From editor@telecom-digest.org Sat Dec 11 19:58:47 2004 Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.11.6p3/8.11.6) id iBC0wlP24410; Sat, 11 Dec 2004 19:58:47 -0500 (EST) Date: Sat, 11 Dec 2004 19:58:47 -0500 (EST) From: editor@telecom-digest.org Message-Id: <200412120058.iBC0wlP24410@massis.lcs.mit.edu> X-Authentication-Warning: massis.lcs.mit.edu: ptownson set sender to editor@telecom-digest.org using -f To: ptownson Approved: patsnewlist Subject: TELECOM Digest V23 #593 TELECOM Digest Sat, 11 Dec 2004 19:58:00 EST Volume 23 : Issue 593 Inside This Issue: Editor: Patrick A. Townson Employment Opportunity: System Manager/Network Administrator (Editor) Re: Cellphones Aloft: The Inevitable is Closer (Thomas A. Horsley) Re: Urban Legends Reference Pages: Politics (Celling)(Danny Burstein) Re: Calling Card Needed -- Short Interaction Sequence (Danny Burstein) Re: Sprint, Nextel in Merger Talks (Steve Sobol) Re: Spint, Nextel in Talks (Joseph) Remembering Kevin Mitnick - 1995, 1997, at Present (Lisa Minter) Telecom and VOIP (Voice over Internet Protocol) Digest for the Internet. All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer; other stuff of interest. ---------------------------------------------------------------------- Date: Sat, 11 Dec 2004 19:09:51 EST From: TELECOM Digest Editor Subject: Employment Opportunity: System Manager/Network Administrator [TELECOM Digest Editor's Note: Here follows a 'help wanted' ad which has appeared in our daily newspaper (Independence Reporter) for more than a week, day after day. Apparently, they are having a little trouble filling the position, so I volunteered to print it here in the Digest to let others know about it. You *do* need to live in the s.e. Kansas area (no law regarding it, etc, but you don't want a long commute.) Neodesha, Kansas is a small town (about 2000 residents); their closest big town is Independence (about 8000 people) and Coffeyville (12,000). It's a rural setting. Neodesha is about 15 miles north of here (a very easy commute; many folks live in Indy and commute to work in Neodesha, (phonetic pronounciation = Nee-ode-a-shay) and vice-versa. People are very laid back and casual around here, and you might be surprised at the inexpensive cost of living. PAT] Now here is the ad which has been running daily in the paper: =============================================== Computer Systems/Network Administrator Leading manufacturer of industrial processing machinery systems used in the forest products and food processing industries has an excellent opportunity for a Computer Systems/Network Administrator. Qualified applicant should be able to respond to employees' questions regarding computer systems, phone problems and technical need; Perform network administration duties for a Windows 2000 Network; Manage user accounts, email accounts, company web site, remote access and regular system backups; Diagnose and resolve server problems; Perform install- ation and maintainence of computers or computer-related hardware and software; Move/reprogram computers and telephones as needed; trouble- shoot equipment usage. B.S. in Computer Science preferred with a strong background in Windows 95/98/NT/2000/XP and Windows 2000 Network. Outstanding Company paid fringe benefits including Life and Long Term Disaility Insurance,401-K Retirement Plan, 9 paid holidays and 1-5 weeks of vacation annually. Health/Vision/Dental Insurance available. Apply at Human Resources 11th and Illinois Streets Neodesha, KS 66767 "MEC Company is an Equal Opportunity Employer" =========================== [TELECOM Digest Editor's Note: I would not expect anyone to drive all the way to Neodesha (from Silicon Valley for example, or even Texas or New York) but I suspect if you sent them a resume stating your credentials/qualifications/requirements, etc they would be happy to look at it if you stated plainly your willingness to relocate to s.e. Kansas, and stating that you *would* come to visit in person if there was any serious interest. The telephone number (which was not included in the ad) is 620-325-2673, and I suppose you *could* call to explain *why* you were not showing up in person at first. They also have an office in Cherryvale, KS and Coffeyville, KS. Tell them you read about the job in the Independence Reporter, via TELECOM Digest. It would be **great** to see one of you guys (otherwise in the mood to be in this area) get the job, and I am **certain** most of you would easily qualify. PAT] ------------------------------ Subject: Re: Cellphones Aloft: The Inevitable is Closer From: tom.horsley@att.net (Thomas A. Horsley) Organization: AT&T Worldnet Date: Sat, 11 Dec 2004 22:23:18 GMT > The picocell linked to several antennas inside a cable that gathered > signals from passengers' cellphones and sent them all to a small > satellite dish, no bigger than a laptop computer, on top of the > plane. From there, the calls were beamed to an orbiting satellite, > which sent the calls back to special cell stations linked to phone > networks on earth. Hey! Maybe they could do the same thing in buildings as well, and we wouldn't have to worry about running over