			    ==Phrack Inc.==

              Volume 0x0b, Issue 0x3e, Phile #0x0e of 0x0f

|=--------------=[ P H R A C K   W O R L D   N E W S ]=------------------=|
|=-----------------------------------------------------------------------=|
|=------------------=[ Phrack K0mbat Journalistz ]=----------------------=|


Content

    1 - CERT Pedophile Busted!
    2 - Spender Receives Prized Items on Amazon Wishlist 
    3 - Widespread Panic on the TESO Mailing List
    4 - One Giant Leap for Antisec
    5 - TESO Member's XBOX is Infected with PHC Backdoor
    6 - Michal "ineedaj0b" Zalewski Gives Pro-Bono Kodez 2 Theo
    7 - Go Back to Work Men... It Was Only The DVDMAN!
    8 - King Lamer RFP Retires
    9 - At Least One Person on IRC Was Not a Pussy
    10 - OpenBSD: Bugtraq Drama




|=-----------------------------------------------------------------------=|
|=-=[ CERT Pedophile Busted! ]=------------------------------------------=|
|=-----------------------------------------------------------------------=|

Phrack Staff Lowers Aris Threatcon Level for Underage Girls Down to 3, 
Warns Aris Threatcon Level for Underage Boys Will Remain High Until Emmanuel
Goldstein's Nambla Membership is Revoked

http://story.news.yahoo.com/news?tmpl=story&u=/ibsys/20030822/lo_wtae/1754436

An analyst at a government-affiliated facility in Pittsburgh allegedly tried
to have sex with a 15-year-old girl after sending explicit e-mails. 
Ian Finlay, 26, of Pittsburgh's Friendship area, was arrested Friday at a
McDonald's restaurant on Route 30 in Hempfield. He was allegedly planning to
meet the teen there, but it turned out that she does not exist. 
State police said an undercover officer posed as the girl and met Finlay in
an online chat room in July. They kept in touch via e-mail, and Finlay
eventually arranged a face-to-face meeting so they could have sex, according
to police. 
In the e-mails, Finlay allegedly asked the fictitious girl what she was
wearing and whether she was a virgin. He also wanted to know if she was
interested in sex with an older person and told her to keep it from her
parents because it would be illegal, according to police. 
Finlay used his name during the correspondence and sent along a picture of
himself, police said. 
Authorities seized computers from Finlay's home and searched his office at
Carnegie Mellon University in Oakland, where he works at the Computer
Emergency Response Team (CERT) Coordination Center for Internet security. 
CERT is part of the Software Engineering Institute, which CMU operates for
the Department of Defense (news - web sites). 
Finlay is accused of attempted involuntary deviate sexual intercourse,
attempted statutory sexual assault and unlawful contact with a minor. He is
being held in Westmoreland County Prison on $150,000 straight cash bond.




|=-----------------------------------------------------------------------=|
|=-=[ Spender Receives Prized Items on Amazon Wishlist ]=----------------=|
|=-----------------------------------------------------------------------=|

Spender has finally received the most elusive request on his gift list,
the "Null modem 25pin male," purchased for him by no other than Thomas Knop.
Help support spender help support PAX security by buying him "Music for the
Masses" by Depeche Mode.
See
http://www.amazon.com/exec/obidos/registry/1CG987MBXPRDY/103-9815471-4318252
for details. Or better yet, somebody please send spender's dorm-room address
to ted kaminsky - he's got a pipe bomb ready with no address to forward it.




|=-----------------------------------------------------------------------=|
|=-=[ Widespread Panic on the TESO Mailing List ]=-----------------------=|
|=-----------------------------------------------------------------------=|

http://www.ananova.com/news/story/sm_358876.html

Germany has demanded a rethink on EU guidelines on condom size after finding
its average penis did not measure up.
Doctors around Essen were ordered by the government's health department to
check out the average size suggested by Brussels.
They reported the EU has overestimated the size of the average penis by
almost 20% and insist other countries will discover the same.
Urologist Gunther Hagler, head of the team compiling the research, said:
"By checking hundreds of patients we found German penises were too small for
standard EU condoms.
"On average they were 14.48 cms long and 3.95 cms wide. That makes them much
smaller than the EU standard condom size of 17 cms in length and 5.6 cms in
width."
He denied the German man was any smaller than the rest of Europe, adding:
"We think the EU has got its sums wrong, and if other countries were to 
check out their men's assets they would find the EU has made a mistake in
its calculations.
"There should be a rethink and the EU statisticians should check their
figures again. After all, they have also ruled EU standard condoms should
be able to hold 18 litres of fluid without breaking, which also seems a bit
excessive."




