Slashdot Mirror

The Miami Herald is reporting that a new game based on Monopoly is taking a crack at Patriot Act and what creator Michael Kabbash describes as the curtailed freedom that has resulted. From the article: "The object of the game is not to amass the most money or real estate, but to be the last player to retain civil liberties. 'I've had people complain to me that when they play, nobody wins. They say "We're all in Guantanamo and nobody has any civil liberties left," he said. 'I'm like "Yeah, that's the point."'"

An anonymous reader writes "DailyKos is reporting that a group of senators and representatives including Hillary Clinton, John Kerrry, and Tubbs Jones, have proposed an 'open-source' voting bill. This bill (The Count Every Vote Act of 2005) corrects many of the problems in the last election. Notably, it requires paper receipts, and that the source and object code of all electronic voting machines to be open and readable by the public. " Commentary on the bill available at the Miami Herald.

eggoeater writes "With the general interest Slashdot has with electronic voting machines, I thought we'd all enjoy reviewing Dave Barry's take on touch-screen voting machines and debating the merits of police officers carrying lightsabers."

prostoalex writes "Hitachi made a PDA, powered by a fuel cell. The device runs for 5 hours, and they plan to expand the battery power to 40 hours. It weighs 700 grams, which makes it heavier than most of the models out there. The commercial production will start next year, a picture is available from MobileMag." (This earlier mention of Hitachi's work talks about how such fuel cells could be used to charge or power other things, from cellphones to laptops.)

jellisky writes "An unprecendented sort of weather event has been occuring recently, without much fanfare at all. A tropical cyclone in the south Atlantic is slowly drifting toward Brazil. The southern Atlantic ocean isn't exactly a hurricane hotbed, as pointed out by National Hurricane Center forecaster Jack Beven, "We know there hasn't been a hurricane in that area since at least the satellite era, the mid-60s at the minimum." The storm is a small one, though, but has estimated winds near minimal hurricane strength (74-95 mph). It's quite an interesting sight, perfect for piquing the weather curiousity that many of us have."

unassimilatible writes "The Washington Times reports that the FBI and the Department of Homeland Security are developing a database that will allow private companies to submit lists of individuals to be screened for a connection to terrorism. The database will eventually allow private-sector entities, such as operators of critical infrastructure facilities or organizers of large events, to submit a list of persons associated with those events to the U.S. government to be screened for any nexus to terrorism. All of this won't be cheap either; total terror-related IT spending by US federal and state governments will run past $100 billion in 2004. But don't feel left out Europeans, since the EU is considering a terror database as well, although France and UK are reluctant to share intel."

MattW writes "The gist of this AP/Miami Herald article seems to be that consoles going online will mutate the MMORPG space. Already, there is word that PC game development is withering, even though as a preferential PC gamer I see the best games ever. Is the console destined for superiority, or will the ubiquitous need and superior user input of the PC keep it as a viable game platform?"

sandalwood writes "A programmer has been arrested on charges of attempting to "threaten Google with a software program he devised that creates phony clicks on pop-up advertisements delivered by Google. Google pays Web site publishers companies a certain amount for legitimate hits on those ads, but Bradley created a method that generates false clicks that appeared to be real Internet traffic, which would have repeatedly defrauded Google... Bradley contacted Google in early March, informing company officials that he had created the program and wanted $100,000 to keep him from selling it to spammers, according to an affidavit by a U.S. Secret Service agent." A harbinger of organized crime to come? That's a real nice website you have here... a shame if anything were to happen to it..."

randomErr writes "According to a San Jose Mercury News article reprinted at the Miami Herald: 'Mark Vange is in the vanguard of globalizing the video-game industry. He employs 30 game developers in St. Petersburg, Russia, who have worked on everything from flight simulators to dragon-fighting games. 'We can get the work done for half the cost that it takes in the U.S.,' said Vange, president of Ketsujin Studios. Similar outsourcing of video-game production is being done in places like China, India, Vietnam and parts of Eastern Europe. California game developers, who are the creative force behind a $10 billion industry in the U.S. market, view the trend with a combination of fear and anticipation'."

prostoalex writes "Don't remember an encyclopedia salesman knocking at your door lately? Turns out, fewer Americans are purchasing layaway plans for heavy-bound multiple-volume sets (once sold at $1,400) and turning to the Web for answers, according to AP/Miami Herald. What's more interesting is that even the software encyclopedias are not selling as well, with Google changing the landscape of finding good reference information. 'Microsoft's $70 Encarta is the best seller but industrywide sales for encyclopedia software fell 7.3 percent in 2003 from 2002,' says Associated Press article."

