Classifying Information by Source
IDENTIFYING THE SECRET SHARING COMMUNITY
"I KNOW WHAT YOU ARE DOING, I KNOW WHAT YOU ARE DOING"
The childhood chant has validity in the world of BBS hacks and phreaks both in the
United States and in the rest of the world, free and otherwise. Hacker is a term used to
describe Telecommunications Hobbyists who explore the universe of computers. Phreaks
or Phreakers are oriented to exploring the universe of telephony and radio
communications. In recent years the orientations of the two formerly distinct areas has
merged. Sobczak has, in the past three years, located and logged on to more than 3000
BBS nationwide. We have a listing of in excess of thirty©five hundred BBS in the United
States and some two thousand in South America, Central America, Europe, Asia and
Australia Our estimate, considering individual part time BBS operated after school or work,
is that as many as 50,000 exist nationwide. They provide a wide range of raw information
which with proper analysis can provide insight into defense policy, trends and activities.
Particularly when free spirited employees discuss that which should be classified openly
among their peers on BBS.
A recent drug bust went sour because the drug kingpins are into computers, hacking out
and using derived radio frequencies to monitor law enforcement activities. In Queens, New
York someone heard Law Enforcement radio calls preparatory to the supposedly secure
drug raid. Early on a media report blamed the Fire Department for loose security. A review
of the backup tapes for the raid's communications will show the error was from a Police
radio. A major criminal involved in the operation walked away as the raiders assembled.
Later these facts were communicated upon a message type BBS. It could be that he
watched the raid while having breakfast at the corner luncheonette, a place called Louie's
We have been able to predict the potential for incursion in ARPANET, NSA and SAC
based upon the correlation of individual data items into a logical prognostication. We have
not been successful in gaining credibility with Intelligence Agencies and corporate security
organizations because of the mind set which requires large organization, proper higher
level educational credentials for all involved employees and acceptance by a traditional
mind-set oriented professional community. Sobczak informed a Brokerage that four VAX
telecommunications lines to the trading floor of the New York Stock Exchange were open
to hackers. They didn't believe this could be accomplished by hacker type individuals.
They continue to be hacked.
As in market research, when a universe is too cumbersome to evaluate, one creates
a test universe to determine the demographics of the larger universe. Sobczak chose to
reduce the universe of 3500 American BBS within our worldwide database to a more
reasonable 100 BBS some of which specifically claimed to be Phreak/Hack oriented
Bulletin Boards. The majority of our sources operate sporatically. Key words in messages
of general use BBS inform those with the appropriate level of privilege of when and where
to join in. Level of privilege is equivalent to the level of clearance to see classified data.
Hacker codes are seldom broken. Intelligence agencies do not have the capability to
comprehend the system. Most use compromised individuals (those caught in the act of
doing something wrong) to catch others doing wrong. Most high level hackers have been
involved with security at sometime in their past. They develop a sixth sense about the
integrity of individuals known only by handle (pseudonym) and reputation in a counter
culture oriented to game playing.
*****************************************************************
SAMPLE LIST OF THOSE CLAIMING TO BE HACKER BBS
BBS Name Phone Number Baud Sysop(s) Computer
1. The Junkyard IBM ....... 213-932-XXXX .24oo. Junkman I.B.M.
2. Rockin' Ranch .......... 516-XXX-7248 .24oo. Ranger Rick I.B.M.
3. AT-TEL 16 Bit .......... 812-446-XXXX .96oo. Mr. Hayes Atari ST
4. Time Zone .............. 914-XXX-1185 .24oo. The Watcher I.B.M.
5. Stranger Eyes .......... 818-409-XXXX .24oo. Jagged Edge I.B.M.
***************************************************************
Sobczak, Inc established our own criteria concerning the validity of the claim to credibility
of so called Hacker/Phreaker BBS. We chose to judge by the relevance of available
information, the current validity in relation to the amount and content of message
exchanges and the frequency of appearance of certain hacker/phreaker handles (user
id's). The number of BBS originating in South and Central America, Florida and within
ethnic communities could be an indicator if someone knew what to search for.
