Recently I was slandered by K2, who is a member of numerous underground organizations including ADM and w00w00, and who is an employee of a large international security company called CORE-ST (formerly known as CORE-SDI). K2 claims that I'm a member of a group known as ~el8 which annually publishes an ezine that is centered around hacking. Because I am op'd in #phrack on efnet, and many of the other people there (myself included) find the ~el8 magazine to be a good source of entertainment and information that can't be found anywhere else, he has decided that we are all responsible for the magazine and that we are all involved in some degree of illegal hacking. While I cannot speak for others, I myself have no involvement in ~el8 other than the fact that openly discuss the materials in a public forum, and ridicule those who have already exposed by the magazine. I have no knowledge of who is involved in this publication, nor do I care to know. What is more interesting is K2's own involvement and support of illegal hacking, and the fact that he openly sponsors disinformation campaigns revolving around themes of nondisclosure and causing mischief within the infosec community. The statements I make solely reflect my own interpretations of publically available materials and I make no claim that said interpretations are any representation of this person's true motivations. As a tax-paying American citizen, a registered voter, and civil right advocate, I have no fear of sharing my thoughts with the public, for this is one of the most beloved rights ensured to every American -- the right to free speech. First, quoting from the following BUGTRAQ post from K2 (which can be found at http://www.securityfocus.com/archive/1/137482): OK, hold on a second.... The following "snip snip" is a little long... and I have not verified it, (a guaranteed DoS though). talkd, A DEFAULT service. Here he talks about a nonexploitable "dos" condition in a default inetd service in OpenBSD. Examination of the actual problem shows that it is not exploitable (some claim it is, but no evidence has been made public to suppor that claim), and how he figures it's a "dos" condition when it automatically respawns via inetd defeats most logic. He asks that every bug be granted a security advisory, whether it is an actual security problem or not. To me, it sounds like this is when he began an ADM supported disinformation / FUD (cDc anyone?) campaign, and encouraged that the security mailing lists be flooded with useless information to prevent the discussion of more important issues. Next, we take a look at one of K2's posts to the anti.security.is message board , which is historically archived on web.archive.org. The following quote can be read directly from: http://web.archive.org/web/20010726185201/anti.security.is/chat/spjall_thradur. php?id=60&bordid=1&efni=General+discussions&msgcnt=5 What I don't understand sometimes is the way that for the most part... the big reason to post info to an open forum is to "secure the internet through disclosure". Thereby, helping people... How nice... we can make a difference, we are actually... helping the world... YAAAAAAAAAAA&@*($&!*! heh more likely not... What I see going on is mostly stories about kid s who find themselves in a whole LOT OF TROUBLE!!! Most kid out there ca n not possibly grasp the consequences of his action, so why not the peopl e with "blah blah years in the field...", take action instead? maybe ful l discuss is NOT what is needed. What carries a heavier toll? kiddy damage vs. nondisclosure damage? Wait, K2 is now supporting nondisclosure? Is this the same person who earlier was trying to get mailing lists flooded with useless bug information? Further, he makes a statement saying "most kid out there can not possibly grasp the consequences of his action", but what does he do later? He sends out a slanderous email, with the personal contact information of a 16 year old boy, stating that this individual is engaging in illegal activities which has resulted in a lot of grief to the individual. Now, we'll look a little further into the same thread and we see K2 saying: 1) all the bugs I posted were already patched. 2) only made 1 LOCAL(not even root) exploit out of 3(locals). 3) did not make possible 2 remotes!!!! I think that's responsible. Don't you? Oh, here he admits the "severity" of what he has recently disclosed, but sort of sways away from discussing the talkd "hole". I really can't fathom why he manages to get all the high paying jobs that he has had recently (IBM, now CORE-ST). Examine his further posts to anti.security.is via the Internet Archive for a better look at the mind of this individual. Now, if one is to believe all that they read in ~el8 (I suspect it is a mixture of fact and fiction, but only those responsible for the magazine and those who were "victims" can know definitively), it can be assumed that K2's own machines were comprimised, and that effectively K2 was thoroughly humiliated. His response to the matter appears to be "narcing" on the people who he suspects is responsible. ADM sponsored the antisecurity movement, and K2 is a member of ADM. K2 prides himself on being a blackhat (check google.com, I can't find the article to quote right now -- there is a news article somewhere discussing CanSecWest speakers, where K2 identifies himself as being a blackhat), and yet when he is publically humiliated by other blackhats, he turns and tries to create legal problems for those he believes to be responsible. Further one can find other members of ADM promoting the backdooring of software distributions as part of their antisecurity campaign to increase a state of insecurity. Please, take no pity upon him in any way. As you can see in the mass mail he has sent out to many people, which can be viewed at: http://www.eurocompton.net/~fuk/phrack/NARC.3.txt K2 states, amongst other things: nwonknu ~nwonknu@dsl-65-187-119-141.telocity.com ... the ~el8 crew any questions? -- K2 I connect directly to IRC networks from my home IP, rather than from a shell or BNC of some sort, and make no secret about my identity. I am not a criminal , and I have nothing to hide. This does not imply that people who do use shells and BNC's are criminals, and I think we should all respect one's right to privacy. Unless K2 has some evidence that I am involved in this publication in any way, or that I engage in any sort of criminal activity, I demand an immediate and public apology for his slanderous actions. Further I reserve all rights to pursue legal action against K2 for his slander, which I fully intend on doing, and upon receipt of such apology I make no indication that I will forfiet any claim to legal action against him. I wrote this document on July 15th, 2002, and I have every intention of calling his employer (Ivan Arce) at COREST tomorrow to discuss the further ramification s of K2's slanderous statements against myself. If you're a lawyer and are willing to help in this matter, please contact me. If you have any questions about who I am, or about what I have written, please also contact me. If you want to otherwise bother me about anything, I'm on efnet frequently. You also may mail me at your leisure. nwonknu@#phrack/efnet nwonknu@hushmail.com