddy didn't work for the NSA. One of the first patches for sendmail that was sent around to keep the Internet worm out was to edit the sendmail binary changing the 'D' in "DEBUG" to '\0', so the DEBUG command wouldn't work any more. Well that stopped the worm, but it made the null string invoke the debug command. I noticed this a couple days after the worm, when I telneted to sun.com port 25, to EXPN a user name of somebody on a mailing list I run, hit CR a couple of times to make sure sendmail was listening, and did the EXPN. It spit back huge ammounts of debugging information! Of course I promptly notified the appropriate people at Sun so they could put the right fix in. Sheez. -Don ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021019020000> Date: Sun, 11 Feb 90 00:02 EST From: Subject: FOIA Jewel: Original Charter of the National Security Agency To: hobbit@pyrite.rutgers.edu At 12:01 ON the morning of November 4, 1952, a new federal agency was born. Unlike other such bureaucratic births, however, this one arrived in silence. No news coverage, no congressional debate, no press announcement, not even the whisper of a rumor. Nor could any mention of the new organization be found in the Government Organization Manual of the Federal Register or the Congressional Record. Equally invisible were the new agency's director, its numerous buildings, and its ten thousand employees. Eleven days earlier, on October 24, President Harry S Truman scratched his signature on the bottom of a seven-page presidential memorandum addressed to secretary of State Dean G. Acheson and Secretary of Defense Robert A. Lovett. Classified top secret and stamped with a code word that was itself classified, the order directed the establishment of an agency to be known as the National Security Agency. It was the birth certificate for America's newest and most secret agency, so secret in fact that only a handful in the government would be permitted to know of its existence. -James Bamford, The Puzzle Palace (1982) at 15. ***************************************************************** A 20707 5/4/54/OSO NSA TS CONTL. NO 73-00405 COPY: D321 Oct 24 1952 MEMORANDUM FOR: The Secretary of State The Secretary of defense SUBJECT: Communications Intelligence Activities The communications intelligence (COMINT) activities of the United States are a national responsibility. They must be so organized and managed as to exploit to the maximum the available resources in all participating departments and agencies and to satisfy the legitimate intelligence requirements of all such departments and agencies. I therefore designate the Secretaries of State and Defense as a Special Committee of the National Security Council for COMINT, which Committee shall, with the assistance of the Director of Central Intelligence, establish policies governing COMINT activities. and keep me advised of such policies through the Executive Secretary of the National Security Council. I further designate the Department of Defense as executive agent of the Government, for the production of COMINT information. I direct this Special Committee to prepare and issue directives which shall include the provisions set forth below and such other provisions as the Special Committee may determine to be necessary. 1. A directive to the United States Communication Intelligence Board (USCIB). This directive will replace the National Security Council Intelligence Directive No. 9, and shall prescribe USCIB's new composition, responsibilities and procedures in the COMINT fields. This directive shall include the following provisions. a. USCIB shall be reconstituted as a body acting for and under the Special Committee, and shall operate in accordance with the provisions of the new directive. Only those departments or agencies represented in USCIB are authorized to engage in COMINT activities. b. The Board shall be composed of the following members: (1) The Director of Central Intelligence, who shall be the Chairman of the Board. (2) A representative of the Secretary of State. (3) A representative of the Secretary of Defense (4) A representative of the Director of the Federal Bureau of Investigation. (5) The Director of the National Security Agency. (6) A representative of the Department of the Army. (7) A representative of the Department of the Navy. (8) A representative of the Department of the Air Force. (9) A representative of the Central Intelligence Agency. c. The Board shall have a staff headed by an executive secretary who shall be appointed by the Chairman with the approval of the majority of the Board. d. It shall be the duty of the Board to advise and make recommendations to the Secretary of Defense, in accordance with the following procedure, with respect to any matter relating to communications intelligence which falls within the jurisdiction of the Director of the NSA. (1) The Board shall reach its decision by majority vote. Each member of the Board shall have one vote except the representatives of the Secretary of State and of the Central Intelligence Agency who shall each have two votes. The Director of Central Intelligence, as Chairman, will have no vote. In the event that the Board votes and reaches a decision, any dissenting member of the Board may appeal from such decision within 7 days of the Special Committee. In the event that the Board votes but fails to reach a decision, any member of the Board may appeal within 7 days to the Special Committee. In either event the Special Committee shall review the matter, and its determination thereon shall be final. Appeals by the Director of NSA and/or the representatives of the Military Departments shall only be filed with the approval of the Secretary of Defense. (2) If any matter is voted on by the Board but - (a) no decision is reached and any member files an appeal; (b) a decision is reached in which the representative of the Secretary of Defense does not concur and files an appeal; no action shall be taken with respect to the subject matter until the appeal is decided, provided that, if the Secretary of Defense determines, after consultation with the Secretary of State, that the subject matter presents a problem of an emergency nature and requires immediate action, his decision shall govern, pending the result of the appeal. In such an emergency situation the appeal may be taken directly to the President. (3) Recommendations of the Board adopted in accordance with the foregoing procedures shall be binding on the Secretary of Defense. Except on matter which have been voted on by the Board, the Director of NSA shall discharge his responsibilities in accordance with his own judgment, subject to the direction of the Secretary of Defense. (4) The Director of NSA shall make such reports and furnish such information from time to time to the Board, either orally or in writing, as the Board my request, and shall bring to the attention of the Board either in such reports or otherwise any major policies or programs in advance of their adoption by him. e. It shall also be the duty of the Board as to matters not falling within the jurisdiction of NSA; (1) To coordinate the communications intelligence activities among all departments and agencies authorized by the President to participate therein; (2) To initiate, to formulate policies concerning, and subject to the provision of NSCID No. 5, to supervise all arrangements with foreign governments in the field of communications intelligence; and (3) to consider and make recommendations concerning policies relating to communications intelligence of common interest to the departments and agencies, including security standards and practices, and, for this purpose, to investigate and study the standards and practices of such departments and agencies in utilizing and protecting COMINT information. f. Any recommendation of the Board with respect to the matters described in paragraph e above shall be binding on all departments or agencies of the Government if it is adopted by the unanimous vote of the members of the Board. Recommendations approved by the majority, but not all, of the members of the Board shall be transmitted by it to the Special Committee for such action as the Special Committee may see fit to take. g. The Board will meet monthly, or oftener at the call of the Chairman or any member, and shall determine its own procedures. 2. A directive to the Secretary of Defense. This directive shall include the following provisions: a. Subject to the specific provisions of this directive, the Secretary of Defense may delegate in whole of in part authority over the Director of NSA within his department as he sees fit. b. The COMINT mission of the National Security Agency (NSA) shall be to provide an effective, unified organization and control of the communications intelligence activities of the United States conducted against foreign governments, to provide for integrated operational policies and procedures pertaining thereto. As used in this directive, the terms "communications intelligence" or "COMINT" shall be construed to mean all procedures and methods used in the interception of communications other than foreign press and propaganda broadcasts and the obtaining of information from such communications by other than intended recipients, but shall exclude censorship and the production and dissemination of finished intelligence. c. NSA shall be administered by a Director, designated by the Secretary of Defense after consultation with the Joint Chiefs of Staff, who shall serve for a minimum term of 4 years and who shall be eligible for reappointment. The Director shall be a career commissioned officer of the armed services on active or reactivated status, and shall enjoy at least 3-star rank during the period of his incumbency. d. Under the Secretary of Defense, and in accordance with approved policies of USCIB, the Director of NSA shall be responsible for accomplishing the mission of NSA. For this purpose all COMINT collection and production resources of the United States are placed under his operational and technical control. When action by the Chiefs of the operating agencies of the Services or civilian departments or agencies is required, the Director shall normally issue instruction pertaining to COMINT operations through them. However, due to the unique technical character of COMINT operations, the Director is authorized to issue direct to any operating elements under his operational control task assignments and pertinent instructions which are within the capacity of such elements to accomplish. He shall also have direct access to, and direct communication with, any elements of the Service or civilian COMINT agencies on any other matters of operational and technical control as may be necessary, and he is authorized to obtain such information and intelligence material from them as he may require. All instruction issued by the Director under the authority provided in this paragraph shall be mandatory, subject only to appeal to the Secretary of Defense by the Chief of Service or head of civilian department of agency concerned. e. Specific responsibilities of the Director of NSA include the following: (1) Formulating necessary operational plans and policies for the conduct of the U.S. COMINT activities. (2) Conducting COMINT activities, including research and development, as required to meet the needs of the departments and agencies which hare authorized to receive the products of COMINT. (3) Determining, and submitting to appropriate authorities, requirements for logistic support for the conduct of COMINT activities, together with specific recommendations as to what each of the responsible departments and agencies of the Government should supply. (4) Within NSA's field of authorized operations prescribing requisite security regulations covering operating practices, including the transmission, handling and distribution of COMINT material within and among the COMINT elements under his operations or technical control; and exercising the