You "Pain is just weakness leaving your body."
- Sean Kennedy, (TFM)
aka SKTFM
INTRODUCTION TO THE FIRST ISSUE of PA1N: a world of pa1n.
\----------------------------------------------------????
What exactly do we hope to accomplish with PA1N? Not a whole lot really,
or maybe everything. We have no agenda, we have no plan. There are those
among us who do, however, and one thing I, as editor in chief of PA1N would like
to do is support them, and offer a soapbox to these people. First, however, let me
explain how the group of us came to the idea of creating another online zine, as
if there aren't enough already. The concept has been done, it's been dragged out,
beaten, left for dead. But I feel confident that the people who are helping me,
and those that have provided the inspiration will lead this into a new direction;
integrity. We don't seek to make ourselves famous, fame is a crown of thorns,
it makes you a target. We don't seek money, power, just a few thousand bytes
on the ether. We seek to be heard, to create a forum for some of the cyberpunk
scene's most gifted, creative and brilliant denizens. A forum in which to have
a voice that cannot be bought. Cannot be sold. Cannot be silenced Cannot be
stopped.
Cannot be intimidated into oblivion or obfuscation.
The world is full of pain.
This is now a world of pain. The country is plagued with a dying and
disemboweled economy, as people starve only miles from the white house lawn.
The planet shudders every second as we race headlong toward it's ultimate --
and therefore our own -- destruction. But no one asked me if I wanted to fund
genocide. No panel or census told me my taxes would fund bioweapons, nuclear
holocaust, or even the very agencies that might seek to silence this new voice.
No one asked you either. We have been bought and sold, our rights have been
written off as a casualty of a war.
A war on terrorism.
Where there are no terrorists.
A war on drugs,
where the enemy is the lower class.
A war on freedom,
which sucks the life out of our society.
But we can take it back.
It's already started. This is fuel to the fire...
I used to write for The Midnight Raid, HAPPLE, HazMat, TSHG, Reptile, the
list goes on and on... I was lured away from the scene as it became plagued
with neophytes whom I hadn't the patience for which I should have. People who
had been fed by the corporate media what hackers were. What phreaks were, what
goths did, what a punk was, who a fleshtripper was, and that those who protect
themselves are terrorists.
The norm became piracy, pornography and the outlets of all kids. The
economy died, and every hotline server, scores of IRC channels and
until-then free websites were relying on banner ads and popup scams to pay for
the bandwidth; whilst the sysops and admins worked three or four jobs to pay
the rent. The scene died, so I thought.
But we don't die, do we? No we don't. The culture that was spawned ever
since someone realized a single person could change something; if nothing other
than their own lives, a culture of new ideas was born. Rebellion, perhaps. But
with a cause ripe with nobility and idealism. The packet switched network was
the catalyst for a worldwide insurgence of new ideas. Then in the 1980s, the
United States Secret Service launched Operation Sun Devil. They arrested Steve
Jackson of Steve Jackson games for a cyberpunk RPG. The FBI and Secret Service
joint computer crime task force arrested Phiber Optik of the legendary 'Legion
of Doom', and Knight Lightning of the cornerstone magazine Phrack.
Yeah. They did a good job of ruining the lives of people who had committed
no crime; they destroyed the lives of people who had committed non-malicious
crime; and they almost killed Kevin Mitnick by placing him in maximum security
with a man who nearly beat him to death for taking too long on the phone
(something to that effect.)
And now there's the PATRIOT Act of 2001, the Homeland Security Act, the US
DoD wants ident cards initiated as standard ID, and everyone is afraid. Or so
it seemed. Then a girl who'll be known as Sapphire told me something important.
There was something happening on internet radio, a new-ish medium. Rantradio
gave me the hope I needed, and the faith I had lost that there were still
people who want to band together. To make the world a better place, perhaps? Or
maybe to make a new world. To throw out the old rules and live as ronin,
warriors without masters, but to live by the beleif that it is your duty as
another human being to stand up for those that cannot defend themselves.
As RumblingSky once said, "I am a cell of rantradio." And we are growing.
Now the Sean Kennedy Show is the first in-studio audience, and popular
non-mainstream tv show, rather, internet television show about things that
matter. Things that are real. It was Jello Biafra that said it best though,
"Don't hate the media, become the media."
