Letters: PONDERINGS

Opportunities

Dear 2600: I am David Wei.  I am involved with the Guiyang intellectual property bureau which is in the Guizhou province of mainland China.  I am getting in touch with you regarding property investment that was facilitated by myself and my colleagues a few years ago. We had started this process with a gentleman by the name of Mr. Norman Gerr a while back but had to suspend same due to unfortunate events concerning Mr. Norman.  I would respectfully request that you keep the contents of this mail confidential and respect the integrity of the information you come by as a result of this mail.  I contact you independently and no one is informed of this communication. We contact you however because you share a similar surname with Norman, please get back to me once you get this letter regard less of being related to Mr. Norman in anyway as this can be very beneficial for all involved. I await your response.       David Wei Sure, we sometimes print spam, only because its unique, funny, or perplexing.  So the letters department has a similar surname to Mr. Norman Gerr?  But apparently that doesn't even matter since these people want us to contact them regardless of whether or not we have any relationship to this guy.  And just what "unfortunate events" befell poor old Mr. Norman in the first place?  If only we had the time to thoroughly investigate each of these little stories.  What's particularly intriguing here is the fact that the scam isn't leaping out at us.  Usually, there's a request for login info at a thinly veiled fake domain, or a .ZIP or .EXE file we need to open right away, or even simple banking info so our account can be pilfered.  In this case, there was none of that, just a request to write back (to an email address that is in Mexico for some reason).  Perhaps the scam begins in the second act.  Regardless, this could be the start of something truly amazing.  After all, it 's what Mr. Norman would have wanted.

Dear 2600: I am happy! :-)       Happy Man       <happy@kaundaemail.info> We're pleased to hear this, but again we're wondering what the angle is here.  There's no attachment and no instructions to do something that will wind up hurting someone or infecting their computer.  Could this be someone who is just genuinely happy?  We hope so.  Enjoy all of the email you will soon be flooded with.

Dear 2600: I have written various web security articles on my blog that I would love to see published in 2600 with edits where appropriate.       Amer We'd love to publish them, but we must insist that any articles submitted not appear online or in another publication until after they've been printed here.  We support recycling, but not that kind.

Dear 2600: I am a technical writer with over ten years experience in the Information Technology sector. My background is in the real-time deployment, administration, backup, print server administration, and multimedia authoring for heterogeneous client/server local area networks based on the Original Equipment Manufacturer resale model. I am interested in submitting articles based on for publication with respect to: "2600:Magazine" based on the following content:       Christopher We're going to stop you right there as we don't think our readers need to see the next 14 paragraphs (we're not kidding).  Something tells us you've never actually read a copy of our magazine.  If so, you would know that we're not anywhere near as formal as this, and that our language tends to invoke a lot more excitement than what you've given us here.  For example, you go on to say: "Based on the relevance of the technocratic corporate policy and corporate governance of the marketspace defined as the information technology market sector with respect to quarterly earnings summaries and the corporate vision for the market product line."  That one sentence will put children to sleep almost every time.  In fact, it's so dull that it took several readings before one of us noticed that it actually isn't a sentence at all, but merely an enormous phrase - meaning it will need even more words to get to a point. We don't mean to be overly harsh, but it is rather enjoyable, particularly since we believe you've probably sent this same identical request to a number of publications.  Let this serve as an example to prospective writers of what we don't want, either in presentation or in content.  There is so much of excitement to cover in the hacker world, from history to new technology to mischief to legalities.  We find that most of our writers put together pieces where you want to keep reading to see what happens, not simply to get it over with.

Dear 2600: I'm a special education teacher who attended the second HOPE conference many years back and who might be in a position to teach cybersecurity and cryptography to kids in New York City's public school system.  I'll explain how, and I'm also writing for possible assistance.  Last summer, I enrolled in a summer workshop for teachers at NYU Polytechnic that focuses on robotics and mechatronics.  While there, I also found that NYU Poly offers a similar summer workshop for teachers focusing on cybersecurity.  The teachers in that program learn the basics, and then help to design lessons that teach white hat hacking to their students.  Although I plan on hopefully returning to mechatronics this summer, there is the outside chance that I may well enroll in the university's ethical hacking program instead.  If I'm selected, I'd then be expected to help teach coding to my kids at our elementary public school, something I've already taken steps toward. I'd like to propose a partnership between 2600 and NYU Polytechnic.  Since I would teach ethical hacking and cryptography, it would be great if someone from the magazine or one of your HOPE conferences would consider guest lecturing at my school, either by Skype or in-person.  It would require no more than an hour that would take place at that person's convenience, and the more people who wish to get involved, the better.  The goal would be to produce a new generation of hackers, which would mean more 2600 readers and HOPE attendees.       Lee This could be an interesting project, if done properly.  We've always had a dim view of the term "ethical hacking," but it would be foolish to get caught up in semantics.  Of far more importance is the ability to reach people in their formative years to hopefully steer them away from the many misperceptions that are aimed at us through the mass media.  We can think of nothing more healthy than kids learning how to use encryption to protect their privacy from individuals and institutions that seek to take advantage of them.  If that is the aim here, then we support the idea. Unfortunately, we ourselves cannot commit to much more than this, but this is why we have our monthly meetings throughout the world - so that people who get what we're all about can connect, exchange ideas, and embark on projects just like this - and hopefully do it right.  We suggest heading over to the New York meeting on the first Friday of the month and meeting some of the people there who are more than qualified to work on this.  The same holds true for similar projects (and very different ones) in other cities.  The hacker world is filled with amazing and inspirational people.  We hope to hear good things about how this has turned out.

Dear 2600: Just confirming, we have dinner reservations at 10PM?       Timothy Castro       <email@e.advenze.in> Timothy, we're so sorry the entire editorial department here stood you up, but we lost track of time while trying to figure out the angle of whatever scam this one happens to be.  No attachment, no website to go to, but a really snazzy email address.  Perhaps we're supposed to go to that site in a browser?  But that would only pull in those people who were curious like we are.  All we know is that these weird emails are keeping us up at night and preventing us from getting any actual work done.  Well played, NSA.

Dear 2600: I have done some alpha and beta testing of games and some software/hardware beta testing.  I would like to put some of those experiences down in an article and submit.  Maybe even a separate one on my Walmart experience (not one hundred percent hacking, but Walmart pays me to talk about improvements to their store to them).       J These all sound like great ideas to us.  We're waiting by the email box.

Idealism

Dear 2600: In the hypothetical world of whistleblowing; if an individual wanted to anonymously send a company-wide email blowing the whistle on wrongdoing and mismanagement, how would (s)he go about that without spam filters blocking several hundred emails coming from the same source?  It's like the movie Jerry Maguire, but (s)he doesn't want to be a martyr.  Thanks.       Tom Cruise It really depends on how the spam filters are set up.  You might try testing them out first with something that doesn't draw much attention, but that isn't obvious spam.  If your account gets a copy, then odds are everyone else did as well.  If that doesn't work, perhaps not sending them all at once would be the answer, assuming you had to use the same account to send from in the first place.  One other option you might want to consider is to simply create a website with an easy-to-remember name and have word of that site leaked in various ways to employees.  That way it doesn't matter what defenses are in place - the info is someplace else out of their control.  Obviously, we assume you've got the basics down insofar as covering your ass.  IPs are often revealed in emails and domain registrations can be uncovered as well.  Good luck with your mission.

Responses

Dear 2600: Thanks to Kevin for his article in 31:3: "Forensic Bioinformatics Hacks."  I remember hearing about the article retractions that resulted from your analysis, but never heard the inside story of how the errors were uncovered.  Your article was a fantastic example of the value of publishing scientific data, and the need for also publishing (and vetting!) the code. My own scientific dataset wrangling often involves ad-hoc creation and destruction of spread-sheets, arbitrary sequences of grep/cat/cut/sed/awk/etc., and other hard-to-replicate processes.  So, perhaps it's impractical to have all phases of software for data analysis be submitted with an article.  The real "programs" though - whether MATLAB or C or whatever - should be easy enough to capture and provide. I'll share your outcomes with the bioinformaticians at my workplace and elsewhere, so they can better understand the value of correct and replicable programming.  Plus, of course, the benefits of diligently following the discovery paths taken by colleagues and predecessors. It's remarkable to me that modem use of computers has resulted in less replication and examination of base assumptions than by prior generations of scientists and engineers.  Reverse engineering the analysis shouldn't be necessary to provide one of the most fundamental requirements of science: replicability.       Estragon

Dear 2600: I, for one, would be all for having a CD-ROM subscription of the digest PDFs and back issues.  I mean, they used to have CD-ROMs of USENET years ago, so why not?  Bonus points if it's a pressed disk like Wolverine Bates suggested.  Downloads are fine if you have the bandwidth and keep backups (and you do keep backups, don't you?), but they can't match the availability and reliability of a physical copy. Anybody else?  Let's make this happen!       Mistman the Magnificent

Dear 2600: In the January 6, 2015 issue, "sueicloud" wrote a letter about using a MAC address to obtain "unlimited" free Wi-Fi in hour-long increments.  Your response was reasonable, but I noticed an interesting detail hidden in that article. As one of the "suckers" who pays for service, I did some research on Comcast's FAQs and found out that, by default, Xfinity's current line of routers/modems ship with a somewhat hidden feature enabled - similar to a guest account.  This basically turns your own home router into the Wi-Fi hotspot described in sueicloud's letter. Granted, your own home network should be isolated from those on the guest network - as long as you trust that Comcast did not leave any security holes in their firmware (or don't worry about the zero-day vulnerabilities that eventually get discovered!). But for those of us who would rather not share our Wi-Fi bandwidth with the world, this feature can be disabled at your account on Comcast's website. On the surface, this seems like an innocuous feature - Comcast is simply trying to create a network of Wi-Fi hotspots across their service areas, which is certainly an added benefit for their customers.  Anywhere you see an "xfinitiwifi" AP, one can use their own credentials and get wireless Internet.  However, this feature looks a bit darker when you discover that they are implementing this by turning their customers into unwitting hotspot providers whenever they install a gateway/router and hiding this information in the mountains of fine print you get for signing up.       Neil N. That is indeed fascinating.  We wonder if other cable companies do the same thing without really telling their customers.  (We also find it interesting that digital subscribers often refer to an issue of our magazine by the date it shows up on their device rather than the season or issue number.)

Dear 2600: Kudos to 2600 for printing photos of the Malaysian payphones (and to Bryan Rhodes for somehow taking them)!  I never cease to be amazed at the technological wonders and sky-high aspirations of teleconglomerates.  I mean, wow!  A payphone in the exosphere!  The Soviets beat us with Sputnik, and then to rub it in, Malaysia goes and puts a payphone up.  This is why we need to fund NASA, people!       ghostguard

Dear 2600: I am a U.S. Bank customer and I login to the website using Linux.  So I am not sure why "A Friend of Freedom In Cottage Grove" (31:4) says they don't support Linux.  He provided a link to the U.S. Bank login help page, so I'm guessing that is the place to go if anyone has problems logging in regardless of the OS platform in use (or just call the bank - I've always found the U.S. Bank to be reasonably helpful with any online banking issues).       David

Dear 2600: The file concatenation trick described in the article "Taking Your Work Home After Work" (31:4) by GerbilByte is one of my favorite tricks in circumventing the file attachment restrictions on my employer's email system.  They do matching on file types, based on the file extension, and js files are blocked, even if inside ZIP files.  So we use file concatenation of a JPEG and a ZIP - I used a picture of a mule, which seems appropriate - it being a mule in more than one sense of the word. To unpack the files, we have a simpler method than that described in the article - use WinRAR and open the JPEG.  Sounds weird, I know, but WinRAR looks at the file and recognizes the ZIP file content and shows that.  Then it is easy to extract the ZIP'ed files.       Rob

