[HN Gopher] Phrack Magazine
___________________________________________________________________
Phrack Magazine
Author : 0x737368
Score : 175 points
Date : 2021-03-16 12:18 UTC (1 days ago)
(HTM) web link (phrack.org)
(TXT) w3m dump (phrack.org)
| [deleted]
| ArtWomb wrote:
| Worth introducing to a new generation ;)
|
| If you want a representative article to sample, let it be
| Strauss' "The Fall of Hacking Groups". A lament for the
| subculture of yore:
|
| http://phrack.org/issues/69/6.html
|
| Previous HN discussion here:
|
| https://news.ycombinator.com/item?id=8734737
| grep_name wrote:
| New generation here, where can I go to find people who still
| value the old hacker ethos? I'm not even that young (28), but
| never encountered these groups when I was younger and my
| preferences and values surrounding technology have always put
| me slightly out of step with my peer group
| turbografx16 wrote:
| I'm also a younger hacker and I have the same issue. I've
| found 0x00sec.org is alright, and security CTF forums can be
| decent, but there's an awful lot of people just looking for
| easy answers and aren't interested in learning or sharing
| knowledge.
| j4yav wrote:
| I'm an older hacker, and it was kind of the same back then
| too. We called them script kiddies.
| _jal wrote:
| Script kiddies will always be with us.
|
| It doesn't catch all of them, but a decent defense
| against the worst of that lot is a second forum that
| requires reading comprehension for access.
| Shared404 wrote:
| May as well add myself into the list of younger people
| seeking a similar community. The closest I've found thus
| far is HN itself, which while obviously not security
| focused is at least interested in both learning and
| sharing.
| at-fates-hands wrote:
| I'd start here:
|
| https://twitter.com/_mg_?lang=en
|
| Guy does some insane hardware hacking. See who he follows
| and who's following him. Look at who he's working with.
| Find out where they hang out online.
|
| Like all things these days, you really have to do some
| research and dig to find the good stuff. MG is a great
| starting point.
|
| Hope it helps. . .
| profquail wrote:
| The 2600 Magazine community is still alive and well:
|
| https://www.2600.com/
| SeeManDo wrote:
| Lifetime subscriber here
| mtalantikite wrote:
| I remember taking photos of phonebooths in Algeria on a
| trip to visit family as a teenager. They thought I was
| crazy.
| freedomben wrote:
| Phrack's article on buffer overflows on the stack was incredible
| back in the day. It taught me more about how computers work than
| any class in University. I referred back to it for years for
| understanding how programs actually run. Will always have a soft
| spot for that.
| Animats wrote:
| "The Tao of Windows Buffer Overflow"? That was Cult of the Dead
| Cow, not Phrack.
| dagw wrote:
| Probably thinking of "Smashing the stack for fun and profit"
| fny wrote:
| Damn. I was really hoping there was a new article. I started
| reading these as wee lad back before I knew what a malloc was.
| Eventually I learned enough to get myself suspended. >:)
|
| Thankfully, I use my knowledge for good nowadays.
|
| Looking forward to the next issue whatever decade it may come.
|
| The paper feed does seem active though!
| http://phrack.org/papers/escaping_from_freebsd_bhyve.html
| EamonnMR wrote:
| I'm getting forbidden from that page
| fny wrote:
| Fixed
| weare138 wrote:
| Does anyone know if the Phrack team is still active? There hasn't
| been a new issue since 2016.
| [deleted]
| Ansil849 wrote:
| Some more old-school H/P/V/A/C (man, I miss seeing that acronym
| pop up on sites, anyone else?) zines:
| http://textfiles.com/magazines/
|
| And newer-school (90s-00s) zines:
| http://web.textfiles.com/ezines/
| _joel wrote:
| A blast from the past! Reading those articles back in the day
| definitely piqued my interest computers and telephony.
| k1rcher wrote:
| This is incredible to read n many years later. I was a per-
| pubescent adolescent around the time of the publication of the
| "last great zines", and was only ever really exposed to a small
| subsection (HTP5, the MIT.edu and Linode incidents) through
| several mutual friends of mine who were, at the time, enthusiasts
| of and in the scene.
|
| That era and community was without a doubt the foundation for who
| I am today as a young adult, and who I strive to be in all
| aspects of life. I have and no doubt will continue to consume all
| of this content I may have missed out on since then.
|
| P.S. If I may call your attention to volume 0x0f, 0x45, part A of
| section 6 (Notes); wow. This, along with everything else, is
| enormously prophetic, profound, and intriguin:
|
| "--[ 6 - Notes
|
| A) In respect to social networks, while they are a valid
| community-building mechanism in nature, selfishness prevails in
| common usage, by means of the indulgent pleasure that fuels
| chronic "pluggedness", at times voyeur, at times exhibitionist
| and needy."
|
| - http://phrack.org/issues/69/6.html
| kleer001 wrote:
| Would someone more knowledgeable than me sketch out the
| relationship between Phrack and 2600? I think someone here knows
| it off the top of their head.
| cozzyd wrote:
| I was hoping there'd be a new issue :(
| goshx wrote:
| For those not familiar with it, Phrack was teaching how to
| exploit buffer overflows back in 1996 [1]. This is still relevant
| today and required for some certifications in cyber security like
| the OSCP.
|
| [1] http://phrack.org/issues/49/14.html
| goshx wrote:
| Also worth mentioning the Hacker's Manifesto from 1986:
| http://phrack.org/issues/7/3.html
| rtuin wrote:
| Such a classic.
|
| One of my favorite things ever written.
| xtracto wrote:
| Also notable that The Mentor (Loyd) actually participates (or
| used to participate) here in Hacker News. I had a brief
| starstuck moment when he commented here in another thread in
| the past.
|
| I was so identified by this in the early 1990s because I was
| very lonely in my small town in a developing country where
| nobody cared about computers and programming. As I got access
| to the internet I finally found a sense of belonging.
| goshx wrote:
| That's my story as well, but late 90's.
| amenghra wrote:
| A classic, been around since 1985.
|
| https://github.com/deadbits/Zines used to be an archive of tons
| of similar ezines, the repo has been disabled -\\_(tsu)_/-. Some
| of the zines it used to have include HITB, PhineasFisher,
| TeaMp0isoN, ZF0, anti-anti-sec, anti-sec, b4b0, dikline, el8,
| h0no, htp, owned and exposed, phrack, pocorgtfo, uninformed.
|
| On a more modern note, https://pagedout.institute/ is great.
| DrPhish wrote:
| 40hex was one of my favourites back in the day, but it was
| focused purely on virii
|
| It was fascinating get an unvarnished look inside that world,
| complete with ethical/political discussion and of course source
| code with annotations!
| tptacek wrote:
| Some of the 40hex people turned into pretty hardcore
| vulnerability researchers (at least by 1990s standards).
| amenghra wrote:
| Love that 40hex was "raw" with little editorial (aS wELL aS
| pOSTS wITH iNVERTED cASE). E.g. XOR is a
| matamatical function that can be used to cifer and decifer
| data with the same key.
|
| Some of the code comments are pure gold.
| homarp wrote:
| https://files.awknode.com/zines/ seems to be a mirror
| vehemenz wrote:
| Anyone have any ideas about making an 80-character-wide,
| plaintext-style website responsive?
|
| I really like the style, but it doesn't work well on phones.
| anotheryou wrote:
| in CSS you can do "max-width: 40ch" on smaller devices if you
| want. For fancy decorations you'd need need to draw them with
| css and/or pseudo elements. pre{ max-
| width: 40ch !important; white-space: normal; }
| vehemenz wrote:
| Good idea. I didn't know about ch units.
|
| I experimented with setting a fixed vw width, which kinda
| works, but at the end of the day 80 characters is probably
| just too much.
| giantrobot wrote:
| So long as you're actually using HTML (and not literal plain
| text) all you need to do is add a viewport meta tag:
| <meta name="viewport" content="width=device-width">
|
| Mobile browsers set the viewport width to a default of 960px
| (Android might be a little different from iOS). That's why a
| plain text file displays so poorly on mobile. It's rendering to
| a pixel width larger than the display (and zoomed to fit).
|
| For the "plain text" look set the font family to monospace. Bam
| readable and responsive "plain text" look.
| Communitivity wrote:
| Has this now been reclaimed by hackers? If so, that is great
| news. It used to be an amazing source of information, back when
| Tarod and Knight Lightning ran things. Then it slowly seemed to
| get taken over/become for the cyber-security professional crowd.
| The P.H.I.R.M. publications are great reading too. gatech.edu
| used to have an archive of all the old Phrack issues somewhere,
| and more, but I've no idea if it's still there.
| tptacek wrote:
| A lot of those people from the KL days were security
| professionals.
| scienceman wrote:
| I think there's an implication difference between security
| professionals and cyber-security professionals.
| tptacek wrote:
| When did that supposed shift happen? I lost track after
| Schiffman, but everyone up to that point was pretty much
| the same kind of people as the KL crew.
| segmondy wrote:
| Once the editor changed from an individual to "The Phrack
| Staff" it kinda lost it's charm. I also take it as a sign of
| the times tho, folks who needed to earn a living couldn't risk
| being strongly associated with the zine. Folks also began self
| publishing on their own sites/blog and bugtraq really became
| the place to publish your CVE... It was fun while it lasted.
| I'm sure the new & current gen have their own idea of the "in
| thing".
| tptacek wrote:
| I can't think of any time since the mid-1990s where being
| affiliated with Phrack would have jeopardized a high-status
| career in software security.
| NateLawson wrote:
| There was some ongoing consternation at ISS around 96-97
| about an employee being a Phrack editor. Management talked
| to them but it didn't threaten their career.
| tptacek wrote:
| You're not serious. Look at who _ran_ ISS!
|
| I have faint memories of SNI people being upset that ISS
| salespeople tried to pigeonhole us as hackers (this all
| precedes the widespread adoption of the hat coloration
| system).
|
| I guess, on post-97, pre-99 ISS, I stand corrected. :)
| kbenson wrote:
| I think perhaps not everyone that would want to participate
| had their career in software security though, and I can
| imagine some other software sectors where they might look
| unkindly on the relationship. E.g. Someone working deep in
| the bowels of some company in the financial sector but
| their hobbies are more diverse.
| tptacek wrote:
| That's funny, because a plurality of the O.G. Phrack crew
| wound up working in security in finance, particularly at
| the i-banks.
| kbenson wrote:
| You know, I might be conflating phrack with 2600 in my
| head. IIRC (which is by no means guaranteed) 2600 was
| (is?) a bit more edgy, but I was regularly reading both
| at around the same time in the early 2000's, so some of
| my ideas about them might be mixed after all this time.
| happyconcepts wrote:
| maafakaz!
| NateLawson wrote:
| Hacking became "cool" for the corporate world in the late
| 90's. Movies like The Matrix and the fact that nothing
| too valuable was online yet meant that getting hacked was
| likely just web site defacement. Meanwhile, there was
| finally real money to be made in developing security for
| when the web finally became worth protecting.
| Bluestein wrote:
| Ah! A classic :)
| rootsudo wrote:
| The old zines, inspired me so much, I'm fortunate that I was able
| to get tons of blacklisted411, phrack and 2600 in my youth. :)
| j4yav wrote:
| They still publish pay phone photos in the back, I've managed
| to get several in there over the years.
| bluetwo wrote:
| This just had me thinking about 2600. A bookstore on South
| Street in Philly used to carry it on their racks.
| greenie_beans wrote:
| They just released a new issue:
| http://store.2600.com/collections/2010-2015/products/new-
| iss...
| downtime-vam wrote:
| I have a lifetime subscription to 2600. Still going strong!
| dang wrote:
| If curious, past threads:
|
| _Phrack Magazine (1985-2016)_ -
| https://news.ycombinator.com/item?id=18288767 - Oct 2018 (73
| comments)
|
| _Phrack 69 released_ -
| https://news.ycombinator.com/item?id=11644340 - May 2016 (56
| comments)
|
| _Phrack Issue #68_ -
| https://news.ycombinator.com/item?id=3841721 - April 2012 (50
| comments)
|
| _Phrack Magazine 's classic article on OS/kernel development_ -
| https://news.ycombinator.com/item?id=2583591 - May 2011 (3
| comments)
|
| _Phrack 66 (June 2009)_ -
| https://news.ycombinator.com/item?id=744821 - Aug 2009 (9
| comments)
|
| _Phrack #66 is out_ -
| https://news.ycombinator.com/item?id=652545 - June 2009 (14
| comments)
|
| Those are all about Phrack in general. I omitted threads about
| specific articles, except one because it's short and has a fun
| comment.
| turbografx16 wrote:
| Where are the hackers hanging out these days? 5 or so years ago
| /r/netsec was pretty good, and 0x00sec seems a decent (if small)
| community.
|
| I miss having a place to hang out with other people messing
| around with random security projects and CTFs...
| StopTheWorld wrote:
| > Where are the hackers hanging out these days?
|
| The Admiral's Club at SFO
| bynxbynx wrote:
| I help run the OpenToAll CTF team - while the primary focus for
| most are CTFs, the community (>500) has really expanded, e.g.,
| (in the slack workspace) we have active channels for N-day
| repros, bug bounties with internal competitions, financial
| trading shop talk, and hardware hacking. You wont find much OTR
| or blackhat stuff ( due to slack ToS), but Ive found the
| community loves learning and discussing all things sec.
|
| It doesnt hit your mark completely, but hopefully its somewhat
| helpful
| thegeekbin wrote:
| Have any bridge to Matrix? It would be pretty awesome to
| join.
| buzzert wrote:
| > ( due to slack ToS)
|
| With restrictions like that, it surprises me that Slack
| appeals to hackers at all. Why not IRC?
| bynxbynx wrote:
| Originally we were on IRC. As the team grew, more CTFs were
| being played - often concurrently - so having dedicated
| (private) channels for a given CTF and "sub" channels for
| its challenges gave us a lot more flexibility.
|
| That being said, we've considered migrating to Discord,
| Zulip, or Matrix - just haven't gotten around to it yet.
| kemonocode wrote:
| Please consider using either Zulip or Matrix from the
| get-go, else if you just pick Discord you will find
| yourself in the very same situation as with Slack before
| long.
|
| I was in a little CTF server which got flagged and taken
| down, even though there wasn't anything too particularly
| nefarious going on. Maybe someone did upload something
| dumb which raised flags on Discord's end, though.
| icedchai wrote:
| I remember reading Phrack during the early 90's, x.25 hacking
| days. Anyone remember QSD or Lutzifer? I've long forgotten those
| NUAs now.
| tptacek wrote:
| This is a _crazy_ read; I was there (though very young and not
| well connected) and, just try to get your head around a world
| in which the Internet was so new and unstable:
|
| http://phrack.org/issues/45/8.html
|
| Also: $300 for an X.25 hookup! I totally could have run an X.25
| board!
| justanother wrote:
| 0208057040540 is still in finger-memory
| dagw wrote:
| Hats off to the old Phrack team. I can safely say that I probably
| wouldn't have this career I have now if it wasn't for Phrack.
| mtalantikite wrote:
| Same, Phrack was mind expanding for my teenage self in the 90s.
| Is there anything similar floating around these days? So much
| on the Internet seems filtered through corporate platforms that
| are antithetical to the counter-cultural spirit. Or maybe I'm
| just old now!
___________________________________________________________________
(page generated 2021-03-17 23:00 UTC)