- Jello Biafra, former lead singer of the Dead Kennedys
originally from the H2K Keynote Speech, then later on a
spoken word album entitled "Become the Media."
By the way, I mean what I say. Nothing more. You don't have to judge me, but you will.
- alienbinary
[ Special Thanks ]
Thank you to the following communities, people and friends that have encouraged
myself and others to make this happen. Together, I think we can make something
happen: Turnspike, for actually coming through and helping me pull this one
together, Cheezi, one of my partners in crime, the owner of e-lite
Communications, who has given me more help in my life, more fucking bandwidth
than GOD and of all people, if anyone deserves to own the domain e-lite communications,
it's him. Nemisis, the master of tic-toc, Oscar, AIM, YIM, etc; whose exploits
ended up in the local newspaper, along with some code of my own. Temporary
celebrity is fun, when they don't know your real name. To GrinReaper, one of
the best friends I've ever had. And not someone to mess with. Don't worry man,
we'll get your car back eventually. I want to thank Cimmerian of RantMedia,
whose opinion I have and always will respect; Sean Kennedy The Fucking Man, who
has proven that it's not how hard you can hit, but how hard you can get hit.
- PA1N Editor, alienbinary.
!
alienbinary | jared@e-lite.org ------
| '--------- Brought to you by...
Turnspike | turnspike@spfd2600.org ------'
|
j|l_
????-------????--------------------???-------------------------??--?------?--
?|||||||||||||||||||||||||||||||||||||||||||||||||||||||pa1n.means.gain..?|||?
??-----?????????????????????-----------?????----------????------------------?
PA1Nv1x2----------------------------------------------------------------------
Understanding Password Strength
-------------------------------------------------------------------------------
Understanding Password Strength
by alienbinary
[ preface ]
A modern misconception among both IT and non-IT people is that the vulnerabilty
of a box is inversely proportionate to the strength of the encryption keys
utilized by the systems administrator.
However, the old idea of a "weak" password still holds more weight than the
cryptography employed. The reason for this remains simple. Think of a computer
as analogous to a building. If the sides are guarded with razor wire and
turrets and barred up, the physical strength and security of the perimeter is
very high. However, all that is required to get into this building is what
every building uses: a key. Think of a password as just another key on a
keychain, and you understand that even if you suture up your packets nice and
tight, anyone with root access can freely traverse un-encrypted data. So while
SSH using Blowfish or PGP is a safe way to secure packets in transit from being
hijacked en-route, any data being transmitted can be accessed straight from the
source if an attacker can 'SUID root,' with the right password.
In order to understand the nature of passwords, you have to get even simpler
than that. What is a password? Passwords used to be real words. "hello", or
"aardvark." Because of this, people often make the mistake of remembering a
password as an idea. In old UNIX environments, no one was particularly
concerned with strong passwords, dictionary attacks were long, arduous
processes, and they required rudimentary knowledge of DES, the Data Encryption
Standard as set forth by the NSA. Therefore, people often look around the room,
maybe for a picture or a statue. The average computer user in a cubicle at an
office building might simply choose the first word of the first book to catch
their eyes. If you sat someone next to an iMac and a Poster for Fight Club,
chances are pretty good that the person might choose "iamjackspassword",
"tylerdurden", or "soap" when password protecting anything.
However, security 'experts' have long since warned about the idea of using a
password that can be located within the dictionary. These people suggest
subsituting a number for a letter or vice-verse. They suggest adding a number
to the end of the password string. This, in theory, would make it more secure.
Before the real meat of the article, it is important that you have reference,
and basic understanding of strings and ASCII.
[ password ranges ]
In the ASCII Range, every possible character has been assigned a numeric value
ranging from 1-255. Even a carriage return is assigned a numeric value.
chr(13). If you allow only uppercase and lowercase letters, your range per
segment is 65-91 and 97 - 131.
A = 65 B = 66 C = 67 D = 68 E = 69 F = 70 G = 71 H = 72 I = 73 J = 74
K = 76 L = 77 M = 78 N = 79 O = 80 P = 81 Q = 82 R = 83 S = 84 T = 85
U = 86 V = 87 W = 88 X = 89 V = 90 Z = 91
a = 97 b = 98 c = 99 d = 100 e = 111 f = 112 g = 113 h = 114 i = 115 j = 116
k = 117 l = 118 m = 119 n = 120 o = 121 p = 122 q = 122 r = 123 s = 124 t = 125
u = 126 v = 127 w = 128 x = 129 y = 130 z = 131
Now, notice the gap between the two arrays? that's because...
