informis/textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/groups/CDC/cDc-0360.html
root@procul 278a90f7ce Initial commit
2021-04-15 13:31:59 -05:00

594 lines
22 KiB
HTML
Raw Permalink Blame History

<HTML>
<HEAD>
<TITLE>cDc #360</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<PRE>&nbsp;
&nbsp;
_
| \
| \
| | \
__ | |\ \ __
_____________ _/_/ | | \ \ _/_/ _____________
| ___________ _/_/ | | \ \ _/_/ ___________ |
| | _/_/_____ | | &gt; &gt; _/_/_____ | |
| | /________/ | | / / /________/ | |
| | | | / / | |
| | | |/ / | |
| | | | / | |
| | | / | |
| | |_/ | |
| | | |
| | c o m m u n i c a t i o n s | |
| |________________________________________________________________| |
|____________________________________________________________________|
&nbsp;
...presents... The Journalist's Cookbook
Version 1.0
by Reid Fleming
7/15/1998-#360
&nbsp;
__///////\ -cDc- CULT OF THE DEAD COW -cDc- /\\\\\\\__
\\\\\\\/ Everything You Need Since 1986 \///////
___ _ _ ___ _ _ ___ _ _ ___ _ _ ___
|___heal_the_sick___raise_the_dead___cleanse_the_lepers___cast_out_demons___|
&nbsp;
[<B>Editor's note</B>: This is a living document. It will be updated from time
to time, and its version number incremented to reflect major and minor
changes.]
&nbsp;
&nbsp;
Eventually it happens to everybody. The producer asks you to put
together a segment on computer crime or the hacker subculture. Sounds easy
enough. You already have a couple ideas. And luckily you have that
friend-of-a-friend who knows that hacker who went to jail.
&nbsp;
But once you start actually writing, you realize that your script is
sounding as trite as anything you've ever seen. No matter how much you
try to jazz it up, it looks like every other hacker spot you've seen.
Pretty soon you're downright desperate for ideas.
&nbsp;
Here's a suggestion: don't agonize over what will end up being just
another derivative news piece anyway. Instead, let this document help
you produce yet another mediocre story about computer hackers.
&nbsp;
&nbsp;
TABLE OF CONTENTS
&nbsp;<A HREF="#TITLE">
TITLE</A><A HREF="#TOPIC">
TOPIC</A><A HREF="#IMPENDING THREATS">
IMPENDING THREATS</A><A HREF="#STATISTICS">
STATISTICS</A><A HREF="#THE LEAD">
THE LEAD</A><A HREF="#MOVIE CLIPS">
MOVIE CLIPS</A><A HREF="#ABOUT DEFINITIONS">
DEFINITIONS</A><A HREF="#MONEY SHOTS">
MONEY SHOTS</A><A HREF="#ANIMATIONS">
ANIMATIONS</A><A HREF="#INTERVIEWS">
INTERVIEWS</A><A HREF="#ABOUT SHOOTING YOUR SUBJECTS">
SHOOTING YOUR SUBJECTS</A>
<A HREF="#computer hackers">Computer Hackers</A>
<A HREF="#SETTINGS HACKER">Settings</A>
<A HREF="#INSERTS HACKER">Inserts</A>
<A HREF="#law enforcement officials">Law Enforcement Officials</A>
<A HREF="#SETTINGS FEDS">Settings</A>
<A HREF="#INSERTS FEDS">Inserts</A>
<A HREF="#security experts">Security Experts</A>
<A HREF="#SETTINGS SECURITY">Settings</A>
<A HREF="#INSERTS SECURITY">Inserts</A><A HREF="#THE CLOSING">
The Closing</A>
&nbsp;<A HREF="#APPENDIX A">
Appendix A</A>: Statistics<A HREF="#APPENDIX B">
Appendix B</A>: Interview Subjects<A HREF="#APPENDIX C">
Appendix C</A>: Vernhackular
<HR NOSHADE>
<A NAME="TITLE"></A><B>TITLE</B>
&nbsp;
Start by selecting the working title of your piece. In many news
organizations, the title isn't even chosen by the producer of the piece,
so it's often a waste of time to come up with something good, just to
have it retitled at the last minute. And even if you DO get to choose
your own title, it doesn't matter. Nobody remembers them.
