DOCSLIB.ORG

A Summary of Hacking Organizations, Conferences, Publications, and E

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

A Summary of Hacking Organizations, Conferences, Publications, and E... http://www.cse.wustl.edu/~jain/cse571-07/ftp/hacking_orgs/ A Summary of Hacking Organizations, Conferences, Publications, and Effects on Society Alisha Cecil [[email protected]] Abstract Since the early 1970's, hackers have been prevalent throughout the computing world. Two main categories of Hackers have evolved: the Open Source and Free Software group and the Security Hackers group. This paper details some of the more notable groups and individuals of each 'category' of hackers, the effects of hacking on society, as well as conferences and publications that they are responsible for that have contributed to the modern hacking world. Table of Contents 1.0 Introduction 2.0 Hacking Sytles 3.0 Hacker Etiquette & Ethics 4.0 Hacking Groups & Individuals 4.1 Open Source & Free Software Hackers 4.2 Security Hackers 4.2.1 Chaos Computer Club (CCC) 4.2.2 Legion of Doom (LoD) 4.2.3 The Mentor 4.2.4 cDc Communications 4.2.5 Shadow Crew 5.0 Hacker Conferences 5.1 Chaos Communication Congress 5.2 SummerCon 5.3 HoHoCon (or Xmas Con) 5.4 DEF CON 5.5 Hackers on Planet Earth (H.O.P.E.) 5.6 Black Hat Briefiengs 6.0 Hacker Publications 6.1 2600: Hacker Quarterly 6.2 Phrack 7.0 Hackers Effects on Society 8.0 Summary List of Acronyms References 1.0 Introduction Since the early 1970's, hackers have been prevalent throughout the computing world. They come in all shapes, 1 of 16 12/19/2007 5:12 PM A Summary of Hacking Organizations, Conferences, Publications, and E... http://www.cse.wustl.edu/~jain/cse571-07/ftp/hacking_orgs/ sizes, and colors. Some act with good intentions, others with ill intentions, and yet others with a mixture of both. No matter what the intentions were, the outcomes of their actions affected the world in some way. New organizations, such as Microsoft and Apple were founded and a new 'open and free' attitude towards software development evolved. However the good came along with the bad. Some hackers were more interested in their own personal gain and strived to circumvent security measures that existed. The rest of this paper details some of the more notable groups and individuals of each 'category' of hackers, the effects of hacking on society, as well as conferences and publications that they are responsible for that have contributed to the modern hacking world. Figure 1 below provides a timeline of the notable events that are discussed in this paper. Before beginning the discussion on the different groups, it is first important to be aware of the different styles of hacking that exist. Figure 1: Hacking History [Timeline07] Back to Table of Contents 2.0 Hacking Styles When you hear the word HACKER you typically think of a person who has gained access to a system they do not have permission to access. It is generally perceived with a negative connotation. A hacker can in fact be a person who acts in a legal or illegal way. According to Wikipedia, three categories of hackers exist. A White Hat hacker is a person who engages in ethical hacking. These include members of the open source and free software movement as well as home computer hobbyists. White Hat hackers do not participate in illegal activities, as opposed to a Black Hat hacker who illegally engages in computer trespassing. Black Hat hackers 2 of 16 12/19/2007 5:12 PM A Summary of Hacking Organizations, Conferences, Publications, and E... http://www.cse.wustl.edu/~jain/cse571-07/ftp/hacking_orgs/ generally have a malicious intent and carry out activities that will negatively affect others. The third category of hackers that has evolved is the Grey Hat hacker. Grey Hat hackers are a hybrid of white and black hat hackers. They sometimes act legally with good intentions, while other times illegally for their own personal gain. [Hacker07] Now that the different styles have been described, it is important to understand the high-level theories to which there actions can be derived. Back to Table of Contents 3.0 Hacker Etiquette & Ethics Hacker Ethic is a term that was first used in Hackers: Heroes of the Computer Revolution written by American journalist Steven Levy in 1984. The ideology behind hacker ethics came from the values of the hackers at the MIT Artificial Intelligence Laboratory. The key points are as follows: [Hacker07] "Access to computers - and anything which might teach you something about the way the world works - should be unlimited and total. Always yield to the Hands-on Imperative!" "All information should be free." Mistrust authority- promote decentralization." Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position." "You can create art and beauty on a computer." "Computers can change your life for the better." The difference between how these principles are put to use is all in how they are construed. For example Black Hat hackers may read the first principle, access to computers, as right to obtain access in any way possible from any system in the world at any cost. The Jargon File, a glossary of hacker slang created in 1975 from multiple technical cultures, also provides a definition of hacker ethic [HackerEthic]. 1. "The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source code and facilitating access to information and to computing resources wherever possible." 2. "The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality." Most hackers accept the term hacker ethic as in number one above. There are a few groups, such as GNU, that go further and believe all information should be free and any proprietary control of it is bad. Definition two is a bit more controversial. Some see the act of cracking as unethical, while others believe that 'ethical' cracking excludes destruction and therefore see themselves as harmless crackers. With this view they see it as a good thing that they can break into a system and then notify the administrator exactly how the system was compromised and how they can fix it. More generally, hacker ethic "is that almost all hackers are actively willing to share technical tricks, software, and possibly computing resources with other hackers" [HackerEthic]. The groups and individuals discussed below have done exactly that. They have shared knowledge in the form of new software suites, vulnerability detection, as well as general computing information with the rest of the world. Back to Table of Contents 3 of 16 12/19/2007 5:12 PM A Summary of Hacking Organizations, Conferences, Publications, and E... http://www.cse.wustl.edu/~jain/cse571-07/ftp/hacking_orgs/ 4.0 Hacking Groups & Individuals There are two main categories of hackers: Computer Security hackers and Open Source and Free Software hackers. 4.1 Open Source & Free Software Hackers Hackers who fall in the open source and free software category are white hat hackers who see software design as an art form and build programs lightheartedly. This group was developed in the 1960's by academic hackers working with minicomputers and in the computer science field. In the 1990's it became more of what we know as the free software and open source movement. Hackers in this group typically work in the open and go by their real name. They often look down on security hackers and refer to them as crackers. Programmers working in the academic culture will modify existing code or resources to achieve their end goal. Major contributors to this group include Linus Torvalds, creator of Linux, as well as Dennis Ritchie and Ken Thompson, creators of the C Programming Language. Richard Stallman, founder of the GNU project, is also a contributor to this group. Stallman also founded the Free Software Foundation in 1985. Table 4.1 below is a list of some of the more popular free software products that exist. To view a complete list of products visit http://directory.fsf.org/. Table 4.1: Abbreviated Free Software List [FreeSoftware] Free Software Description GNU OS Linux OS SAMBA File-sharing Radius Remote authentication and accounting system Eclipse Java based Integrated Development Environment EMACS Extensible, real-time editor OpenSSH Free implementation of SSH1 protocol Mozilla Internet Browser FireFox Lightweight Browser Wireshark Network Protocol Analyzer Thunderbird Redesign of Mozilla mail component Open Office Complete office suite MySQL Relational database management system In the late 1970's, with the availability of the MIT's Altain, hobby hacking became popular. Members of this home computing genre, Hobbyists, focus mainly on commercial computer and video games, software cracking, and modification of computer hardware and other electronic devices (modding). The creator of Apple I and II series computers, Steve Wozniak, and the co-founder and chairman of Microsoft, Bill Gates are two individuals that prospered in this era [Hacker07]. All of these individuals worked under the realm of definition one of the Hacker Ethic of the Jargon File, unlike their counterparts the security hackers who more closely followed definition two. 4.2 Security Hackers 4 of 16 12/19/2007 5:12 PM A Summary of Hacking Organizations, Conferences, Publications, and E... http://www.cse.wustl.edu/~jain/cse571-07/ftp/hacking_orgs/ Hackers in the security hacking category are mostly black hat hackers working with ill intentions. Some groups and individuals however could better be categorized as grey hat hackers. This category of hackers prefers to be secretive and will often use an alias to conceal their true identity.
Recommended publications
  • UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations

    UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations

    UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations Title A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Permalink https://escholarship.org/uc/item/6w76f8x7 Author Swift, Kathy Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA Santa Barbara A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Education by Kathleen Anne Swift Committee in charge: Professor Richard Duran, Chair Professor Diana Arya Professor William Robinson September 2017 The dissertation of Kathleen Anne Swift is approved. ................................................................................................................................ Diana Arya ................................................................................................................................ William Robinson ................................................................................................................................ Richard Duran, Committee Chair June 2017 A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Copyright © 2017 by Kathleen Anne Swift iii ACKNOWLEDGEMENTS I would like to thank the members of my committee for their advice and patience as I worked on gathering and analyzing the copious amounts of research necessary to
  • (U//Fouo) Assessment of Anonymous Threat to Control Systems

    (U//Fouo) Assessment of Anonymous Threat to Control Systems

    UNCLASSIFIED//FOR OFFICIAL USE ONLY A‐0020‐NCCIC / ICS‐CERT –120020110916 DISTRIBUTION NOTICE (A): THIS PRODUCT IS INTENDED FOR MISION PARTNERS AT THE “FOR OFFICIAL USE ONLY” LEVEL, ACROSS THE CYBERSECURITY, CRITICAL INFRASTRUCTURE AND / OR KEY RESOURCES COMMUNITY AT LARGE. (U//FOUO) ASSESSMENT OF ANONYMOUS THREAT TO CONTROL SYSTEMS EXECUTIVE SUMMARY (U) The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting inDustrial control systems (ICS). This proDuct characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS‐CERT) in coordination with the other NCCIC components. (U//FOUO) While Anonymous recently expressed intent to target ICS, they have not Demonstrated a capability to inflict Damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methoDs, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web‐based applications and windows systems) by employing tactics such as denial of service. Anonymous’ increased interest may indicate intent to Develop an offensive ICS capability in the future. ICS‐CERT assesses that the publically available information regarding exploitation of ICS coulD be leveraged to reDuce the amount of time to develop offensive ICS capabilities. However, the lack of centralized leadership/coordination anD specific expertise may pose challenges to this effort. DISCUSSION (U//FOUO) Several racist, homophobic, hateful, and otherwise maliciously intolerant cyber and physical inciDents throughout the past Decadea have been attributeD to Anonymous, though recently, their targets and apparent motivations have evolved to what appears to be a hacktivist1 agenda.
  • Ethics in Security Testing

    Ethics in Security Testing

    Ethics in Security Testing Title Prepared by: Nick Dunn, Managing Security Consultant Table of contents Executive summary ................................................................... 3 Introduction ................................................................................4 Professional ethics .................................................................... 6 The hacker ethic ........................................................................ 9 Reconciling the ethical stances ............................................... 12 Conclusion ............................................................................... 16 References .............................................................................. 18 About NCC Group ................................................................... 20 2 NCC Group Whitepaper ©2018 Executive summary This paper discusses the similarities and differences between professional ethics in the information security industry and ethics in the hacker community. Sources of conflict between the two and shared values of the two are discussed in order to find some reconciliation and come to an understanding of how a shared set of ethics is possible. A reconciled set of ethics allows hackers to function within the corporate world without compromising their principles and allows the commercial world to benefit from some of the more progressive ideas within the hacker community. A reconciled set of ethics allows hackers to function within the corporate world without compromising their principles
  • Underground Hacker Markets ANNUAL REPORT—APRIL 2016

