[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hacking for Girlies and FBI news

Monday 12/28/98 9:27 AM

John Young

BUSINESS OUTLOOK, Albuquerque Journal
Monday December 28, 1998 http://www.abqjournal.com/

Consultant feels heat from FBI

By Aaron Baca

Carolyn Meinel says she just
can't win.
  Three months ago - and
many times before and
since - the East Mountain author
and computer-security consultant
was the target of a diatribe left by
computer hackers who broke into
and vandalized the New York
Times' Web page, she says.
Now, Meinel says she is
suspected by the IBI as being one
of the culprits in the New York
Times computer hack.
  She says the FBI told her that
she's not a suspect, but asked her to
take a lie-detector test, which
suggests she is
  "The last contact I had with them
(the FBI) was about a month ago,"
Meinel said in a telephone
interview with the Journal. "I don't
think they would want me to take a
test if they weren't trying to trip
me tip up somehow so they could come
back at me later."
Meinel says she offered to assist
the FBI man investigation of the
incident because of her experience
with hackers and her experience
with those who took credit for that.
back - HFG, or Hacking for
Girlies.
  So far the FBI will not say if it
suspects Meinel. Doug Beldon, a
spokesman for the  Albuquerque
FBI office, said the FBI is
investigating the incident But he
said he couldn't comment about the
investigation.
  The New York Times web page
was attacked by a group claiming to
be HFG in September. The group
peppered the site with profanity
and pornographic images. They
also left hidden messages on the
page directed at Meinel and others..
Meinel is known in the hacker
community as the Happy Hacker
She has written two editions of a
book by the same title and helped
found an online community about
hacking. She has also written
numerous articles on computer
security, including a recent article
for Scientific American.
  In all of her articles, Meinel is
critical of some hackers for the
damage they can cause. She says
she promotes friendly hacking,
which she compares to the
tinkering or exploring shade-tree
mechanics often engage in on their
automobiles.
  The same group, HAG, is believed
to have broken into the computers
of Albuquerque Internet service
provider Rt66 in August. In that
attack, more than 1,400 credit
card numbers belonging to
subscribers were compromised.
  Meinel says she has been
advised by her own lawyer to
stay out of the case now.
  "There's a lot I Think I could have
offered the FBI, Meinel says.  �but I 
think it�s wise not to say anthing now.  
I could get myself in trouble if I helped 
with this investigation now.�
---
I am reading about html, reading our son�s web site code - which he got
from another Moto employee - and experimenting by modifying it.

I just downloaded your stats and table code.  I studied you index.htm
and cryptome pages a bit yesterday.

Morales and I talked this morning.  

As soon as we get something working, then we will try to get others to
help.

Like Ashok Kaushal aka AK.

We plan to give the Great Satan some MORE deservedly
[http://www.zolatimes.com/v2.29/bw1.html]
REALLY BAD international press.

Until, of course, we get the Great Satan to shape-up and get some of his
messes SETTLED.

ABQ FBI agents Kohl and Schum attempted to intimidate me once.  US
Marshals too.
http://www.jya.com/whpscalia.htm

On the second occasion ABQ FBI agents Kohl and Moore delivered  US
assistant
attorney Gorrence�s letter to me. http://www.jya.com/whprjg.htm

Moore apologized when Kohl handed me the letter.  

Nonetheless, this earned the instigators criminal complaint affidavits.
http://www.jya.com/whpscalia.htm

Kohl had on a black fanny pack.

FBI/Engineering Research Facility Special Supervisory Agents [SSA] I
worked with
carry their guns in fanny packs.  Holsters were too obvious the FBI told
me.

FBI SSAs also carry cell phones.

They need to phone in to find out what to do next.

Morales and I need picture of the Great Satan.  But, of course, being
law-abiding
citizens, we don�t want to infringe anyone�s registered trademark.

Campbell soup did not sue Andy Warhol.  

Therefore we will give Underwood full credit if we decide to use it
registered 
trademark to depict the Great Satan.

Back to .vxd writing.  I think I have to get win98 working today so I
can
run the 98ddk.

The vmm.inc macro which provides access to Microsoft�s Windows Virtual
Machine Manager does not work the Hazzah or Thielen and Woodruff device
driver code.  