&nbsp;
Regardless, it's easier to avoid writer's block once you have a title.
Here are some examples to get you thinking. (Of course, if you're really
short on time, just crib one without modification.)
&nbsp;
- The Cyberwarriors
- At Your Digital Doorstep
- The Digitally Depraved
- Hacking The Planet
- How Secure Are You Really?
- Is Your Data Safe?
- Dialing for Mayhem
&nbsp;
&nbsp;
<A NAME="TOPIC"></A><B>TOPIC</B>
&nbsp;
Now choose a topic corresponding to a recent computer crime. This can be
very easy. Just check out the AntiOnline web site for recent hacker
news. The site is written for the layperson with some understanding of
vernhackular. &lt;<A HREF="http://www.antionline.com/">http://www.antionline.com/</A>&gt;
&nbsp;
If AntiOnline doesn't help, then this can be hard. Check the newspapers,
magazines, chat boards... ferret out some recent computer crimes. If you
can find a fresh event falling into one of these categories, write it
down (if you don't have time for that, then just pick one that sounds good):
&nbsp;
- Banking systems/ATM network penetration
- Cryptography
- Cyber terrorism/electronic pearl harbor
- Hacktivism
- Identity theft
- Military or Fortune 100 systems penetration
- Online privacy
- Personal data theft
- Proliferation of Increasingly Sophisticated Hacking Tools
- International Hacker Gatherings
&nbsp;
&nbsp;
<A NAME="IMPENDING THREATS"></A><B>IMPENDING THREATS</B>
&nbsp;
The phrase "electronic Pearl Harbor" has crept into the national
consciousness. It encompasses the commonly-cited worst case scenarios in
the computer hacking sphere. This set of impending cataclysms includes
the disruption or obliteration of any the following computer systems:
&nbsp;
- Military sites protecting nuclear, biological, or chemical agents
- Air Traffic Control systems
- Communications satellites
- Interstate power grids
- 911 systems
- Metropolitan mass transit systems
- Hospital systems (patient record databases)
- National credit databases
- The Internet backbone itself
&nbsp;
&nbsp;
<A NAME="STATISTICS"></A><B>STATISTICS</B>
&nbsp;
You know the deal with statistics: no one can verify them, so don't worry
about quoting your sources. They're just guesses anyway. Well, this
wisdom is ESPECIALLY true in the case of computer crime.
&nbsp;
So grab a useful statistic from a print story, or use one of those
provided in <A HREF="#APPENDIX A">Appendix A</A>. In a pinch you can just make something up. No
one will have any idea.
&nbsp;
&nbsp;
<A NAME="THE LEAD"></A><B>THE LEAD</B>
&nbsp;
If you don't have time to write your own, try this sure-fire intro.
&nbsp;
"[CYBER TERRORISM]. With the recent [SHUTDOWN OF THE PUBLIC LIBRARY
SYSTEM], it's been on everybody's mind. We've all heard stories of
computer hackers [DISRUPTING AIR TRAFFIC CONTROL COMPUTERS] and
[DISABLING 911 SYSTEMS], but just how big a problem is this? According
to statistics, [20 MILLION HACKS ARE PERPETRATED EACH YEAR]. With odds
like that, it makes you wonder: how safe are we really?"
&nbsp;
&nbsp;
<A NAME="MOVIE CLIPS"></A><B>MOVIE CLIPS</B>
&nbsp;
Consider the use of a movie clip to hook your audience right away. At
least some of these films are familiar to most of your audience, even the
ones who don't have computers.
&nbsp;
Grab a suitable sequence from one of the following flicks and open your
story with it.
