For the summer issue of 2600, I decided to write an article-by-article review of the magazine, which you can read here. It turned out to be one of the more popular posts I’ve made, and it was fun to write. With this in mind, I’ve decided to do it again, with the Autumn issue that was released several days ago. One thing I can say about 2600 is that there’s a lot of content in each issue, so this is a long post :

Politics

In this issue’s introductory article, Emmanuel responds to one of the most common criticisms of 2600: that the magazine focuses too much on politics and runs light on technical content. You’ve probably heard this criticism before, from me, or someone else you know. Emmanuel defends the 2600 approach by stating that they will not prevent people from expressing their opinions, that these opinions are important to the hacker community, and they make the magazine what it is today. I can understand this, however I do think that the liberal slant the magazine often takes can alienate more conservative readers, or readers, like myself, that prefer to be presented the facts and form opinions for themselves.

I can’t deny, however, that it is what makes 2600 the magazine that it is.

VoIP Security: Shit or Get off the POTS

This article serves as a decent summary of the risks of implementing VoIP in an organization. Reid demonstrates some pretty good structure for his article, by having a separate section and summary for each risk. He recommends various tools, and it seems like it’s a good article for someone getting started in VoIP security.

Getting More Out of Your College Linux System

Silent Strider brings us the first article of this issue that really illustrates some reasons many people criticize 2600. We have a perfect combination of common 2600 themes: school hacking, a perception of being “better” than normal users with regard to policy, and advice that is so tinted by the writer’s experiences with one system that it’s of limited use to anything else. The article begins with some paranoia about trojans and keeping an eye on who else is logged onto the system, then moves into describing ways to avoid quotas and needlessly waste RAM by setting mplayer’s cache size too high.

The article can be summed up with one quote: “Remember, you are not an average user. Limits do not apply to you.”. I would recommend hanging onto this article so that you can present it to your school’s IT staff when they round you up for being a nuisance on school-provided computers. They may not realize that you are so above-average.

Social Engineering and Pretexts

This article, by Poacher, is in stark contrast with the one before it. Rather than showing you all of the stereotypical elements of a 2600 article, you get to see something you don’t see often in 2600 articles: an author that is in a position to know a lot about what he’s writing. Poacher describes his career, from being a store detective, to a private investigator, and gives a lot of great anecdotal advice and stories about social engineering along the way. He approaches the subject in a very realistic way, and I personally enjoyed reading it.

Telecom Informer

Another guy who is in a position to know what he’s writing about, The Prophet returns in this issue, like every other issue, with a well-written telecommunications article. While it’s not exactly insider-knowledge this time around, his discussion of the history and purposes of PBX systems and their significance to phone phreaks is entertaining. If you’re new to the topic, you’re sure to learn a bit.

Language Nonspecific: Back to Fundamentals

The most important message to take away form kn1ghtl0rd’s article is that once you have learned how to write code in one language, it’s much easier to pick up other languages. On this, his main premise, I agree. I do, however, disagree with many of the points and statements used to support it.

I do not feel like there’s the sort of animosity or “divided front” between .NET programmers and the rest of the world, outside of people arguing on the Internet. The examples, while basic, discuss concepts that are not going to be understood by the target audience: people who are deciding on a first language. Some statements, such as “Every data type, whether they are integers or strings or Boolean, are all classes.” don’t apply to all languages in the way he’s implying. Others, like “a computer program ends up being the same thing after compiling, no matter what language you are using.”, are just plain wrong.

It’s an article with a good idea, but put together more as a rant than actually illustrating the ease one can go from one language to another.

Front Door Hacking: Redux

Darkarchives continues where an article written by Cliff leaves off. Yes, the same Cliff that brought you the “Discovering Vulns” in the last issue. Yes, the same article that a locksmith poked at disapprovingly in the last issue’s letters to the editor.

If you don’t already know about “bump keys”, this article isn’t going to be of much help, other than a pixelated and unlabeled drawing of one. There is some discussion of a “minimal movement” method, but the majority of the rest of the article is a warning to not bump an in-use lock (you’ll screw it up), what to hit it with (a screwdriver), and a recommendation on what lock brand to try it on (Kwikset).

If you absolutely needed another article on bump keys, then I suppose this is alright. It doesn’t seem to further the art or illustrate anything new, though.

A Penny For Your Laptop

Atom Smasher demonstrates a very simple vulnerability in the Kensington Micro-Saver Notebook Lock. Apparently it can be unlocked very simply, quickly, and without destroying the lock or computer by using a coin to add tension, and spinning the dials until they stick. I don’t have the lock, so I am not able to verify that it works, but the article is clearly written, informative, and he even suggests a solution to the problem.

