Letters: GLORY
Hacker News
Dear 2600:
Hacking podcast Shadow Systems
Audio on actual hacking within the podcast, and phreaking.
J
We have a sad fact to reveal. Most of our letters now take this form of people not actually communicating using full sentences or anything more than 140 characters. We're sent links, words that are spelled so incorrectly that they're basically new words, and thoughts that never come to full term. We miss the old days, where so many readers would rattle off paragraph after paragraph of prose, some of it meaningless, but much of it filled with ideas that really provoked discussion and controversy. We hope to see more people return to that path.
Oh, and the link is worth checking out.
Hacker Queries
Dear 2600:
I'm recently reminded of how we live in a society where our lives are being nitpicked by various three letter agencies.
However, as a privacy conscious individual, I'm wondering if it is truly necessary for me to give away my real name and address while purchasing tickets to the HOPE conference. I'm wondering if only a working email will suffice, or is the information necessary for the delivery of the tickets?
Hopefully, this is only a matter of record keeping.
general.bills
We don't require any real info from you at all, other than your payment details and, naturally, an email address where you can receive your tickets. But if you use a credit card, the company behind it will compare your address to what they have on file and let us know whether or not it all matches. Addresses that don't match require us to follow up to make sure you're not trying to pull a fast one on us. It's the same method used by virtually every online store. The real question you should be asking is if it's necessary for you to give away your real name and address to the credit card companies. In actuality, it is and it isn't. You can use a fake name on a credit card as long as it's attached to one in your real name. But you can then use that fake name on all of your online purchases. Getting a post office box or a maildrop and having your credit card bills delivered there make that your billing address, which is what online merchants need to verify. In other words, it doesn't have to be your actual street address. And this is all accomplished while remaining completely legal. You can do a whole lot more on the other side of the law. But that's another story.
Dear 2600:
I am a computer security researcher and teacher at the Charles III University of Madrid(Spain).
Currently, I am teaching subjects related to cyberthreats and malware. I have found that your web page offers information regarding hacking. I would like to go deeper in the matter to present students a more realistic view about it.
Thus, I feel that your knowledge could be a great key for my work. Particularly, knowing how hackers get in touch, how they communicate, and if they hide themselves on the Internet or if they have publicly available places would be useful.
Any advice on this matter will be very valuable for me. Let me thank you in advance for your precious time.
Lorena
We don't advise people thanking us in advance as they likely will be disappointed. We can't do more than suggest that you read what's in our pages and in many other hacker-related forums on the Internet. It's not really clear from your letter what particular aspect of hacker culture you're interested in pursuing. Hackers aren't living on the Internet like termites in a wall. Hackers are all around you, all the time. They communicate in every way imaginable, they know how to protect their privacy, and they have no problem meeting in public as well, although we currently don't have meetings in Madrid. A good start for you would be to disbelieve everything you've heard in the media and movies and do a little digging to see what hackers are motivated by. Whether it's the development of a new type of operating system or a battle against some proposed draconian law, the people involved will likely be more than open to talking with you about it, as long as you're willing to listen and not jump to simplistic conclusions, like so many have in the past. We wish you luck but doubt that you'll need it if you're truly interested in learning.
Dear 2600:
Have you heard about this challenge? Someone is giving away bitcoin. You just have to guess the six letter password. Can it be done?
Eric
You can read about this particular challenge at bitcointalk.org/index.php?topic=1014202 and on Reddit. There were some other challenges that were figured out, but the six character one has yet to be. In fact, much of the discussion in various forums is debating how many billions of possibilities there are and just how long this could take under what circumstances. It's an interesting conversation that can be applied to so many other security-related issues. It really all comes down to what resources are at your disposal and how much time you're willing to focus on such challenges, along with any possible shortcuts you can apply. What seems like a great password now won't be in the future because processing time will be vastly decreased. But even if you have a completely uncrackable password, using the same one for long periods of time - which many people do - not only makes it more likely someone who's been at it for a while will finally figure it out, but opens you up to the sum total of every mistake you made in that period of time, such as writing it down once, being shoulder-surfed, or so many other things that make your password completely useless.
We don't have to go nuts over this. Simply choosing a decent password and changing it on a regular basis is usually enough. But, in case it isn't, you should always be paying attention so you'll be able to tell if something changes due to another gaining access somehow.
Regarding the challenge here - assuming it's on the level - what seems like a Herculean task can be greatly simplified with a little organization and crowd-sourcing. So if, as some people are saying, this would take a thousand years to crack, how long would it take if a thousand people each took a portion of the challenge? Now imagine a government that has access to virtually unlimited resources that is motivated to crack a particular code and add that to the constantly improving technology. What appears completely secure is often only temporarily so. Our human ingenuity is the one element that can always stay a step ahead.
Dear 2600:
Greetings from prison! I am attempting to figure out how modem TVs detect a video signal through either the composite or VGA inputs. As I am in a correctional institution, I do not have access to material to research this. My goal is to connect an audio device to the television so it may be used as a speaker. However, when I connect the audio input, the no signal screen remains and I cannot seem to bypass it. So I thought I would ask you. Also, I would like to say thank you for continuing to put out an awesome magazine. I thoroughly enjoy every issue. Also, in case it matters, the TV is made by Coby.
Chris
If what you are connecting the audio input to on the TV is a 3.5 mm headphone jack, it is likely that is really an output for external speakers. This would hamper inputting audio, even if you made the TV detect some signal on another connector. Composite and VGA are older input methods, but there may be a way. VGA does not pass any audio from the input you connect. Composite would allow inputting of audio over the red and white RCA connections. If you can make or acquire an adapter for stereo RCA to whatever audio device you're using as input, it may play audio without even connecting the yellow composite input to anything at all. If it did require signal, you could take composite video output from a VCR such that blue/black screen or a video without sound played while the input of audio came through from your other source.
Dear 2600:
Where is the list with the stores that sell physical copies?
Vaseleos
That is a very good question. We are attempting to get such a list put together. We've also been saying this for years. Unfortunately, this is one of those things that's much harder to do than it should be. The list in question used to appear on our website and with it you could tell just where copies of our magazine could be found. We got the info from our distributors. Here's the challenge: distributors don't like to give out this data because they feel other distributors can come along and snatch their accounts from out under them. We think having a list of where people can buy our magazine would result in more people buying our magazine. But what do we know? The whole situation isn't helped when said distributors shut down and take the data (and our money) with them. Don't even get us started.
But since we're on the topic, we thought you might like to hear an update of one of our latest distributor woes, that being the ones that sort of went out of business but didn't really. We're referring to the company called Source Interlink that split itself into two, shut down the half that dealt with magazine distribution (while owing us close to $100,000), and renamed its other half to TEN: The Enthusiast Network (www.enthusiastnetwork.com). They continued to be wildly profitable while publishing magazines of their own like Motor Trend, which we'd bet somehow didn't get stiffed by the company's other half. Anyway, we finally got a check from them for just over two grand. Better than nothing, but nowhere close to what's right. It's not the first time we've been fleeced and it probably won't be the last. This was probably the slickest maneuver we've encountered, though. And yes, it was all completely legal.
This is how the game is played: publishers like us are always at the mercy of distributors. They aren't all bad and we've worked with some great ones over the years. But nothing illustrates how essential our reader support has been in keeping us going despite these monumental challenges.
Dear 2600:
I would like if you could send me a report about the magazine and radio program 2600. Thanks.
The Drunken Sniper ITA
Well, first off, you've got it backwards - the magazine is called 2600, not the radio program. And you didn't give us a due date on our report so we had no motivation to actually finish the assignment.
(We don't feel bad being this sarcastic since a simple visit to our website would have provided this person with more than enough information to satisfy their curiosity.)
Dear 2600:
Please do not print this letter. And please do not mention my name and/or other identifying information if you ignore the above request. If this is not the appropriate location for this type of inquiry, I would appreciate it if you could direct me to the proper channel. Between orders@2600.com, articles@2600.com, webmaster@2600.com, and letters@2600.com, this question seemed to be most appropriate here.
I'm wondering if you are going to be releasing Volumes 4 through 11 (and future issues) of the Hacker Digests in a Kindle format, preferably through the Kindle Store. I read through Volumes 1 through 3, and would love to continue on through the early history of your publication. I do see that you have DRM-free PDF versions available on your site, but my personal experience with reading PDFs on my various Kindle devices has been poor, both when viewed directly in the PDF format or when converted to a Kindle one. That said, I'm still happy to send money to you guys, so I'm currently in the "check out" process for the DRM-free version of Volume 4 on your site right now.
hhlkjh
O.K., we had someone literally come in and smash their fist on a keyboard to generate a "name" that could never be linked to you. We can't imagine any hints remain as to your true identity.
We're printing this because it's a good question and because it came to the letters department and printing and responding to letters is all we know how to do.
Putting out the digests is a tremendous amount of work which is why we can't cover every possible way of publishing them - at least, not all at the same time. The PDF route is the way to get it to the most people in the shortest amount of time. Publishing to the Kindle requires us to OCR every page and then painstakingly proofread and correct everything. We would certainly not be able to publish four digests a year if that was the route we took.
There are so many readily available devices that can read PDFs that we believe your problem is easily solved. We do intend to make these available in every format imaginable, but it takes time to get there. Perhaps when all of the digests are finished, it will have become easier to get them into a format suitable for the Kindle. For now, we hope people can be happy with the PDFs. The lifetime deal is really pretty cool and the history thats summed up (not to mention finally learning what all those old covers meant) is really quite educational. We've been having a real blast cruising down Memory Lane.
Dear 2600:
Thank you for any help you can offer me and the time you take to read this. I'll keep this real short for you as I know you have other things to do.
I'm probably too old for computer skills as they didn't have these when I was in school, and I only got my first one about three years ago and I know very little about them, but I've learned that you can use more than Microsoft on the device.
In May of this year, I was given a Toshiba tablet that I half purchased and was half a gift. They did not put any information on the advertisement or the box that said I'd be stuck with Google trying to use spyware on my device! I used this Android thing for less than the 90-day warranty and one or two things did not seem quite right about it.
There are consumer trade practice violations that I could not remove from the device. I wrote to Toshiba and all I got was a smart-ass response with no care for the consumer!
Then, to make matters worse, they did an upgrade over the Internet that I thought would fix the problems so people would not complain about them, but they only made matters worse by putting a system on the device that won't let me use my device unless I agree to Google's demand!
Can you please tell me how to completely wipe and shred all of their material off my expensive tablet?
I have tried these things to correct the problem myself:
- The reset button only resets the same screwed up crap, which is what I want gone.
- The cheap $50 laptop I have uses a Linux system, as does the Android, but the laptop will not recognize the tablet when connected with a USB cable so I cannot erase it! Toshiba said it could be used as a USB connection device.
- I've searched the Linux Mint and other sources for applications to use that will access and shred the Toshiba and Android, but I can't find any, and I still don't speak fluent computer, so I don't even know what to ask for.
Any help, guidance, or simple instructions would be nice of you.
Mark
It's unclear exactly what aspects of Android violate and irk you most, but we get the overall complaint here. Firstly, this is not at all unusual in that Original Equipment Manufacturer (OEM) installations often have extra clutter installed and in this case sport an OS that was designed to interface through an account on their services platform. Part of that is getting your permission for use of all kinds of data. End-User License Agreements (EULA) are nothing new, but they're becoming ever more ubiquitous.
What you aim to do is possible, however it may take some more research and careful tinkering. There is a thriving community of folks modifying various Android devices with great success. Many times this involves booting or "sideloading" software from an SD card to gain the privileges required to wipe internal memory and reinstall a different OS. The XDA Developers Forums (forum.xda-developers.com) are a good place to find out more about this.
We applaud your efforts and think you'll find that Android devices are among the most customizable when compared to other popular consumer electronics out there. Good luck!
Hacker Mentality
Dear 2600:
I've used computers my whole life, from the first NES to the Packard Bell by HP all the way to the computer I have now. I've never really cared about how they worked until recently. I've kept my face glued on the screen, reading articles, trying to find out how things work and I realize I've taken for granted all the things that are possible through under standing the conveyance of infor mation through a language comprised of zeroes and ones.
I don't care about many things and I have much spare time, much spare time, but there are no meetings close to me and I get anxious when I go too far away from where I live. I would like nothing more than to speak with someone knowledgeable about the evolution of simple programs and electronics to the digital cosmos it has become. I don't care if I die not knowing everything. I want to know as much as possible and, to be honest, it wasn't even a knowledge of computers that sparked the fire. I was curious about how cameras captured images and read about the photosensitive chemicals that gets the image somewhat burnt from the light that was let in through the lens, and was even more curious how digital cameras took the same process and executed it without that film! If that's possible, maybe other things are possible that we don't try or haven't tried.
I'm not the brightest bulb and, sure, I like some sci-fi and cartoons and have some ideas about digital-projections and altering images possibly through infrared pulses.
I know this is long winded, but I ramble sometimes. What I mean to say is, I don't have much to teach, but I have a lot to learn, not just about digital imagery and data, but about how all things electronically speak to each other: the movement of data. I know some of the basics, but I want to know more. I understand I'm 30 and there are a lot of youngsters out there that are turbo-charged encyclopedias, but I want to learn how to think outside the box. When people say there's no way to accomplish something, I can't help but to imagine that people that used to send pigeons with scrolls around their legs and they would have thought the same thing about light speed communications. And now we send information through airwaves! "There's no way?" Bulltits.
So meetings are the first Friday of every month at 1700? How tight knit would that community be? How does an introvert that goes out approximately one out of every ten days meet people? Nobody really knows me. I've stayed to myself for the past four years and when I do have run-ins with strangers, they're brief.
Laughing Man
We can't tell you exactly how to be social, because that's different for everyone. But there's no shame in being introverted. You're thinking and communicating and that's what really matters. We find it generally works to push yourself a bit beyond your comfort zone but never too much. If you find you reach a boundary you can't get past, then that's a part of who you are. Everyone experiences this in one form or another. Our own anxiety about our limitations probably affects us more adversely than the limitations themselves. We'd welcome other viewpoints and experiences on this issue, as we're certain it's familiar to quite a few people.
Dear 2600:
I just spent some time at the Research Psychiatric Center here in Kansas City, Missouri. I had a friend bring me a few sets of clothing and also requested a few random copies of your magazine off my bookshelf. The clothing made it through Customs O.K., but they denied your magazines. The Research Center blocking your information makes sense; they also blocked most information of the drugs they were giving me. All my inquiries into what and why I was given any drug resulted in the drug name only and a staff too busy to print information.
Upon my release, I researched my four prescriptions and had a consultation with my personal doctor. One drug prescribed (three of which are $4 at Walmart - the one in question is $120) is primarily used to treat nerve pain caused by the herpes virus or shingles. This was quickly discontinued and I'm now on the right path. I also have a new anti-anxiety script.
I also made phone calls from three different patient phones. The numbers on Caller ID show up as: 816-235-7438, 816-235-7487, and 816-235-7449. These ring directly to the patient common room s without any screening that I witnessed.
Prozac Porridge
Well, this ought to make for some interesting conversations. Seriously though, thanks for paying attention to what was going on and for sharing. There isn't a single element of society where the hacker mentality can t do you some good. We see it all the time in prisons, the military, mental hospitals, and high schools - people who know they're better than the institutions they're trapped in and who observe, share, and eventually emerge better and stronger because of the que stions they ask and their belief in themselves as individuals. It can be a very lonely existence, but the experiences, when shared, can make a huge difference to so many of us. The mainstream tells us to not pay attention and to keep moving on. We as hackers tend not to do that.
Dear 2600:
A friend of mine and I were debating if online smartphone apps for such things as banking , dating, and social networks that have a long list of access demands on their user agreements can upload family pictures from your phone and store them away on their servers. He argues that if it is possible, companies have no interest in this. They would simply not care about such data and delete it. I argue companies want any and every bit of personal data to record it for demographics and more. He says companies don't record your "telephone numbers called" log, even though user agreements claim to need access to it. My friend says that I am paranoid and letting myself be hampered by technology, rather than benefiting from its advances, because I hesitate to accept or install these phone apps.
What is the reality and logistics of this? Can companies get into your phone remotely? Can they simply upload all your data (pictures, URLs visited, numbers called, texts)? Can they actually tum on your camera and record from it? I assume they can track you by GPS whether you have it set to "on" or not, but what does 2600 have to say about this?
Whether this letter is printed or not, a response would be welcome and appreciated.
James
We generally only respond to letters we print, so here it is. In short, you are quite correct to hesitate whenever apps claim they require access to things they have no business accessing in the first place. But it goes far beyond that. Phones can be hijacked in lots ofdifferent ways. Your movements can be monitored based on the tracking device you willingly carry on your person. Your texts are logged and stored and can be accessed by those with and without the authorization to do so. Transactional data (as Edward Snowden revealed to the world) is available to government agencies and God knows who else. While you may be told that this is harmless, the fact remains that a very clear picture can be painted as to who you are via which individuals you talk to, where you go, what you buy, and a whole bunch of additional data - and that's all without even listening to any of your conversations. Consider also that most phones have cameras and microphones that can be remotely activated and there's precious little pri vacy left unless you change phones every day or turn the damn things off. Maybe it doesn't usually happen, maybe it's not supposed to happen, but we have learned that it certainly is possible and has happened quite a bit already. There is no denying this anymore.
What's particularly sad here is that so many of us - people who really should know better - see these privacy concerns as a tradeoff. The convenience makes it somehow worthwhile. It truly is astounding the amount of things a typical smartphone can do. But nothing comes without a price, and we don't mean the staggering amount of money some of us pay for these devices - sometimes over and over again. These policies and features will only work if we accept them as they are. If we don't, then they can be changed into something better. But we have to care enough to push for that. Your actions are one step. Unfortunately, the attitude of your friend is far more prevalent and one of the primary reasons we've landed in the surveillance state we're in.
We've been warning of such developments literally for decades now. Imagine the power of this technology in the hands of the jews after World War II. How much harder would it have been to hide? How much easier would it have been to come up with lists of people and locations in which to find them? If you honestly believe that we've evolved past that stage of humanity, then you can rest easy, assuming loss of privacy in general doesn't bother you. But for those of us who are aware of the massive amounts of evil in the world, both blatant and subtle, it's best to always know how to shape technology to work for you and to never accept the word of those who try to pressure you into accepting terms that simply don't feel right.
Dear 2600:
I was referred here by a friend from college who now works at blackvault.com.
To the point, as I am sure that you are very busy. I need a link to a virus program stable enough to load onto an SD card and then transfer onto a Windows OS. Also, and I realize that this is reaching, but I need a virus that I can load as an attachment to an email and send to be opened on an iPhone 6. If you have a PayPal that I can transfer to, I will gladly pay you for simply helping me to find the necessary link to this application. Thank you in advance and I hope all is well.
Hack the planet!!!!!!!
Paulie
Thanks mass media for making letters like this possible. This is honestly what a lot of peop le think we do all the time: sell viruses, break into Hotmail and Facebook accounts on behalf of significant others, and destroy people's phones. We are so happy that CSI: Cyber got canceled as we will probably get hours back each week from not having to plod through the moronic requests we get after every episode.
Also, it's great that you know that line from Hackers, but it doesn't legitimize any of the other words surrounding it.
Dear 2600:
First, a confession. I'm using this as an opportunity to shamelessly draw attention to the ad I placed in the Marketplace. Please forgive me (and donate).
Second, I was annoyed by what happened to you in that Source Interlink scam. As a prisoner who gets a lot of magazines, I noticed issues with other publications as well, and I think that explains why my celly stopped getting Hot Rod for no explained reason. F*ck Source Interlink/The Enthusiast Network. F*ck them in their eye sockets.
Third, can we agree that the movie Hackers was the most accurate and best movie ever made? The attention to detail, the action, the amazing battles over the VHS tapes, man, I get goose bumps! It's so real! The laptop with a 28 bps modem and the "killer refresh rate" gives me chills every time. When Dade claimed his BLT drive went AWOL, I just know that clearly I've never heard of a BLT drive because I'm not elite enough. The hacking battle on the skyscraper where they're hacking wirelessly pre-Wi-Fi... yes, that's elite! Razor and Blade are heroes, and we should all drink some Jolt Cola on their behalf. Now, let's hack some traffic lights and make a glorified mainframe computer physically explode and its lights all turn red in honor of the Zero Cool - the world's most elite hacker ever. Now go dock a payphone on your cradle modem and make the world proud.
And again, f*ck Source Interlink/The Enthusiast Network.
Token
Operation Prison PirateWe appreciate the sentiment - and the enthusiasm. While we're not going to quibble over what's technically accurate in the movie and what isn't, the important thing is that it was a fun ride and they basically got the spirit of the community right. We cons der that a win.
Hacker Gatherings
Dear 2600:
Do you know any of the contact info, emails, or something for the 2600 Madison group?
Thanks, and see you at HOPE!
Michael
We don't give out contact info as we always default on the side of privacy and we don't want to constantly be passing messages back and forth. Think of these pages as a method of the latter, minus the personal specifics. What we can also advise is that you visit the web pages of any meetings you're interested in attending, all of which are listed at our website (www.2600.com/meetings). And we also advise meeting attendees to put up a web page for your local meetin g if one doesn't already exist. You don't need our permission or that of anyone else and it's a great way to get more people to show up. Just be sure to email meetings@2600.com to let us know so we can help you spread the word.
Dear 2600:
We've had a meeting of hackers in Ludwigsburg, Germany for almost two years now. The 2600 meeting guidelines match with our guidelines - except for the meeting time. Is it really that important? All benefits one might gain are only benefits in the same time zone.
So here is our question: Can our meeting be a 2600 meeting when our meeting time is not on Friday? It's Wednesday, by the way.
sfn
When you said meeting time, we assumed you meant the time of the meeting, which naturally should reflect your local time. What you seem to be asking about is the meeting day, which is more of an issue. It's easy to know when our meetings take place because it's always the first Friday of the month.
We recently made an exception for Israel due to religious observations that happen to take place on Fridays, which made it really hard for people there to attend and/or start meetings. So we can say our meetings are on the first Friday of every month except for Israel, where they're the first Thursday of the month. If we agreed to what you're proposing, that sentence would get quite a bit longer. We'd have to add the first Wednesday for Ludwigsburg. Then someone else would say since we did that, we should include their Monday meeting and others would want the third Friday, etc., etc. And what happens when one group of people wants one day and another wants a different day in the same city? So we would lose that "first Friday" magic, as literally any day could be a meeting day. That may sound like expansion, but we believe it would just lead to confusion and make the whole thing less of an event.
We sympathize with people for whom Friday doesn't work. But please realize there will also be people for whom Wednesday doesn't work. If we want the advantage of a common day, we need to pick one and stick with it. And over the decades, Friday evenings have been the popular choice. What we advise for those people who can never make it on the first Friday and who really want to participate is to have unofficial meetings on whatever day or time they choose, but put together a smaller first Friday gathering to spread the word about the unofficial meeting. You may wind up with more meeting attendees than you can handle. And that is our dream.