Bootsy Collins writes "The Miami Herald is running a story on the first-ever prison sentencing (and, for that matter, prosecution and conviction) under the Federal Truth in Domain Names Act. This act, combined into the larger Prosecutorial Remedies and Other Tools to end the Exploitation of Children Today Act (PROTECT) of 2003, made it a violation of U.S. Federal law to use a misleading domain name with the intent to deceive someone into viewing obscene material -- larger penalties if attempting to so mislead minors, but up to two years even if adults are the object. In the case in question, a man was convicted for registering thousands of domain names which were close misspellings of popular web sites for kids. Attempting to surf to those sites would redirect to a site entitled 'Dorm Sex Party.' Before being arrested, the convicted typosquatter made about a million dollars for the referrals." He's been on Slashdot before.

Thanks to the Miami Herald for its article discussing the celebrating of an important classic gaming anniversary, as "...earlier this month, dozens of Blue Sky Rangers met at their former haunt, the aging Malibu Castle Park in Redondo Beach, a miniature-golf park and arcade near their former Hawthorne office. It was in memory of the 20th anniversary of the day [the Intellivision employees] lost their jobs." The article continues by detailing the history of Intellivision up to the present day, with the NPD noting "U.S. sales of classic games reached $58 million last year, up from $40 million the year before", with releases such as a previously covered Intellivision compilation. The president of the current Intellivision also mentions: "Someday... the company might release a new title of its own, something easy to play and probably set in the 1980s."

Thanks to the Miami Herald for their article discussing the banning a Florida school's plans to use sports-based videogames as a motivator for students taking physical education. According to the piece: "Fort Walton Beach High School wanted to use a PlayStation as part of a team sports course in the next school year as a way of motivating more students to take physical education", but "Superintendent Don Gaetz halted registration for the course Tuesday, calling it 'an idea whose time will never come.'" In a situation which sees "obesity rising among teens and that more than half of the state's high school students not participating in any physical activity at school last year", could attracting students with videogames actually be a valid approach?

securitas writes "CNet/ZDNet reports that Walt Disney has licensed Microsoft's Windows Media DRM technology for use in online movie distribution via the Internet. Reuters reports that Disney plans to sell movies online in late 2004 or early 2005, while AP reports that the multi-year license for Microsoft's digital rights/restrictions management and copy-protection software will let Disney distribute content on mobile phones, PDAs and portable media players (mirror). The companies are expected to officially announce the deal later today (Monday)." Conspiracy theorists, start your engines; kidding aside, this is something to watch, as these are two titans of industry.

wherley writes "AP reports that IBM'er David Bradley, who came up with the (in)famous Ctrl-Alt-Delete key combination, is retiring. The article mentions: 'At a 20-year celebration for the IBM PC, Bradley was on a panel with Microsoft founder Bill Gates and other tech icons. The discussion turned to the keys. 'I may have invented it, but Bill made it famous,' Bradley said. Gates didn't laugh. The key combination also is used when software, such as Microsoft's Windows operating system, fails'." We featured a story on Bradley a few months back.

Thanks to the Palm Beach Post for its article discussing Florida-based lawyer Jack Thompson's teamup with Barry Silver to continue a war on violent videogames. Thompson's anti-gaming history is well-discussed, and Silver is no less flamboyant during previous lawsuits, since he "had a bikini-clad hot dog vendor deliver a subpoena to Palm Beach County Commissioner Mary McCarty during his well-publicized fight over the vendor's right to sell hot dogs while partly clothed." Thompson says: "You can call us Scary Barry and Wacky Jack", and is helping Silver with the Florida-based lawsuit again GTA developers Take Two, following furore over the alleged depiction of Haitians which is still simmering in North Miami, with a new local law to restrict violent games planned. The article also notes that the two lawyers have a lot in common, commenting: "Both are frustrated politicians - Silver, a former state legislator, and Thompson, a failed Miami-Dade County state attorney candidate. Both love the limelight, take cases that are destined to make headlines and are famous for publicity stunts."

usn2fsu03 writes "Here we go again with another election controversy in South Florida. Touch screen voting was used in a State House election that was won by twelve votes. Unfortunately, there were 134 people who went through the process of checking in to vote, but either did not vote or cast a vote that was not counted. Without a paper trail it is anyone's guess as to what those voters' intentions were. Obviously, there is work to be done in the Election Supervisor's office before November comes around."

Shockmaster writes "Yahoo! has released their top searches of 2003. Google also has a year-end Zeitgeist wrap-up for popular search queries." Elsewhere, TheFairElf writes "The Miami Herald has Dave Barry's annual roundup of the year's main events titled 2003: A Dave Odyssey. The most significant events include the release of the fifth Harry Potter book 'Harry Potter Reaches Puberty and Starts Taking Really Long Showers' and the discovery of large quantities of sugar in Iraq which the CIA claimed 'is a leading cause of tooth decay'." Finally, wideangle writes "'Calling all metrosexuals: Get rid of that bling-bling - or at least find another word for it. In its annual compilation of language irritants, Lake Superior State University singled out 17 words and phrases that it says ought to be banned as overused, trite, euphemistic or just plain inaccurate." LOL, we wish everyone an Xtreme New Year from Slashdot, OMG.