the thousands of people wandering around in parking lots talking on their cellphones because they can't get a signal inside the building :-). >>==>> The *Best* political site >>==+ email: Tom.Horsley@worldnet.att.net icbm: Delray Beach, FL | Free Software and Politics <<==+ ------------------------------ From: Danny Burstein Subject: Re: Urban Legends Reference Pages: Politics (Celling Your Soul) Date: Sat, 11 Dec 2004 22:26:53 UTC Organization: PANIX Public Access Internet and UNIX, NYC In Marcus Didius Falco writes: (I've edited and summarized the key points ) [ snip ] > Starting Jan 1, 2005, all cell phone numbers will be made public to > telemarketing firms. Once again, if you've _ever_ given out your cellphone number to pretty much any business, whether it's your credit card company, or your local tire fix place, or East Cupcake Bar and Detox Camp, your number _is already_ in a database and readily available to a hefty number of telemarketers. And others. > According to the National Do Not Call List, you have until Dec 15, > 2004 to get on the national "Do Not Call List" for cell phones. You > can either call 1-888-382-1222 from the cell phone that you wish to > have put on the "do not call list" or you can do it online at > www.donotcall.gov . You can add any and all numbers whenever you like. There's a lag time before they're in the database, so the earlier the better. > phone directories and directory assistance services, and protections > have been put in place to restrict telemarketing calls to cell phones. Those protections _remain_ in place. > directory information is not supposed to be supplied to telemarketers, > and because FCC regulations already in place block the bulk of > telemarketing calls to cell phones). eyup. > Some versions of the exhortation to cell phone users to add their > names to the Do Not Call Registry erroneously state there is a 15 > December 2004 deadline for getting listed. Says Lois Greisman, the > Federal Trade Commission official who oversees the anti-telemarketing > registry: "There is no deadline; there never has been a deadline to > register." Close enough, but since htere's a lag time before the number you enter gets into the active database, there's no reaason to wait. > 200,000 new numbers a week. Yet in the final week of November 2004, > nearly 1 million new subscribers were added, and in the first week of > December 2004, that figure jumped to 2 million. At this point in time, > 69 million phone numbers are contained in the registry. Which is fascinating compared to how many people, say, voted in the election ... _____________________________________________________ Knowledge may be power, but communications is the key dannyb@panix.com [to foil spammers, my address has been double rot-13 encoded] ------------------------------ From: Danny Burstein Subject: Re: Calling Card Needed -- Short Interaction Sequence Date: Sat, 11 Dec 2004 23:16:07 UTC Organization: PANIX Public Access Internet and UNIX, NYC In NOTvalid@surplus4actors.INFO writes: > Even OneSuite charges 55 cents from payphone. > But for that 55 cents you can make multiple successive calls. Then their billing arrangement is broken. The FCC regs are that the pay phone operator gets their kickback of (usually about $0.30 [a]) for _each_ call. If you (typically) hit the " * " button on the keypad to tell your phonecard service to let you make a second call without having to hangup and redial the whole kit and kaboodle, the FCC regs treat that one as, yes, a second call, with an additional $0.30. [a] there was an FCC request for comments about a year ago regarding raising that number significantly. I glanced around and haven't found the result. Anyone know? thanks. _____________________________________________________ Knowledge may be power, but communications is the key dannyb@panix.com [to foil spammers, my address has been double rot-13 encoded] ------------------------------ From: Steve Sobol Subject: Re: Sprint, Nextel in Merger Talks Date: Sat, 11 Dec 2004 15:23:05 -0800 Organization: Glorb Internet Services, http://www.glorb.com pro_engineer_97@yahoo.com wrote: > I have been employed by Sprint PCS in the past, and am currently > employed by Nextel. Nextel has excellent benefits, and has a great > working environment. They don't just "talk the talk", they truly care > about their employees. They will even give you $3,500 to assist with > adopting a child. FYI, this idiot obviously has an axe to grind -- I don't mind seeing this once, but it's been posted multiple times, the idiot is posting under different names in the cellular newsgroups, etc. JustThe.net Internet & New Media Services, http://JustThe.net/ Steven J. Sobol, Geek In Charge / 888.480.4NET (4638) / sjsobol@JustThe.net PGP Key available from your friendly local key server (0xE3AE35ED) Apple Valley, California Nothing scares me anymore. I have three kids. [TELECOM Digest Editor's Note: Thank you, Steve, for calling this to my attention. PAT] ------------------------------ From: Joseph Subject: Re: Sprint, Nextel in Talks: Reports Date: Sat, 11 Dec 2004 16:45:52 -0800 Reply-To: JoeOfSeattle@yahoo.com On Fri, 10 Dec 2004 22:34:35 -0500, Isaiah Beard wrote: > I've said this in quite a few forums, and I'll say it here: that > anyone would THINK of merging these two companies defies any > reasonable logic. The two networks that are run by Nextel (iDEN) and > Sprint (CDMA 2000 1x) have very little in common, offer a very > different feature set, and are completely and entirely incompatible > with each other. Well, it's not unreasonable to think that Sprint PCS couldn't do just as Telus did in Canada. Telus acquired the Clearnet Mike service which also runs the iDen technology the same as Nextel. Telus simply runs two distinct networks with regular PCS @ 1900 Mhz for their CDMA network and a separate network running iDen for their "Mike" service which is the same SMR type of service that Nextel runs. Among the other things that are attractive about the Nextel service is the fact that it's aimed at business users. Nextel has some of the lowest EBTA figures of any wireless carrier in North America. Make no mistake about it Craig McCaw's baby Nextel is a prize that if won is *very* valuable. ------------------------------ Date: Sat, 11 Dec 2004 19:20:30 EST From: Lisa Minter Subject: Kevin Mitnick Recalled Rummaging around through the Telecom Archives, I found two interesting items on Kevin Mitnick. I wonder if anyone knows what he has been doing since 1997 or whenever he got out of prison. Lisa Minter Date: Thu, 16 Feb 95 11:59:10 CST From: telecom@eecs.nwu.edu (TELECOM Digest Editor) Subject: Kevin Mitnick Captured in Raleigh, NC Kevin Mitnick, who had earned the unofficial title of 'America's Most Wanted Computer Hacker' was arrested Wednesday morning at his home in Raleigh, North Carolina. Mitnick had managed to evade authorities in both Los Angeles and Seattle during the past two years. He was caught through the efforts of one of his latest victims, computer security specialist Tsutomu Shimomura of the San Diego Supercomputer Center. Shimomura was robbed of security programs he had written when his computer was broken into on Christmas Day, about two months ago. But one thing Mitnick apparently had not forseen was that the programs he stole -- and then used -- would be used to help track him down. Shimomura was able to detirmine this past weekend that Mitnick, 31, was connecting through a modem attached to a cellular phone somewhere near Raleigh. Through the cooperation of telcos and cellular companies, authorities were able to track Mitnick to his home early Wednesday morning. Authorities say they hope this latest arrest brings to an end the career of a man who began hacking and phreaking when he was in high school. At one point Mitnick broke into a North American Air Defense Command computer in Colorado. Referring to Mitnick as a 'dangerous computer terrorist', Justice Department spokesman John Russell said the raid was conducted at 1:30 am on the apartment in Raleigh in which Mitnick was living alone under a false name. "His obsession was his downfall," said Deputy United States Marshall Kathy Cunningham in Los Angeles. "His obsession to hack and phreak using cloned cellular phones left us a good trail to follow." Mitnick, who is known by the hacker name 'Condor' says he took that alias after seeing the movie 'Three Days of the Condor' starring Robert Redford as a man on the run from the government. He grew up in Los Angeles, and was convicted there in 1988 after a series of phreaking and hacking incidents which included disconnecting the phone service to Hollywood stars and others. Although initially he was given just a short prison term followed by federal probation, he continued to act out in his self-destructive ways and when his probation officer threatened to revoke his probation and send him to prison, he disconnected her telephone to get even and then ran off! And he is supposed to be a smart guy? In 1989, federal prosecutors in Los Angeles portrayed Mitnick as a brilliant young man 'obsessed with junk food and computers' who infiltrated computer networks and telephone switching systems in the United States and England. Although federal authorities suggested that he had broken into National Security Agency computers, he was never charged with that crime. At one point however, they considered him so dangerous they got a judicial order denying him any use of telephones at all, for fear he would call up a computer and access it using the touchtone buttons on the phone. In the earlier 1988 case, Mitnick agreed to plead guilty to hacking the Digital Equipment Corporation (DEC) computer network and stealing a program. He also pleded guilty to theft of sixteen MCI long distance access codes and using them to make long distance calls. For this, the court's imposition of punishment included several years imprisonment with all but one year suspended, to be followed by federal probation for the remainder of his term. After release from prison, Mitnick began his probation. When his probation officer suggested she would revoke his probation because of his behavior and return him to the penitentiary, his response was to hack the appropriate computer and disconnect her phone service ... he then fled. In the fall of 1992, Mitnick was working for a private investigative firm in Calabasas, California when the FBI was conducting an investigation into the break-ins of Pacific Bell computers. Realizing they were about to close in on him, he fled again ... to surface only yesterday when a man he decided to trifle with -- Tsutomu Shimomura -- decided not to get mad, but instead to get even! Shimomura cooperated very closely with the government to pinpoint Mitnick's whereabouts. On Wednesday, February 15, 1995, Mitnick was taken before a Magistrate in Raleigh, North Carolina where he was arraigned on the charge of violating the terms of his probation in 1988, and new charges of computer fraud in North Carolina. Assistant United States Attorney David Schindler in Los Angeles said additional charges pertaining to Mitnick's actions in San Diego, Seattle and Colorado would also be presented. Citing its belief Mitnick was a danger to the community and likely to flee again if released, the court ordered him held without bail, and once again restricted his unsupervised use of telephones. Mitnick may be a smart man, but he seems to lack some common sense. One does not ever screw around with one's federal probation officer; you don't play with her telephone to get even; you don't run off when she calls you. And when you are on the lam or otherwise, you don't steal from someone like Tsutomu Shimomura. Speaking of whom, Shimomura attended the proceedings in Raleigh on Wednesday. At the end of the hearing as he was being led away, a handcuffed and shackled Mitnick turned to Shimomura, whom he has never met or seen before and said, "Hello, Tsutomu, I respect your skills." Shimomura nodded, then turned his back and walked away. It must be remembered that in the United States, our constitution requires a presumption of innocence on the part of Kevin Mitnick until his guilt is proven to the satisfation of a judge or jury in a court of law. Patrick Townson From: Davew@cris.com (Dave Harrison) Newsgroups: comp.dcom.telecom Subject: Mitnick article Date: 8 Feb 1997 08:45:15 GMT Organization: Concentric Internet Services Lines: 113 [TELECOM Digest Editor's Note: Please note that since this article was submitted, Mitnick has been tried, found guilty and sent to prison, as of July, 1997. PAT] Here's an article I came across in one of our online magazines ... I thought it may be of interest to Digest readers. Note that in a week, Kevin will have been in custody for *two* years and hasn't had a trial date set. The Feds also plan on dragging this out by prosecuting Kevin in multiple jurisdictions because he wouldn't sign a plea bargain. As a sidenote, a few weeks ago, Mitnick was throw in solitary for a weekend and his Walkman was confiscated -- the Feds actually thought he was going to modify it in to a walkie talkie. They also believe he can whistle commands over the phone to remote modems. ----------------------------------------------------------------------- Hacked, Cracked and Phreaked All these idiots," Kevin Mitnick told me when I was researching a book about his notorious network infiltrations. "They put their workstations on the Internet and then they run their [encryption] software on their Unix box, and I just backdoor it [for] their pass phrase." With all their bravado, hackers can make you skeptical about the latest advances in computer security. Sure, encryption, firewalls, intrusion detection programs and digital IDs are all helpful tools, but I'm not one of those expecting a miracle cure. As another former cracker recently told me, "Using encryption doesn't make people smart." Two guys named Kevin with eight years of jail between them -- and counting -- have taught me how the other side thinks. I started getting late-night calls on a pay phone from Kevin Mitnick more than two years ago, when he was on the run from the FBI and a little-known security whiz named Tsutomu Shimomura. Kevin Poulsen may be less notorious, but he's no less intriguing. Charged with everything from espionage to hacking radio giveaways -- he won two Porsches -- Poulsen recently finished a five-year stint in federal jail. Last fall, Mitnick's crimes were hinted at in a federal indictment. Since then I've tracked down some of his purported corporate victims and uncovered a clearer picture. The hacker's real targets were industry giants such as Motorola and NEC. Was their computer security bad? Not really. Did Mitnick teach these multinational corporations some very important lessons? Yes. The major alleged offenses against Mitnick are the misappropriation of the proprietary software of a Who's Who of the high-tech world -- Motorola, Nokia, Fujitsu, Novell and NEC. Eighty million bucks is what these companies lost, the government privately says. Some of the companies say the government is exaggerating, arguing that Mitnick seemed to be in it largely for the thrill. But the danger is clear. A hacker with his skills, hired by competitors or foreign governments, could have easily used his intrusions to steal millions of dollars' worth of secrets. How did Mitnick do it? A source at Motorola alleges Mitnick installed what now