&nbsp;
- <A HREF="http://us.imdb.com/Title?GoldenEye+(1995)">Goldeneye</A>
- <A HREF="http://us.imdb.com/Title?Hackers">Hackers</A>
- <A HREF="http://us.imdb.com/Title?Lawnmower+Man,+The+(1992)">Lawnmower Man</A>
- <A HREF="http://us.imdb.com/Title?Net,+The+(1995)">The Net</A>
- <A HREF="http://us.imdb.com/Title?Terminator+2">Terminator 2</A>
- <A HREF="http://us.imdb.com/Title?Real+Genius">Real Genius</A>
- <A HREF="http://us.imdb.com/Title?Sneakers">Sneakers</A>
- <A HREF="http://us.imdb.com/Title?Speed+2">Speed 2</A>
- <A HREF="http://us.imdb.com/Title?Superman+III+(1983)">Superman III</A>
- <A HREF="http://us.imdb.com/Title?Wargames">Wargames</A>
- <A HREF="http://us.imdb.com/Title?Armchair+Hacker,+The">The Armchair Hacker</A>
- <A HREF="http://us.imdb.com/Title?Tron+(1982)">Tron</A>
&nbsp;
&nbsp;
<A NAME="ABOUT DEFINITIONS"></A><B>ABOUT DEFINITIONS</B>
&nbsp;
Explain the technical jargon to your audience as each term arises. Your
intro may require the use of one or more terms, but resist the urge to
explain everything at once. It's boring, and it won't work anyway.
&nbsp;
Ask your interview subjects to explain any jargon they use. While
they're at it, ask them to explain the jargon used by anyone you
interviewed previously. Someone else may be better at explaining
something than the person who actually used the term.
&nbsp;
If an explanation differs substantially from that offered in <A HREF="#APPENDIX C">Appendix C</A>,
use the one offered by your source. Things change so rapidly on the
Internet that words are often redefined.
&nbsp;
&nbsp;
<A NAME="MONEY SHOTS"></A><B>MONEY SHOTS</B>
&nbsp;
These are the clips of hackers sharing the fruits of their labor. Your
story should have at least one of these.
&nbsp;
- Hacked web sites (FBI, CIA, DOJ, NASA, etc.)
- Purloined data scrolling across monitor
- Screenful of cracked passwords
&nbsp;
&nbsp;
<A NAME="ANIMATIONS"></A><B>ANIMATIONS</B>
&nbsp;
If you need them, here are some tried-and-true ideas for CG elements.
&nbsp;
- Packets served across the Internet
- Satellite hacking
- Virus infecting files
- Files being deleted
- Calls being traced
&nbsp;
&nbsp;
<A NAME="INTERVIEWS"></A><B>INTERVIEWS</B>
&nbsp;
There are just three categories of subjects worthy of on-camera
interviews: computer hackers, law enforcement officials, and security
experts.
&nbsp;
Whenever you interview any of these subjects, you must determine their
credentials. By this we mean the following:
&nbsp;
* number of years in their respective roles
* famous exploits
* membership in appropriate organizations
* authorship of any books or articles on the topic
* relevant jail time
* whether the subject has been featured in any previous interviews
&nbsp;
&nbsp;
<A NAME="ABOUT SHOOTING YOUR SUBJECTS"></A><B>ABOUT SHOOTING YOUR SUBJECTS</B>
&nbsp;
Just four simple rules, all of which you should already know.
&nbsp;
Rule number one: always shoot the subject working at a computer. This is
absolutely crucial, never omit it.
&nbsp;
Rule number two: conduct the interview in the subject's habitat, but away
from the computer.
&nbsp;
Rule number three: get lots of closeups. Room decorations, computer
systems, keyboards, bookshelves, anything visually appealing. You will
need these for cutaways.
&nbsp;
Rule number four: get full coverage on the subject. This can mean more
than closeups and reverse shots. Shoot ECUs of prominent jewelry,
t-shirt logos, badges, holsters, ID tags, whatever. More cutaway material.
&nbsp;
&nbsp;
<A NAME="computer hackers"></A>computer hackers
----------------
&nbsp;
<A NAME="SETTINGS HACKER"></A>SETTINGS
&nbsp;
- hacker in his habitat
- anti-Microsoft propaganda (posters, bumper stickers, etc.)
- pro-UNIX propaganda
- 2600 magazine
- Phrack
&nbsp;
- anonymous hacker in nondescript hotel room
- features obliterated
- silhouette against scary backlight
- mosaic face
&nbsp;
- hacker conventions
- Defcon
- Hohocon
- HOPE
- Summercon
&nbsp;
- dumpster
&nbsp;
- bank of payphones
&nbsp;
&nbsp;
<A NAME="INSERTS HACKER"></A>INSERTS
&nbsp;
- offbeat grooming &amp; wardrobe
- unusual hairdos
- body piercings
- tattoos
- 2600 t-shirt
- leather jacket
&nbsp;
- equipment
- computers, plural
- keyboards
- CRTs
- misc. gadgetry
&nbsp;
- software tools
- L0phtCrack
- Satan
- Back Orifice
&nbsp;
- internet chat rooms
- #hack
- #cDc
&nbsp;
&nbsp;
<A NAME="law enforcement officials"></A>law enforcement officials
-------------------------
&nbsp;
FBI agents, Secret Service agents, local police officers, anyone from the
Department of Justice, local district attorneys, etc.
&nbsp;
&nbsp;
<A NAME="SETTINGS FEDS"></A>SETTINGS
&nbsp;
- server room
- cubicle
&nbsp;
<A NAME="INSERTS FEDS"></A>INSERTS
&nbsp;
- building entrance
- nametag
- badge
- gun
- bookshelves
&nbsp;
&nbsp;
<A NAME="security experts"></A>security experts
----------------
&nbsp;
These come in two flavors: computer security consultants, and computer
privacy advocates.
&nbsp;
Security consultants (usually themselves former hackers or law
enforcement) are paid consultants who sell their insight into the
methodology and ideology of the typical hacker. Usually self-employed.
&nbsp;
Computer privacy advocates are private individuals who speak out publicly
regarding threats to personal liberty in cyberspace. Favorite topics
include: export restrictions on certain cryptographic materials, the
validity of various data encryption schemes, and the potential
vulnerability of critical information systems.
&nbsp;
&nbsp;
<A NAME="SETTINGS SECURITY"></A>SETTINGS
&nbsp;
- server room
- telephone equipment room
- cubicle
&nbsp;
<A NAME="INSERTS SECURITY"></A>INSERTS
&nbsp;
- storefront / sign
- bookshelves
&nbsp;
&nbsp;
&nbsp;
<A NAME="THE CLOSING"></A><B>THE CLOSING</B>
&nbsp;
Nothing special here. Just a few sentences that re-emphasize the topic.
Remember that no matter the precise issue, the general message should be
to fear the relentless and unstoppable legion of computer hackers.
&nbsp;
Perhaps you could close with an epigram. In which case, you should crack
open <A HREF="http://www.columbia.edu/acis/bartleby/bartlett/">Bartlett's Quotations</A>. Try one of these topics: COMPUTER, DANGER,
MENACE, PERIL, RISK, THREAT, TREACHERY, VULNERABLE.
&nbsp;
<HR NOSHADE>
<A NAME="APPENDIX A"></A><B>APPENDIX A</B> - STATISTICS
&nbsp;
&lt;<A HREF="http://cnn.com/TECH/computing/9804/06/computer.security/">http://cnn.com/TECH/computing/9804/06/computer.security/</A>&gt;
Nearly 80 percent of U.S. businesses have been victims of computer crimes.
58 percent of Fortune 1000 companies have experienced computer
break-ins. 18 percent of that group suffered more than $1 million in losses.
&nbsp;
&nbsp;
&lt;<A HREF="http://www.defcon.org/TEXT/5/larrylange-eetimes-winn.html">http://www.defcon.org/TEXT/5/larrylange-eetimes-winn.html</A>&gt;
According to the FBI, 122 countries across the world currently have
online hacking capabilities.
&nbsp;
We know that in the neighborhood of 20 million hacks a year are occurring
worldwide.
&nbsp;
&nbsp;
&lt;<A HREF="http://www.technopolitics.com/scripts/tp06-06-97.html">http://www.technopolitics.com/scripts/tp06-06-97.html</A>&gt;
The average cyberheist nets $250,000 with a less than one
percent rate of conviction.
&nbsp;
Only 17 percent of the major corporations and financial institutions that
have been intruded actually report it.
&nbsp;
75 percent of the Fortune 500 companies have been successfully penetrated.
The average loss that they concede is about $100,000.
&nbsp;
The FBI estimates that the total losses from these electronic rip offs
range from a rock bottom figure of $500 million a year up to $10 billion.
&nbsp;
&nbsp;<A HREF="http://www.cultdeadcow.com/news/medialist.htm">
cDc Media List</A>
_Rocky Mountain News_, August 18, 1996, "Air Force battles computer hackers",
pg 42A. Hundreds of thousands of times a year, the Cyberwarrior
[the U.S. Air Force Information Warfare Center] defends the nation's secrets
from the members of the Legion of Doom and the CULT of the DEAD COW in a
battlefield that spans the globe.
&nbsp;
<HR>
<A NAME="APPENDIX B"></A><B>APPENDIX B</B> - INTERVIEW SUBJECTS
&nbsp;
Try these organizations' web sites for up-to-date contact info.
&nbsp;
&nbsp;
HACKERS
&nbsp;
- 2600 Magazine
&lt;<A HREF="http://www.2600.com/">http://www.2600.com/</A>&gt;
&nbsp;
- Chaos Computer Club
&lt;<A HREF="http://www.ccc.de/">http://www.ccc.de/</A>&gt;
&nbsp;
- Cult of the Dead Cow
&lt;<A HREF="http://www.cultdeadcow.com/">http://www.cultdeadcow.com/</A>&gt;
&nbsp;
- L0pht Heavy Industries
&lt;<A HREF="http://www.l0pht.com/">http://www.l0pht.com/</A>&gt;
&nbsp;
- <A HREF="http://www.newhackcity.net/">New Hack City</A>
&lt;<A HREF="http://www.newhackcity.net/">http://www.newhackcity.net/</A>&gt;
&nbsp;
- Phrack
&lt;<A HREF="http://www.phrack.com/">http://www.phrack.com/</A>&gt;
&nbsp;
- r00t
&lt;<A HREF="http://www.r00t.org/">http://www.r00t.org/</A>&gt;
&nbsp;
&nbsp;
LAW ENFORCEMENT
&nbsp;
- Federal Bureau of Investigation
&lt;<A HREF="http://www.fbi.gov/">http://www.fbi.gov/</A>&gt;
&nbsp;
- Secret Service
&lt;<A HREF="http://www.treas.gov/usss/">http://www.treas.gov/usss/</A>&gt;
&nbsp;
- San Jose Police Department
&lt;<A HREF="http://www.sjpd.org/">http://www.sjpd.org/</A>&gt;
&nbsp;
&nbsp;
SECURITY EXPERTS
&nbsp;
- Cypherpunks
&lt;<A HREF="ftp://ftp.csua.berkeley.edu/pub/cypherpunks/Home.html">ftp://ftp.csua.berkeley.edu/pub/cypherpunks/Home.html</A>&gt;
&nbsp;
- Electronic Frontier Foundation
&lt;<A HREF="http://www.eff.org/">http://www.eff.org/</A>&gt;
&nbsp;
- Bruce Schneier
&lt;<A HREF="http://www.counterpane.com/">http://www.counterpane.com/</A>&gt;
&nbsp;
- Tsutomu Shimomura (<A HREF="mailto:tsutomu@sdsc.edu">tsutomu@sdsc.edu</A>)
&lt;<A HREF="http://www.takedown.com/">http://www.takedown.com/</A>&gt;
&nbsp;
- Cliff Stoll (<A HREF="mailto:stoll@ocf.berkeley.edu">stoll@ocf.berkeley.edu</A>)
&lt;<A HREF="http://www.ocf.berkeley.edu/~stoll/">http://www.ocf.berkeley.edu/~stoll/</A>&gt;
&nbsp;
<HR>
<A NAME="APPENDIX C"></A><B>APPENDIX C</B> - VERNHACKULAR
&nbsp;
These are some of the more common vocabulary items.
