==Phrack Magazine== Volume Four, Issue Forty-Four, File 26 of 27 **************************************************************************** International Scenes There was once a time when hackers were basically isolated. It was almost unheard of to run into hackers from countries other than the United States. Then in the mid 1980's thanks largely to the existence of chat systems accessible through X.25 networks like Altger, tchh and QSD, hackers world-wide began to run into each other. They began to talk, trade information, and learn from each other. Separate and diverse subcultures began to merge into one collective scene and has brought us the hacking subculture we know today. A subculture that knows no borders, one whose denizens share the common goal of liberating information from its corporate shackles. With the incredible proliferation of the Internet around the globe, this group is growing by leaps and bounds. With this in mind, we want to help further unite the communities in various countries by shedding light onto the hacking scenes that exist there. We have been requesting files from people to describe the hacking scene in their country, but unfortunately, more people volunteered than followed through (you know who you are.) This issue we want to introduce you to the scenes in Quebec, Sweden and Israel. ******************************************************************************* What is going on in the 418 scene By Gurney Halleck of NPC Believe it or not, there are hackers and phreakers in the 418 AC and people are just starting to hear from us. There are only two real H/P BBS in Quebec City, The Workshop and Miranda BBS. The first one is a NPC hang out (Northern Phun Co.), a local Hacker/Phreaker group that has a certain fame, just read Phone Pirates, a recent book by two Toronto journalists.... The other one is considered a little bit lame by some. Personally, I am friends with the sysops, they're not real hackers, but generally nice guys. Here are some names you might have seen in the H/P scene, Blizkreig, SubHuman Punisher, KERMIT, Atreid Bevatron, Coaxial Karma, Mental Floss, Fairy Dust, Evil-E, Black Head, Santa Claus, Blue Angel Dream, myself of course and probably many more I have forgotten to mention. (sorry) NPC Publishes a monthly magazine and will be celebrating their first anniversary on November 1st 1993. They have been on national TV and press for breaking into the computer of the prime minister's cabinet. In 418, there is only one Internet Node, at Laval University, and to get a legal account on one of their systems, be ready to shell out 90$ a month. No kid can pay that much, so that's why there are so many hackers. They hack anything from old VAX/VMS machines to brand new Suns and Datapac and Edupac. Back in April of 1993, a hacker, Coaxial Karma, was arrested for trying to "brute force" into saphir.ulaval.ca, a cluster VAX/VMS. He was working from information from another hacker, myself, that there were many "virgin" accounts (account that were issued but never used) and that these accounts all had a four letter (just letters) password. So he proceeded to brute force the computer, after 72000 tries, he finally got in. An operator, entirely by chance, found the logs for the 72000 failed logins for one account on saphir, an proceeded to call the police. The hacker, being a juvenile, got by easily, not even loosing his computer. On September 30th, another hacker, SubHuman Punisher, was arrested by the RCMP. It all started a long time ago, when people started hacking into Laval University's systems. First, they installed a password on their terminal servers, just one password, the same for everybody! Needless to say, everybody knew it. Second, most sys-admins knew next to nothing about security, so when they found intruders, they could not keep them out. Enter Jocelyn Picard, sysadmin of the GEL subdomain and security expert. He does his job and does it well. He kicked them out for a long time. (I personally do not think it was his idea to call the RCMP.) After a while, the hackers where back with a vengeance and using Laval's systems to hack other systems. So the guys from the CTI (Centre de Traitement de l'Information) decided to call the authorities. Bell monitored the phone lines from Sept 16th to Sept 30th. Systems in the ERE hierarchy in the umontreal.ca domain were also logged for Internet activity. On the 30th, 2 hackers where arrested. Both of them, their only crime was wanting to be on the internet. Now is that so bad? I only knew one of the two, SubHuman Punisher, so I'll tell you what happened to him. He was charged with theft of telecomunications (that charge has been dropped) and for illegally using a computer. A new charge as been added after they drop the first one: copyright infringement. All his equipment was taken away. We don't think he'll get by as easily as the first electronic martyr of 418 (as we like to call him). This time it looks serious. So we at NPC have started a relief fund for his legal defense, The "Fond de Defense SubHuman Punisher" ( the SubHuman Punisher defense fund). All contributions are welcomed, write to: FDSP 886 St-Vallier St. app 7 Quebec City, Qc Canada, G1K 3R4 ******************************************************************************* The Swiss Scene by Holz Welcome to Switzerland, the country that's famous for, ehmm err, well now famous for... come to think of it....nothing really. Well, for those of you that didn't pay much attention at high school: Switzerland is a rather unimportant country (to anyone but the Swiss) in the middle of Europe with about 7*10^6 inhabitants and some light industry. Networks in Switzerland ----------------------- Switzerland has two internet providers, SWITCH and CHUUG. Lets deal with them in that order. SWITCH was originally formed from a consortium of the 9 (?) or so universities in Switzerland. It's purpose was linking the universities in Switzerland and providing access to international networks for their researchers. SWITCH is linked to the nfsnet via CERN (the European center for nuclear research in Geneva) and INRIA in France. SWITCH's Customers are almost exclusively universities or large corporations, they don't cater much to individuals. Most of the Network operates at 2..10 Mb/sec, SWITCH uses cisco hardware. The other provider, CHUUG, founded by Simon Poole does cater to individuals (they offer some for of pub access unix, + slip + uucp/news/mail feed), their links, which last time I looked went via Germany and Holland are somewhat slower. CHUUG also links some smaller companies (improware for instance) Apart from the Swiss Internet, there is a DECNET based Network called CHADNET, managed by SWITCH which also links the Swiss universities. There is even a gateway to HEPNET and SPAN at the Paul Schaerrer Institute (PSI) in Zuerich. Due to the restrictions in DECNET you need to use poor man's routing to get anywhere. Some of the universities have non ip internal networks, the most notable being KOMETH, which links the university of Zuerich and the ETHZ, most universities however just use their ethernets and don't have any fancy hardware. Apart from this Switzerland has it's own PDN, Telepac, operated by the Swiss Ptt (our federal telecommunications agency) with dnic 2284. This network is accessible at speeds of up to 9600 bps at a fixed charge all over the country. Apart from Telepac their are several other x25 based networks directly accessible from Switzerland, notable Sprintnet, with dialins in Zuerich and Bern, Tymnet with Dialins in Zuerich and Neuchatel, and Infonet. Last but not least Switzerland has a national vtx system (which i've never used, and i'm proud of that) called Videotext, which is linked to BTX in Germany, Prestel in England and Minitel in France. The only reason for using was the fact that up till recently it could be accessed for free via our equivalent of the 1-800 number (ours start with 155). The ptt now claims that this was a "mistake" (some mistake considering it lasted for two years and was used by everyone and his dog.....but I digress.) Hacking in Switzerland ---------------------- Well there's not much of a scene here. I have known a few (5-10) Swiss hackers and one or two good ones, but that doesn't go very far. As for boards, I can't think of any right now. BGB (with nua 0208046451064) used to have a hacker corner, but that's been closed for some years now I think. Pegasus (022847521257) which runs on a vax under vms is quite a nice system, where on occasion you meet people with an interest in vms. I don't know of any conventions in Switzerland, we've tried to organize one once (we ended up with three people). Hacking incidentally is illegal in Switzerland, but only as of this year. Phreaking in Switzerland ------------------------ I don't know much about Phreaking (anything ?). The Swiss telephone system is a very modern one, and nearly identical to the one in Sweden. This means that any of the old methods suitable for older exchanges (most notable blue boxing) don't work. There are some limited possibilities via our 1-800 system, but Switzerland phone systems aren't easily abused. The switches incidentally are Siemens AX-10 (does that meen anything to anybody ?) I know of one or two good phreaks (rather than card abusers) in Switzerland. Phreaking and any messing with telephones, unlike hacking, has always been illegal in Switzerland. Some Incidents -------------- Well here's for old times sake. (doubt this can do any harm any more) 1) I've already mentioned the Swiss X.25 Network Telepac. To use this you need a nui, which is usually an 8 character string, and a password, which is six characters, mixed upper and lower case + usually numbers. Well obviously the ptt has nuis for internal use, as in this case the one for the employees of the ptt headquarters in Bern. The nui it seems was available to all the employees needing access and someone let the secret get out... so for two years every hacker in Switzerland used this nui to make x25 calls round the world. In fact it became so popular that the German hackers near the border found it worth their while to pay the ld charges to Switzerland just so they could use this nui. Eventually someone noticed. The cost must have been phenomenal. 2) An acquaintance got into the Vax cluster of BAG (our equivalent to NIH). The people at BAG eventually noticed and kicked him out. In their press release to the incident, while being forced to admit that someone had got in they made a firm point of how 'secure' they were, and explained that it was impossible that anyone had seen any personal data on People registered as HIV positive. Well this was such an obvious cover-up that my acquaintance decided to give them a piece of his mind, so he called the national radio, and gave them an interview live on his motives and accomplishments. BAG continued to deny his version (but changed all their passwords.) ******************************************************************************* The Israeli Scene by Herd Beast Didn't you always want to know about the "scene" in Israel? YOU WILL... A SMALL OVERVIEW **************** This article was written after I read Phracks 42/43, and the idea seemed good. I am not affiliated with any person or any group mentioned in this file. It's hard to describe the "Israeli scene", so I will start with a short description of the state of technology in Israel. TECHNOLOGY ********** The Israeli telephone system isn't very advanced. Most of the country still doesn't even have tone dialing, and while the phone company has rAd plans about installing CLID and a pack full of other exciting things, the fact remains that half the country breathes rotary phones and analog lines. Pathetic as it seems, it still means that tracing someone through the phone lines can be rather hard; it also means that K0D3 scanning is abundant. After the telephones comes the X.25 connection, Isranet: DNIC 4251. Isranet used to be a "hassle free system", eg every 11 year old could get a NUI and use it, and NUIs lasted. Those merry times in which practically everyone who had a modem was an X.25 "hacker" are almost over. The weakness of Isranet (the telco's fault!) is why if you happened upon QSD some years ago, you would have probably noticed that after Italian lesbians, Israelis lurked there the most. Recently, Isranet switched systems. The old system that just prompted NUI? and ADD? is gone, and in came the SprintNet (Telenet) system. It is now generally believed that Isranet is un-crackable. Way to go, Sprint, ahem. Amongst other thing the Israeli phone company supplies besides an X.25 network is an information service (like 411) through modem, e-mail/FAX and database systems (a branch of AT&T EasyLink) and a bunch of other things. Not to forget the usual "alien" connections, like a TYMUSA connection (with very low access levels), and toll free numbers to the AT&T USA*Direct service and sexy-sounding MCI & Sprint operators. To my knowledge, cellular telephony among phreaks in Israel is virtually non existent, (that is to say, when talking to phreaks, none of them seems to care about cellular phones at all, for different reasons one of them being the starting price which is high), which is a pity but is also a blessing since security is lax and besides, the Israeli cell phone market is monopolized by Motorola (whose cell phones re known as "Pele Phones" which means "Wonder Phones"). As you might have understood, up until lately, the Israeli phone company (Bezeq) wasn't very aware of security and boring stuff like that. Now it's becoming increasingly aware, although not quite enough. The notion in Israel is that hackers are like computer geniuses who can get into ANYWHERE, and when last did you see someone like that? So basically, corporate security is lax (does "unpassworded superuser account" ring a bell?), although not always that lax. Last but not least are the elytee -- the computer literate public. These are most of the people in charge of machines on the *.il domain on the Internet. Security there is better than usual, with (for example) "correct password" rules being observed, but (another example) with holes like /usr/lib/expreserve on SunOS still open. For this reason, there is a difference between hackers in Israel. There are university students who play around with the Internet, hack, and are usually not aware that there is a bigger hacking community beyond IRC. Then, there are the modemers, who use modems and all the other things, but are generally not as proficient, since Internet access in Israel is given only to university people and employees of the very few companies who have Internet connections. (The notion of public access Unix exists, but access costs $50 a month and to get it one must have approval of the ministry of communication because of an old law; and since calling up a system and running by all the defaults usually does not work, not everyone has access to the Internet.) Calling card abuse is very popular in Israel, because Bezeq cannot find abusers and really doesn't care. Therefore there are a lot of pirates in Israel who are in very good touch with American pirate groups, and this includes the works - crackers, artist, couriers. If you know a bit about the pirate community, good for you. Hackers as in computer hackers are a little rarer. To become a hacker you need to pass some grueling tests. First, you resist the lures of becoming a calling card and download junkie. Then, you have to become proficient from nothing. Finally most of the Israeli hacking community hacks for the single reason that goes something like "get into QSD", "get into IRC" (without paying). Not very idealistic, but it works... Assuming you passed all these stages, let's say you are 18... and you go to 3 years in the army. Did I forget to mention that serving in the army is mandatory in Israel? Not really relevant, but that's life in Israel, and when you leave the army, you usually forget about hacking. Up until now I was just explaining things. Now.. THE PARTICULARS *************** I will concentrate on the "modemers" in this section, so first about the students. You may know this, but there is a lot of "bad" Internet traffic on *.il, in the form of pirate/virus FTPs and stuff like that. If you read Usenet, you probably saw at some time a wise ass post such a site. These are usually the works of students. To be honest, that's as much as I know, since I'm not a student and my stupidity is not so high as to assume every Internet user from *.il is a student... The "serious" modemers hackers don't really hang out in big groups. They have close friends or work alone, so there is nothing like Israeli ######Cons. I can't make an estimate of the actual amount of hacking done in Israel, but I do know that a lot of people got drafted lately. Other than that, there are a lot of Israelis hanging around on IRC (if you're into that), but they usually work like k0D3 k0ll3kt0rZ, only instead of codes they collect Unix account. In a country that has fewer people than NYC, the total number of people who actually have modems and do hack AND know what they're doing is not so large, which is why until now my description didn't sound very pretty. But considering these facts, they're actually not bad. There are some "underground" groups in Israel. Not exactly groups as magazines -- if there is one thing Israel is full of it's local magazines. These are usually small releases featuring things like "FTP Tutorial" and "Pascal Trojan" along with several oh-so-accurate anarchy files. The most prominent, and in the fact the only magazine to have lasted beyond one issue is called IRA (International Raging Anarchists). For the sake of the pirates, an Israeli formed group that also has American members is called HaSP; it usually releases cracks for all kinds of software. THE NETWORK *********** Some time ago there was an attempt to bring up a hacking network in Israel. It was called the IHPG (Israeli Hack Phreak Group) and was a bunch of FidoNet-style echos passed between underground boards. The subjects on hand were hacking, phreaking, trojans, and viruses. At first there was a genuine attempt to make things happen, but almost no one shared information (more accurately, accounts/passwords/codes) and the net slowly died out. To my information it is still operational on around 3 boards around Israel, with something like 3 posts per month. LAW AND ORDER ************* The law and the establishment in Israel are divided. For starters, there is the wide public opinion among the public that every hacker, in particular those who get caught are computer geniuses. Therefore, in a lot of cases where hackers (usually university students) get caught, they are given a better position within the computer staff, or are later hired by a company (no matter what for -- and it's not always security). Although police and Bezeq do preach that hacking is a crime etc, I seriously doubt that there will be such an outrage among computer people if someone was to go on and build an Israeli ComSec (as an example). Police has a very limited staff assigned to computer investigations, (along the lines of 1-2 officers), and they are in charge of everything; this means they should check calling carders, but also on bank embezzlers who keep information on "secure" floppies. Guess which cases get priority? Of course, there is still the phone company and when things get more serious more man force is issued. >From time to time, however, there are arrests (see PWN on Phrack 35, 38 elsewhere). These usually involve (in the case of the guy described on Phrack 35) a tip from police overseas, who kept bugging the Israeli police until they made a move, or idiots who sell things. The guy in the Phrack 35 World News, Deri Schreibman, was arrested after he supplied credit cards to people in the U.S. and Canada, who turned him in when they got caught. He himself turned in a lot of people, but his information "just" led to them being visited. Nothing much has been heard about that since, but his case got a lot of publicity because he had a lot of computer equipment, including this/that-boxes, and was said to have broken in Washington Post and the Pentagon. After him, there have been raids on hackers but nothing serious happened to them, and the news coverage was not incredible. A year or so ago one total asshole went on a national show (nothing like Geraldo) and told everyone how he too, abused Isranet and the Washington Post; he also claimed that Bezeq didn't have a clue and that was why he wasn't afraid. He was visited and his equipment was taken. At much earlier times there was a teenager who changed an article on the last page on an Israeli newspaper to say that his math teacher had been arrested for drug dealing; he got to write a computer program to aid blind and deaf people. That is the general way busts go on in Israel, because there is no such great danger as to even warrant dreams of something like Sundevil. There are also sometimes problems in the army, but they are dealt with internally, by the army (I don't think anyone gets shot though). When a bust occurred, usually many people quit fooling around with Isranet for a while, because all those who did get caught were doing the same things with Isranet. But except for that, there were no great waves in the pond after busts, except again for the Deri S. case. This is due simply to the fact that hackers, in Israel and usually anywhere else, simply don't amount to the amount of problems "professional" criminals make to the police, (the same way Israeli software houses chase down pirating firms and not boards), and since Israel doesn't have an FBI and/or USSS the law isn't going around pointing guns at hackers. HACKING IN ISRAEL ***************** Hacking or phreaking in Israel in not very sophisticated. The average Israeli can scan all he likes; Israeli toll free numbers in the format of 177+Country Code+XXXX exist to almost every country. This means that by dialing 177 (= 1-800), a country code (440 for the UK, 100 for AT&T, 150 for MCI, etc), and a number on the XXXX format, you have a chance of connecting to a number in country whose country code you're using. Voice mail systems, modems and other things can be found there (h00ray!). There are also calling cards and X.25 and 056 (= 1-900) scams, etc, etc. A nice way to start scanning (if anyone is interested) the 4251 DNIC is based on area codes (yes, just like Telenet). For example, a lot of systems in the 04 area code will be somewhere at: 4251 400 ... This might lead to disappointing results, though, since most systems use Hebrew (most interesting systems). The best way to get Israeli area codes is by using a file on international country/area codes put out a while ago... Funny, but it's more accurate than a C&P phone book. If you're into social engineering foreigners, give 1 800 477-5664 (AT&T) or 1 800 477-2354 (MCI) a call. These will get you to an Israeli operator who will be happy to place a call for you, if you're into experimenting (another one of Bezeq's new services, called Israel*Direct... also available from the UK, Ireland, Germany and more.) CONCLUSION ********** I hope you have learned about the Israeli scene. My purpose was NOT to dis anything, it was to show that even though we live in this global village of networks and electronic data exchange (ohh), living in outer butt-fuck (I did not invent this term) has its advantages, in the form of basic stupidity, and its disadvantages in the form of lack of technology and organization in the community. Yeah. There are still many nice things about hacking in Israel. Enjoy your life.