December 2003 - cypherpunks-legacy

Re: Digital Signatures and the Law...
by some days weren't there at all 17 Dec '03

17 Dec '03

> Has there been any concideration for the difference between a digital > signature that is used only for authentication and one that is legally > binding?? What's the difference? When I sign a contract, I'm simply giving notice that I accept its terms and conditions. What I write in snail mail, however, may also be used in a court of law to show that I actually thought or wrote whatever it was I wrote. Why would e-mail be any different? > I would hate for these Digital Signature Laws make every e-mail message I > sent a legally binding document. :( That's the rub about nailing down identity...there's no such thing as plausible deniability anymore. In a court of law, assuming you could prove to a judge and jury that digi sigs establish identity beyond a reasonable doubt, I'd imagine that anything signed, law or no law, would be legally binding insofar as you actually wrote it. I think I'm missing something...? --------------------- "Deities do not fall ten floors to the basement" - Willis pandemic(a)hotmail.com please contact for PGP public key. http://www.skylink.net/~bigdaddy

1 0

DEF CON V Convention Announcement #1.19 (06.30.97)
by Declan McCullagh 17 Dec '03

17 Dec '03

[I'm planning to show up Friday morning. Anyone else going? --Declan] ******* READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB DEF CON V Convention Announcement #1.19 (06.30.97) July 11-13th @ the Aladdin Hotel and Casino in Las Vegas XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement XXXXXXxxxxxxXXXXXX X X DEF CON V Convention Announcement XXXXXxxxxxxxxXXXXXXX X DEF CON V Convention Announcement XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON V Convention Announcement XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON V Convention Announcement XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON V Convention Announcement XXXxxxxxxxxxxxxXXXXXXXX DEF CON V Convention Announcement XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON V Convention Announcement XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON V Convention Announcement XXXXXXxxxxxxXXXXXXXXX X DEF CON V Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON V Convention Announcement XXXXXXXXXXXXXXXXXXXXXXXXXXXX X DEF CON V Convention Announcement READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB The only convention with free beer! IN SHORT:-------------------------------------------------------------------- WHAT: Speakers and partying in Vegas for all hackers WHEN: July 11th - 13th WHERE: Las Vegas, Nevada @ the Aladdin Hotel and Casino COSTS: $30 in advance, $40 at the door MORE INFO: http://www.defcon.org or email info(a)defcon.org IN LONG:--------------------------------------------------------------------- It's time to brave Las Vegas again for DEF CON! This is an initial announcement and invitation to DEF CON V, a convention for the "underground" elements of the computer culture. We try to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers, Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks, Futurists, Artists, Criminally Insane, Hearing Impaired. It seems that books about the culture are becoming more popular, so of course reporters are also welcome. You won't be hurt. I promise. Just bring cash for drinks. So you heard about DEF CON IV, and want to hit part V? You heard about the parties, the info discussed, the bizarre atmosphere of Las Vegas and want to check it out in person? You want to do weird shit _away_ from the hotel where you can't get me in trouble? You have intimate knowledge of the SWIFT network, and want to transfer millions of dollars to the Def Con account? Then you're just the person to attend! What DEF CON is known for is the open discussion of all ideas, the free environment to make new contacts and the lack of ego. More people have made great friends at DEF CON over the years than my brain can conceive of. DEF CON is also known for letting the "Suits" (Government / Corporate) mix with everyone and get an idea of what the scene is all about. The media makes an appearance every year and we try to educate them as to what is really going on. Basically it has turned into the place to be if you are at all interested in the computer underground. [Note]----------------------------------------------------------------------- Now last year over 800 people showed up and threw my whole program for a loop. I was thinking 500+ people, but when 800 showed up it got a little crazy for the planning staff. This year I am planning for 1,000. This way I will be able to accommodate everyone and have less logistical screw- ups. I would also like to apologize to everyone last year who had temporary badges for half the convention, etc. I will do all that is possible for maximum coolness, and minimum hassles. Anyway, enough of my shit, on with the details. [End Note]------------------------------------------------------------------- SPEAKERS:-------------------------------------------------------------------- Over the years DEF CON has had many notable speakers. This year there will be more of an emphasis on technical talks. There will be a separate smaller room for break-out sessions of more specific topics. While the talks of the past have been great, it always seems some tech people drop out and general talks fill in. I will load it tech heavy so when people do drop out there will still be plenty of meat left for the propeller heads. There will be some speaking on Friday evening before Hacker Jeopardy, all day Saturday and Sunday. About 20 people will speak, plus smaller tech sessions. If you are interested in speaking or demonstrating something please contact me. Current speakers include: [> Nhil - Windows NT (in)security. The challenge response system, NT 5.0 Kerb security services, man in the middle attacks on domain controllers. This will be a more technical discussion of NT related security. [> Koresh - Hacking Novell Netware. [> Yobie - Emerging infrastructures made possible by Java. He will describe and talk about Java as the foundation for a global, object-oriented distributed network. New concepts and computing paradigms will discussed as well as applications for both applications development or straight-out hacking. [> Mudge - System Administrator for L0pht Heavy Industries. He will present a technical talk on something cool. [> Clovis - From the Hacker Jeopardy winning team. He will discuss issues with security and networked object systems, looking at some of the recent security issues found with activeX and detail some of the potentials and problems with network objects. Topics will include development of objects, distributed objects, standards, ActiveX, corba, and hacking objects. [> Bruce Schneier - Author of Applied Cryptography and the Blowfish algorithm - Why cryptography is harder than it looks. [> FBI Computer Crime Squad - They will make another appearance this year only if I can bribe them with the audio from last years convention. Can I do it in time? [> Richard Thieme - "The Dynamics of Social Engineering: a cognitive map for getting what you need to know, working in networks, and engaging in espionage quietly; the uses of paranoia, imagination, and grandiosity to build the Big Picture. [> Wrangler - Packet Sniffing: He will define the idea, explain everything from 802.2 frames down to the TCP datagram, and explain the mechanisms (NIT, bpf) that different platforms provide to allow the hack. Wrangler has been programming since seven column paper tape. He is a loner with the social skills of a California Condor. He has never been a member of LOD, MOD, or any other group. He has written no books, is not currently employed, and refuses to discuss what he refers to as "that credit card provider thing back when I used to do mainframe shit." His current projects include looking for his next Fortune 100 contract and writing the DEFCON V virus. [> Seven - What the feds think of us. [> Richard K. - Electronic countermeasures, counter espionage, risk management. Should include a demonstration of electronic countermeasures equipment as well as a talk on what works, what doesn't, and the industry. [> Tom Farley the Publisher of the "Private Line" journal, and Ken Kumasawa of TeleDesign Management - Toll Fraud in the 90s: Two perspectives. An overview of phreaking from a hackers point of view and an industry/security consultants point. [> Michael Quattrocchi - The future of digital cash and a presentation about the modernization and state of register-level debit cards; in effect currently throughout Canada. [> The Deth Vegetable - "The Cult of the Dead Cow embarks on a new era of Global Domination for the 21st Century three years early -- if you're not at Defcon this year, you won't be down with the master plan. Important announcements and startling new developments that will affect the entire history of the Computer Underground as you know it." [> Ira Winkler - Real life case studies of successful and unsuccessful corporate espionage. [> Sameer Parekh - c2.net - Why cryptography is harder than it looks, part two. A look at implementation and production problems facing people and companies wishing to develope and distribute strong encryption. [> Carolyn P. Meinel - Moderator of the Happy Hacker Digest and mailing lists. She will preside over a seperate Happy Hacker discussion pannel that will cover the topics of wether or not "newbies" should have information handed to them, or should they learn for themselves? [> Dan Veeneman - Low Earth Orbit satellites are nearing the launch stage, and this talk will cover the different systems that are planned and some of the services they'll offer. A bit on GPS that wasn't covered last year as well as the ever popular question and answer section. [> Hobbit - CIFS is a load of CACA - Random SMB CIFS stuff in Microsfot products. [> Cyber - An overview and explanation of available crypto-tools. What tools and programs do what, when to use them and on what platforms. From someone who has spent lots of time playing around with the currently available set of applications. [> Keith - Has some experience writing firmware for embedded microcontroller applications, and is giving a technical talk on applications of microcontrollers in the h/p community. [> James Jorasch - Hacking Vegas - How to games the gamers. From someone who used to deal with hotel casino security. What really goes on? SCHEDULE:-------------------------------------------------------------------- FRIDAY: Network Setup, Sign in, Informal PGP Keysigning at the "PGP table", Lots of Partying. Capture the Flag Contest Starts at 16:00 On Friday there will be the demonstrations of the Radio Burst Cannon, a "real" rail gun, and an omni-directional cell phone jammer. Times to be announced. 10:00 - Doors open, sign in starts 10:00 - Movies start in main conference room 16:00 - Capture the Flag II starts 15:30 - Round up and head off for demonstrations of HERF, and rail gun madness. Nothing may happen, then again.. 23:30 - 23:00 James Jorasch - "Hacking Vegas" how to beat the system in Vegas by someone who knows it inside and out. 23:00 - 03:00 Hacker Jeopardy Starts. SATURDAY: 10:00 - 10:50 Richard Thieme - The Dynamics of Social Engineering. 11:00 - 11:50 Yobie - Emerging infrastructures made possible by Java. 12:00 - 12:50 Clovis - issues with security and networked object systems. 13:00 - 13:50 FBI Computer Crime Squad - 14:00 - 14:50 Deth Veggie - Global Domination, cDc style. 