securitas writes "Intel is contemplating using metal instead of silicon in future chips for the 'transistor gate, which controls whether a transistor is on or off' and the 'dielectric, an insulating layer below the gate,' which are respectively made of silicon atoms and silicon dioxide. 'Millions of minuscule switches that make up silicon chips leak electricity when they're supposed to be shut off. To compensate, engineers have increased the current, driving up power consumption, decreasing battery life for portable devices and generating more heat.' AMD has also experimented with metal instead of silicon. By moving to metal AMD and Intel expect to reduce electricity leakage. More from AP via SeattlePI and the Miami Herald." Update: 11/05 15:25 GMT by T : Read on below for some information from Intel on why this is a good thing.

gManZboy writes "Following up on the Intel news that about using metal in chips -- here's an explanation from Shekhar Borkar (Intel Research Fellow) about why heat, power, and sub-threshold leakage, not transistor size, are the real challenges to Moore's law. Apparently, in order to make chips much faster, we're going to have to pump more electricity in then anything else in our houses -- and they'll soon be as hot as a nuclear reactor -- no, really."

agdv writes "After the success of his first article providing the phone number of the American Teleservices Association, and the ensuing reaction by said organization, columnist Dave Barry attacks again, providing the ATA's new phone number. Read all about it! (the number is 317-816-9336, long distance charges may apply)."

agdv writes "After the success of his first article providing the phone number of the American Teleservices Association, and the ensuing reaction by said organization, columnist Dave Barry attacks again, providing the ATA's new phone number. Read all about it! (the number is 317-816-9336, long distance charges may apply)."

ikkonoishi writes "The Miami humor columnist Dave Barry in his column here encouraged his readers to exercise their constitutional rights to call a telemarketing firm which had declared the National Do Not Call List unconstitutional. Well it seems to have worked." Needless to say, the targets of the prank were none so keen on being called themselves.

Pointing to this Associated Press story carried by the Miami Herald, Jorkapp writes "Sony has announced that they will be using Processors manufactured by themselves in their next generation of CLIE handhelds, which are due to ship this Semptember. This is only the first step though, as Sony is planning to use its own line of processors for the next generation of Playstation systems. This new processor will give users 16 hours of battery life (impressive!) and the ability to play video at a smooth 30fps." And jake writes with a link to a story at mobilemag.com which also describes the new handhelds (the UX50 was mentioned the other day), and says "both the CLIE UX50 and UX40 handhelds will be available through American retailers in September for about $700 and $600, respectively, but can be pre-ordered now through Sony's website."

Makoto writes "How do you launch a cyber-war with no IP infrastructure? South Korea claims that North Korea is training about 100 "cybersoldiers" per year in electronic warfighting tools and techniques, including writing viruses and hacking. But according to a story at Wired News, North Korea can barely keep its electrical grid up - not to mention feed its people. Even the Pentagon says North Korea's hacker academy is probably just propaganda by South Korea."

quixado writes "You Play Games is an online wager service where you can bet and earn money for each kill or injury to opponents. You can even cap how much money you can lose in a 24 hour period. Return to Castle Wolfenstein is the first title. The press release can be found here. More info here too. And they said that spending days on end playing first person shooters wouldn't pay off..."

RodeoBoy writes "It seems that regardless of what NASA and Boeing wants the public to believe there are still questions about damage to the shuttle's left wing. Some Boeing engineers have raised concerns that proper analysis of the damage was not done at the time, due to changes and cutbacks in Boeing. It is also coming out that more than one chunk of foam might have hit and damaged the wing. With Boeing having some financial troubles and NASA under public scrutiny again, what is the future of the space shuttle program..."

This is a man who obviously knows a lot about the Internet. I am not making this up. He wrote a book about it. He has his own blog, his own Web site, and his own online alt.fan newsgroup with its own FAQ. Not only that, he is in a band and writes a syndicated humor column that often covers matters of interest to Slashdot readers. What are you going to ask him? Up to you, as long as you hold it down to one question per post. We'll send Dave 10 of the highest-moderated questions and post his answers as soon as we get them back, after which we're sure many alert readers will have much to add even if they haven't heard about Bennett Haselton's excellent automated Dave Barry column generator.

This is a man who obviously knows a lot about the Internet. I am not making this up. He wrote a book about it. He has his own blog, his own Web site, and his own online alt.fan newsgroup with its own FAQ. Not only that, he is in a band and writes a syndicated humor column that often covers matters of interest to Slashdot readers. What are you going to ask him? Up to you, as long as you hold it down to one question per post. We'll send Dave 10 of the highest-moderated questions and post his answers as soon as we get them back, after which we're sure many alert readers will have much to add even if they haven't heard about Bennett Haselton's excellent automated Dave Barry column generator.

LowellPorter writes "Miami-Dade and Broward counties are having voting problems. After the 2000 election problems, new voting methods were installed including touch screen technology. Some times the problems were with workers not showing up, poor training, or mechanical problems. It doesn't look like they cleaned up the system there." Not all of the problems mentioned in the article are due to the new proprietary voting machines, but many of them are.

Your intrepid reporter took a jaunt down to the H2K2 conference this past weekend, held in the lovely Hotel Pennsylvania. The conference had much more floor space than they had two years ago, and it seemed like more attendance as well. Wireless networks were available, though overcrowded, and if you didn't encrypt your communications, well, you've probably already paid the price. My notes on the conference and the sessions I attended are below, followed by a couple of reader submissions.

The conference took up the 18th floor of the Hotel Pennsylvania[1], with the second floor being devoted to network operations/music/gawking at the old computers. Unlike the last conference, both major session tracks were on the same floor, preventing the logjams that occurred in 2000 when hundreds of people decided to use the elevators every hour between sessions. Lesson learned for future conference organizers: don't split your major crowd-drawing events between floors if you can possibly help it.

Siva Vaidhyanathan was the first keynote speaker. He described the internet as a cynical technology -- a technology which promotes seeing things as they are, not veiled by smokescreen or corporate PR -- and noted the attacks on cynical technologies since Sept. 11, tying that in to the copyright wars with Valenti, the DMCA, WIPO, and so on. It was good, well-reasoned speech, but honestly, Slashdot readers have heard it before so I'm not going to spend much time on it.

Andy Mueller-Maguhn (probably best known to U.S. readers as the European At-Large ICANN representative) and Paul Garrin of Name.space gave a talk about ICANN and the DNS. Mueller-Maguhn described the attendance at ICANN's Montevideo meeting: about 450 people overall, of which 320 were representatives of the Intellectual Property community (RIAA, MPAA, many others), 100 or so from the world's various governments, and even a few technical people. He drove home the fact that the IP people have the funds and personnel to participate in these meetings, and that few other organizations do. Mueller-Maguhn was critical of the recent decisions by various U.S. civil liberties groups to stop trying to affect ICANN (nothing they've done has had any effect) and to start working on the U.S. Commerce department to cause change in the DNS -- Mueller-Maguhn prefers to work within the system, even when his efforts bear no fruit. Garrin talked briefly about Name.space's efforts to provide a free-speech alternative to the current DNS system.

Goldstein and Macki of 2600, and Robin Gross of the EFF, discussed the DeCSS case. Again, this a topic thoroughly covered on Slashdot, so I see no need to recap the talk. They noted that Jon Johansen is still facing charges in Norway, and that the EFF is still interesting in overturning various provisions of the DMCA, so if you have a situation that might represent a good test case, please contact them.

The next day, Eric Grimm and Robin Gross did a presentation on the DMCA, almost a continuation of the DeCSS presentation. Notice and takedown, ReplayTV, the Eldred and Golan lawsuits against the most recent copyright extensions; Slashdot covers these pretty well.

This was followed by journalist Declan McCullagh and cryptographer Matt Blaze, with a talk titled "Educating Lawmakers: is it possible?". McCullagh told his favorite anecdotes about Congressional stupidity, while Blaze described his interactions with the NSA during the dark days of crypto prohibition. Blaze described his work on the Clipper chip, which may be before the time of some Slashdot readers: in a nutshell, the U.S. government decided that they would promote a cryptographic solution which had a Federal backdoor, allowing users to secure their secrets against anyone but the government. Blaze expressed interest in it, and was invited to visit Ft. Meade, where he was given a sample Clipper chip by NSA techies -- except they weren't sure if he would allowed to take it out of the facility. The techies gave him a brown paper bag to carry out the sample -- a burn bag for *classified* materials. Which he successfully carried out, with Clipper chip inside. Blaze discovered major flaws in Clipper's backdoor, which would have allowed anyone to gain access through it, and which eventually helped torpedo the Clipper plan. (Of course, Microsoft's Palladium plan will accomplish much the same purpose: just as the Federal government had final control over the design of Clipper, Microsoft will have final control of your PC, making government wiretapping trivial, so saying "key escrow is dead" is not even close to true.) Blaze concluded by describing his testimony before the Senate Intelligence Committee: he noted that when he consulted with other witnesses after the testimony, each of them had independently decided to liberate one of the stationery notepads provided in the hearing chamber for a souvenir, and "one of us got the gavel".

Aaron McGruder gave a very interesting speech. I had barely heard of him before (not a Boondocks reader, sorry), so I wasn't sure what to expect. McGruder covered his experiences getting into cartooning, and described getting his thoughts into a few hundred newspapers daily as a "hack," which I suppose it is. His speech was mostly about his cartooning and recent politics -- suffice it to say that he isn't a fan of Bush and the current corporate government.