0=48 1=49 2=50 3=51 4=52 5=53 6=54 7=55 8=56 9=57
therefore:
a password string consisting of only lowercase letters has a range of {97-131},
a password of only uppercase letters has a range of {65-91}, a password made up
of both sets of letters has a range of {65-91;97-131}. A potential password
character with only digits is {48-57}. So a password of all three arrays has a
range of {48-57 ; 65-91 ; 97-131}. The total number of potential characters in
such a string is (letters(26)+(26))+(digits(10))=62. Only sixty-two possible
characters, that's why the next section explores the entire range.
[ measuring strength ]
A string of characters is only as random as the following variables will allow:
range (255 max in standard ASCII) and length. The range of a string corresponds
to the minimum numerical value and the maximum numerical value; where the
length correlates to the number of possible letters/numbers/characters.
The number of possible combinations for a password is an exponential equation.
r = range
l = length
r^l=x
where x = the number of possible combinations.
So, if you only allow the lowercase alphabet characters into a password, and
your password is 5 characters long, the equation to find the maximum number of
potential passwords looks like this:
26^5 = x
{ just letters, lowercase }
26 x 26 = 676
26 x 26 x 26 = 17576
26 x 26 x 26 x 26 = 456976
26 x 26 x 26 x 26 x 26 = 11881376
26 x 26 x 26 x 26 x 26 x 26 = 308915776
26 x 26 x 26 x 26 x 26 x 26 x 26 = 8031810176
{ lowercase uppercase and digits }
62 x 62 = 3844
62 x 62 x 62 = 238328
62 x 62 x 62 x 62 = 14776336
62 x 62 x 62 x 62 x 62 = 916132832
62 x 62 x 62 x 62 x 62 x 62 = 56800235584
{ full ASCII range }
255 x 255 = 65025
255 x 255 x 255 = 16581375
255 x 255 x 255 x 255 = 4228250625
255 x 255 x 255 x 255 x 255 = 1078203909375
255 x 255 x 255 x 255 x 255 x 255 = 274941996890625
255 x 255 x 255 x 255 x 255 x 255 x 255 = 7.011020920710938e+16
There are limits to the types of encryption certain software will use, so there
is a varying degree in terms of how much room you have to be creative with your
passwords.
[ outro ]
So now we come back to the Fight Club Poster and the kid with the iMac.
len("iamjackspassword") = 16.
range of characters {97-131}.
Possible characters = 26 (the length of the alphabet.)
So just how strong is "iamjackspassword"?
26^16 = 2.147484e+9
So let's just modify the password. Same phrase, different characters.
"iamjackspassword" becomes "IamJacksPassw0rd"
62^16 = 4.767240170682353e+28
Now that's a little better. There's always punctuation, though...
- 2003 alienbinary
????-------????--------------------???-------------------------??--?------?--
?|||||||||||||||||||||||||||||||||||||||||||||||||||||||.l1fe.ofpa1n....?|||?
??-----?????????????????????-----------?????----------????------------------?
P41Nv1x3 ----------------------------------------------- o.O-------------------
The Department of Injustice, the Case of Mumia Abu-Jamal
-------------------------------------------------------------------------------
| |
X-o.O-X X-O.o-X
| |
+-----------'----------------------------------------------'--------------+
! "Don't tell me about the valley of the shadow of death. I live there. " !
! - Mumia Abu-Jamal, Live From Death Row !
+-------------------------------------------------------------------------+
PA1N Political Editorial
The Department of Injustice, the Case of Mumia Abu-Jamal
by alienbinary
[ Mumia Abu-Jamal ]
The world was given a wake-up call in the late 1990's, when Rage Against
the Machine and the Beastie Boys headlined a concert to raise both money and
awareness for the case of Mumia Abu-Jamal, a person for whom those that once
sang the praises of had turned a blind eye to his wrongfull conviction of
having shot a police officer to death. For the first time in years, music was
back again, as a voice to wake up a population all too happy to throw in the
towel and ignore the problems that eat away at the structure of our justice,
economic and social systems. I had never heard of Mumia Abu-Jamal before, and
as you might expect, almost no one else I knew had either.
The man in question was a former Black Panther, and then an active member
of a social justice organization called MOVE. MOVE was a police-brutality
awareness organization, a much needed voice against police corruption.
Abu-Jamal hailed from Philly, where the single most noteable thing about the
Police Department, is it's corruption. Although an FBI inquiry into the actions
of six Philadelphia detectives led to hundreds of cases with similarities being
overturned and scores of inmates being let free, Mumia Abu-Jamal is still on
death row, waiting for the legal lynch mob of the Fraternal Order of Police to
call a death toll. I can't really imagine that, no matter how hard I may try:
waiting under the most brutal conditions in the United States corrections
system to be put to death by the state of pennsylvania for a crime I could not
possibly have committed. But, as unimagineable as it seems, that is precisely
the case with Mumia Abu-Jamal.
In the last several years, the pressure has turned up on the case,
prompting federal and even international inquiries into the questionable
circumstances surrounding the controversial conviction. The scenario is already
an unbearable one, before the officer was killed. According to the defense, and
now it appears that the Justice Department has come to a similar scenario,
Mumia Abu-Jamal approached the officer in question, after driving home in his
taxicab, which he drove for a living. Due to a previous encounter, Jamal had a
.357 Magnum revolver on his person to protect himself from being robbed again
in his cab. The initial reason for the confrontation had been grounded in the
fact that Mumia had happened upon several police officers beating his brother
to death with his flashlight. This, incidentally, has remained undisputed.
Now here the story becomes confused. Mumia may have drawn his weapon as a
precaution to ward off the hostile officers. At this point, forensics experts
from the Federal Bureau of Investigation speculate that a firefight broke out.
Although some speculate that the initial firefight occurred before Mumia
arrived on the scene.
Clearly, two people were hit. One was a police officer, supposedly in the
line of duty, the other was Mumia Abu-Jamal, who had been shot in the liver. By
most accounts, a gunshot wound to the liver is extremely fatal. However, during
the time Mumia was unconscious, several things happened.
The prosecution would later claim that Mumia Abu-Jamal had fatally shot the
police officer and even bragged about his alleged murder on the way to the
hospital. However, there are no witnesses to this activity, with the exception
of a prostitute who had been paid off by the other detectives, and a crackhead
who is speculated to have actually been the killer. In reality, Mumia Abu-Jamal
was laying face down with his eyes closed, trying to stay alive, bleeding to
death and then suffered a severe beating from the accompanying officers. During
this time, he was only vaguely conscious, until he blacked out; he blacked out
long before the alleged admission of guilt in the ambulence. The EMS teams
recall no such admissions.
[ commentary on the case of Mumia Abu-Jamal ]
The fact that I kept tripping over my facts as I tried to assemble this
article is a testament to the very shakiness of the case in question. At this
point, for fear of adding more confusion to the fire, I'll propose several
simple questions:
1. Given that the FBI has evidence that would exhonerate the defendent,
shouldn't a retrial be called?
2. Since a hitman has since confessed to the shooting that Mumia Abu-Jamal
is waiting to die for, should he not be set free?
3. If representatives from the United Nations, Amnesty International,
British Parliament, the NAACP, etc. have spoken out for not only a retrial, but
an aquittal of the accused; shouldn't the Justice Department step in and earn
it's name for once? You would hope so. Unfortunately, none of this is the case.
4. Mumia has served 21 years on death row, a year over the maximum amount
of time allotted to a death row inmate. So why hasn't he been executed yet, if
time is up? That's what makes this case so transparent. They can rob a man of
his freedom and his life, but they cannot allow his death to catalyze a
worldwide insurrection. If anything is to befall Mumia Abu-Jamal, I cannot
possibly imagine the repurcussions the case would have on the world's view of
America. And there's the obvious possibility they know he didn't do it.
[ Sources for information ]
- Live From Death Row, by Mumia Abu-Jamal (1995) ISBN Number: 0-380-72766-8
- 育毛シャンプー、育毛剤の比較ランキング|【若ハゲ診断.jp】
- "On Mumia" (spoken word) by Jello Biafra, "Anti-Racist Action Benifit CD"
????-------????--------------------???-------------------------??--?------?--
?|||||||||||||||||||||||||||||||||||||||||||||||||||||||.pa1n.pa1n.pa1n...?|||?
