All posts by Chas

Busy busy busy!

Pardon the rambling. Just blowing off steam here.

We’re going on a full week since the rehost here. And things are starting to settle into normalcy again.

The IRC servers are reachable, we have a working frontpage that I can post to easily, and teh forums are back online.

Now I start running across weird stuff I didn’t have to deal with before. Like phpBB abusers. We didn’t have them before, because, frankly, we were on an ancient version of UBB. But, since we were (forcibly) starting fresh, and the host provides access to phpBB, I figured why not. Now we get weirdos coming into the forums just to get themselves linked or spaming for…well, you’ve probably received spam before. So you know what these idiots are advertising.

I mean, Whiskey Tango Foxtrot!

Sometimes I wonder about people.

Luckily, we had someone involved in the forums who was more with it (with regards to securing phpBB) than I was. He made a few good suggestions for preventative measures to keep the forums from being overrun by bots or idiot link-seekers. And I’ve begun putting this advice into effect.

But GOD I wish I didn’t need to.

Oh well…

Chas’ social calendar!

Okay, in my copious free time, I’m going to be attending a couple of conventions this year.

And that’s about it. CODCon and Acen, I’ll be just wandering around as an attendee.

DefCon, I’m supposed to be goonsquad (security).

GenCon, I’ll either be working the pods again this year, or doing booth and gopher duty.

So, if you’re attending any one of these cons, I hope to see you there.

Another update? So soon?

I dunno. Maybe I’m not feeling well or something. But yep. Another update.

Took a cruise out to Phil’s casa last night and came back loaded for bear (or at least a really pisssed chihuahua) with computer hardware.

[Image Removed]

These are three of the four machines I acquired. Two are dual Celeron 500 (don’t laugh, it’s not like I’m gonna game on the damn things). The third is a dual P3 800 system.

System 4 is a decomissioned Dell 2400. Dual P3 1Ghz with 2 gigs of RAM and six 9.1 GB SCSI drives. I currently have Ubuntu Linux installed on it and it’s in the process of updating.

Man. It’s been a while since I actually, I dunno UPDATED!

Heck. Eleven months since I last posted an update.

Sorry I haven’t been more active people. Between work, and work, and school. Well, let’s just say 95 hour weeks (plus commute times) doesn’t leave me a hell of a lot of time to get active online.

The bad news? There’s at least another year or so of it ahead. Once I finish my degree, I should have a bit more free time (will still be working a lot though).

The smug and the self-entitled.

As some of you know, I have ties to the local 2600 group here in Chicago. Now, those of you who know me know I’m anything BUT a budding computer criminal, as are most of the people I interact with there. There’s an astonishing variety of interests there, and, over the last three or so years, we’ve built the group into something to be proud of.

We have a great venue in the Neighborhood Boys and Girls Club. The people running the club like us and are genuinely interested in what we have to say and offer. And, as a result, we’re been pushing like hell to help them out in various areas where our myriad levels of technical expertise can assist them.

The rules are fairly simple. The 2600 meeting guidelines are as follows.

  1. We meet in a public area. Nobody is excluded. We have nothing to hide and we don’t presume to judge who is worthy of attending and who is not. If law enforcement harasses us, it will backfire as it did at the infamous Washington DC meeting in 11/92. (You can find more information on this event in the Secret Service section of our web site.)
  2. We act in a responsible manner. We don’t do illegal things and we don’t cause problems for the place we’re meeting in. *Most* 2600 meetings are welcomed by the establishments we choose.
  3. We meet on the first Friday of the month between 5 pm and 8 pm local time. While there will always be people who can’t make this particular time, the same will hold true for *any* time or day chosen. By having all of the meetings on the same day, it makes it very easy to remember, opens up the possibility for inter-meeting communication, and really causes hell for the federal agencies who want to monitor everything we do. (A few meetings have slight variations on the meeting time – these are noted accordingly.)
  4. While meetings are not limited to big cities, most of them take place in large metropolitan areas that are easily accessible.While it’s convenient to have a meeting in your home town, we encourage people to go to meetings where they’ll meet people from as wide an area as possible. So if there’s a meeting within an hour or two of your town, go to that one rather than have two smaller meetings fairly close to each other. You always have the opportunity to get together with “home town hackers” any time you want.
  5. All meetings *must* contact us to let us know how things are going even if nothing unusual is happening. If we don’t hear from your city on a regular basis, we’ll have to stop publicizing the site since telling people to go to where no meeting is really doesn’t do anyone a service. You can email us at meetings@2600.commeetings@2600.com or call us at (631) 751-2600. We also need a way of getting back in touch with you. Anyone can have meetings and set whatever rules they wish. However, if they’re going to be affiliated with 2600, we ask that these few guidelines be observed. Thanks.

As noted, we have set a few additional rules. Mainly those requested by our venue.

  1. No smoking in the building. Smoking may be done outside however.
  2. No alcohol or drugs. This is a Boys and Girls Club.

However, recently, we’ve run into problems with a certain small group of people at the meetings. The worst of this group has been an individual by the name of Jeremy Hammond. And in the past few months:

He has rooted boxes owned by the BGC. Not bad in and of itself. However, on several occasions he’s done this without express permission. And, afterwards, he’s left the boxes in a compromised state and refused to clean it up. This has cost valuable man-hours of labor restoring the systems to a working configuration.

He has received permission to do an independent security audit on a system owned by one of the Chicago 2600 group. However, without permission, he proceeded to root the system and compromise it. Again, he refused to clean up after himself (or even enumerate the security flaws he utilized). And, again, caused someone else to incur expensive man-hours of cleanup. This security incident directly lead to the decision of the colocation provider to remove the system from their network.

After a disagreement with the individuals responsible for the Chicago 2600 website, he proceeded to compromise the network at the BGC and eventually was able to break into the administrative functions for the Chicago 2600 mailing list.

Also during this period, he was able to compromise the Chicago 2600 website in such a fashion that the site needed to be reverted to remove all the interactive features, just to keep him from interfering with it.

Additionally, he has repeatedly violated the guidelines for the meetings including:

  • Using systems in the BGC to compromise (break into) live systems (and websites) out on the Internet.
  • Consumption of alcohol on the premises of the BGC. Despite repeated warnings not to do so.
  • Posession and consumption of illegal drugs on the premises of the BGC. Again, despite warnings.

During this time, we also became aware of Jeremy’s activities in the larger community around Chicago. And, having already dealt with the FBI once over a whack-job who just happened to attend some meetings, what we learned about him and his civil and criminal activities made us all too eager to distance ourselves from him.

In his most recent escapade, Jeremy very nearly cost us the BGC as a meeting venue.

At the meeting on Friday, August 5th, 2005, Jeremy had attended the meeting, ostensibly to mend fences over the recent ugliness between him and several of the other 2600 members. Mostly, he just came off as smug and insincere, but, for the sake of peace in the group, it was just going to be left alone.

However, after the departure of one of his group (whom we later learned was a writer for the Chicago Reader), Jeremy and his friends went out, got high, and vandalized a building in the neighborhood. And not just any building. The Illinois Battery Company. They’re right across the street from, and a financial supporter of the BGC.

Rightfully, we were outraged by this, as were the trustees of the BGC, as well as the owner of the Illinois Battery Company. As pictures of the vandalism showed up almost immediately on one of the multiple sites Jeremy maintains, we had a pretty good idea who did it. Moreover, we had witnesses (neighbors) who observed Hammond and friends.

At that point, a group of us were ready to move the meeting to another venue, as we couldn’t guarantee that this kind of idiocy would not happen again, and we were unwilling to put the BGC and their community through that.

However, we’d underestimated the goodwill we’d accrued in the community. Not only were they NOT angry at us (as a group), the formally requested that we NOT move the meetings.

Anyhow, Jeremy, when confronted with witnesses and his own website as proof, admitted to the act and offered a half-hearted apology.

The BGC and the Illinois Battery Company agreed not to press charges if Hammond and one other accomplice would return to clean up the mess they’d made.

While they did show up, once, they didn’t complete the cleanup. And now, over a month later, the mess still hasn’t been cleaned up. And, as such, Jeremy is now banned from the premises of the BGC.

Now this young man is accusing the Chicago 2600 group of being “anti-hacker” and claiming he’s going to “reclaim” the group for *real* hackers.

Yep. This is the kind of stuff you want to be teaching kids.

A sample of the crap Jeremy leaves at meetings.

A sample of the crap he leaves at meetings.

Jeremy's try at vandalism

Jeremy’s try at vandalism.

Graffiti still visible a month later.

Graffiti still visible a month later.

Bah. Make the decision about this guy for yourself.

Just don’t say I didn’t warn you.

IRC Server Updates

Okay guys, the EvilNET IRC has been experiencing problems, as of late, with it’s current IRC service provider. Random, over-broad bans, unresponsive mods, etc.

As such, the decision was made to move the IRC group off to another service.

As we control our own DNS, it took a massive effort of about three minutes with a word text editor to make the changes.

The lengths we go to…..

Anyhow, as such, we’re in the process of moving off to a network known as slashnet.org.

Here are the current server mappings:

irc.evilnet.net Random Server on the network
irc2.evilnet.net
irc3.evilnet.net
irc4.evilnet.net
irc5.evilnet.net
irc6.evilnet.net
irc7.evilnet.net
us.evilnet.net Random US Server
eu.evilnet.net Random European Server
au.evilnet.net Random Australian Server

This change-over should aleviate most, if not all, of the problems we’ve been experiencing.

If you have any questions, comments, grips, etc, feel free to e-mail me.

CBT offline for a short while here.

My apologies for the abrupt loss of the CBT.com domain guys.

Some work is being done on the server and the website to find out exactly what’s been causing a MASSIVE overload on the server over the last few days.

We had to shut the site down for a short while so that we could dig around in the server without it coming to a standstill.

CBT.com will be back shortly.

If you have any questions, please feel free to e-mail me.