    Underground Hacker Markets ANNUAL REPORT—APRIL 2016

    Underground Hacker Markets ANNUAL REPORT—APRIL 2016 1 Underground Hacker Markets | APRIL 2016 Contents 3 Introduction: Welcome Back to the Underground 4 Price List for Hacker Goods and Services 7 Russian Hackers Expand their Working Hours and Use Guarantors to Ensure Customers’ Happiness 9 Hacking Services for Hire 11 Business Dossiers for Companies in the Russian Federation Bank Account Credentials, Tax Identification Numbers (TINS), Articles of Incorporation, Phone Numbers, Lease Agreements 12 Hacker Goods for Sale Bank Accounts, Popular Online Payment Accounts, Airline Points Accounts, Credit Cards, Hacker Tutorials…You Name It 16 Is ATM Skimming Passé? Not on Your Life. 19 Security Measures for Protecting Against Cyber Threats 22 Conclusion 23 Glossary of Terms 2 Underground Hacker Markets | APRIL 2016 Introduction: Welcome Back to the Underground For our 3rd Annual Underground Hacker Markets Report, Dell SecureWorks engaged two of our top intelligence analysts from our CISO INTEL Team. The team members spend time tracking hackers on the numerous underground hacker forums and marketplaces all over the world. While much of the cybercrime hitting organizations throughout the world is the result of cooperation by hackers working outside the confines of publicly-accessible marketplaces, these underground forums provide a small window into the world cybercriminals occupy. In this report, we concentrated on marketplaces located on the Russian Underground and on English-speaking marketplaces between Q3 2015 and Q1 2016. Just as we did in the 2013 and 2014 Underground Hacker Reports, we wanted to see if any trends had emerged. For example, did prices for popular hacker goods such as stolen bank accounts, credit cards, and malware go up or down? What about services such as Distributed Denial of Service (DDoS) attacks or hacking company databases? Not only did we answer those questions, but we also found some intriguing new products for sale and some interesting new trends as well.
  • Cyber Crime and Cyber Terrorism Investigator's Handbook

    Cyber Crime and Cyber Terrorism Investigator's Handbook

    CHAPTER Cybercrime classification and characteristics 12 Hamid Jahankhani, Ameer Al-Nemrat, Amin Hosseinian-Far INTRODUCTION The new features of crime brought about as a result of cyberspace have become known as cybercrime. Cybercrime is growing and current technical models to tackle cybercrime are in- efficient in stemming the increase in cybercrime. This serves to indicate that further preventive strategies are required in order to reduce cybercrime. Just as it is important to understand the characteristics of the criminals in order to understand the motiva- tions behind the crime and subsequently develop and deploy crime prevention strate- gies, it is also important to understand victims, i.e., the characteristics of the users of computer systems in order to understand the way these users fall victim to cybercrime. The term “cybercrime” has been used to describe a number of different concepts of varying levels of specificity. Occasionally, and at its absolute broadest, the term has been used to refer to any type of illegal activities which results in a pecuniary loss. This includes violent crimes against a person or their property such as armed robbery, vandalism, or blackmail. At its next broadest, the term has been used to refer only to nonviolent crimes that result in a pecuniary loss. This would include crimes where a financial loss was an unintended consequence of the perpetrator’s actions, or where there was no intent by the perpetrator to realize a financial gain for himself or a related party. For example, when a perpetrator hacks into a bank’s computer and either accidentally or intentionally deletes an unrelated depositor’s account records.
  • Lezione 2 Cenni Storici Sviluppo Di Software Sicuro (9 CFU), LM Informatica, A