Philip Kaplan, best known for fuckedcompany.com, talked about the secrets of making money on the net. His secret is basically: when you scratch an itch for yourself, scratch it for others as well, since probably thousands of people worldwide have the same itch you do. He also described some of the trials and tribulations of running his dot-com deadpool site, the inevitable legal hassles, etc.

Jello Biafra wasn't originally scheduled to speak, but happened to be in town. His address last time with the refrain of "Become the media" brought the house down, and he gave a late-night wide-ranging ramble working from handwritten notes which again proved to be quite popular. The talk centered mainly on music, with a secondary helping of politics, touching on his legal troubles with the rest of his former band, current developments in digital music, and ad-busting counter-culture efforts (he was following Mark Hosler of Negativland). Biafra came prepared with some old vinyl albums of corporate morale-boosting and sales songs -- imagine songs composed at corporate retreats and sung by miscellaneous employees, extolling the joys of using company X's products, or a song about the joys of being a Ford employee's wife who (of course) stays home to cook him dinner and bring his slippers when he comes home after a hard day at work. Hilarious stuff.

On Sunday, Maximilian Dornseif gave a talk about digital demonstrations. Obstructive demonstrations and sit-ins are more popular in Europe than in the U.S., and they are branching out into digital versions, electronic sit-ins that attempt to slow down or DDOS targeted websites for political ends. Dornseif described several previous attempts: programs distributed to automatically reload a targeted website, for instance. Some of them were quite sophisticated, including one with smart date-checking to make sure it was used only during the designated protest time. Dornseif described his ideals for an electronic protest, to make it as similar as possible to a real-world one: persons involved should be identifiable, outside observers should be able to know the goal of the protest, etc. Overall, an electronic protest should have strong parallels to physical protests, so that if the judicial system examines the legality of what you are doing, the judge is tempted to find it a legitimate protest rather than an illegitimate attack by cyber-criminals. Dornseif suggested making "slow" connections to HTTP servers ("G" sleep 10 "E" sleep 10 "T" sleep 10 ...), as well as "accept flooding" -- completing the TCP handshake, but not actually making any HTTP request -- these are "slow" versions of regular connections, which make effective DOS's, but also mimic regular users and might find acceptance in the courts as part of a planned protest.

Finally we come to some of the most interesting presentations. The lockpicking presentation, by Barry "The Key" Wels and Mike Glasser, was given to an utterly packed room. Wels and Glasser described many common and uncommon types of locks, and proceeded to pick them with great success. Those combination Master locks that are so popular on high school lockers? Takes one second to open any of those with the proper tool, a bent piece of metal that allows the shackle to simply pop out. You might want to invest in better protection for your varsity jacket. Thought your bicycle U-bolt lock was too strong to cut? It only takes ten seconds to pick it with the right tool, a circular pick that mimics any key. This might help explain the two bicycles I've had stolen in New York City. Normal house deadbolts? Maybe 30 seconds. They covered an assortment of high-security locks, such as ones with side dimple keys instead of teeth, 3 or 4-edged keys, disk keys, locks with magnetic pins, and so on. It was a remarkable presentation, and Mr. Wels especially represents a true hacker in every good sense of the word. He suggested starting at locktools.nl or security.nl or lockpicking.org if you'd like to try your hand.

Douglas Rushkoff was next with a wide-ranging speech about the true role of hackers in modern society. I probably can't do justice to his argument - read through his website, which has a lot of various essays and articles, if you want to get a sense of it -- but essentially he made a very Matrix-like argument about hackers, storytellers, the media, and empowerment. Starting from a premise that stories control reality (as an example he used the Ewoks in Star Wars, who were convinced to die for the Rebellion by the stories told to them by C3PO), he said that recently we have been empowered to alter and participate in our own stories (empowerment through devices such as the joystick, remote control and computer keyboard, each of which allows us to control our experiences), but this time is now ending. We are currently in a Golden Age of interactivity, where most of the attackers that attempted to control computing and the internet in round 1 have been beat down (the dot-com bust), but they're coming back, and hackers are the only ones who have the ability to see through the veils (computer GUIs and the like) that blind us to true reality. Very fun to listen to, and way too full of information to summarize effectively. I'll leave you with one memorable analogy -- Rushkoff said business and government were like bacteria and fungus, they have to stay in balance and if you suppress one of them the other one grows out of control. Not a bad analogy at all considering the times we live in.

Eric Blossom gave another fascinating presentation about GNU radio, whose goal is to develop a Free software-defined radio system that runs on commodity hardware. Software-defined radios are a tremendous concept which are going to cause revolution when they are deployed. Think about a PC or other electronic device that has complete access to every bit of information in every radio-frequency wave passing through it, in constant wireless communications with any nearby similar device. Maybe if the devices are close, they adopt a high-frequency unlicensed band to communicate, if they're farther apart they pick a lower frequency ... Slashdot gets a lot of Ask Slashdot questions which say roughly "What open source software project should I work on?" or "I know I like computers, what should I do in college?" We delete most of them. Here is the answer for everyone who asks those questions: software-defined radio. Trust me. It's going to be big. The GNU radio people are concentrating mainly on television applications right now, because the tuners and such are readily available, and they have a lot of pieces which each work but still have a lot of work to do to create a turnkey system.

