Slashdot Mirror

angry tapir writes "The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from 'space.' This is the Hacker News Network, and after a decade offline it is lifting off again, this time with a quirky brand of video reports about security. Hacker News Network is one of the side projects of the Boston-based hacker collective known as L0pht Heavy Industries. They're the guys who famously told the US Congress that they could take down the Internet in about 30 minutes, and who helped invent the way that security bugs are reported to computer companies."

Johnath writes: "The HNN has a rather eye-opening article about a potential disaster dangling overhead. It's not so much that the ideas presented are revolutionary -- most /. readers would probably come up with a similar scheme, if called upon to design a killer net virus, but nevertheless, it pretty lucidly addresses the potential damage."

Johnath writes: "The HNN has a rather eye-opening article about a potential disaster dangling overhead. It's not so much that the ideas presented are revolutionary -- most /. readers would probably come up with a similar scheme, if called upon to design a killer net virus, but nevertheless, it pretty lucidly addresses the potential damage."

gclef writes "The New Scientist is reporting on a study done by the UK's Civil Aviation Authority that shows that older planes can't handle cell phone emissions. Hackernews has a little commentary on this as well. Good to hear that the newer planes can handle this, but why the heck were older planes *not* build with Faraday cages and shielded wires? Scary...." Look a ways down the page for the HNN piece - but at least now I know that this isn't simply one of the arbitrary rules that the airlines setup.

Welcome again to Slashdot's continuing education program. Take a seat, say hello to your neighbor (using #slashdot might help), pretend we never said that other stuff. Here's another smidgeon of truth, clarification and equivocation we've spritzed over the usual mishmash of lies, intentional misstatements and strained obfuscation that is the Slashdot home page. Enjoy!

First, a word from our sponsor: We heard from the tireless Richard M. Stallman, nothing if not consistent in his argument, who wrote:

" Would you please post this? It is in response to the discussion of congressional hearings on Napster, but please post it however you think best.

I ask people to think twice before using the term "piracy" to describe sharing published information with other people. That word is a propaganda term used by the owners of information to convey the idea that sharing is wrong; when you use it, you aid their campaign.

Unless you believe that sharing information is the moral equivalent of attacking a ship and kidnaping the people on it, please don't use the term 'piracy' to describe sharing."

Thanks for the note, Richard. Now tell Lars ...

Birth of an island. Regarding the story posted this week about the ongoing study of an emerging island in the South Pacific, Bobity writes "Additional photos are posted at this site." Why can't we embed some networking cable before it cools completely?

So maybe 730 days from now ... In the ongoing battle for hearts, minds and desktops, fingers and livers of free software users, Helixcode and Eazel aren't the only ones to make cool strides lately. Per Wigren writes: "Kaiwal Software (Shane) Co., Ltd. and theKompany.com have just signed an agreement to sponsor two developers for 2 years in order to focus on developing KWord, the free word processor for the KDE office suite. " And since at this moment, KWord is probably the closest thing to DTP for Linux (excepting demo-only FrameMaker), that news makes me smile. But two years?! That's long term thinking.

Red wine? White Wine. Hot towel? Your hard drive, please, sir? Red wine? With all the intrusions of modern life, it's good to know that at least the computer on your desk at home can't be used by your employer to check who you've been writing e-mail to, and about what. Unless they can. tregoweth writes "MSNBC has a story about one of the Northwest Airlines employees whose hard drives were searched by Northwest's lawyers, as previously mentioned on Slashdot. The last paragraph of the article is chilling. " It also makes you think about the significance of all those "give employees free computer" programs from Ford, et al.

Book larnin' on the cheap: carlos_benj writes "I ran across this site today and thought slashdotters who'd had their interests piqued by the ArsDigita free university subject might want to take a look. Their educational philosophy is interesting but may not appeal to those more interested in accreditation than the acquisition of knowledge. The concept would be a definite boon to those with little money but access to the net. The fact that they will be partnering with industry could lend weight to their degree programs to help offset the lack of accreditation. "

From the Mixed Up Files of James Bond And John LeCarre: SEWilco writes "Over at HNN they noticed that the latest UK military laptop theft included non-classified details of how the next generation of fighter aircraft can be controlled from the ground. Oops. Meanwhile, the US State Department says 16 laptops are missing, although only one had classified information -- but that's only one Department.

We discussed the possibilities of remote controlled warcraft earlier, but Her Royal Highness has not participated in the discussion nor have there been any demands from her laywers."

Skipping, hopping (and bumbling amd wheezing) toward inevitable perfection, we're pleased to bring you another handful of updates, re-instatements, "that is no longer the operative statement" disclaimers and at least one general thought provoker.

After francokleptomania, restoring GNOME dignity. Bob Smith writes: "KDE beta was anounced but GNOME beta wasn't." Well, GNOME's latest freeze stage on the way to 1.2 was announced back in January, and Miguel answered questions about the state of GNOME in March, but point taken. With all the developments in GNOME, neither Miguel or his programs are likely to hurt for Slashdot coverage. You can grab the beta Bob mentions here.

