[HN Gopher] Phrack Magazine ___________________________________________________________________ Phrack Magazine Author : 0x737368 Score : 175 points Date : 2021-03-16 12:18 UTC (1 days ago) (HTM) web link (phrack.org) (TXT) w3m dump (phrack.org) | [deleted] | ArtWomb wrote: | Worth introducing to a new generation ;) | | If you want a representative article to sample, let it be | Strauss' "The Fall of Hacking Groups". A lament for the | subculture of yore: | | http://phrack.org/issues/69/6.html | | Previous HN discussion here: | | https://news.ycombinator.com/item?id=8734737 | grep_name wrote: | New generation here, where can I go to find people who still | value the old hacker ethos? I'm not even that young (28), but | never encountered these groups when I was younger and my | preferences and values surrounding technology have always put | me slightly out of step with my peer group | turbografx16 wrote: | I'm also a younger hacker and I have the same issue. I've | found 0x00sec.org is alright, and security CTF forums can be | decent, but there's an awful lot of people just looking for | easy answers and aren't interested in learning or sharing | knowledge. | j4yav wrote: | I'm an older hacker, and it was kind of the same back then | too. We called them script kiddies. | _jal wrote: | Script kiddies will always be with us. | | It doesn't catch all of them, but a decent defense | against the worst of that lot is a second forum that | requires reading comprehension for access. | Shared404 wrote: | May as well add myself into the list of younger people | seeking a similar community. The closest I've found thus | far is HN itself, which while obviously not security | focused is at least interested in both learning and | sharing. | at-fates-hands wrote: | I'd start here: | | https://twitter.com/_mg_?lang=en | | Guy does some insane hardware hacking. See who he follows | and who's following him. Look at who he's working with. | Find out where they hang out online. | | Like all things these days, you really have to do some | research and dig to find the good stuff. MG is a great | starting point. | | Hope it helps. . . | profquail wrote: | The 2600 Magazine community is still alive and well: | | https://www.2600.com/ | SeeManDo wrote: | Lifetime subscriber here | mtalantikite wrote: | I remember taking photos of phonebooths in Algeria on a | trip to visit family as a teenager. They thought I was | crazy. | freedomben wrote: | Phrack's article on buffer overflows on the stack was incredible | back in the day. It taught me more about how computers work than | any class in University. I referred back to it for years for | understanding how programs actually run. Will always have a soft | spot for that. | Animats wrote: | "The Tao of Windows Buffer Overflow"? That was Cult of the Dead | Cow, not Phrack. | dagw wrote: | Probably thinking of "Smashing the stack for fun and profit" | fny wrote: | Damn. I was really hoping there was a new article. I started | reading these as wee lad back before I knew what a malloc was. | Eventually I learned enough to get myself suspended. >:) | | Thankfully, I use my knowledge for good nowadays. | | Looking forward to the next issue whatever decade it may come. | | The paper feed does seem active though! | http://phrack.org/papers/escaping_from_freebsd_bhyve.html | EamonnMR wrote: | I'm getting forbidden from that page | fny wrote: | Fixed | weare138 wrote: | Does anyone know if the Phrack team is still active? There hasn't | been a new issue since 2016. | [deleted] | Ansil849 wrote: | Some more old-school H/P/V/A/C (man, I miss seeing that acronym | pop up on sites, anyone else?) zines: | http://textfiles.com/magazines/ | | And newer-school (90s-00s) zines: | http://web.textfiles.com/ezines/ | _joel wrote: | A blast from the past! Reading those articles back in the day | definitely piqued my interest computers and telephony. | k1rcher wrote: | This is incredible to read n many years later. I was a per- | pubescent adolescent around the time of the publication of the | "last great zines", and was only ever really exposed to a small | subsection (HTP5, the MIT.edu and Linode incidents) through | several mutual friends of mine who were, at the time, enthusiasts | of and in the scene. | | That era and community was without a doubt the foundation for who | I am today as a young adult, and who I strive to be in all | aspects of life. I have and no doubt will continue to consume all | of this content I may have missed out on since then. | | P.S. If I may call your attention to volume 0x0f, 0x45, part A of | section 6 (Notes); wow. This, along with everything else, is | enormously prophetic, profound, and intriguin: | | "--[ 6 - Notes | | A) In respect to social networks, while they are a valid | community-building mechanism in nature, selfishness prevails in | common usage, by means of the indulgent pleasure that fuels | chronic "pluggedness", at times voyeur, at times exhibitionist | and needy." | | - http://phrack.org/issues/69/6.html | kleer001 wrote: | Would someone more knowledgeable than me sketch out the | relationship between Phrack and 2600? I think someone here knows | it off the top of their head. | cozzyd wrote: | I was hoping there'd be a new issue :( | goshx wrote: | For those not familiar with it, Phrack was teaching how to | exploit buffer overflows back in 1996 [1]. This is still relevant | today and required for some certifications in cyber security like | the OSCP. | | [1] http://phrack.org/issues/49/14.html | goshx wrote: | Also worth mentioning the Hacker's Manifesto from 1986: | http://phrack.org/issues/7/3.html | rtuin wrote: | Such a classic. | | One of my favorite things ever written. | xtracto wrote: | Also notable that The Mentor (Loyd) actually participates (or | used to participate) here in Hacker News. I had a brief | starstuck moment when he commented here in another thread in | the past. | | I was so identified by this in the early 1990s because I was | very lonely in my small town in a developing country where | nobody cared about computers and programming. As I got access | to the internet I finally found a sense of belonging. | goshx wrote: | That's my story as well, but late 90's. | amenghra wrote: | A classic, been around since 1985. | | https://github.com/deadbits/Zines used to be an archive of tons | of similar ezines, the repo has been disabled -\\_(tsu)_/-. Some | of the zines it used to have include HITB, PhineasFisher, | TeaMp0isoN, ZF0, anti-anti-sec, anti-sec, b4b0, dikline, el8, | h0no, htp, owned and exposed, phrack, pocorgtfo, uninformed. | | On a more modern note, https://pagedout.institute/ is great. | DrPhish wrote: | 40hex was one of my favourites back in the day, but it was | focused purely on virii | | It was fascinating get an unvarnished look inside that world, | complete with ethical/political discussion and of course source | code with annotations! | tptacek wrote: | Some of the 40hex people turned into pretty hardcore | vulnerability researchers (at least by 1990s standards). | amenghra wrote: | Love that 40hex was "raw" with little editorial (aS wELL aS | pOSTS wITH iNVERTED cASE). E.g. XOR is a | matamatical function that can be used to cifer and decifer | data with the same key. | | Some of the code comments are pure gold. | homarp wrote: | https://files.awknode.com/zines/ seems to be a mirror | vehemenz wrote: | Anyone have any ideas about making an 80-character-wide, | plaintext-style website responsive? | | I really like the style, but it doesn't work well on phones. | anotheryou wrote: | in CSS you can do "max-width: 40ch" on smaller devices if you | want. For fancy decorations you'd need need to draw them with | css and/or pseudo elements. pre{ max- | width: 40ch !important; white-space: normal; } | vehemenz wrote: | Good idea. I didn't know about ch units. | | I experimented with setting a fixed vw width, which kinda | works, but at the end of the day 80 characters is probably | just too much. | giantrobot wrote: | So long as you're actually using HTML (and not literal plain | text) all you need to do is add a viewport meta tag: | <meta name="viewport" content="width=device-width"> | | Mobile browsers set the viewport width to a default of 960px | (Android might be a little different from iOS). That's why a | plain text file displays so poorly on mobile. It's rendering to | a pixel width larger than the display (and zoomed to fit). | | For the "plain text" look set the font family to monospace. Bam | readable and responsive "plain text" look. | Communitivity wrote: | Has this now been reclaimed by hackers? If so, that is great | news. It used to be an amazing source of information, back when | Tarod and Knight Lightning ran things. Then it slowly seemed to | get taken over/become for the cyber-security professional crowd. | The P.H.I.R.M. publications are great reading too. gatech.edu | used to have an archive of all the old Phrack issues somewhere, | and more, but I've no idea if it's still there. | tptacek wrote: | A lot of those people from the KL days were security | professionals. | scienceman wrote: | I think there's an implication difference between security | professionals and cyber-security professionals. | tptacek wrote: | When did that supposed shift happen? I lost track after | Schiffman, but everyone up to that point was pretty much | the same kind of people as the KL crew. | segmondy wrote: | Once the editor changed from an individual to "The Phrack | Staff" it kinda lost it's charm. I also take it as a sign of | the times tho, folks who needed to earn a living couldn't risk | being strongly associated with the zine. Folks also began self | publishing on their own sites/blog and bugtraq really became | the place to publish your CVE... It was fun while it lasted. | I'm sure the new & current gen have their own idea of the "in | thing". | tptacek wrote: | I can't think of any time since the mid-1990s where being | affiliated with Phrack would have jeopardized a high-status | career in software security. | NateLawson wrote: | There was some ongoing consternation at ISS around 96-97 | about an employee being a Phrack editor. Management talked | to them but it didn't threaten their career. | tptacek wrote: | You're not serious. Look at who _ran_ ISS! | | I have faint memories of SNI people being upset that ISS | salespeople tried to pigeonhole us as hackers (this all | precedes the widespread adoption of the hat coloration | system). | | I guess, on post-97, pre-99 ISS, I stand corrected. :) | kbenson wrote: | I think perhaps not everyone that would want to participate | had their career in software security though, and I can | imagine some other software sectors where they might look | unkindly on the relationship. E.g. Someone working deep in | the bowels of some company in the financial sector but | their hobbies are more diverse. | tptacek wrote: | That's funny, because a plurality of the O.G. Phrack crew | wound up working in security in finance, particularly at | the i-banks. | kbenson wrote: | You know, I might be conflating phrack with 2600 in my | head. IIRC (which is by no means guaranteed) 2600 was | (is?) a bit more edgy, but I was regularly reading both | at around the same time in the early 2000's, so some of | my ideas about them might be mixed after all this time. | happyconcepts wrote: | maafakaz! | NateLawson wrote: | Hacking became "cool" for the corporate world in the late | 90's. Movies like The Matrix and the fact that nothing | too valuable was online yet meant that getting hacked was | likely just web site defacement. Meanwhile, there was | finally real money to be made in developing security for | when the web finally became worth protecting. | Bluestein wrote: | Ah! A classic :) | rootsudo wrote: | The old zines, inspired me so much, I'm fortunate that I was able | to get tons of blacklisted411, phrack and 2600 in my youth. :) | j4yav wrote: | They still publish pay phone photos in the back, I've managed | to get several in there over the years. | bluetwo wrote: | This just had me thinking about 2600. A bookstore on South | Street in Philly used to carry it on their racks. | greenie_beans wrote: | They just released a new issue: | http://store.2600.com/collections/2010-2015/products/new- | iss... | downtime-vam wrote: | I have a lifetime subscription to 2600. Still going strong! | dang wrote: | If curious, past threads: | | _Phrack Magazine (1985-2016)_ - | https://news.ycombinator.com/item?id=18288767 - Oct 2018 (73 | comments) | | _Phrack 69 released_ - | https://news.ycombinator.com/item?id=11644340 - May 2016 (56 | comments) | | _Phrack Issue #68_ - | https://news.ycombinator.com/item?id=3841721 - April 2012 (50 | comments) | | _Phrack Magazine 's classic article on OS/kernel development_ - | https://news.ycombinator.com/item?id=2583591 - May 2011 (3 | comments) | | _Phrack 66 (June 2009)_ - | https://news.ycombinator.com/item?id=744821 - Aug 2009 (9 | comments) | | _Phrack #66 is out_ - | https://news.ycombinator.com/item?id=652545 - June 2009 (14 | comments) | | Those are all about Phrack in general. I omitted threads about | specific articles, except one because it's short and has a fun | comment. | turbografx16 wrote: | Where are the hackers hanging out these days? 5 or so years ago | /r/netsec was pretty good, and 0x00sec seems a decent (if small) | community. | | I miss having a place to hang out with other people messing | around with random security projects and CTFs... | StopTheWorld wrote: | > Where are the hackers hanging out these days? | | The Admiral's Club at SFO | bynxbynx wrote: | I help run the OpenToAll CTF team - while the primary focus for | most are CTFs, the community (>500) has really expanded, e.g., | (in the slack workspace) we have active channels for N-day | repros, bug bounties with internal competitions, financial | trading shop talk, and hardware hacking. You wont find much OTR | or blackhat stuff ( due to slack ToS), but Ive found the | community loves learning and discussing all things sec. | | It doesnt hit your mark completely, but hopefully its somewhat | helpful | thegeekbin wrote: | Have any bridge to Matrix? It would be pretty awesome to | join. | buzzert wrote: | > ( due to slack ToS) | | With restrictions like that, it surprises me that Slack | appeals to hackers at all. Why not IRC? | bynxbynx wrote: | Originally we were on IRC. As the team grew, more CTFs were | being played - often concurrently - so having dedicated | (private) channels for a given CTF and "sub" channels for | its challenges gave us a lot more flexibility. | | That being said, we've considered migrating to Discord, | Zulip, or Matrix - just haven't gotten around to it yet. | kemonocode wrote: | Please consider using either Zulip or Matrix from the | get-go, else if you just pick Discord you will find | yourself in the very same situation as with Slack before | long. | | I was in a little CTF server which got flagged and taken | down, even though there wasn't anything too particularly | nefarious going on. Maybe someone did upload something | dumb which raised flags on Discord's end, though. | icedchai wrote: | I remember reading Phrack during the early 90's, x.25 hacking | days. Anyone remember QSD or Lutzifer? I've long forgotten those | NUAs now. | tptacek wrote: | This is a _crazy_ read; I was there (though very young and not | well connected) and, just try to get your head around a world | in which the Internet was so new and unstable: | | http://phrack.org/issues/45/8.html | | Also: $300 for an X.25 hookup! I totally could have run an X.25 | board! | justanother wrote: | 0208057040540 is still in finger-memory | dagw wrote: | Hats off to the old Phrack team. I can safely say that I probably | wouldn't have this career I have now if it wasn't for Phrack. | mtalantikite wrote: | Same, Phrack was mind expanding for my teenage self in the 90s. | Is there anything similar floating around these days? So much | on the Internet seems filtered through corporate platforms that | are antithetical to the counter-cultural spirit. Or maybe I'm | just old now! ___________________________________________________________________ (page generated 2021-03-17 23:00 UTC)