necessary monitoring and supervisory control, including inspections if necessary, to ensure compliance with the regulations. (5) Subject to the authorities granted the Director Central Intelligence under NSCID No. 5, conducting all liaison on COMINT matters with foreign governmental communications intelligence agencies. f. To the extent he deems feasible and in consonance with the aims of maximum over-all efficiency, economy, and effectiveness, the Director shall centralize or consolidate the performance of COMINT functions for which he is responsible. It is recognized that in certain circumstances elements of the Armed Forces and other agencies being served will require close COMINT support. Where necessary for this close support, direct operational control of specified COMINT facilities and resources will be delegated by the Director, during such periods and for such tasks as are determined by him, to military commanders or to the Chiefs of other agencies supported. g. The Director shall exercise such administrative control over COMINT activities as he deems necessary to the effective performance of his mission. Otherwise, administrative control of personnel and facilities will remain with the departments and agencies providing them. h. The Director shall make provision for participation by representatives of each of the departments and agencies eligible to receive COMINT products in those offices of NSA where priorities of intercept and processing are finally planned. i. The Director shall have a civilian deputy whose primary responsibility shall be to ensure the mobilization and effective employment of the best available human and scientific resources in the field of cryptographic research and development. j. Nothing in this directive shall contravene the responsibilities of the individual departments and agencies for the final evaluation of COMINT information, its synthesis with information from other sources, and the dissemination of finished intelligence to users. 3. The special nature of COMINT actives requires that they be treated in all respects as being outside the framework of other or general intelligence activities. Order, directives, policies, or recommendations of any authority of the Executive Branch relating to the collection, production, security, handling, dissemination, or utilization of intelligence, and/or classified material, shall not be applicable to COMINT actives, unless specifically so stated and issued by competent departmental of agency authority represented on the Board. Other National Security Council Intelligence Directive to the Director of Central Intelligence and related implementing directives issued by the Director of Central Intelligence shall be construed as non-applicable to COMINT activities, unless the National Security Council has made its directive specifically applicable to COMINT. /s/ HARRY S. TRUMAN ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003020748.AA08350@ucbarpa.Berkeley.EDU] <1990021023580000> From: NED@HMCVAX.CLAREMONT.EDU ("Ned Freed, Postmaster") Newsgroups: misc.security Subject: Re: Field service spying? Message-ID: <9003020748.AA08350@ucbarpa.Berkeley.EDU> Date: 10 Feb 90 23:58:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 35 Approved: security@rutgers.edu Posted: Sun Feb 11 00:58:00 1990 I'd very much like to have a copy of SW_INVENTORY.COM myself to aid in tracking software usage. We, like many other college sites, have blanket licenses for pretty much all the software DEC sells. We are, however, required to monitor its installation and usage on our various systems and report it to DEC. The problem is that our systems are managed by a large number of people, with varying degrees of ability/responsibility/ authority. It would be a real help if we could run something that would simply tell us what's installed, rather than relying on reports that are often forgotten or incorrect. PAKs don't help much since DEC in their wisdom provides product PAKs in an all-or-nothing fashion. It is the actual installation of the software that counts, not the PAK. As far as DEC is concerned, I fail to see how SW_INVENTORY.COM would tell them much. With the advent of CD-ROM distributions, you can install practically anything DEC sells without actually being able to use it. I suspect that this is the reason SW_INVENTORY.COM has fallen into disuse, rather than concerns about customer security. Insofar as this represents a breach of security, if you're relying on lack of physical access to prevent this sort of traffic analysis, you're dreaming. Assuming that you're honest and you're not running software you're not entitled to use, DEC's own records of software sales to you are probably a more reliable indication of what you're doing. I suppose you could pretend to buy the software for some other system (which may well be illegal), but in the long run, do you seriously think you can fool people? Note also that the software you have may in fact be a red herring; I think a look at stuff like the usernames, load averages, programs used (especially accounting logs), and so forth would be a much better place to start nosing around. And it may not be practical to deny your vendor access to this sort of information (e.g. a bug which only manifests itself under load -- I practically never see any other kind these days, now that static analysis of program code is so good). Ned Freed ned@ymir.claremont.edu ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003020602.AA06906@ucbarpa.Berkeley.EDU] <1990021100200000> From: kenw@noah.arc.cdn (Ken Wallewein) Newsgroups: misc.security Subject: Re: Field service spying? Message-ID: <9003020602.AA06906@ucbarpa.Berkeley.EDU> Date: 11 Feb 90 00:20:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 16 Approved: security@rutgers.edu Posted: Sun Feb 11 01:20:00 1990 > I recently got a command file called SW_INVENTORY.COM which was written I certainly wouldn't want such a program run on my system without my permission. On the other hand, there's not a lot that's beyond the reach of the FIELD account. Which is why ours is normally DISUSERed (disabled) -- that way, I know when it's being used, and why. A while ago I wrote a newsletter article lambasting DEC for not providing such tools as part of standard system software. If you know how I could get a copy, I'd appreciate the information. /kenw Ken Wallewein A L B E R T A kenw@noah.arc.cdn R E S E A R C H (403)297-2660 C O U N C I L ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021105541200> Date: Sun, 11-Feb-90 13:54:12 PST From: mmm@cup.portal.com Subject: Fire Sprinkler Cameras To: misc-security@uunet.uu.net I had never heard of these things before. How can I tell the difference between a regular fire sprinkler and one of these things? I assume there must be some kind of lens, where is it located? For that matter, what are other common disguises for cameras or bugs? [Moderator add-on: I saw some of these at Surveillance Expo last December. They are built into regular sprinkler heads which have been slightly modified to fit a small mirror assembly. Basically it's a pinhole lens looking straight down through where the water would normally emerge, with a small mirror mounted in a holder at 45 degrees so the camera's view is out sideways and slightly downward [adjustable]. You would have to stare really hard at them, especially considering that sprinkler heads are normally mounted on the ceiling. The advantage besides unobtrusiveness is that the mirror assembly can turn, allowing a 360 degree scan which a normal camera needs a fancy motorized bracket for. The company there that was marketing the things is Visual Methods, in Westwood NJ. _H*] ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021108033800> Date: Sun, 11 Feb 90 15:03:38 MST From: jimkirk@outlaw.uwyo.edu (James Kirkpatrick) Subject: RE: WP5.0/5.1 file security To: AGME003%UNLVM@outlaw.uwyo.edu, SECURITY@pyrite.rutgers.edu WordPerfect 5.0 still incorporates the same scheme and is indeed vulnerable. It is basically a Vigenere cipher. I have not had a chance yet to test version 5.1. I still have found out nothing about Lotus. DES encryption would probably be superior. ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003021936.AA02694@ucbarpa.Berkeley.EDU] <1990021121541200> From: mmm@cup.portal.com Newsgroups: misc.security Subject: Fire Sprinkler Cameras Message-ID: <9003021936.AA02694@ucbarpa.Berkeley.EDU> Date: 11 Feb 90 21:54:12 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 19 Approved: security@rutgers.edu Posted: Sun Feb 11 22:54:12 1990 I had never heard of these things before. How can I tell the difference between a regular fire sprinkler and one of these things? I assume there must be some kind of lens, where is it located? For that matter, what are other common disguises for cameras or bugs? [Moderator add-on: I saw some of these at Surveillance Expo last December. They are built into regular sprinkler heads which have been slightly modified to fit a small mirror assembly. Basically it's a pinhole lens looking straight down through where the water would normally emerge, with a small mirror mounted in a holder at 45 degrees so the camera's view is out sideways and slightly downward [adjustable]. You would have to stare really hard at them, especially considering that sprinkler heads are normally mounted on the ceiling. The advantage besides unobtrusiveness is that the mirror assembly can turn, allowing a 360 degree scan which a normal camera needs a fancy motorized bracket for. The company there that was marketing the things is Visual Methods, in Westwood NJ. _H*] ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003020457.AA06277@ucbarpa.Berkeley.EDU] <1990021122033800> From: jimkirk@OUTLAW.UWYO.EDU (James Kirkpatrick) Newsgroups: misc.security Subject: RE: WP5.0/5.1 file security Message-ID: <9003020457.AA06277@ucbarpa.Berkeley.EDU> Date: 11 Feb 90 22:03:38 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 4 Approved: security@rutgers.edu Posted: Sun Feb 11 23:03:38 1990 WordPerfect 5.0 still incorporates the same scheme and is indeed vulnerable. It is basically a Vigenere cipher. I have not had a chance yet to test version 5.1. I still have found out nothing about Lotus. DES encryption would probably be superior. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021222051100> Date: Mon, 12 Feb 90 22:05:11 GMT From: Hans van Zanten Subject: Security Auditing To: phigate!security@relay.eu.net I have read a lot about security in the UNIX environment in the Newsgroup: misc.security. One of the things I am interested in I did not spot however and I am wondering whether you could help me. But first of all, I would like to tell you who I am and why I am interested in security. My name: Hans van Zanten My firm: Philips Netherlands The department I am working with is called "Communication and Processing Services" (about 1000 employees) and is the EDP department of Philips in the Netherlands. Although most of the Business processing done is still on IBM mainframes, UNIX is starting to rise. In technical environments however UNIX is, of course, becoming quite standard. One of the main problems I am facing at the moment is the lack of skill of UNIX system administrators in the Business environment. My work (software supporting just these system administrators) is to make sure that their UNIX system is configured properly secure. In order to be able to 'audit' their systems (preferably in an automated way) I would like to get hold of 'auditing tools' (e.g. for scanning all the s-bits in the file- system, or to report on permission settings of complete file-systems, etc.). My question to you is whether you know of such tools, do they exist, to whom should I address myself to obtain possibly some more information. I would be very greatfull to receive some information on this subject and I hope you do not mind me addressing these quetions to you, yours sincerely, Hans van Zanten C&P/LSS Manager Departmental Systems e-mail: hansz@cnps.philips.nl ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021306013500> Date: Tue, 13 Feb 90 11:01:35 EST From: shz@packard.att.com (Seth Zirin) Subject: Re: vault doors, was: locks To: misc-security@att.att.com >I missed the first part of this thread... but THERMIC LANCES will normally >penetrate 3' of reinforced concrete within about 2 minutes... and if that Thermic Lances produce enormous amounts of smoke when they cut through concrete reinforced safe walls or doors. This is sure to set off fire alarms and thermal attack alarms. In addition, the large plume of smoke rising from a bank across town might tip off the police. These cutting tools produce blindingly bright light that is visible for great distances unless shielded. I've used mini-lances a few times and even they are not for the faint at heart. You can easily burn down the entire building with one of these. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021309142600> Date: 13 Feb 90 09:14:26 GMT From: dlb!netcom!onymouse@ames.arc.nasa.gov (John Debert) Subject: Re: cop detectors To: misc-security@ames.arc.nasa.gov > Would it be possible to build a police radio detector that detected > the emissions from the local oscillators of the radios? This would be > [Moderator tack-on: Professional rigs are normally pretty-well shielded.] I have found it very easy to detect police hand-helds, and, sometimes, mobile sets. Some of the recent Motorola hand-helds (the HT-220 series and on) emit such strong signals that I have picked them up as much as 200 feet away on my Pro-30 with it in my back pocket. The radios operate on UHF with repeaters and I pick up the signals on the repeater output frequency. Of course, there are those who would say that "That's impossible!" but it does in fact happen with my radios and I don't worry about whether it's possible or not. It happens, it works, no problem. I do not know if it works with all makes of radios, though. That is one method that may work. Others are to set your scanner to pick up the local oscillator frequency or even the transmit frequency in case the transmitter oscillator aways idles during receive. jd onymouse@netcom.UUCP ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021318130000> Date: Wed, 14 Feb 90 00:13 CST From: GREENY Subject: re: 4D for the mac.... To: Howdy.....I was wondering if anyone had any knowledge of the System Designer passwords for the individual databases set up with 4th Dimension on the Mac really being secure....I seem to have forgotten the password for a database I set up for a friend and need to figure it out.....I could go with the "ole comparison" technique between an old file, and one with a modified password but if there is an easier way that someone knows of, I'd love to know it.. bye for now but not for long Greeny BITNET: MISS026@ECNCDC ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021318190000> Date: Wed, 14 Feb 90 00:19 CST From: GREENY Subject: re: Thermic Lances To: > Thermic lances willnormally penetrate 3' of reinforced concrete... yeah, true....but they DO NOT cut through wood...according to a close associate locksmith friend....."cram about 1" of wood in the safe/vault door.. poof, the lance goes out..." not too shabby..... C'est La Vie! bye for now but not for long Greeny ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021318340000> Date: Wed, 14 Feb 90 00:34 CST From: GREENY Subject: re: Entry alarms To: > ...inexpensive effective security device which would allow someone to tell > if a person has entered in ones apartment.... Yeah, the mod's wisecrack is one idea....and so is the infamous Radio Shack.. they sell an entry alarm that gets screwed/double stick taped onto the door... put in a chime mode it goes "ding/dong" when the door opens....or has a siren mode that blasts the hell out of an intruder. I successfully used the chime mode over a period of two months late at night to get a roommate in a college dorm to move out (*devilish smile*) and once when I left the siren mode on over vacation the device scared the Asst. Res. Hall Director out of her wits during vacation room checks (needless to say, they kept out of my room after that...). OR, you could wire up something with a latching relay and a magnetic contact that would trigger a small light or a counting module (radio shack again... about $14.99) so you could keep track of someone entering illegally....or a sign on the door saying "WARNING: THESE PREMESES ARE ELECTRONICALLY PROTECTED. ALL ENTRIES ARE RECORDED FOR INVOLVED PARTIES PROTECTION. DO NOT ENTER IF THE ROOM/APARTMENT RESIDENT(S) IS/ARE NOT HOME. THE POLICE WILL BE AUTOMATICALLY NOTIFIED UPON UNAUTHORIZED ENTRY..." A sign such as the above was quite successful in keeping a nosy landlord out of my apartment.....he asked for the "code" to the alarm, I told him he wasn't getting it....he said he'd kill the power....I said it had battery backup, he quoted the lease, I quoted it too and said he had to provide proper notice... Ok, so I'm rambling....stick with the mag contact, the latching relay, a 9V battery, a small led, and a reset switch to reset the relay (just have a N.C. switch on the neg. lead of the battery (in series). Then to reset it, press the switch....*poof* power gets cut, relay resets, you are set.. not bad? Hope the above helps... bye fo rnow but not for long Greeny ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021323295800> Date: 13 Feb 90 23:29:58 GMT From: spaf@cs.purdue.edu (Gene Spafford) Subject: Re: Who (Specificly) has Morris' Worm Code? To: misc-security@gatech.edu Hundreds (maybe thousands) of people around the world have Morris's worm code. Lots of people have the binaries, and many people have reverse-engineered the code to C source. There has even been a book published in England that has most of the code in it. As far as people having the original source, well, folks at Cornell have it. Printouts and tape copies were given to the FBI, and the U.S. Attorney's office has copies. Some of the witnesses for the prosecution got paper copies, too. It's not all that surprising or entertaining.... -- Gene Spafford NSF/Purdue/U of Florida Software Engineering Research Center, Dept. of Computer Sciences, Purdue University, W. Lafayette IN 47907-2004 Internet: spaf@cs.purdue.edu uucp: ...!{decwrl,gatech,ucbvax}!purdue!spaf ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003022230.AA01141@ucbarpa.Berkeley.EDU] <1990021406340000> From: MISS026@ecncdc.BITNET (GREENY) Newsgroups: misc.security Subject: re: Entry alarms Message-ID: <9003022230.AA01141@ucbarpa.Berkeley.EDU> Date: 14 Feb 90 06:34:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 34 Approved: security@rutgers.edu Posted: Wed Feb 14 07:34:00 1990 > ...inexpensive effective security device which would allow someone to tell > if a person has entered in ones apartment.... Yeah, the mod's wisecrack is one idea....and so is the infamous Radio Shack.. they sell an entry alarm that gets screwed/double stick taped onto the door... put in a chime mode it goes "ding/dong" when the door opens....or has a siren mode that blasts the hell out of an intruder. I successfully used the chime mode over a period of two months late at night to get a roommate in a college dorm to move out (*devilish smile*) and once when I left the siren mode on over vacation the device scared the Asst. Res. Hall Director out of her wits during vacation room checks (needless to say, they kept out of my room after that...). OR, you could wire up something with a latching relay and a magnetic contact that would trigger a small light or a counting module (radio shack again... about $14.99) so you could keep track of someone entering illegally....or a sign on the door saying "WARNING: THESE PREMESES ARE ELECTRONICALLY PROTECTED. ALL ENTRIES ARE RECORDED FOR INVOLVED PARTIES PROTECTION. DO NOT ENTER IF THE ROOM/APARTMENT RESIDENT(S) IS/ARE NOT HOME. THE POLICE WILL BE AUTOMATICALLY NOTIFIED UPON UNAUTHORIZED ENTRY..." A sign such as the above was quite successful in keeping a nosy landlord out of my apartment.....he asked for the "code" to the alarm, I told him he wasn't getting it....he said he'd kill the power....I said it had battery backup, he quoted the lease, I quoted it too and said he had to provide proper notice... Ok, so I'm rambling....stick with the mag contact, the latching relay, a 9V battery, a small led, and a reset switch to reset the relay (just have a N.C. switch on the neg. lead of the battery (in series). Then to reset it, press the switch....*poof* power gets cut, relay resets, you are set.. not bad? Hope the above helps... bye fo rnow but not for long Greeny ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021500221500> Date: FRI FEB 16, 1990 09.32.15 EST From: "Kathy Healy Brey" Subject: Virus Scan on a LAN To: Can anyone provide advice or information on the following: CONFIGURATION An ethernet LAN running NOVELL with 10 nodes. Workstations are Zenith 286LP's with 20Meg hard drives & a 3.5" drive. LAN is for student use. PROBLEM We would like to run a virus scan on any floppy inserted into the 3.5 inch drive AT INSERTION. Is this possible? If so, how? The ideal scenario would be: Student inserts floppy in A:. System recognizes presence of floppy and scans diskette for known viruses... (a system-initiated scan, not an operator-initiated scan) If diskette is O.K., student goes to work. If diskette is contaminated, it's ejected(?) and student gets locked out of workstation and is directed to LAN Administration. L.A. grabs diskette and does detective and control work... THANKS for any help. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | Kathy Healy Brey, Manager Admin Environment: | | KHB1@LEHIGH THE INFORMATION CENTER IBM 4381 VSE/SP 2.1.5 | | 215-758-3006 Lehigh University IA Systems | | Private U Fairchild-Martindale 8B IBM PCs & Compatibles | | 6500 Students Bethlehem, PA 18015-3146 Novell LANs | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021501243800> Date: 15 Feb 90 01:24:38 GMT From: kelly@uts.amdahl.com (Kelly Goen) Subject: Re: Home security To: misc-security@ames.arc.nasa.gov GE LEXAN in .25" thickness will generally repel anything iron bars will and it WONT give you the feeling of being in jail(just how strong is it well I tool a .125" thick sample and hit it with the pointed end of a 20 lb sledge about 15 to 20 times... bent and scratched but that damn plastic I swear was grinning at me and saying make my day... it wouldnt break...) cheers kelly ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021505220000> Date: Thu, 15 Feb 90 11:22 MDT From: "David D. Grisham" Subject: ACF2 query To: security@ubvm WE are planning to implement ACF2 on our 3081-9370 setup. I am in the preliminary stages of the project and already see lots of problems. My two biggest problems are converting three (1 way) encrypted password files to one that ACF2 can use and establishing a common UID or LogonID from multiple operating systems which have different standards. Would anyone who has recently installed or coordinated an installation be willing to share some of the problems and solutions to getting this package up in a university environment? Thanks in advance. dave Dave Grisham, Security Administrator, CIRT Phone (505) 277-8032 University of New Mexico USENET DAVE@hydra.UNM.EDU Albuquerque, New Mexico 87131 BITNET DAVE@UNMB ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003041412.AA14577@ucbarpa.Berkeley.EDU] <1990021508412900> From: reynhout@WPI.WPI.EDU (Hagbard Celine) Newsgroups: misc.security Subject: Re: Who (Specificly) has Morris' Worm Code? Message-ID: <9003041412.AA14577@ucbarpa.Berkeley.EDU> Date: 15 Feb 90 08:41:29 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 11 Approved: security@rutgers.edu Posted: Thu Feb 15 09:41:29 1990 Hmm... In order for the worm to proliferate, wouldn't it have to copy itself into every infected system? Therefore, doesn't every system admin who bothered to save it have a copy? (given a little reverse-engineering) Andrew -- Andrew