The RIAA’s War on Terror

Glider’s article reads like an extended mix of a Slashdot story comment, telling someone how they should do business. If RIAA moves slow, it’s because they’ve figured out that they’re making penty of money moving the way they are. This article has the bonus of comparing RIAA tactics to those of the current administration’s War on Terror. Never mind how accurate that comparison may or may not be, it will certainly strike a chord with 2600 readers that follow the politics of the magazine.

I’d personally rather see an article focused less on telling the RIAA what to do, and more on telling people how they can shift their support towards artists that don’t fall under the RIAA. Empower people to make a choice.

Free Files from Flash

Dieseldragon does a pretty good job of demonstrating how easy it usually is to rip media files that Flash-based players on the web use. It’s a little sparse on details, and he gets a little confused about the .flv format, but it’s not hard to follow, it’s an easy trick, and it’s hard to cram much into a short article. This article is a good demonstration of the usual 2600 flip-flop disclaimer. Let’s follow along, with some commentary:

• “Please don’t steal copyrighted works.”
  • Ok. Fair enough.
• “If you like to download music, please consider this method…”
  • Wait, but…
• “(And buy the CD for copyright/royalty purposes of course!)…”
  • Oh. Of course! Wait… if you buy the CD, you could just rip your own mp3 copy of a much higher quality (a lot of flash is dirty 64kbps mono)
• “F-you to Apple iTunes for ripping artists off much worsethan bedroom pirates and ‘those hackers’ ever did!”
  • iTunes has a lot of catching up to do to be on part with pirates. I’m not sure how that’s supposed to work anyway. I don’t see how you can be ripped off much worse than having your stuff downloaded with no compensation at all.

Target: For Credit Card Fraud

“Anonymous”, a former employee of Target, discloses a whole host of problems with the stores’ networks. The author claims that the Target wireless network is only protected by WEP, and that everything on that network has very obvious passwords with very open access to anything. He asks the reader not to do anything malicious with this, but not before giving a road map to the credit card transaction data stored on the registers. He even provides a batch file for gathering the payment data from the logs.

You know who else is likely to be sifting through logs right about now? Target admins.

How to Get More From Your Sugar-Mama

There are a lot of short, one-page articles this issue. In this one, gLoBuS reveals how to cheat Virgin Mobile’s ad-supported free minutes program, as well as how to send free text messages through one of Virgin’s web interfaces. Not the most altruistic or educational articles, but at least he’s not stealing credit card numbers like the previous author.

Owning UTStarcom F1000

Wifi VoIP phones are really cool. I don’t own one, but I might get one to play around with one day. ZiLg0 does a good job of giving an overview of how to unlock this specific model, and presents some references to more information. I had no idea you could buy these VoIP phones locked into specific providers, but it’s nice that there’s instructions like this for opening them up.

Hacker Perspective: You

This issue, instead of having an article written by a well-known hacker, Emmanuel sent out surveys to all of the subscribers of 2600, in order to try to demonstrate what the readership is like. The results are interesting. Several statistics about the responses are discussed, followed by the write-in comments of many responders taking up the rest of the article. It seems that there are just as many people who feel the magazine should be less technical and focus more on politics as those who feel the opposite way.

It really only represents the 15% of subscribers who could be bothered to fill it out and pay postage to send it back, but it’s an enjoyable read.

Hacking 2600 Magazine Authors

This is absolutely my favorite article in this issue. Agent Smith is a security guy at a company that was the focus of an article in a previous issue. In that issue, an author that Smith refers to as Neo revealed a vulnerability in Smith’s company, without first disclosing those vulnerabilities to the company in question. Smith gets the feeling that the article was written by an employee of the company and proceeds to investigate and find out who it is, through some clever investigative googling. It resulted in a firing and a visit by the feds for the original article’s author.

This had me laughing hard. It’s a perfect example of how bad operational security on the part of the bad guys often makes an investigator’s life pretty easy. I also enjoyed it, because at least I know now that I’m not the only guy who googles up 2600 authors just to see if they’re as anonymous as they think they are (most aren’t).

Designing a Hacker Challenge

Remember the scene in “Hackers”, where Crash Override and Acid Burn are trying to figure out who’s the best, and so the rest of the gang sets up a points-based challenge? Glutton is reliving that moment for us, with a hacker challenge he has designed to help you and your crew find out who is the best, and who dies like the rest. I can hear The Prodigy’s “Voodoo People” right now.