|=-----------------------------------------------------------------------=|
|=-=[ One Giant Leap for Antisec ]=--------------------------------------=|
|=-----------------------------------------------------------------------=|

Apparently most of the following companies have realized that they are owned
and their source/mail tarballs are floating around the net, and have
attempted to save themselves by agreeing to antisec's demands. Of course,
they didn't admit as much but look at the list of corporate retards that
aligned themselves with Microsoft:

http://www.securityfocus.com/news/5458

A group of 11 of the largest software companies and computer security firms
released the first public draft of a proposed bug disclosure standard on 
Wednesday, and asked the security community for comments. 
The 37-page document sets out a detailed timeline for security vulnerability
reporting, and standardizes the interactions between security researchers who
find bugs and the software companies who write them. The group hopes to see 
the final version of the plan gain widespread industry acceptance. 

"The meat of it is all about the process -- how people come around to
handling everything where they can talk to each other," says Scott Blake,
a VP at security software firm BindView, an OIS member. 

The OIS officially formed in September of last year, but has its roots in
a private Microsoft-hosted security conference held in Silicon Valley almost
a year earlier. Member companies are Microsoft, @stake, BindView, SCO, 
Foundstone, Guardent, Internet Security Systems, Network Associates, Oracle,
SGI and Symantec. (Symantec publishes SecurityFocus.) 

A chief objective of the organization is to encourage a limited form of
public warning that withholds details useful to hackers. 

To that end, the plan would curtail the common but controversial practice of
publicly releasing proof-of-concept or "exploit" code that demonstrates a
security hole. Researchers following the policy would not be able to release 
exploits, nor provide "detailed technical information such as exact data
inputs, buffer offsets, or shell code strategies" to the general public. 

That prohibition is loosened somewhat thirty days after the vendor releases
a patch. At that point the bug-finder could distribute exploit code or
technical details to "organizations such as academic institutions that
perform research into secure software development techniques." 

Whether or not that includes popular forums and mailing lists like Bugtraq,
NTBugtraq and Full Disclosure is a gray area, says Blake, that the group
deliberately left open to interpretation. 

"It's one of the areas I suspect we're going to get comments on," Blake says.
"That's one of the reasons we're putting this thing out for public comment,
because we want people to come back with that kind of feedback." 

The group is accepting comments by e-mail for thirty days, ending July 4th,
and expects to release the final plan at the Black Hat Conference in Las Vegas
later that month. 




|=-----------------------------------------------------------------------=|
|=-=[ TESO Member's XBOX is Infected with PHC Backdoor ]=----------------=|
|=-----------------------------------------------------------------------=|

http://www.securityfocus.com/archive/1/337210/2003-09-05/2003-09-11/0

Hi,

well it finally happened. I came back home after work, connected my
XBOX to the internet and went into the XBOX-Live menu configuration.
Well what happened. The XBOX started automaticly downloading the new
crappy XBOX-Live dashboard, which is of course fixed. 

This is IMHO an act of computer sabotage. I have never allowed MS
to modify my dashboard or to auto update my dashboard.

Is any lawyer on the list who can point me to the right paragraphs?
I do not believe this computer sabotage is legal in any european
country.

Yours,
Stefan Esser



|=-----------------------------------------------------------------------=|
|=-=[ Michal "ineedaj0b" Zalewski Gives Pro-Bono Kodez 2 Theo ]=---------=|
|=-----------------------------------------------------------------------=|

With his first remote backdoor ever since his exploit in ~el8 magazine,
Zalewski has moved on with bigger and better projects, this time implanting
a logic bomb deep into the heart of the OpenBSD kernel, for the first time
since h4g1s (or those 8 other guys that backdoored OpenBSD).

http://search.linuxsecurity.com/articles/network_security_article-7849.html

Mike Frantzen recently committed OS fingerprinting capabilities to PF,
OpenBSD's stateful packet filter, based on Michal Zalewski's p0f (passive OS 
fingerprinting) code. The functionality was also added to tcpdump. From the
p0f README: 

"The passive OS fingerprinting technique is based on information coming from
a remote host when it tries to establish a connection to your system. Captured
packet parameters contain enough information to identify the remote OS. In
contrast to active scanners such as nmap and queSO, p0f does this without
sending anything to the remote host." 

Mike points out that it is very easy to spoof a TCP stack to make one OS appear
as if it's really another, so this new functionality is not a security feature.
Instead, it's intended as a policy feature... For Mike's announcement email 
which includes a few quick examples of how this functionality might be used,
read on...




|=-----------------------------------------------------------------------=|
|=-=[ Go Back to Work Men... It Was Only The DVDMAN! ]=------------------=|
|=-----------------------------------------------------------------------=|

This is a rather lengthy article so we'll only replicate the juice of it,
but the full text is also available from the link.

http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci920359,00.html

The GNU Project has apparently dodged a major bullet since the FTP server
housing its source code was root-compromised by a cracker in March.

Bradley M. Kuhn, executive director of the Free Software Foundation, the
Boston-based sponsor of the GNU Project, said this week that the attack had 
no major impact on users downloading code from its site.

"There is evidence the cracker did not touch the source code. In fact, it's 
looking like the person did not know they had gotten onto the machine hosting
all the source code for the GNU Project," Kuhn said. 




|=-----------------------------------------------------------------------=|
|=-=[ King Lamer RFP Retires ]=------------------------------------------=|
|=-----------------------------------------------------------------------=|

The heat has become too much for former w00w00/ADM/wiretrip whitehat
security mogul RFP. Life in the limelight isn't made for everybody, and
rather than being overjoyed with his new-found status as the most searched
term after "horse cock" and "anal beads" on google.com, rfp has decided to
retreat into a more solitary computer life where he runs a minimal risk of
being owned/humiliated again.

http://www.zdnet.com.au/newstech/security/story/0,2000048600,20277457,00.htm

If you think famed security researcher Rain Forest Puppy's (RFP) recent
announcement that he's stepping away from the limelight means he's precious,
think again -- the guy has just had enough, and the problems he's been
confronted with are fairly familiar. Take this analogy: 
ZDNet Australia  has a tech savvy readership. Many of you reading this would
have been in the same position I was in when every man, dog and its 
accompanying fleas were buying a PC. In my family, and among many of my
friends, I was the incredible, the amazing... drum roll please: "computer
guy". 

For most people, a computer is like a car. You put petrol in it, drive it,
and then take it to the "car guy", read: mechanic, for a service or repairs. 
With a computer, you take it home, screw your configuration, and then call
"computer guy" to come and fix it. 

I have spent countless hours of my time sorting out other people's computer
hassles. If you can help, you're expected to help. 

Now let's take it one step further. Imagine you are "computer security guy"
for all the "computer guys". Every time you plug "security guy" into Google,
your name comes up. This has been the hell that RFP has been living for the 
last several years. He has become the world's largest one man computer
security helpdesk. He's become a nerd overlord; the king of geeks. 

How did he find himself in this situation? By freely contributing his
expertise and knowledge to an industry that desperately needed it. Not only
is he a star bug finder -- RFP researched the most easily exploitable
Microsoft Web server flaw ever found -- but he's written open source tools,
such as the Whisker vulnerability scanner, that were way ahead of their time. 

Then there were his advances in the area of vulnerability disclosure.
Several years ago RFP wrote the RFPolicy for vulnerability disclosure. It has
been ubiquitously adopted as the accepted policy for the disclosure of
security vulnerabilities. 

He has supported Whisker, written a new version, and answered nearly every 
single bone-headed question that has been thrown at him by scores of
ignorant, neophyte drones. 

What was his reward for his countless hours of community service? Money? He
says not a cent. RFP has mostly been "rewarded" with pressure and
expectation. 

When the Organisation for Internet Safety released its draft guidelines for 
vulnerability disclosure, which it took way too seriously, especially 
considering everyone was pretty happy with the RFPolicy, he was told by 
sections of the security and media industries that he "owed it to them" to 
comment. His response isn't fit for our site, so I'll just have to leave it
to your imagination. 

If that wasn't enough, the poor guy's had big business move in on his turf,
selling sub-standard solutions for megabucks. 

In the statement he released in which he announced his plan to become
anonymous, he seemed particularly flabbergasted by the domination of vendors
that promote shiny red boxes with support contracts as a substitute for true 
security. 