Reynhout (Internet: reynhout@wpi.wpi.edu) (BITNET: reynhout@wpi.bitnet) All hail Eris! (uucp: uunet!wpi.wpi.edu!reynhout) ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003041436.AA14620@ucbarpa.Berkeley.EDU] <1990021516292000> From: waters@darla.sps.mot.com (Strawberry Jammer) Newsgroups: misc.security Subject: Re: Field service spying? Message-ID: <9003041436.AA14620@ucbarpa.Berkeley.EDU> Date: 15 Feb 90 16:29:20 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 11 Approved: security@rutgers.edu Posted: Thu Feb 15 17:29:20 1990 I trust that no one who reads this leaves the account as Name: field Password: service no matter what DEC says. At one time they insisted on this, and refused to admit that it was a potential (HAH!) security problem. I still find VAXes set up this way BTW, recently the one my stockbroker uses to allow me to automate by stock transactions. Sigh. *Mike Waters AA4MW/7 waters@dover.sps.mot.com * The turtle lives 'twixt plated decks Which practically conceal its sex. I think it clever of the turtle ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003091120.AA10347@ucbarpa.Berkeley.EDU] <1990021517220000> From: DAVE@unmb.BITNET ("David D. Grisham") Newsgroups: misc.security Subject: ACF2 query Message-ID: <9003091120.AA10347@ucbarpa.Berkeley.EDU> Date: 15 Feb 90 17:22:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 15 Approved: security@rutgers.edu Posted: Thu Feb 15 18:22:00 1990 WE are planning to implement ACF2 on our 3081-9370 setup. I am in the preliminary stages of the project and already see lots of problems. My two biggest problems are converting three (1 way) encrypted password files to one that ACF2 can use and establishing a common UID or LogonID from multiple operating systems which have different standards. Would anyone who has recently installed or coordinated an installation be willing to share some of the problems and solutions to getting this package up in a university environment? Thanks in advance. dave Dave Grisham, Security Administrator, CIRT Phone (505) 277-8032 University of New Mexico USENET DAVE@hydra.UNM.EDU Albuquerque, New Mexico 87131 BITNET DAVE@UNMB ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021601385500> Date: Fri, 16 Feb 90 11:38:55 -0600 (CST) From: "Anthony A. Datri" Subject: Re: Bill Changers To: security@pyrite.rutgers.edu >Remind me to tell you an interesting way that con-artists can construct ... Easy -- chop the big numbers off the corners of a $20 bill, past them onto the corners of a $1 bill. Pass this as a $20 bill. Turn in the mutilated $20 for a fresh one. (no, I am not advocating the practice) ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021608480000> Date: Fri, 16 Feb 90 13:48 EST From: WHMurray@dockmaster.ncsc.mil Subject: TEMPEST To: security@rutgers.edu >This note explores the legal status of a surveillance >technology ruefully known as TEMPEST[2]. Sorry, Chris. TEMPEST is the name of a U. S. DoD standard for permissable emanations from equipment to be employed in processing certain classified information in certain environ- ments. The name of the "surveilance" technology is called television. You are correct only to the extent that the code word is sometimes erroneously used to refer to the vulnerability. I have never heard it, even erroneously, used to describe the surveilance. >Using TEMPEST >technology the information in any digital device may be >intercepted and reconstructed into useful intelligence >without the operative ever having to come near his target. Well, near is a relative term. With hundreds of dollars of equipment, some luck, and some special knowledge, you might be able to read a CRT at a distance of tens of meters. Other equipment is significantly more expensive. It is a little easier on the other side of the pond where the number of scan lines is higher. However, to gain useful intelligence, you may also have to expend tens to hundreds of hours. Of course, with the resources of a nation state, you might get the distance up to low hundreds of meters. Since the data involved may have a very long life, the expenditure may be justified. >The technology is especially useful in the interception of >information stored in digital computers or displayed on >computer terminals. Close; reading information displayed on CRT's is relatively easy. Reading LCDs or gas-panel displays is relatively difficult. Reading most storage is virtually impossible. > The use of TEMPEST is not illegal under the laws of the >United States[3], ....... Well, the use of radios and televisions is not illegal in the US. As long as you keep everything that you here to yourself, you have not likely broken any laws. However, if you use any of that information to enrich yourself, you may well have. You may have broken laws against espionage, copyright laws, or criminal fraud laws. US law makes it illegal for you to broadcast certain signals and for me to sell you equipment that does so. Nonetheless, you broadcast information bearing signals at you own risk. >....or England. Canada has specific laws criminalizing TEMPEST eavesdropping but the laws do more to hinder surveillance countermeasures than to prevent TEMPEST surveillance. >In the United States it is illegal for an >individual to take effective counter-measures against >TEMPEST surveillance. This leads to the conundrum that it >is legal for individuals and the government to invade the >privacy of others but illegal for individuals to take steps >to protect their privacy. That is, at best, an overstatement. As I have said, the law makes it illegal for you to broadcast certain signals and certainly does not force you to broadcast any. It permits you to employ quiet equipment, such as LCD's or gas-panels. It permits me to sell it to you. It permits you to use ultra-quiet, TEMPEST capable equipment. I might even be able to sell you such equipment, though you would not likely want to pay for most of it. For example, certain models of the GRID Case computer were TEMPEST capable off-the-shelf out-of the-box. However, without the permission of the DoD, I cannot sell you equipment which I assert to be TEMPEST qualified. If I did, and it were, I might be guilty of compromising classified information. If I did, and it were not, I would be guilty of misrepresentation. Nonetheless, the intent of the law is to protect national security interest, not to force you, gratuitously, to compromise yours, or deny you access to legitimate measures to do so. > The author would like to suggest that the solution to >this conundrum is straightforward. Information on >protecting privacy under TEMPEST should be made freely >available; Well, you may suggest what you like; your suggestions may even be straightforward. Nonetheless, neither the issue nor the solution are as straightforward as you imply or as others might infer. First, most information is available; I have just given you some. A great deal of the rest is special knowledge that would not be meaningful to the average buyer. The only information that I am aware of that is, de jure, not available is the TEMPEST standard. This standard was developed by the US DoD at its own expense for its own purpose. That purpose would not be served by its disclosure. It is not clear that any public good would be served by its disclosure. They are prohibited by a very complex law from disclosing it to you. It is not likely that law will be changed any time soon. >TEMPEST Certified equipment should be legally >available; .... If you can convince anyone else that is useful, develop your own standard and your own certification program for your own purpose. You will not succeed in subverting TEMPEST to your purpose. >...and organizations possessing private information >should be required by law to protect that information >through good computer security practices.... If you use "private" as opposed to public, then they must have done so. If you use "private" as synonomous with sensitve, it can reasonably expected that they will do so. >.... and the use of TEMPEST Certified equipment. Be careful what you ask for; you might get it. (Thank heaven that the editor did not post the whold paper.) William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021616213600> Date: Fri, 16 Feb 90 21:21:36 EST From: meister@gaak.lcs.mit.edu (phil servita) Subject: Re: bill changers To: marks@whoville.umiacs.umd.edu Cc: misc-security@uunet.uu.net The bill changer i took apart, (one of the newer types found on Coke machines) scanned a strip of bill 1/4 inch from the top, for light transmission. there was also a read head to check magnetic response. the rest of the bill could have been construction paper, and it would not have cared. -meister ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003061032.AA19125@ucbarpa.Berkeley.EDU] <1990021617385500> From: datri@CONVEX.COM ("Anthony A. Datri") Newsgroups: misc.security Subject: Re: Bill Changers Message-ID: <9003061032.AA19125@ucbarpa.Berkeley.EDU> Date: 16 Feb 90 17:38:55 GMT Sender: usenet@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 7 Approved: security@rutgers.edu Posted: Fri Feb 16 18:38:55 1990 >Remind me to tell you an interesting way that con-artists can construct ... Easy -- chop the big numbers off the corners of a $20 bill, past them onto the corners of a $1 bill. Pass this as a $20 bill. Turn in the mutilated $20 for a fresh one. (no, I am not advocating the practice) ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003062026.AA05303@ucbarpa.Berkeley.EDU] <1990021711040500> From: jcp@cgch.UUCP (Joseph C. Pistritto) Newsgroups: misc.security Subject: Re: tapes and x-ray machines Message-ID: <9003062026.AA05303@ucbarpa.Berkeley.EDU> Date: 17 Feb 90 11:04:05 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 39 Approved: security@rutgers.edu Posted: Sat Feb 17 12:04:05 1990 Actually, I bet a lot of it isn't actually. (Xrayed that is). I always put stuff I'd rather not have Xrayed in my luggage, and I've never lost anything. This includes tapes, (vido, audio, reel-to-reel data, and cartridge data), disks (floppies of all sizes), and in particular film. I have one of those lead lined film bags, and normally use it when travelling internationally, (which is anytime I get on a plane, as I live in Switzerland, kinda pointless to fly inside the country...) > For the record, X-ray machines will not damage film less than 1000 speed. > Most film used is 200 or 400. I also sent all my (exposed and unexposed) > film through the X-ray machines in multiple airports with no problems. ditto. I've had filmed Xrayed, as well as video equipment, with no problems. > If you are still worried, you can purchase a lead film bag. I would > suspect traveling internationally, the bag might draw attention. The only place I've ever been asked is in India, four days after one of their 747's was taken out by a luggage bomb. They were _seriously_ into security at the time. Matter of fact, just about the only time I've ever felt security was being taken seriously at an airport. (But I've never flown El Al...) Even then, it wasn't a hassle, I just had to show the man with the submachine gun what was inside the bag... More amusing was being interviewed by a local TV crew at the airport, which asked me "aren't you scared to be flying Air India now? I mean, you're a foreigner, why don't you buy a ticket on some other airline..." (This was the STATE RUN (and only) TV network in India, mind you...) Amusingly enough, the flight was almost empty, (except for victims families being flown to Ireland to identify the bodies, lotsa laughs on the plane... :-( ) -jcp- ====================================================================== Joseph C. Pistritto HB9NBB N3CKF 'Think of it as Evolution in Action' (J.Pournelle) Ciba Geigy AG, R1241.1.01, Postfach CH4002 Basel, Switzerland Internet: bpistr@cgch.uucp Phone: (+41) 61 697 6155 Bitnet: bpistr%cgch.uucp@cernvax.bitnet Fax: (+41) 61 697 2435 From US: cgch!bpistr@mcsun.eu.net ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021713131300> Date: Sat, 17 Feb 90 21:33:13 -0500 From: Mark A. Schleifer Subject: Re: bill changers To: meister@gaak.lcs.mit.edu (phil servita) Cc: marks@umiacs.umd.edu, misc-security@uunet.uu.net > The bill changer i took apart, (one of the newer types found on Coke machines) > scanned a strip of bill 1/4 inch from the top, for light transmission. there > was also a read head to check magnetic response. the rest of the bill could > have been construction paper, and it would not have cared. Quite right. The one I took apart was from a Rowe changer. We had a problem with people using xerox copies of dollars. They would tape pieces of real dollars to the copy and run it trough. At other arcades they would then cover the holes in the real dollars with copys and pass it to busy cashiers. As long as you have the important section of a real bill in place the machine can't tell the difference. Are you sure that the it scanned for light trasmission? On the models I'm used to the optics at the top are just used to sense when a bill is being inserted, they then activate the feed moter. - Mark ---- Spoken: Mark A. Schleifer Domain: marks@umiacs.umd.edu UUCP: uunet!mimsy!umiacs!marks Phone: +1-301-454-7678 USPS: UMIACS, Univ. of Maryland, College Park, MD 20742 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021713440500> Date: 17 Feb 90 12:04:05+0100 From: Joseph C. Pistritto Subject: Re: tapes and x-ray machines To: Cc: Actually, I bet a lot of it isn't actually. (Xrayed that is). I always put stuff I'd rather not have Xrayed in my luggage, and I've never lost anything. This includes tapes, (vido, audio, reel-to-reel data, and cartridge data), disks (floppies of all sizes), and in particular film. I have one of those lead lined film bags, and normally use it when travelling internationally, (which is anytime I get on a plane, as I live in Switzerland, kinda pointless to fly inside the country...) > For the record, X-ray machines will not damage film less than 1000 speed. > Most film used is 200 or 400. I also sent all my (exposed and unexposed) > film through the X-ray machines in multiple airports with no problems. ditto. I've had filmed Xrayed, as well as video equipment, with no problems. > If you are still worried, you can purchase a lead film bag. I would > suspect traveling internationally, the bag might draw attention. The only place I've ever been asked is in India, four days after one of their 747's was taken out by a luggage bomb. They were _seriously_ into security at the time. Matter of fact, just about the only time I've ever felt security was being taken seriously at an airport. (But I've never flown El Al...) Even then, it wasn't a hassle, I just had to show the man with the submachine gun what was inside the bag... More amusing was being interviewed by a local TV crew at the airport, which asked me "aren't you scared to be flying Air India now? I mean, you're a foreigner, why don't you buy a ticket on some other airline..." (This was the STATE RUN (and only) TV network in India, mind you...) Amusingly enough, the flight was almost empty, (except for victims families being flown to Ireland to identify the bodies, lotsa laughs on the plane... :-( ) -jcp- ====================================================================== Joseph C. Pistritto HB9NBB N3CKF 'Think of it as Evolution in Action' (J.Pournelle) Ciba Geigy AG, R1241.1.01, Postfach CH4002 Basel, Switzerland Internet: bpistr@cgch.uucp Phone: (+41) 61 697 6155 Bitnet: bpistr%cgch.uucp@cernvax.bitnet Fax: (+41) 61 697 2435 From US: cgch!bpistr@mcsun.eu.net ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021716292000> Date: Sat, 17 Feb 90 20:29:20 EDT From: Iqbal Qazi Subject: Re: Bill Changers To: security@pyrite.rutgers.edu My roommate tells me that you can take a bill apart into two halves, then stick, say the front of a twenty on the back of a 1, and vise- virsa. Then you'd have 1 real 20 front and 1 real 20 back which you could pass off. Is this for real? Iqbal Qazi WQ956C at GWUVM ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021718532800> Date: 17 Feb 90 18:53:28 GMT From: gopstein@soleil.uucp (Rich Gopstein) Subject: Opening an old safe? To: misc-security@rutgers.edu I friend of mine has an old Victor safe which she purchased from someone who didn't know the combination. She's interested in using it, so she would like to know if it can be opened without destroying it. Any help or pointers to other information would be appreciated. Thanks. -- Rich Gopstein ..!rutgers!soleil!gopstein ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003061340.AA19665@ucbarpa.Berkeley.EDU] <1990021800292000> From: WQ956C@gwuvm.BITNET (Iqbal Qazi) Newsgroups: misc.security Subject: Re: Bill Changers Message-ID: <9003061340.AA19665@ucbarpa.Berkeley.EDU> Date: 18 Feb 90 00:29:20 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 7 Approved: security@rutgers.edu Posted: Sun Feb 18 01:29:20 1990 My roommate tells me that you can take a bill apart into two halves, then stick, say the front of a twenty on the back of a 1, and vise- virsa. Then you'd have 1 real 20 front and 1 real 20 back which you could pass off. Is this for real? Iqbal Qazi WQ956C at GWUVM ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021809120000> Date: Sun, 18 Feb 90 14:12 EST From: Subject: Wireless Home Security Systems To: hobbit@pyrite.rutgers.edu Does anyone know how hard it is to jam or fool these wireless home security systems? Couldn't one just use a spectrum analyzer to determine what sort of signals the sensors sent to the main control unit -- and then replicate these signals? For example if I pumped out the signal that meant "everything is OK" a three watts it would drown out the "door is open" signal when I broke open a door. That doesn't sound very secure. CJS cjs@cwru.cwru.edu p.s. I suppose the FEDS system being tested to protect nuclear weapon storage areas would fall at the other end of the spectrum. According to the specs, when it detect an intruder the system releases nerve gas. Now that's a serious system. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021900540000> Date: Mon, 19 Feb 90 06:54 CST From: douglas@ddsw1.mcs.com (Douglas Mason) Subject: Re: tapes and x-ray machines To: misc-security@rutgers.edu If this makes you sleep any better (ha!) I became paranoid about my film going through x-ray machines and purchased a 'lead film bag'. Since I have had it, I have been through Heathrow airport in London three times now, and have NEVER had it checked. I put it in with my carry-on and every time I watch myself as it goes through 2 different x-ray machines every time I depart and saw for myself that it shows up as a completely solid object - you can't see anything inside at all. Isn't Heathrow supposed to have beefed up their security? I was there over Christmas when the big hype of a bomb was at it's peak -- still didn't check. These bags are about the size of an average lunch sack. On the other hand, Chicago's O'Hare airport has checked it EVERY time that I have gone through there, and I frequent that place! -Douglas Mason -- Douglas T. Mason | douglas@ddsw1.UUCP or dtmason@m-net | ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021903415200> Date: Mon, 19 Feb 90 09:41:52 CST From: Kevin LaFata Subject: Re: RE: Home Alarm Installations, R.S. Setups To: security@pyrite.rutgers.edu As an owner of a security system company, I would highly discourage any wireless alarm that has no form of supervision. There are many types of alarms that send low battery signals, as well as an "all is well" signal which, if not received by the control panel every x minutes, will also sound some kind of alarm. This prevents signal jambing. Personally (insert my opinion here) I do not like the AT&T wireless system. It seems they created a lot of hype about it and have exclusive dealers, etc. On company that installed them had to replace all but 6 (out of about one hundred) units because of a malfuntion. Even thought they were under warranty, it is still unreasonable to have to replace that many. You may have trouble buying a professional wireless system from a whole- saler yourself, but many alarm companies are happy to sell them to individuals. Kevin LaFata s899229@UMSLVMA ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021908134200> Date: Mon, 19 Feb 1990 13:13:42 EST From: "Don Z. Eng" Subject: LAN security & control review To: security@ohstvma Does anyone have, and willing to share, a program on LAN security and control review? I am starting my first LAN review and can use some guidance. We use Novell Netware. Thanks. Don Z. Eng Rutgers University U953005@RUTVM1 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021908504000> Date: Mon, 19 Feb 90 13:50:40 EST From: "Larry Margolis" Subject: Bicycle locks To: security@pyrite.rutgers.edu The previous article on bicycle locks got me interested, so I've been examining different locks. (Living in Manhattan, I am able to come across many broken locks to play with.) It was mentioned that some bike locks had a rivet that could easily be removed, letting you pop out the lock cylinder. The Master brand Kryptonite-type lock (tube that locks over the open ends of a U-shaped round bar) has such a rivet, however removing it will not let you open the lock. If the lock is opened, you will be able to rotate the cylinder, but not if it's locked. In addition, there's a ring around the face of the cylinder that has to be removed in order to remove the cylinder (and the lock must be open). It's as easy to pick as your average Master padlock, so I wouldn't trust it too much, but it is safe from rivet removal. I found another one that I'd strongly recommend you avoid. The plastic was partly scraped off, so I couldn't make out the name, but it ends with NG-TAY. First, removing the rivet let the cylinder rotate which *did* let you open the lock. Second, instead of solid brass top pins, it used hollow shells that the springs rested in. This is apparently how the thief opened the lock - stuck in a screwdriver and gave it a good twist. The shells crumpled and the lock opened. Third, it looks like the serial number printed on the plastic is actually the key levels, so you could just look at the lock, then make a key to it with a key machine and a depth-key set. (I'd have to see another one of these locks to verify this last point.) Larry Margolis, MARGOLI@YKTVMV (bitnet), MARGOLI@IBM.COM (csnet) ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990021910571700> Date: Mon, 19 Feb 90 19:17:17 -0500 (EST) From: Christopher Gene Behanna Subject: Honda motorcycle keys To: security@pyrite.rutgers.edu Recently, a friend of mine bought a 1983 Honda Shadow 750. He tried his key in my 1985 Honda Shadow 700, and was able to unlock the forks as well as turn on the ignition circuit. Ditto my key in his bike. For laughs, we tried our keys on his roommate's 1983 Honda CB1000, and we were both able to turn the parking light on (we couldn't turn the cylinder the rest of the way to "on"). Now, what I want to know is, does Honda consider this a feature or a bug? IMHO, selling a bike that any owner of a similar bike can come along and steal (for parts or otherwise), is a great act of irresponsibility on the part of the manufacturer. I'm not terribly worried--I have an enormous folding steel lock that I use on my front wheel, but folks who don't have an extra $50 lying around to buy a similar lock SHOULD worry. Chris BeHanna behanna@reagan.psc.edu ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003061545.AA20003@ucbarpa.Berkeley.EDU] <1990021915415200> From: S899229@umslvma.BITNET (Kevin LaFata) Newsgroups: misc.security Subject: Re: RE: Home Alarm Installations, R.S. Setups Message-ID: <9003061545.AA20003@ucbarpa.Berkeley.EDU> Date: 19 Feb 90 15:41:52 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 15 Approved: security@rutgers.edu Posted: Mon Feb 19 16:41:52 1990 As an owner of a security system company, I would highly discourage any wireless alarm that has no form of supervision. There are many types of alarms that send low battery signals, as well as an "all is well" signal which, if not received by the control panel every x minutes, will also sound some kind of alarm. This prevents signal jambing. Personally (insert my opinion here) I do not like the AT&T wireless system. It seems they created a lot of hype about it and have exclusive dealers, etc. On company that installed them had to replace all but 6 (out of about one hundred) units because of a malfuntion. Even thought they were under warranty, it is still unreasonable to have to replace that many. You may have trouble buying a professional wireless system from a whole- saler yourself, but many alarm companies are happy to sell them to individuals. Kevin LaFata s899229@UMSLVMA ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003061231.AA19485@ucbarpa.Berkeley.EDU] <1990021918134200> From: U953005@rutvm1.BITNET ("Don Z. Eng") Newsgroups: misc.security Subject: LAN security & control review Message-ID: <9003061231.AA19485@ucbarpa.Berkeley.EDU> Date: 19 Feb 90 18:13:42 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 9 Approved: security@rutgers.edu Posted: Mon Feb 19 19:13:42 1990 Does anyone have, and willing to share, a program on LAN security and control review? I am starting my first LAN review and can use some guidance. We use Novell Netware. Thanks. Don Z. Eng Rutgers University U953005@RUTVM1 ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003091229.AA10612@ucbarpa.Berkeley.EDU] <1990022000171700> From: cb2s+@ANDREW.CMU.EDU (Christopher Gene Behanna) Newsgroups: misc.security Subject: Honda motorcycle keys Message-ID: <9003091229.AA10612@ucbarpa.Berkeley.EDU> Date: 20 Feb 90 00:17:17 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 14 Approved: security@rutgers.edu Posted: Tue Feb 20 01:17:17 1990 Recently, a friend of mine bought a 1983 Honda Shadow 750. He tried his key in my 1985 Honda Shadow 700, and was able to unlock the forks as well as turn on the ignition circuit. Ditto my key in his bike. For laughs, we tried our keys on his roommate's 1983 Honda CB1000, and we were both able to turn the parking light on (we couldn't turn the cylinder the rest of the way to "on"). Now, what I want to know is, does Honda consider this a feature or a bug? IMHO, selling a bike that any owner of a similar bike can come along and steal (for parts or otherwise), is a great act of irresponsibility on the part of the manufacturer. I'm not terribly worried--I have an enormous folding steel lock that I use on my front wheel, but folks who don't have an extra $50 lying around to buy a similar lock SHOULD worry. Chris BeHanna behanna@reagan.psc.edu ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022005505600> Date: 20 Feb 90 05:50:56 GMT From: Jay Vosburgh Subject: Re: bill changers To: misc-security@tektronix.tek.com >That may be antiquated information, though. Bill changers >do work a lot better now that they did just a few years ago. Maybe, maybe not. A while ago (10-11 months) I took my dollar bill down to one of those "Coke and change" soda machines that take bills, and discovered a very dismayed individual. He had stuck a five dollar bill into the machine, gotten his soda, and only 50 cents change back. I suspect that the machine probably wasn't out of spare change, since it gave me my soda and 50 cents, too. My Coke cost four dollars less, though. Obviously, I don't know whether that the bill reader was at fault, or if the Coke machine just checked to see if the bill was valid, and assumed that nobody would stick anything but a single in the slot just because it says to use a one dollar bill on the outside. -J --- -Jay Vosburgh, Sequent Computer Systems, Inc; uunet!sequent!fubar ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003090957.AA09330@ucbarpa.Berkeley.EDU] <1990022016154900> From: ssr@cos.com (Dave Kucharczyk) Newsgroups: misc.security Subject: Re: Toyota Masters Message-ID: <9003090957.AA09330@ucbarpa.Berkeley.EDU> Date: 20 Feb 90 16:15:49 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 10 Approved: security@rutgers.edu Posted: Tue Feb 20 17:15:49 1990 the same goes for most older datsun/nissan cars and trucks. you can make a key that will open/start a majority of the cars out there. i think it's mostly a combination of bad design and sloppy tolerances rather than anything toyota/nissan intended to do. there was an article in the national locksmith or locksmith ledger a while back about this 'problem'. the locks are so bad that i can use my friends toyota key to get into and start some nissans even though it's the wrong blank and just a regular key... dave ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022019110400> Date: Tue, 20 Feb 90 19:11:04 GMT From: ehrlich@psuvax1.cs.psu.edu (Daniel Ehrlich) Subject: Re: Cardkey locks To: security@pyrite.rutgers.edu We are using an insertion card key reader lock from MagTek, MT-215232. It comes in three different models depending on which track(s) you want to read off of the magnetic stripe. The MT-215232 comes with an RS-232 interface but no power supply or housing. The units are inexspensive (~$150/each) and after have our hardware tech whip up the neccessary power supply and interface hard ware it came to about $280 per door. This includes the electric striker for the door and associated realays and electronics. MagTek also makes `swipe' style card readers like the ones used to read you credit card when a store needs to have a purchase authorized. I beleive that these come with a power supply, et al. MagTek's address and phone number are: MAG-TEK, Inc. 20725 South Annalee Avenue Carson, CA 90746 +1 213 631 8602 They also make magnetic card programmers. The security implications of having one of these is mind blowing. -- Dan Ehrlich Voice: +1 814 863 1142 FAX: +1 814 865 3176 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022019152200> Date: Tue, 20 Feb 90 17:15:22 EET From: MCGDAKI@CMS.MANCHESTER-COMPUTING-CENTRE.AC.UK Subject: Domestic Burglar Alarm. To: security@FINHUTC I am considering doing a domestic system and the inertia sensors coupled with an analyser appeals to me for perimeter protection. Has anyone had experience using these and how good are they for reliability and immunity to false alarms? A.Kirk ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022023275200> Date: 21 Feb 90 07:27:52 PST (Wednesday) From: "chaz_heritage.WGC1RX"@xerox.com Subject: Them Locks Are Easy To: security-request@pyrite.rutgers.edu Ford locks have long been notorious for this sort of thing (hence the line above from Alexei Sayle's song). My kid brother once went to a rock festival where he was able to open and start seven Fords using the fish descaler on his Swiss knife (the owners were suitably surprised on waking to find their cars apparently eager to depart before the main event). Moaning at car manufacturers for providing rotten security is unlikely to succeed. They make so much money selling people parts to replace things smashed by thieves that it's hardly worth their while improving matters. And, if someone's whole car goes AWOL, well, that's another new car sale for them, isn't it? Better to rely on one's own (preferably vicious and devious) ingenuity. I have some ideas, if anyone's interested, since I'm currently building a new car. Expensive electronic gadgets aren't necessarily the answer. Mechanical solutions seem to be the best. Regards, Chaz ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022103021300> Date: 21 Feb 90 11:02:13 PST (Wednesday) From: "Court_K_Packer.wbst845"@xerox.com Subject: Re: Security Digest To: security-request@pyrite.rutgers.edu I'm told by a friend that ignition keys can be made for Volvos and Saabs by just having the last three digits of the VIN number. If this is true, what prevents someone from getting the VIN number through the windshield and going to a dealer and having a key cut? Would the dealer ask to see some proof of ownership? ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022103245600> Date: Wed, 21 Feb 1990 10:24:56 MST From: GAVRON@mpx0.lampf.lanl.gov (Ehud Gavron@lampf.lanl.gov, gavron@lampf.bitnet) Subject: RE: Misuse of Address To: security@pyrite.rutgers.edu There are always going to be people of poor ethics who abuse whatever information be it from .sig files, the phone book, a campus directory, etecetera. What would be nice is if these places that accept orders would 1) request a phone number to call back and confirm the order. 2) Take down a credit card number to charge if problems occur (and verify it online). 3) Store all that info interactively until you make your first payment on the subscription or whatever. Asbsetos: Yes, I realize that this will increase the cost of handling. But it's about time the $4.95 shipping and HANDLING was used for something other than "added dealer profit" :-) ------------------------------------------------------------------- | Ehud Gavron, System Manager gavron@lampf.lanl.gov (internet)| | Los Alamos National Laboratory gavron@lampf (bitnet) | | Meson Physics Division DAC cmcl2!lanl!eg (uucp) | | (505)665-1131/667-9288 1029::55295::GAVRON (SPAN) | ------------------------------------------------------------------- ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022104264200> Date: 21 Feb 90 09:26:42 EST (Wed) From: simsong@prose.cambridge.ma.us (Simson L. Garfinkel) Subject: tapes and x-ray machines To: MFOWLER@gtri01.bitnet Cc: security@pyrite.rutgers.edu For the record, X-ray machines will not damage film less than 1000 speed. Most film used is 200 or 400. I also sent all my (exposed and unexposed) film through the X-ray machines in multiple airports with no problems. This is not strictly true. Modern X-ray machines will not damage film of 400 or less. In Europe and the third world you will find many X-ray machines that will blow away 100 ISO film. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022107130300> Date: Wed, 21 Feb 90 13:13:03 CST From: kevin@ferris.cray.com (Kevin Bluml) Subject: Re: criminal intelligence To: security-request@rutgers.edu At least in Minnesota (and I'd bet elsewhere) the police have NO Information on what you have - Operation ID merely gets you a number for reference that YOU put on your items of value - The ONLY time you give info to the police is IF you lose something (burglary, robbery) and want them to know about it, list it with the appropriate databases etc.. Sorry, couldn't let it pass, Operation ID is a good program, but it won't work if people don't understand how it functions.. -- From: Kevin V. Bluml - Cray Research Inc. 612-681-3036 USmail - 1440 - Northland Drive Mendota Heights, MN 55120 Internet - kevin@ferris.cray.com UUCP - uunet!cray!ferris!kevin ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022107360900> Date: Wed, 21 Feb 90 12:36:09 EST From: cs4i03ab@maccs.dcss.mcmaster.ca (Don Bork) Subject: Re: Computer Forged Documents To: misc-security@gpu.utcs.utoronto.ca A recent introduction here in Canada has been a small foil rectangle glued onto the face of the bill. If you look at it from one angle it's a golden colour, but from a different angle it's greenish. So far it's on the 50 dollar bill only. The security in this is that this patch is difficult and expensive to duplicate, so far no problems reported with it. -- Don Bork BORKD@SCIVAX.MCMASTER.CA "Don't let school get in the way of an education" -Stoker '88-89 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022114543100> Date: 23-FEB-1990 00:04:31.53 From: geek Subject: Police repeater detection To: security@pyrite.rutgers.edu Due to a leaky memory, I do not recall all details, but about a month or two ago I spotted an item in a "yuppie catalog" that purported to detect patrol cars up to away by picking up their repeater signals. The device was designed to be vehicle mounted (so as to pick up police using radar that is only turned on when you are in sight). Of course, it relies on the supposition that the officers left their repeaters on while in the vehicle [they acknowledged this but claimed that most do in fact leave their repeaters on]. The device did not broadcast what it received, it only indicated that something was being broadcast. Anybody seen anything similar? Any comments on range/feasability/other problems? -kevin krainier@eagle.wesleyan.edu krainier@wesleyan.bitnet ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003100656.AA23715@ucbarpa.Berkeley.EDU] <1990022115265200> From: piet@cs.ruu.nl (Piet van Oostrum) Newsgroups: misc.security Subject: Article from Computers and security Message-ID: <9003100656.AA23715@ucbarpa.Berkeley.EDU> Date: 21 Feb 90 15:26:52 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 14 Approved: security@rutgers.edu Posted: Wed Feb 21 16:26:52 1990 I am looking for the following article: Ben. F. Barton & Marthalee S. Barton, User-friendly password methods for computer-mediated information systems, Computers and Security 3, 3 (Aug 1984), pp. 186-195. Just an indication (abstract) of the techniques used would be enough, although a fax copy would be appreciated. We don't have the mag in the library here. -- Piet* van Oostrum, Dept of Computer Science, Utrecht University, Padualaan 14, P.O. Box 80.089, 3508 TB Utrecht, The Netherlands. Telephone: +31-30-531806 Uucp: uunet!mcsun!hp4nl!ruuinf!piet Telefax: +31-30-513791 Internet: piet@cs.ruu.nl (*`Pete') ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003091345.AA10849@ucbarpa.Berkeley.EDU] <1990022115275200> From: "chaz_heritage.WGC1RX"@XEROX.COM Newsgroups: misc.security Subject: Them Locks Are Easy Message-ID: <9003091345.AA10849@ucbarpa.Berkeley.EDU> Date: 21 Feb 90 15:27:52 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 18 Approved: security@rutgers.edu Posted: Wed Feb 21 16:27:52 1990 Ford locks have long been notorious for this sort of thing (hence the line above from Alexei Sayle's song). My kid brother once went to a rock festival where he was able to open and start seven Fords using the fish descaler on his Swiss knife (the owners were suitably surprised on waking to find their cars apparently eager to depart before the main event). Moaning at car manufacturers for providing rotten security is unlikely to succeed. They make so much money selling people parts to replace things smashed by thieves that it's hardly worth their while improving matters. And, if someone's whole car goes AWOL, well, that's another new car sale for them, isn't it? Better to rely on one's own (preferably vicious and devious) ingenuity. I have some ideas, if anyone's interested, since I'm currently building a new car. Expensive electronic gadgets aren't necessarily the answer. Mechanical solutions seem to be the best. Regards, Chaz ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003100747.AA24035@ucbarpa.Berkeley.EDU] <1990022117245600> From: GAVRON@MPX0.LAMPF.LANL.GOV (Ehud Gavron@lampf.lanl.gov, gavron@lampf.bitnet) Newsgroups: misc.security Subject: RE: Misuse of Address Message-ID: <9003100747.AA24035@ucbarpa.Berkeley.EDU> Date: 21 Feb 90 17:24:56 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 23 Approved: security@rutgers.edu Posted: Wed Feb 21 18:24:56 1990 There are always going to be people of poor ethics who abuse whatever information be it from .sig files, the phone book, a campus directory, etecetera. What would be nice is if these places that accept orders would 1) request a phone number to call back and confirm the order. 2) Take down a credit card number to charge if problems occur (and verify it online). 3) Store all that info interactively until you make your first payment on the subscription or whatever. Asbsetos: Yes, I realize that this will increase the cost of handling. But it's about time the $4.95 shipping and HANDLING was used for something other than "added dealer profit" :-) ------------------------------------------------------------------- | Ehud Gavron, System Manager gavron@lampf.lanl.gov (internet)| | Los Alamos National Laboratory gavron@lampf (bitnet) | | Meson Physics Division DAC cmcl2!lanl!eg (uucp) | | (505)665-1131/667-9288 1029::55295::GAVRON (SPAN) | ------------------------------------------------------------------- ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003100601.AA23268@ucbarpa.Berkeley.EDU] <1990022119021300> From: "Court_K_Packer.wbst845"@XEROX.COM Newsgroups: misc.security Subject: Re: Security Digest Message-ID: <9003100601.AA23268@ucbarpa.Berkeley.EDU> Date: 21 Feb 90 19:02:13 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 5 Approved: security@rutgers.edu Posted: Wed Feb 21 20:02:13 1990 I'm told by a friend that ignition keys can be made for Volvos and Saabs by just having the last three digits of the VIN number. If this is true, what prevents someone from getting the VIN number through the windshield and going to a dealer and having a key cut? Would the dealer ask to see some proof of ownership? ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022219174300> Date: 23 FEB 90 00:17:43 CDT From: MARK KINSLER Subject: Slim jims To: I bought one at a store in the Strip District of Pittsburgh. I think Buffalo or some other fine tool manufacturer stamps them out. Check at one of these semi-permanent flea market tool stands where they sell a lot of duct tape and Taiwanese torque wrenches and you'll probably have some luck. You'd think that the sort of auto parts store that sell lots of chrome-plated hood locks and gearshift knobs would have them, but they don't. , U of Southern Mississippi, Gulf Coast ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022221251300> Date: Fri, 23 Feb 90 12:25:13 -0900 From: "ROBYN L ROBERTSON" Subject: RE: cordless privacy To: security@pyrite.rutgers.edu > I notice the same thing that Jim had mentioned, what criminals take >advantage of are people/organizations who often do stupid things that >allow crimes to be committed ie: leaving car keys in car; open windows; I think that criminals in general tend to look for the easy sting, you are right about this in my view. >I hate people who goes around yelling about intelligence levels of any group; >in my book; getting caught committing the crime is stupidity. Come, come now! Surely you do not mean this part where you say, "I hate people who goes around yelling about intelligence levels of any group." Since I think I started this 'criminal intelligence' pilpul, I feel obligated to respond to this remark. First of all, if I was, "...yelling..." about the respective intelligence of criminals, I did not mean to be so shrill. As for the hate, ma yesh ma? Bad news, so lets kill the messenger? Absurd. As far as DETECTED criminals being somewhat lowbrow, I believe clear statistics demonstrate that my opinion is not just some sort of slur against a minority(criminals), merely a statement of obvious fact. In general, I believe WAIS tests average out at a statistically significant measure below the norm, and that general wealth of knowledge tends to be obviously below normal among criminals. Of course, my universe of discourse is restricted to DETECTED criminals. If there exists a significant subset of criminals that are undetected, data on them is largely unavailable, or tends to be so soft it is virtually worthless. I also feel obligated to exclude criminals like Lincoln Savings and Loan's Mr. Keating, since the wealth of such people as a rule (though not always), places them **outside** of the laws people with lesser incomes must face. I think it was Heinlin who wrote that anyone demanding justice must be either very wealthy or very desperate. Nu, any highbrow criminals out there in netland that want to address this issue? ============================================================================ Robyn Robertson Internet: gsrlr@alaska.fai.alaska.edu BITNET: GSRLR@ALASKA ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022223410700> Date: 22 Feb 90 23:41:07 GMT From: kgdykes@watmath.waterloo.edu (Ken Dykes) Subject: Re: Computer Forged Documents - money To: misc-security@watmath.waterloo.edu >Dutch paper currency is produced with state-of-the-art printing techniques. Canada is much the same way. In fact, our new $50 bill release about 6 months ago now features a metallicized "hologram" patch similar to those used on major credit cards. (but much more flexible/durable) i like to see a colour photocopier reproduce a metalicized effect! Our bill designs from the last few years also feature MACHINE READABLE serial numbers for nifty swift banking machine sorting, etc. Technology in money! The USofA amazes me, it's got the largest market to make a counterfeit worthwhile, and yet probably the oldest "active" currency technology... -ken -- - Ken Dykes, Software Development Group, UofWaterloo, Canada [43.47N 80.52W] kgdykes@watmath.waterloo.edu [129.97.128.1] kgdykes@waterloo.csnet kgdykes@water.bitnet watmath!kgdykes postmaster@watbun.waterloo.edu B8 s+ f+ w t e m r ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022302511500> Date: 23 Feb 90 02:51:15 GMT From: kelly@uts.amdahl.com (Kelly Goen) Subject: Re: RE: Home Alarm Installations, R.S. Setups To: misc-security@ames.arc.nasa.gov Let us not forget Ademco here with the vista-xm systems both polling , wireless and hardwired zones available.... and you can run duplex receivers for those difficult setups... cheers kelly ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003142001.AA01636@ucbarpa.Berkeley.EDU] <1990022318414600> From: parnass@cbnewse.att.com (Bob Parnass, AJ9S) Newsgroups: misc.security Subject: Re: cop detectors Message-ID: <9003142001.AA01636@ucbarpa.Berkeley.EDU> Date: 23 Feb 90 18:41:46 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 9 Approved: security@rutgers.edu Posted: Fri Feb 23 19:41:46 1990 I can tell when an Illinois State Trooper is nearby -- I hear his low power, in-car mobile repeater on 155.505 MHz, a frequency I monitor using my scanner when I'm on the highway. Other states and some counties and towns use similar equipment. -- ============================================================================ Bob Parnass, AJ9S - AT&T Bell Laboratories - att!ihuxz!parnass (708)979-5414 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022322123200> Date: 23 Feb 90 22:12:32 GMT From: brian@ucsd.edu (Brian Kantor) Subject: Re: cop detectors To: misc-security@ucsd.edu On the other hand, a good quality scanner will hear the local oscillator on some of the older police radios in this town for more than a block or two. That's far enough away to slow down! Typically if you know the brand and model of radio, and the dispatch frequencies, you can easily figure the LO freq and there you are. - Brian ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003142244.AA08838@ucbarpa.Berkeley.EDU] <1990022323565200> From: ornitz@kodak.UUCP (Barry Ornitz) Newsgroups: misc.security Subject: Re: cop detectors Message-ID: <9003142244.AA08838@ucbarpa.Berkeley.EDU> Date: 23 Feb 90 23:56:52 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 37 Approved: security@rutgers.edu Posted: Sat Feb 24 00:56:52 1990 Actually, ignoring the other radios might be a trivial task if they operate on different frequencies than the police. The problem is that while a police department might only operate on a small number of frequencies, they can use any number of different brands and models of radios each having different intermediate frequencies. Thus, a number of local oscillator frequencies might have to be monitored. It might be possible in any given area for two different models of radios operating on two different frequencies to have the same local oscillator frequency, but it is not likely. Unfortunately, a first intermediate frequency of 10.7 MHz is standard for a large number of VHF radios. In this case the number of local oscillator frequencies is greatly reduced. Older models of many radios typically did not standardize on the IFs in common use today. A much more difficult problem is the issue of sensitivity. By FCC rules, local oscillator radiation must be attenuated to low levels. These levels are so low that detection would be nearly impossible over any useful range with today's radios. This was not the case with most receivers before the mid-1950s or so (the ones with the radiating local oscillators - RF amplifier stages were often not used ahead of the first mixer in early days). While the sensitivity of the detecting receivers has increased over the years, it has been inadequate to keep up with the decreasing amplitude of radiated LO signals. To conclude, I believe this to be a non-problem with equipment available to the ordinary burgler. While a pocket scanner might receive all of the local oscillator frequencies used by the local police, its detection range would likely be less than a hundred feet. ----------------- | ___ ________ | Dr. Barry L. Ornitz WA4VZQ | | / / | | UUCP: ....rutgers!rochester!kodak!ornitz | | / / | | Eastman Kodak Company | |< < K O D A K| | Eastman Chemical Company Research Laboratories | | \ \ | | P. O. Box 1972, Building 167B | |__\ \________| | Kingsport, TN 37662 615/229-4904 | | INTERNET: ornitz@kodak.kodak.com ----------------- ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022323565201> Date: 23 Feb 90 23:56:52 GMT From: kodak!ornitz@cs.rochester.edu (Barry Ornitz) Subject: Re: cop detectors To: misc-security@rutgers.edu Actually, ignoring the other radios might be a trivial task if they operate on different frequencies than the police. The problem is that while a police department might only operate on a small number of frequencies, they can use any number of different brands and models of radios each having different intermediate frequencies. Thus, a number of local oscillator frequencies might have to be monitored. It might be possible in any given area for two different models of radios operating on two different frequencies to have the same local oscillator frequency, but it is not likely. Unfortunately, a first intermediate frequency of 10.7 MHz is standard for a large number of VHF radios. In this case the number of local oscillator frequencies is greatly reduced. Older models of many radios typically did not standardize on the IFs in common use today. A much more difficult problem is the issue of sensitivity. By FCC rules, local oscillator radiation must be attenuated to low levels. These levels are so low that detection would be nearly impossible over any useful range with today's radios. This was not the case with most receivers before the mid-1950s or so (the ones with the radiating local oscillators - RF amplifier stages were often not used ahead of the first mixer in early days). While the sensitivity of the detecting receivers has increased over the years, it has been inadequate to keep up with the decreasing amplitude of radiated LO signals. To conclude, I believe this to be a non-problem with equipment available to the ordinary burgler. While a pocket scanner might receive all of the local oscillator frequencies used by the local police, its detection range would likely be less than a hundred feet. ----------------- | ___ ________ | Dr. Barry L. Ornitz WA4VZQ | | / / | | UUCP: ....rutgers!rochester!kodak!ornitz | | / / | | Eastman Kodak Company | |< < K O D A K| | Eastman Chemical Company Research Laboratories | | \ \ | | P. O. Box 1972, Building 167B | |__\ \________| | Kingsport, TN 37662 615/229-4904 | | INTERNET: ornitz@kodak.kodak.com ----------------- ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022323584600> Date: 23 Feb 90 23:58:46 GMT From: wales@cs.ucla.edu (Rich Wales) Subject: Re: Computer Forged Documents To: misc-security@uunet.uu.net The new Canadian $50 note includes a small metallic patch that changes color from gold to green, depending on the viewing angle. I assume the Bank of Canada (the government agency responsible for the money supply) plans eventually to introduce these feature on smaller notes as well. The current series of Canadian bank notes also use quite a bit of extremely small printing that presumably cannot be copied well. For example, the front central portion of the note contains line after line repeatedly saying "BANK OF CANADA 50 BANQUE DU CANADA 50" (substitute the appropriate number in place of "50" for other denominations). Also, there is a large field of wavy lines in a range of pastel colors; the lines themselves are made up of tiny "50"s (or whatever number corres- ponds to the value of the note). Additionally, Canadian bank notes are printed using an intaglio (raised relief) technique -- creating a texture that can be felt on all but very old notes, and which presumably cannot be duplicated by a copier. -- Rich Wales // UCLA Computer Science Department 3531 Boelter Hall // Los Angeles, CA 90024-1596 // +1 (213) 825-5683 "Then they hurl heavy objects. . . . And claw at you. . . ." ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003152055.AA12871@ucbarpa.Berkeley.EDU] <1990022406134500> From: kelly@uts.amdahl.com (Kelly Goen) Newsgroups: misc.security Subject: Re: Who (Specificly) has Morris' Worm Code? Message-ID: <9003152055.AA12871@ucbarpa.Berkeley.EDU> Date: 24 Feb 90 06:13:45 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 4 Approved: security@rutgers.edu Posted: Sat Feb 24 07:13:45 1990 the Internet worm code is also available from 2600 Magazine... as mr. spafford says it really isnt THAT special.... cheers kelly ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003152324.AA03037@ucbarpa.Berkeley.EDU] <1990022616202400> From: epstein@trwacs.UUCP (Jeremy Epstein) Newsgroups: misc.security Subject: Re: Answerback Message-ID: <9003152324.AA03037@ucbarpa.Berkeley.EDU> Date: 26 Feb 90 16:20:24 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 18 Approved: security@rutgers.edu Posted: Mon Feb 26 17:20:24 1990 I worked on one system that used answerbacks to automatically log users in (i.e., you dialed in, the system queried for the answerback code, and logged you in appropriately based on your answerback value). The reason was that TERMINALS were licensed, not USERS. Making the user log in was (a) worthless (since they would tape the login and password on the terminal), (b) aggravating to the naive users, and (c) a competitive disadvantage, since others in the same market didn't require it. In short, that particular customer would be VERY upset if answerback facilities were removed. Falsifying answerbacks wasn't a big problem, since they were picked randomly from a large universe of possible values. -- Jeremy Epstein epstein@trwacs.uu.net TRW Systems Division 703-876-4202 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022616202401> Date: 26 Feb 90 16:20:24 GMT From: trwacs!epstein@uunet.uu.net (Jeremy Epstein) Subject: Re: Answerback To: misc-security@uunet.uu.net I worked on one system that used answerbacks to automatically log users in (i.e., you dialed in, the system queried for the answerback code, and logged you in appropriately based on your answerback value). The reason was that TERMINALS were licensed, not USERS. Making the user log in was (a) worthless (since they would tape the login and password on the terminal), (b) aggravating to the naive users, and (c) a competitive disadvantage, since others in the same market didn't require it. In short, that particular customer would be VERY upset if answerback facilities were removed. Falsifying answerbacks wasn't a big problem, since they were picked randomly from a large universe of possible values. -- Jeremy Epstein epstein@trwacs.uu.net TRW Systems Division 703-876-4202 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022804270000> Date: Wed, 28 Feb 90 09:27 EST From: Subject: Bank card tricks in Toronto To: SECURITY@pyrite.rutgers.edu Here in Toronto about a year ago there was a story in the paper about a fellow who had the technology to make bank machine cards; ie, a card blank and a mag stripe recorder. He looked over people's shoulders at bank machines and memorized their access numbers, then picked up their receipt slips which they left on top of the garbage pile or threw on the floor. The slips have the card number on them; that's all he needed to make a duplicate. Since he knew each person's access code, you can guess the rest. (The story detailed his conviction, by the way; someone, somehow, convinced their bank that they weren't making these withdrawals.) What this means is that there needs to be no extra information on the card, just the account number (and the access code?). I always figured that each card itself had, essentially, its own access code, to convice the bank that it was valid, but I guess I overestimated the banks... Does anyone know if the access code is, in fact, also on the mag stripe? I always also assumed it wasn't (oh hopeful me) but some people claim it is. Chip Campbell Toronto Bitnet: campbell@utoroci ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022810253000> Date: Wed, 28 Feb 90 15:25:30 est From: Pete_Simpson@dgc.mceo.dg.com Subject: Re: cop detectors To: misc-security@ames.arc.nasa.gov CEO summary: When I'm in my car, I always have the 2-meter ham radio tuned to 145.27 Mhz. The state interdepartmental cop frequency is 158.97 Mhz. Whenever I drive through 2 towns in the area, I get an intermittent signal which will break my squelch. It only happens outside the PD or near a cruiser. They all have scanning receivers and the frequency difference is 13.7 Mhz, close enough to IF frequency for me. Apparently, there's enough local oscillator leakage out the antenna of some of the radios they're using to be detectable a block or so away. With the new wideband synthesised radios, the filtering is not tight enough to knock down the local oscillator signal enough (remember, it's only 10.7 Mhz away from the RX freq. and the band runs from 150 - 170 Mhz). ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9003160049.AA04915@ucbarpa.Berkeley.EDU] <1990022814270000> From: CAMPBELL@utoroci.BITNET Newsgroups: misc.security Subject: Bank card tricks in Toronto Message-ID: <9003160049.AA04915@ucbarpa.Berkeley.EDU> Date: 28 Feb 90 14:27:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 25 Approved: security@rutgers.edu Posted: Wed Feb 28 15:27:00 1990 Here in Toronto about a year ago there was a story in the paper about a fellow who had the technology to make bank machine cards; ie, a card blank and a mag stripe recorder. He looked over people's shoulders at bank machines and memorized their access numbers, then picked up their receipt slips which they left on top of the garbage pile or threw on the floor. The slips have the card number on them; that's all he needed to make a duplicate. Since he knew each person's access code, you can guess the rest. (The story detailed his conviction, by the way; someone, somehow, convinced their bank that they weren't making these withdrawals.) What this means is that there needs to be no extra information on the card, just the account number (and the access code?). I always figured that each card itself had, essentially, its own access code, to convice the bank that it was valid, but I guess I overestimated the banks... Does anyone know if the access code is, in fact, also on the mag stripe? I always also assumed it wasn't (oh hopeful me) but some people claim it is. Chip Campbell Toronto Bitnet: campbell@utoroci ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990022818054100> Date: Thu, 01 Mar 90 00:05:41 CST From: Mark Parr Subject: Re: Computer Abuse / Product Liability / Criminal Statutes / ECPA To: security@pyrite.rutgers.edu > What is Hacking? Is it what people did in the late 70's with Apple II >computers or Macs? Is it righting efficient code (theres plenty of people, With the different stuff happening over that last few years -- Internet Worm, viruses, computer fraud, etc. -- the almighty PRESS has given the term "HACKER" a bad rap.......it's about time they, as well as others, come up with new terms other than "hacker(s)" to describe these actions. [Moderator add-on: "Crackers" has been suggested many times. This is the press we're talking about, though... _H*] ----MESSAGE-END----