Anyone know how to spot transponder triggers?
http://www.ettm.com/focus_pa/etcfocus_panynj.html
Either by attaching something to the Mark IV E-ZPass
transponder, or a standalone device. I have no specs,
but would love to see if there are any spots around
NYC where it is happening for non-toll purposes.
Some sort of signal is pulsed at the transponders
in order to get them to reply.
Inquiring minds wanna know.
----
6/3/2001 Hacking Threat Rises With High-Tech Layoffs
http://foxnews.com/story/0,2933,26291,00.html
----
8/11/1999 Trouble between two nuclear powers:
"Indians Down Pakistan Plane; 16 Aboard Die"
The New York Times, by Barry Bearak
#
# An Indian jet fighter today shot down a
# propeller-driven Pakistani navel aircraft
# that was flying near the border.
#
# The Pakistani plane was hit by a missle in
# the late morning, and by late evening each
# country was still asserting that the aircraft
# had been flying in its airspace.
#
# India's Defense Minister, George Fernandes,
# said that when the Pakistani plane was
# approached, it "indulged in a hostile act
# by taking a turn toward the the Indian
# fighter aircraft."
----
Panix hacked. (Includes accounts for Emmanual Goldstein, Godwin, etc)
>Subject: Security breach on Panix
>Followup-To: panix.questions
>Date: 20 Apr 2001 14:24:08 -0400
>Organization: PANIX Public Access Internet and UNIX, NYC
>Approved: alexis
Last week we discovered that attackers had gained root access on our old
Sun shell machines. This is a security breach of some complexity, so in
this message I will explain what exposures existed, and who we think is
affected.
To the best of our knowledge, only the two Suns were cracked. Our main
shell machine group (collectively "shell.panix.com") and the new beta-
test shell host (panix1.panix.com) are all unaffected by this. We are
fairly confident in this assessment because we have done a byte-by-byte
comparison of all software and config files on those hosts against
known-good copies, and the evidence of intrusion which is so clear on
the Suns (once you know where to look) is nowhere to be found on the
NetBSD hosts.
Unfortunately, there is still a significant level of potential exposure
for most Panix users, EVEN USERS WHO NEVER LOG ON TO THE SUNS. This is
because much of the disk storage on Panix is shared among all shell
machines, and the intruder(s) had free access to it.
This means that in theory, any file owned by any panix shell user may
have been examined or modified by the intruder. This includes mail and
web files (except files on the local disks of dedicated web hosts). In
practice, of course, it is extraordinarily unlikely that the intruder
actually bothered to look at or modify most users' files, because s/he
had a very specific target: access to other machines elsewhere.
The intruder "trojaned" our ssh, which means that anyone using ssh to
access other servers from the Sun was immediately exposed. We have, of
course, warned Panix users many many times that using ssh (or telnet)
from a shell host was a sure way to compromise the destination system,
should our shell hosts ever be cracked, and that's exactly what happened.
It's also likely that any user passwords used to access the Sun (either
by telnet or ssh) were exposed, and they should be changed immediately.
(If you were exposed, and use the same password on other machines, you
should change it there as well.)
The other possible exposure was to newly-registered credit cards. Users
who registered a credit card on March 29, and possibly any date after
that, had their credit card number exposed. This is, fortunately, a
fairly small number of users. Since we do NOT keep our database of all
card numbers on line, the intruder did not capture it. Cards registered
in the last week are almost certainly NOT exposed since we took measures
to protect them once we knew they were at risk.
I would like to reiterate now something that we (and many of our more
security-conscious users) have said many times in email and news postings
over the last 12 years: NEVER ASSUME THAT A PUBLIC SERVICE IS SECURE.
No matter how smart and security-conscious Panix's admins are, it's
always possible that our servers could be compromised in some way. This
is a necessary and unavoidable consequence of providing publicly-
accessible machines with all the popular software.
Our investigation of this incident is not complete; we still have a lot
of work ahead of us, as we try to learn everything we can about the
intrusion. There are some aspects of this attack that we are not yet
ready to discuss, but when we are I'll post them in the panix.announce
newsgroup (or panix.upgrade, as appropriate). And none of these secrets
conceal further vulnerabilities that could compromise Panix users further.
If you have any questions about this message, please use the
panix.questions newsgroup, or mail to "staff" if you don't use news.
/a
----
My next wallet, for use here in NYC:
https://baku.safe-order.net/ironoakholsters/p599.html