15:00 - 15:50 Seven - What the feds think of us. 16:00 - 16:50 Richard K. - 17:00 - 17:50 Tom Farley and Ken K. - Toll Fraud in the 90s: Two perspectives. Saturday Breakout Tech Sessions: Koresh - Novell issues. Mudge - Secure Coding. Hobbit - Why CIFS is CACA. Nihil - NT security issues. Wrangler - Packet Sniffing. Keith - firmware for embedded microcontroller applications. 24:00 (Midnight) Final rounds of Hacker Jeopardy. SUNDAY: 10:00 - 10:50 Ira Winkler - Industrial Espionage. 11:00 - 11:50 Sameer - Why cryptography is harder than it looks, part two. 12:00 - 12:50 Cyber - An overview and explanation of available crypto-tools. 13:00 - 13:50 Carolyn Meinel - Happy Hacker Panel. 14:00 - 14:50 Michael Q. - The future of digital cash. 15:00 - 15:50 Dan Veeneman - Low Earth Orbit satellites. Sunday Breakout Tech Sessions: Happy Hacker track Panel: "The Newbie Experiments" Moderator is Carolyn Meinel, author of the Guides to (mostly) Harmless Hacking series. Other panel members are: - Matt Hinze, editor of the Happy Hacker Digest. - Bronc Buster, who runs a Web forum, IRC server and the New Buckaroos Web site for his fast-growing band of newbies. - Mark Biernacki of Shellonly.com will talk about this new ISP which is designed to make it easy for newbies to learn to hack. Just say "Telnet port 22!" - Jericho, who will hold forth on "Let the newbies fend for themselves." We will allow each panel member to open with a brief presentation of his or her work, followed by debate first among panel members, followed by Q&A from the audience. We expect some intense debate:-) Then if the Aladdin hotel hasn't yet been demolished yet by riots, we will continue with a series of individual presentations: - Jon McClintock, editor of Happy-SAD (Systems Administrator Digest) will demonstrate how to install Linux. - Bronc Buster will hold forth on the Windows 95 denial of service programs his Web site offers. - Carolyn Meinel will demonstrate how to read email headers, create, and decipher forged email. Breakout Tech Sessions: 16:00 Awards for Capture the Flag End of it all, cleanup, etc. See you all next year! EVENTS:---------------------------------------------------------------------- [> HACKER JEOPARDY: Winn is back with Hacker Jeopardy!! The third year in the running! Can the all-powerful Strat and his crypto-minion Erik, whose force cannot be contained, be defeated?! Will the powers that be allow Strat-Meister to dominate this beloved event for the third year in a row?! Can Erik continue to pimp-slap the audience into submission with a spoon in his mouth?!? Only Skill, Time, and booze will tell the tail! The Holy Cow will help supply the beer, you supply the answers. The first round starts at 12 midnight o'clock on Friday and lasts until it is done. The second and secret rounds will happen Saturday at midnight. 6 teams will be picked at random and compete for the final round. There can be only one! Strat's Team, the winners from last year will defend if all the members can be found. [> FREE BEER! Holy Cow will provide free beer tickets! If you are over 21 prepare to consume "hacker" beers. Actually it's whatever beer they have on tap, but it's the best beer in Las Vegas. Follow Las Vegas Blvd. up until you see the florescent cow with the big sunglasses. All taxi drivers know of this Mecca. Over 1,000 free beers in all! [> BLACK AND WHITE BALL: We've talked it over, and the verdict is in. For the last two years at DEF CON there has been a sort of unspoken Saturday night dress up event. People have worn everything from party dresses and Tuxedoes to AJ's ultra pimp Swank outfit with tiger print kilt. This year it is official. Wear your cool shit Saturday night, be it gothic or PVC vinyl or Yakuza looking black MIBs. No prizes, just your chance to be the uber-bustah pimp. [> THE TCP/IP DRINKING GAME: If you don't know the rules, you'll figure 'em out. [> CAPTURE THE FLAG: ALL NEW, ALL IMPROVED, MORE CONFRONTATIONAL, 1997 ILLUMINATI INVITATIONAL, CAPTURE THE FLAG, HACKER STYLE. The goal is to take over everybody else's server while protecting your own. To cut down on lag time and federal offences we're providing a playing field of 5 flag-machine networks connected by a big router in the middle. The rules: 1) No taking the network down for more than 60 seconds. 2) No taking any flag machine (including your own) down for more than 3 minutes. 3) In order to be counted in the game, a team's flag machine must - be directly connected to the network; - have a text file flag on the machine readable by at least 2 accounts, - keep at least 3 *normal* services running in a way that a client could actually get their work done using them. - run a web server if technically possible. 4) No goonery/summoning of elder gods/Mickey Finns/physical coercion... you get the idea. ( You had the idea, but we're trying to prevent you from using it. ) The field of play : Each network will have a "server" of some kind on it, called the flag machine. At the start of the game, these servers will be stock installations a lot like what you'd see on the average academic/secret cabal/military/megacorp network. Each of these machines will have a PGP private key, named root.flag, and a web server. There will also be a machine to provide DNS, called the scoreboard. Teams: Teams can be one human or more. In order to be a team, you have to generate 20 256bit PGP key pairs, have a DEFCON goon pgp-sign them and put the public keys on the scoreboard webserver. We'll generate a hundred key pairs in advance, so the first five teams can just grab a floppy disk (if they're trusting). To prove that you've hacked a flag machine, PGP - sign a message with the root.flag from the hacked machine, then with one of your own. Post the doubly-signed message on the scorekeeper web server, and you've captured that flag (and invalidated the captured root.flag). When you've captured a flag, decide between conquest and condescension: either take over the server yourself, or hand it back to its not-so-eleet owners. To conquer, put one of your PGP private keys on the captured server to become the next root.flag. (Of course, you have to properly secure the server to maintain your new territory.) To condescend, just wait until the original owners see their shame spread across the scoreboard. (It would sure be a pity if they had to put up a new key before they figured out how you got in last time, wouldn't it?) Two Ways to Win: #1 EVIL EMPIRE: Whoever has the most servers responding with their teams' private keys at the end wins. #2 PIRATE: Fabulous prizes will also be given to whoever racks up the highest total number of flags captured. Rough game mechanics (why is everyone so untrusting?): Once every 5 minutes or more, the scoreboard machine will post a plaintext challenge. Every team that claims to own a server has to PGP-sign that challenge with the private key registered for that server and post the signed version on their machine. If a server can't respond within 3 minutes, then nobody owns it, and it's fair game to be taken back over by the goons. Specific rules will be available in print at DefCon before the game begins. This was a message from The People [> QUAKE COMPETITION: http://www.ctive.com/ntech/defcon.htm This year knightPhlight contacted me and wanted to organize a single elimination Quake competition to find out who that badest ass 'mo 'fo is. Check out the web site to get the rules, sign up, or to donate a computer the greater good of destruction. It is IMHO that Quake by id Software rules 3D action gaming. But who rules Quake? We'll find out this July 11th-13th at the DefCon Conference in Las Vegas. This isn't going to be a networked game intent on quickly eliminating as many players as possible in a single round. Rather, one-on-one games will be played to absolutely determine who the best really is. Of course, you already know your the best so why would you feel obligated to prove it? Because we'll give the first place winner $750. Now, being the wily person you are, I bet you would like to know where I got the money for the prizes. It'll come from your registration fee of $7.50. Any half wit can do the math and see the 10,000% return for the winner. But just for entering you'll be in a drawing for really kewl stuff. If you don't think its kewl you can just give us your email address and we'll be happy to send you a couple hundred thousand messages explaining why the prizes are great. [> NET CONNECTION AND TOPOLOGY: DefCon 5 Network Plan (v.99) Telecommunications ------------------ Media Type: T1 ESF/B8ZS (not D4/AMI) Service Provider: Las Vegas Digital Internet Telco: Sprint Equipment needed Equipment on-hand ---------------- ---------------------------------------------- CSU/DSU Verilink AS2000's with NCC 2301 cards (JC) Router Cisco 2501 (Lock) Net Admin server (Lock ) 10bT Hubs 16-port from Lock - need more to populate the room 10bT Cable (miles) Everybody bring their own - will need some extra to link hubs Network Services: ----------------- Web Server CU-reflector RealAudio Server IRC server? This year we are pre-building many of the network boxes so the net can go up first thing Friday. It looks like we will have a T1 line and we will break it out to 10 BaseT hubs. If you want in on the network bring along the appropriate cables and adapters. More Net Madness! The T1 bandwidth will allow us to do the following cool stuff: - Have several color quickcams and a CU-SeeMe reflector site set up so people not at the con can check out what's going on. During the convention check out the DEF CON web site to get the location of the reflector site. You should get and install the software needed to view CU-SeeMe streams in advance! - Have a RealAudio server set up to stream the speakers talks to those who can not attend. - Potentially play a competitive multi user game(s) over the net. NOTE! If you wish to participate interactively with the convention please e-mail me and we can coordinate something. It would be great to get people from all over the world involved. [> 5th ANNUAL SPOT THE FED CONTEST: The ever popular paranoia builder. Who IS that person next to you? "Like a paranoid version of pin the tail on the donkey, the favorite sport at this gathering of computer hackers and phone phreaks seems to be hunting down real and imagined telephone security and Federal and local law enforcement authorities who the attendees are certain are tracking their every move.. .. Of course, they may be right." - John Markhoff, NYT Basically the contest goes like this: If you see some shady MIB (Men in Black) earphone penny loafer sunglass wearing Clint Eastwood to live and die in LA type lurking about, point him out. Just get my attention and claim out loud you think you have spotted a fed. The people around at the time will then (I bet) start to discuss the possibility of whether or not a real fed has been spotted. Once enough people have decided that a fed has been spotted, and the Identified Fed (I.F.) has had a say, and informal vote takes place, and if enough people think it's a true fed, or fed wanna-be, or other nefarious style character, you win a "I spotted the fed!" shirt, and the I.F. gets an "I am the fed!" shirt. NOTE TO THE FEDS: This is all in good fun, and if you survive unmolested and undetected, but would still secretly like an "I am the fed!" shirt to wear around the office or when booting in doors, please contact me when no one is looking and I will take your order(s). Just think of all the looks of awe you'll generate at work wearing this shirt while you file away all the paperwork you'll have to produce over this convention. I won't turn in any feds who contact me, they have to be spotted by others. DOUBLE SECRET NOTE TO FEDS: This year I am printing up extra "I am the Fed!" shirts, and will be trading them for coffee mugs, shirts or baseball hats from your favorite TLA. If you want to swap bring along some goodies and we can trade. Be stealth about it if you don't want people to spot you. Agents from foreign governments are welcome to trade too, but I gotta work on my mug collection and this is the fastest way. [> RAIL GUN DEMONSTRATION: (Friday) On Friday afternoon there will be a demonstration of a hand held rail gun. This garage project should be able to fire a graphite washer very, very fast. [> OMNIDIRECTIONAL CELL PHONE JAMMER DEMONSTRAITON: (Friday) Another interesting creation to be tested on Friday in the desert. Come along and watch you cell phone antenna explode with power! See control channels crumble before you. [> RADIO BURST CANNON DEMONSTRATION: (Friday) While not quite a HERF gun, this should come close. The RBC should be able to produce up to or less than one MegaWatt for up to or less than one second. What will this do? Who knows! Come and find out. Obviously the above demonstrations will take place away from the local hospitals and casinos out in the desert someplace, so be prepared. HOTELS:---------------------------------------------------------------------- [> Book your room NOW!!! We have a block of rooms, but it is first come, [> first served. Rooms get released about one month before the convention. [> Book by June 9th or risk it. The room rates are quite cool this year. PRIMARY HOTEL: The Aladdin Hotel and Casino 3667 Las Vegas Blvd. South, Las Vegas, Nevada Built in 1966 it is one of the oldest hotels in Las Vegas that hasn't been blown up to make room for newer ones. It is quite nice and has Tennis courts, two swimming pools, Chinese, Vietnamese and Korean. A Seafood and steakhouse, Joe's Diner and a 24 hour coffee shop too. It's located next to the MGM Theme park on the strip. PHONE: 1-800-634-3424, reference the "DC Communications conference" for reservations. 702-736-0222 RATES: Single & Double rooms are $65 in the Garden section, $85 for the Tower. Suites are $250 to $350. All costs are plus 8% room tax. Rollaway beds are available for an additional $15 a night. STUFF IN VEGAS:-------------------------------------------------------------- URLs Listings of other hotels in Las Vegas, their numbers, WWW pages, etc. http://www.intermind.net/im/hotel.html http://vegasdaily.com/HotelCasinos/HotelAndCasinos/CasinoList.html VENDORS / SPONSORS / RESEARCH:----------------------------------------------- If you are interested in selling something (shirts, books, computers, whatever) and want to get a table contact me for costs. If you have some pet research and you want to have the participants fill out anonymous questioners please contact me for the best way to do this. If you want to sponsor any event or part of DEF CON V in return for favorable mentions and media manipulation please contact me. For example in the past Secure Computing has sponsored a firewall hacking contest. MORE INFO:------------------------------------------------------------------- [> DEF CON Voice Bridge (801) 855-3326 This is a multi-line voice bbs, VMB and voice conference system. There are 5 or so conference areas, with up to eight people on each one. Anyone can create a free VMB, and there are different voice bbs sections for separate topics. This is a good neutral meeting place to hook up with others. The Voice bridge will be changing numbers soon, but the old number will refer you to the new location. The new spot won't suffer from "Phantom" bridges! [> MAILING LIST send emial to majordomo(a)merde.dis.org and in the body of the message include the following on a separate line each. subscribe dc-stuff dc-announce is used for convention updates and major announcements, dc-stuff is related to general conversation, planning rides and rooms, etc. [> WWW Site http://www.defcon.org/ Convention updates and archives from previous conventions are housed here. Past speakers, topics, and stuff for sale. Also a growing section of links to other places of interest and current events. [> The Third Annual California Car Caravan to DEF CON! http://www.netninja.com/caravan There are also some resources (links to other web sites and text files) generally related to DefCon--not specifically the California Caravan. These resources are available at: http://www.netninja.com/caravan/resources.html [> The DEF CON V Car ride sharing page: Use this site to arrange ride sharing to the convention from all over North America. If you can spare a seat for someone, or need to leech a ride go to the ride sharing page set up by Squeaky. http://garbage.bridge.net/~defcon/defcon.html [> EMAIL dtangent(a)defcon.org Send all email questions / comments to dtangent(a)defcon.org. It has been said that my email is monitored by various people. If you want to say something private, please do so with my pgp key (At the bottom of this announcement) I usually respond to everything, if not I'm swamped or had a system problem. [> GIVE ME MONEY! SNAIL MAIL PRE-REGISTRATION Send all written materials, pre-registrations, etc. to: DEF CON, 2709 E. Madison, Seattle WA, 98112 If you are pre-registering for $30 please make payable to DEF CON and include a name to which you want the registration to apply. I don't respond to registrations unless you request. DO YOU WANT TO HELP?--------------------------------------------------------- Here is what you can do if you want to help out or participate in some way: Donate stuff for the continuous giveaways and the various contests. Got extra ancient stuff, or new cool stuff you don't use anymore? Donate it to a good cause! One person was very happy over winning an osborne "portable" computer. ORGANIZE sharing a room or rides with other people in your area. Join the mailing list and let people know you have floor space or some extra seats in your car. Hey, what's the worst that can happen besides a trashed hotel room or a car-jacking? CREATE questions for hacker jeopardy (you know how the game is played) and email them to winn(a)infowar.com. No one helped out last year, so this year let's try. Everything from "Famous narks" to "unix bugs" is fair game. BRING a machine with a 10bt interface card, and get on the local network, trade pgp signatures, etc. FINAL CHECK LIST OF STUFF TO BRING:------------------------------------------ From: Enigma Here is a list of items to bring to DefCon. These are only suggestions. Your mileage may vary. :) Items to bring to DefCon ~~~~~ ~~ ~~~~~ ~~ ~~~~~~ Clothing - Comfortable shirts and pants/shorts - Socks, underwear, etc - Bathing suit - Toiletries (deodorant, toothbrush, comb, hair spray,..., giant tub of hair grease, Oxy pads, etc) - An extra towel (don't leave home without it. Anyway, doesn't it always seem that you run out of clean towels in the bathroom?) - Something cool, hip, pimp-o-matic, or ninja-riffic to wear Saturday night at the Black and White Ball You can skip the deodorant and extra clothing if all you are going to do is play "Magic: The Gathering" and "Quake." Everyone else does. Stuph - Your shades. Vegas is hot. The sun is bright. 'Nuff said. (If you wear eye glasses, I hear the clip-on, flip-up sunglasses are quite the fashion statement) - Sunscreen of at least SPF 100. After spending hundreds of hours in front of the monitor, who needs the sun to ruin their ghostly white tan? - A hat--preferably with a cool logo or catchy phrase like "Gandalf Routers," "Netscape," "Microsoft [with "sucks" scrawled below it in permanent marker]", "I [heart] [insert government institution: Cops, Feds, etc]"...you get the idea - Note book, palmtop, or laptop to take notes on during the speeches - [Micro]casette recorder to record the speeches (or everyone getting drunk in your room Saturday night, not knowing what they are saying, with no hope of remembering it...excellent blackmail material!) - Camcorder (see above...<>) - Digital camera--for all of the above reasons PLUS you can instantly upload the images through the T1 onto the net - Fake ID for all of you under 18/21 - Fake ID for everyone else, if you're planning something illegal - Your best jokes (Nooooo! Not the superman joke! Not the pink joke) - Your best hacking stories...these are all about something "your friend" did, aren't they? You wouldn't admit to doing anything illegal, now, would you? - Someone else's--oops, I mean "your" credit card numbers Fun - Your drug(s) of choice -- From caffeine to pot to speed to acid - Zippo and extra fuel. And while you're at it, put an extra flint (assuming you can find one in the back of your junk drawer) in the bottom. You always run out at just the wrong time. - Extra smokez (Splurge: get some cigars or cloves for the weekend) - Leather - Handcuffs and chains, nipple clamps, etc. - Saran wrap, duct tape, electrical tape, gaffer's tape - Candles (the drippy kind) - Incense - Oils - Your copy of "The Pocket Kama Sutra" (ISBN 0-7894-0437-0) - That corn starch and water "slime" that Light Ray (I believe) and others believed to be the ultimate thing, several DefCon's back. Tech - Laptop w/ Ethernet card - Extra laptop battery - A zip drive with a stack of disks containing all your soooper k-rad haxing utilities and g-files - 10bt/10b2 cabling - A small hub - You did remember to put a packet sniffer on your zip disk, right? Just checking. - Every power cord you could possibly need - A serial cable with a plethora of adapters so you can get each end to be male/female, 9pin/25pin, null-modem/straight - Cable to connect the above mentioned digital camera to the laptop - Scanner (modded, of course) - Frequency counter (I hear the "Scout" is pretty good) - HAM radio. Any band, any frequency. You didn't modify it to transmit on arbitrary frequencies, did you? Naughty monkey! - An assortment of tuned antennas - That zip disk has the FCC frequency allocations on it, right? - Your uber-elite organizer (the DOS based HP palmtops are quite cool) to collect handles and email addresses from people - High energy weapons ("Is that an unlicensed nuclear accelerator on your back?" "No, it's just a HERF gun." "Oh.") - Laser pointer (don't get kicked out of the hotel again, youz doodz) - Your "white courtesy phone" that you stole from the Monte Carlo last year - A microbroadcasting station with plenty of tuneage - Your lock picks or lock picking gun - A pocket-sized tool kit containing a modular screwdriver and plenty of attachments (flathead, philips, torx, hex, etc) - A pocket knife, pliers and wire cutters--or alternatively a Leatherman's tool - Hell, while you're at it: why not some bring bolt cutters, a sledge hammer, and a hack saw? - Telephone handset with alligator clips. Or, if you're uber- 31337, you have a lineman's butt set (with the serial number and telco logo filed off) - Bubble gum or epoxy putty--anything maleable and hardens. This is good for fixing hoses under the hood of your car. It's also useful to jam mechanical sensors (What would happen if the microwave always though it's door was open? Or if the elevator always thought there was someone blocking the path of the door? Wouldn't hotel security be pissed if they couldn't get into their security room because someone jammed a toothpick into the keyhole with krazy glue?) - An alabi - Spam - Multimeter - Cordless electric soldering iron - Parts box MY PGP KEY:------------------------------------------------------------------ -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy6v5H8AAAEEAJ7xUzvdRFMtJW3CLRs2yXL0BC9dBiB6+hAPgBVqSWbHWVIT /5A38LPA4zqeGnGpmZjGev6rPeFEGxDfoV68voLOonRPcea9d/ow0Aq2V5I0nUrl LKU7gi3TgEXvhUmk04hjr8Wpr92cTEx4cIlvAeyGkoirb+cihstEqldGqClNAAUR tCZUaGUgRGFyayBUYW5nZW50IDxkdGFuZ2VudEBkZWZjb24ub3JnPg== =ngNC -----END PGP PUBLIC KEY BLOCK-----

1 0

DEF CON V Convention Announcement #1.19 (06.30.97)
by Declan McCullagh 17 Dec '03

17 Dec '03

[I'm planning to show up Friday morning. Anyone else going? --Declan] ******* READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB DEF CON V Convention Announcement #1.19 (06.30.97) July 11-13th @ the Aladdin Hotel and Casino in Las Vegas XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement XXXXXXxxxxxxXXXXXX X X DEF CON V Convention Announcement XXXXXxxxxxxxxXXXXXXX X DEF CON V Convention Announcement XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON V Convention Announcement XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON V Convention Announcement XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON V Convention Announcement XXXxxxxxxxxxxxxXXXXXXXX DEF CON V Convention Announcement XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON V Convention Announcement XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON V Convention Announcement XXXXXXxxxxxxXXXXXXXXX X DEF CON V Convention Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON V Convention Announcement XXXXXXXXXXXXXXXXXXXXXXXXXXXX X DEF CON V Convention Announcement READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB The only convention with free beer! IN SHORT:-------------------------------------------------------------------- WHAT: Speakers and partying in Vegas for all hackers WHEN: July 11th - 13th WHERE: Las Vegas, Nevada @ the Aladdin Hotel and Casino COSTS: $30 in advance, $40 at the door MORE INFO: http://www.defcon.org or email info(a)defcon.org IN LONG:--------------------------------------------------------------------- It's time to brave Las Vegas again for DEF CON! This is an initial announcement and invitation to DEF CON V, a convention for the "underground" elements of the computer culture. We try to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers, Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks, Futurists, Artists, Criminally Insane, Hearing Impaired. It seems that books about the culture are becoming more popular, so of course reporters are also welcome. You won't be hurt. I promise. Just bring cash for drinks. So you heard about DEF CON IV, and want to hit part V? You heard about the parties, the info discussed, the bizarre atmosphere of Las Vegas and want to check it out in person? You want to do weird shit _away_ from the hotel where you can't get me in trouble? You have intimate knowledge of the SWIFT network, and want to transfer millions of dollars to the Def Con account? Then you're just the person to attend! What DEF CON is known for is the open discussion of all ideas, the free environment to make new contacts and the lack of ego. More people have made great friends at DEF CON over the years than my brain can conceive of. DEF CON is also known for letting the "Suits" (Government / Corporate) mix with everyone and get an idea of what the scene is all about. The media makes an appearance every year and we try to educate them as to what is really going on. Basically it has turned into the place to be if you are at all interested in the computer underground. [Note]----------------------------------------------------------------------- Now last year over 800 people showed up and threw my whole program for a loop. I was thinking 500+ people, but when 800 showed up it got a little crazy for the planning staff. This year I am planning for 1,000. This way I will be able to accommodate everyone and have less logistical screw- ups. I would also like to apologize to everyone last year who had temporary badges for half the convention, etc. I will do all that is possible for maximum coolness, and minimum hassles. Anyway, enough of my shit, on with the details. [End Note]------------------------------------------------------------------- SPEAKERS:-------------------------------------------------------------------- Over the years DEF CON has had many notable speakers. This year there will be more of an emphasis on technical talks. There will be a separate smaller room for break-out sessions of more specific topics. While the talks of the past have been great, it always seems some tech people drop out and general talks fill in. I will load it tech heavy so when people do drop out there will still be plenty of meat left for the propeller heads. There will be some speaking on Friday evening before Hacker Jeopardy, all day Saturday and Sunday. About 20 people will speak, plus smaller tech sessions. If you are interested in speaking or demonstrating something please contact me. Current speakers include: [> Nhil - Windows NT (in)security. The challenge response system, NT 5.0 Kerb security services, man in the middle attacks on domain controllers. This will be a more technical discussion of NT related security. [> Koresh - Hacking Novell Netware. [> Yobie - Emerging infrastructures made possible by Java. He will describe and talk about Java as the foundation for a global, object-oriented distributed network. New concepts and computing paradigms will discussed as well as applications for both applications development or straight-out hacking. [> Mudge - System Administrator for L0pht Heavy Industries. He will present a technical talk on something cool. [> Clovis - From the Hacker Jeopardy winning team. He will discuss issues with security and networked object systems, looking at some of the recent security issues found with activeX and detail some of the potentials and problems with network objects. Topics will include development of objects, distributed objects, standards, ActiveX, corba, and hacking objects. [> Bruce Schneier - Author of Applied Cryptography and the Blowfish algorithm - Why cryptography is harder than it looks. [> FBI Computer Crime Squad - They will make another appearance this year only if I can bribe them with the audio from last years convention. Can I do it in time? [> Richard Thieme - "The Dynamics of Social Engineering: a cognitive map for getting what you need to know, working in networks, and engaging in espionage quietly; the uses of paranoia, imagination, and grandiosity to build the Big Picture. [> Wrangler - Packet Sniffing: He will define the idea, explain everything from 802.2 frames down to the TCP datagram, and explain the mechanisms (NIT, bpf) that different platforms provide to allow the hack. Wrangler has been programming since seven column paper tape. He is a loner with the social skills of a California Condor. He has never been a member of LOD, MOD, or any other group. He has written no books, is not currently employed, and refuses to discuss what he refers to as "that credit card provider thing back when I used to do mainframe shit." His current projects include looking for his next Fortune 100 contract and writing the DEFCON V virus. [> Seven - What the feds think of us. [> Richard K. - Electronic countermeasures, counter espionage, risk management. Should include a demonstration of electronic countermeasures equipment as well as a talk on what works, what doesn't, and the industry. [> Tom Farley the Publisher of the "Private Line" journal, and Ken Kumasawa of TeleDesign Management - Toll Fraud in the 90s: Two perspectives. An overview of phreaking from a hackers point of view and an industry/security consultants point. [> Michael Quattrocchi - The future of digital cash and a presentation about the modernization and state of register-level debit cards; in effect currently throughout Canada. [> The Deth Vegetable - "The Cult of the Dead Cow embarks on a new era of Global Domination for the 21st Century three years early -- if you're not at Defcon this year, you won't be down with the master plan. Important announcements and startling new developments that will affect the entire history of the Computer Underground as you know it." [> Ira Winkler - Real life case studies of successful and unsuccessful corporate espionage. [> Sameer Parekh - c2.net - Why cryptography is harder than it looks, part two. A look at implementation and production problems facing people and companies wishing to develope and distribute strong encryption. [> Carolyn P. Meinel - Moderator of the Happy Hacker Digest and mailing lists. She will preside over a seperate Happy Hacker discussion pannel that will cover the topics of wether or not "newbies" should have information handed to them, or should they learn for themselves? [> Dan Veeneman - Low Earth Orbit satellites are nearing the launch stage, and this talk will cover the different systems that are planned and some of the services they'll offer. A bit on GPS that wasn't covered last year as well as the ever popular question and answer section. [> Hobbit - CIFS is a load of CACA - Random SMB CIFS stuff in Microsfot products. [> Cyber - An overview and explanation of available crypto-tools. What tools and programs do what, when to use them and on what platforms. From someone who has spent lots of time playing around with the currently available set of applications. [> Keith - Has some experience writing firmware for embedded microcontroller applications, and is giving a technical talk on applications of microcontrollers in the h/p community. [> James Jorasch - Hacking Vegas - How to games the gamers. From someone who used to deal with hotel casino security. What really goes on? SCHEDULE:-------------------------------------------------------------------- FRIDAY: Network Setup, Sign in, Informal PGP Keysigning at the "PGP table", Lots of Partying. Capture the Flag Contest Starts at 16:00 On Friday there will be the demonstrations of the Radio Burst Cannon, a "real" rail gun, and an omni-directional cell phone jammer. Times to be announced. 10:00 - Doors open, sign in starts 10:00 - Movies start in main conference room 16:00 - Capture the Flag II starts 15:30 - Round up and head off for demonstrations of HERF, and rail gun madness. Nothing may happen, then again.. 23:30 - 23:00 James Jorasch - "Hacking Vegas" how to beat the system in Vegas by someone who knows it inside and out. 23:00 - 03:00 Hacker Jeopardy Starts. SATURDAY: 10:00 - 10:50 Richard Thieme - The Dynamics of Social Engineering. 11:00 - 11:50 Yobie - Emerging infrastructures made possible by Java. 12:00 - 12:50 Clovis - issues with security and networked object systems. 13:00 - 13:50 FBI Computer Crime Squad - 14:00 - 14:50 Deth Veggie - Global Domination, cDc style. 15:00 - 15:50 Seven - What the feds think of us. 16:00 - 16:50 Richard K. - 17:00 - 17:50 Tom Farley and Ken K. - Toll Fraud in the 90s: Two perspectives. Saturday Breakout Tech Sessions: Koresh - Novell issues. Mudge - Secure Coding. Hobbit - Why CIFS is CACA. Nihil - NT security issues. Wrangler - Packet Sniffing. Keith - firmware for embedded microcontroller applications. 24:00 (Midnight) Final rounds of Hacker Jeopardy. SUNDAY: 10:00 - 10:50 Ira Winkler - Industrial Espionage. 11:00 - 11:50 Sameer - Why cryptography is harder than it looks, part two. 12:00 - 12:50 Cyber - An overview and explanation of available crypto-tools. 13:00 - 13:50 Carolyn Meinel - Happy Hacker Panel. 14:00 - 14:50 Michael Q. - The future of digital cash. 15:00 - 15:50 Dan Veeneman - Low Earth Orbit satellites. Sunday Breakout Tech Sessions: Happy Hacker track Panel: "The Newbie Experiments" Moderator is Carolyn Meinel, author of the Guides to (mostly) Harmless Hacking series. Other panel members are: - Matt Hinze, editor of the Happy Hacker Digest. - Bronc Buster, who runs a Web forum, IRC server and the New Buckaroos Web site for his fast-growing band of newbies. - Mark Biernacki of Shellonly.com will talk about this new ISP which is designed to make it easy for newbies to learn to hack. Just say "Telnet port 22!" - Jericho, who will hold forth on "Let the newbies fend for themselves." We will allow each panel member to open with a brief presentation of his or her work, followed by debate first among panel members, followed by Q&A from the audience. We expect some intense debate:-) Then if the Aladdin hotel hasn't yet been demolished yet by riots, we will continue with a series of individual presentations: - Jon McClintock, editor of Happy-SAD (Systems Administrator Digest) will demonstrate how to install Linux. - Bronc Buster will hold forth on the Windows 95 denial of service programs his Web site offers. - Carolyn Meinel will demonstrate how to read email headers, create, and decipher forged email. Breakout Tech Sessions: 16:00 Awards for Capture the Flag End of it all, cleanup, etc. See you all next year! EVENTS:---------------------------------------------------------------------- [> HACKER JEOPARDY: Winn is back with Hacker Jeopardy!! The third year in the running! Can the all-powerful Strat and his crypto-minion Erik, whose force cannot be contained, be defeated?! Will the powers that be allow Strat-Meister to dominate this beloved event for the third year in a row?! Can Erik continue to pimp-slap the audience into submission with a spoon in his mouth?!? Only Skill, Time, and booze will tell the tail! The Holy Cow will help supply the beer, you supply the answers. The first round starts at 12 midnight o'clock on Friday and lasts until it is done. The second and secret rounds will happen Saturday at midnight. 6 teams will be picked at random and compete for the final round. There can be only one! Strat's Team, the winners from last year will defend if all the members can be found. [> FREE BEER! Holy Cow will provide free beer tickets! If you are over 21 prepare to consume "hacker" beers. Actually it's whatever beer they have on tap, but it's the best beer in Las Vegas. Follow Las Vegas Blvd. up until you see the florescent cow with the big sunglasses. All taxi drivers know of this Mecca. Over 1,000 free beers in all! [> BLACK AND WHITE BALL: We've talked it over, and the verdict is in. For the last two years at DEF CON there has been a sort of unspoken Saturday night dress up event. People have worn everything from party dresses and Tuxedoes to AJ's ultra pimp Swank outfit with tiger print kilt. This year it is official. Wear your cool shit Saturday night, be it gothic or PVC vinyl or Yakuza looking black MIBs. No prizes, just your chance to be the uber-bustah pimp. [> THE TCP/IP DRINKING GAME: If you don't know the rules, you'll figure 'em out. [> CAPTURE THE FLAG: ALL NEW, ALL IMPROVED, MORE CONFRONTATIONAL, 1997 ILLUMINATI INVITATIONAL, CAPTURE THE FLAG, HACKER STYLE. The goal is to take over everybody else's server while protecting your own. To cut down on lag time and federal offences we're providing a playing field of 5 flag-machine networks connected by a big router in the middle. The rules: 1) No taking the network down for more than 60 seconds. 2) No taking any flag machine (including your own) down for more than 3 minutes. 3) In order to be counted in the game, a team's flag machine must - be directly connected to the network; - have a text file flag on the machine readable by at least 2 accounts, - keep at least 3 *normal* services running in a way that a client could actually get their work done using them. - run a web server if technically possible. 4) No goonery/summoning of elder gods/Mickey Finns/physical coercion... you get the idea. ( You had the idea, but we're trying to prevent you from using it. ) The field of play : Each network will have a "server" of some kind on it, called the flag machine. At the start of the game, these servers will be stock installations a lot like what you'd see on the average academic/secret cabal/military/megacorp network. Each of these machines will have a PGP private key, named root.flag, and a web server. There will also be a machine to provide DNS, called the scoreboard. Teams: Teams can be one human or more. In order to be a team, you have to generate 20 256bit PGP key pairs, have a DEFCON goon pgp-sign them and put the public keys on the scoreboard webserver. We'll generate a hundred key pairs in advance, so the first five teams can just grab a floppy disk (if they're trusting). To prove that you've hacked a flag machine, PGP - sign a message with the root.flag from the hacked machine, then with one of your own. Post the doubly-signed message on the scorekeeper web server, and you've captured that flag (and invalidated the captured root.flag). When you've captured a flag, decide between conquest and condescension: either take over the server yourself, or hand it back to its not-so-eleet owners. To conquer, put one of your PGP private keys on the captured server to become the next root.flag. (Of course, you have to properly secure the server to maintain your new territory.) To condescend, just wait until the original owners see their shame spread across the scoreboard. (It would sure be a pity if they had to put up a new key before they figured out how you got in last time, wouldn't it?) Two Ways to Win: #1 EVIL EMPIRE: Whoever has the most servers responding with their teams' private keys at the end wins. #2 PIRATE: Fabulous prizes will also be given to whoever racks up the highest total number of flags captured. Rough game mechanics (why is everyone so untrusting?): Once every 5 minutes or more, the scoreboard machine will post a plaintext challenge. Every team that claims to own a server has to PGP-sign that challenge with the private key registered for that server and post the signed version on their machine. If a server can't respond within 3 minutes, then nobody owns it, and it's fair game to be taken back over by the goons. Specific rules will be available in print at DefCon before the game begins. This was a message from The People [> QUAKE COMPETITION: http://www.ctive.com/ntech/defcon.htm This year knightPhlight contacted me and wanted to organize a single elimination Quake competition to find out who that badest ass 'mo 'fo is. Check out the web site to get the rules, sign up, or to donate a computer the greater good of destruction. It is IMHO that Quake by id Software rules 3D action gaming. But who rules Quake? We'll find out this July 11th-13th at the DefCon Conference in Las Vegas. This isn't going to be a networked game intent on quickly eliminating as many players as possible in a single round. Rather, one-on-one games will be played to absolutely determine who the best really is. Of course, you already know your the best so why would you feel obligated to prove it? Because we'll give the first place winner $750. Now, being the wily person you are, I bet you would like to know where I got the money for the prizes. It'll come from your registration fee of $7.50. Any half wit can do the math and see the 10,000% return for the winner. But just for entering you'll be in a drawing for really kewl stuff. If you don't think its kewl you can just give us your email address and we'll be happy to send you a couple hundred thousand messages explaining why the prizes are great. [> NET CONNECTION AND TOPOLOGY: DefCon 5 Network Plan (v.99) Telecommunications ------------------ Media Type: T1 ESF/B8ZS (not D4/AMI) Service Provider: Las Vegas Digital Internet Telco: Sprint Equipment needed Equipment on-hand ---------------- ---------------------------------------------- CSU/DSU Verilink AS2000's with NCC 2301 cards (JC) Router Cisco 2501 (Lock) Net Admin server (Lock ) 10bT Hubs 16-port from Lock - need more to populate the room 10bT Cable (miles) Everybody bring their own - will need some extra to link hubs Network Services: ----------------- Web Server CU-reflector RealAudio Server IRC server? This year we are pre-building many of the network boxes so the net can go up first thing Friday. It looks like we will have a T1 line and we will break it out to 10 BaseT hubs. If you want in on the network bring along the appropriate cables and adapters. More Net Madness! The T1 bandwidth will allow us to do the following cool stuff: - Have several color quickcams and a CU-SeeMe reflector site set up so people not at the con can check out what's going on. During the convention check out the DEF CON web site to get the location of the reflector site. You should get and install the software needed to view CU-SeeMe streams in advance! - Have a RealAudio server set up to stream the speakers talks to those who can not attend. - Potentially play a competitive multi user game(s) over the net. NOTE! If you wish to participate interactively with the convention please e-mail me and we can coordinate something. It would be great to get people from all over the world involved. [> 5th ANNUAL SPOT THE FED CONTEST: The ever popular paranoia builder. Who IS that person next to you? "Like a paranoid version of pin the tail on the donkey, the favorite sport at this gathering of computer hackers and phone phreaks seems to be hunting down real and imagined telephone security and Federal and local law enforcement authorities who the attendees are certain are tracking their every move.. .. Of course, they may be right." - John Markhoff, NYT Basically the contest goes like this: If you see some shady MIB (Men in Black) earphone penny loafer sunglass wearing Clint Eastwood to live and die in LA type lurking about, point him out. Just get my attention and claim out loud you think you have spotted a fed. The people around at the time will then (I bet) start to discuss the possibility of whether or not a real fed has been spotted. Once enough people have decided that a fed has been spotted, and the Identified Fed (I.F.) has had a say, and informal vote takes place, and if enough people think it's a true fed, or fed wanna-be, or other nefarious style character, you win a "I spotted the fed!" shirt, and the I.F. gets an "I am the fed!" shirt. NOTE TO THE FEDS: This is all in good fun, and if you survive unmolested and undetected, but would still secretly like an "I am the fed!" shirt to wear around the office or when booting in doors, please contact me when no one is looking and I will take your order(s). Just think of all the looks of awe you'll generate at work wearing this shirt while you file away all the paperwork you'll have to produce over this convention. I won't turn in any feds who contact me, they have to be spotted by others. DOUBLE SECRET NOTE TO FEDS: This year I am printing up extra "I am the Fed!" shirts, and will be trading them for coffee mugs, shirts or baseball hats from your favorite TLA. If you want to swap bring along some goodies and we can trade. Be stealth about it if you don't want people to spot you. Agents from foreign governments are welcome to trade too, but I gotta work on my mug collection and this is the fastest way. [> RAIL GUN DEMONSTRATION: (Friday) On Friday afternoon there will be a demonstration of a hand held rail gun. This garage project should be able to fire a graphite washer very, very fast. [> OMNIDIRECTIONAL CELL PHONE JAMMER DEMONSTRAITON: (Friday) Another interesting creation to be tested on Friday in the desert. Come along and watch you cell phone antenna explode with power! See control channels crumble before you. [> RADIO BURST CANNON DEMONSTRATION: (Friday) While not quite a HERF gun, this should come close. The RBC should be able to produce up to or less than one MegaWatt for up to or less than one second. What will this do? Who knows! Come and find out. Obviously the above demonstrations will take place away from the local hospitals and casinos out in the desert someplace, so be prepared. HOTELS:---------------------------------------------------------------------- [> Book your room NOW!!! We have a block of rooms, but it is first come, [> first served. Rooms get released about one month before the convention. [> Book by June 9th or risk it. The room rates are quite cool this year. PRIMARY HOTEL: The Aladdin Hotel and Casino 3667 Las Vegas Blvd. South, Las Vegas, Nevada Built in 1966 it is one of the oldest hotels in Las Vegas that hasn't been blown up to make room for newer ones. It is quite nice and has Tennis courts, two swimming pools, Chinese, Vietnamese and Korean. A Seafood and steakhouse, Joe's Diner and a 24 hour coffee shop too. It's located next to the MGM Theme park on the strip. PHONE: 1-800-634-3424, reference the "DC Communications conference" for reservations. 702-736-0222 RATES: Single & Double rooms are $65 in the Garden section, $85 for the Tower. Suites are $250 to $350. All costs are plus 8% room tax. Rollaway beds are available for an additional $15 a night. STUFF IN VEGAS:-------------------------------------------------------------- URLs Listings of other hotels in Las Vegas, their numbers, WWW pages, etc. http://www.intermind.net/im/hotel.html http://vegasdaily.com/HotelCasinos/HotelAndCasinos/CasinoList.html VENDORS / SPONSORS / RESEARCH:----------------------------------------------- If you are interested in selling something (shirts, books, computers, whatever) and want to get a table contact me for costs. If you have some pet research and you want to have the participants fill out anonymous questioners please contact me for the best way to do this. If you want to sponsor any event or part of DEF CON V in return for favorable mentions and media manipulation please contact me. For example in the past Secure Computing has sponsored a firewall hacking contest. MORE INFO:------------------------------------------------------------------- [> DEF CON Voice Bridge (801) 855-3326 This is a multi-line voice bbs, VMB and voice conference system. There are 5 or so conference areas, with up to eight people on each one. Anyone can create a free VMB, and there are different voice bbs sections for separate topics. This is a good neutral meeting place to hook up with others. The Voice bridge will be changing numbers soon, but the old number will refer you to the new location. The new spot won't suffer from "Phantom" bridges! [> MAILING LIST send emial to majordomo(a)merde.dis.org and in the body of the message include the following on a separate line each. subscribe dc-stuff dc-announce is used for convention updates and major announcements, dc-stuff is related to general conversation, planning rides and rooms, etc. [> WWW Site http://www.defcon.org/ Convention updates and archives from previous conventions are housed here. Past speakers, topics, and stuff for sale. Also a growing section of links to other places of interest and current events. [> The Third Annual California Car Caravan to DEF CON! http://www.netninja.com/caravan There are also some resources (links to other web sites and text files) generally related to DefCon--not specifically the California Caravan. These resources are available at: http://www.netninja.com/caravan/resources.html [> The DEF CON V Car ride sharing page: Use this site to arrange ride sharing to the convention from all over North America. If you can spare a seat for someone, or need to leech a ride go to the ride sharing page set up by Squeaky. http://garbage.bridge.net/~defcon/defcon.html [> EMAIL dtangent(a)defcon.org Send all email questions / comments to dtangent(a)defcon.org. It has been said that my email is monitored by various people. If you want to say something private, please do so with my pgp key (At the bottom of this announcement) I usually respond to everything, if not I'm swamped or had a system problem. [> GIVE ME MONEY! SNAIL MAIL PRE-REGISTRATION Send all written materials, pre-registrations, etc. to: DEF CON, 2709 E. Madison, Seattle WA, 98112 If you are pre-registering for $30 please make payable to DEF CON and include a name to which you want the registration to apply. I don't respond to registrations unless you request. DO YOU WANT TO HELP?--------------------------------------------------------- Here is what you can do if you want to help out or participate in some way: Donate stuff for the continuous giveaways and the various contests. Got extra ancient stuff, or new cool stuff you don't use anymore? Donate it to a good cause! One person was very happy over winning an osborne "portable" computer. ORGANIZE sharing a room or rides with other people in your area. Join the mailing list and let people know you have floor space or some extra seats in your car. Hey, what's the worst that can happen besides a trashed hotel room or a car-jacking? CREATE questions for hacker jeopardy (you know how the game is played) and email them to winn(a)infowar.com. No one helped out last year, so this year let's try. Everything from "Famous narks" to "unix bugs" is fair game. BRING a machine with a 10bt interface card, and get on the local network, trade pgp signatures, etc. FINAL CHECK LIST OF STUFF TO BRING:------------------------------------------ From: Enigma Here is a list of items to bring to DefCon. These are only suggestions. Your mileage may vary. :) Items to bring to DefCon ~~~~~ ~~ ~~~~~ ~~ ~~~~~~ Clothing - Comfortable shirts and pants/shorts - Socks, underwear, etc - Bathing suit - Toiletries (deodorant, toothbrush, comb, hair spray,..., giant tub of hair grease, Oxy pads, etc) - An extra towel (don't leave home without it. Anyway, doesn't it always seem that you run out of clean towels in the bathroom?) - Something cool, hip, pimp-o-matic, or ninja-riffic to wear Saturday night at the Black and White Ball You can skip the deodorant and extra clothing if all you are going to do is play "Magic: The Gathering" and "Quake." Everyone else does. Stuph - Your shades. Vegas is hot. The sun is bright. 'Nuff said. (If you wear eye glasses, I hear the clip-on, flip-up sunglasses are quite the fashion statement) - Sunscreen of at least SPF 100. After spending hundreds of hours in front of the monitor, who needs the sun to ruin their ghostly white tan? - A hat--preferably with a cool logo or catchy phrase like "Gandalf Routers," "Netscape," "Microsoft [with "sucks" scrawled below it in permanent marker]", "I [heart] [insert government institution: Cops, Feds, etc]"...you get the idea - Note book, palmtop, or laptop to take notes on during the speeches - [Micro]casette recorder to record the speeches (or everyone getting drunk in your room Saturday night, not knowing what they are saying, with no hope of remembering it...excellent blackmail material!) - Camcorder (see above...<>) - Digital camera--for all of the above reasons PLUS you can instantly upload the images through the T1 onto the net - Fake ID for all of you under 18/21 - Fake ID for everyone else, if you're planning something illegal - Your best jokes (Nooooo! Not the superman joke! Not the pink joke) - Your best hacking stories...these are all about something "your friend" did, aren't they? You wouldn't admit to doing anything illegal, now, would you? - Someone else's--oops, I mean "your" credit card numbers Fun - Your drug(s) of choice -- From caffeine to pot to speed to acid - Zippo and extra fuel. And while you're at it, put an extra flint (assuming you can find one in the back of your junk drawer) in the bottom. You always run out at just the wrong time. - Extra smokez (Splurge: get some cigars or cloves for the weekend) - Leather - Handcuffs and chains, nipple clamps, etc. - Saran wrap, duct tape, electrical tape, gaffer's tape - Candles (the drippy kind) - Incense - Oils - Your copy of "The Pocket Kama Sutra" (ISBN 0-7894-0437-0) - That corn starch and water "slime" that Light Ray (I believe) and others believed to be the ultimate thing, several DefCon's back. Tech - Laptop w/ Ethernet card - Extra laptop battery - A zip drive with a stack of disks containing all your soooper k-rad haxing utilities and g-files - 10bt/10b2 cabling - A small hub - You did remember to put a packet sniffer on your zip disk, right? Just checking. - Every power cord you could possibly need - A serial cable with a plethora of adapters so you can get each end to be male/female, 9pin/25pin, null-modem/straight - Cable to connect the above mentioned digital camera to the laptop - Scanner (modded, of course) - Frequency counter (I hear the "Scout" is pretty good) - HAM radio. Any band, any frequency. You didn't modify it to transmit on arbitrary frequencies, did you? Naughty monkey! - An assortment of tuned antennas - That zip disk has the FCC frequency allocations on it, right? - Your uber-elite organizer (the DOS based HP palmtops are quite cool) to collect handles and email addresses from people - High energy weapons ("Is that an unlicensed nuclear accelerator on your back?" "No, it's just a HERF gun." "Oh.") - Laser pointer (don't get kicked out of the hotel again, youz doodz) - Your "white courtesy phone" that you stole from the Monte Carlo last year - A microbroadcasting station with plenty of tuneage - Your lock picks or lock picking gun - A pocket-sized tool kit containing a modular screwdriver and plenty of attachments (flathead, philips, torx, hex, etc) - A pocket knife, pliers and wire cutters--or alternatively a Leatherman's tool - Hell, while you're at it: why not some bring bolt cutters, a sledge hammer, and a hack saw? - Telephone handset with alligator clips. Or, if you're uber- 31337, you have a lineman's butt set (with the serial number and telco logo filed off) - Bubble gum or epoxy putty--anything maleable and hardens. This is good for fixing hoses under the hood of your car. It's also useful to jam mechanical sensors (What would happen if the microwave always though it's door was open? Or if the elevator always thought there was someone blocking the path of the door? Wouldn't hotel security be pissed if they couldn't get into their security room because someone jammed a toothpick into the keyhole with krazy glue?) - An alabi - Spam - Multimeter - Cordless electric soldering iron - Parts box MY PGP KEY:------------------------------------------------------------------ -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy6v5H8AAAEEAJ7xUzvdRFMtJW3CLRs2yXL0BC9dBiB6+hAPgBVqSWbHWVIT /5A38LPA4zqeGnGpmZjGev6rPeFEGxDfoV68voLOonRPcea9d/ow0Aq2V5I0nUrl LKU7gi3TgEXvhUmk04hjr8Wpr92cTEx4cIlvAeyGkoirb+cihstEqldGqClNAAUR tCZUaGUgRGFyayBUYW5nZW50IDxkdGFuZ2VudEBkZWZjb24ub3JnPg== =ngNC -----END PGP PUBLIC KEY BLOCK-----

1 0

Australian "Walsh" report exposes the hole in key escrow
by John Gilmore 17 Dec '03

17 Dec '03

This report was finally obtained (after suing the Australian government under Freedom of Information laws) by Electronic Frontiers Australia. I haven't seen it yet; this is the first I'd heard that it is released. The first paragraph does its best to scare people, but the gist is all correct: if you escrow authentication keys, digital signatures don't work. If you don't escrow authentication keys, then key escrow doesn't work. John Gilmore Forwarded-by: Hal Abelson (I don't know the original source). By John Davidson Governments will be forced to completely undermine the emerging global electronic commerce system if they want to prevent it being used by criminals and for tax evasion, one of Australia's leading data security experts has warned. Professor William Caelli, head of the school of data communications at Queensland University of Technology, said yesterday that it was all but technically impossible to satisfy the competing needs of law enforcement and international trade. The difficulty was in allowing encrypted data passing along the Internet to be monitored by law enforcement agencies, while at the same time giving legal status to the digital signatures that will underpin electronic trade. A suppressed government report into encryption, written by a former deputy director-general of ASIO, Mr Gerard Walsh, has agreed with Professor Caelli. The Commonwealth should abandon as "doomed to failure" attempts to control encryption by keeping a copy of the passwords, or keys, in escrow, Mr Walsh told The Australian Financial Review yesterday. The field of cryptography is generally divided into encryption, where data is scrambled for confidentiality; and authentication, where an electronic document is scrambled or signed to prove who it came from for legal purposes. Policy under consideration in Australia, the US and the UK calls for a separation of the two key types, with law-enforcement agencies having some sort of access to all encryption keys while individual's authentication keys are kept strictly private. It is widely accepted that escrowing authentication keys would render them legally useless for signing documents. "If you ever allow people to get near authentication keys you'll corrupt the administration of justice," said Mr Walsh. The problem facing governments, according to Professor Caelli, is that it is technically impossible to separate the two key types, since they are both just very long numbers. The thinking with the most currency, known as "key tagging", involves adding extra data to the start or end of a digital key to identify what it would be used for. But key tagging can't work in a PC environment, Professor Caelli claims. PC operating systems don't have enough security to prevent users from simply taking the tag off an authentication key and adding it to an encryption key, thereby bypassing government attempts to escrow all encryption keys. If, as it was likely, a dual-key infrastructure proved impossible in a PC world, governments would either have to escrow all keys, rendering digital certification meaningless, or escrow no keys at all, rendering data surveillance totally ineffectual, he said. Mr Steve Orlowski, a leading Government expert on cryptography, acknowledged that it was now impossible to build a secure dual-key infrastructure, but said that it was "possible that someone could make a breakthrough". "We're encouraging research into that area so we'll be able to make the distinction," he said. The US National Institute of Standards and Technology recently made a worldwide plea for cryptography algorithms that can be used for authentication and not for encryption. Mr Walsh's report, commissioned by the federal government to look into how it must legislate to satisfy security and privacy needs in the face of strong cryptography, has only now come to light following a successful Freedom of Information action by Electronic Frontiers Australia. The 96 page report, Review of policy relating to encryption technologies, was due to be published in October last year, and called for a period of public discussion about cryptography issues. However, it was never released, and was only made available to the EFA this week with 20 paragraphs deleted. A second report prepared at the same time but with specific recommendations is still secret, however. According to Mr Walsh, trying to put the lid on encryption with key escrow would be "an exercise in futility" because it would miss the very target it was intended to catch: organised crime, money laundering operations and terrorists. These groups would either refuse to escrow their keys, or simply embed a further level of encryption in their messages, he said. He also said in the report that it would also be futile to try to regulate the length of crypto keys on a nation-by-nation basis because "the notion of fixed national borders is simply anachronistic" thanks to the Internet. "It's not in the interests of the community's rights to privacy, nor the needs of the business community, to . . . limit the strength of cryptography simply to catch the occasional minnow," he said. Law enforcement considerations should not automatically leapfrog privacy considerations, and the government would have to mount a "damned strong argument" every time it wanted to access someone's encryption keys, he said. Mr Walsh said he was uncertain why his report had been suppressed, given that anything that might have been controversial was restricted to the secret report he also submitted. "I wrote (the first report) in the clear expectation that it would be publicly released," he said.

1 0

Fourth of July Special
by ctn＠idp.net 17 Dec '03

17 Dec '03

Fourth of July Special!!!!!! Call 1-800-767-0160 to order. Brand New Hewlett Packard Toner Cartridges at Wholesale Prices!!! Part # Printer Type Price 92298A EP-E Series 4, 4M, 4+, 4, 5N, 5M $89.00 92295A EP-S Series II, III $69.00 92275A EP-L Series IIP, IIIP $76.00 92274A EP-P Series 4L/4P $65.00 92291A EP-N Series IIISi/4Si $99.00 C3900A EP-B Series 4V/4MV $125.00 C3903A EP-V Series 5P, 5MP, 6P, 6MP $76.00 C3906A EP-A Series 5L $59.00 C3909A EP-W Series 5Si, 5SiMX, Mopier $145.00 FX-1 Canon Fax L700 Series $81.00 FX-2 Canon Fax 5000/5500 $71.00 FX-3 Canon Fax L4000 $71.00 51626A InkJet DeskJet, DeskJet+, 500C/ 500J/505J/520/540/550C 560C/700 $27.95 Order 10 or more cartridges and receive free shipping!!!!! Ask about our other specials on Brand New Laser and InkJet Cartridges for your Printers, Faxes and Copiers. Save up to 35% by using our 100% Guaranteed Remanufactured Cartridges To Order: via email: ctn(a)idp.net via FAX: 703-449-7904; 703-449-7905; 703-449-7906; 703-803-9887 Toll Free: 1-800-767-0160 snail mail: Cartridge Technology Network, Inc. 14110 Sullyfield Circle Chantilly, Virginia 22046 FAX ORDER FORM Name________________________________________________________________________ Company Name________________________________________________________________ Address______________________________________________________________________ City/State/Zip_________________________________________________________________ Phone____________________________________FAX________________________________ EMAIL_______________________________________________________________________ Part #______________ Quantity __________ Part #______________ Quantity __________ Part # _____________ Quantity __________ Part # _____________ Quantity __________ Credit Card #:______________________________________________ Exp._______________ Signature:____________________________________________________________________ VISA/MC/Discover/American Express Accepted Corporate Purchase Orders Accepted, please call 1-800-767-0160. IF YOU DO NOT WISH TO RECEIVE FUTURE EMAIL, PLEASE REPLY TO 'ctn(a)idp.net' AND PLEASE PLACE 'REMOVE' IN THE SUBJECT AREA.

1 0

Computer
by 05643693＠prodigy.net 17 Dec '03

17 Dec '03

PLEASE READ THIS IF YOU WOULD LIKE TO EARN EXTRA CASH USING YOUR COMPUTER!!! (Now in Mac format, too!) If you have even a basic knowledge of computers, you could be making money in your spare time. There are many opportunities including: contract typing; data entry; advertising on your own Web page; and even testing new games. Send for the packet, "Home Computer Income" which contains all the information you need to get started. Included is a listing of several companies that offer this type of work. Order today, all you need is a few hours a week to create an excellent second source of income! -Please print (or write out) this order form and mail to- ------------------------------------------------------------------------------ M.E.C. P.O. Box 2188 La Mesa, CA 91943-2188 [ ] Yes, I would like to get started. Please rush me the information. Enclosed is $14.95 (plus $2.00 for shipping and handling, $16.95 total.) If I am not completely satisfied, I have 30 days to return the packet for a full refund (less S+H). Please allow 5-7 business days for checks to clear. Name/E-Mail Address___________________________________ Address_______________________________________________ City,State,Zip__________________________________________ [] Send packet to my e-mail address (omit S&H.) [] Send packet on 3.5" / 5.25" / Mac disk. (circle one.) (disc is compatible with all word processors.) -----------------------------------------------------------------------------------

1 0

Re: details of 6/26 action on HR 695??
by John Young 17 Dec '03

17 Dec '03

geeman(a)best.com wrote: >Are these the same amendments from before, or new ones? The H.R.695 amendments referred to in the Congressional Record appear to be the same ones described in House Report 105-108: http://jya.com/hr105-108.txt If there are others they have not yet been published. ---------- >Congressional Record: June 26, 1997 (House)] >[Page H4834] >From the Congressional Record Online via GPO Access [wais.access.gpo.gov] >[DOCID:cr26jn97-74] > > > REPORTED BILL SEQUENTIALLY REFERRED > > Under clause 5 of rule X, the following action was taken by the >Speaker: > > H.R. 695. A bill to amend title 18, United States Code, to > affirm the rights of U.S. persons to use and sell encryption > and to relax export controls on encryption; with an > amendment; referred to the Committees on Commerce, National > Security, and the Permanent Select Committee on intelligence > for a period ending not later than September 5, 1997, for > consideration of such provisions of the bill and amendment > reported by the Committee on the Judiciary as fall within the > jurisdiction of those committees pursuant to clause 1(e) and > (k), rule X and rule XLVIII, respectively. >

1 0

Re: Hettinga's e$yllogism
by Robert Hettinga 17 Dec '03

17 Dec '03

At 2:13 pm -0400 on 6/28/97, Tim May wrote: Kent (With a Brick, Mr.) Chrispin emetted: > >Governments have devalued currencies many many times in the past > >without the need of key escrow...key escrow is an independent issue. > > Sure, but one of the potential advantages of strong crypto is the > oft-discussed "denationalization of money." Leading bankers are beginning > to see the light on this. I wonder if Mr. Chrispin has ever heard of George Soros, or does the adventures of St. George and the BofE dragon smack too much of, horrors, capitalism? (Modulo Soros' ocassional self-flagellatory Atlantic article, of course. Knight-errants are all into that mortifying the flesh stuff. Or, maybe he's just trying to hedge his bets or something...) Anyway, on the same note, and, as a result of the Wired article this month on FC97 (I finally saw it, and it's not as bad as I thought it was going to be. I guess as long as they spell my name right...), I just got request for an interview from a staff writer from Forbes. He's writing on this very thing, the macroeconomic effect of transanational digital cash. His very words to me were: > An editor of mine liked the story so much he told > me to expand it (a.k.a. totally rewrite it) looking at whether or not a > boom in the use of electronic money might not render governmental > monetary control irrelevant as well. Looking at the issue from that > angle is convincing me that the answer is yes, and that the real story > here is about crypto. He's going to interview me on Tuesday, after the DCSB meeting. God help us all. :-). When I replied to him, I gave him the whole nine yards, poor guy. Hope I didn't scare him off: financial cryptography, the ubiquitous geodesic economy, cryptomoney, etc. (Including, of course, the, um, "excrable" e$yllogism. ;-)) I also gave him a whole passle of people to talk to about it, including David Friedman, who reported on another list lately that he's brought father Milton around to believing in the inefficiency of central banking compared to free banking, particularly in a world of ubiquitous internetworks and financial cryptography. I also sent him on to Tatsuo Tanaka, who did a presentation about a year ago at DCSB on, you guessed it, the transnationality of digital cash. :-). (Of course, Tatsuo's thinking then was that some global run or another on free$banks would end in the creation of a central bank of cypherspace, but, maybe, he's *much* better now. :-)) I didn't include you on that list, Tim, because I remember you saying something about not being bothered with such reporter.cruft anymore, and how coupling financial cryptography with strong cryptography in the eyes of the press and the financial establishment didn't make any sense, but, in case you want him to misquote us *both* and scare all those capitalist tools out there half to death, let me know and I'll send him your way. Or, maybe such glad tidings will make them all want to help us dance a jig on the eventual grave of the nation-state, you never know. The rich and hoity-toity are very different from you and me. Well, *me*, anyway... (Did I ever tell you the story about how my old man built a sailboat on St. Thomas without ever having really sailed much, and, the boat was so fast that it won *lots* of silver, so much silver that he made the New York Post (I think) about it, and, having read that article, Malcom Forbes came down to the islands that fall, and invited Pop to hang out with him on Highlander for a few days? No? Well, my old man built a sailboat on St. Thomas, you see,...) <Tune: "America the beautiful"> "My country tis of thee, land of plutography..." </T> Cheers, Bob Hettinga ----------------- Robert Hettinga (rah(a)shipwright.com) Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/

1 0

Government at Work (prudish idiocy)
by Immoral Majority 17 Dec '03

17 Dec '03

from Wired News: Oklahoma-am-Rhein: Police Seize Oscar Winner 12:05 pm Oklahoma City police seized copies of The Tin Drum, the 1979 Academy Award winner for best foreign film, after a judge ruled the film obscene under Oklahoma law. On Thursday, police began removing the movie from video stores and, using store records, tracking down those who possessed rented copies. Oklahoma District Judge Richard Freeman acted on a complaint by Oklahomans for Children and Families, which was upset by a scene in which a young boy has oral sex with a teenage girl.

1 0

List of reliable remailers
by Raph Levien 17 Dec '03

17 Dec '03

I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list(a)kiwi.cs.berkeley.edu There is also a Web version of the same information, plus lots of interesting links to remailer-related resources, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail. For more information, see: http://www.c2.org/~raph/premail.html For the PGP public keys of the remailers, finger pgpkeys(a)kiwi.cs.berkeley.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list(a)kiwi.cs.berkeley.edu. $remailer{"extropia"} = "<remail(a)miron.vip.best.com> cpunk pgp special"; $remailer{"mix"} = "<mixmaster(a)remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?"; $remailer{"replay"} = "<remailer(a)replay.com> cpunk mix pgp hash latent cut post ek"; $remailer{"exon"} = "<remailer(a)remailer.nl.com> cpunk pgp hash latent cut ek"; $remailer{"haystack"} = "<haystack(a)holy.cow.net> cpunk mix pgp hash latent cut ek"; $remailer{"lucifer"} = "<lucifer(a)dhp.com> cpunk mix pgp hash latent cut ek"; $remailer{"jam"} = "<remailer(a)cypherpunks.ca> cpunk mix pgp hash middle latent cut ek"; $remailer{"winsock"} = "<winsock(a)rigel.cyberpass.net> cpunk pgp pgponly hash cut ksub reord"; $remailer{'nym'} = '<config(a)nym.alias.net> newnym pgp'; $remailer{"balls"} = "<remailer(a)huge.cajones.com> cpunk pgp hash latent cut ek"; $remailer{"squirrel"} = "<mix(a)squirrel.owl.de> cpunk mix pgp pgponly hash latent cut ek"; $remailer{"middle"} = "<middleman(a)jpunix.com> cpunk mix pgp hash latent cut ek reord"; $remailer{'cyber'} = '<alias(a)alias.cyberpass.net> alpha pgp'; $remailer{'weasel'} = '<config(a)weasel.owl.de> newnym pgp'; $remailer{"reno"} = "<middleman(a)cyberpass.net> cpunk mix pgp hash middle latent cut ek reord ?"; $remailer{"wazoo"} = "<remailer(a)wazoo.com> cpunk mix pgp hash latent cut ek"; $remailer{"shaman"} = "<remailer(a)lycaeum.org> cpunk pgp hash latent cut ek"; $remailer{"hidden"} = "<remailer(a)hidden.net> cpunk pgp hash latent cut"; catalyst(a)netcom.com is _not_ a remailer. lmccarth(a)ducie.cs.umass.edu is _not_ a remailer. usura(a)replay.com is _not_ a remailer. remailer(a)crynwr.com is _not_ a remailer. There is no remailer at relay.com. Groups of remailers sharing a machine or operator: (cyber mix) (weasel squirrel) The alpha and nymrod nymservers are down due to abuse. However, you can use the nym or weasel (newnym style) nymservers. The cyber nymserver is quite reliable for outgoing mail (which is what's measured here), but is exhibiting serious reliability problems for incoming mail. The squirrel and winsock remailers accept PGP encrypted mail only. 403 Permission denied errors have been caused by a flaky disk on the Berkeley WWW server. This seems to be fixed now. The penet remailer is closed. Last update: Mon 30 Jun 97 6:45:39 PDT remailer email address history latency uptime ----------------------------------------------------------------------- weasel config(a)weasel.owl.de ++++++++++-+ 1:32:04 99.98% squirrel mix(a)squirrel.owl.de ++++++++++-+ 1:30:31 99.98% jam remailer(a)cypherpunks.ca ****+*+**+* 15:41 99.89% replay remailer(a)replay.com ****** +**+* 6:12 99.83% reno middleman(a)cyberpass.net ++++ -.--+.- 5:33:46 99.72% cyber alias(a)alias.cyberpass.net ******* **+* 13:41 99.37% mix mixmaster(a)remail.obscura.com -.- ---.-*.- 7:57:51 99.03% winsock winsock(a)rigel.cyberpass.net -------- - 7:15:22 97.91% nym config(a)nym.alias.net ***###++##+# 4:58 97.29% hidden remailer(a)hidden.net ###### 4:44:03 40.46% History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. ek Encrypt responses in reply blocks using Encrypt-Key: header. special Accepts only pgp encrypted messages. mix Can accept messages in Mixmaster format. reord Attempts to foil traffic analysis by reordering messages. Note: I'm relying on the word of the remailer operator here, and haven't verified the reord info myself. mon Remailer has been known to monitor contents of private email. filter Remailer has been known to filter messages based on content. If not listed in conjunction with mon, then only messages destined for public forums are subject to filtering. Raph Levien

1 0