Now, gentlemen, is there a way to perhaps merely maim this Golden Goose? Misch writes to point out this item on "ABCNews [which]reports that the House of Representatives has passed an extension of the Internet Tax Moratorium. Looks like it's tax free time on the Internet (depending on where you shop)."

Barely enough for a coven ... nullstar writes: "The NTIA has posted its report to Congress concerning the comments it received in regard to section 1201(g) of the DMCA, which deals with exceptions to the prohibition on circumventing encryption techniques intended to protect access to copyrighted materials. They basically claim, 'it's too soon to tell what effects the restriction will have on encryption research, etc., as the exception doesn't go into effect until October, so we're not yet recommending changes in the wording of the law.' Only 13 people submitted comments. "

Conflict of interest is an interesting term here ... full_tide writes "2600 has posted some news about how the MPAA is trying to get Martin Garbus (2600's hot-shot defense attorney) disqualified for a conflict of interest. Cryptome has posted a very long, but equally interesting, reply brief Mr. Garbus has writting in response to the injunction (damn, he's good). Also, the MPAA's web site is back up after a DDOS attack a few weeks back, and much downtime since. They appear to have added some fresh, juicy propaganda concerning the case."

Yessir, the gen-yoo-ine article, you betcha, mate. Jai From Insane Hardware writes: "Well, you may have heard all the rumours and whatnot about the Australian Fake Athlon deal and I confirm that it is true. But we have more info on the subject like on how they came about arriving in Oz and how they leaked thru the channel. This issue is very "close to home" for me so it's worthwhile reading for all the Aussies that go to your site. We also have exactly how the chips were modded. link " Meanwhile, Netsnipe wrote to point out that "Lucien Wells has updated his Web site Techwatch's coverage of the AMD Athlon tampering scandal. "Techwatch has now received press releases from two distributors involved, DMA and RTV Computers which claim that 'Neither RTV Computers Pty Ltd nor DMA (Direct Memory Access Pty Ltd) whom have their stickers on the CPU's knowingly at fault in this situation. At present legal action is underway to find the source of this problem.' At this stage AMD has not yet responded to Techwatch's requests for more information, says Lucien."

MeanGene writes, "Hacker News Network published an article that calls upon the hackers (broadly speaking) to exercise their views through a shareholder proxy to influence big business - for the DVD cause in particular. I like the conclusion: Hack life!"

MeanGene writes, "Hacker News Network published an article that calls upon the hackers (broadly speaking) to exercise their views through a shareholder proxy to influence big business - for the DVD cause in particular. I like the conclusion: Hack life!"

Weld Pond writes "The Digital Commerce Society of Boston is holding a fundraiser for the EFF legal efforts in the DeCSS case. @Stake (nee l0pht) is one of the sponsors making this event possible. Come join us and put your money where your mouth is. Suggested minimum donation is $35. The details are in the invitation. Geek warning: The Harvard Club of Boston requires jacket and tie. " One other note: I talked with some of the folks from OpenDVD last night, and there will be a fund setup within the week to help the legal defense fund. At the Beanie Awards, Alan Cox, who won the Unsung Hero Award, gave his $10,000 towards the defense fund - and we had a fundraiser later on in the evening.

doc_brown writes "I noticed on www.hackernews.com that the DeCSS Source is included in the lawsuit filings. As these are now public records, should the court's and district archive sites now be included in the lawsuits? The lawsuit (with source) is available at cryptome.org " Mirror early, mirror often.

This week's "main" interview guest is L0pht Heavy Industries as a group. (We hope to have answers from Linux International head Jon "maddog" Hall tomorrow). Many insightful questions for the L0pht guys were posted Monday. Today, lots of insightful answers on everything from political controls on the Internet to hardware hacking. (Click below to read.)

1) Which do you consider more dangerous
by Gleef
Which do you consider more dangerous to personal liberties on the Internet, national governments or multinational corporations, and why?

L0pht
While both Governments and multinational corporations are detrimental to personal liberties on the Internet, one must not overlook the greatest danger of them all. The uninformed citizen. In democracies, this is problematic, where governmental policy typically follows public opinion. In the case of the Internet, one will find that most citizens of the world are willing to give up personal liberties in exchange for perceived safety and piece-of-mind. For the safety of the children, is cited commonly.

Many people believe that anonymous access to the Internet is criminal behavior. Government would like you to think privacy is an "anti-social" behavior. You should have nothing to hide, should you? You wouldn't be reading up on the consecration of explosives, looking up security holes in various operating systems, or possibly downloading the latest crypto software, would you? Only terrorists do that.

Governments are lobbied by uninformed citizens, or citizens which are easily manipulated and swayed by various groups across the gambit of our modern civilization. Multinational corporations have their hand in the fray by funding these groups or by participation in Associations which provide counsel to government officials on technical matters. Often recommending legislation which will better the profit taking over the sanctity of "personal liberties."