This is an unintentionally hilarious read, not to be missed. Be warned that it might land you in jail if you actually attempt some of the tasks. The author does state that you should not break laws for personal gain, or if you have a wife and/or kids dependent on you. Remember “Glutton”, because he’ll pop up later in the issue.

Hacking an Election

Dagfari, a former employee of Elections Manitoba, gives a good description of how provincial elections work in Canada. This is something I know nothing about, being in the southeastern US, so I thought it was interesting. There’s a little discussion of the technology involved, but the hack itself is not technical. Instead, it involves having corrupt people in charge of enumerating (registering) voters in each area. I’m not sure how feasible the attack is, but it’s well written.

How to Cheat Goog411

PhreakerD7 demonstrates how to make free calls using Google’s free 411 service (1-800-GOOG411). Google’s 411 service will connect you to businesses that it locates for you for free, and anyone who has a Google account can create a business listing. Therefore, free calls can be made through Google’s 411 by creating and modifying a business listing, and searching for it with the 1-800 number. It’s a clever trick, and the article is definitely of interest to anyone into phreaking.

Yammering

The letters to the editor are always very entertaining. It’s mostly people just like the article authors, only all pretenses of writing an article have been dropped. This month we have, among others:

• A long rant about a husband checking up on his unfaithful wife
• A recommendation for an anonymous email site that I might write a bit about in another post
• Jason Scott, the hoarder of all text files and BBS nostalgia, calls out Glutton (“Hacker Challenge” guy) for writing a crap article on the bad shape the text-file scene is. The icing on the cake is that, in turn, Emmanuel lays into Jason for insulting the magazine and its writers. No telling what he’d think about my reviews.
• A letter calling out Cliff for his article on bump keys, making this two issues in a row, followed by a letter from Cliff defending himself, with the atom bomb of counter-criticism, in essence: “Why don’t you write something?”.
• A guy who pulled an FBI GPS tracker off his own bumper

Hacking the Buffalo Air Station Wireless Router

Wireless routers have default username/passwords! I doubt you’re very surprised by this. You can pretty much skip this one by Donoli.

The Thrill of Custom Caller ID Capabilities

This article, by krt, is supposed to present some of the things that are possible, if you have Caller ID spoofing set up. Unfortunately, it’s difficult to read and lacks any amount of detail. I’m pretty sure this is the sort of article people in the write-in survey were talking about when they complained about technical jargon.

Securing Your Traffic

Every couple of issues, there’s an article on how to tunnel all of your traffic through SSH, written by someone (b1tl0ck, this time) who wanted to access the internet from work without being filtered or spied on by the IT staff. This one’s not bad, although it’s lacking in detail. Network admins, set up some rules to detect outbound SSH on weird ports to look for people doing this .

Transmissions

Dragorn discusses, briefly, the ethical implications of using open wireless access points, and then goes into the legal aspects of it. He cites several real cases and quotes from the laws that apply. There’s even a references section at the end! It’s not heavy-handed or slanted, and as such, is well worth reading.

Hacking the Nintendo WiFi USB Connector

I really enjoyed this article too. MS3FGX is very clear on how to modify drivers and software for this device to unlock its use as a general purpose USB WiFi device and access point. It reads well, the instructions are easy to follow, and the screenshots are very clear. I’m impressed to see that it can be used as a packet source for Kismet, and once there’s solid support for Master mode in Linux, I may pick up one.

Fun With International Internet Cafes

Route tells us a story of how he disabled the timer on an Internet cafe computer by removing it from the startup entries and rebooting. The software for this cafe was so bad that if you ran out of time in the middle of something, it would lock you out, and whoever logged in next would resume your interrupted session. No big surprise that there were so many problems with security, although that would depend on how well the systems were monitored physically (apparently not very well). The story is entertaining, but I’d imagine it would be of little use unless you run a system like this.

The Trouble With Library Records

Barrett Brown presents a bit of history behind INNOPAC, a popular library management system, which was interesting. I wasn’t very surprised by the vulnerability disclosed (employee logins over telnet), although maybe it would be interesting to someone who hasn’t had first-hand experience with similar systems. At least it’s easy to mitigate for the people who implement and administer INNOPAC systems. A bit of googling reveals that Barrett is the first and only author in this issue to actually use his real name other than an alias, which is very cool.

The Life and Death of an American Help Desk Agent

Geospart’s article is more of a rant than anything, however it’s a well-written rant. I would recommend anyone that’s interested in going into tech support give it a read. He gives a good summary of the different tiers of support, and does name names for a couple of the different companies he has worked for. Support has its own culture, will never be fair, and will always be about making money with as few resources as possible.