Within the 100 we were able to define ample categories, i.e.,
- Professional (esoteric)
- Professional (criminal intent)
- Software Exchanges
- Knowledge Exchanges (Anarchy Boards)
- Talk Shows
- Kiddie Shows
PROFESSIONAL BBS
The professional (esoteric) BBS has a very sophisticated repertoire of features.
It is very structured. It does not permit joking or typical hacker games. The SysOp is ego
oriented. His board, in his mind set, is best. Software is up-to-date, i.e., only the latest
versions and patches are posted. The software is verified and in some cases a review
of the library, available for trade, exists. Text (Knowledge) is equally current. Message
Boards (Talk Shows) are at a level which most participants of other boards could/would not
participate. Participation requires passing an interview with the sysop or a committee of
users whose potential rivals the state of the art in topics which range from electronic design
of circuits and electronic interdiction type boxes to sophisticated software development,
i.e., architectures, compilers,assemblers/disassemblers, etc. Vulgarity (Kiddie Shows) is
not tolerated and evokes instant elimination, i.e., expulsion from the BBS forever. The
download to upload rate is 3-1. Sometimes you pay for segments. A very legalistic tack
is taken to remove responsibility for the use of information collected by a user from the
Sysop and BBS.
*****************************************************************
SAMPLE OF LEGALISTIC APPROACH
{}{}{}{}{}{}{}{}{}{}{}{}
{} Knowledge is FREE {}
{} To a Good Hacker {}
{}{}{}{}{}{}{}{}{}{}{}{}
ONE CALL PER DAY PLEASE
LEARN IT OR LOSE IT.....
Much information in this system is user supplied and not scanned for content in all
cases.
We accept no responsibility for any information left by the users of this system.
We assume no liability for loss or damage caused directly, indirectly, or alleged to
be caused by information found herein.
The information found herein is for educational and informational purposes only.
Subsequent usage of this information is the sole responsibility of the user and
agrees by the act of entering this
system to release the operator(s) from all liability.
Our operators do not advocate the fraudulent use of any information contained in
this system. This is only
a forum for the discussion of given subjects.......
Do you agree to the conditions as set forth in the disclaimer? Y
Welcome to XXXX systems, dedicated to communications hobbyists of all types. In
this system you will find various topics of discussion; Fone Phreaking, Computer
Hacking, Amateur Radio, Amateur Satellite, Software trading and much more.....
*****************************************************************
CRIMINAL INTENT BBS
What we classify professional (criminal intent) is similar to the true professional. The
differences are the types of software and suggestions concerning the use of knowledge
and software border on criminal. The knowledge exchanged include telephone numbers,
passwords, access codes which provide unauthorized access to computers and telephone
switching equipments. By organizing inputs from a dozen or more sources Sobczak was
able to define the location of the Strategic Air Command Operations Computer XXX feet
underground to the Left by XXX feet of a major landmark on Offutt AFB, Omaha NE.
Further, indications of a connection to the Intelligence Data Handling System joins the IBM
4XXX to 3XXX to DEC VAX and UNISYS 1100 down to DOS based terminal networks.
Terms like CUBICS, DNAS, DNSIX, DODIIS seem to evoke target status in the minds of
free spirits seeking open information flow.
Whether you are protected by mainframe security or special National Computer Security
Center (an arm of the National Security Agency) approved systems, you are at risk.
Sobczak has text (70MB compressed) for thirty Operating Systems within the ARPAnet
TCP/IP and their integrated secure applications. Hacker text rivals Datapro, SRI and
Computer Security Institute publications. Discussions include detail of the target's security
and the controls the target has in place to monitor that security. Some very interesting
discussions provide tutorials concerning how a person might illegally enter and browse any
secure network. As an example, Sobczak has BBS documented access to many connect
nodes of ARPANET with an appropriate password/ID to assure entry. While the DTIC was
developing the LEAD firmware to protect the massive DROLS database, a hacker in the
daytime employ of the Government was creating a software bypass. He believes free
access in a democracy includes all data.
The list of topics in one library menu includes a title termed NASA BUST as a selection.