Dear 2600: I am a regular 2600 Kindle edition reader/subscriber/fan.  I read every issue from virtual front to back (even though I admit sometimes I skim sections that are beyond my comprehension, especially the technical programming points).  However, I wanted to make a couple of comments from 31:4 (digital edition). First, I had to do a double-take when I noticed the header throughout showed up as January 1, 1970!  Oops! Second, and more substantially, I want to challenge a small but important point arising from the editorial in 31:4.  There you say, "It seems as if anyone believes they can now be a filmmaker.  But of course, not everyone is a filmmaker.  Just as not everyone on Flickr is a photographer, not everyone who has a blog is a writer, etc."  You then go on to say that ease of access to these online venues does not equal quality of contribution.  Granted. But my question is: What is the point at which someone actually becomes a photographer, writer, or filmmaker?  Since when does quality of contribution constitute whether one is actually engaged in those activities?  Your way of putting it might seem common-sensical: just because someone can put a video online doesn't mean it will get a million hits or win a (((Pulitzer))) or Oscar.  That is so obvious that it barely goes without saying.  Internet utopianists who believe that somehow the Internet has or will put everyone on equal level are increasingly being shown to be wrong.  Inequities exist on the Internet as they do everywhere else. That said, I still ask, when is it that a person becomes a filmmaker or writer or photographer?  Does the number of views or readers constitute when a person becomes a photographer or writer?  I refuse to allow that to be the criterion.  No, it is not the size of an audience that matters, but the action of the creator that constitutes a writer, a photographer, a coder as a writer, photographer, and coder.  Even a Flickr photograph viewed by no one else other than the creator herself, or a crappy blog post read by no one but the author himself, or a small C++ executable that does nothing more than say the proverbial "Hello, world! " are all still products of someone who chose to do something rather than nothing.  And the fact that "novices" may not produce something of the "quality" that will please the hordes does not negate the fact that these individuals actually bothered to get out of bed and do something! Not everyone is a pro, true.  But I would rather applaud the person who produces a cheesy YouTube video or writes a piece of code that does nothing more than flash random numbers on a screen than try to assure the flimsy self-esteem of the millions who spend their days doing nothing but consuming Dr. Phil or Oprah and who rarely attempt to learn anything new beyond how to fill their mouth full of potato chips with greater efficiency. My perspective is as follows: To draw an invisible line between the filmmaker and non-filmmaker, between the writer and non-writer based entirely on quality - goes against the very spirit of hacking which I have discerned in the pages of 2600.  On the contrary, I've learned from 2600 that hacking means trying something new, learning a new skill, being inquisitive and taking a risk.  The beginning blogger posts her or his first blog post often with trepidation because they so often assume it isn't "good enough."  Of course it isn't - it isn't good enough to win a Pulitzer.  But it is better than writing nothing at all.  So what if no one reads it!  I say to that person, then write some more and make it better and maybe next time someone will read it and be entertained, informed, or maybe even moved to action.  But let's not stoop to the level of allowing some literary elite to say, "Well, he/she is obviously no writer." Let me add another slightly different perspective.  Doesn't "hacking" (at least the kind which 2600 wishes to promote) include with it a social dimension of "encouragement?"  My 12-year-old daughter is a beginning photographer - and yes, she is a photographer because she has a camera and takes pictures!  (Just as a blogger is a writer and a person who writes her or his first program is a coder.)  Are all her pictures high-quality and stunning?  Hardly.  Has she taken some pictures which I look at and go, "Wow!  Cool!" or "What a different perspective!"  Yes.  I do not subscribe to the belief that we should tell kids that everything they do is excellent.  That is obviously not true.  But I do encourage her when she makes improvement or does something cool with her camera.  And when she does, is that not actually a manifestation of the spirit of hacking itself? As for me, I am a 47-year-old senior executive in higher education with a plethora of interests from writing to ham radio to electronics to coding to photography to exercise to astronomy to urban planning to mechanics to woodworking to... well, the list goes on.  In most of these (with the exception of writing in which I am actually often paid to write), I am far from "professional."  But I am a photographer, an astronomer, a woodworker nonetheless. I'm not trying to brag about the breadth of my interests and accomplishments (far from it; at best, I'm barely a novice in most of these areas).  Nevertheless, I have benefited tremendously from actually trying to learn a bit more about all of these interests, to find better ways of doing things , to fix things instead of throwing them away, and to enjoy doing them and even occasionally have others enjoy the fruits of what I do as well.  In that regard, "hacking" is not about being professional or non-professional; it is not about high or low quality; it is not about greater or lesser expertise; it isn't even necessarily about technology itself.  Hacking is about trying something new, about learning from mistakes, about encouraging others in their successes or encouraging them to learn from their mistakes.  Most importantly, I think, hacking worth its name is about contributing to the common good of our society as a whole, even if it does give greater joy to the one doing it. One last thing - and I left this to last, lest I lose some readers too early because of bias or prejudice: I have a deep commitment to Jesus Christ and am a professional theologian.  For many, that fact may negate everything I've already said, or somehow disqualify me from the conversation because they think I'm a religious nut.  Whatever.  I'm fine with that.  To those who think I'm deluded or wonky, you are entitled to your opinion.  You don't have to share my theological frame of reference for me to uphold your dignity and the fact that you have your own brain, your own opinions, and your free will to believe whatever it is you have chosen to believe.  I simply say: Don't stop learning or exploring because in the end, the opposite of hacking is not a closed mind, but a mind that refuses to accept that it, too, has its own biases and prejudices and which thinks that the only truth is that which lines up with the present state of one's own brain.  I know that many religious people are just like that: They equate the content of their brain with the truth, but the reality is such perspectives are found everywhere, in religious and non-religious people alike.  Hackers, on the contrary, whether religious or not, at least admit that they could be wrong.  But they also seek the truth with the conviction that it does in fact exist.  If it didn't, what would be the point of any form of inquiry at all? I end with a point that I doubt has ever been made in the pages of 2600.  Was it not Jesus Christ who taught us the golden rule: Do to others as you would have them do unto you?  Perhaps not many would have thought of Jesus in this way, but I think (and this is an opinion only, not some kind of dogmatic statement) that Jesus the carpenter from Nazareth was probably a "hacker."  Scripture says that he "grew in wisdom" and I think in part that even he learned how to do things better, not only for his own pleasure, but also for the good of others.  And in the end, isn't that what "hacking" is all about?  About not only learning and trying new things, but also encouraging others to do the same?  And then to share in the joy of such discovery and growth? Maybe I've made a mountain out of a molehill.  As I read this over, I find there is so much more to say and that even my own argument may be weak or missing the point.  If so, oh well... at least I enjoyed thinking this issue through in print and hopefully entertained or even caused someone, somewhere, to see or think about something in a different way.  And if that is the case, then it was worth writing a letter to 2600 rather than writing nothing at all.       Saskman First off, we applaud you for writing a thoughtful letter to us, especially as a digital subscriber.  There are many who believe that the digital world is leading us down a path of anti-literacy and it's nice to see that disproved. There is little you've written that we can honestly disagree with.  We feel you may be taking our point in the Winter editorial a bit too literally.  Yes, technically, anyone who can pick up a camera and take a picture is a photographer.  But with virtually everyone now doing that with their phones for every inane bit of subject matter imaginable, there needs to be a way of defining true art from a mere fad or an activity that has no passion behind it.  Perhaps just inserting the word "good " or "decent" in front of the skill in question would serve that purpose.  Our point was that so much is being drowned out with all of the noise out there and that it's really easy to become discouraged.  What we're hoping for is that hackers, artists, and professionals of all sorts pursue their passions and not feel as if their goals are insurmountable because so many others seem to share them.  Easy access to technology will open a lot of doors, but in the end it's those who stick with it who will contribute something significant.  It doesn't happen easily or overnight, and often it takes a lot of trial and error.  We appreciate your taking the time to make us think this over some more. As for the 1970 header you saw, we have no idea what that could have been, but it didn't show up that way on any of our devices.  If anyone else noticed any oddities, please let us know.

Dear 2600: I am sick of reading yet another article by lg0p89.  This guy must submit a bunch of articles every quarter in hopes of getting published.  Every time I see his name as the author, I know that I'm about to read yet another content mill worthy article.  I suggest limiting authorship of a published article to every other issue so that more individual voices may be heard. In order to help rectify the situation, I offer an article of my own.  However, I currently cannot write it without serious jeopardy to my upcoming release from federal prison.  In 29:3, an article on the TRULINCS computer system in the Bureau of Prisons was published.  I developed an automated program which operated through the public messaging "email" system.  I obtained a root shell to my own VPS with only the minimum approximately three hour delay.  I followed the prison rules to the letter and officials were unable to sanction me.  Unofficially, without due process, against policy, and in violation of my rights, my email access was removed.  I have spent two years appealing, only to be subjected to lost paperwork, arbitrary denials, and stalling tactics.  They won, as I'll be released before I can file in court, thus mooting the issue.  I hope the readers look forward to my article on hacking the BoP. P.S.  I should have finished issue 31:2 before writing in to complain about lg0p89's prolific writing because on page 53 there is yet again another of his many e-how.com worthy articles.  I am beginning to suspect that lg0p89 may actually be an article generating bot.  Bots which write sports news articles exist, why not 2600 article writing bots?       Delicious Cake We hope none of our authors are non-human, at least for now.  The "every other issue" authorship idea is an interesting one which we'll look into.  As always, we'd like to know what our readers think.

Dear 2600: I read about the Source Interlink issue and have purchased a lifetime subscription to avoid their bullshit and help keep 2600 going. I've been reading your articles for longer than I care to admit.  I have enclosed my cards and bookmarks for your staff and would appreciate any warm referrals.  We small business owners need to stick together.       Russell Nomer       Information Security & Management       Advisory Services       www.russellnomer.com Hopefully, this will result in many referrals.  We thank you for your support.

Facts and Theories

Dear 2600: Want to know the real reason why Sony withdrew The Interview?  The reliable rumor is that Sony caved in because those terrible "hackers" found documents that proved Sony was a corporate criminal!  The docs showed Sony was guilty of cyber-terrorist acts against torrent sites, private individuals, and other companies, especially Google!  Sony was also involved in more serious federal crimes like illegal campaign donations, money laundering, and influence peddling! Sony, in effect, decided it was better to look weak and to cave in than to suffer from a federal criminal investigation, an investigation that could result in both civil and criminal penalties, as well as risking a drastic drop in the value of their stock! Sony's CEO reminds me of The Godfather movie when Marlon Brando says, "It was just a business decision."  Yeah, right!       Jay Jay That's some reliable rumor source you've got.  So now that the film has been released after all, where is all of this evidence that was supposed to be released?  And why would Sony have ever believed that they'd be safe by following these conditions?  Our reliable rumor source tells us that Sony lives in fear of bad press and initially withheld the film because they believed that would be the result, especially if all of the secret North Korean operatives began to blow up theaters in the States.  When they began to realize that this scenario was more farfetched than the one presented in the film (and when websites like ours began to offer to take the heat for them by showing the film online), that's when the damage control pendulum began to swing the other way.  We also believe this is why that massive hack, initially spun to show the world just how evil and dangerous hackers were, turned into an inconvenience that barely affected their bottom line.  Once people started to ask a few questions as to how such a thing was possible in the first place, blame became a lot less important than repairing the company's image.

Dear 2600: I just got an envelope from a friend through USPS.  She's a homeopathic practitioner and had sent me a few grains of a remedy for lingering after-effects of the flu that's going around. I was interested to observe that the envelope had been carefully pierced, from the back side, through a couple of layers of paper and into a tiny manilla envelope within that contained some small homeopathic grains.  The pierce-holes are rough-edged, around 4 mm x 3 mm, with a sort of hanging chad.  The small inner envelope was targeted.  The holes did not continue forward through the front side of the envelope. Is this a common thing, that some sort of probes are inserted into envelopes to check their contents?  Big Brother is everywhere and I'm sick of it!       M. Years ago, we might have said this was a paranoid theory.  (Hopefully, we would have known better.)  Today, it seems well within the realm of possibility.  It also seems quite likely that the majority of people would support such a thing, "in the interests of safety."  The only way to be sure is to repeat the scenario a number of time s between different parts of the country using the exact same contents.  Apart from driving the authorities crazy, we get to learn just what it is they're up to.  At least some of it.

More on 2600 Meetings

Dear 2600: Last time I checked the 2600 meetings list, there was still a meeting in Trondheim, Norway.  Is it possible to contact the person who last supplied details about this meeting through you?       Tim This is only possible if the meeting has a website and has elected to put personal contact info up on it.  We don't act as a go-between nor will we give out anyone's personal info.  As meetings have no leaders, your best option is to simply show up and see who else is there.  Since this particular meeting was discontinued a while back, you would also need someone to pick a place and start getting the word out.

Dear 2600: Could I some how be put in contact with someone from the Virginia Beach meetup?  I showed up to the Pembroke Mall and could not find anyone.  There isn't a food court in this mall and hasn't been in about two years.  So I went to where the food court used to be with no luck.       Tim First, let's be a little petty and get the terminology right.  Meetup is a product.  Meets are for track teams.  What you're talking about is a meeting.  And even that's not entirely right because meetings tend to have a lot more organization than what you'll find here.  It's actually more of a gathering.  But we like the word meeting more and it's what we've been using for more than a quarter century, so we'll stick with that. Now then, to answer your question, we're sorry to say that after hearing similar reports of a nonexistent meeting place and a lack of attendees, this meeting has been delisted.  All is not lost, however.  Since other people have been reporting the same thing, that means there are other people in the area who are still interested in going to the meetings.  So if you or someone else were to find a decent location and start getting the word out, the meetings could very well come back to life in your area.  We wish you luck and hope to get word of this in the future.

Dear 2600: Two people showed up today, but most locals still go to the local Makerspace.       Lou Two people is admittedly a low turnout - in fact, it's the lowest possible turnout you can have while still using the word "meeting."  But it's something.  Makerspaces and hackerspaces are great places to learn and work on projects, but they are completely different from the monthly meetings, which are more about being out in public and meeting new people, sometimes even ensnaring them as they pass by.  This is why we discourage meetings that take place in establishments that aren't out in the middle of a lot of unrelated activity.  The monthly meetings are ways of finding and welcoming new people who may have never met a hacker in person before.  This has worked well in so many places over the years, and it's proven quite essential in portraying what the hacker world is to the uninitiated, which often includes the media.  In this particular case, we see that there are no activities taking place at the local space you mentioned for the first Friday of the month, so there really shouldn't be any difficult choices that need to be made.

Dear 2600: Hi, I'm interested in starting a meeting.  Could you tell me what I need to do?       Lou All of the details can be found at our meetings page at www.2600.com/meetings.  The most important thing is to keep us in the loop as your meeting starts to come together.  We only list meetings that have enough organization to ensure that at least a few people are showing up at the appointed location and that someone is able to email meetings@2600.com with updates.

Dear 2600: I recently bought an issue of 2600 and noticed that the meeting information for New Mexico is outdated.  The Quelab Hacker/Makerspace has changed its address and the meeting times are Sundays at 7 pm, as this is when the facility is open to the public for "Hacknight."  I'm not 100 percent certain that there isn't another 2600-specific meeting on other days.       Nolan This is exactly why meetings at these spaces can be problematic as they have their own schedules that don't always fit in with meeting days.  As our meetings are always on the first Friday (first Thursday in Israel) of the month, having one on Sunday only for this location would needlessly complicate matters.  The "Hacknight" activities have their own place and shouldn't be combined with what we do with the monthly meetings.  That seems to be in synch with the way the space is run, as there is no mention of 2600 meetings taking place there.  If you restart the first Friday meetings, we'll be happy to relist them, although we do suggest having them in an open and public area.

Dear 2600: This may be news or not, but the Plano, Texas 2600 (one city north of Dallas) is now attempting to call themselves the North Dallas 2600 group and the Dallas/Fort Worth 2600.  This is an issue and is a clear and deliberate attempt to discredit and draw attention away from the Dallas 2600 group, which has been clearly established locally (and mostly with you guys too, with some lapses from laziness) since the late-1980s.  Please have them represent themselves as Plano 2600 only, otherwise it create s issues.       Matthew We don't know what kind of territorial issues you're having over there, but they're really not anything we have an interest in.  When the Dallas meeting fell off the radar, the Plano meeting was listed as "Dallas (Plano):" as it's a suburb of Dallas and we prefer to list the name of a nearby large city when possible.  When the Dallas meeting reestablished contact, it was listed as "Dallas:" and this other meeting was listed as "Plano:".  They can say they're the Pluto meetings if they want, as long as they follow our meeting guidelines.  They obviously have to tell people where they are and anyone paying attention will find out it's in Plano.  We don't see how that discredits or pulls people away from your meeting.  We suggest you find a way to live with this, as we're not interested in turf wars, especially not any that have our name in them.

Dear 2600: The Philly meetings are going well.  Making recurring stops and having good chats.  I enjoy the crew self-moderation.  Lively dialogs about really anything. Meetings are a lively way to get out on Friday nights.  If you are out, make it a social night with new friends.  If someone troubles you, it is O.K. to not talk to them.  This is the world and everyone is not for you.  Use your own judgment and have fun.  It should be pretty easy and natural.  Give it a gander.       Pic0o

Dear 2600: I was hoping to restart the 2600 meetings in Scotland, particularly the ones in Glasgow.  However, I remember there often being people who commuted to Glasgow from Edinburgh.  Would it be O.K. to have a monthly switch meeting from Glasgow to Edinburgh and back?  And could this be reflected on the meeting page?       TheGeek This sounds like it would be unnecessarily complicated.  We don't know if you're proposing having two meetings a month, alternating months between two cities, or having the meeting on a train going back and forth.  Regardless, it's certain to confuse people.  There will always be those for whom the first Friday arrangement is inconvenient, as well as some who aren't able to make it to the location.  But if there are enough people who are able to work it out, there's no reason not to go ahead and have them.  Both Glasgow and Edinburgh are big enough cities that are enough of a distance away from each other where meetings could exist in each of them.  We suggest you focus on getting Glasgow going and then hopefully you'll find someone who can help build up Edinburgh.  You should be able to find hordes of Scottish hackers.  We look forward to hearing all about it.

Issues

Dear 2600: My two Facebook pages have been stolen. Facebook has a serious security problem and a deceiving lack of care for its users. I have worked four years to obtain respectively 113,000 and 138,000 likes on two Facebook page s to support my two websites: www.petyourdog.com (online since 2002) and www.kuromanga.com (a project in development). The thief is presently using those pages and he is posting lots of garbage that has nothing to do with dogs or manga.  This is ruining the image of my sites, especially petyourdog.com that has a solid reputation for 12 years and is one of the major resources for dogs on the net. Facebook has obviously lots of care for the many billions of dollars they are making each year, but not too much for its users. There is literally no means or ways of contacting anybody at Facebook. They do not have any phone number whatsoever and their help is a big maze of filtering that basically says, "Do not bother us with your problems." The best answer I found on the Facebook site is "Please contact one of the administrators of the page to get your admin privilege back."  The major problem I have with that answer is that the existing and only administrator of my two pages is a criminal and a thief.  I would doubt he is going to kindly give me my pages back. I have been working on those projects for over ten years now and there is no way I am going to let this keep happening.  The only solution I presently have is to get their attention through the media. My Facebook pages are: www.facebook.com/petyourdog and www.facebook.comlKuroManga.  Facebook makes tons of money with their users.  On top of that, I was a good customer for them, helping them to advertise.  I cannot even send them an email concerning my problem.  This is outrageous!       Richer Dumais We have to admit that we initially felt compelled to write a very sarcastic reply to this problem as it starts off sounding pretty absurd.  We would have said things like: Is this really what you spend your time worrying about?  Or: You actually "worked" for four years to collect nearly a quarter of a million"likes" and you can say such a thing seriously in a sentence? But then we realized that this is how a lot of people spread the word about their projects and businesses, in addition to their lives.  And perhaps now we can all see that nothing comes without a price, especially when it's handed out for free. One important detail we feel you should have included is just how these pages were taken over by somebody else.  Knowing what the weakness was (easy password, stolen list of subscribers, security hole at Facebook, etc.) would undoubtedly help many others. We had similar challenges finding a working phone number that actually connected to a human who could help with such issues.  We're seeing this more and more with companies like Face book, Google, Twitter, etc.  What you have to understand is that you're not really a customer of theirs.  You're their product - what they sell to advertisers.  And how many companies can afford to offer phone support to all of the items that they sell? About the only thing we can do to help is to help spread the word by printing this.  Perhaps that will help reach the right person who can fix this mess, assuming you still want to use a service you have no control over and that offers this level of support.

Dear 2600: The Supreme Court's decision not to take up the ongoing debate on overbroad surveillance of American citizens at a sooner date should be reconsidered.  This practice has a profound effect on the Fourth Amendment, which protects us from unreasonable search and seizure.  "Third-Party Doctrine" creates a loophole that can affect everyone's communications.  Third-Party Doctrine is basically when individuals voluntarily give information to others (such as corporations).  A primary example would be telecommunications companies, where people give up personal data in exchange for services like Internet, email, or telephone without an expectation of privacy. Free expression is a cornerstone of any free society and goes hand-in-hand with privacy because one without the other does not work properly.       Bill Miller It seems every other day we're hearing of some other privacy violation that comes about when companies or institutions fail to safeguard the personal data they're entrusted with.  We see hackers demonized and blamed every time, even when they clearly had nothing to do with it.  By creating a scapegoat, the people responsible for security are able to escape responsibility for their inactions.  It's not enough to protect our own data if the people we give it to don't take it seriously.  We do have an expectation of privacy in such circumstances and we also have an expectation of responsibility when they screw up.

Dear 2600: Many thanks for including my article ("Take Your Work Home After Work") in the latest issue.  I was very happy to read it! One thing though - in the article I sent, the example code and the "execution command" both contained parameters inside triangle brackets.  I can understand how these would have been stripped out via the HTML removal filters. Many thanks again for publishing my article.  You guys are ace!       GerbilByte This was only an issue for Kindle subscribers and, once we were alerted to it, we were able to have the issue fixed and sent out again to replace the defective one.  That's about as revisionist as we're prepared to get.

Dear 2600: I wrote 2600 while I was in jail.  Did you ever get my letters or articles?  I just had my case tossed after three years in jail.  I would appreciate some sort of response.       Craig The amount of mail we get is staggering so it's just not possible to send personal replies.  We know it's especially hard for people who are imprisoned and we try as best we can to give them a voice in our pages when possible.  We need to be clear that there's little we can do beyond that to fight people's cases.  Over the years, we've had inmates send us all of their legal papers and daily updates in the hopes that we could somehow fix the system.  We can't, much as we wish we could.  But many have found relief by telling their stories through the letters pages, writing articles about hacking behind the walls, and taking out Marketplace ads to reach more people.  Congrats on getting your case thrown out.  That doesn't happen often.

Free Expression

Dear 2600: By reading this letter you have exposed your publication to a "poetry exploit." It is a blatant attempt to earn myself the accolade of being printed in 2600 with the absolute minimum of effort.  I hope you love it and feel compelled to send me a t-shirt! The Hacker's Creed I am a hacker. I have a hacker's mind. I cannot help but problem solve, amongst the daily grind. I am a hacker. I see through hacker's eyes. I find the underlying truths, amongst assumptions and lies. I am a hacker. I hone my hacker's skills. I take a thing, re-purpose it, and bend it to my will. I am a hacker. This is my hacker's creed. I search for understanding, wherever it may lead.       StevieBohY Not bad at all.  Some of us feel this would work well musically as a black metal track, but that's just an opinion.  However, while you succeeded in getting printed in our pages, this was sent to the letters department and we don't offer anything to writers other than the pride that comes with being published here.  Articles are a different story, but then they're also significantly longer than letters.  The letters section is the place to bring up any topic of interest, respond to other letters, tear apart or praise an article that was recently printed, or ramble on for no discernible purpose.  And poetry can fit in there as well.  In this age of 140 character communication, we hope to see more people take advantage of this forum of expression and immortality.  Our address is letters@2600.com.

Dear 2600: Please post a link to your GPG key, with the fingerprint, on Twitter.  I'm interested in submitting an article for publication... but would prefer a secure channel.       Joe Our key is on our website in the submissions section.  As we feared, we've already gotten several messages that somehow either mangled the key, used the wrong one, or are attempting to encrypt using an incompatible version of the encryption software.  Please be certain you're familiar with the software and are using the proper key before using this for default communications.  If you want to send us a test message first, we will respond if the message is decrypted successfully, although this requires manual intervention which may take some time, depending on our workload.

Dear 2600: I found the letter from Justin L. Marino in your Winter 2014-2015 edition disheartening to read.  Here is a man who clearly wants to make good in his life, and educate himself and others, but is being stopped from doing so because the prison is scared its own computer security is not up to scratch. Him being incarcerated got me thinking about the old cliches of smuggling tools in cakes into prisons.  Perhaps the modem day version of this would be to have the text of The Basics of Hacking and Penetration Testing embedded in a modified copy of an innocuous book that would clear the prison censors. With all of the self-publishing possibilities on the web these days, someone could easily scan portions of a proscribed book and another less controversial (in the eyes of the authorities) book, then merge them, and voilà - modem-day saw-blade in a sponge cake. This, of course, would no doubt be illegal, but perhaps budding authors out there might write a cyber security detective novel that gives full details about how the characters go about their business.       Rob That's an ingenious and dangerous idea.  The people in charge would have to read every page of every book to make sure it fit their specifications.  These are practices that will need to be increasingly used outside of prisons as well since more and more of our lives come under scrutiny each year.

Dear 2600: The EFF has brought up something interesting about the Trans-Pacific Partnership (TPP).  This proposed regional regulatory and investment treaty poses massive threats to users in all sorts of ways.  According to the EFF, "It will force other TPP signatories to accept the United States' excessive copyright terms of a minimum of life of the author plus 70 years, while locking the U.S. to the same lengths so it will be harder to shorten them in the future.  It contains DRM anti-circumvention provisions that will make it a crime to tinker with, hack, re-sell, preserve, and otherwise control any number of digital files and devices that you own.  The TPP will encourage ISPs to monitor and police their users, likely leading to more censorship measures such as the blockage and filtering of content online in the name of copyright enforcement." Something for your analysis and enrichment.       Joethechemist More like something to terrify and annoy us.  There seems to be no shortage of evil legislation and ominous corporate agreements that wind up restricting access to a ridiculous level and ultimately controlling art and free expression to a stifling degree.  We think everyone can come to an agreement on what constitutes criminal behavior and actual copyright infringement.  The provisions being established with things like this are unhealthy and crippling.  They ultimately will do more harm than good to the very industry that's promoting them.  And we don't believe the actual creative talent responsible for all of the works in question benefits from any of this.  When we all band together and oppose such Draconian plans and agreements, then we will have an actual chance of producing something constructive and fair.  Until then, we suggest frequently visiting eff.org and making plenty of donations so they can help fight this and all of the other ill-advised plans out there, as well as keep us updated on the newest threats.

Inquiries

Dear 2600: I found an interesting article that describes how payphones are being converted into Wi-Fi spots.  If I send pictures of these hot-spot/kiosks, will they be published in the magazine?  Is a new form of phreaking in the works?       Joe We can't guarantee anything, but we can say that the first real step towards getting published is always to send us something.  Our payphone pages aren't always strictly payphones, so it's certainly possible this will find its way into a future issue.  And, yes, a new form of phreaking is always in the works.

Dear 2600: I found a rather interesting news article on a virus called BadBIOS, and I distinctly remember someone writing an article on a virus that kept rewriting their OS, even when they got a new laptop.  I thought this could be the virus in question.       Josh, U.K.

Dear 2600: I've been reading your publication for ten years now.  I bought my first copy when I was 13 while vacationing in Canada.  I've loved every copy I've read.  For that I thank you. On to the important shit: How can I give you the most money?  Should I purchase a one year subscription every year or will the lifetime sub be more beneficial to you?  What earns you more money?  The subscriptions or clothing purchases?  Any way for me to help beyond purchasing your publication?       Andrew We've found this question being asked a lot recently, in the wake of what's been happening in the publishing world (declining print readership, bookstores going out of business, our getting massively screwed by distributors, etc.).  It's extremely heartening to know that our readers have our back.  But we never want to be soliciting funds unless we're giving something of value back.  Buying something from us will always be beneficial.  It's hard to say which is the best subscription-wise, as it depends on variables that change over time.  If everyone bought a lifetime subscription, we'd feel great now, but 60 or 70 years down the road, when we were still obligated to send everyone a new issue every quarter, we might find ourselves struggling.  Renewing every year offers consistency, but there's always the chance you could find yourself completely disinterested in our subject matter in only a couple of years.  (It's happened at least once.)  In short, we have no answer that works for everyone.  One option that seems to be the best of both worlds is our electronic digital digest subscription, which provides digital access to all of our annual digests as they become available, doesn't involve extra resources to produce more copies, and which can be given as gifts to as many people as you desire and/or can afford.  Thanks as always to our readers for thinking of us and for keeping all of this going.

Dear 2600: I was pleasantly surprised to see my photo and name on the back cover of the new issue of 2600!  Almost dropped the copy I was holding at the newsstand.  Does this mean I won a subscription?  If so, here's my address: [redacted] Starting with the next issue of course, I'm buying a bunch of copies of this one to hand out to all of my family members for Christmas.       S You should have received an email from us a few weeks after your material was printed.  You can then decide if you want a subscription or one of our t-shirts.  Hopefully, all of that has already happened in your case.

Dear 2600: I'm a big fan of your magazine.  I was wondering if you could recommend a good program to hide my IP.  Thanks.       Chris There are lots of proxy services and Virtual Private Networks (VPN) available all over the Net, some much better than others.  A few you have to pay for and others are free.  Anything we suggest here is likely to change over time, so the only way to really know what's good is to try them out.  Please remember that such services can be used against you if they're not trustworthy or if they are compromised by hackers, governments, private eyes, etc.

Dear 2600: I found your address in an Amazon comment.  I want to subscribe today for a yearly Kindle subscription.  However, I was curious how many back issues I can access.  22:1 is my last printed copy.       Chris You have some catching up to do then.  We've been on the Kindle since 27:3 and you can get every issue since then at the Kindle store.  You can find out what else we have digitally by visiting the digital edition section at www.2600.com.

Dear 2600: I have a photo submission of a taxi cab in Boston bearing the number "1337."  What email address should I use to submit it?  (Assuming you are even interested in it - I know you usually look for "2600" but figured this was kind of cool.)       Nick While cool photos of "2600" things are what most people send, we're really open to anything that relates to hackers or the net in a strange and "real world" way.  So instances of words like "elite" and "hacker" would be right up our alley.  The email address for any of these submissions is articles@2600.com.  Please make sure your digital files are as good as possible and that you attach as much of a description as to what the images are and where they were seen.

Dear 2600: Hello, I have a few questions.  Is there a deadline for an article to be published in the next issue?  I was looking for a page on formatting, but didn't come across one.  Is there one that I'm missing?  Lastly, do you prefer articles in the body of an email as plain text or as an attachment?       Jon As we're always working on one issue or another, there's no set deadline.  If your article misses the hypothetical deadline for one issue, it will be considered for the next.  Even if it makes our deadline, there might not be room for it in the next issue and sometimes even the one following it.  Exceptions are always made for subject matter that's particularly timely or juicy.  As for formatting, we prefer straight ASCII whenever possible, but we can read most formats that aren't too bizarre.  It can't hurt to also send an ASCII version in case we have difficulty.

Dear 2600: Have you seen the remarks from British Prime Minister David Cameron on the need for new online data laws?       Xaus Indeed we have, and we're both shocked and not surprised at the same time somehow.  Leaders have a history of taking advantage of tragedy and terrorism and using such events as a means to push forward agendas they wanted all along.  Remember, there is not a government on earth that doesn't want more of an ability to spy on its citizens.  Sadly, we're seeing more of a trickle-down effect of this desire, ranging from local governments to parents.  Everyone wants to be able to see what others are up to.  But, to get back to what Cameron is proposing in the wake of the Charlie Hebda massacre, nothing he's pushing would have been able to stop what happened.  In most cases, surveillance of the masses does nothing but tie up law enforcement with a whole lot of data they have no business analyzing in the first place. However, identifying criminals, terrorists, and the like is still possible with decent detective work, the kind that comes from following leads based on things like actions and tips, not fishing expeditions.  If you look at crimes that were prevented or criminals that were caught, you'll see that most times widespread surveillance had nothing to do with it.  The words Cameron utters should be enough to make any thoughtful person see the threat: "Do we want to allow a means of communication between people which we cannot read?"  You can't make this stuff up.

Dear 2600: I have a Motorola TALKABOUT and was wondering if there were any phreaks I could do to it.       Josh If by "phreaks" you mean increasing the power to increase the range, this is generally not seen as worth the effort as your battery life goes way down while your signal range isn't dramatically increased.  If there's something else you're looking for, we'd need more specifics to be able to look into this.

Dear 2600: Is there a physical store I can visit?  I am coming for a trip to New York City and would like to visit a store or something.       Adam Assuming you mean a store of ours, you're out of luck.  If we had to operate a physical store in New York City (or anywhere else, for that matter), we wouldn't last very long, mentally, physically, or financially.  We're afraid it doesn't get any better than our online store or occasional appearances on tables at various hacker conferences.  We hope you find other stores to visit in New York City - there are quite a few.

Dear 2600: This probably will sound like a really dumb question, but how do I make use of the different code you have posted on your website in the "code" section?  I am just learning Python and am obviously a noob when it comes to coding, but would greatly appreciate the help!  Also, what program/programs could I use to utilize the source code written for i-devices?  Any help would be great! P.S.  Thanks for sticking it to Sony!  Screw those guys!       Brian Re: Sony, we just felt it was time to remind them what it means to take a stand and not cave in to threats.  We know they're usually on the other side of that equation. Concerning our "code" section, it's different for every article.  Sometimes people include code snippets in their articles and other times it's entire programs.  Depending on what they're written in, you will need to use different methods to get them to work.  The more you learn about programming, the easier it will get to decipher and apply.  Concerning doing more with your i-devices, we suggest reading the Wikipedia page on "iOS jailbreaking" as it explains a lot of this in great detail.  We can't stress enough the importance of knowing what you're doing before embarking on this particular journey.

Dear 2600: Does 2600 have a position on climate change?  Toronto350.org is one of many groups working to build a safer future by controlling climate change.  We might be able to write an interesting article about our experiences so far.  Let me know if that sounds at all interesting,       Milan Our position is simple.  Science tells the story.  If we pay attention to the data presented, the facts are inescapable.  Those who believe science has some sort of political agenda basically have a medieval mindset and need to be bypassed if we want to actually accomplish anything.  We trust that answers your question.  As for an article, just remember to think like a hacker when writing it.  There's no subject where that mentality can't be used to come up with solutions nobody ever considered before.

Dear 2600: If I order a subscription and select "Winter" as first issue, would I get the 2014-15 Winter issue?  Or not get my first issue until Winter of 2015-16?       Milan That would really be nasty of us to make you wait an entire year.  We have options at store.2600.com to begin a subscription with either the current issue or the next one.  This way, if you buy an issue at a store and then subscribe, you won't get two copies of the same issue.

Dear 2600: I am brainless and am guided by saints/hackers/radio people, so I have made no contribution in life whatsoever.  I am also lacking in education in comparison to the status quo.  I also am not a hacker/cracker/phreaker/scientist/educator/lawyer/doctor but I am quite lazy.  Here is my question: Is there a website that I can go to that will give me access to free satellite television on the computer that I use for Internet access at the library.  My time limit is 90 minutes while online.  I do not have Internet access while at home and my only freedom (haha) is while I'm here at this library in Texas.  Forgive me for the broken English.  I am not a smart person like all of the people that contribute to this periodical.       stupedestrian The first thing you need to do is stop saying such nasty things about yourself.  If you're capable of asking a question, then you're capable of learning and making things better.  Assuming you have access to a pair of headphones while in the library (so you don't annoy everyone around you), this shouldn't be too difficult.  But you may have a problem finding the exact channel you want if they don't have a live stream on their website.  You can look at sites like streema.com to see the kinds of things that are available.  Be prepared for spotty connections and unpredictable content.  It's all part of the fun.  If any of our readers have additional suggestions, please send them in.

Dear 2600: An interesting thing happened to me today that I need clarified.  Only the people at 2600 are qualified to help me resolve this issue and so I am writing you for your help.  I called the number 1-202-456-1444 and got the recording "You are about to activate the government management scenario.  Please enter the access PIN followed by the pound sign."  I cannot figure out what this is or what it means.  Please ease my worried mind and explain this.  Any and all insight that you can provide will be much appreciated.       Brainwaste We've never been able to get that recording despite the many times we tried calling (no doubt, we've now generated another government file on us).  We can say that this phone number is somewhere within the White House and, according to our archives, was once listed as belonging to Richard Nixon.  Now it seems to go to silence, which seems appropriate.

Tribute

Dear 2600: I don't know if you ever carry obits, but in case you'd consider it, I've written a piece about Steve Gold who passed recently.  Steve was a good friend of mine, but my reason for sending this is his significance to the hacker community. In the U.K. of the mid-1980s, no one really knew if hacking was illegal.  Steve Gold helped clarify that situation - by being prosecuted by one of the largest organizations in the country.  Thirty years later, on January 12, 2015, Steve died peacefully in hospital.  But he left behind a legacy of great significance to the hacker community.  An ex-nurse who became a senior auditor and fraud investigator for the National Health Service (NHS), Steve had hacking in his blood .  Three decades later, he could still recall in intricate detail his phreaking adventures on the nation's phone systems.  He was part of an early-1980s scene that encompassed all that is best of the hacking mentality - an unquenchable curiosity and a mischievous disregard for petty rules. In the mid-1980s at a computer show, his friend Robert shoulder-surfed an engineer from British Telecom (BT) logging in to the Prestel system.  This was a Viewdata service that carried news, weather, share prices, and much more.  In 1983, Prestel started to carry a new service called Micronet 800 for home computer enthusiasts.  Steve would become one of three people who ran a section of Micronet known as Micromouse (and until his death was still known by the nickname "Skweek" by many friends).  Micronet also offered a primitive form of email.  In those days, a Prestel login consisted of a nine-digit ID (usually the customer's phone number) and a four-digit password.  The engineer's credentials were 222222222 and 1234.  With that information, Robert and Steve began to explore Prestel with super-user privileges. There is so much damage they could have done - such as changing share prices or taking the system offline.  But what they became notorious for was reading Prince Phillip's messages.  BT tapped their phones and eventually pounced.  In 1985, the two men were arrested and charged.  But here was the difficulty.  What was the offense?  They could have been charged under the Telecommunications Act, which makes it illegal to incur charges on anyone else's account without their permission.  But BT wanted to set a precedent.  It needed to make it clearly illegal to exploit another person's credentials even if the service is free and no charges are incurred.  So they went with a charge of forgery.  The argument went that the login process essentially created, for a moment, a forged "instrument" - an authentication setting in the computer's memory. BT won and both Robert and Steve faced stiff fines.  But they appealed, and won.  BT wasn't content to give up there - it needed this conviction, and so the case went to the House of Lords where the acquittal was upheld.  According to a private source, BT had spent something in the region of a million pounds prosecuting the case and was left no better off.  Steve and Robert were vindicated and the authorities in the U.K. were left with no doubt that legislation was needed to deal with this new phenomenon.  That legislation came with the Computer Misuse Act 1990. Steve turned his knowledge to good use.  He became a successful, popular, and prolific IT journalist, covering every aspect of the field, but always with a special love for security.  He was a frequent speaker at security conferences, often chairing panel sessions, and also gave many lectures alongside the police officer who arrested him.  Late in life, he took a degree in psychology and lectured on the psychology of hacking at a couple of universities.  His students were often members of the intelligence services and police force cybercrime units.  I worked with him on many magazines and projects over the course of nearly 30 years.  And, a few years ago when I took on the editorship of two specialist journals - Network Security and Computer Fraud & Security - he was the first person I turned to for insightful and thoroughly researched contributions. When he died from complications following heart surgery, Steve was two days short of his 59th birthday.  This has robbed the infosec community of Steve's wealth of knowledge and experience - but most of all we have lost a kind, loyal, and generous man who embodied all that is best in the hacker world.       Steve Mansfield-Devine Thanks for this most deserving tribute (so much more than what usually defines an obituary).  The Prestel story is one from our early days as well and there's a special connection between everyone who was involved in the various exploits of that time, one that continues to this day and has included many from younger generations who see the importance of this history.  There are so many stories in our world that deserve telling.  We believe you've touched an entire community with this one.