Copyright 1993 IDG Communications, Inc. InfoWorld July 19, 1993 SECTION: NOTES FROM THE FIELD; Pg. 98 LENGTH: 615 words HEADLINE: DoubleSpace may not scan your hardware, but DEF CON denizens do BYLINE: Robert X. Cringely BODY: DEF CON I, last week in Las Vegas, was both the strangest and the best computer event I have attended in years. The hackers, crackers, and phone phreaks' convention was shut down for a while when security at the Sands Hotel didn't like people sleeping overnight in the meeting room. And several of the hackers present (median age 17) were shaken to find their Operation Sun Devil prosecutor sitting in the back of the room (she was one of the speakers). "I'm not here to bust you," she told the very interested crowd. "Just don't commit any felonies in front of me." I'll have to try that line at Comdex. DOUBLE TROUBLE There were almost too many DEF CON highlights to relate, but one of my favorite moments was when a computer security guy from Sun Microsystems (name withheld to protect this guy from himself) gave a lecture on how to break into Unix systems. "After tracking more than a thousand break-ins at Sun," he said, "I am really tired of the same old techniques. Here are some new ideas. . . ." The kids at Microsoft are busily working to implement an old idea to improve DoubleSpace, the compression utility in DOS 6. DoubleSpace doesn't scan your hard disk for defects and so can write data onto bad blocks, ruining your whole day. Scanning for hardware defects will be in the next version. On a similar theme, using the DOS 6 format on a freshly low-level-formatted drive can erase some bad sector/physical defect information. DOS 5 did this, too, but nobody noticed. Not wanting to beat too hard on Microsoft, I still have to report that the folks at PC World last week received autodemo disks of MS Publisher and Word that were contaminated with the Forms virus. SUBOPTIMAL Viruses were a hot topic at DEF CON, especially when Mark Ludwig, author of the Little Black Book of Computer Viruses, threatened to release a virus that could be used to password-encrypt everything on everyone's hard disks. The idea here is not to encrypt without your permission (you could choose your own password or even decide not to encrypt), but rather to use the virus as a software distribution method. What a concept! Lord knows that distributing softwareon floppies has problems, too. The install program for QEMM 7.0 asks for the serial number on the installation disk, except there is no serial number on the installation disk. Use the serial number from your invoice. On the plus side, QEMM 7.0 seems to work well, though with some oddities. Remember, the following section refers to my machine, so your mileage may vary. The Stealth feature may work fine, but since it requires a page frame to operate, it didn't make sense for me to give up 64KB to a page frame just to gain 64KB of high RAM and lose 32-bit disk access in Windows. Running Optimize did free 12KB but cut Landmark performance on my 386/25 from 33 to 28: Forget that. Still, by throwing out the DOS-UP drivers, I got 642,256 bytes free, which beats HIMEM/EMM386. After the episode with hotel security, a few disgruntled DEF CON attendees located the hotel's PBX barrier code, isolated the Sands VAX machine, and had the administrator's password ready to go. "Let us know if they give you a hard time, and we'll take care of it," the hackers told DEF CON organizers, who wisely backed off, fearing reprisals from Guido the Kneecapper. Not even Cringe calls were completely secure. "Did you realize as soon as you got that cell call and got up to leave the room that four scanners clicked on and a coordinated effort was put forth to find your frequency?" asked Dark Tangent, the father of DEF CON. "Hope it wasn't a sensitive call." GRAPHIC: Picture, no caption, FRED MACK LANGUAGE: ENGLISH