A novice following the instructions dials into the NASA SPAN Network. He has at his
disposal a universe of computing power never imagined by the unindoctrinated. If he is a
criminal, this unsecured access will permit him to place the repetitive WORM that the
media has documented several times in the last month back into the SPAN network. What
he does, once there, is his business. It is important to realize he achieved SPAN because
someone thought to provide access freely.
Messages ask for information which Sobczak would consider illegal. Dr. Sobczak
contacted New York Office of the U.S. Secret Service. A Special Agent explained that
possessing knowledge is not criminal. Use of knowledge is criminal. In the world
of Counter Intelligence Security there are too few computer generalists. Hackers explain
how to deal with investigators in many text files oriented to behavior during the raid on your
installation and the subsequent investigation by Law Enforcement officials. The primary
emphasis is on the lack of computer skills on the part of the raiders. Should Sobczak view
any indication of an attack upon our National Data Resources we always notify the
authorities. Unfortunately no Federal Law Enforcement agency has central responsibility.
A patriotic American citizen is, in many calls, wasting his time. It makes no sense to tell the
USAF that 12 bases in the souther part of the US were involved in the October 12th Virus.
All that occurs is that the person providing the warning is suspect. Sobczak notified the
U.S. Department of State that valid telephone numbers were listed on criminal intent BBS
for the U.S. Embassy in Bonn and U.S. Mission/NATO, Brussels. To date no one has shut
them off.
Sobczak Handles (pseudonyms) operating from a dozen or more locations have been
accepted in this pseudo criminal area, as in the esoteric. We have not committed any
crime or criminal act. We download programs from other boards and contribute a
great many questions and logical points of discussion.
We utilize dozens of handles from as many if not more locations including out of the way
"fortress" phones (Pay Telephones). We have a group of super patriots working with/for
us in several parts of the world. If we are dropped from a BBS for being uncooperative, we
switch handles, locations and participants while continuing to gather the knowledge we
seek. Our helpers follow a plan of operation but they freely interpret how to achieve our
stated goals thereby creating their own unique MO's. In this way we seldom are identified
as repeat performers.
MESSAGE BBS
Message Boards (Talk Shows) tend to be more vulgar. Vulgarity is used for emphasis.
As before, Kiddie shows, the ultimate low end BBS, are not tolerated. The download to
upload rate ranges from 6-1 down. When you attain the appropriate level of privilege you
enter an inner sanctum. Unfortunately, the price of open/full access is owning up to a
criminal act which the sysop can use to keep you from divulging the board's secrets.
*****************************************************************
SAMPLE MESSAGE BOARD
Msg # 153 of 450 Date: Sun 2-12-89, 2:14 pm From: STINGER
Read: 56 times
Subject: Listen
to this...i got it from an AT&T Newsline...
"Washington D.C. area pay fones have now been set to block all incoming calls so
drug dealers in the NW D.C. area cant use pay phones for there drug deals...Drug
dealers use pay phones since there home phones are more likely to be tapped and
traced by FBI officials, so they go to pay phones.."
that wasn't the FULL recording on the newsline, but you get the idea..heres another
one i heard a couple of days ago..
"National Security Officials have stated to the AT&T that terrorist hand grenades
placed very conspicuously in phone centers can disrupt the nations
communications and leave the U.S. phones useless....the officials state that more
security should be put at these phone centers in the event of an attack by hostile
forces so the communications would be safe.."
same thing here too...not all and complete version, but close enough...these
newslines are REAL interesting..they even give stock prices of AT&T daily, plus how
other companies are faring and they even talked about how the PA attorney general
(???) stated that the phone co. was not illegally abusing some phone workers
amendment rights when they put taps and traces on there line..(??????)
[A]gain, [R]eply, [F]orward, [P]rev, [N]ext, [Q]uit (?=Help):
*****************************************************************
Message Boards are the most difficult to track as most often they originate in a local PC
and have a limited clientele. The typical participant is a free thinking seeker of knowledge.
He will share his treasured phone numbers with people he feels have like ideals. In this
way a class of user originates. That user is predictable. A drug kingpin with a savvy hacker
on staff can own the BBS operation during off hours. Sobczak looks for, and at times has
stumbled across lists of Law Enforcement mobile (car to car to base), handheld
(walkie©talkie) and 2w©5w body wires. Incredibly, even the frequencies of the Witness
Protection Program are suspect. Handles such as SUPERNIGGER give insight into the
foregoing. So as not to be racist Sobczak suggests that SUPERNIGGER should be of
interest to DIA and AFOSI.
SOFTWARE EXCHANGE BBS
Software exchanges are in fact vast libraries. The better exchanges have 200MB or above
in available software. Many problems exist for potential customers as poor programming,
bad hacking and maliciousness abound. Programs such as SUG.COM, a vicious trojan
horse which destroys data, abound in this environment. However, with judicious
selection, a cornucopia of excellent utility software can be amassed. New strains of
corruption/VIRUS are readily available on these boards before they filter to their less
sophisticated counterparts. These boards serve as distribution hubs. Properly
managed, they offer an astute government entity the potential to cripple low end hacking
while destroying information credibility which drives the choice of other free spirits to
become hackers.
***************************************************************
SAMPLE SOFTWARE EXCHANGE
Master File Listing for The XXXXXXXXX BBS
DIR 3 - Main Board Dir 3 Miscellaneous
SPANISH1.ZIP 35607 05-15-88 Spanish teaching program 1 of 3
SPANISH2.ZIP 33656 05-15-88 Spanish teaching program 2 of 3
SPANISH3.ZIP 22595 05-15-88 Spanish teaching program 3 of 3
SPEECH.ZIP 23308 01-20-88 make your computer talk !
SPLAT.ZIP 4322 02-07-89 EGA demo of paint splats
SSTV.ZIP 20807 01-26-88 Slow Scan TV program for HamRadio.
STIKME10.ZIP 54016 03-24-89 GREAT LABEL MAKER (WONDERFULL)
STRESS.ZIP 3578 06-14-88 stress analyzer
SUG.ZIP 1798 02-21-89 put near subliminal messages on your screen
SUMACS.ZIP 27233 07-18-88 good trs key macro prog
TALK.ZIP 91402 06-27-88 makes your pc talk can be included in a batch
TASK.ZIP 1844 12-16-88 Multi-task utility
TD130.ZIP 27662 07-22-86 Ansi drawing program, an oldie but not bad
TDRAW310.ZIP152661 09-27-88 best ansi drawing program around
*****************************************************************
Sobczak, Inc collected about 3000 hacker developed utilities. In the DOS operating system
we have validated and certified 750 as Virus/problem free. The matrix of backdoors,
trapdoors and undocumented features identified during this certification process became
the basis for V-PHAGE, Sobczak's commercial product to secure bounded execution of
mainframe DES/DAC on a microcomputer.
KNOWLEDGE (ANARCHY) BBS
Knowledge exchanges are typically anarchy boards. If one is intent upon building a
bomb, sabotaging autos and like equipment, shutting down communications, etc., these
are the places to look. The knowledge available is not as current as that of the
professional BBS, yet it is voluminous and has applicability to many older weapons
systems. This knowledge is most dangerous as the components of devastation are
available for pennies from electronic hobbyist stores in new and used condition.. The re-
engineering of a Tesla Coil can paralyze a telephone system (AUTOVON or AUTODIN).
Text exists which range from converting a standard telephone to an AUTOVON (1366
machine)using scrap electronic parts. Current DOD and Service telephone directories are
available at the overview and base levels. A tesla coil episode happened in boulder CO
years ago. Common household supplies can create napalm, poisons to destroy a water
supply and explosives of untold force. A trained hacker rivals the best SOF/Delta Force
technician. Again, this knowledge is not considered criminal by Law Enforcement until
after the crime has occurred.
*****************************************************************
SAMPLE ANARCHY BOARD
The following is a list of the
available text files. All files
are in ascii format, and are
to be captured in your buffer.
Press 'S' to stop a listing.
Press 'P' to pause.
1:Demolition-Art of destruction
2:Demolition-Part two of Demo1
3:Make an explosive pen
4:How to get revenge:Part one
5:How to get revenge:Part two
6:Shifting Satellites
7:Homemade Waveguides
8:Microwave shock waves
9:Create a Thermite Reaction
10:Homemade Nuclear Reactions?