Multinational corporations are problematic in that they operate in a proprietary world. Often outside parties will scrutinize the technological fabric of a communciations service being provided. Should a flaw be found, and published, the corporation claims that the flaw itself is detrimental to the service being provided and litigation is dispatched on the party disclosing the flaw. This has been the case in the Cellular communications venue. Cloning a cellular telephone was a real thorn in the side of the Cellular Industry. They took their gripes to the US Government. The CTIA and their ilk successfully swayed Washington to pass legislation to combat the cellular fraud. Result: A portion of the radio spectrum was made _forbidden_ to reception. Possession of an eprom programmer, a computer, and a cellular telephone became a crime. Meanwhile, the cellular network REMAINS open to eavsdropping. Money is power, and with power comes influence. However, in the end it was the Government, sucking up to industry, which passed the law.

Law Enforcement and Intelligence gathering communities dwell within the governmental domain. Both are lobbying lawmakers to pass laws to give them greater powers to combat crime in this high tech world. Surveillance is paramount. They will convince the lawmakers that without the keys to all communications, a bomb may be set outside Parliment or Congress or .

The government pursuades the people, the people pursuade the government. Who planted the seed first? Those who understand the technology are too busy working on the next cool widget. Meanwhile the technological world rushes toward a global dictatorship and the populace embraces it under the guise of security.

2) The net: strip mall or unlimted human potential?
by garagekubrick
The halcyon days of the net are gone. With ubiquity - the underground vanishes. Is it well on its way, with people like the CEO of Amazon being worshipped by the mainstream press, to becoming an enormous cyber strip mall, marketing tool, PR exercise in control of perception...

Or is there still an underground? Does it still have a potential to be the one true medium with liberation? Will governments and coroporations end up controlling it? Cause they are winning small, important victories relentlessly...

L0pht
The Internet has changed dramatically over the last year or two and with it the underground has also changed. Back in the good ole days (1995+6) every web site was underground, hell the entire internet was underground.

As the web increasingly encroaches onto the mainstream and large portal and corporate sites take over feeding you only the information they want you to see, the underground will evolve and change and morph to suit its surroundings.

There is definitely still an underground. In some aspects it is a lot larger than it used to be and in others it seems to be much much smaller. I think labeling the underground as 'the one true medium with liberation' is laying it on a little thick. The internet underground has been nothing but the exploration for knowledge, if you are looking to it to save mankind from itself your looking in the wrong place.

Governments are increasingly encroaching on personal liberties and freedoms of the average citizen, this is unfortunate. How much longer before the population as a hole realizes what is going on and says enough? Maybe they will never wake up. Will the governments eventually control the internet? Possibly. It is hard to tell but there will always be those who will resist that control and the underground will continue in one form or another.

While the web, as you put it, may become 'an enormous cyber strip mall' I can't help but think of the trash dumpsters behind that mall and what secrets they may hold.

3) Internet Worm II
by tilly
Several months ago I began predicting that someday someone would find a buffer overflow in the various Windows TCP-IP stacks and use it to write a worm that would bring down the Microsoft part of the Internet and cause so much traffic as to effectively shut down everything else. I further predict that until an event of this magnitude happens, the general public will not really learn the basic lessons about security that the *nix world was forced to learn from the first worm.

What are your thoughts on this prediction? (Timeline, reasonableness, etc.)

L0pht:
I believe your prediction is right on track. However, I don't feel that an Internet Worm II is necessary to teach Microsoft, its customers, or its vendors, about security. There are three ways to implement a security model, the slow way, the fast way, and the right way. The slow way involves making a bunch of little mistakes and fixing them over time as you find them, correcting your policies and implementations. The fast way involves having a major disaster occur, after which the faulty parts of the system are completely torn apart and reimplemented. In practice, the slow way often leads to the fast way.

Which brings us to the right way: To design software with a security policy in mind, and with extra caution, care, and expenditure during the implementation. OpenBSD's model of proactive security measures is a classic example of 'the job done right'. Retroactively applied security measures are a recipe for disaster.

Rant off.

As for when Microsoft is going to learn about these things, they'll first have to learn that 'bigger isn't necessarily better'. They need to stop believing their own FUD before they can actually make change over there. When I read things like the article at http://www.microsoft.com/ntserver/nts/news/msnw/LinuxMyths.asp, particularly the parts about Linux being less 'secure' than Windows NT, I'm appalled at the ridiculous 'facts' that are being used to back up their claims. For example, they claim that:

"Linux only provides access controls for files and directories. In contrast, every object in Windows NT, from files to operating system data structures, has an access control list and its use can be regulated as appropriate."

While this statement is true, they neglect to mention the fact that under a unix operating system, most things that correspond to Windows NT kernel objects, file, data structures, etc, are represented as files. Hence, the coverage of the security model for Linux is just as extensive, even more so, than Windows NT. This is a particularly bad statement, simply because it's not only incorrect, but the converse is true. Linux is more flexible in terms of permission management. Try setting the access controls on who can bind to a particular port under Windows NT, with the ease of chmod and portfs under Linux, and you'll fail miserably. And the list goes on.

