Happy Hacker Digest Feb. 17, 1997
This is a moderated list for discussions of *legal* hacking.
Carolyn Meinel. Please don't send us anything you wouldn't email
friendly neighborhood narc, OK? Send posts to .
To subscribe or unsubscribe,
use the subscribe boxes on the menubar. If you decide you
just want to
use the forum and not get these mailings, I promise my feelings
hurt if you unsubscribe from this list.
Happy hacking! The aim of the superior man is truth -- Confucius
URL 'O the Day: http://www.geocities.com/TimesSquare/Arcade/4594.
existent graphics but great writing quality and the best explanation
ever seen on how to search the Web for hacker information. This
soon also archive back issues of the Happy Hacker Digest in addition
GTMHHs it already hosts.
Table of Contents
Help for Dutch Hackers
More "Calm, Measured Discourse"?
I have been trying lately to finger some servers and have
managed it use it
Every time (well almost) I finger a server with @ it brings up
a list with
the users and it also presents their current status.. please
explain to me
what TTY is and what is meant by the user being idle. I think
I already know
what the latter means but just in case explain it plz
Moderator: TTY is the file that represents the user's terminal.
when you are logged on and you want to know how your connection
to the host
computer is represented, give the command "tty."
What does "idle" mean? Just what it sounds like.
However, could anyone help
me with the question of why "root" often turns up with
an idle time of days
or even weeks? I hope it doesn't mean someone has logged in as
root and left
that session open on an unattended terminal -- that would really
be a no-no.
HELP FOR DUTCH HACKERS
From: "server" <firstname.lastname@example.org>
Regarding the question of XS4ALL: XS4ALL is actually
one of the most
liberal providers in the Netherlands. They're actually
seen as one of the
pioneers and actively participate in the whole Internet Freedom
such as the Scientology issue. What I have heard, though,
is that they've
restricted shell access to limit access to more "sensitive"
could be restrictive to hackers. And BTW, I don't work
From: "M.Falsetti aka 1NV3rNoMu+0" <email@example.com>
>From: Nils van den Heuvel <firstname.lastname@example.org>
>I have been looking for a provider that offers shell accounts,
>found one in my country (Holland) that does, but they say:
>allow our users to hack servers outside of our domain (www.xs4all.nl),
>you can only hack our machines."
>Now, I have 2 questions:
>1) Is this really possible?
if I remember right, xs4all is a famous European group of
on the spot by newspapers during Optik's showtime, along with
underground.org .... so I think they mean JUST WHAT THEY
SAY .... ;)
>2) Is there a way to bypass their security, so I can hack
sure...if ya can be worthy as some1 tells they are <g>
PGP Public Key Fingerprint = C0 5A 47 F4 80 B8 9A D3 4D
1A BA 10 DC 38 FE A2
From: Nils Janson <email@example.com>
Although this has no bearing whatsoever on hacking (or, at
much of one) I felt the need to post this in a forum where I
get flamed. Anyway, I'm having trouble setting up a winsock
servers and other things. The reason that I'm having so
much trouble is
that I don't know how to set it up manually, and when I try to
installing winsock it doesn't recognize ISDN at all, so I don't
way of doing this. All the help texts that I've found are
in German or
are of no help whatsoever. Please please please please
please send all
responses to my email address, not post it in the newsletter.
From: Timothy Ward <firstname.lastname@example.org>
I believe if you move your dir's i.e. c:\base, c:\rpms to:
I believe that will solve this problem!
Moderator: We have a series of GTMHH in the works that cover
the statutes. In the meantime, for US cyberlaw info, see the
Internet site http://www.cyberlaw.com. The lawyer who runs this
Jonathan Rosenoer. He has also written an excellent book, _CyberLaw_,
Springer, 1997. He also puts out an ezine, Cyberlex. For more
Jonathan Rosenoer, Esq. | Kentfield, California, USA
email@example.com | www.cyberlaw.com
| Fax 415-461-4013
There is also a cyberlaw forum at http://www.infowar.com.
Please remember, when we discuss the law we are not lawyers
and we are not
offering you legal advice. We are simply discussing the law as
we are able
to understand it. Your best bet for staying out of trouble
is the Golden
Rule: if you are doing something to someone else's computer that
wouldn't want done to yours, don't do it!
Now our first post in this section today refers to the war
as well as to computer trespassing in general.
From: firstname.lastname@example.org (Code Of Law)
As far as I can tell, in section 156.10 labeled 'Computer
"A person is guilty of computer trespass when he
or causes to be used a computer or computer service without authorization
1, he does so with an intent to commit or attempt to commit
further the commission of any felony; or
2, he thereby knowingly gains access to computer material."
This is labeled as a class E felony
Still the section above (156.05) labeled 'Unauthorized
use of a
"A person is guilty of unauthorized use of a computer
knowingly uses or causes to be used a computer or computer service
without authorization and the computer utilized is equipped or
with any device or coding system, a function of which is to prevent
unauthorized use of said computer or computer system"
This is labeled a Class A misdemeanor. Now the difference
between a misdemeanor and a felony in these cases is quite great
someone is ever charged. I'm not quite sure how one would
difference between the two, except if someone was to break in
nothing(misdemeanor) or if they walked around the system(felony).
way it doesn't look too friendly.
This is all from the 1993 Looseleaf Law Publication
WW III is a guerilla information war, with no division between
military & civilian participation -- Marshall McLuhan
I've found a server that allows for it's passwd file to be
read/downloaded with an anon. ftp connection. Is this unusual,
standard? Is it illegal for me to download the file to
my home computer?
What would one do with the passwd file?
Moderator: I'll bet this availability of the password file
Since the server made no attempt to protect it, IMHO you probably
in trouble. What some hackers would do with this file is run
it through a
crack program to extract the passwords from the encrypted versions
probably found. But once you extract the clear text of these
may be breaking the law under the US Computer Fraud and Abuse
Act of 1986
amendments to 18 USC: Chapter 47,Section 1029. This prohibits
related activity that is made possible by counterfeit access
Penalty is a fine of $50,000 or twice the value of the crime
and/or up to 15
years in prison, $100,000 and/or up to 20 years if repeat offense.
>Since when is a war dialer software program illegal?! In
some counties in
>there are statutes against war dialing, but no federal laws
>software that does it.
Hey there... Better post this to the list so EVERYONE
Jerircho, as persuant to some ACT made by the FCC, making
calls before 8 AM and after 8 PM is illegal.
As for using war dialer software in the US, I would like you
to quote that
source. I know in Colorado there is a statue which makes it a
to "wardial without the intent to communicate" (not
exact words) in
Colorado Springs. In Denver, there is no such statute.
> Moderator: Email bombing is a denial of service attack.
If the attack
Stop. That is a blanket statement that is untrue in some cases.
email bomb someone by subscribing them to 1000 mail lists, and
sitting on a T3 or better, running a mail server with half a
gig of RAM,
and a few gigs for the mail spool, it is not a denial of service
You are not stopping them from using any service. You are simply
pain in the ass. If you do the same to someone on a P5/32M/1.2g
28.8 static connection, you are then denying them service.
If you are going to speak like this, make sure you fully qualify
Moderator: Hmm, does dimensional.com have a T1? Does that
mean you think it
would be OK to email bomb you? Have you ever tried to sort out
email messages from among 25 MB per day of email bomb spam? Maybe
for you, but for most people their email is as good as lost.
even have to close their accounts after getting email bombed.
Now that is
denial of service.
From: Strider <email@example.com>
Hmm...I've finally thought of a new handle! How does cL0ut
means Authority, Influence, and Muscle....just tell me what ya'll
MORE "CALM, MEASURED DISCOURSE"?
From: firstname.lastname@example.org (Will Munslow)
>From: "ruben d canlas jr" <email@example.com>
>> If I see a site that I personally find distasteful,
>> more gives me the right to persecute it and attempt
to get it removed than
>> it gives a nazi the right to attempt to destroy a Jewish
>mulder, thanks for bringing this up. it will set us to thinking
>deeply on the philosophy of protest, which I think is a natural
>aspect present in all hackers.
>I'd like to argue on two levels. here's the first:
>there is a big difference between arguing in the abstract
and in the
>concrete. for instance, you are using the nazi experience
>that violating children is not offensive.
I disagree. He did NOT say, "As the Jews were persecuted
religious beliefs, so are the child molesters." In fact,
he did not even
say child molester. He said that if he sees a site that he may
distasteful" he has no right to destroy it. Absolutely correct.
Now, back to
the original argument. Kiddie porn is illegal. Hacking is illegal.
Illegally hack illegal kiddie porn sites. Fine with me.
"I am." is the shortest complete sentence in the English
From: jsyn <jasonp@iAmerica.net>
At 10:54 PM 2/16/97 -0700, Damien Sorder wrote:
>> Moderator: Hackers can learn a lot from MLK, Gandhi
and Jesus. Too many
>> hackers get in trouble for a tendency to let being a
vigilante overstep the
>> bounds of the law. Cracking and email bombing come to
mind. Now possessing
>> war dialing software -- I haven't heard of that being
illegal, either. But
>> using it in the US sure is.
>I think you are on crack or something. To say a hacker can
>those three is a very poorly worded statement. I don't know
where to start
>on showing the craziness of this statement. It can be read
to mean only
>hackers can learn from these which is ridiculous. Or if you
>can learn something specific from their actions, then we
fall back to the
>argument on the definition of a hacker.
I agree that Carolyn's statement is off the wall and out of
place in this
>I also don't want to erupt this into a full religious
debate either, but I
can >assure you, that without a doubt, I can learn nothing
ESPECIALLY in >relation to hacking.
One day, you'll see...
10100110010011010101 jason e peel 0111001101001 jsyn 01100
11001 firstname.lastname@example.org 10010010100101101100100110101010
0011001100110010 SysadminProgrammerConsultantStudent 01101
Moderator: IMHO, trying to discuss ethics without referring
to experts in
ethics such as Jesus, Gandhi and Martin Luther King is like trying
discuss TCP/IP without referencing RFCs.