11:Fun, cruel things to do
12:Making a Napalm bomb
13:Making a pipe bomb
14:Making Nitro-Triiodide
15:Making a Black Box
16:Hotwiring a car
17:Fiber optics security
18:Jam
19:Making a letter bomb
20:Murphy's laws
21:Making a match-head bomb
22:Electromagnetics for Pricks
23:Bypass the rules
*****************************************************************
TALK SHOWS
Talk shows come and go. Usually a group of high schoolers or junior college students
begin to exchange messages on a specific topic. Then, if the topics are controlled and
interesting,they grow into a one topic BBS. A good topic such as VIRUS made the
VIRUS-L Board a success. The Sobczak intelligence methodology allows us to know
where and when to be listening to keep a pulse on the direction and pace of the exchange.
Talk show participants are a resource for the development of insight. When Sobczak, Inc
studied the potential of a prescribed wave to penetrate the brain blood barrier, we learned
of Soviet experiments with microwave and the Moscow Embassy attack. Without guile, a
hacker offered the dial-up of the VAX cluster used by the Radiation Science Division at
Brooks AFB. A West German Hobbyist explained how he destroyed electronic ignitions
by accident while trying to shift the orientation of a communications satellite. The sum of
the collected talk allowed the generation of a prescribed wave weapon which seemed to
function as dastardly as it sounds. Comments contributed ranged from experience to
unthought of sources of new knowledge to offers to build and test the result of our
research.
KIDDIE SHOW
The Kiddie show is a low end combination of software, knowledge and messages. They
are couched in four letter filth and error. The basis of communication appears to be "who
can outboast whom." Copies are from the software distribution boards. They perform a
function in that braggarts who are shunned by other BBS dump their information here so
as to build their ego. Being forced to listen to a kiddie show is redeemed solely by the
occasional real intelligence from individuals not tolerated on better boards. A major bank
was made suspect by the bragging of a frustrated individual. He explained the methods
to enter an ATM (automatic teller machine) to gain credibility of his Kiddie counterparts.
The logic posted was tested and worked as documented by the media.
A Chief (apparently an USAF idiom) at SAC posted frequencies for SAC flights in the
continental US and Canada so his credibility would rise. Were we sociologists we might
suggest that those seeking to sell secrets are to be located here. If caught no one would
believe them to be rational.
*****************************************************************
SAMPLE KIDDIE SHOW (The BBS named in this sample is out of business)
Agree To That....Him And His Eleech BBS
What A Computer Nerd....Geek...
The Protector!!
(BY SNAKE EYES Tues 9/ 23/ 88 )
Hey Protector! Remember In Curtis That
Fat Sh©© Wolverine! HAHAHA!!!! HAHAHA!
Hey Users Of Hacks'R'Us
Protector Goes To My School Curtis
High He Is In 9th And Im In 10th He
Hangs With a Bunch A Nerds!! When I
Know The Whole S]<00l And /<iss All
The Girls!! He Just Hangs Back With
His Little Nerds! Mirage,Mirage's
Brother,Tom Sawyer,Porky,Wolverine
Protector,Andy Hope,Me,Fat Wolverine
,King Cobra,King Khon Goto CURTIS #1!
(BY HERBIE MUNSTER Mon 9/ 25/ 88 )
*****************************************************************
Sobczak has identified certain boards, across the spectrum described above, which tend
to maintain the pulse of the hacker/phreaker community. Outside the U.S. Government
our only research concerning intelligence characteristics and potential relevance to
computer security is in telephony.
We provided telephone numbers with PINS that are being misused. We have provided
knowledge of our intelligence logic to every Federal Security Agency and to the Security
Directors of many Cabinet level agencies. Amazingly most get burned (suffer the
consequences of a hacker attack) before they become believers. Some more than once.
As mentioned, Sobczak has compiled a sample of a typical professional level
Hacker/Phreaker BBS session. The ability to produce this data is an indication of what is
available to those who seek to breach an agencies or a corporation's computer security.