(And as for 'access control lists', we've noticed that Windows can't seem to get the right default ACLs anyway, and that the complexity of managing them has outweighted the value of their 'flexibility'.)

As for your comments on the Windows NT TCP/IP stack being vulnerable to attack (possibly, who knows :P) and the possibility of a worm destroying Windows systems, the possibility is very real. And again, this possiblity is not unique to Windows. They're just a likely target at this point in time.

It would take a feat of dedication and great skill, but the possibility is there. My advice to anyone who's worried about this, is this: If you're going to use Windows NT, you should probably keep that firewall in place between those Windows service ports and the rest of the world. Microsoft loves to add services and open ports to your computer when you're not looking. And it's probably not going to be the IP stack, it'll probably be some goofy listening service, like anonymous share enumeration or something. Or maybe remote access to NetDDE. Or some authentication protocol that doesn't like large Netbios fields. Or possibly even some undocumented functionality in the named pipe filesystem used for RPC. Who knows. Personally, I'm not going to wait around to find out.

4)The Public's Perception of Hacking
by dmuth
First, I should probally preface this geek for several years, and love playing with technology, so I feel I am able to relate to the hacking community.

Anyway, my question is, how do you deal with the way the public (including the media) percieves "hackers"? I've seen some clueless people use the term to describe *anyone* who does anything with a computer that they find > objectionable. I've even heard the term applied to spammers!

Needless to say, the misue of the term makes my blood boil, because I feel a certain respect towards the real hackers, such as yourselves, because you guys do know what you're doing, unlike all of the script kiddies out that that either have the term applied by clueless reporters, or they use it on themselves.

So, I'd be interested in knowing how you cope with this sort of problem, as I've noticed this sort of perception of the hacking communtiy for some time.

L0pht:
The first thing you need to do is refer to yourself as a hacker and be prepared to educate the person you are talking to what you mean by that. It doesn't matter if you are talking to someone from the media, or the government, or the business world. People need to know the real meaning of hacking, its history, and what a positive thing it is.

A lot of the time we talk to the media just because we are afraid that if we don't there will be no one they talk to who will describe hacking in a positive light. No one to describe it as other than defacing web pages or breaking into .mil sites. This was one of the reasons we wanted to talk to MTV. We were afraid their story would be all about criminal hackers. If you saw the MTV show you saw that sometimes resistance against the media memes is futile. The show was 95% about illegal activity.

Yet the world of hackers is 95% non-criminal. Probably a better percentage of people behaving positively than most segments of society. It is a world of people exploring the edges of technology and building things. The crazy thing is the government is making more and more of that exploration illegal.

Reverse engineering security mechanisms is being considered a crime. Receiving digital radio signals is a crime. We can't let them wall off part of the world we inhabit from investigation.

Hackers have a positive role to play both as builders and critics of the digital world. Unless we speak up and refer to ourselves in that light we have only ourselves to blame. Everyone who can should educate. Its not easy changing perceptions. But sometimes a passionate personal explanation of what hacking means to you can make someone change their mind.

5)security of capability-based operating systems
by sethg
What do you think of capability-based systems, such as EROS? The folks who are working on these systems say they are fundamentally more secure (against both malicious code and heisenbugs) than Unix derivatives, Windows NT, and other ACL-based operating systems. Do you agree with this assessment? Do these systems have security weaknesses that Unix-like systems don't have?

L0pht:
It's nice to see work such as EROS comming out of DARPA funded projects. Capability-based systems are quite interesting. However, one must be quite careful when making statements such as the one that these systems are more fundamentally secure that others. One has to keep in mind that Windows NT made a similar claim. Was NT fundamentally more secure that Unix as was presented to the general public? Well, it did have a security model that Unix lacked and it's internals were much more akin to VMS which had various strengths that Unix lacked. Yet we all saw that the implementation is where it matters.

In reality the implementation is key. Things can look great on paper and be a real bear to implement (look at communism for example). Another key component that is often overlooked is the functionality. This is a double edged sword. If the system is not universal and generic enough in nature to exist in a plethora of environments then it is difficult, if not impossible, to gain wide scale acceptance and use. Of course, this notion is directly opposed to creating a secure operating system. If it has to work in a multitude of environments then it needs to be relatively open and flexible or else the skill set and support for integrating it into one specific environment is beyond most peoples abilities (ie it won't get used). Sun Microsystems ran in to this problem with older versions of SunOS (now retroactivly named Solaris 1.x) when they used to consistently ship with a '+' in /etc/hosts.equiv. After several years they received enough requests to take it out of the distribution for security reasons. Unfortunately, taking it out caused so many installations to not be "plug-n-play" that they promptly put it back in.

When I look at an operating system such as EROS the following pops out at me when thinking security (this should not be viewed as condemnation by any means).

. RTOS modeled.
Real Time Operating Systems can be very useful for directed applications but suffer in general use often times. In addition, certain security notions at extremely low levels of a system (ie hash signing memory blocks that are passed between processors or ASICS) incur overhead that is quite unwelcomed in most of the "general public's" acceptance in RTOS.

. Emulated POSIX and Unix environments
I love Unix. However, it's difficult for someone to maintain the claim that they are more secure than another operating system and then emulate it's behaviour. A good emulation is going to have the good and bad aspects on the security front or many things won't work.

. implementation from the ground up can be painful
Often times it is required. But heaven help the "vendor" that decides that in order to be their own maker they will do it from scratch without looking at the mistakes that others have made. We see it all too often that people decide to reinvent the wheel and foist square versions on people the first time around.

With all of that being said I believe that in the future, should people start to wake up and really appreciate the notion of security and privacy in a way that really influences the market... we will see more dedicated systems and fewer general purpose ones. In order to go that route projects such as EROS are invaluable.

6)Security Through...Unpredictability?
by Effugas
Would you agree that security and stability are but different sides of the same coin? In other words, a security exploit is truly nothing more than an expertly controlled failure?

If so, how much stock can we put into the "metadesign" of limiting the damage an exploit can create by attacking the ability of a failure to be controlled? Should operating systems incorporate such "unpredictability engines" when being run in a production, non-debugging manner? Or is such a design not worth pursuing, for various reasons?

L0pht:
You must be a kindred spirit :) We have been preaching the approach that most stability problems are security problems that have not been looked into enough for quite some time. By fixing security problems you enhance the stability.

Now, with that said, it is important to shoot for the pinultimate solution to problems and this ends up being a wonderful academic excercise (out of which great things come). Do we shun any notions that merely raise the bar instead of being the silver-bullet? No. Each elevation in design is a step in the right direction. It is apparent that we have many steps in front of us but this does not mean we should stop progressing until a magic cure is found.

Unpredictability in systems, such as loaders or interpreters that recurse random times to throw off "static" frame location and other mechanisms (ie canary values) etc. are some of the finer points that I see coming out of the security approach to implementations. Are they ready for production systems? It all depends upon what your production system must be capable of. In many cases the answer is yes. In some cases the answer is no.

7) Future of Hardware Hacking?
by Tackhead
Two questions (Well, three, really, but I'm a hardware geek, and I love trying to squeeze three things in the space of two):

A) Wireless.
Lots of folks have been asking today about the wireless network project. "Me too"; the page has been up for years, it's a fascinating and extremely powerful idea, but for those of us who aren't RF engineers...

> When do we get to see some hardware projects to build, or is it the case that -- due to regulatory restrictions on what can and cannot be transmitted on US airwaves -- work is being done independently on the notion of a secure wireless IP-based network but isn't being released so that those of us who aren't RF engineers can't gum up the works by screwing things up before it's ready? :-)

L0pht:
The Gnet project has been in progress for many years now. Mainly the problem had been lack of funds, but now time allocation and lack of dedicated participants hold back expansion.

There is a lot of interest, but no one seems to be willing to put up the nodes. There are 2 sites currently on the network. One at l0pht and one at a residence. This has been the state of the network for the past 2 years. Unfortunately no one with enough initiative in either state has been found to setup other nodes. There has been interest in other states but the long haul capability has yet to be worked out. Encrypted tunneling over the Internet may help span the network over long distances. Once the fabric of the network expands, landlines could be replaced with wireless links/nodes.

High-density, low-power networks sound great in theory, but until the interest level rises above its present state, the cellular structure will remain the dominant topology.

To get the network off the ground, we have been trying to go the Amateur radio route. Going this route does have its drawbacks. Encryption is forbidden, however compression is not. I have been running ssh in compression-only mode for years. The initial ssh authentication is allowed under FCC guidelines, as long as the communications is not encrypted, you are within the rules.

The move off the Amateur frequencies will be made once the cost of National Information Infrastructue (NII) part-15 devices drop under $500 dollars for a pair of nodes. These devices fall operate in the 5Ghz frequency range. The breakdown is as follows:

• 200 milliwatts EIRP (5.15-5.25 GHz) - indoor
• 1 watt EIRP (5.25-5.35 GHz) - inter-campus/neighborhood
• 4 watts EIRP (5.725-5.825 GHz) - Point-to-point, few miles, terrain permitting.

Other devices which are useable in the project are ISM band Part-15 devices which operate in the 900Mhz and 2.3Ghz frequency range, and dwell in the Wireless lan arena. Wavelan(Roamabout) http://www.wavelan.com, and rooftop networks (just purchased by Nokia) among others, players in the 900Mhz and 2.3Ghz arena. Older wavelan equipment can be found by searching auction sites and used equipment dealers. Early wavelan 2Mbps/sec ISA/PCMCIA cards can be found for ~$125.00 US Dollars. The problem with these cards is they don't conform to the IEEE 802.11 Wireless Ethernet specification. This is one inherent problem with building the network out of old equipment. It becomes costly to replace eqiupment once the entropy ball starts rolling.