    Lezione 2 Cenni Storici Sviluppo Di Software Sicuro (9 CFU), LM Informatica, A

    Lezione 2 Cenni storici Sviluppo di software sicuro (9 CFU), LM Informatica, ! ! 2"2"#2"2$ Dipartimento di Scienze Fisic&e, Informatiche e Matematiche Universit' di Modena e Re))io *milia http+##we,la,!ing!unimore!it/people#andreolini#didattica#sviluppo-software-sicuro 1 Quote of t&e da/ (Meditate, )ente, meditate!!!) “If history repeats itself, and the unexpected always happens, how incapable must Man be of learning from experience.” 0eor)e Bernard S&aw (1234 – 193") Scrittore, drammatur)o, lin)uista, critico musicale utore de “Il Pigmalione8 2 Sir John mbrose Fleming (12:9-$9:3) (;he electrical en)ineer and ph/sicist) Inventore, in)e)nere, radiotecnico, elettrotecnico! Inventore del diodo e della valvola termoionica! Consulente (fra le altre) della Marconi <ireless ;ele)rap& Compan/! 3 Jo&n Nevil Mas>el/ne ($2?9-$9$@) (;he ma)ician) Mago. Inventore del ,agno pu,,lico 6a )ettone8! Fondatore del 6Comitato Occulto8 (antesi)nano dellBodierno CIC 7)! 1903: Mas>elyne rovina una dimostrazione pu,,lica del tele)rafo 6sicuro8 senza Cli (svolta da Flemin))! (iesce ad inviare insulti in codice Morse!.. 4 Eni)ma (1924) (;&e encr/ption#decr/ption machine) Macc&ina elettro-meccanica usata per cifrare e decifrare messa))i! Usata dalla <e&rmac&t durante la Seconda Guerra Mondiale! Considerata indecifrabile per lun)o tempo! 5 rthur Scher,ius (12@2-$929) (LBinventore di *nigma) In)e)nere tedesco! 1918: ,revetta Eni)ma (macc&ina cifrante ,asata su rotori)! 1926: la Marina Militare tedesca adotta una variante di Eni)ma per le sue comunicazioni cifrate! 6 LBEnigma militare (LBinventore di *nigma) Uso di un pannello di controllo ag)iuntivo (detto 6plu),oard”) per offuscare ulteriormente il processo di cifratura.
  • PC Magazine Fighting Spyware Viruses And

    PC Magazine Fighting Spyware Viruses And

    01_577697 ffirs.qxd 12/7/04 11:49 PM Page i PC Magazine® Fighting Spyware, Viruses, and Malware Ed Tittel TEAM LinG - Live, Informative, Non-cost and Genuine ! 01_577697 ffirs.qxd 12/7/04 11:49 PM Page ii PC Magazine® Fighting Spyware, Viruses, and Malware Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256-5774 www.wiley.com Copyright © 2005 by Wiley Publishing Published simultaneously in Canada ISBN: 0-7645-7769-7 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 1B/RW/RS/QU/IN No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, e-mail: [email protected]. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials.
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used

    Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used

    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
  • Paradise Lost , Book III, Line 18

    Paradise Lost , Book III, Line 18

    _Paradise Lost_, book III, line 18 %%%%%%%%%%%%%%%%%%%%%%%% ++++++++++Hacker's Encyclopedia++++++++ ===========by Logik Bomb (FOA)======== <http://www.xmission.com/~ryder/hack.html> ---------------(1997- Revised Second Edition)-------- ##################V2.5################## %%%%%%%%%%%%%%%%%%%%%%%% "[W]atch where you go once you have entered here, and to whom you turn! Do not be misled by that wide and easy passage!" And my Guide [said] to him: "That is not your concern; it is his fate to enter every door. This has been willed where what is willed must be, and is not yours to question. Say no more." -Dante Alighieri _The Inferno_, 1321 Translated by John Ciardi Acknowledgments ---------------------------- Dedicated to all those who disseminate information, forbidden or otherwise. Also, I should note that a few of these entries are taken from "A Complete List of Hacker Slang and Other Things," Version 1C, by Casual, Bloodwing and Crusader; this doc started out as an unofficial update. However, I've updated, altered, expanded, re-written and otherwise torn apart the original document, so I'd be surprised if you could find any vestiges of the original file left. I think the list is very informative; it came out in 1990, though, which makes it somewhat outdated. I also got a lot of information from the works listed in my bibliography, (it's at the end, after all the quotes) as well as many miscellaneous back issues of such e-zines as _Cheap Truth _, _40Hex_, the _LOD/H Technical Journals_ and _Phrack Magazine_; and print magazines such as _Internet Underground_, _Macworld_, _Mondo 2000_, _Newsweek_, _2600: The Hacker Quarterly_, _U.S. News & World Report_, _Time_, and _Wired_; in addition to various people I've consulted.
  • Coleman-Coding-Freedom.Pdf

