Branch Cypherians, At the Saturday Cypherpunks meeting (60 people there for all or part of the 6-hour meeting, not counting the remote sites), I displayed a dozen or so books. I've had a number of requests that I post the names, authors, ISBN numbers, and Department of Justice Permission Numbers. These are by no means the most important books to have. We have mentioned the crypto books _many_ times, and also such seminal books as Bamford's "The Puzzle Palace," Kahn's "The Codebreakers," Brunner's "Shockwave Rider," Card's "Ender's Game," and of course Vinge's "True Names." I shall not dwell on these further. (Except to say I did look for used copies of Bamford, for possible mailing to some in foreign countries, but couldn't find any. And I couldn't find any copies at all of "When Harlie Was One," so can't check out the issue of who first talked about worms.) Several points: * I'll list some basic info about these books. * However, these were just a bunch of books I picked to show the range of information about there, the stuff your local library is unlikely to carry. (Things like "How to Create a New Identity," "The Secret Money Market," "Getting Started in the Underground Economy." etc.). Understand that I make no claims that these are the best books available, or that their contents are up to date, useful, etc. * This is why I strongly recommend you get yourself a copy of the wonderfully wacky 280-page catalog from Loompanics Unlimited, Port Townsend, Washington. Details are below. Most of these odd and controversial books I ordered several years ago (1988) from Loompanics...no doubt more current odd books are now available. * Alternative books stores often carry some of these books. For example, the "Anubis Warpus" bookstore in Santa Cruz (across from the Taco Bell on Pacific Avenue) has many of these books, in addition to offering tattoo and peircings (ugh!, but to each their own)...I haven't had my public key tattooed on my arm yet, but I'm considering having "Poor Impulse Control" put on my forehead. * These books are not "crypto" books....I showed them at the "politics" meeting as a change of pace from the usual number theory and crypto-oriented books we pass around. So, here are brief descriptions of the books. Best that you get the Loompanics catalog, which has nice summaries of each of the books and, of course, convenient ordering information. - "How to Launder Money," John Gregg, 1982, ISBN 0-317-03306-9. A small pamphlet, undoubtedly dated material. Useful to provoke ideas, but don't rely on this. - "How to Open a Swiss Bank Account," James Kelder, 1976, ISBN 0-690-01033-8. Also dated....Swiss accounts are passe these days. (I have several of these sorts of books, picked up in various places....your library may have some). - "Getting Started in the Underground Economy," Adam Cash (right), 1987, ISBN 0-915179-46-4. More ideas, but don't rely on it for legal or current advice. Loompanics has a dozen or more titles with themes about black markets, tax avoidance, etc. - "Low Profile: How to Avoid the Privacy Invaders," William Petrocelli, 1981, ISBN 0-07-049658-7. Similarly, Loompanics sells numerous books with this theme. - "How to Create a New Identity," Anonymous, 1983, ISBN 0-8065-1034-X. (Warning: This book comes with the "Law Enforcement Access Field," so that anyone reading the book can be electronically reported to the Witness Security Program, which holds the monopoly on creating fake identities, credit histories, and other legends.) Need I say more? Things are changing especially quickly here, so the material is just a starter. Fake passports and driver's license are now buyable on the streets of major cities (especially in the colored sections) for as little as $25. - "The Enterprise of Law: Justice Without the State," Bruce Benson, 1990, ISBN 0-936488-30-1. This book I threw in to show folks that the anarcho-capitalist system many of us favor does have some strong underpinnings in legal theory. There are several dozen good books on libertarian theory. Most are available by mail order from Laissez-Faire Book in San Francisco. (Dial 800 Info, or SF Info.) - I also showed a book on American Intelligence agencies (NSA, NRO, DIA, State Dept., etc.) by Jeffrey Richelson, but Whit Diffie has already borrowed it, so I can't provide the relevant info right now. Richelson has written several books on foreign intelligence agencies (BND, Mossad, MI5 and 6, etc.) and U.S. intelligence agencies, and is a good "post-Bamford" source. Enjoy finding and reading these. But your first priority should be to get the Loompanics catalog...other books may spark your interest more. I think the catalog is still $5 (well worth it), unless you order another book first, as described below. Good luck! --Tim May From: solmaker@pt.olympus.net (Stephen Schumacher) Newsgroups: misc.books.technical,rec.arts.books,alt.books.reviews,soc.libraries.talk,comp.security.misc,alt.politics.libertarian,alt.zines,alt.wired Subject: review: Secrets of a Super Hacker Date: 7 Mar 1994 11:17:44 -0800 Message-ID: <2lfuko$6rd@olympus.net> SECRETS OF A SUPER HACKER by The Knightmare, introduction by Gareth Branwyn, 205 pp., 8 1/2" x 11", ISBN 1-55950-106-5, March, 1994, Loompanics Unlimited, Box 1197, Port Townsend WA, 98368. Price: $19.95 plus $4.00 for shipping (includes a copy of their must-have 280 page catalog of unusual books). Credit card orders to 206-385-2230 (phone) or 206-385-7785 (fax). This is a very good practical book on breaking into computer systems. It's readable, interesting, informative, balanced, and accurate, with a nice spirit of fun and swashbuckling! Here's the contents: Introduction: Hackers: Heroes or Villains? I: The Basics II: The History of Hacking III: Researching the Hack IV: Passwords and Access Control V: Social Engineering VI: Reverse Social Engineering VII: Public Access Computers and Terminals VIII: On-Site Hacking: The Tresspasser-Hacker IX: Hacking at Hope: Dialing Up Computers With Your Modem X: Electronic Bulletin Board Systems XI: Borderline Hacking XII: What To Do When Inside XIII: This Lawful Land XIV: Hacker Security: How To Keep From Getting Caught XV: Conclusion Further Reading Glossary 8 Appendices The Knightmare covers lots of clever technical tricks for gaining access, but he shows most glee with scores of hilarious "Social Engineering" scams for seducing legitimate users into revealing their passwords. The striking thing about these spoofs is, just reading them, you realize through the laughter how often these simple Social Engineering techniques will produce results and how the credulity of non-security- minded naive users is the weak point of any security system. Sometimes while reading, I wished the book provided more specific info about phone numbers, brand names, specific techniques that work on specific bulletin board systems, etc. But I recognize that such information would go quickly out-of-date, or would be fixed in response to the book's publication, or could implicate the author. The Knightmare is presenting concepts that won't go out-of-date soon, giving the interested non-hacker a comprehensive and comprehensible survey of the field, and tipping off the potential hacker with just enough details to get him/her started and steered in the right direction and minimize the chance of getting caught. On this final point... a few times during the early chapters I thought The Knightmare was being cavalier about personal safety, favorably reporting (for example) Social Engineering advertizing scams that would likely bring the cops to one's doorstep. But The Knightmare was saving his warnings for 2 chapters towards the end, 22 sobering pages that make very clear the risks involved and what definitely NOT to do. A very balanced presentation. As usual with Loompanics books, this one can be read backwards, and pages 167-168 are directed specifically to System Administrators interested in beefing up security. I also appreciated all the hacker philosophy and pragmatic do-no-damage hacker ethics. The Knightmare disdains and derides "crackers" who break into a system in order to wreak havok; for him, "hackers" are peaceable, non- destructive puzzle-solvers and liberators of information. In a world where the govco is ever working to extend and centralize its control over financial data, encryption techniques, cyberspace, and every aspect of people's lives, the hacker may emerge as a modern-day Robin Hood. -- Steve (solmaker@pt.olympus.net)