Sobczak has presented this knowledge and hardcopy backed up data to the CIA, Secret
Service, FBI, NSA, AFOSI, Army ITAC, and the DEA. In early April 1989, Sobczak
informed SDI/SI (no one else would listen) that an NSA computer was corrupted by the
Pearson Virus, a derivative of the Missouri class. The data concerning the occurrence was
on select BBS within hours of the occurrence. Further, the BBS informant knew the leak
was of interest to the NSA's Internal Operations Security Support Office or Staff (please
notice that freedom seekers have access to almost anything our government holds secret).
The documentation concerning the incident in the United States premier Top Secret
organization listed a cast of participants by name. The NSA explanation for the breach
was made and is flawed. They blame a corrupted software product included in the book
DOS POWER TOOLS. A hacker proved statistically using manufacturer supplied
production and sales data that the NSA logic is improbable. Another hacker suggests that
he and dozens of others have breached NSA security. The magazine 2600 (oriented to
hobbyist hardcopy exchanges) lends credibility to this assertion. They provide both NSA
and CIA the access points, ID's and passwords to dozens of supposedly secure systems
that hackers have tired of violating.
SUPPLEMENTING THE BBS
The collection of intelligence concerning hacker/phreaker activities goes beyond BBS.
It can involve DTIC, NTIS, Executive Level department DBMS, personal contacts, and
luck. Sobczak followed a message exchange on a Message Board BBS which degraded
into the exchange of frequencies used by DEA and local law enforcement for mobile, hand
held and body wires. It seems that well financed drug dealers are utilizing BBS as points
of contact locally and internationally. In the six months since our first warning to DEA no
one has attempted to verify our finding. The insecurity is nerve racking when one considers
that bureaucrats refuse to acknowledge weakness in the very fibre of national security.
Media documented that all FAA in-flight collision warning lights were invoked
simultaneously in the NYC area. Blame fell to a programmatic system overload. Was it
so? The FAA had better hope that the logic is not placed in the public domain. It could
prove both embarrassing and dangerous.
A hacker claims to have held an AT & T microwave tower hostage. Columbus OH press
agree. AT & T and the FCC refused to verify the happening. In Europe, a hacker trying
to shift a satellite destroyed an auto manufacturers electronic ignitions thereby offering the
potential to immobilize the modern world economies. Is it fact or fiction? Your prospective
is formed by the amount of validity which accrues to Hackers and BBS content. Sobczak
suggests that our existing capacity is such that we might accomplish all of the foregoing.
The careful analysis of the knowledge you see passing before you allows the structuring
of a uniquely targeted conclusion concerning a target universe. It also allows you to key
upon those actions which are appropriate to the solution of problems.
The ARPANET incursion is a reasonable topic to define the intelligence available from
BBS. Sobczak has copies of NSA Director, Admiral Stadman's memorandum, which was
written by a Navy Commander named Vaurio, We read upon about the availability of the
documents, i.e.cover letter, MIT Project Athena Report, and draft letters for the signature
of the Secretaries of Defense and Commerce, on BBS. Sobczak traded software for hard
information. We now own the photostats of the original documents.
The characteristics NSA reported upon were:
1. Denial of service made Virus visible
2. Was a prototype not tested
3. Canvased/etc/passwd and copied
4. Scanned selected keywords (see following section)
5. Dormant until triggered
6. Corrupts backup procedures
7. Classified networks were at risk
Next, needs were discussed. Names such as Dave Pare at UUCP and Clifford Johnson
at Stanford were on boards. Someone asked if IDHS and DEFSMAC were at risk. They
were/are. A hacker named Kevin Mitnick verified this by entering the NORAD command
post computer. Someone else asked about nuclear risk. There was none although it is
possible that missile silo network communications are corrupt. Someone said Vince
Mannis blamed poor procedures. We never did attempt to identify MT.XINU. Nor did
we feel that the disassembly of CRACKSOME to four levels was necessary. Sobczak
has copies of the Seely, Cornell, MIT and DoD reports. This is more than most security
agencies have available to them. We suspect this assertion because some secure entities
want to trade with us.