The way some of the larger vendors are pushing their products is somewhat
similar, in my mind, to the campaign dynamics of some modern politics. They
appeal to the lowest common denominator, like the politician who
oversimplifies. "I love what that man can do. He's a leader. He has vision.
He can take the most complicated social issue and make it really, really
simple." 

I guess it's the same in security now -- proper policy, procedure and
management is no match for a shiny box with pretty flashing lights. Vendors
say it's simple, and people believe them. 

Handing over his turf to people like that hasn't been easy for RFP. "What was
free and open research is now profit, marketing, and illicit. Vendors stepped
in and took control, and the government started providing oversight. Some
will say the Wild West was tamed. I say the Free West was put under lock and
key," he said in a recent statement. 

So what's next for RFP? Well he's in Sydney delivering his swan-song
presentation at the Hack 2003 conference. From this day forward he will be in
the crowd, not at the lectern. Does he owe us anything? I don't think so --
he's done enough. 




|=-----------------------------------------------------------------------=|
|=-=[ At Least One Person on IRC Was Not a Pussy ]=----------------------=|
|=-----------------------------------------------------------------------=|

We encourage everybody too afraid to step inside gayh1tler's EZ-BAKE OVEN
to do the same:

http://egomania.nu/korlie/

[02:21] [OverRide> **** this 
[02:21] [OverRide> i hate the world 
[02:21] [vap0r> word indeed 
[02:21] [Desolate> hahahaha 
[02:21] [OverRide> i am going to go kill myself 
[02:21] [HATER_> gotta hit that **** before its ripe 
[02:21] [OverRide> look for me in the news tomorrow 
[02:22] [HATER_> really override? 
[02:22] [vap0r> pull a ripper,then OverRide 
[02:22] [OverRide> im going outside to stabmyself in the chest 
[02:22] [HATER_> lotta ppl kill themselves 
[02:22] [HATER_> whats gonna be special 
[02:22] [HATER_> about ur 
[02:22] [HATER_> s 
[02:22] [OverRide> you think i am joking 
[02:22] [Desolate> r|pper! 
[02:22] [HATER_> can you do it on webcam? 
[02:22] [OverRide> everybody look for it in the news tomorrow 
[02:22] [OverRide> search your hardest 
[02:22] [Desolate> hahahaha 
[02:22] [Desolate> HAHAHAHAHAHAHA 
[02:22] [OverRide> i live in ohio 
[02:22] [zerozero> cool whats the url for the event 
[02:22] [Desolate> HAHAHAHAHAHAHAHAHAHAHAHA! 
[02:22] [OverRide> mayfield heights 
[02:22] [HATER_> go on webcam 
[02:22] [OverRide> my name is dan bucci 
[02:22] [OverRide> i am going outside to kill myself 
[02:23] [OverRide> with my knife 

...

http://www.daytondailynews.com/localnews/content/localnews/daily/0802shootingdeath.html

Police: Naked man killed while attacking officer
Associated Press 

MAYFIELD HEIGHTS | A bloodied, naked man armed with a knife rolled over one
police car and was shot and killed by a second officer whose patrol car
side window was smashed by the attacker, police said.

An officer shot Dan Bucci, 19, of Mayfield Heights, after he attacked her
with a knife before dawn Thursday in this Cleveland suburb.

He died Friday of a gunshot wound to the abdomen at Hillcrest Hospital,
said Cuyahoga County Coroner Elizabeth Balraj.

Residents called police about a nude man running down the street, smashing
house windows with his fists and shouting call the police, according to
Detective Doug Suydam.

Police said Bucci had stabbed himself in the throat and torso. When police
arrived, Bucci jumped on and rolled over one patrol car, Suydam said.

Next, he put his fist through the drivers window of another patrol car and
began stabbing at the officer. Suydam said the officer was not injured.

Buccis father, Fred, said his son had been using hallucinogenic mushrooms.




|=-----------------------------------------------------------------------=|
|=-=[ OpenBSD: Bugtraq Drama ]=------------------------------------------=|
|=-----------------------------------------------------------------------=|

Theo de Raadt got shut down for hundredth or maybe a thousandth time this
week since trying to rip off the PAX src tree when two remote root bugs
were found in OpenSSH. Although we don't condone the whitehat activities
which led to the demise of these bugs, it's still funny to see the whitehat
community turn inwards on itself and devour itself.

"OpenBSD: Only Two Holes In the Default Installation in Two Days"




|=[ EOF ]=---------------------------------------------------------------=|