Ryan Lackey and Avi Freedman talked about the past, present and future of Sealand. We've covered this pretty extensively on Slashdot. Havenco is doing acceptably well, with their only significant problem being that the major European ISPs keep going bankrupt. They hinted that they are planning to do more things to promote free speech in the very near future - they already run an anonymous remailer and host a copy of DeCSS. An offhand comment by Freedman gave me a very good idea of what they're planning, but I'm not going to spoil their surprise by mentioning it here.

And finally, the time-honored Social Engineering panel. Again, the largest conference room available was packed with attendees. After a few funny stories about legendary hacks, Goldstein read the AT&T memo and noted, "If that's not an invitation I don't know what is." Coincidentally or not, the two lines which Verizon had installed in the conference room were mysteriously unable to dial long distance numbers or AT&T, though they had been able to yesterday. (Um, the phone companies are slow but they're not stupid - when a conference of phone hackers wants phone lines installed, it has to set off a few alarm bells somewhere.) When Goldstein eventually got an AT&T operator, she was suspicious and refused to assist him - obviously she had read the memo. :) Goldstein decided to hit easier targets, and starting paging through the phone book, eventually settling on a Starbucks outlet. He was able to get a Starbucks employee to provide him with customers' credit card information, without much difficulty. If you used an American Express card to make a $3.57 purchase at a Manhattan Starbucks on Sunday morning, you might want to check your next statement (although the A/V crew kept the card number from being heard by the crowd). Next up was the Russian Tea Room, a high-class restaurant in Manhattan, where Goldstein had no difficulty in changing some poor woman's reservations and getting her phone number, then calling her and notifying her of the changed reservations, due to a "health inspection". He said he'd call and change them back to the original time, showing the hacker's spirit: inquisitiveness without destructiveness.

Overall, I had a great time at the conference, and so did a couple of non-computer geeks that I dragged along with me. I'm looking forward to H2K4 already.

[1] That's the third time I've linked to that Dave Barry piece, and it's still funny.

Reader lokii202 takes a look at the Social Engineering presentation: lokii202 writes "I attended the Social Engineering panel discussion today at the H.O.P.E. conference, and thought it might be nice to follow up on the previous article about AT&T's Hacker Warning memo. The AT&T security number was tried and the attempt failed, although one of the members of the large crowd in attendence offered up an AT&T HRID number. The operator got suspicious and shut us down.

However, no fair 'cause they were ready for it. Starbucks, to our enjoyment, had no such warning memo circulating, and here are the results...

Our panelist made a call over a standard phone line to a Starbuck's store using a calling card. Asked the underling if they were having network problems. Underling, following the standard underling procedure, got the Assistant Manager. AM told us that yes, they were having problems with the credit card system. Oops. Within about 5 minutes he was reading off transaction times, dates, and more chillingly an American Express card number and expiration date. Our panelist stopped the guy before he exposed the whole number (the phone was hooked into a P.A. system for the conference and the experiment). The point was made very clearly.

Next, our guy called up the Russian Tea Room, which is a pretty classy joint in NYC, and posed as the flustered husband who needed to change dinner reservations for this evening. He had no names, no prior knowledge, etc. He managed to get some poor guys' reservations changed to 9pm and also got the guy's cell number. Next, he called the guy and posed as a Russian Tea Room host and apologized that his reservations were changed to 9pm, due to a health department inspection.

That was kinda funny.

High tech gizmos and uber-gear might get one pretty far, but when you come down to it security starts with the user. This demonstration, and others like it at H2K2, made it embarassingly apparent that to obtain sensitive data one only needs a little ingenuity and some acting skills."

Reader weave takes a look at the whole conference (this may seem repetitive, but it's good to look at things through others' eyes...) He writes "H2K2 (or HOPE 2002 or Hackers On Planet Earth 2002) was held this past weekend in New York City at the Hotel Pennsylvania. I've been to previous HOPE conferences and this one was much better than ones in the past, but it still had a few problems.

Aaron McGruder, the creator of Boondocks comic strip was keynote. Jello Biafra makes a repeat appearance as well as some other past favorites, such as the "former spy" Robert Steele, as well as some surprise guests such as former Taliban fighter, Aukai Collins.

This is my personal review of h2k2. There were so many things happening at once that one person can't obviously see it all. This is based on what I saw, experienced, felt, and my personal opinions.

Keynote Speaker: Aaron MgGruder, author of Boondocks, spoke on Saturday. This was my favorite speaker and worth the price of admission. He was invited because he did a short sequence of strips covering the DeCSS subject and, as Emmanuel Goldstein said, "the only person in popular media to get it right." Aaron was very articulate, intelligent, and of course, opinionated. What I liked most about him was his admitting that he does not know it all. He made fun of political experts who sit around and debate political topics based on what they are spoon fed by popular media. He says there is not much difference between us and people who live in censored countries except they KNOW they aren't getting the full story. We all think we are smart and know it all. His advice to people who love to rant about political topics, "Shut the hell up, you don't know anything."

McGruder thinks our society is falling apart and the only thing that can fix it is revolution. He has hope, but not much. He spoke about Bush's line that countries that hurt American are going to have to pay, which means we kill a bunch of their innocent civilians so they get to claim that we will then have to pay, where they kill a bunch of us. McGruder's solution is that people should just go kill the leaders of these nations. He then back-pedaled (remembering the place was probably full of feds) and disclaimed that he wasn't advocating that anyone go out and shoot Bush (who he has no love for). He reminded us that if Bush was killed, we'd be left with Cheney, who is far far worse in his opinion. "If Cheney was President, Afghanistan and Iraq would be glass, and we may give the neighboring countries 30 minutes of warning to get away from the borders."

Jello Biafra: Jello was keynote at H2K in 2000 and returned this year to speak late Saturday night. He was well loved by most people there, based on the reactions I saw that night. I didn't like him. He reminded me of Rush Limbaugh except on the left side. Loads of rhetoric, wild claims, and positioning himself as an expert. He was supposed to speak for one hour, and then the film "Freedom Downtime" was to be shown. He rambled on for two and a half hours, then took his shoe off and asked for donations for his legal defense fund involving his former record label. People flocked up and stuffed it full of money as he started to spin records. At this point it was 12:30am and I gave up and went to my room and and got some sleep.

Robert Steele : Former spy, and backer of a concept called "Open Source Intelligence" where countries share intelligence information freely with each other and their citizens. His speech on Hacking National Intelligence was, to me, frightening. He claims that 9/11 involved a serious failure of our intelligence network and Washington is trying to whitewash it all. He also claims that he has no doubt at all that New York City will be the target of another terrorist attack soon. "When foreigners think of the U.S. they think of New York City. It is the center of capitalism." He is an excellent speaker. I hope he returns next time.

During his talk, he introduced Aukai Collins who told us of his experiences fighting for bin Laden (during the 90s when we were paying bin Laden's salary and he allegedly was a good guy). When the embassy bombings started to occur, he went to the CIA and offered himself as an intelligence source. He worked for them and the FBI a few years and during that time was invited by bin Laden's runners to come work closely with him. When he bought this opportunity to get close to bin Laden to his superiors, they told him not to go. He feels we lost probably our only opportunity to get one of our guys close to bin Laden. He has written a book on this called My Jihad.

If this so far sounds like h2k2 was more politics than tech, I got the same impression. I skipped out on most of the DMCA updates and other legal updates. They were hosted by members of EFF and their lawyers. The small bits I saw sounded very informative and I applaud their works in these areas. Since I've kept up on all the news on these cases, I decided to skip these forums.

The best of the tech presentations was Fun with 802.11b hosted by Dragorn, Porkchop, and StAtic FuSIOn. (I sometimes hate silly handles). During the days before h2k2, they mapped out over 400 open wireless networks accessible from within three blocks of the hotel in midtown Manhattan. They demonstrated passive snoopers like kismet and showed us different directional high-gain antennas. Their recommendation for a good PCMCIA 802.11b card was Cisco's 352, which I of course didn't have. I ran out and bought an SMC card for my company laptop before the conference and had a tech load Linux on my laptop. I told him he could pick the distro of his choice, but unfortunately he picked the one I'm least familiar with, Slackware. I could not get the damn card working for the life of me. I wanted to scream.

A big disappointment was the Cult of the Dead Cow Extravaganza . It was to be held down on the lower level in the network room and broadcast up to the conference rooms on the 18th floor. Well, it didn't work. I was upstairs and they mucked with the equipment for an hour trying to get a a/v feed going. After all this time of wondering whether we should fight our way downstairs to watch it in person, we got an announcement. "Sorry, but we can't get it to work. Oh, by the way, they have already started downstairs."

Urge to kill. My friend and I wondered how they screwed this one up and traced the wires to a display table and behind a closed stairwell door. We looked at each other and said "Nooo". We popped into a neighboring stairwell as everyone fought for the elevators. We went down one floor then popped over to the stairwell that we saw the wires going down. Sure enough, they had run the wires down the open portion of the stairs so they were hanging by their own weight for a distance of about 22 floors (the hotel has 18 number floors, about 4 lettered floors like A, B, C, D, a mezzanine floor, and lobby floor). I'm not sure what the stress would be introduced by a cable hanging by its own weight for that kind of distance, but I bet the center copper core couldn't bear it and broke inside.

So we run downstairs and saw some talented but unwanted female singing about how great the CDC was. Then someone else got up and swung a black briefcase looking device around. Had no idea what it was because we couldn't understand squat in the back. Basically we said to hell with them all, and left.