seems a dated technique -- a packet sniffer to suck up passwords. He did a little "social engineering," allegedly phoning the company and impersonating executives to trick Motorola out of the information he needed to complete his theft. "He did move a block of code," confirms a Motorola official. "He stole source code." Now, the company has new policies for information given out over the phone. Fortunately for Motorola, the company found "no pattern of abuse or fraud." Mitnick, in other words, didn't damage their computers, and as far as they could discern, had no plan to sell their code. In Motorola's defense, sniffers were still new at the time, and Mitnick was a gifted social engineer. The subsequent victims had fewer excuses. Months later, another major cellular phone maker was hit. "By then everybody knew about packet sniffers," says one of the victims. Everybody, it seemed, except for the victimized corporation. Again, they were lucky. Although Mitnick swiped the source code that operates their cellular phone and other wireless products, he didn't seem interested in money or wreaking havoc. Technically, there was no excuse for the success of Mitnick's attacks, because products to combat them were already widely available. But there's frequently a time gap between the latest hacking methods and how quickly companies respond with fixes. Countless Internet mailing lists and World Wide Web sites are posted weekly, highlighting new operating system bugs that could provide access. Staying secure is a fast-moving target. Hackers study and share the vulnerabilities more thoroughly than most security professionals. If you don't patch it in days, you may be the next victim. It's tempting to think that prepacked encryption and other technical innovations will eliminate these risks. But then I remember Mitnick telling me how frequently companies make mistakes in deploying such tools, things as simple as forgetting to delete decrypted messages. And there's another, more subtle problem. Often, the more technology corporations buy, the more they develop an aura of invincibility, an aura the Kevin Mitnicks of the world love to pierce. Pressure to join the Internet and the Web creates another dilemma. The Web may be the future, but its general absence of security is spinning us back into a hacker's Wild West. In the last few months, Web sites for the Air Force, the Department of Justice and the CIA have been hacked and plastered with graffiti. Topless pics of "Friends" TV stars aren't the images the Justice Department wants to portray to the public. Imagine the worst that might show up on your company's window to the public. It's tempting to think technology and the government's tough line on hacking will rid our networks of crime. But consider what the CIA recently told Congress: Hacker terrorists, warned the CIA's director, could execute a strike against our telecommunication and information infrastructure with the destructive force of a nuclear attack. Remember Kevin Poulsen? He wrote a program that ran on Pacific Bell's computers and tipped him off to nearly every FBI wiretap in the state of California. He found mob taps, DEA taps and national security taps. And he could wiretap whomever he wished. Just a kid with no high school diploma, without a political agenda. Imagine what the really scary criminals are doing. Jonathan Littman is a free-lance writer in Mill Valley, Calif., who writes and speaks about computer security. He is the author of "The Fugitive Game" and the upcoming "The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen." ---------------- So, I guess I am curious: What is Kevin Mitnick doing these days? Lisa Minter ------------------------------ TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, Yahoo Groups, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 50 Independence, KS 67301 Phone: 620-402-0134 Fax 1: 775-255-9970 Fax 2: 530-309-7234 Fax 3: 208-692-5145 Email: editor@telecom-digest.org Subscribe: telecom-subscribe@telecom-digest.org Unsubscribe:telecom-unsubscribe@telecom-digest.org This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/ (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from * * Judith Oppenheimer, President of ICB Inc. and purveyor of accurate * * 800 & Dot Com News, Intelligence, Analysis, and Consulting. * * http://ICBTollFree.com, http://1800TheExpert.com * * Views expressed herein should not be construed as representing * * views of Judith Oppenheimer or ICB Inc. * ************************************************************************* ICB Toll Free News. Contact information is not sold, rented or leased. One click a day feeds a person a meal. Go to http://www.thehungersite.com Copyright 2004 ICB, Inc. and TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. ************************ DIRECTORY ASSISTANCE JUST 65 CENTS ONE OR TWO INQUIRIES CHARGED TO YOUR CREDIT CARD! REAL TIME, UP TO DATE! SPONSORED BY TELECOM DIGEST AND EASY411.COM SIGN UP AT http://www.easy411.com/telecomdigest ! ************************ --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. End of TELECOM Digest V23 #593 ******************************