??-----?????????????????????-----------?????----------????------------------?
P41Nv1x4 ----------------------------------------------- o.O-------------------
Marriage: Husband, Wife, and Uncle Sam? - Turnspike
-------------------------------------------------------------------------------
Marriage: Husband, Wife, and Uncle Sam?
With the president of the United States restating his stance against gay
marriage last week, I again wondered just why the hell our government is so
concerned about who marries who. Let me lay it down like this, beyond
recognizing it as an economic contract, the government has NO BUSINESS meddling
in the affairs of marriage.
The purpose of the U.S. Government was stated in the preamble of our
constitution as following:
"We The People of the United States, in Order to form a more
perfect Union, establish Justice, insure domestic Tranquility,
provide for the common defense, promote the general Welfare, and
secure the Blessings of Liberty to ourselves and our Posterity, do
ordain and establish the Constitution for the
United States of America."
Read that statement carefully, and tell me what part of that statement
provides the government the power to corral us all into pairs of two by our
gender in hopes that we mate. It isn't there.
There are a large number of people out there who are coupled, without being
married, and deserve the same benefits as married couples. Homosexuals, single
parents with adult children, people who care for their elderly
parents/relatives, long-term roommates, these are all people who can have the
same reliance on each other as traditional married couples, yet are ignored
because they are not Man and Woman who have submitted to a State-recognized
ceremony. Give me a break; this is just another jerk of the moral steering
wheel by a government known for immorality, scandals and corruption. And all
this because we aren't smart enough as citizens to either hook up with the
proper person of socially-defined standards, or be celibate? Bullshit.
Now is the time that our government should give up their demands that we be
with who they want us to. It costs untold time, energy, and money to make the
citizens of the U.S. walk their line and the numbers of the outraged are
growing by the day.
Just another message from your local Libertarian, looking to whittle our
bloated government down to a size we will all be happy with. Keep the
government out of your life, your wallet, your mind.
Turnspike
????-------????--------------------???-------------------------??--?------?--
?|||||||||||||||||||||||||||||||||||||||||||||||||||||||pa1n.magaZINE.!@#?|||?
??-----?????????????????????-----------?????----------????------------------?
P41Nv1x5 ----------------------------------------------- o.O-------------------
wardriving scans - PA1N Staff
-------------------------------------------------------------------------------
"The internet is growing everyday." You can here that line anywhere you go,
I guarantee it. It's the single easiest phrase to find yourself confronted
with, and it has so little meaning now, I often wonder exactly what the hell is
growing inside the internet (other than pornography.)
[ ed. apparently the thing that grows everday are the vat farms of wireless
local area network administrators who don't know that the default passwords are
public domain. ]
-------------------------------------------------------------------------------
You don't have to try very hard, whatsoever to find an article in the
modern media warning you of the dangerous hackers lurking in the ether, waiting
to break into your email address, or to snatch up your credit card info and
order more parts for their other 'terrorist' projects. Naturally these news
stories are entirely untrue, BUT they sell very very well. This being the case,
one would correctly surmise that the appropriate course of action for a society
so 'aware' of the dangers of insecure networks would be to secure everything
and lock it down tight to prevent intruders.
One can also correctly surmise that human beings are not logic driven
creatures.
In a world so obsessed with security, they should at least bother to learn
the basics of WiFi security. These were gathered over a really, really short
period of time, running an unintrusive wireless LAN detector. Once within
range, internet access was capable, without any verification at all.
Scan #1 location: Providence, Rhode Island (near the state house)
utility: MacStumbler v0.6b by korben
-----------------+-----------------+----+---+--------+---------------+-------
SSID | MAC |Chan|Max|Type | Vendor | WEP
-----------------|-----------------|----|---|--------|---------------|-------
amato 00:80:C8:B0:5C:B0 6 14 Managed unknown Yes
ConnectionPoint 00:60:B3:70:B2:44 1 15 Managed unknown No
linksys 00:06:25:A1:E7:18 6 16 Managed 3Com No
Home Airport 00:30:65:16:B0:DA 7 21 Managed Apple No
linksys 00:06:25:9C:F2:28 6 12 Managed 3Com No
satorinet 00:30:65:1C:AF:A4 1 10 Managed Apple No
PARMAS 00:90:D1:01:58:84 7 14 Managed Addtron No
test 00:40:96:5B:6B:F3 1 19 Managed Cisco-Aironet Yes
linksys 00:04:5A:26:82:EF 6 13 Managed Linksys No
WLAN 00:01:24:F0:13:40 5 16 Managed Acer No
PFS-G 00:06:25:3B:92:84 3 15 Managed 3Com Yes
QGO 00:02:2D:88:44:F2 1 20 Managed Agere-Lucent No
QGO 00:02:2D:88:44:CC 11 8 Managed Agere-Lucent No
linksys 00:06:25:76:7C:AB 6 12 Managed 3Com No
CSI-MA-POS 00:40:96:42:BD:79 3 16 Managed Cisco-Aironet No
tmobile 00:0C:30:86:B2:FC 1 21 Managed unknown No
-----------------------------------------------------------------------------
Scan #2 location: Warwick, Rhode Island (around the Warwick mall area)
utility: MacStumbler v0.6b by korben
-----------------+-----------------+----+---+--------+---------------+-------
SSID | MAC |Chan|Max|Type | Vendor | WEP
-----------------|-----------------|----|---|--------|---------------|-------
Tricom Wireless 00:03:93:E9:D3:9D 10 8 Managed unknown No
AVALON 00:06:25:7E:48:8F 1 12 Managed 3Com Yes
wpl1021 00:02:8A:4D:8F:AC 2 14 Managed unknown No
591 00:04:75:64:24:2C 1 23 Managed unknown Yes
MWSOFT Wireless 00:03:2F:02:B5:AB 7 12 Managed GST-Linksys No
linksys 00:06:25:B3:D5:3F 6 19 Managed 3Com No
NETGEAR 00:09:5B:51:4D:36 11 19 Managed unknown No
wireless 00:90:4B:33:6D:2C 6 27 Managed unknown No
default 00:80:C8:16:72:EC 6 23 Managed unknown No
mansella 00:80:C8:B0:A6:F6 6 26 Managed unknown Yes
WebCenter WIFI 00:30:AB:22:AE:8F 6 26 Managed Delta No
emery_pdx 00:40:96:58:46:6E 6 18 Managed Cisco-Aironet Yes
SST-PR-1 E6:01:B4:03:44:02 6 39 Ad-hoc unknown Yes
netsoftinc11 00:06:25:7B:5A:A5 11 25 Managed 3Com Yes
acq3 00:06:25:BA:4C:6B 11 18 Managed 3Com Yes
linksys 00:06:25:78:5C:83 6 10 Managed 3Com No
tlcrf 00:40:05:C5:83:01 6 18 Managed D-Link No
linksys 00:06:25:DB:8E:1F 6 24 Managed 3Com No
linksys 00:06:25:66:C1:14 6 46 Managed 3Com No
-----------------------------------------------------------------------------
Scan #3 location: En Route to Boston from Providence
utility: MacStumbler v0.6b by korben
-----------------+-----------------+----+---+--------+---------------+-------
SSID | MAC |Chan|Max|Type | Vendor | WEP
-----------------|-----------------|----|---|--------|---------------|-------
ATT 00:02:2D:8D:B6:D5 1 31 Managed Agere-Lucent No
linksys 00:06:25:5A:F4:31 6 27 Managed 3Com No
linksys-g 00:06:25:B9:6D:95 6 10 Managed 3Com No
Paul's Network 00:30:65:1F:3B:05 1 15 Managed Apple Yes
linksys 00:06:25:78:28:47 6 10 Managed 3Com No
SpeedStream 00:C0:02:C9:33:62 11 13 Managed unknown No
linksys 00:06:25:55:0E:40 6 14 Managed 3Com No
-----------------------------------------------------------------------------
????-------????--------------------???-------------------------??--?------?--
?|||||||||||||||||||||||||||||||||||||||||||||||||||http://PA1N.in.the.BRAIN!@#?|||?
??-----?????????????????????-----------?????----------????------------------?
P41Nv1x6 ----------------------------------------------- o.O-------------------
Corporate War on Literacy - by alienbinary
-------------------------------------------------------------------------------