    Coleman-Coding-Freedom.Pdf

    Coding Freedom !" Coding Freedom THE ETHICS AND AESTHETICS OF HACKING !" E. GABRIELLA COLEMAN PRINCETON UNIVERSITY PRESS PRINCETON AND OXFORD Copyright © 2013 by Princeton University Press Creative Commons Attribution- NonCommercial- NoDerivs CC BY- NC- ND Requests for permission to modify material from this work should be sent to Permissions, Princeton University Press Published by Princeton University Press, 41 William Street, Princeton, New Jersey 08540 In the United Kingdom: Princeton University Press, 6 Oxford Street, Woodstock, Oxfordshire OX20 1TW press.princeton.edu All Rights Reserved At the time of writing of this book, the references to Internet Web sites (URLs) were accurate. Neither the author nor Princeton University Press is responsible for URLs that may have expired or changed since the manuscript was prepared. Library of Congress Cataloging-in-Publication Data Coleman, E. Gabriella, 1973– Coding freedom : the ethics and aesthetics of hacking / E. Gabriella Coleman. p. cm. Includes bibliographical references and index. ISBN 978-0-691-14460-3 (hbk. : alk. paper)—ISBN 978-0-691-14461-0 (pbk. : alk. paper) 1. Computer hackers. 2. Computer programmers. 3. Computer programming—Moral and ethical aspects. 4. Computer programming—Social aspects. 5. Intellectual freedom. I. Title. HD8039.D37C65 2012 174’.90051--dc23 2012031422 British Library Cataloging- in- Publication Data is available This book has been composed in Sabon Printed on acid- free paper. ∞ Printed in the United States of America 1 3 5 7 9 10 8 6 4 2 This book is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE !" We must be free not because we claim freedom, but because we practice it.
  • Scada & Plc Vulnerabilities in Correctional Facilities

    Scada & Plc Vulnerabilities in Correctional Facilities

    SCADA & PLC VULNERABILITIES IN CORRECTIONAL FACILITIES White Paper Teague Newman Tiffany Rad, ELCnetworks, LLC John Strauchs, Strauchs, LLC 7/30/2011 © 2011 Newman, Rad, Strauchs PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Abstract On Christmas Eve not long ago, a call was made from a prison warden: all of the cells on death row popped open. Not sure how or if it could happen again, the prison warden requested security experts to investigate. Many prisons and jails use SCADA systems with PLCs to open and close doors. As a result of Stuxnet academic research, we have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, we will analyze SCADA systems and PLC vulnerabilities in correctional and government secured facilities while making recommendations for improved security measures. 1 PLC Vulnerabilities in Correctional Facilities Newman, Rad, Strauchs Biographies John J. Strauchs, M.A., C.P.P., conducted the security engineering or consulting for more than 114 justice design (police, courts, and corrections) projects in his career, which included 14 federal prisons, 23 state prisons, and 27 city or county jails. He owned and operated a professional engineering firm, Systech Group, Inc., for 23 years and is President of Strauchs, LLC. He was an equity principal in charge of security engineering for Gage-Babcock & Associates and an operations officer with the U.S. Central Intelligence Agency (CIA). His company and work was an inspiration for the 1993 movie, “Sneakers” for which he was the Technical Advisor.