&nbsp;
&nbsp;
ATTACK: a specific tactic designed to generate some kind of malfunction,
usually to grant or deny computer access -- syn. EXPLOIT
&nbsp;
BACK DOOR: Leaving behind a hidden or nonobvious method to regain system
access during subsequent visits
&nbsp;
BLACK HAT: a malicious hacker who defies the Hacker Ethic -- ant. WHITE HAT
&nbsp;
CARDING: credit card fraud, typically for mailorder goods
&nbsp;
CRACKER: contemptuous term for hacker, or abbrev. for password cracker
&nbsp;
DENIAL OF SERVICE: an attack designed to prevent the productive use of a
computer system, by overworking the computer beyond its operational limits
&nbsp;
DUMPSTER DIVING: looking through the garbage for discarded equipment,
useful information, or other materials -- syn. TRASHING
&nbsp;
EXPLOIT: see attack
&nbsp;
HACKER: a person skilled or expertised in methods of hacking computer
systems
&nbsp;
HACKER ETHIC: an informal code of conduct designed to preserve the
integrity of a hacked computer system and its contents, the terms of
which generally prohibit the contamination or destruction of valuable
data or other resources
&nbsp;
HACKING: the process of gaining unauthorized access to a computer system
&nbsp;
HACKTIVISM: a term first coined by THE CULT OF THE DEAD COW to describe one
brand of activism practiced by the <A HREF="http://www.cultdeadcow.com/cDc_files/cDc-0356.html">HONG KONG BLONDES</A>; a policy of hacking,
phreaking, or creating technology to achieve a political or social goal
&nbsp;
HANDLE: a hacker's chosen alias, or nom-de-hack
&nbsp;
MAN IN THE MIDDLE: an attack wherein a malicious agent seeks to intercept
communications between two computers and rewrite certain message contents
&nbsp;
OWNED: a computer whose security has been entirely neutralized by a hacker
&nbsp;
PACKET SNIFFER: a computer program designed to reveal the contents of all
network traffic within earshot of the computer, not just the data bound
for that particular system
&nbsp;
PASSWORD CRACKER: a computer program designed to extract the passwords of
a given system's user database, usually employing a method of brute force
or dictionary comparison
&nbsp;
PHREAK: a person skilled or expertised in methods of phone phreaking
&nbsp;
PHREAKING: manipulating the telephone system in order to reroute phone
calls, avoid billing, or otherwise defraud the phone company
&nbsp;
SECURITY THROUGH OBSCURITY: the tactic of protecting something by keeping
secret all its details
&nbsp;
SNIFFER: abbrev. for packet sniffer
&nbsp;
SOCIAL ENGINEERING: any means of convincing someone to willingly furnish
information which is unavailable to the general public, usually by posing
as someone with a legitimate need
&nbsp;
SPOOFING: making it appear that data originating from an untrusted
computer is actually coming from a trusted one
&nbsp;
TRASHING: see dumpster diving
&nbsp;
TROJAN HORSE: any piece of software intentionally infected with a virus,
and purposely provided to others
&nbsp;
VIRUS: a small computer program devised to be undetectable and duplicate
itself
&nbsp;
WAREZ: illegally-duplicated computer software products
&nbsp;
WHITE HAT: a mediagenic hacker who adheres to the Hacker Ethic -- ant.
BLACK HAT
&nbsp;
&nbsp;
&nbsp;
.-. _ _ .-.
/ \ .-. ((___)) .-. / \
/.ooM \ / \ .-. [ x x ] .-. / \ /.ooM \
-/-------\-------/-----\-----/---\--\ /--/---\-----/-----\-------/-------\-
/lucky 13\ / \ / `-(' ')-' \ / \ /lucky 13\
\ / `-' (U) `-' \ /
`-' the original e-zine `-' _
Oooo eastside westside / ) __
/)(\ ( \ WORLDWIDE / ( / \
\__/ ) / Copyright (c) 1998 cDc communications and the author. \ ) \)(/
(_/ CULT OF THE DEAD COW is a registered trademark of oooO
cDc communications, PO Box 53011, Lubbock, TX, 79453, USA. _
oooO All rights reserved. Edited by Omega __ ( \
/ ) /)(\ / \ ) \
\ ( \__/ Save yourself! Go outside! Do something! \)(/ ( /
\_) xXx BOW to the COW xXx Oooo
&nbsp;
<A HREF="http://www.cultdeadcow.com">http://www.cultdeadcow.com</A>
&nbsp;
&nbsp;
&nbsp;
&nbsp;
&nbsp;
&nbsp;</PRE>
<P>&nbsp;</P>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink