Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Cyber Culture :: journal.txt

A Black Hat's Journal A rather revealing peek into the unglorious day-to-day routine of a blackhat's work and personal life. Interesting reading, especially in light of everything else released.




Since I often get the feeling I'm getting nowhere, I decided to start
a modest journal and log my efforts (Written a week after this journal
begins).:

Sat Nov 28 03:19:52 IST 1998: 
gloomy day, realized I've done little when I could have accomplished much
more. 
worked on:
* init modifications (to load Trojan script after the rest have finished)
* portacelo (init/ssh_phantom/lkm kit, distribution. ugly, but seems to
              work).
* striped strings an identification from sshd_phantom

Sun Nov 29 05:23:47 IST 1998
phantom seemed to work well on paper. I probably designed it with an
impractical approach, assuming a high grade connection with the a demanding
transfer task, (with the intent it be as waste-less as possible). however,
the approach didn't not seem to work well for interactive connections (or
 any other for that matter) with not much to transfer (smaller then the
packet window) before the packet loss recovery system went into place,
anyhow, I still didn't do much today, but what I did get done (worked on
phantom):
* rtt implementation for phantom (which greatly improves response time),
* experimented with different queue/ratio values. (2/2 seems
satisfactory).
* tweaked error correction (with  the previous model, everything went
bezerk with minute amounts of packet loss.)_

TODO:
* incorporate changes into the portacelo version of ssh_phantom.
* pressbox logic BASS.
* lkm in [CENSORED], why didn't it work right?

Mon Nov 30 XX:XX:XX IST 1998 (written on the 1/12/98).
* fixed and tweaked ssh_phantom flow control, error correction, etc.
* implemented round trip time calculations.
* debugged ssh_phantom under extreme conditions. 50% transmit packet loss.
  (translates into 75% ping packet loss).
* field tested portacelo lkm. (see /lab/LKM/module_obscurity),
  there seems to be difficulty obscuring our module under linux 2.0.30 (sw3.4)

Tue Dec  1 18:42:34 IST 1998:

TODO:
* utmp/wtmp/syslogd log handlers.
* recent vulnerability roundup (possibly update lspm). 
* implement BASS shutdown rubostness/pressbox methodology.
* field test phantom redirection.

BUG REPORT:
* found a major bug in ssh_phantom routing, we don't seem to recalculate
  the checksums when switching between packet types. on
* fixed bug, turns out you have to NULL out the checksum field before
  calculating it (which kind of makes sense).

Wed Dec  2 up until 05:00:00 IST 1998
* felt a bit tired, so after messing around with the new versions of sshd
  (hopefully the last one), which seems to do redirection fine, along with
  everything else (fixed checksums), installed the package in several
  systems.
* went to sleep (relatively) early so I could work on BASS the next
  day.

Thu Dec  3 06:06:29 IST 1998
* spoke to the Applied Neural Networks guy, he depressed me silly, I think I talk too much.
  actually they have several interesting topics going on, they opened
  my eyes to NN applications and I think I'll be doing some
  experimentation with these sometime soon.

don't even remember what I did yesterday. christ. probably wasted my time
as usual.

* BASS2 out. complete with assorted trinkets and scan modules.
  not really, the only major differences in functionality is crash
  recovery (which is a always a useful feature) and JPM job management,
  which is much more comfortable when working on a schedule.

  the real difference is really in the doing away with the horrid 1997
  bindscan/webscan hororama code BASS was based on.

* I wasted all day on this piece of shit!!! mental note: STOP WASTING TIME!
  YUCK.
* debugged tested, it seems to work bug free just fine (most of the new
  code comes from pressbox which I thoroughly tested/debugged.

* READY FOR ASSIGNMENT SIR!

Fri Dec  3 XX:XX:XX IST 1998
* went to take a haircut, over-stayed the visit, started working around
  1 am.
* search the net up and down for a decent encryption solution, failed
  miserably but found TCFS beta development version which SUCKED, but
  seemed slightly promising.

* Spent hours and hours until sunlight trying to compile the goddamn thing
  (with all of ifferent parts). ARG, I feel like killing
  those fucking student pricks with my bare hands. losers.
  2.1 didn't have shadow support, 2.1b barely but I had to make
  manually modify the compile configuration (they misconfigured
  ./Configure) to get it to work. by sunlight the system compiled, but
  I wasn't too optimistic about it working right.

Sat Dec  5 12:07:45 IST 1998
* TCFS works, but was a scary lousy implementation with BIG potential for
  disaster if anything went wrong (assuming of course, I moved my
  sensitive data to this an TCFS file-system). 
* Woke up around 16:00, studied the implementation a bit, figuring how
  it ticked, made modifications to the source code to make sure
  nothing really scary happened very easily (regenerating a key by
  accident).
NOTE:
  I feel a bit like I'm sidetracking with TCFS, but I really want to get
  to a good solid SAFE start. Who knows what the events of the near future
  might bring,.. I don't want history to repeat itself. I feel vulnerable
  and in my line of business I'm not sure it's a feeling I can afford.

  I urge for the feeling of real security. Anyone who would benefit from
  invading my privacy would have to do a much better job to get to me. 

Sat-Sun Dec  6 XX:XX:XX IST 1998
* Immediately after writing the last Friday night log, Enjoyed myself with
  the Halloween Microsoft documents (aimed against the OSS movement), and
  got my first glimpse at Richard Raymond's excellent bazaar-cathedral 
  article on the opensource development process enviorment. Read wise
  words for several hours or so.
* Reorganizing my filesystem around TCFS took a decent part of saturday,
  nervously transfering all of my sensitive data to encrypted format
  and wiping my ext2 fs clean of questionable content.
* Wasted (to be frank) most of saturday as I was serioudly sleep deprived
  (stayed up from the 5th.)

Mon Dec  7 06:09:39 IST 1998:
* In the early afternoon of the 6 - area51 management script, made a clean
  sweep of the filesystem to make sure nothing potentially sensitive
  and linked sensitive spots somewhere into area51.
* Freaked out by a bug in area51 which denied me access to the cfs
  despite having the correct key pushed into kernel space. Luckily nothing
  serious had happened, but it spooked me up and I backed most the data,
  encrypted it (using pgp) on the cfs and sent it over for safekeeping
  in my ext2 home directory backup space.
* Went through some interesting documentation, generally looking for a decent
  solution to my database needs (project pandora).
* Decided to go with emacs forms (seems up to the cause).
* Fixed a nasty little bug in BASS (pwd bug), found another nasty
  little buf that could be worked around (lkm pwd bug), but I rather
  find a decent solution.
* Launched the initial pandora probes (russia, italy and sweden).

Tue Dec 08 xx:xx:xx IST 1998:
* boring meeting with sephi. wasted a way most of the day,
  drew the legal documents together, made me sick with grotesque
  sexual depictions of an empty hollow life void of meaning.

  Is this were my life is heading? (I shudder to think so)

Wed-Thu Dec 09-10 02:42:16 IST 1998:
* woke up early (about 11:30)
* got the sound working (early afternoon)
* installed a new kernel 2.0.36.
* read alot of emacs documentation, customized emacs, calendar features
  seem promising indeed.
* Big issue for now is:
  HOW, how do I manage to reap the potential goldmine results from
  BASS with such a limited staff even on a fairly small
  scale I have to be really organized and put some thought into the
  process of management.

Fri Dec 11 XX:XX:XX IST 1998:
* I'm writing this a couple of days after the fact so I'm not completely
  sure what went on, but I'm pretty sure it went something like this:
* messed around with the Italy scan results (BASS2 debugging)
* tweaked patched and fixed code in BASS2 (based on some concrete
  results from italy.
* decided to try to work on a decent exploitation routine for systems
  other then Linux, failed miserably so far.
* researched exploits, different flavours of different vulnerabilities,
  (imapd, qpopper to name the successfull, tooltalk to name the largest
   of my failures so far).
* frustrated with the lack of functionality from tooltalk gathered
  asm code from all over my disk to one spot with hopes of fixing a decent
  AIX/IRIX/SOLARIS/HPUX remote exploit for tooltalk, qpop, imapd, wwwcount,
  etc, etc.

Sat Dec 12 XX:XX:XX IST 1998:
* Horror weekend, disk crash, miracle of my life, I backed up most of my
  material (including this journal) encrypted to a life disk.
* AAAAAAAGGGGGGGGHHHHHHHH. disk crashes suck.
* This was an interesting scene. fsck took 4 hours o run, and finally
  requested some 10 million fix authorizations (I automated by sticking
  a little piece of paper in the y junction of the keyboard.) and left
  me with a worthless pile of *shit*. (300,000 nameless files in the
  lost+found. Note that it takes half a minute just to read all of those
  directory entries. (note: that sux too).
* Got a first version of a functional linux distribution up and about.

Sun-Mon Dec 14 06:56:05 IST 1998:
* OK, so most everything works again by Sunday evening, I got into this
  huge spill my emotional guts out with the old folks. How they don't
  give me enough credit and shit. (note: gut spills don't rox the sux).

* Recustomized emacs (almost, fundamental mode isn't adding to my health
  right now.)

* Worked on something decent (from the saturday crucifix project) a
  genuine tree/array implementation generic enough I can use in any piece
  of future code. cross-referencing data should be a snap now.

* K, going to sleep.
  bye bye bye bye bye bye bey bey bey,.


***********************************************************************
Entertainment briefing:

I can't put my finger on when exactly this happened (Logged on the Dec18)
but here is an event worth noting:

Possibly, working on projects these days will be easier due to a much
needed headphone set (hackers need to be entertained too!), which
basicly allows me to devote longer hours of concentrated effort to
otherwise much needed casually boring tasks.

***********************************************************************

Tue Dec 15 22:21:49 IST 1998
* BASS log can now be parsed/sliced/diced thanks to a couple of
  hours of good old clean c/perl fun. This will be very useful
  when our world audit ends.

* Oh, now that I can cross reference vulnerabilities, it seems the
  vulnerabilities section of the pandora project is moving along.

* real-world assessment might be difficult tonight as a swarm of 9 year
  old little sister friends have taken over (temporarily) the building.
  I'll use this rare opportunity to catch up on some well needed reading.

* difficult (written later) but yet still possible.
  Somehow, The day ended on such a positive note I remember falling alseep
  TRULY happy. (on Dec 16 of course).

* Origins of this bliss can be traced to the interesting remote
  security experiments (CGI, Tooltalk) and their fairly optimistic
  results. The standard apk tooltalk exploit _does_ work. Probably due
  to 'variations' in native Linux RPC implementation (mouthfull),
  running it from my local machine hasn't been very effective.
  Nonetheless, datagrams generated on (so far) Solaris archs [access for
  which is sponsored by the crucifix cross-reference project] seem to
  pretty much do the trick.

* Exploitation of Tooltalk on HPUX has demonstrated how indeed simple
  this is to preform post first-impressions syndrome.
  This also gives me an idea: (Written on the Dec18)
       An substantial advantage to our (borg mentality, excuse me)
       cause would be a controllable method of automated exploitation.
       Interactive enough to be aided by the human thought process
       (AKA: trial-and-error, logical evolution [growing wiser], the criminal
       justice system...),
       yet automated enough to be effective on a fairly large scale (>10k).

       ANYWAYs: as identifying remote OS on security-lax systems is trivial
       nowadays (successfull implementation of QueSO, nmap 2.0 OSS),

       On a [currently] purely academic level, it would be fairly easy,
       once we had compiled an adequate exploitation datagram database
       to implement automated exploitation of BASS2 verified security
       deficiencies. (completely trivial for the popular right-to-root
       remote buffer-overflows).

       More to follow when I develop the idea.


Thu Dec 17 XX:XX:XX (midnight-morning) IST 1998
* Read all of the online GDB documentation. As a rule, most subjects tend
  tend to greatly simplify themselves after you learn the ropes. (Ussually
  to the sad point you can't even remember the original frustration involved
  with blunt topic ignorance). After one night with GDB, I am not yet at
  that point, but suddenly, GDB seems awfully unintimidating.
* Did absolutely NO online research tonight, (kind of depressed over that
  little issue).
* The main purpose of all of the current educational spree is my extreme
  inferiority complex over lack of experiance/grasp of real-world assembly
  [somehow the pedagogic assembler classes didn't really kick in...],
  Christ, two years after the July '96 mount exploit [which still comes
  up now and then, BTW] and I still have not precise grasp of the process
  involved. [wasn't I an acclaimed security-expert back then?].
* Caught up reading the news, and read several skeptic views of Linux,
  and Linus Trovalds on the not-so-official GNU site. Sad for a legend
  like saint RMS, isn't it... [hmmm, isn't this what I did MOST of the night?]
* The news pointed out an article on computer forensics which reminded me
  my lack of control of local swap contents. Quite possibly, closely
  gaurded area51 data was leaking to permanent storage with little regard
  for my consent. So, I made sure swap was being overwrited completely
  on each reboot. Which seems to work *quite* well.

Fri Dec 18 08:52:51 IST 1998
* Updated missing logs for the last couple of days.
* Obsessed most of the night with the portable assembler exploit code (right)
  Which kind of failed miserably, but exposed just how asm illiterate I am.
  So there I was, trying to implement what I had read the night before.
  Extremely frustrated.

  I'm making progress though.
* More to follow later.
* AT&T - is a bitch, no source references.

Sun Dec 20 05:13:46 IST 1998
* OK, so I have basic asm skills now. It turns out none of this is really
  complex. The problem (in retrospect) was a couple of missing (misguiding)
  links between the toy asm classes I took and real-world asm fun.

  Once I had those inconsistencies mapped out, it was easy flying.
  I actually like coding in assembler. Which is a bit of a suprise
  considering my earlier frusteration. The possibilities for optimization
  (indeed not portable, which is a shame) are enlightning.

  In other words, oh, christ, I had alot of fun tonight. (Coding the world's
  smallest bind a shell to a port code).

  A note on some of the references I used: very misguiding. I now believe
  Aleph1 is far from the exploit expert most of the ignorant world takes
  him for, as is mudge. Their code is complicated to an unreasonable extent.
  Why the fuck do they self modify local area segments instead of using
  the stack like any other well behaved asm program. Consequently, their
  little asm packets don't execute in the code segment (marked read-only).

  And to think NO ONE produced better shellcode, in fact, most of the
  freaking world uses these components.

  OK. I'm satisfied, I know enough asm to "mock" my 'expert' teachers.

  It probably would have taken much longer to accomplish this
  without them though.

* What I'm really looking forward to is taking a look at cryptic non x86
  asm and trying to figure it out.

  My mind must truly be warped if this is my idea of fun.

* What would I do without good encryption? My thoughts would be open to
  the free scrutiny of ANY (O...) passing idiot, including those moronic
  goverment officials who would most likely be very interested in snooping
  around my personal research. If I had any money I would send a donation
  to the guys who worked on TCFS. Ignoring the complete instability of the
  code, it's still alot better then any alternative I have at my disposal.
  ehe, I'm going to wrap my computer with metal foiling now.
  That's going to freak the folks out.

XXX 21-30 Dec XX:XX:XX IST 1998:

ASCS web site up authored. I'm not going into any details, most of it
was done pretty quickly, in stages:

1) parsed the design into a template.
2) wrote the text.
3) integrated the text into the templates.
4) authored some more HTML.

The point?! I'm not enjoying it, I'd rather program, but it needs to
be done, so I fulfill my roal as a jack-of-trades, and get it done myself.

Thu Dec 31 23:46:24 IST 1998
============================

New year manifesto:

Wait, before you get really mad at me, I think I had pretty good
reason not log in the last 11 days. Pretty much out of nowhere, I
decided enough was enough, I wouldn't let 1998 end while I was still
fucking around without having anything to show for it. I mean, that
would really suck! I suddenly realized if I didn't put my perfectionism on a
tight leash, I wouldn't make any progress.

You know how I am,.. I live on dynamics. I'm not cut out to stay in
one place, doing the same old things. 

Some really nice results from our cans. Things got interesting
towards the end. I wonder who's out there. The guys are freaked about me
wanting to publish, so maybe I'll sit on this for a while. Let things
cool down.

Ugh. That stupid ugly son of a bitch. Fucking asshole, I just remembered
the reason I REALLY WANT TO GET OUT OF HERE. *FUCK* these people are
such loosers. Dumbass politicians in some crack-ass late night small
minded goverment subsidized channel one show.

Damn, he just ruined my newyears moment. Right, they make this big
point about *we don't care about the -christian- new year* talk about
living in a fantasy. OK, it's one minute away from 1999, I'm going to
spend it in the porch.

Maybe I'll scream.

What a lousy newyear.

It's a full moon, a really beautiful night, The first minute of
1999. Symbolism, symbolism. Maybe the new religion? What a futile
search for meaning. Anyway, I have this annoying feeling I should be
somewhere else, possibly running.

Another year of my life.

This is all going to change.

I don't care if I get into trouble, I'm going to get people to
stand up and take notice. Damn it, and I'm getting out of this rat
hole as soon - FUCK - I want out now! 

5 minutes into 1999, What's so fucking special about the new year!
Damn it. I used to be on-the-cutting-edge, exciting, now I'm just
some dumb ass kid waiting for the goverment to throw him into a three
year military "joy ride". 

Bye.

I'll come back later and tell you all about what I've been up to.
I have to run, run, and run, and run,...

WHY?
Because I don't know how to do anything else.

No, I'm not poetic, or even damn friggen sophisticated, but I don't
give a shit anymore.
This is how I feel, and this is exactly how I'm going to spit it all
out.

Fri Jan  1 01:31:32 IST 1999
I'm back. Geez, 1999. A new year. What am I supposed to say? What
should I do? Isn't there supposed to be some big philosophical issue I
bring up now?

Right, here it is, 1999. One year to the millenium. Everybody's been
talking about the 2000s for such a long time, I wonder if they'll get
disillusioned when it actually it's them.

Then there's the geometric aspect of the year 1999. Triple 9s. Not as
exciting as a once in a thousand years turn of the millenium, but
triple digits are pretty rare, considering the last time the this
happened to the date was in 1888.

I wonder if there is any significance to the work I'm doing. I keep
thinking, christ, what could be so hard about making money? Everyone
does it, heck, if they didn't they'd all be unemployed. I've always
been good at doing stuff most people can't relate to. A childish
motivation to be more than ordinary, I guess.

Right. Let's make some new year resolutions, goals as such, and make
sure they're all achieved:
1) Start making some money, to show for all the work I've been
   doing on ASCS.
2) Get a girlfriend.
3) Get out of the country.
4) Found IDDN. Finish the IDS software you envisioned.
5) Adopt a rich and famous lifestyle.
6) Make up for all the parties you've been missing lately by spending
   a fortune enjoying the greatest part of all times, Silvester 1999.

Noteworthy:
Lukemia wants to be free.

Note, my father should have left tonight for London, and from there,
to another overseas location. It seems another very expensive
thermo-camera broke down, and needs maintenance pronto.


Fri Jan 01 XX:XX:XX IST 1999
============================

I woke up rather late around 4:30, on the first day of 1999, and
discovered to my horror that I had accidently left area51 on *all*
night.  To make matters worse, I found my brother actually sitting at
my console for what was probably the first time in a couple of
months. All sorts of horrible thoughts passed through my head,
obviously, area51 was on when he accessed the terminal, he could have
easily browsed, archives, copied or otherwise my material for future
reference.

This was unacceptable. Still, I triggered a security breach, or it's
closest equivalent, and things would have to be cleaned up. It took me
just under 3 hours to skim through the contents of hard-drives, a
couple of disks, and conduct a 'formal' interrogation with
Omri. Perhaps a waste of time, he's quite accustomed to lying, and I
would have little to counter his obvious claims of virtue.

If I was lucky, he was telling the truth, which was probable. If I was
unlucky, it is very unlikely this isolated incident caused any serious
damages. Nevertheless, I'm human, I made a mistake, and most likely I
would make it again. Something had to be done on a software level, so
loosing no time, I developed logoutd, which would automaticly log out
area51 after a certain period of idleness on my part.

It took too long, since I was rusty, but it does the job
well. (written almost two weeks later)

Sun Jan 03 XX:XX:XX IST 1999
============================

(written exactly a week+1 day later)
I believe I was alone today, the most pressing matter was getting the
damn ASCS site finished, editing, rewriting, working on sections that
haven't even begun yet.

The references section, currently just a hypertext link.

Very slow progress if I remember correctly, very frusterating.
Damn it Jim, I'm a programmer not an English professor!

Mon Jan 04 XX:XX:XX IST 1999
============================

Experimented with firewall support, found a configuration I
liked. Caught up a bit of my reading on Firewall technology, which
sparked interest in the whole fascinating issue of access control I
had not encountered due to my PC isolation.

Logged in to judab.ml.org for the first time, created an acount for
myself, felt a bit nervous (an alergic reaction to the entries in the utmp/wtmp
I suppose), wrote Dudi (President of the l33t w3r4z comission)
"Chief engineer" shit a fancy official looking letter, felt pathetic,
groveling to a fucking warez puppy. Later on he told juda he was
impressed by the English, (scribbling *fuck* bizspeak works).

Tue Jan 05 XX:XX:XX IST 1999
============================
???

Wed Jan 06 XX:XX:XX IST 1999
============================
Early morning:

Scanned judab with nmap, practiced conducting a security audit.

Later in the afternoon:

Wrote a report based on what I had found, called Dudi, spoke to him on
the telephone, felt kind of stupid, humiliated, childlike, sent over
the report, realizing he had ignored it later on. Got his premission
to modify the kernel, install httpd and sendmail.

Reconfigured judab.ml.org, installed phantom (was there a bug?)
recompiled the kernel to include firewalls support, played a bit with
init.d until the early hours of morning, just in time to see dudi log
in, and wish him well, kind of annoyed at his ignorance and asshole
attitude, but otherwise a harmless stupid temperament which will
proove more usefull then damaging.


Thu Jan 07 XX:XX:XX IST 1999
============================

Early morning:

I'm not sure, but I think this is the day I had my coincidental
running with Gov. In retrospect, my performance was lousy, not to
mention pathetic. Realizing I was wasting time, and clearly not
enjoying myself, I should have had the common sense to leave.

If I left, I would not make my impression, If I stayed, I would make
things look worse. I got into a hopeless conversation with that
religous shmock who had the courtesy to point out he's getting
more then I am. This bothered me very much, at the center of my being
that the fat ugly asshole was convinced he was somehow more successful
then I was. This feeling rubs off. I felt very depressed coming home.

I'm getting worse at social interactions by the day, not that this is
a skill I get to excercise much anyway.

The most dangerous effect in these encounters, is I loose much of my
inspirational drive.

Now I remember, this day was a complete waste of time, defeated, 
I returned home around 4am, but earlier I had an agonizing long and
useless conversation with judab on the phone, discussing Dudi, judab.ml.org
and the like.

Early in the morning, I found my father had come back, greeted him,
and inquired about the books he had supposedly slaved to buy me. How
touching. 3 books which any self respecting hacker should not go
without reading. "the cuckos egg" is hard to read, annoying since I
have firsthand knowledge, and the author strikes me as being somewhat
of a moron.

If I do feel like sparking my imagination, I am now at leisure to do
so.

Fri Jan 08 XX:XX:XX IST 1999
============================

I'm not sure if this goes off as Friday or Thursday, but in any case,
I was working on the "Hall of Shame" ASCS references section when I
finally got around to writing the material for the infamous Clipper
chip. Since I rather enjoy knowing what the hell I'm talking about, or
specificly, in the hall of shame section, cynicly criticizing, I
decided to read up. I came across a fascinating, but rather long
article on the Clipper chip, which introduced several interesting
components to the argument (read about it in the ASCS references/hall
of shame section).

Although I had been well aware to the existence of organizations such
as the NSA, major government efforts in the field of encryption, and
so on, the intense involvment sharpened my paranoia. I wanted a
fool-proof system I could trust cipherwise, and TCFS was far from it.

The utility/library section is so weak, it's writers are either highly
incompetant or working for their local spy agency. I'd vote on plain
old neglegence and stupidity. It occurs to me something odd is going
on I'm not fully aware off, there is no chance in hell the people who
designed the kernel bit have anything to do with the tcfs-utility and
library section. All I can say is that the tcfs-utility people are
incompetant, stupid and most likely very ugly.

Anyway, when I installed TCFS I made a few modifications to make sure
not all was rotten to the core, but still it relied on a comic 56 crypt() 
algorithim with is probably trivial to crack if you happen to be a
large determined government spook agency.

Suddenly feeling very insecure, vulnerable, almost exposed, I decided
this would have to be set right, so Fri I messed around with a couple
of ssh objects, put together a decent cipherlib, and coded tinycrypt,
which began as just a debugger to make sure I hadn't left any objects
out, and encryption wouldn't break. It worked smoothly, and I suddenly
realized encryption wasn't really much of a big deal. A snap if you
set up a developer-friendly cipher library first.

I decided a replacement for tcfs-utils was in order, and began
developing them, working out the final touches the next day.

Around 9pm I'm getting pretty tired (note that I'm still awake from
Thu), but I would finish tcfs if I wasn't bitched by pops to give him
a stroll 'round the net. (This happens when I lay in my bed, trying to
work out a concept for a multi-layered security system, similiar to
the one I had read about in the National Security Internet back
whitepapers), and subsequently, the DOD/NSA specifications, which I
have yet to read, but have been downloaded into /archives/security/.

Anyway, I fell asleep, and only woke the next day.

Sat Jan 09 XX:XX:XX IST 1999
============================

I woke up pretty early that day I believe, I had almost completely
missed friday, trying to break an old fatigue record of mine. I woke
up, and Juda called, it seemed samba had stopped working for no
reason, and in stark coincidence, just about the same time I
reconfigured judab.ml.org. I tried to explain this had nothing to do
with me, but my efforts were in vain, I was the culprit, guilty until
proven innocent. 

At evening, a very annoying aunt wasted my time with
a long pointless phone conversation in which she explained the virtues
of working in the computer industry.

At night, my father wasted a considerable amount of my time with idle,
no-point whatsoever chat, which lasted right about 3 hours. I admit I
was quite relieved when it ended, it shattered my concentration
considerably.

Note: I really hate it when people suck up all my intellect, and I
      despise letting this happen. I assume my receptiveness stems
      from my eagerness to fulfill a hopeless cause, getting people to
      stimulate my ego for me. Ooooooh, aaaaaaah. Even if it works, it
      very rarely lasts for long.

Anyway, work ended brand new pair of functional tcfs utils that are
unix-independant, in other words, we don't *want* to become a unix
standard (and hell if that's what these people were up to, they were
going about it all wrong), much more secure, and key based, which
means you manage keys, instead of a so-called OS extension.

Much like you would manage a PGP or SSH key, this also means a key is
mobile, in other words, you can use the same key in different clients,
since a user is independant of any central database like in
traditional TCFS.

At some point I decided tcfs was good enough to be used, and decided
to recreate the entire cipherzone from ground up (I *really* don't
trust TCFS), while I was at it, I decided a backup would be easier at
this point, so I connected my backup drive, and 
Sun Jan 10-11 XX:XX:XX IST 1999

Woke up around 22:00pm, my console was where I left it a night
earlier. Fortunately, the power didn't fail, and the backup disk was
still connected. I hardly felt the akwardness of the inverted
lifestyle, and after I skimmed the new tcfs util sources (enough to trust
them), I set up a new area51 cipherzone, moved the old one to a
temporary location just in case anything went wrong, decrypted the
huge 90mb area51 pgp archive, and untarred it. I figure I had a
decent functional cipherzone around 12:30, maybe 1:00. Note that I had
taken some time to read the paper earlier on, and watch a bit (just a
bit) of boring television as well.

Mon Jan 11 08:54:24 IST 1999 - still awake from the 10th
========================================================

Began reading up some fascinating material on linux kernel modules,
which will probably save me a great deal of frustration reading kernel
source code without an explicit explanation of the rules and
conventions these people go by. Anyway, in my opinion, it helps to
read the source after you know what it's about to do...

Helpful advice in non-processed human language can save alot of time.

Now, why am I reading up on the linux kernel? OK, first of all, I've
been interested for quite a while on it's working, but more
importantly, I would like to audit the kernel bit of tcfs, improve the
code, and fix increasingly annoying panic messages. (which might have
cost me all of my data last time the disk burned and crashed)

[ First thing written:

Is there a pattern growing here? Admittingly, I don't enjoy writing
off my progress when I disapoint myself, but I think I might have a
few things I've done I better write down before I forget them.
]

Now let's see, what I've been up to -
Wed Jan 05-06? Decided to configure a local firewall once and for all,
read up quite a bit on the art of access control, quite intruiging.

OK, so know I just spent two fucking hours documenting the week.
Happy?!

TODO:
* dynamic firewall technology into SANE.
* design a CMW or MLS for Linux or FreeBSD.
* TCFS is an awsoume product, with alot of potential, but a very bad
  development crew. A semi-commercial product (ssh-style) based on the
  ease of TCFS could very popular.

Thu Feb  4 00:43:13 IST 1999

Three weeks have passed since I last wrote here. What do you think
happens to all those resolutions I make up in my head to symbolicly
document my progress for 'future reference'?

I'm disapointing myself I guess. "Let's just get one more thing
finished", something I can be proud of, and then I'll go write it down
to pat myself on the back. "Wow, you've made such progress". "Good
work kiddo". Fucking bullshit.

1999, we're in February now, my how nothing changes. All those self
promises, all those ideas and dreams, and disapointments. Am I
sounding a bit pessimistic here? Yes, I think I am.

So what *have* I done this month. Well, I got that god damn writing
off my back. I think I finished authoring the whole goddamn ASCS web
site (most of it, to be precise) around the 15th. Since? Well, As soon
as the site was out of my way, I decided it was time to begin
executing my master plan. 

Ingredients for the world's most successful security consultance
company:
* A kick-ass bulk security scanner. (BASS)
* A clever backdoor. (portacelo)
* Network databases. (pandora)
* Automated remote infiltration program. (ICE)

Shees, the last one had me thinking. ICE is a fairly good name though.
Currently working on: dataflex, which is supposed to be my first
attempt at a super flexible simple database system, written in perl.
I think it's interesting.

Quotes that stick: "Imagination is more important then knowledge" -
		   Einstien.

Christ, I am so goddamn afraid of getting lost in the crowd, I'm
willing to sacrifice just about everyting to keep that from happening.
Or was willing. Last friday was prime time destruction night special.

We're leaving the 20th century in a while now, an exercise to all the
mundanes soaked in day-to-day banality (blinded by content? I can't
find the words) should be to really look back at the past and
think. To think so much has happened, so recently. Science, Mechanical
Flight (how important was that really?), War World I (ouch),
War World II, Flight to the Moon, Vietnam, hippies, the
Cold War (note: cuba crisis), being born (on a personal note), Moving
all around the world, settling down in Israel, The soviet union
collapsed, the Berlin wall came down, the Internet, Finishing high school,
soon to be drafted. Sure, there was alot going on in-between, this is
just some of the stuff left in my head.

I'm not so old am I? Just 17. Somehow, my mental image of the term 'year' isn't
as large as it used to be. Whats a year, a decade, a century.

What is real? How do the absurdly rich feel? The really poor?
What is that sense of reality I just can't quite put my finger on.
Can anyone really experience life at the base average? In the middle,
just earning your pay. No, that's surviving. There's a difference.

Where is the message? The meaning? Right, a competition between
everyone and everyone else. No, that doesn't seem like enough.

Maybe it's the elusive inner feeling of conscienceness. It's really
mind-boggling everyone else has it. That sense of inner existence. The
ghost within the machine? My individuality, who I am. Not how I look,
or even think, but what I feel like on the inside. In my thoughts are
a collection of other people, friends (nowadays, ex-friends), family,
but beyond, the extension of the media into my sense of
perception. The rich and famous (often in combination). I've never met
all of these people, to me, they don't exist beyond my mental images
of them. Somehow, their existence is very real nonetheless. In my
mind, how is reality different from fiction? Beyond turning on the
'real' bit.

I know there is a much deeper meaning behind all of this, perhaps I need
to find it for myself. That's what religion is all about I
think. Unfortunately, nothing off the shelf makes any sense in my
head. Illogical fundementals. The notions of god, heaven and earth.
The universe.

Let's focus on the mental image I have of all of these people I've
never met. Spoon-fed mental reality, sponsored by the media. The
media, a collection of people, who by various devices adminstrate
remote perception. tele-perception.

The mind. An interface to the soul, that feeling of
existence. Sometimes I can feel the surface bubbling. Consider a
question, often immediately I sense the answer, shifted a bit from the
domain of the conscience thinking mind. Ussually, I'll just take the
answer and roll it around a bit in my mind, possibly, asking more
questions to compliment the others. A web of thought.

That realm of people in my head, tele-perception. The rich and famous,
what makes this group so desirable? A discrete club so many people
hunger to becme a part of. How many have experienced the feeling of
union between a tele-person and a 'real'-person. Someone who is close
enough to you to *physicly* so that you can acknowledge his existence
through the input of your basic 5 senses. It's odd, being told someone
exists (filtered by fantasies) and then sensing him yourself. No intermediator.

Maybe this is where the desire to become rich and famous stems
from. Perspective. A consistency between the virtual world in your
head, and the phsyical world beyond. Ultimately, to become a part of
the mental world of tele-perception, a recursive existence. Hooking up
to the mind's virtual reality, watching yourself watching
yourself watching. Then doing something else. Satisfaction? Look mom, I'm in
their heads, they think, therefor I exist, bare meaning.

How many people really exist? Besides me. Why should I care?

Either way, we're all drifting through space, on this little spec of
dust. Not *in* the universe, but a part of it. The universe, the
essence of existence, thinking of itself. Thinking. A few of us
anyway, the rest are all just too busy living their life,
surviving. Feeding the human inertia. Administrating wealth.

Philosophy bakes no bread right?

Who has time to listen? They're all to busy watching television.

Little bits and pieces of matter, product of a few billion years of
ever increasing complexity, completly absorbed in the noise of hype.

Hook up to our minds, my ideas and thoughts, the news, they say. Mental
poison.

They are all blind. Greedy. Dis-illusioned they call it. Realistic.

Why is it so important for me to understand? What makes the truth any
better then falsehoods, fanatasies and lies?

I haven't written anything about what I did. I'm not sure I care anymore.

Fri Feb 12 03:09:41 IST 1999

I am so totally fucking depressed.

I am so disapointed, frusterated, drained, black in soul,
rotten heart and mind. This is how I feel. A loss of my identity,
completely, I do not know who I am anymore, I do not know that I care
to know who I am anymore.

All my childhood nightmares are coming to life. I know what ails my
mind, I know the cure, my pride will not surrender my lost hopes and
dreams, as if to say, it's ok that *you* don't believe in yourself,
but don't let anyone know.

I've always had a dark side, I know it, I cannot deny it's
existence. I feel it is finally coming over me, taking the controls. I
used to be strong, healthy, proud. I used to dream, to love, to
want. I used to believe in something, even if it was only in
myself. *used to*.

What about all the things I was supposed to do as a little kid? As a
teenager? What about the love you promised me? About Sweet
sixteen,. what about everything I missed, forever beyond my grasp?

Why am I the way I am?

Wasn't this all supposed to change? Wasn't I supposed to make
something of myself? 

Why isn't everyone like me, or maybe the other way around?

Yes, I have a good mind. A sword. Sharp, clear. But how small a
compensation is intelligence for love. So simple, everyone has it but
me. Or at least know what it likes, and aren't so afraid to ...

Why don't I get help? So many years ago I did, as a little kid, and
all they did was put me into stereotypes, little glass jars, nothing
changed, I'm still as fucked up as ever. I'm still so incredibly
pathetic. I want it to stop hurting. Game over, your times up. Hasta
la vista, adios, you haven't done a very good job, but then again
that's not ever going to change.

Wow, 30 minutes have passed. Obsession, an echo in my mind. Something
someone says, almost anything, something I here on the radio, on the
television, if the settings are right, it'll echo in my mind. At first
a couple of unimportant thoughts, then a trickle, a stream, so many of
them, at once, a flood. In the snake's nest. The devil and me.

That reminds me, I wrote a good one a few years ago.

I'm going to read it again.

Rotting devil boy
=================
The rot growing so quitly inside me,
fed by a summer night.
Late hours drawing to sunlight,
Idle fingers, idle mind, idle heart.

Dispair, or could it be anguish,
such a primal fear.
The terror in a dying virgin's eyes,
from the demons he might hear.

Such confusion all around me,
gasping for a breath of air,
Hot summers night,
a sweaty neck,
waiting for the devil,
in the devil's lair.

[EOF]

Mon Feb 15 16:38:22 IST 1999

Still depressed.

I have this image in my mind. It keeps popping up. Maybe I'm afraid,
not from actually being down, but from the fall. The abyss
between a high and a low. Perhaps I am so paralyzed by this fear, dreading
the high, I tumble myself down anytime I feel as if a high was coming.

Compulsion. Reason beyond logic, doing something without wanting too.
The logic is still there, the unconscience mind is very powerful, very
intelligent, ironicly, more in control. It has a reason, though they
may not seem as simple as reasons of the conscience mind.

Accepting a deathship, being fundementally weak and evil is good.

*** insanity ends here, back to summerized reports.***

Tue Sat Mar 2
had meeting with military spooks.
*ugh*. later went ice-capskating, had some fun. returned home late.
the day was tuesday.

Sat Mar  5
Apache mod_perl module?
or was that tommorow.
the whole issue seems interesting.

Sat Mar  6
was sick with an annoying throat inflamation, couldn't sleep. got out
of bed around 4 and with nothing else better to do, did some hacking
on the project till around 8 o'clock. wasted several hours, went to
bed.
dealt with a sour throat: honey, honey and honey. my teeth were
      rotting by the time I woke up. too much sugar.

* downloaded GNOME v1.0 (after reading the hype in slashdot)
* compiled apache with mod_perl support.
* realized mod_perl did not live up to it's documentation, serious
  re-consideration would need to go into code for good behavior under
  a mod_perl environment.
* re-organized database distribution. now consistent, sane.

Sun Mar  7 06:51:51 IST 1999
* only several megabytes left, cleaned several hundred megabytes room.
* re-organized archives, reorganized home directory.
* upgraded my local box to glibc2.6. took some while to compile.
* downloaded/compiled perl5.00502 which behaves terribly (segmentation
  faults a-plenty), disapointingly had to switch back to 5.oo4.
* perl 5.005 byte compiler looks nice.
* read up a bit on threads (sound's nice). Unix98 documentation here.

Thu Mar  9:
* called principle. met principle, went over some *lomdot*, boring,
  called him later when got back.
* art exhibition. boring. but met the beautiful
  Chen (which sound chinese in english), actually completely Jewish,
  and a very nice one too. talked for hours with her friend, forgot her name,
  damn it. I hope the principle didn't over hear me talking to her about
  my legal problem. inconsistencies can hurt you.

TODO:
* download an entire installation of redhat 5.2.

Met principle, on a thursday.
*******
fill in: mar07-mar22
*******
Sooner or later I realized fixing my system was a hopeless, futile waste
of my time. Decided to get a decent, supported distribution, and get rid
of slackware (which is ironicly true to it's name) once and for all.

* god it's sunrise, Mon Mar 22 05:28:02 IDT 1999, breathtaking every time
  I see it*

It took longer then I expected *how else?*
But, by about half a week ago, on the 18, or 19 or whatever, I had a stable
distribution. (sort of).

digged up modules on CPAN, found PlRPC, liked it alot, resolved never
to write another protocol again. 

Mar 09-10?
* discovered PlRPC. liked it, saw promise, took note.
* wrote IO::Multiplex in the mean time. (later documented it, a first)
* flexd.pl switched to IO::Multiplex.

Saturday, Mar 13th.
* first meeting with sefi in a long time, gave a lecture on dataflex
  commerciall promise.
* got answer from military: they sent it on the 09, rejected from military
  intelligence. go figure. still have to speak to them about this.
* destroyed earlier distribution, made backups first, purged win95 for good,
  freed up a great deal of space, resolved the free space issue.
* went to sleep frusterated. debian download was incomplete, no compiler for
  a while, until at least two days later.

in shorthand: Mar 15, actually had debian *almost* completely downloaded.
              Mar 10, started downloading debian.
* downloaded and installed debian slink (2.1), took about a week.

* skimmed over Net::Daemon source code, mention poor documentation. *ack*
* skimmed over PlServer, PlClient source code, poorer, mistaking documentation.
* modifications to Net::Daemon, PlServer, PlClient, they work better now.
  I think.

* observed Jochen Weidman's perl style. better now.

Mar 16-18?
Sun, Mon - spent too much time on gnome, downloading, compiling, writing
angry letter to miningco.com columnist (got a nice reply). piece of ugly shit.
got mad. got kde. happy now. still want macintosh theme.

Fri 19:
    NIGHT!
        went a-running, ran a while, got the cramps to prove it, popped a blood
        vessel. Left a mark. A new club in Ariel, titanic, lots of smoke,
        met two old people I know from school, a frisky kid (fem) who told me I
        looked 15, mocking my body language.

        my point? unresolved feelings of not fitting in. not my crowd,
        probably.

        came across two annoying kids little 10 years old, who provoked me to
        the extent I wantd to hurt them badly, but felt it would go 
        misinterpreted by local authorities.

        put on blue contact lens. nice, they still work. comfy even.

        later that night: hacked a bit on RPC::PlRPC.

Sat Mar 20-21: nice movie the english patient, didn't get nine oscars for
               nothing. mushy, almost remember I had feelings again.
               
               * didn't go to sleep until finished porting dataflex to PlRPC,
                 worked, nice, but too goddamn slow.

               * made sure flexd.pl old works too, old classes and misc.
               
               * right, now I remember why I got nothing done, my sworn
                 enemies the Amir family came to visit. ugh, hate them all.
                 wish them misfortune.
               
               * awoke on Friday evening, stayed awake till 4 something Sun.

meaningfull stuff:               
        * experimented/learned Threads.        
        * experimented/learned RPC::PlRPC.
        * experimented/learned Net::Daemon (wrote echo.pl in openlab).

Mon Mar 22 05:24:31 IDT 1999 early morning.
* documentation for IO::Multiplex. (discovered first pod)
* makefile and distribution (discovered Makefile.PL, easy as expected).
* earlier in the night: went through a sweaty craze when dataflex refused to
  work right through the demonstration. Disconnected intentionally to save
  embarrassment. Found bug (permissions to socket), breathed. told adam
  to replace old netscape and call back tommorow, which is today.
  
  note: should have gone to sleep an hour and a half ago. damn, early wake up.
  
Still need to do *urgently*:
* write/documentation help for dataflex.
* authentication module. (use PlRPC, should be a snap now).

log ended: Mon Mar 22 05:34:08 IDT 1999 [this is what I do with my time?]
* oh, and passover is starting tommorow, I should call her *
log re-ended: remembered some stuff: Mon Mar 22 06:14:22 IDT 1999
              [no! this is what I do with my time, shoot,
               I think another minute just passed]

Thu Apr 22 04:58:27 IDT 1999

Sorrow, joy, and the road between. Wild laughter and choaking sobs.
Pride and shame. Conflict, indecision, confusion. A preplexed 
expression of fear and curiosity. So much love, wasted, in the
depths of my being. So large the void, the abyss, in my soul.

A little boy, alone in a dark room, flexing black and white
terminal structures of logic through his mind, moving to the 
headphone's pulse in his ears.

The sky lightens, from a black pitch to a dark blue. A new morning
is emerging, filled with the pirchs of birds in song,
the unrelenting cries of a lone rooster.

Spring, rebirth. Chilly, but pleasant.

A bus rumbling through the streets. I haven't had any windows
for quite some time, didn't like that stuffy depression in
my room.

I'm 18 this morning. It's the 22 of April. It really is. It was
bound to come, I knew that. I'm supposed to be an adult now,
right? Funny, I don't feel that way. I've changed, yes, but not
in a very definable and stereotypical process.

I'm in loss for words really, uninspired. A bit sad you 
might say, but that's how I've been feeling for a long time now,
so I'm not very suprised.

How do I commemorate this day, how do I make it special?
Ah yes, it'll be morning in no time. Well, I'm not sure I should
go to all the trouble of making today any different.

I met someone yesterday night / morning. It was the Israeli
equivalent of the American July 4, independance day. I remember
her from last year. Smiling, joyfull, full of life. I'm fond of her.

She's supposed to call me today, I'm going to ask her out.
Maybe to a movie, for dinner, for a good time. Brush the cobwebs
from my sense of humor, find where I left romance, and generally
enjoy myself. Smile alot, Life is good, precious... short.

Bah! enough of this timeless, my-place-in-the-universe rant.
OK, so this is definately an option right? Be romanticly dark
and mysterious if you must. But let's assume for a moment, life
could be different, I mean, it doesn't all have to be intellectual!

Yeah!

Hmm, sorry I ruined your 18's obituary. Don't worry, it wasn't
much to begin with, and I didn't really feel up to it anyway.

Life is what you make of it.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH