Slashdot Mirror
WebTV/MSNTV Virus Dials 911
Semji Rkim writes: "Though not the first virus to direct modems at 911, ABC News is reporting a bug in WebTV (Now branded as MSNTV) units which causes the infected unit to hang-up and dial 911. The virus spreads via email and Microsoft officials are looking into how it is able to replicate and also control the modem. Affected users are advised to delete the email and call Microsoft at 1-800-469-3288."
This can't be true. Microsoft just spent a whole month focusing on security. There must be some mistake.
C8H10N4O2 | Developer > Code
Tying up 911 lines costs lives. In many jurisdictions you can be fined for prank calling 911, especially if you are a repeat offender. WebTV users would be well advised to be very careful with their email until this problem is resolved.
I read the internet for the articles.
"911, what's your emergency?" "I've got a Microsoft product in my living room!" "What?" "I've got a Microsoft product in my living room! AIIIIGH!"
This tagline is umop apisdn.
It's not a virus!
It's just the poor MSN infected boxes crying out for help!!
I stole this Sig
When 911 operator answers, the virus plays a wav file, in the voice of Stephen Hawking's voice thing:
"Help Me. I have Web TV. Help Me"
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Any knowledgeable hacker knows about ATH0, it effects around 50 percent of 56k/33/28 modems.
With this, I was able to hang up peoples connections and even make them dial phone numbers, you send the modem commands and because of a bug, the modems obey the commands.
Its not a virus, Its something thats been going on for years, its an old trick/exploit.hack
If you use Linux, please help development of Autopac
that a virii could hack a MSN/WebTV unit *and* propagate itself to other MSN/WebTV users.
Microsoft advises affected customers to delete the email and call 1-800-469-3288.
Suggestion for next iteration of virus: dial this number instead.
I guess they never said trustworthy phone dialing.
"That's the sort of blinkered, philistine pig ignorance I've come to expect from you non-creative garbage."-Monty Python
If (incredibly hypothetical?) the guy/gal who wrote this virus gets caught, can he/she be fined/jailed for each and every call made to 911? If so, how long would you be in jail for/how much would you have to pay?
--
http://nemilar.net - Not your grandmother's soup kitchen
This is bad, because 911 services cost real taxpayer money. The question is: can Microsoft be held liable for wasting my taxpayer dollars because of their product's flaws?
None of this will be possible once you all surrender minute-by-minute control over all your computing devices to Microsoft. Duh.
314-15-9265
Kinda makes you ache for a phone-firewall, doesn't it? Heh.
Hmm I could block 911 & telemarketers...
"Derp de derp."
How much longer will it be before unscrupulous 900 number operators enlist people to alter this virus to make it dial their numbers? Given that it takes a month to get a phone bill, the culprits can close up shop and move on long before anyone even realizes there is a probem...
"Chances of RHIC-induced Armageddon are exceedingly rare, but... you never know." - MIT Physicist Bob Jaffe
Why can't the fucking virus writers understand that they need to be portable across platforms? It seems most virus writers these days are targetting Microsoft products without so much as a thought about portability. What about users running MacOS, Linux, Solaris, *BSD or any other operating system? What about users who don't even have a modem? And what about users in other countries where the emergency number is different from that in the US? This virus is buggy as hell, I wouldn't want it if my life depended on it! (pun intended).
M$ sends an automated voice message out to all their subscibers. Either that or make all the access numbers just play this instead of sending any actual data.
"Services will not be availiable today because of a virus that affects webtv users. The virus takes control of the webTV modem and causes it to dial 911. Please unplug your webtv unit from the phone line until we can fix the problem. Please call 555-1212 if you suspect your webtv has been affected"
Clean up your mail servers. Install something to filter out the virus and any varients. Even the least tech savvy people will understand "It dials 911" and "Unplug your webtv"
Just some advice.
--toq
There's an argument to be made that having a Microsoft product in your living room could be termed an emergency.
I personally find this alleged virus' behaviour entirely appropriate.
It's just trying to help.
Can't you see that?
Blearf. Blearf, I say.
In order to be able to pass Hayes commands to the modem, you first have to establish a terminal session to the modem itself; if you can do this, it's already game over.
Otherwise, knowing about ATH0, ATA, ATDT and ATM0 (well, the last is useful if you're dialing late at night and don't want to wake others) isn't so much l33t as having paged through the manual while waiting to get an open line.
OTOH, figuring out that you can down a BBS you don't like by requesting a file named COM1:? That's getting warmer...
Easy does it!
This comment has been submitted already, 276865 hours , 59 minutes ago. No need to try again.
...just have the MSNTV units call the 1-800-469-3288 number directly.
Why don't the people who write viruses ever have a sense of humor?
"Don't blame me, I voted for Kodos!"
Yeah, Duke, but what do you do when the problem is bigger than just re-installing Acrobat?
Finally, math books without any of that base 6 crap in them.
I prefer Karma Escort, thank you very much.
C8H10N4O2 | Developer > Code
Part of the purpose of 911 is to report crimes.
Hacking is a serious crime.
The virus is just calling 911 to report itself.
A legparnasom tele van angolnaval.
if after it dialed it played popular music using only dial tones.
Maybe the rolling stones "Start me up"..
This, right about the time ax-Microsoftie security snake oil salesman is harping about the dangers to our infrastructure because of the Internet, and when Microsoft is promoting Palladium as the solution to its MUA scripting bugs.
Coincidence? Probably. But geez, you can bet they will spin this to their favor. Instead of apologizing for their incompetence, they will use it as evidence of the dangerous new world we live in, and request us to please bend over for all their new security initiatives.
Our infrastructure is under threat from hacker terrorists! The free world is at stake! Join up at your NET Guard recruiting office now!
Hello, operator? Give me the number for nine one one!"
I don't know the exact in's-and-out's of the webtv e-mail system but back in the BBS days, we used to send each other (amongst friends) DOS TSR's that would be disguised as a trusted executable file for a legit program. The person would run it and hang up their modem used ATH0. And dial out numbers using ATDT. To get rid of it, they would have to reboot using a bootdisk since the TSR would be in their autoexec.bat file. Anyway, the point is that this method of modem-"hacking" is very easy to do and shouldn't be tough to adapt for the modern day webtv.
A part of me actually finds the idea of Microsoft being held liable for the 911 calls pretty amusing. But the reality is that it costs money and unfortunately it could cost lives. I hope all of you people make sure to tell your moms/dads/grandparents/spouses/friends/etc. to disconnect their boxes from the phones lines.
Did you even bother to read what I just said? Do I have to post links for you to read? (why bother, you didn't read my comment)
/. there was an article about a root apache exploit.
#1. Just a few days ago on
#2. It doesn't matter HOW it gets there, what matters is that it does, be it mail client exploit or service exploit.
#3. Your comment sounds along the lines of "LUNIX IS INVINCABLE!" Which it can be, unless there is a root exploit like the one I described above. This was very heavily discussed on slashdot about a week ago.
You can't blame MS for making a product with holes, it's their culture.
Back in the days of 2400bps, when modems touted features like "auto-dial," every night when one of my friends made his BBS rounds, the cops would show up at his house.
This went on for days. And no one really put it together until, one night, while listening to the dial-tones coming out the speak of his Avatar 2400 modem, he noticed that anytime the modem attempted to dial an 8, nothing would come out.
And one of the BBSs he dialed started thus:
(8)91-1xxx
If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
For one thing, I doubt the operators get paid until the customer pays the phone company. In most states, the phone company cannot disconnect your service if you refuse to pay for calls to 900 numbers. The worst they can do is block your access to those numbers in the future...which might be a good thing in this case!
Second, once the complaints came in, the phone company would quickly cease all payments to the operator, and turn their info over to the district attorney's office for prosecution.
I had a ctcp command do that on undernet once. Like[1] an idiot, I ran it, and nothing seemed to happen. It had however hung up the modem and dialled 911. I tried it four times. I forgot about it and carried on for about 15 minutes. Then at midnight I heard a knock on the door. I thought maybe a neighbor had some sort of an emergency or something. It was the police. He asked if everything was ok, but wouldn't leave until he saw my mother to make sure I didn't hack them up or something. It was kind of hard to explain that someone on undernet had sent me this command and said that it actually done something else. I wish I could say I learned something from that experience...
[1] maybe "like" is not the best word
From the article,
This virus only affects Microsoft WebTV/MSNTV units. Windows PCs, Macs, Unix, and Linux machines are unaffected.
Huh!? I thought viruses affected EVERY computer and email client the same! I mean they've never suggested anything different on the news before this?!? Do you mean that when checking my email on Red Hat using Pine I won't get klez or code red???
I stole this Sig
It's great that the virus dials 911. I mean, my local Stonecutter lodgemaster told me only suckers dial 911.
The real emergency number is 912.
*grin*
I wish I had a kryptonite cross, because then you could keep Dracula and Superman away.
Actually, apache _does_ run as root in the beginning to seize a priviledged port. But having a scriptkiddie romping around on your box as 'nobody' is just as bad. Did you know that local root exploits are more prevalent than remote root ones?
So this is the company we're supposed to trust to make the internet more secure with Palladium?
Humorless sig goes here.
I dont know how web tv works, but i do know that on a webtv the maker has a complete control over the software and the hardware that runs on it.
And it still has viruses.
What's more, they're going to win. A jury will take nanoseconds to decide between a grieving family and a convicted abusive monopolist sitting on $40 billion in liquid assets.
Lacking <sarcasm> tags,
...is that the loser who made this all happen has a heartattack and can't get through to 911 emergency services because his/her own virus/hack/whatever is tying up the line.
Sometimes these pranks go too far.
If the person who wrote this virus has caused 911 to be tied up, and this has possibly caused somebody to die, would they be prosecutable under the new anti-hacker law that Congress put together?
This sig has been temporarily disconnected or is no longer in service
Gotta be at least one story like this.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
But we're sure Micro$oft is working hard to fix that.
A lot of people have commented that Schmidt is full of... well, Schmidt, because anything critical should not be hooked up to the Internet. But here's an example of one way the ubiquity of Internet-connected computers could disrupt things.
Hypothetical scenario:
Whether this "virus" was planted by terrorists is not at issue, though. Perhaps we should pay more attention to Schmidt -- after all, who would know more about the insecurity of 95% of US PCs than an ex-MS security chief. We need to start looking at how our non-Internet-connected infrastructure might be indirectly vulnerable to Internet-based attacks.
In order to be able to pass Hayes commands to the modem, you first have to establish a terminal session to the modem itself
.1% of modem users on the Internet are vulnerable, which is probably way too high. If you did have a system set up like this, you'd experience frequent hangups during normal operation.
You are correct.
The problem is that normally "+++" drops the modem into terminal mode.
To keep this from being a problem (whereyou actually want to send "+++") is that modems are *supposed* to have a guard time where "+++" must not be followed by any data for a certain period of time. If any data comes in, they do not drop into terminal mode. This time is called the guard time. The guard time can be set to zero in software, however (if your dialup software is being braindead or is misconfigured), and a few modems (ones that Apple shipped) had a zero guard time by default. So all you had to do was get the remote computer to send *any* data containing +++AT(a Hayes command). This could be accomplished by sending an ICMP echo (ping) packet and waiting for the pong to hit the modem.
I thought this was fixed for just about everyone, but evidently the WebTV guys still have a zero guard time.
This "50% vulnerable" number is absolutely ludicrous. I've had a 33.6 and three 56k modems, and none of them have had a zero guard time by default or set to zero by the two Linux dialers, the two MacOS dialers, or the Windows NT dialer that I've used. I'd say that *maybe*
Setting the guard time to 255 is probably overkill...I can't see it being a problem at much of anything but zero.
May we never see th
Interesting that this virus comes out so soon after the House OKs Life Sentences For Hackers. If the 911 lines get tied up, and someone dies as a result, can the virus writer be charged with murder?
"If a hack causes death the hacker can never be the only one to blame IMHO." - AVee
I guess in this case it could, unless you want to blame the user for hooking his computer up to a phone line.
Disclaimer: this is Slashdot, so everyone has to shoot their mouths off without knowing what they're talking about, right?
-jhp
/. -- the Free Republic of technology.
One of these days a virus will dial up the Virus Hotline and report itself.
Table-ized A.I.
Since this apparently affects pre-Microsoft WebTV boxes, though, it may be in code from the original WebTV people in Palo Alto. But that was a long time ago. Microsoft owns it now, and has to take the blame.
Is it actually running unauthorized code, or does the exploit just change what it dials?
"Sorry: you have not purchased a certificate for Emergancy Services. Call cancelled."
Table-ized A.I.
Very easy to make such broad categorizations.
How many unknown exploits exist? Can you answer that? Because if I were a malicious hacker I wouldn't tell the likes of you. I wouldn't post it to security focus. I would STFU keep my lips sealed. Keep it in my pocket.
There is no way of accounting for the unnacountable. How long did the apache problem really exist before it was discovered? I can't answer that, c'mon, try and give me an answer. What's that? can't answer that? Try giving me an estimate. Can't estimate it? Well neither can I.
Only way to truly stay secure from a network is to not be connected to one at all.
Choose using computers.
Choose hanging out on Slashdot.
Choose knowing enough about the patent system to make a lawyer blush.
Choose not having a girlfriend.
Choose your hand every night.
Choose Linux, and its politics.
Choose videogames, LAN parties, XL shirts, and big screen TVs.
Choose a career in the IT field.
Choose bitterness.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Talk about efficient AI...Microsoft probably didn't look at that code after stealing it, heh... "hello 911, this is the Box reporting Microsoft frauded my owner for selling him overpriced underfeatured and buggy hardware, thank you."
--- Metamoderating abusive downgraders since my 300th post.
Thought this was appropriate..
"I've heard WinXP removed the cmd/command prompt."
No, Microsoft didn't remove the CMD.EXE or COMMAND.COM prompt from Windows XP. But Windows XP has reduced functionality, in many ways, not just in the command line. The command line is a big embarrassment because of its limited capabilities, but at least in Win 95 it worked. With every version since then it has worked less well. (There are two kinds of command prompt, and, according to Microsoft employees, the differences between them are not documented.)
The command line prompt sometimes begins to display short file names. Microsoft employees say that Microsoft has no fix, although someone not connected with Microsoft did make a work-around.
Cutting and pasting into a command line program often puts successive extra spaces before each line. Microsoft employees say that there is no plan to fix this.
The fast paste mode that is in Windows 98 is gone in Windows XP. Microsoft employees say there is no plan to fix this.
When using the command line interface, Windows XP doesn't always update the time. After several hours, the time reported to command line programs can be several hours in error.
There is a DOS program called START.EXE that can be used to start other programs. But it does operate the same way as in other versions of Windows. It starts a program, but cannot be made to return control to the command line program as previous versions did. There is no technical reason for this; it is just one of the shortcomings that are allowed to exist.
People often say that DOS has gone away. But Microsoft still calls the command line interface DOS, and in Windows XP Microsoft has added new programs for configuring the OS that work only under DOS.
Sometimes when you press a key while using Windows XP, it is seconds until there is any response. Apparently there is something wrong with the CPU scheduler in XP, because there are a lot of complaints about this in the forums and MS people have said that they are working on it. On one particular fresh installation of XP, on an Intel motherboard with either a Matrox G550 or an ATI Radeon video adapter, it requires 18 seconds to display a directory listing of 94 items. This is apparently related to a bug in the video software, not the adapter drivers.
Something is wrong with the Alt-Tab display of running programs under Windows XP. If there are a lot of programs, not all of them are displayed. The order jumps around in a seemingly random way.
Although articles often say negative things about Microsoft, I've never seen an article that fully documents how bad the situation really is. Microsoft's management is so bad that the company has become self-destructive. For example, Windows XP is spyware. Here is a list of ways Windows XP connects to Microsoft's servers:
1. Application Layer Gateway Service (Requires server rights.)
2. Fax Service
3. File Signature Verification
4. Generic Host Process for Win32 Services (Requires server rights.)
5. Microsoft Application Error Reporting
6. Microsoft Baseline Security Analyzer
7. Microsoft Direct Play Voice Test
8. Microsoft Help and Support Center
9. Microsoft Help Center Hosting Server (Wants server rights.)
10. Microsoft Management Console
11. Microsoft Media Player (tells Microsoft the music you like)
12. Microsoft Network Availability Test
13. Microsoft Volume Shadow Copy Service
14. MS DTC Console program
15. Run DLL as an app
16. Services and Controller app
17. Time Service, sets the time on your computer from Microsoft's computer.
18. Microsoft Office keeps a number in each file you create that identifies your computer. Microsoft has never said why.
19. Microsoft mouse software has reduced functionality until you let it connect to Microsoft computers.
These are just the ones I know. There may be others.
So, if you use Windows XP, your computer is dependent on Microsoft computers. That's bad, not only because you lose control over your possession, but because Microsoft produces buggy software and doesn't patch bugs quickly. For example, as of July 7, 2002, there are 18 unpatched security holes in Microsoft Internet Explorer. This is a terrible record for a company that has $40 billion in the bank. Obviously, with that kind of money, Microsoft could fix the bugs if it wanted to fix them. Since the bugs are very public and Microsoft has the money, it seems reasonable to suppose that top management at Microsoft has deliberately decided that the bugs should remain, at least for now.
It seems possible that there is a connection between all the bugs and the U.S. government's friendly treatment of Microsoft's law-breaking . The U.S. government's CIA and FBI and NSA departments spy on the entire world, and unpatched vulnerabilities in Microsoft software help spies.
Windows XP, and all current Windows operating systems, have a file called the registry in which configuration information is written. If this one (large, often fragmented) file becomes corrupted, the only way of recovering may be to re-format the hard drive, re-install the operating system, and then re-install and re-configure all the applications. The registry file is a single, very vulnerable, point of failure. Microsoft apparently designed it this way to provide copy protection. Since most entries in the registry are poorly documented or not documented, the registry effectively prevents control by the user.
Note that Microsoft does not support making functional complete backups under Windows XP. Look at Microsoft's policy about this: Q314828 Microsoft Policy on Disk Duplication of Windows XP Installation . Only those who work with Microsoft software will understand the true meaning of Microsoft's policy. Since almost all programs use the registry operating system file, if you cannot make a functional copy of the operating system you cannot make a functional copy of all your application installations and configurations. There are other software companies that try to fix this, but they don't work well, and Microsoft can, of course, break their implementations, as they have often done with other kinds of competitors.
Because the configuration information for the motherboard and the configuration information for the are mixed together in the registry file, the registry tends to prevent you from moving a hard drive to a computer with a different motherboard. That's another implication of the above Microsoft policy. So, if you have a motherboard failure, and a good complete backup, you may not be able to recover unless you have a spare computer with the same motherboard.
Note that Windows XP Professional can support only ten simultaneous incoming network connections. If you want more than that, you must use Windows 2000 server, and pay much, much more. (There is no Windows XP server yet.) Many businesses have very light network traffic; they just move files from staff member to staff member; they really don't need a dedicated server computer. The staff computers could easily handle the load except for this artificial limitation.
Apparently because the Windows XP GUI comes from Windows 98, Windows XP has the same problem with desktop icons that Windows 98 has. The icons sometimes flicker. Sometimes they move themselves around, particularly after the user switches monitor resolutions. Also, sometimes the taskbar settings un-configure themselves, as they do in Windows 98.
Only technically knowledgeable people know how to avoid signing up for a Microsoft Passport account during initial use of Windows XP. The name Passport gives an indication of Microsoft's thinking. A passport is a document issued by a sovereign nation. Without it, the nation's citizens cannot travel, and, if they leave, won't be allowed back in their own country. In Microsoft's corporate thinking, the company seems to be moving in the direction of believing that they own the user's computer. Most people are both honest and intimidated. Apparently about 95% do whatever they are asked on the screen. They give their personal information to Microsoft. They don't realize that, if they feel forced to get a Passport account, they should enter almost completely fictitious information, since the real question is not "What is your name and address", but "Can we invade your privacy". The honest answer to this is "No, you cannot invade my privacy", and the only effective way to communicate that is to give completely fictitious information. Since it is the educated people who have computers, Microsoft is building a database of the personal lives of educated people. Microsoft knows when they connect and from what IP address (which tends to show the area), what kind of help they ask, and information about what they are doing with their computers, including what music they like. It is not known, and there is no way to know, how much Microsoft or other organizations make use of this information, or their plans for future use.
Not only has Windows XP definitely gone further in the direction of allowing the user less control over his or her own machine, but with Palladium, Microsoft apparently intends to finish the job: Microsoft will have ultimate control over the user's computer and therefore all his or her data. Even now, under Windows XP, a recent security patch requires that the user agree to a contract that gives Microsoft administrator privileges over the user's computer . The contract says that if a user wants to patch his or her system against a bug which would allow an attack over the Internet, he or she must give Microsoft legal control over the computer. See this article also: Microsoft's Digital Rights Management-- A Little Deeper . You may need to be a lawyer to take apart the crucial sentence. "These security related updates may disable your ability to copy and/or play Secure Content and [my emphasis] use other software on your computer" legally includes this meaning: "These updates may disable your ability to use other software on your computer." Note that the term "security related updates" is meaningless to the user because the updates have no relation to user security. So, the sentence effectively means that Microsoft can control the user's computer without notice and whenever it wants. That kind of sentence is known in psychology as "testing the limits". If there is no strong public complaint about this, expect to see more and stronger language like this.
This Register article shows the direction Microsoft is going: MS Palladium protects IT vendors, not you . Absolute power corrupts absolutely, and Microsoft is well down that road. See this ZDNet article, also: MS: Why we can't trust your 'trustworthy' OS .
Microsoft's self-destructiveness does not mean that the user should be self-destructive. There is no need to apologize for using Microsoft software. The correct solution to abuse is persuading the abuser to stop being abusive. Once I posted to a Slashdot story a link to an article on a web site of mine. By far the majority of visitors from the Slashdot story used Microsoft operating systems. Rather than feel embarrassed because Microsoft is abusive, action needs to be taken to prevent the abuse. If you are against Microsoft abuse, you are not against Microsoft; you are more pro-Microsoft than Bill Gates.
These Microsoft policies mean that any government which wants to be independent of the United States government, and any government which represents itself as controlled by the people, cannot use Microsoft operating systems, or other Microsoft proprietary systems.
At parties, every so often I say I'm a greengrocer. Trust me - people are much more interested in it than with the answer "I'm in computers", and you also don't risk the dreaded "yeah, I've got a problem with my computer. I just can't get it to...<insert MS Word function here>".
Cheers,
Why isn't MSNBC reporting anything about it? They usually jump at the chance to prove they are unbiased even though (MSNBC is a joint venture between Microsoft and NBC)...
I'm a 2000 man.
There are two others with three digits. 411 is directory assistance. 611 is the number to call for phone system problems (you figure out the logic in that one...).
So, the creator of this prank could tie up lines that someone needs it for a real, life-threatening emergency, instead of playing a funny prank. I hope they nail his/her ass to the wall.
Virg
In fact, most states have regulations on the books that not only require that 911 services be made free to the caller, but that the service cannot be denied for any reason (ie, past due balance disconnection, etc). Pay phones must allow 911 to be dialed and connected without any coins deposited.
Only reason I know about this is because I work on a mediation & prepaid billing system for wireless and we had to implement a requirement for a nationwide carrier to specifically allow 911 calls to always go through, regardless of the sub's account status.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
Consider this: this exploit has been around for more than a decade. Also, not all modems are affected by this. Also, it's fairly easy to fix this hole in the modem's init string, so even if you have affected hardware it's a simple fix to disable the escape sequence.
Now, considering these three points, and most strongly the first, the case can easily be made that due diligence was not used. I have little difficulty believing that somebody working on this project in Redmond ran a BBS at some point in the past (BBS operators know about this because schmucks would knock your board out all the time if you didn't compensate for it). Therefore, it was either willfully ignored for some reason, or nobody tested it who was qualified to test systems that use modems to communicate.
In either case, they're at fault.
Virg
Sollt Ihre name nicht "gutentag" sein? Was bedeudet "guttentag"?
Virg
The article is very short on details, but if it is what it seems to be, it's just an old modem exploit, not hacked code. The idea is to send a ping with "+++ATH0" and then a modem command to dial 911 in the ping data. When the system responds to the ping, it sends back the data (including the escape string). Since the outgoing data goes over a dialup link, the return ping gets handed to the modem, and the modem sees the +++ATH0 in the data stream as an escape sequence/command sequence and responds by doing what it's told (in this case, hanging up and dialing 911).
It's bad, both to do such a hack (tying up 911 is very bad) and to have a modem that's not init'ed to prevent it, but it's not really a code hack.
Virg
More than welcome to use my bytewriter (eeprom burner connect via joystick ports) to copy it :) I'll even give you a eeprom.