While I modified vmm.inc to expand without error, link 32 is giving an
error
on some of the segments declarations in the module definition file.

Until I get a working example of  Device Descriptor Block  accessed in
the 
protected mode, I am in a bit of trouble with my current conversion
project.

Sure wish we could get these UNFORTUNATE matters settled so that Morales
and I could spend time on other constructive projects.

Later
bill

JPEG image

Thursday 12/10/98 5:08 PM

J Kevin O'Brien, Chief
Freedom of Information-Privacy Act Section
Office of Public Affairs
U.S. Department of Justice
Federal Bureau of Investigation
Washington D. C. 20535

O'Brien

I received your form letter dated DEC 02 1998.

YES, I want the information!

I return your completed form.

Sandia assigned me to break electronic locks for the FBI/ERF.

SSA Mike Uttaro was my direct contact.  His boss was SSA Mike McDevitt.

The FBI is breaking the law under the veil of classification abuse.

I may write another article
---
False Security   
   
		        William H. Payne	   
                                      
  			Abstract   

Wiegand wire plastic credit card-sized entry access credentials are
the easiest to counterfeit.  Yet Access Control & SECURITY SYSTEMS 
INTEGRATION, September 1998 , www.prox.com  http/www.securitysolutions.com
 ran a full page ad.  
  
  "Why 130 million Wiegand cards are in use throughout the world .   
   
  The most secure of all access card technologies.   
   
  HID Wiegand cards are virtually impossible to counterfeit... any attempt to    
  alter them destroys them! ...   
   
  Since no direct contact with the card is required, they are totally enclosed,   
  making them absolutely immune to the elements and a frustration of   
  vandals. ...    
   
     	The secrets to the security of an   
  	HID Wiegand card are those little   
      	enclosed wire strips. Once corrupted,   
  	they won't work."   
  
Purpose of this article is to tell you how to counterfeit Wiegand 
http://www.securitysolutions.com/  and give you insight into Real Security. 
  
	Fumble, Bumble and Inept Funds Electronic Lock Breaking at   
	Sandia National Laboratories.   


http://www.jya.com/fbi-en7898.htm

			False Security   
   
		        William H. Payne	   
                                      
  			Abstract   

Wiegand wire plastic credit card-sized entry access credentials are
the easiest to counterfeit.  Yet Access Control & SECURITY SYSTEMS 
INTEGRATION, September 1998 , www.prox.com  http/www.securitysolutions.com
 ran a full page ad.  
  
  "Why 130 million Wiegand cards are in use throughout the world .   
   
  The most secure of all access card technologies.   
   
  HID Wiegand cards are virtually impossible to counterfeit... any attempt to    
  alter them destroys them! ...   
   
  Since no direct contact with the card is required, they are totally enclosed,   
  making them absolutely immune to the elements and a frustration of   
  vandals. ...    
   
     	The secrets to the security of an   
  	HID Wiegand card are those little   
      	enclosed wire strips. Once corrupted,   
  	they won't work."   
  
Purpose of this article is to tell you how to counterfeit Wiegand 
http://www.securitysolutions.com/  and give you insight into Real Security. 
  
	Fumble, Bumble and Inept Funds Electronic Lock Breaking at   
	Sandia National Laboratories.   


http://www.jya.com/fbi-en7898.htm
---
Counterfeiting Wiegand Wire Access Credentials
     
                                   Bill Payne
     
                                 October 16,1996
     
                                    Abstract
     
                  Wiegand wire access credentials are easy and
                  inexpensive to counterfeit.
     
        Access Control & Security Systems Integration magazine, October
        1996 [http://www/securitysolutions.com] published the article,
     
             Wiegand technology stands the test of time
     
             by PAUL J. BODELL, page 12
     
             Many card and reader manufacturers offer Wiegand (pronounced
             wee-gand) output.  However, only three companies in the
             world make Wiegand readers.  Sensor Engineering of Hamden
             Conn., holds the patent for Wiegand, and Sensor has licensed
             Cardkey of Simi Valley, Calif., and Doduco of Pforzheim,
             Germany, to manufacture Wiegand cards and readers. ...  A
             Wiegand output reader is not the same thing as a Wiegand
             reader,  and it is important to understand the differences.
     
                In brief, Wiegand reader use the Wiegand effect to
             translate card information around the patented Wiegand
             effect in which a segment of a specially treated wire
             generates an electronic pulse when subjected to a specific
             magnetic field.  If the pulse is generated when the wire is
             near a pick-up coil, the pulse can be detected by a circuit.
             Lining up several rows of wires and passing them by a cold
             would generate a series of pulses.  Lining up two rows of
             wires - calling on row "zero bits" and the other "one bits"
             - and passing them by two different coils would generate two
             series of pulses, or data bits.  These data bits can then be
             interpreted as binary data and used to control other
             devices.  If you seal the coils in a rugged housing with
             properly placed magnets, and LED and some simple circuitry,
             you have a Wiegand reader.  Carefully laminate the special
             wires in vinyl, and artwork, and hot-stamp a number on the
             vinyl, and you have a Wiegand card.
     
             IN THE BEGINNING
     
               Wiegand was first to introduce to the access control
             market in the late 1970s.  It was immediately successful
             because it filled the need for durable, secure card and
             reader technology.
               Embedded in the cards, Wiegand wires cannot be altered or
             duplicated. ...
     
        Bodell's Last statement is incorrect.
     
        Tasks for EASILY counterfeiting Wiegand wire cards are
     
        1    Locate the wires inside the card to read the 0s and 1s.
     
        2    Build an ACCEPTABLE copy of the card.
     
        Bodell's clear explanation of the working of a Wiegand card can
        be visualized
     
             zero row    |     |   |
     
             one row        |          |
     
             binary      0  1  0   0   1
             representation
     
        Solutions to Task 1
     
             A    X-ray the card
     
             B    MAGNI VIEW FILM,  Mylar film reads magnetic fields ...
                  Edmunds Scientific Company, catalog 16N1, page
                  205, C33,447  $11.75
     
        is placed over the top of the Wiegand card.
     
        COW MAGNET,  Cow magnetics allow farmers to trap metal in the
        stomachs of their cows.  Edmunds, page 204, C31,101 $10.75
        is placed under the card.
     
        Location of the wires is easily seen on the green film.
     
        Mark the position of the wires with a pen.
     
        Next chop the card vertically using a shear into about 80/1000s
        paper-match-sized strips.
     
        Don't worry about cutting a wire or two.
     
        Note that a 0 has the pen mark to the top.  A 1 has the pen mark
        at the bottom.
     
        Take a business card and layout the "paper match"-like strips to
        counterfeit the card number desired.
     
        Don't worry about spacing.  Wiegand output is self-clocking!
     
        Tape the "paper-match - like" strips to the business card.
     
        Only the FUNCTION of the card needs to be reproduced!
     
                                     History
     
        Breaking electronic locks was done as "work for others" at Sandia
     
        National Laboratories beginning in 1992 funded by the Federal
        Bureau of Investigation/Engineering Research Facility, Quantico,
        VA.
     
        The FBI opined that this work was SECRET/NATIONAL SECURITY
        INFORMATION.
     
        Details of the consequences of this work are covered in
     
             Fired Worker File Lawsuit Against Sandia
             Specialist Says He Balked When Lab Sought Electronic
             Picklock Software, Albuquer Journal, Sunday April 25, 1993
     
             State-sanctioned paranoia,  EE Times, January 22, 1996
     
             One man's battle,  EE Times, March 22, 1994
     
             Damn the torpedoes,  EE Times, June 6, 1994
     
             Protecting properly classified info,  EE Times, April 11,
             1994
     
             DOE to scrutinize fairness in old whistle-blower cases,
             Albuquerque Tribune, Nov 7 1995
     
             DOE boss accelerates whistle-blower protection,  Albuquerque
             Tribune, March 27, 1996
     
             DOE doesn't plan to compensate 'old' whistle-blowers with
             money, Albuquerque Tribune September 27, 199
---
Here is one of my previous articles.

http://www.zolatimes.com/v2.29/bw1.html 
http://www.aci.net/kalliste/bw1

We should get this settled before IT GETS WORSE.

Black and white is an example of  WORSE.

bill payne