Computer underground Digest    Thu  Apr 21, 1994   Volume 6 : Issue 36
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Retiring Shadow Archivist: Stanton McCandlish
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
        Suspercollater:       Shrdlu Nooseman

CONTENTS, #6.36 (Apr 21, 1994)

File 1--conference announcement
File 2--DEF CON ][ Late Night Hack Announcement #3

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:   from the ComNet in LUXEMBOURG BBS (++352) 466893;
          In ITALY: Bits against the Empire BBS: +39-461-980493

FTP:   UNITED STATES:  etext.archive.umich.edu (141.211.164.18)  in /pub/CuD/
                       aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
  JAPAN:          ftp.glocom.ac.jp /mirror/ftp.eff.org/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: Tue, 5 Apr 1994 18:29:06 -0700 (PDT)
From: anonymous <cudigest@mindvox.phantom.com>
Subject: File 1--conference announcement

     The Tenth International Conference on Information Security - IFIP
SEC'94

     Organized by Technical Committee 11 of the International
     Federation  for Information  Processing,  IFIP/TC  11  - in
     cooperation with the Special Interest Group on Information
     Security of the Dutch Computer  Society  - and hosted by the
     Caribbean Computer Society.

                              I F I P   S E C ' 9 4

                            M A Y  2 3 - 2 7 , 1 9 9 4

                         I T C  P I S C A D E R A  B A Y

                                  C U R A C A O
                           D U T C H  C A R I B B E A N


           I  N  T  E  R  N  A  T  I  O  N  A  L    P  R  O  G  R  A  M


                                    *   *   *

     ** Five days, multiple  parallel  tracks,  over  sixty  refereed  unique
     presentations,ially  invited  speakers,  dedicated  tutorials workshops,
     working  group  sessions,  lively  panel  discussions,  and  much,  much
     more......

                                    *   *   *

                Dynamic Views on Information Security in Progress

     ***ABOUT IFIP'S TECHNICAL COMMITTEE 11

     The International Federation for Information Processing was  established
     in 1960 under sponsorship of UNESCO. In 1984 the Technical Committee for
     Security and Protection in  Information  Processing  Systems,  Technical
     Committee  11, came into existence. Its aim is to increase the reliabil-
     ity and general confidence in information processing, as well as to  act
     as a forum for security managers and others professionally active in the
     field of information processing  security.  Its  scope  encompasses  the
     establishment  of  a frame of reference for security common to organiza-
     tions, professionals and the public; and the promotion of  security  and
     protection as essential parts of information processing systems.

     Eight working groups: Information  Security  Management,  Small  Systems
     Security,  Database  Security,  Network  Security, Systems Integrity and
     Control, Security Legislation, Information  Security  Education  and  IT
     Related  Crime  Investigations,  all  chaired  by seasoned international
     experts, cover a major part of the actual TC 11 workload.
 +----------------------------------------------------------

     ***ABOUT THE TENTH INTERNATIONAL INFORMATION SECURITY CONFERENCE

     This event is the Tenth in a series of conferences on information  secu-
     rity.   Something  to  celebrate.  The  organizers have compiled a truly
     exceptional, unique, and especially upgraded  conference  in  a  setting
     suitable for celebrating its Tenth birthday. Over 75 sessions will cover
     just about all aspects of information security, on a senior and advanced
     level.  The  formal  language  of SEC'94 is English. The proceedings are
     published by Elsevier North Holland in its acclaimed series.

     There are evidently some astounding  surprises  within  SEC'94.  As  key
     note's  SEC'94  will feature major players. Ten invited speakers, doubt-
     less seasoned seniors in their field, will contribute with their  vision
     of the future.  Ranging from the legislative aspects of data privacy, to
     the international impact of the Clipper chip, and the dimensions of  new
     cryptographic  standards  and  applications.  Global  policy  making and
     breaking in respect of the international harmonization efforts of infor-
     mation  technology security evaluation criteria, and other most enticing
     issues are advocated during the various invited lectures.


     Within the framework of this conference a series of special lectures are
     built in, dedicated to one most important aspect. SEC'94 includes a UNIX
     system security workshop and a cryptology tutorial. Special sessions are
     devoted  to  information security in developing nations, and information
     security in the banking and financial industry. Two major full day  mini
     conferences  "IT Security Evaluation Criteria" and "Open Systems Network
     Security" are included in the program as well.  SEC'94  offers  a  panel
     discussion  of  the editors of Elseviers Journal Computers and Security,
     IFIP TC 11's formal journal.


     ***ABOUT YOU

     Each of the past ten years you have shown IFIP and TC 11 in  particular,
     your  commitment  to  information  security  by  attending  the IFIP SEC
     conferences.  The visitors and delegates to IFIP SEC are a  broad  audi-
     ence,  from  everywhere:  The Pacific Rim, Europe, Africa, the North and
     Latin America's and the Far East. The level of authority/positions is as
     usual:  within  practical,  management,  legal  and technical level, the
     delegate to IFIP SEC is considered the top grade. Anyone - directly  and
     indirectly  -  involved and/or interested in information security, wher-
     ever she/or he may live, is IFIP SEC's audience.  You certainly may  not
     miss SEC'94!


     ***SOMETHING EXTRA

     The organizers wanted to  do  something  extra  for  this  Tenth  event.
     Besides  compiling  a unique conference program, its length was extended
     to FIVE days, extra tracks are added, the delegate admission is reduced,
     special  student  admission  rate  are available, Worldwide rebated air-
     travel and discounted hotel accommodation can be obtained, and those not
     yet  being a member of the World's largest and most influencial computer
     society are being offered a free of  charge  membership  for  1994!  And
     that's not all! Yet, some surprises are saved for the event itself.

                   IFIP TC 11's SEC'94 welcomes you to Curacao,
                                    BONBINI !

                                   A W A R D S
     Technical Committee 11 of IFIP presents during its 10th event two  pres-
     tigeous  awards.  The  Kristian  Beckman Award and the Best Paper Award.
     The Kristian Beckman Award has been established by IFIP TC  11  to  com-
     memorate  the  first  chairman  of  the committee, Kristian Beckman from
     Sweden, who was also responsible for promoting its founding in  1983/84.
     This  award is granted annually to a successful nominee and is presented
     at the annual IFIP Security Conference. The objective of the award is to
     publicly recognize an individual - not a group or organization - who has
     significantly contributed to the development  of  information  security,
     especially achievements with an international perspective.

     To celebrate the tenth annual conference  the  organizers  have  decided
     also  to  present a Best Paper Award. The award will be presented to the
     individual with the most  significant  paper  at  SEC'94.  The  audience
     itself will be selecting this presentation/individual.

     ------------------------------------------------------------------


                            P   R   O   G   R   A   M

     ***INVITED PRESENTATIONS***

     Computer based cryptanalysis: man versus  machine  approach  by  Dr.  N.
     Balasubramanian,  former  director  of  the Joint Cipher Bureau/ Crypto-
     graphic Services of the Department  of  Defense  of  the  Government  of
     India.

     Establishing a CERT: Computer Emergency Response Team by Kenneth A.  van
     Wyk,  manager  Assist  team,  Defense Information Security Agency of the
     Department of Defense, United States

     Privacy aspects of data travelling along the new 'highway' by Wayne Mad-
     sen, scientist Computer Science Corp., United States

     Issues in designing and implementing  a  practical  enterprise  security
     architecture  by Ross Paul, manager information security, the Worldbank,
     United States

     (key note's and other invited speakers to be announced by special bulletin)

     IFIP TC 11 position paper in discussion: Security Evaluation Criteria by
     H. Schoone, Netherlands

     Special TC 11 Working group sessions:
     11.8 Computer Security Education, chair: Em. Prof. Dr. Harold Highland
     11.1 IT Security Management, chair: Prof. S.H. von Solms (S. Africa)
     11.5 System Integrity and Control, chair: William List (UK)

     Special Appearance: Information Warfare: waging and winning conflict  in
     cyberspace by Winn Schwartau (US)

     Panel discussion: Panel discussion of the editors of  Elseviers  Journal
     Computers and Security chaired by John Meyer, Elsevier (UK), editor

     Extended UNIX tutorial: Unix meets Novell Netware  by  Kevin  H.  Brady,
     Unix Systems Lab. (US)

     Extended virus tutorial: Technologically  enabled  crime:shifting  para-
     digms for the year 2000 by Sara Gordon (US)

     Viruses: What can we really do ?  by Prof. Henry Wolfe (New Zealand)

     Future   trends   in   virus   writing   by   Vesselin    V.    Bontchev
     (Bulgaria/Germany)

     Viral Tidings by A. Padgett Peterson (US)

     Integrity checking for anti viral purposes by Yisrael Radai (Israel)

     Special appearance: *title to be announced* Prof. Eugene Spafford (US)


     ***REFEREED PRESENTATIONS***

     Operations Security: the real solution to the problem -  A.  Don  Temple
     (US)

     Security in virtual reality: virtual security - Amund Hunstad (Sweden)

     Prohibiting the exchange attack calls for  hardware  signature  -  Prof.
     Reinhard Posch/Wolfgang Mayerwieser (Austria)

     Towards secure open systems - Dr. Paul Overbeek (Netherlands)

     A security officer's workbench - Prof. Dennis Longley/Lam For Kwok (Aus-
     tralia/ Hong Kong)

     An introduction to Citadel: a secure crypto  co-processor  for  worksta-
     tions - Dr. Elaine Palmer (US)

     On the calculation and its proof data for PI 10-9th - Shengli  Cheng  et
     al (P.R. of China)

     Securenet: a  network  oriented  intelligent  intrusion  prevention  and
     detection system - Ass. Prof. Dimitris Gritzalis et al (Greece)

     A methodology for the design of security plans -  Drs.  Fred  de  Koning
     (Netherlands)

     An open architecture for security functions  in  workstations  -  Stefan
     Santesson (Sweden)

     Security systems based on exponentiation primitives, TESS - Prof. Thomas
     Beth (Germany)

     The structure and functioning of the COST privacy enhanced mail system -
     Prof.  Sead Muftic, Nada Kapidzic, Alan Davidson (Sweden)

     The need for a new approach to information security - Dr. Jean Hitchings
     (UK)  A  Practical  database encryption system - Prof. C. Chang/Prof. D.
     Buehrer (Taiwan, ROC)

     Security analysis and strategy of computer networks -  Jie  Feng  et  al
     P.R.o.  China)

     Information Security: legal threats and opportunities -  Dr.  Ian  Lloyd
     (Scotland)

     Secure communication in LAN's using a hybrid encryption scheme  -  Prof.
     Mahmoud El-Hadidi, Dr. Nadia Hegazi, Heba Aslan (Egypt)

     Secure Network Management - Bruno Studer (Switzerland)

     Ramex: a prototype expert system for computer security risk analysis and
     management - Prof. Peter Jarratt, Muninder Kailay (UK)

     The need for decentralization and privacy in mobile communications  net-
     works - D.I. Frank Stoll (Germany)

     Is lack of quality software a password to information security  problems
     ? - Dr. Peter Fillery, Nicholas Chantler (Western Australia)

     Smart: Structured, multi-dimensional approach to risk taking for  opera-
     tional information systems - Ing. Paul van Dam, et al. (Netherlands)

     IT Audit: the scope, relevance and the impact in developing countries  -
     Dr. K.  Subramanian (India)

     Program structure for secure information flow - Dr. Jingsha He (US)

     Security, authentication and policy management in open distributed  sys-
     tems - Ralf Hauser, Stefano Zatti (Switzerland/Italy)

     A cost model for managing information security hazards - Love  Ekenberg,
     Subhash Oberoi, Istvan Orci (Sweden)

     Corporate computer crime management: a research perspective - Dr.  James
     Backhouse (UK)

     A high level security policy for  health  care  establishments  -  Prof.
     Sokratis Katsikas, Ass. Prof. Dimitris Gritzalis, et al (Greece)

     Moss: a model for open system security - Prof. S.H. von Solms, Dr. P van
     Zyl, Dr. M. Olivier (South Africa)

     The risk-based information system design paradigm - Dr. Sharon  Fletcher
     (US) Evaluation of policies, state of the art and future research direc-
     tions in database security - Dr. Guenther Pernul, Dr.  A.M.  Tjoa  (Aus-
     tria)

     Exploring minimal ban logic proofs of authentication protocols  -  Anish
     Maturia, et al (Australia)

     Security concepts for corporate networks - Prof.  Rolf  Oppliger,  Prof.
     Dieter Hogrefe (Switzerland)

     The security process - Jeanette Ohlsson (Sweden)

     On the security of lucas function - Dr. C.S. Laih (Taiwan RoC)

     Security considerations of content and context based access  controls  -
     Donald Marks, Leonard Binns, Peter Sell, John Campbell (US)

     Anonymous and verifiable databases: towards a practical solution - Prof.
     Jennifer Seberry, Dr. Yuliang Zheng, Thomas Hardjono (Australia)

     A decentralized approach for authorization -  Prof.  Waltraud  Gerhardt,
     Burkhard Lau (Netherlands)

     Applying security criteria to  a  distributed  database  example  -  Dr.
     Marshall Abrams, Michael Joyce (US)

     A comparison of international information security  standards  based  on
     documentary  micro-analysis  - Prof. William Caelli, Em. Prof. John Car-
     roll (Australia/Canada)

     Security in EDI between bank and its client - Pauli Vahtera, Heli  Salmi
     (Finland)

     Secure information  exchange  in  organizations  -  D.I.  Ralph  Holbein
     (Switzerland)  A  framework for information system security management -
     Helen James, Patrick Forde (Australia)

     The  security  of  computer  system  management  -  Xia   Ling   et   al
     (P.R.o.China) Development of security policies - Jon Olnes (Norway)

     Factors affecting the decision to report occurances of computer abuse  -
     John Palmer (Western Australia)

     Secure managable remote access for network and mobile users in  an  open
     on-line transaction processing environment - Dr. James Clark (Singapore)


                                    *   *   *
                                 Session lay-out:

     Monday May 23: plenary only Tuesday May  24  -  Thursday  May  26:  four
     parallel tracks Friday May 25: plenary only

                                    *   *   *
                                  Registration:
                 Sunday afternoon May 22 at the conference venue
                  Monday morning May 23 at the conference venue


                                    *   *   *
                              Terms and conditions:
     The conference registration/admission fee amounts US $ 1,295 for regular
     registrations per individual. However, if you are a member of a national
     computer society you may be eligible for a discount.  Late  charges  and
     cancellations:  Registration  received after May 1, 1994are charged with
     an extra late charge of 10 %. Substitutions may be  made  at  any  time,
     though please advise us of a change of name. If you find it necessary to
     cancel the place, please telephone the conference office immediately and
     ask  for a cancellation number. Confirm in writing quoting the cancella-
     tion number.  Provided written notice is received by May 1, 1994,  afull
     refund  will be given less a 15 % administration charge. It is regretted
     that cancellations received after May 1, 1994 are liable  for  the  full
     registration  fee.  Payment:  the  registration fees are immediately due
     upon registration, and all cheques should be made payable  to  the  High
     Tech Port Curacao Foundation, accompanying the signed registration form.
     Alternatively registrations by fax and  electronic  mail  are  accepted,
     provided  the  payment  for the full amount in US dollars is released by
     wiretransfer in favor of the High Tech Port  Curacao  Foundation  within
     one  week after the registration. Fax and/or email registrations must be
     completed before May 1, 1994. If payment is not received  within  stated
     period the registration is automatically cancelled and voided. Forms not
     signed or correctly filled in are not  valid  registrations.  Conference
     registration  fees  should be paid in US dollars only, to prevent exces-
     sive exchange charges.  It is possible to pay by credit card, however  a
     surcharge of 25 % is levied due to local monetary restrictions and poli-
     cies. Immediately after registration you will receive a confirmation  by
     fax  or  email.  Included in the conference fee is the admittance to all
     sessions of all tracks of the conference, the  lunches  during  tuesday,
     wednesday, thursday and friday, coffee and tea during the intermissions,
     a welcome cocktail at your hotel, one admission ticket per  delegate  to
     the  formal conference banquet, and a copy of the handout of the confer-
     ence proceedings. Registrations made after May  1,  1994  are  on  space
     available  basis only. If you apply for a discount the registration form
     and payment must be received before May  1,  1994.  All  other  services
     ordered  are  separately  billed, payable upon receipt of the respective
     order confirmation.











                                    *   *   *

     Curacao is a tourist destination in high demand, we advise you  to  make
     your flight and hotel accommodation reservations well in advance !!!


                                    *   *   *

     FAX THE FORM BELOW TO: IFIP SEC'94 SECRETARIAT +599 9652828

     OR AIRMAIL TO: IFIP SEC'94 SECRETARIAT POSTOFFICE BOX 4 0 6 6 WILLEMSTAD
     - CURACAO NETHERLANDS ANTILLES CARIBBEAN

     OR EMAIL TO: <  TC11@IAIK.TU-GRAZ.AC.AT   >

     ------------------------------cut-here--------------------------------


                    IFIP TC 11 SEC'94 CONFERENCE REGISTRATION

              (one form per individual, copy for multiple registrations)

     Please register the following individual for IFIP SEC'94:

     Surname:

     First name:

     Title:

     Organization:

     Job title:

     Mail address:

     Post/zip code:

     Country:

     Telephone:

     Telefax:

     Email:

     ** If you are a member of a national computer society, use this priority
     registration  by  fax  or email, and wiretransfer the applicable amount,
     you are entitled to a rebated admission rate. Instead of US $ 1,295, you
     pay only US $ 1,165.

     If you send this by fax to the Conference secretariat,  a  signature  is
     necessary, here::
     I understand and agree to abide by the conditions  as  set  out  in  the
     conference brochure, also printed elsewhere in this document.

     Date:

     If you send this form by email, a signature is not necessary.   In  that
     case the date of receipt of the wiretransfer of the applicable amount is
     the date of registration.


                                CONFERENCE PAYMENT

     I will remit by wiretransfer US $ _________ in favor of  the  High  Tech
     Port  Curacao  Foundation,  bank  account number 11.592652.5570.004 with
     CITco Bank NV, Curacao, Netherlands Antilles, immediately.

     Wiretransfer reference: IFIP SEC'94

     ABA nr. of the CITco Bank (this is  not  the  account  number,  but  the
     banks' correspondents number): 021004823.

     US corresponding bank: Republic National Bank, New York.

     Upon receipt of the applicable amount by  the  High  Tech  Port  Curacao
     Foundation  I  will receive within 24 hours by fax a confirmation and an
     invoice marked "fees paid".


                                    ADDITIONAL

     I apply for the 1994 free of charge membership of the ACM (valid only if
     you are not a member, yet)

     Mark yes >                   >               <

     I have a special request:











     (insert your request here)

                                   *    *    *

                                HOTEL INFORMATION
     The Curacao Caribbean Hotel (tel: +599-9625000 fax: 599-9625846) as well
     as  the  Sonesta  Hotel  (tel: +599-9368800 fax: +599-9627502, in the US
     call tollfree 1.800.477.4556) are beach front hotels at walking distance
     of the conference center. Special roomrates start at US $ 112 per single
     room/night, including tax, services, full breakfast. Roomrates based  on
     double, triple and quad are available. Various other hotels on request.

                                  AIR TRANSPORT
     There are daily non-stop flights from Miami operated  by  American  Air-
     lines,  daily  non-stop  wide  body flights from Amsterdam (Netherlands)
     operated by KLM, daily non-stop flights from Marquetia Aeropuerto Inter-
     nacional  de  Caracas  (Venezuela),  Santa  Fe de Bogota (Colombia), and
     various Caribbean islands, all operated by  regional  carriers.  Special
     promotional  fares  are by KLM, TAP Air Portugal, and American Airlines.
     Contact your tarvel agency for more information.

                                    *   *   *

     Curacao is tropical. Year-round an average temp. of 90 F/35  C.  A  con-
     stant  tradewind  makes  it  very  pleasant. You do not need a jacket or
     coat!

     Make your flight and hotel reservation as soon as possible !!!


                                    *   *   *

     Come enjoy Dutch Caribbean hospitality soon ! SEC'94 also encompasses  a
     great after hours social program, typical Caribbean style.

                                   ORGANIZING CHAIR:
                                 Dr. F. Bertil Fortrie (chairman SEC'94)
                                 Leon Strous (vice chairman SEC'94)
                                 Corinne Bor LLM (general secretary SEC'94)

------------------------------

Date: 26 Mar 94 15:00:26 -0500
From: Conal.Garrity@F8004.N282.Z1.FIDONET.ORG(Conal Garrity)
Subject: File 2--DEF CON ][ Late Night Hack Announcement #3

Updated Last : 3.11.1994 (I appologise for spelling errors.. the WP died)
Late Night Hack Announcement #3


What's this?  This is an updated announcement and invitation to DEF CON II,
a convention for the "underground" elements of the computer culture.  We try
to target the (Fill in your favorite word here): Hackers, Phreaks, Hammies,
Virii Coders, Programmers, Crackers, Cyberpunk Wannabees, Civil Liberties
Groups, CypherPunks, Futurists, Artists, Etc..

WHO:   You know who you are, you shady characters.
WHAT:  A convention for you to meet, party, and listen to some speeches
       that you would normally never hear.
WHEN:  July 22, 23, 24 - 1994 (Speaking on the 23rd and 24th)
WHERE: Las Vegas, Nevada @ The Sahara Hotel

So you heard about DEF CON I, and want to hit part II?  You heard about the
parties, the info discussed, the bizarre atmosphere of Las Vegas and want to
check it out in person?  Load up your laptop muffy, we're heading to Vegas!

Here is what Three out of Three people said about last years convention:

"DEF CON I, last week in Las Vegas, was both the strangest and the best
computer event I have attended in years." -- Robert X. Cringely, Info World

"Toto, I don't think we're at COMDEX anymore." -- CodeRipper, Gray Areas

"Soon we were at the hotel going through the spoils: fax sheets, catalogs,
bits of torn paper, a few McDonald's Dino-Meals and lots of coffee grounds.
The documents disappeared in seconds."  -- Gillian Newson, New Media Magazine

DESCRIPTION:

Last year we held DEF CON I, which went over great, and this year we are
planning on being bigger and better.  We have expanded the number of
speakers to included midnight tech talks and additional speaking on Sunday.
We attempt to bring the underground into contact with "legitimate" speakers.
Sure it's great to meet and party with fellow hackers, but besides that we
try to provide information and speakers in a forum that can't be found at
other conferences.

While there is an initial concern that this is just another excuse for the
evil hackers to party and wreak havok, it's just not the case.  People come
to DEF CON for information and for making contacts.  We strive to distinguish
this convention from others in that respect.

WHAT'S NEW THIS YEAR:

This year will be much larger and more organized (hopefully) than last year.
We have a much larger meeting area, and have better name recognition.
Because of this we will have more speakers on broader topics.  Expect
speaking to run Saturday and Sunday, ending around 5 p.m.  Some of the new
things expected include:

o An Internet connection with sixteen ports will be there, _BUT_ will only
  provide serial connections because terminals are too hard to ship.  So
  bring a laptop with communications software if you want to connect to the
  network.  Thanks to cyberlink communications for the connection.

o There will be door prizes, and someone has already donated a Cell Phone
  and a few "Forbidden Subjects" cd ROMs to give away, thanks to Dead Addict.

o Dr. Ludwig will present his virus creation awards on Sunday.

o A bigger and better "Spot The Fed" contest, which means more shirts to
  give away.

o More room, we should have tables set up for information distribution.
  If you have anything you want distributed, feel free to leave it on the
  designated tables.  Yes, this year there will be a true 24 hour
  convention space.

o A 24 hour movie / video suite where we will be playing all type of
  stuff.
  VHS Format.  Mail me with suggested titles to show, or bring your own.
  We'll use a wall projector when not in use by speakers.

o Midnight Tech Talks on Friday and Saturday night to cover the more
  technical topics and leave the days free for more general discussions.

WHO IS SPEAKING:=============================================================

This list represents almost all of the speakers verified to date.  Some
people do not want to be announced until the event for various reasons, or
are waiting for approval from employers.  A speaking schedule will go out
in the next announcement.


Phillip Zimmerman, Notorious Cryptographer & author of PGP.

Dr. Ludwig, Author of "The Little Black Book of Computer Viruses," and
    "Computer Viruses, Artificial Life and Evolution"

Loyd Blankenship (The Mentor), Net Running in the 90's and RPG.

Padgett Peterson, Computer Enthusiest, Anti-Virus Programmer.

The Jackal, A Radio Communications Overview, Digital Radio and the Hack Angle.

Judi Clark, Computer Professionals for Social Responsibility.

Gail Thackery, (Of Operation Sun Devil Fame), Topic to be Announced.

To be Announced, The Software Publishers Association, Topic to be Announced.

Toni Aimes, Ex U.S. West Cellular Fraud, Cellular Fraud Topics.

Mark Lotter, Cellular Enthusiest, Hacking Cell Phones.

Lorax, The Lighter Side of VMBs.

Peter Shipley, Unix Stud, Q&A on Unix Security.

George Smith, Crypt Newsletter, Virus Topic to be Announced.

Cathy Compton, Attorney, Q&A Surrounding Seisure Issues, Etc.

John Littman, Reporter and Author, Kevin Poulson, Mitnick, and Agent Steal.

Red Five & Hellbender, Madmen With a Camcorder, Who Knows?

Chris Goggans (Erik Bloodaxe), Wierd Wireless Psycho Shit.. Stay Tuned..

There should be a few round table discussions on Virus, Cellular, Unix and
something else surrounding the industry.

I'll name the rest of the the speakers as they confirm.  I'm still working on
a few (Two?) people and groups, so hopefully things will work out and I can
pass the good news on in the next announcement, or over our List Server.

============================================================================

WHERE THIS THING IS:

It's in Las Vegas, the town that never sleeps.  Really. There are no clocks
anywhere in an attempt to lull you into believing the day never ends.  Talk
about virtual reality, this place fits the bill with no clunky hardware.  If
you have a buzz you may never know the difference.  It will be at the Sahara
Hotel.  Intel is as follows:

        The Sahara Hotel: 1.800.634.6078

        Room Rates: Single/Double $55, Tripple $65, Suite $120
                    (Usually $200) + 8% tax

        Transportation: Shuttles from the airport for cheap.

   NOTE:  Please make it clear you are registering for the DEF CON II
   convention to get the room rates.  Our convention space price is
   based on how many people register.  Register under a false name if
   it makes you feel better, 'cuz the more that register the better for
   my pocket book.  No one under 21 can rent a room by themselves, so
   get your buddy who is 21 to rent for you and crash out.  Try to contact
   people on the Interactive Mailing List (More on that below) and
   hook up with people.  Don't let the hotel people get their hands on
   your baggage, or there is a mandatory $3 group baggage fee.  Vegas
   has killer unions.

OTHER STUFF:

I'll whip up a list of stuff that's cool to check out in town there so if for
some reason you leave the awesome conference you can take in some unreal
sites in the city of true capitalism.  If anyone lives in Las Vegas, I
would appreciate it if you could send a list of some cool places to check out
or where to go to see the best shows and I'll post it in the next
announcement or in the program

-o I am asking for people to submit to me any artwork, pictures, drawings,
   logos, etc. that they want me to try and include in this years program.
   I am tring to not violate any copywrite laws, but wat cool shit.  Send
   me your art or whatever and I'll try and use it in the program, giving you
   credit for the work, of course.  Please send it in .TIF format if it has
   more than eight bit color.  The program will be eight bit black and white,
-o in case you want to make adjustments on your side.

*** NEW MAILING LIST SERVER ***

We've finally gotten Major Dommo List Serv software working (Kinda) and it
is now ready for testing.  MTV spent alot of time hacking this thing to work
with BSDi, and I would like to thank him.  The purpose of the list is to
allow people interested in DEF CON II to chat with one another.  It would
be very sueful for people over 21 who want to rent hotel space, but split
costs with others.  Just mention you have room for 'x' number of people, and
I'm sure you'll get a response from somone wanting to split costs.  Someone
also suggested that people could organize a massive car caravan from Southern
Ca. to the Con.  My attitude is that the list is what you make of it.  Here
are the specifics:

Umm.. I TAKE THAT BACK!!  The mailing list is _NOT_ ready yet.  Due to
technical problems, etc.  I'll do another mass mailing to everyone letting
them know that the list is up and how to access it.  Sorry for the delay!


MEDIA:

Some of the places you can look for information from last year include:

New Media Magazine, September 1993
InfoWorld, 7-12-1993 and also 7-19-1993 by Robert X. Cringely
Gray Areas Magazine, Vol 2, #3 (Fall 1993)
Unix World, ???,
Phrack #44

COST:

Cost is whatever you pay for a hotel room split however many ways, plus
$15 if you preregister, or $30 at the door.  This gets you a nifty 24 bit
color name tag (We're gonna make it niftier this year) and your foot in the
door.  There are fast food places all over, and there is alcohol all over
the place but the trick is to get it during a happy hour for maximum
cheapness.

============================================================================

I wanted to thank whoever sent in the anonymous fax to Wired that
was printed in issue 1.5  Cool deal!

=============================================================================

FOR MORE INFORMATION:

For InterNet users, there is a DEF CON anonymous ftp site at cyberspace.com
in /pub/defcon.  There are digitized pictures, digitized speeches and text
files with the latest up to date info available.

For email users, you can email dtangent@defcon.org for more information.

For non-net people call:

                  ----  A  L  L  I  A  N  C  E  ----
                           SysOp  Metalhead
               One Thousand One Hundred Megabytes Online
              612.251.8596  USRobotics 16.8 Dual Standard
                   Synchronet Multinode BBS Software
      International Informational Retrieval Guild (IIRG) Distro Site
              Electronic Frontier Foundation  (EFF) MEMBER
            American Bulletin Board Association (ABBA) MEMBER
-----------------------------------------------------------------------
 o 200+ Message bases.  No post call ratio.  Nope, not ever.
 o FidoNet [1:282/8004]
 o CyberCrime international [69:4612/2]
 o International Networked message ECHO areas:
   UFO, VIRUS, REPTILE, MUSIC, Twin Cities Chat, NORML, Telephone Watch,
   TRADEWARS, MONTE PYTHON, FCC, NO PIRACY, CLASSIFIEDS
   BBS Software & SYSOP Support, MUSIC, FISHING/HUNTING, Stephen King,
   Programming, Computers, Foreign Language, iCE/ACiD/TRiBE, COLLEGE
   LIVING, POLITICS, POETRY, RACISM, and too many more to mention
 o Computer Underground Magazines, History, Updates & Text
 o DEF CON Mirrior Archive
 o uXu, PHANTASY, CuD, EFF Magazine(s) Distro Site
 o Internet email mailbox (your.name.here@f8004.n282.z1.fidonet.org)
 o 30 day FULL ACCESS Trial Account...$10/year MEMBERship (sub. to change)
-----------------------------------------------------------------------

For Snail Mail send to: DEF CON, 2709 E. Madison Street Suite #102,
                        Seattle, WA, 98112

For Voice Mail and maybe a human (me), 0-700-TANGENT on an AT&T phone.

A DEF CON Mailing list is maintained, and the latest announcements are mailed
automatically to you.  If you wish to be added to the list just send email
to dtangent@defcon.org.  We also maintain a chat mailing list where people
can talk to one another and plan rides, talk, whatever.  If you request to
be on this list your email address will be shown to everyone, just so you
are aware.

=============================================================================

(Note, I have put a copy of Dr. Ludwig's new KOH Data security encryption
Virus online at the DEF CON ftp site in /pub/defcon/KOH along with full
documentation.  Get CrAzY.)


VIRUS CREATION AWARDS:

                                   Announcing
                                      The
                   Second International Virus Writing Contest
                                  Sponsored by
                American Eagle Publications, Inc. P.O. Box 41401
                             Tucson, AZ 85717 USA
                                      and
                           The Crypt Infosystems BBS
                               +1 (818) 683-0854

                                *** The Goal ***

The purpose of this contest is to write a fully functional computer virus that
entertains people with political satire.  Viruses will be judged on the basis
of originality, creativity, functionality, and political incorrectness.

                             *** Eligibility ***

               Anyone who can write a computer virus is eligible.

                             *** Contest Dates ***

The contest is underway from January 1, 1994 until June 30, 1994. Your
submissions must be received by June 30 to qualify. The winner of the
contest will be announced at the DEFCON conference in Las Vegas, July 22-24,
1994. If you can be present, an official award will be bestowed on you at
that time.

         *************************************************************

                                    Details

         *************************************************************

The philosopher Friedrik Nietzsche once said that if you want to kill
something, you must laugh at it--and laugh at it deeply. So there should be
little wonder that political satire is as old as politics itself.

Is there something going on in the political arena that you abhor, that makes
you sick, that is just plain wrong? Well, here's your chance to make a
mockery of it. I've always had this idea that if someone wrote a sufficiently
witty virus that really addressed the issues the way the people (not the
press, not the politicians) saw them, it might just get passed around by
people voluntarily.

Let's find out.

Write a virus that is itself a political satire. I don't mean a virus that
simply displays a message. I mean a living entity whose every move--whose
every action--is politically motivated. If you need more than one virus to
make your point--perhaps two viruses working together, or something like that,
that is fine.

         -----------------------------------------------------------
Let me give you a simple example: The Political Correctness Virus

This virus is a spoof on the "political correctness" movement--which is just
a form of self-imposed censorship--that is sweeping american intellectual
circles, particularly colleges and universities.

This virus is a memory resident boot sector virus which maintains a list of
politically incorrect words on your computer system. It also hooks the
keyboard interrupt and monitors every keystroke you make. If you type a
politically incorrect word into the computer, the PCV springs into action.

Politically incorrect words are ranked at three different offense levels.
When the PCV encounters such a word, it determines what offense level that
word is, and acts accordingly.

The least offensive words merely register a beep. More offensive words cause
a beep to sound for 10 seconds. The most offensive words cause a siren to
sound for two minutes, locking the system for that duration. If you turn the
computer off before the two minutes are up, the virus will stop the boot
process for five minutes, with sirens, when you turn it back on. If you allow
the siren to complete, then you can proceed.

The virus has two different word lists, both stored in an encrypted and
compressed format. The list is selected at random when the system is
infected, after which it cannot be changed. The first list is the "proper"
list of political correctness no-no's. For example, a word like "sodomite" is
among the worst possible offenses. The second list is an inverted list of
no-no's.  This list trys to force you to use "sodomite" by flagging words
like "gay" and "homosexual" as no-no's.

If you allow the PCV to live in your system for three months without getting
a single flag, you are given the supreme honor of viewing the word list
assigned to you and adding a word to it. If you get more than 3000 flags in
a lifetime, the virus will force you to enter a politically correct word
before allowing you to start the computer, since you are obviously unwilling
to submit to its censorship.

The virus also uses powerful means to prevent disinfection, so that, once you
get it, you can't get rid of it

------------------------------

End of Computer Underground Digest #6.36
************************************