The path to build custom equipment is equally as challenging. For example, the TAPR (Tucson Amateur Packet Radio) group has been in the forefront of Amateur packet radio for the past 15 years. While they have an established base of dedicated users, they continue to have problems developing new hardware. They have been prototyping a Frequency Hopping Spread Spectrum (FHSS) system for 3 years now, with still a protoype just passing a design review. Hopefully this project will come to fruition soon!

Some very talented folks over in Slovenia have developed some BPSK transceivers and a no IF SSB transceiver which will work on 1296, 2304 and 5760MHz. None are in kit form but the schematics, theory, construction notes, and equipment checkout is available in english. (schematics are not in english.). These radios are not for beginners or even intermediate kit builders. It would be nice if someone could kit these units. I started to convert the 23cm BPSK design to utilize a chipset family put out by RF Microdevices, but then my time got sucked into other projects. I may find the time to persue this once again, but I would like to get some semblence of a network greater than 2 nodes up and running first. *sigh*

B) The future of hardware hacking.
With the trend towards more and more functionality becoming embedded into ASICs and single-chip solutions, the golden age of "just desolder this", or "reverse-engineer the schematics and jumper that", or "replace [PROM| EPROM| EEPROM| PIC| FPGA] with one with the following special programming, and here's the [CPU| microcontroller]'s instruction set and a memory map of the embedded system" appears to be drawing to a close. Anyone can desolder a 24-pin DIP EPROM and hack it, but trying to desolder a 100-pin PQFP is a real bear without $500+ worth of specialized equipment, and knowing what to do with the chip after you've desoldered it is well-nigh impossible.

Do you see a time when "hardware hacking" (as we've traditionally known it) will have to fall by the wayside? If so - what, if anything, do you see as taking its place? (Perhaps users taking advantage of the vastly more-powerful gear out there today and building their own hackable hardware, eliminating the need to hack other people's hardware?)

I suppose that's tangentially related to the wireless.net question - for mass distribution of the tools needed to build such a network, for instance, it seems to me that re-purposing cheap, widely-available stuff that others have junked is a better path than having to build things from scratch. But if the cheap, widely-available stuff of the future isn't gonna be re-usable... where does one go from there?

L0pht:
It is true that the Electronics industry is moving toward much denser Multi-chip module like IC's. System-on-a-chip (SOC) is beginning to make inroads in communications equipment. Celluar/GSM/PCS phones are beginning to sport such technology. SOC will also revolutionize the security coprocessor industry.

What we see here is the bar being raised in the HW hacking arena. Remember cost still drives much of the industry and you will continue to see many devices still using microcontrollers. There are many, many internet appliances using standard Embedded Processors and peripheral IC's. The hackers are just going to have to bone up on thier FPGA hacking skillz. Monitoring the inputs of an FPGA and then the outputs, and hacking together an FPGA to drop inbetween isn't unheard of.

Hardware hacking today does require a bit more than the standard weller solding iron, a 50Mhz scope, and a multimeter. With processor speeds moving up into the 800Mhz range, you fall flat on your face with those stoneage tools. The trend in general is hardware which is becoming more and more abstracted and described by high-level programming languages such as verilog and VHDL. One must stay abreast of the latest tools in his trade. There are also relatively inexpensive "soft" tools, in that a spectrum analyzer, logic analyzer or a scope utilizes the modern PC as the guts of the device and an inexpensive physical interface module is purchased along with software for the host. The interface is typically a data acquisition pod for converting the sampled analog data into the host PC for processing and the presentation.

The security of FPGA's is definately going to become more of a target in the future. I can't think of anyone that doesn't set the security bit of FPGA before programming a device. Ummm.. Hmmm.. maybe I shouldn't say that. ;^) It does happen. There are also some not so well known ways around "securty bits" on FPGA's. Also, most FPGA's will allow you to reprogram them in circuit whether or not the security bit is blown. You just better be sure you can reproduce what you monitored before squirting in your own code.

Remember there are many more ways to fry an egg, such as voltage margining, or operating a circuit over/under current and temperature specifications. Hitting HW with various RF emissions (above and beyond what stantard emissions/immunities tests test for.) can also produce interesting results and insights.

And as you alluded to in your question, hackers will build their own hardware which will interface to the service/system under attack, which will allow for variable, marginable, modules to provide the flexibilty which the stock standard HW didn't provide. Study communications test equipment. Many secrets lie inside.

A lot of today's "hardware hacking" isn't strictly limited to hardware, due to the fact that most products are embedded systems - meaning there is a union of hardware and software. Those who are strictly "hardware guys" will fall by the wayside and those who are strictly "software guys" will also fall. You will need to have a decent knowledge of both the software and the hardware environment you are programming for. I have seen companies struggle because they hire CS folks to write firmware for a product. These particular folks could not grasp that they were writing for a platform other than a PC or desktop. They didn't understand how interrupts worked, how to write to a port, how to write low-level drivers to control external memory or other devices on an SPI, I2C or other inter-chip protocol. What ended up happening is the company called in the hardware engineer (me) to write all the low-level functionality. In order to properly design a product (and reverse engineer the product), you need to be able to grasp all facets...

The industry today is really in a sad state and I am fearful of the quality of the products that are due to come out on the market - the hardware and circuitry is sound and well-structured, but the software will have major fault and, because of this, many possibilities for vulnerabilities.

C) The future of l0pht.
(At least publicly), there's been a lot more activity on the software side of l0pht than on the hardware side.

To the extent that you can discuss it openly, do you see l0pht's main activities over the next 3-5 years as continuing to revolve around the "expose weaknesses in software" side or the "work on next-generation hardware projects" side?

L0pht:
Both. Hardware projects, since the beginning of time, are more costly, require more tools than software, and mroe often than not, more time consuming. Due to this, the amount of publicly-known activity appears to be less. As mentioned before, there will be more and more projects that require the knowledge of both hardware and software sides, where L0pht fits the bill perfectly. There are so many products and technologies to look at, there is no way we can limit ourselves by saying what activities we will and will not do. If something comes out, be it hardware or software, that we want to attack, we will.

8)What engines/sites do you use to scour the 'Net?
by Bacteriophage
Seriously, I would like to know. When you sometimes don't have all the answers (I assume that would be more than never), where do you guys go on the 'Net to find what you need concerning computer security, **/*acking, or even just news? Do you ever come to /.? This answer shouldn't take very long, and it'd be nice to get the seperate preferences of each crew member, as well as the general preferences of the group.

L0pht:

Generic search:

Altavista or NorthernLight for a spider based search Yahoo for a topic search.

Ask Jeeves when I don't really know what it is I am looking for.

security/hacking: altavista - word sequences work well. A recent example would be a search for the PCI specification by looking for "pci spec".

yahoo - when altavista doesn't help

Hacker search:

• The Hacker News Network Search Engine Page - Lots of undergound spiders http://www.hackernews.com/search.html
• attrition stats - http://www.attrition.org/mirror/attrition/stats.html
• eEye stats - http://www.eeye.com/html/Databases/Statistics/os.html
• NMRC - Good Novell NT and Unix info. www.nmrc.org
• counterpane - for books (through amazon) and lots of free information on crypto too.
• www.jya.com/crypto.htm - for the good cypherpunk info

------

Next week: Steve Wozniak (and a special pair of *surprise* guests Tuesday).

weld writes "Now Shamrock, one of the MTV hackers portrayed as involved in some sort of criminal behavior, has posted a letter saying he made it all up. He now wants to come clean. He made it all up to dupe MTV because he knew all they wanted was criminal hacking stories. The journalistic integrity of this "special" is under serious question now. HNN has posted Shamrock's letter to the hacking community. " Check out our original story on this to get the full details.

fat_mike writes "Last night, MTV did a True Life show on Hackers. There are some interesting comments over at the Hacker News Network. " I was unable to see it, but it doesn't sound like it went very well - coverage that didn't understand the subject matter. Anyone else catch it?

Anonymous Coward writes "Saw this one yesterday over at Hacker News Network. According to an article (German or English) published in Teleopolis, Janet Reno sent a letter last May to the German Federal Secretary of Justice outlining the need for the Wassanaar Nations to remove access to all encryption software from the internet as she believes such access renders the Wassanaar agreement impotent. The letter specifically mentions "public domain" encryption software. " Well, now I guess my life really will be an "open book".

razorwire writes "Via HNN: Wired News is reporting that a 1996 law to require Social Security numbers on drivers' licenses may be amended to require digital records of your fingerprints and other personal data to be stored in an embedded chip. Sounds very creepy to me. "

Richard Thieme has long been writing a weekly column called Islands in the Clickstream. Richard wants to run them weekly on Slashdot - he would be joining Katz then providing new content on these pages. I'm excited about this, and I think many of you will too. The following feature is this weeks island. Read it, vote on the poll, and hopefully Richard will be back next week. The following was written by Slashdot Reader Richard Thieme Distortions

"We all know the same truth. Our lives consist of how we choose to distort it." -- Woody Allen

A couple of weeks ago, it was reported by Reuters News Agency that hackers had taken control of a British military satellite and demonstrated control of the "bird" by changing its orbit. The report said the hackers were blackmailing the British government, and unless they received a ransom, they would take action. The demonstration was frightening for those who were just waiting for a blatant act of cyber-terror.

A few days later, the Hacker News Network , an underground alternative to CNN, reported that the hijacking was bogus.

The Hacker News Network got it right while Reuters got it wrong.

Just as business managers increasingly supervise IT workers who know more about networks than they do, traditional news sources often cover subjects they don't understand, and they often get it wrong.

A few weeks ago, I wrote an article for Forbes Digital on the unique culture of the professional Services Division of Secure Computing, where a number of former hackers help government agencies and large financial institutions secure their networks. Many articles have appeared recently about former hackers who have swapped underground lives for stock options, but that wasn't what my article was about. It was about the mindset that hackers bring to their work, a map or model of reality that is becoming the norm in a borderless world, where intelligence operatives are migrating into competitive intelligence in growing numbers. It's a mindset characterized, said one, by "paranoia appropriate to the real risks of open networks and a global economy."