So while the presentations were hit and miss, the overall best part of the conference were the attendees. Freaks, geeks, and misfits everywhere, all being good to each other, curious, intelligent, and sometimes a bit too paranoid. Of course it was mostly guys, but there were women as well as one person who had a male voice but noticeable breasts and a feminine face and shape. Many other guys dressed up a bit too flamboyant for my tastes as well. My point being, everyone was accepted for who they are and all got along great together. I didn't meet a single person who I talked to who was rude, or unwilling to strike up a conversation. The network room had wired and wireless internet access and was open 24 hours a day and the source for some of the most fun at the conference. But by all means, the best part of h2k2 was the attendees and they are the reason why I will want to go again in the future."

An anonymous submitter forwards this possibly-authentic note about today's H2K2 conference. If you're in the New York area and you love computers and nice hotels, come on down. Anonymous writes "So I get into work, and what do I find in my mailbox? Why, nothing less than a warning cautioning me to be very careful talking to people from July 12 to July 14. (Not me specifically, you understand, it went out all over). Full text follows."

****************************************************************
AT&T Network Fraud Advisory
July 11, 2002
****************************************************************
Possible Hacker Social Engineering Attempts
Friday July 12 - Sunday July
14, 2002
===================================================
Caution:
------------
Be careful about giving information to anyone you don't know and those making unusual information requests by claiming to be an AT&T employee or customer. The H2K2 (Hackers on Planet Earth 2002) Hacker Conference will take place this weekend, Friday, July 12 to Sunday to July 14, 2001, [ed. note: 2001?] in New York City. This conference will be a gathering of over five thousand computer hackers, guest speakers, and computer enthusiasts. http://www.h2k2.net In 1994, 1997 and 2000 at the previous Hope (Hackers on Planet Earth) Conferences, live demonstrations of "social engineering" techniques were performed in front of thousands of hackers and other attendees. The hacker panel dialed live into AT&T offices and centers and demonstrated how to get proprietary information by pretending to be an AT&T employee and customer. These calls were recorded and videotaped by the hackers and are sold as instructional material at future hacker conferences. There is a very high likelihood that AT&T will be a target again this weekend. The social engineering contest is scheduled for Sunday July 14th, at 4 P.M. ET, (1 PM PT). During this period hackers may be dialing into AT&T to get information. AT&T Network Security would like to warn our employees to be on guard this entire weekend for any unknown person calling and claiming to be an AT&T employee to request proprietary information or claiming to be an AT&T customer with unusual requests. Remember, if anyone, who is unknown to you calls for proprietary information or make unusual requests, please follow your procedure by requesting additional information to ensure the person is who they say they are before giving out any information. If the person is claiming to be an AT&T employee, please request name, callback and HRID #. Then verify through POST or the email global address list if the information is correct and even request to call the employee back at their contact number. If the person is claiming to be an AT&T customer verify this by requesting additional info on their account like address and SS# and even request to call the person back at their contact number listed on the account. Please be on guard for any unusual requests. Verify the person is an AT&T employee or a legitimate customer and if they have a need to know the information they are asking. If you can't verify employment or number, don't give out the information. If you are still in doubt regarding the legitimacy of the caller, then speak to a supervisor regarding the situation before proceeding further and inform the caller you will call them back. If you still have questions you can call the Security Hotline 1-800-822-9009. Remember you do not want to be the lucky guest of honor on a telephone call from the hacker conference this weekend with thousands of hackers listening to you and attempting to scam AT&T out of proprietary information. Please be on guard.
- - - - - - - - - - - - - - - - - - - - - - - - -
Source: AT&T Network Security
*******************************************************************

Raul654 writes "The Maimi Herald, via the Associated Press, is reporting that Russia wants to launch a manned mission to mars. The article says that the Russians are hoping to work closely with the European Space Agency and/or NASA. The 6 person, 440 day trip would cost around $20 billion. Should be interesting to see how this shapes up. See also here for mirror article."

2600's Macki writes in to remind me and everyone else that H2K2 is coming up shortly, with pre-registration closing on Friday. The conference will be July 12-14 in New York City, in the exciting yet inexpensive Hotel Pennsylvania. I could only make the HOPE 2000 conference for one day, but it was quite interesting and it looks like audio from most of the panels is available, or just check out the list of panels for 2002 to see if it looks intriguing to you. And if you read Slashdot, the answer to that is probably "yes".

retrosteve writes: "Well, it's finally happened. Someone (Dave Barry) in the popular press has finally, explicitly and with a sense of humour, pointed out that Microsoft Windows doesn't get any more reliable or usable, no matter how many versions you buy."

retrosteve writes: "Well, it's finally happened. Someone (Dave Barry) in the popular press has finally, explicitly and with a sense of humour, pointed out that Microsoft Windows doesn't get any more reliable or usable, no matter how many versions you buy."