Businesses used to decide on a course of action, then inform IT people so they could implement the plan. Now our thinking must move through the network that shapes it, not around it. The network itself - how it enables us to think, how it defines the questions that can be asked - determines the forms of possible strategies. So those who implement strategy must participate in setting strategy, not be added on after the fact, just as information security must be intrinsic to the architecture of an organizational structure, not added on as an afterthought.

The mind that designs the network designs the possibilities for human thinking and therefore for action.

Every single node in a network is a center from which both attack and defense can originate. The gray world in which hackers live has spilled over the edges which used to look more black and white. The skies of the digital world grow grayer day by day.

In that world, we are real birds fluttering about in digital cages. Images - icons, text, sound - define the "space" in which we move. If the cages are large enough, we have the illusion we are free and flying, when in fact we are moved in groups by the cages.

Example: to prevent insurrection during times of extreme civil unrest, government agencies created groups whose members were potentially dangerous, building a database of people they intended to collect if things fell apart. These days, many digital communities serve this purpose.

Example: Last week an FDIC spokesperson provided data on the readiness of American banks for Y2K. Tom Brokaw of NBC had recently announced, he said, that 33% of the banks weren't ready, but in fact, 96% of the banks are on schedule, 3 % are lagging a little, and only 1% are seriously behind. The biggest threat to the monetary system is a stampeding herd, spooked by the digital image of a talking head giving bogus information.

The digital world is a hall of mirrors, and the social construction of reality is big business, fueled by the explosion of the Internet, a marketplace where the buyer of ideas - as well as items at auction - had better beware.

This is not just about the distortion of facts by mainstream (or alternative) news media, nor the exploitation of fear because we know that fear sells. More and more, we are seeking and finding alternative sources of information from sources we believe we can trust. Believable truth must be linked to believable sources, or else we will make it up, pasting fears and hopes onto a blank screen or onto images built like bookshelves to receive our projections. Because we like to live on islands of agreement, receiving information that supports our current thinking, we live in thought worlds threaded on digital information that isolates and divides us. But the network is also the means of a larger communion and the discovery of a more unified, more comprehensive truth. We live on the edge of a digital blade, and the blade cuts both ways.

"We all know the same truth," said Woody Allen. "Our lives consist of how we choose to distort it."

Except Woody Allen didn't say it. Rather, he said it through the mouth of a character in "Deconstructing Harry" named Harry Block. Except Harry Block didn't say it either. He said it through the mouth of a character he created in the movie.

Hacking is a kind of deconstruction of the combinations and permutations available in a network. Deconstruction is essential in a digital world. The skills of critical thinking, the ability to integrate fragments and know how to build a Big Picture are more important than ever. Those skills are critical to hacking and securing networks and critical to understanding who is really who in a world in which people are not always what they seem.

Plato feared the emerging world of writing because anybody could say anything without accountability, but he did not foresee the emergence of tools to document and evaluate what was written. Our world may seem for the moment to be a-historical, fragmentary, multi-modal in relationship to the world of printed text, but something new is evolving - a matrix of understanding, a set of skills, a mindset that lets us sift through disinformation and use the same technology that lulls us to sleep to wake ourselves up.

Richard Thieme (www.thiemeworks.com) speaks, writes and consults on the human dimension of technology and the work place.

CT : So what do you think? Is he a keeper? Vote on the poll if you'd like to see this column each week on Slashdot. Of course, now that we have the customizable stuff, you'll be able to disable future Island's even if we do keep him.

PDG writes "Last nite, Legions of the Underground, or LoU, hosted an IRC press conference to dispell rumours regarding their recent statement on cyberwarfare against Iraq and China for human rights violations. They claim that their intentions were not cyber-terrorism or the destruction of network systems. This release came after the denouncing of their idea by a coalition of the 6 oldest US based hacking organizations (CDC, CCC, L0pht, etc) "

Weld Pond sent us a link to Hacker News Network, a new web mag that covers computer security and the computer underground. Joseph McDonald wrote in to inform us that someone has been registering typos of our Domain name. I'm flattered. I guess we're big now. An anonymous reader sent us a link to Da French Linux Page which looks strangely familiar. Contrary to what you may read elsewhere, it does not use any of my code, but the design is (ahem) borrowed (and uncredited). Lastly for the evening Star Wars news wrap up, derf wrote in to say that Entertainment Tonight will be showing the Prequel Trailer on TV in its entirety tomorrow evening for those who couldn't download the mpeg, were annoyed by the quality of the net version, don't live anywhere where they showed it in the theater yesterday, or just can't wait until friday. And ToiletDuk (who definitely wins Most Amusing Email of the Day) put together a wallpaper package (.Z) or a BMP. It's pretty good. I downloaded my copy of the trailer, watched the first few seconds, and as xanim chewed it to shreads, I decided to just abort and wait until friday. It'll be much inspiring on the big screen then on my piece of crap laptop. I can hold out for 48 hours (shake shake shake) really I can.