__ ______ __ _ _ ______ __ _ _ ______ | \ / \ | \| \ | \ | \ | \| \ | \ | \ | | | ___ \ | || \ | |\___ || || \ | || ____/ | | | |__\ \ | || \ | | / / | || \ | || |____ | | | _ \| || \ | | / / | || \ | || ____| | \___ | | \ || || _ \| |/ /__ | || _ \| || |____ | \ | | \ || || \\ || \| || \\ || \ |________||__\ \__||__||___\\____|\_______||__||___\\____||______/ ____ |_ \ | | | | | | |____| Originally published 20 April 2015 Text version August 2016 --{ CONTENTS ...Editors' Notes ...For Lainzine #1 ...Noise ...Gopher Protocol ...Recommended Reading ...Art of the Glitch ...Introduction to Cryptography ...Word Search ...Where Do I Start? ...FreeBSD Guide for Newbs and Dummies ...Youtube Proxy ...Structure-based ASCII Art --{ COLOPHON Created by the good people of Lainchan from all around the world. https://lainchan.org Released in good faith and for free under the CC BY-SA 4.0 licence. E0.00 S0.00 L0.00 --{ STAFF Editors: Junk, Tilde. Typesetters: Ivan, Dylan. Text edition: barnet. In  Waking   All    Known     Unconscious      Reality       Atrophies Linger  And   It    Nihilates |==[ Editors' Notes ]==| I hope you enjoy this magazine. We all have put some effort into it and I am personally impressed by what we accomplished. Thanks for reading! finfq bas zp bsosnhe uxrmz – R ddpvwef cvqsn kumu pq nxfq. -—Junk We live in a ferocious world, one where it is easy to get swept up and aggregated into the 'next big thing'. Lainchan is a place somewhat removed from the beaten path, where the mag netic pull of social assimilation is not quite as strong. It is an eclectic gathering of people from across the planet, who come together to explore the essential ideas of the present, the stuff that will become the science fiction and science fact of the future. Most of all, Lainchan is friendly. Stop by and say hello, won't you? —-Tilde |==[ For Lainzine #1 ]==| | by Kalyx | Woa, a zine on Lainchan? Is this what you guys were doing while I was trudging through sector 7.b–189 looking for unused datacards last week [depression]? This is really something, glitch scattered between the pages... impressive. Just in time for the birthday party. Lainchan is the name, OC is the game. Look out for my submission soon. —-Kalyx |==[ Noise ]==| // Tapping into the noise – building a contact microphone // There is a constant humming in the wires above. We are told that at either end sits a small terminal box that listens care- fully and modulates the cosmic pulses to find what is useful. But in recent years, the wires have stretched out. The terminal has re- ceded to some unattainable point in the distance. We find ourselves in the open: Alone and listening, but unable to separate the signal from the noise. --{ Parts needed * Piezo disk, * scraps of wire, * audio jack socket, * something to amplify and listen with, * soldering iron and solder (optional), * something to secure the mic in place (optional). --{ Instructions Sound doesn't only travel through the air. A contact microphone picks up the sounds from inside of solid objects. You can shout as loud as you want, the contact mic can't hear you. But if you stick it to a wooden board and scrape a nail across it you can hear the sound of the wood grain resonating, crushing the piezo crystals and generating a small electric field. Doesn't work? Make sure your contact mic is connected to an amplifier of some sort, PC speakers will work if they're turned all the way up. Disconnect the wires and try them the other way round, then try the first way again. |==[ Gopher Protocol ]==| Developed in 1991 by a team at University of Minnesota, the gopher protocol is a TCP/IP document distribution system that was popular be- fore the world wide web became the standard protocol. It is primarily devoted to serving plain text documents organized into a hierarchical directory structure and lacks formatting, dynamic content, and even the mixing of media and text. While the protocol may not have style sheets, it certainly has style. --{ The Protocol The simplicity of the gopher protocol is evident from the mere fifteen pages of RFC 1436 – the Network Working Group's 1993 document on implementing gopher servers and clients. For comparison, FTP's RFC 765 is 68 pages, and HTTP/1.1 is represented by the 176-page 2616. A reader with even a cursory understanding of TCP/IP can learn the core of gopher over a cup of coffee. Learning the complete internals is better suited to the RFC and is left as an exercise to the reader, but we'll go ahead and write a couple of one-line scripts that handle the majority of the available interactions. All that you need to know is that the default port is '70'. --{ Script 1: Ask a gopher server to list its contents First, the client opens a connection to the server, for the example: sdf.org on port 70 Then, the client sends 'CLRF' to the server to request a directory listing. 'CLRF' refers to "Carriage Return Line Feed", but on most systems will be handled by the simple newline character: '\n'. To do this, use the netcat utility which is a command line program for establishing raw network connections. This very powerful tool can be used for exploring remote hosts and even listening as a server itself. echo "\n" | netcat sdf.org 70 Assuming the host is online, your terminal should now contain a list of di- rectories, as pictured in Figure 1 [below]. It might not be the most beautiful output, but is certainly readable. The numbers preceding each items refer to the type of item that it is. '1' lets the client know that "SDF Member PHLOGOSPHERE" is a subdirectory, while '7' marks "GopherSpace SEARCH Engine" as a gopher search server query (fn: 1). The string after the item's name, such as "/ sdf/faq/" is the "magic string" (actual RFC terminology) that directs the client to that particular item. Finally, the output contains a line whose sole character is a period. This line indicates that the server has listed everything and will then close the connection. --{ Script 2: Navigate to a particular item on the server Now that we know, via the client, what is availa- ble at the root tier of the hierarchical structure, the client can dig deeper into the gopher hole. echo "/sdf/faq/\n" | netcat sdf.org 70 Assuming all went well, you get a response similar to the one listed in Figure 2 [below]. With these two simple commands at your disposal, you can freely traverse the gopherspace! All of these are further subdirectories, but once you hit an item whose identifier is '0', you will have finally arrived at a plain text file. --{ The Clients I used this rudimentary network socket approach to demonstrate how trivial it is to communicate with a gopher server, but a variety of robust clients exists. As the text pages are pure streams of information without style sheets and dynamic behaviors, the content of a gopher site is particularly suited to terminal browsing; the classic terminal browser lynx has supported gopher natively since 1992. Alternatively, plugins are available for Firefox and most other mainstream browsers (fn: 2). Before continuing with the rest of the document, please take a moment to acquire a client and wander about the gopher sites. The most extensive portal to the gophers that I am aware of is over at Floodgap's server (fn: 3). Be sure and check out the link to GopherVR. Having had a taste of the protocol's simple pre-http delights, no doubt you are eager to set up your own home in the gopherspace. You have a couple options: either find a place in the city (exis- ting server such as sdf.org) or try to make it out on your own in the country (run your own server). --{ The Servers There are advantages to each. By setting up your own fresh gopher server, gopher's web presence become further decentralized; it it not ideal to have everything crammed into a single point of failure. However, home-brew servers have a tendency to not last. Fresh holes may find themselves quickly buried when running a 24/7 instance doesn't go as planned. On the other hand, by star- ting a site on sdf (or elsewhere), you help to strengthen the existing, but small, gopher community. Your content will be much more easily found and more likely to remain online. Personally, I think the best approach is this: if you already run a server of some sort, then go ahead and add gopher. But if you just want to get content online, simply register on sdf, or wherever else you choose. That said, writing a gopher server is a great project for learning network programming: you learn how to work with client-server communications, read and implement specifica- tions, and can have a complete product within a fairly short time. For writing the server in C, you may find Beej's Guide to Network Programming (fn: 4) a very helpful reference. --{ Figures !!!! EDITORS NOTE !!!! The following figures were too broad for the 80 character limit, so I have split those lines. Lines indented by three spaces belong to the end of their preceding line. --barnet ## Figure 1: Response of the Gopher server iWelcome to the SDF Public Access UNIX System .. est. 1987\t\tnull.host\t1 i\t\tnull.host\t1 iWe offer FREE and inexpensive memberships for people interested\t\tnull.host\t 1 iin the UNIX system and internetworking. Personal GOPHERSPACE\t\tnull.host\t1 iis available to all users as well as hundreds of UNIX utilities,\t\tnull.host\ t1 igames and networking utilities. We are a federally recognized\t\tnull.host\t 1 inon-profit 501(c)7 organization and we are supported entirely\t\tnull.host\t1 iby donations and membership dues. telnet://sdf.org\t\tnull.host\t1 i\t\tnull.host\t1 1SDF Member PHLOGOSPHERE (151 directories)\t/phlogs/\tsdf.org\t70 1SDF Member GOPHERSPACE (2334 directories)\t/maps/\tsdf.org\t70 1SDF Frequently Asked Questions (FAQ)\t/sdf/faq/\tsdf.org\t70 1SDF Accredited University Courses\t/sdf/classes/\tsdf.org\t70 1Software and Documentation for various computers\t/computers\tsdf.org\t70 7GopherSpace SEARCH Engine\t/v2/vs\tgopher.floodgap.com\t70 1Floodgap's GOPHERSPACE\t/\tgopher.floodgap.com\t70 1NetBSD Distribution Mirror\t/NetBSD/\tsdf.org\t70 i______________________________________________________________________\t\tnull .host\t1 i Gophered by Gophernicus/1.5 on NetBSD/amd64 6.1_STABLE\t\tnull. host\t1 . ## Figure 2: Response of the Gopher server 1BASICS SDF History and UNIX Basics - START HERE\t/sdf/faq/BASICS\tsdf.org\t70 1CHAT Questions about IRC, ICQ and such.\t/sdf/faq/CHAT\tsdf.org\t70 1DIALUP SDF's TENEX National Dialup PPP Membership\t/sdf/faq/DIALUP\tsdf.org\t 70 1EMAIL Questions about INTERNETWORKED EMAIL.\t/sdf/faq/EMAIL\tsdf.org\t70 1GAMES Single and Multiuser GAMES.\t/sdf/faq/GAMES\tsdf.org\t70 1GOPHER Gopherspace questions and answers.\t/sdf/faq/GOPHER\tsdf.org\t70 1MDNS Dynamic DNS with mdns.org \t/sdf/faq/MDNS\tsdf.org\t70 1MEMBERS SDF Membership Information and Responsibilities\t/sdf/faq/MEMBERS\tsdf .org\t70 1MISC Miscellaneous, Odd and Very Interesting Questions \t/sdf/faq/MISC\tsd f.org\t70 1MOTD Coding, Journals, Forums and Galleries for UNIX Hackers\t/sdf/faq/MOTD \tsdf.org\t70 1MYSQL SDF's MySQL database server\t/sdf/faq/MYSQL\tsdf.org\t70 1TEACH Using SDF to teach UNIX and NET concepts.\t/sdf/faq/TEACH\tsdf.org\t70 1TECHIES Advanced UNIX Topics, UUCP and programming.\t/sdf/faq/TECHIES\tsdf.org \t70 1TWENEX SDF's Project TENEX Free Software Community\t/sdf/faq/TWENEX\tsdf.org\ t70 1UNIX Questions about UNIX Shells.\t/sdf/faq/UNIX\tsdf.org\t70 1USENET Newsgroup Questions and News READERS\t/sdf/faq/USENET\tsdf.org\t70 1VHOST Virtual Hosting and Domain Name Service.\t/sdf/faq/VHOST\tsdf.org\t70 1WEB Webserver questions and answers.\t/sdf/faq/WEB\tsdf.org\t70 i______________________________________________________________________\t\tnull .host\t1 i Gophered by Gophernicus/1.5 on NetBSD/amd64 6.1_STABLE\t\tnull. host\t1 . --{ Footnotes 1. https://en.wikipedia.org/wiki/Veronica_(search_engine) 2. http://gopher.floodgap.com/overbite/ 3. gopher://gopher.floodgap.com/ 4. http://beej.us/guide/bgnet/ |==[ Recommended Reading ]==| // 'The Craft of Text Editing' by Craig Finseth // Are you interested in text editing, fellow Lains? I would certainly hope so. For those wanting to go further in expanding their knowledge, 'The Craft of Text Editing' is an excellent read. The book is based on the author's bachelor thesis examining the underlying principles of text editors of the time. After 11 years, it was expanded into a book to cover the advances and other changes that had occurred in the meanwhile. The book pays special attention to Emacs-type editors and the choices made in their design, but a majority of the work applies to all text editors and several different ways of doing things are always discussed for each topic. The subjects covered include the hardware that programs interact with, the language of the editor and the language exposed to the user, the conceptual structure of the edited text, and various editor implementations. There are chapters on redisplay, the user interface, the command set, and several other interesting topics. Lastly, the book makes for an exhilerating look back on computing and the considerations that were taken into account historically. The bibliography also makes for good reading material for those wanting to delve deeper into the topic. As this is the first recommended reading section for the first Lainzine, I'll point out that this is not meant to be an exhaustive coverage or a review, but merely a suggestion. I guarantee that any Lain with a healthy interest in the concepts and technology behind their favorite text editor will be thoroughly pleased with this read, especially if they use Emacs. I look forward to recommending more books to you all. |==[ Art of the Glitch ]==| | by Dylan | // An Existential Analysis of its Products, Processes, and Practitioners // "The glitch is a wonderful experience of an interruption that shifts an object away from its ordinary form and discourse. For a moment I am shocked, lost and in awe, asking myself what this other utterance is, how was it created. Is it perhaps... a glitch? But once I named it, the momentum – the glitch - is no more..." —-Rosa Menkman (Art of the Glitch, 2009) Abstract: This paper is an examination of the art style known as glitch art and questions preconceived notions about glitches and art, and asks if they fit that which defines them. It looks at glitch art created by established profes- sionals and how their thoughts and processes relate to the established defini- tion of glitch art and if the definition should be altered to fit the art style. It also compares the effects of popular culture on glitch art. --{ Introduction The analytics of the art world and art itself has always been a grey area. How can one critique something non-objective? When considering new mediums, who is to say who else is an expert? The field of digital art is something rela- tively new and is one that has many interesting facets and faces. Delving fur- ther into one of these sides, the oddly beautiful realm of glitch art is one of these parts of the art world that is difficult to critique. When the purpose of the art form is to destroy something, can one judge its beauty? Does it exist as art at all? To understand these questions, one must look at the roots of the art style. It will be questioned if it can exist as a style at all, given the methods and practices employed are accurate under the term, "glitch." ---{ Seeking an Understanding To understand the root causes, underlying structure, or machinations of an issue, theme, or skillset, is to understand it at a deeper level, to lead oneself to a greater proficiency. This is the approach that will be taken moving towards a more thorough understanding of the notion of glitch and glitch art. It is also a means to examine the rationale for desiring a system that can be seen as a destructive one, the reasons for the seeking of chaos, especially when so much of the work that is done by humankind is to bring order to the disordered. Papers are sorted, lists are numbered, and infrastructure is created, all to "correct" this entropy (that seems so grounded in nature). Given these systems, why would this entropy be sought out? What good can come from disorder? This art style that is almost against the nature of human beings will be broken down and examined at its roots and its mysteries revealed. A glitch could be defined as an undesirable result or outcome; a deviation from an expected conclusion. Is it possible that one might simply tack the idea of "art" on to the end of that definition? An undesirable artistic outcome? This, rather simple, definition leaves a multitude of things susceptible to its grasp. A walk down the street could have a "glitch" when one trips and falls. Certainly, one does not desire to trip and fall when walking anywhere. Perhaps a crack in a glass or a misprint in a paper could be considered a glitch. These things, yet, are different from the glitches that are considered art. A misprinted paper is certainly not art, nor is a broken glass. We might, then, ask ourselves, what is art? Looking at the vast expanse that is the artistic timeline, we can see an enormous amount of different styles and methods for producing art, and it can be understood that to try and define "art" would be quite a challenging feat. They do, however, have one thing in common: they are all pleasing to look at (or interact with or whatever the intended form of experience may be. Regardless, the idea is that it is enjoyed). Monet's impressionist paintings are indeed beautiful (beauty is subjective, however, and what one might find beautiful, another might find repulsive. This will be an inherent property of art, at least established for the sake of this writing). Returning then, to the broken glass with this new found knowledge, these bright, open, eyes, we find that this broken glass is not beautiful. It lies on the countertop, in pieces, and does not move us to gaze upon it longingly, only to wish that it was not needed to now be cleaned up. This "glitch art" then, the child of two definitions that were so uncere- moniously glued together (perhaps it is fitting, given the word that is being defined), can be understood, at least, for now. One could be typing a paper when for no reason at all, the computer screen glitches. It is in this moment that an artist is born. This daring soul captures the screen to produce a very strange, yet visually appealing image. The image is shared and enjoyed by many; the origin of the glitch art. What then, of these imitators, these followers, of this new found style? The perceived beauty of these images that are so wonderfully distorted have a movement behind them. There are those that wish to see more of this. However, the methods that were employed to get these results are actually non-existent. The followers of glitch art's only way to create more of this art is to go about their daily lives and keep an eye out for an opportune moment when some- thing might break in their favor. Perhaps they use the same software that the originator used. Perhaps they try to replicate the actions of the previous user. They do, but the time it takes for anything to happen is too lengthy for their tastes, so they abuse the software. They feed the program input that any normal user would not dare. Here, however, we can already see a problem. Returning to our definition of glitch, an undesirable result or outcome, we can see that these new users that are abusing this software for their own gains are no longer adhering to this definition. The results that are produced from their knowledge of this program and the intent to output errors means that what they are producing is no longer glitch art (in the strictest sense). Before we look to questioning what this new art style really is, let us look to a notable "glitch" artist, Rosa Menkman and her take on the style. --{ An Existential Crisis Rosa Menkman does in fact, associate the definition in a similar way that has been laid out previously, as she states here: "The glitch has no solid form or state through time; it is often perceived as an unexpected and abnormal mode of operandi, a break from (one of) the many flows (of expectations) within a technological system." (Menkman, 2009) Though she scopes it to a tighter view of a technological system, it fits the idea, regardless. She also notes that, the concept of these errors is altered when they are realized and made into an idea along with the glitch. The "original experience of a rupture" transcended its own self and moved into a new mode of existence entirely. The glitch has ceased to be, and has "become an ephemeral, personal, experience." (Menkman, 2009) She speaks to the very idea that has been presented: that the definition and idea of a glitch are no longer that when they are realized. The mere observation or thought of them has changed them forever. An interesting point is made, however, when she touches upon the act of commercialization of glitch art, whether it be in the form of a script or a "glitching software." She claims that they move away from the process of, what she calls, "creation by destruction" and focus on only the final product. In short, it is about the journey, not the destination, that gives "glitch art" its meaning. "When the glitch becomes domesticated, controlled by a tool, or technology (a human craft) it has lost its enchantment and has become predictable. It is no longer a break from a flow within a technology, or a method to open up the political discourse, but instead a cultivation. For many actors it is no longer a glitch, but a filter that consists of a preset and/or a default: what was once understood as a glitch has now become a new commodity." (Menkman, 2009) This cultivation that she speaks of is inherent in just about any form of media, from music (a local band rising to international fame) to art (the rise of the popularity of the impressionist art style) to social trends (the explosion of the undead and supernatural creatures "genre"). If there are these communities that exist, producing glitch art as an end, rather than a means, they will be subject to scrutiny next. --{ Glitch Art in Popular Culture Rosa Menkman talks about the attempt to define glitch art by media and art historians, giving rise to labels such as "post-digital" and "datamoshing." She provides, what she believes, to be a solution to this problem, but for now, a gaze will be cast upon that subsection of glitch art called "datamoshing". Author Shad Gross describes datamoshing as "a technique whereby the compression of digital video is manipulated as a means of creative expression." Gross, S (2013) His article talks about how digital art (and most all digital media) lacks any form of physical forms but rather, holds within it, a vast number of potential forms. Gross looks to glitch art and datamoshing as a way to reveal these inherent forms of digital media, to focus on the digital aspect of the digital, rather than as a vehicle to a different form entirely. The process of datamoshing involves the editing of frames within the video, more specifically, the frames that relay information about which parts of the screen (pixels) to draw or redraw after something has changed. For many original authors of glitch art and datamoshing, the popular adoption of this style or the adaptation of the style into the mainstream culture, was to lose some of the original luster that it once possessed. Glitching and datamoshing were ways in which people could transform and alter popular culture, but now it has transformed into the ends, rather than the means, that was mentioned earlier. Reducing glitch art to this minimal effort approach also loses a key aspect of the idea that it takes a skill and knowledge of the hardware or software to intentionally produce these glitches. Experimentation is a key element, as noted by Funda (2013): "[i]n forcing a visual glitch, there is an element of unpredictability that makes experimentation worthwhile and rewarding." However, the production of scripts and tools to make this kind of art more accessible is what removes the appeal. Some artists view glitch art as a means of questioning the nature and existence of art itself. Only after hundreds of years of creation of artwork do some people begin to ask, "why?" rather than "how?" One might view this as a driving purpose behind glitch art, to break down the established cultural norms and look at the craft from a new perspective. This style of thinking has been observed by and invited upon by the InterAccess Electronic Media Arts Centre in Toronto. Artists created video games based around the idea of what it means to be and produced some very interesting results. As an example, Terrence (2006) reported this: "... [Ashmore's] Mario Trilogy places the eponymous plumber underwater, in prison or wan- dering through an empty landscape, with only the viewer/player to move him around aimlessly until the game clock runs out and he dies." This kind of work of art certainly leaves the player with a new outlook on life when the game is finished due to its very relatable message of death and the purpose of existence, or well described by Krapp (2013), the contrast between "playing a game and playing with a game." This mode of thinking can be applied to glitch art, questioning, and perhaps challenging, the very existence of art. With its destructive nature, twisted ideas and indefinable genre-state, it is almost as if glitch art is the death of other art forms. --{ Redefining Glitch Art Given these new insights, one can see the beginnings of glitch art, its methods and practices, and its shortcomings. It is justifiable then, to say that the term "glitch art" is incorrect when it is being described. If glitch art is less about the glitch, and more about the experience, more about the path taken and the surroundings enjoyed on that journey than the end result, then it is to be understood that a new definition is in order. The true glitch art will live on as the far most removal of oneself from the desire to create it, though one could question if that is even possible. Regardless, consider the term modal, which is relating to something's mode or manner. It will be used as related to a "mode of action" or simply put, its procedure. Looking back again, we remember the description of the artist who followed in the footsteps of the "original glitch artist." He pushed the limits of the software he was using to create these glitches. It will be termed that this kind of action taken with electronic devices, to produce a desired non- standard result, as abuse. Just as the terms "glitch" and "art" were joined together to create a new meaning, this style of glitch art that desires the malfunctions and errors and actively attempts to produce them, will be termed, "modal abuse." To put it in a more official format, let us say it this way, mo- dal abuse – the intentional modification or mistreatment of a hardware or soft- ware piece to produce an atypical result for the sake of artistic expression. The newly defined glitch art is, perhaps, a more fitting representation of the values, methods, and ideas that it aims to be. While, however, the views that others (mostly artists) may have on this style may transcend all definitions into a more ideological and emotional realization, to other people, a definition can help create an un- derstanding that is the difference between con- fusion and clarity. Now, then, begins a new task: to truly remove all elements that could reflect the possibility that any amount of disorder was desired. --{ References Funda S. T. (2012). Glint: Audiovisual glitch- es. Leonardo, 45(3), 296-297. doi:10.1162/LE- ON_a_00383 Gross, S. (2013). Glitch, please: Datamoshing as a medium-specific application of digital material. 175-184. doi:10.1145/2513506.2513525 Krapp, P., & Ebooks Corporation. (2011). Noise channels: Glitch and error in digital culture. Min- neapolis: University of Minnesota Press. Menkmen, R. (2009) Glitch studies manifesto Re- trieved from http://rosa-menkman.blogspot.nl/ Terence D. (2006). Controller: Artists crack the game code. Winnipeg: Arts Manitoba Publica- tions Inc. |==[ Introduction to Cryptography ]==| | by peeping_Tom | Cryptography is the practice of secret writing where information is hidden from adversaries. First used by the military, it is now used in every facet of our lives, from simple web browsing to paying bills, talking to your friends, and much more. With examples, I will show you the basics of cryptography and how all encryption is crackable. Cryptography is a wide topic that takes much mathematical ingenuity, so I sliced it into two parts. In this first part, we will explore the origins of cryptography and some simple ciphers you might use with your buddies online or off. This article is mostly theoretical but I encourage you to put your newly acquired knowledge to practice by coding working examples. Encryption is based on the idea that cracking takes time, and that the more time it takes to crack, the better. Think of bike locks. We know they do not offer perfect security, but we rely on the idea that it will take bad people more time to break them than it will take for someone on the street to stop them. Cryptography follows a similar mindset. The simplest cipher (method of encryption or decryption) is the substitution cipher. As its name implies, this cipher substitutes letters. The most famous substitution cipher is the Caesar cipher in which all the letters are replaced by their neighbors in the alphabet a few places over to the right or left. Imagine if A became B, B became C, C became D, and so on until we got to Z, which became A. This is a basic example of the Caesar cipher. ## Figure 1: The Caesar cipher A -> X B -> Y C -> Z D -> A E -> B etc. Another interesting substitution cipher is the Pigpen cipher. Used primarily by Freemasons, this cipher substitutes letters for shapes and dots. ## Figure 2: The Pigpen cipher | | | | A | B | C J | K | L | | .| . |. ----------- ----------- | | | | D | E | F M.| N |.O | | | . | ----------- ----------- | | .| . |. G | H | I P | Q | R | | | | \ S / \ W / \ / \./ T X U X .X. Y / \ /.\ / V \ / Z \ Every substitution cipher works on the same simple idea, substitution of letters for some other symbols. The way anyone would go about cracking this cipher is through a "checking" process: look for common words in the message's language, then substitute in reverse. For instance, you would look for repeated sets of 3 letters, expect them to be "the", then carry out the necessary substition on the rest of the ciphertext, i.e., the encrypted text. Extend this process to letters, rather than for words, and you get something called "frequency analysis". This method cracks any substitution cipher if you know the language of the plaintext (original message). To crack any substitution cipher you start with the "fingerprint" of the plaintext's language, and then look at a frequency analysis of symbols in the ciphertext to see the rules for substitution. The fingerprint is simply a frequency of occurrence of some letters in a language. For example, if you were to take this wall of text and count the occurrences of every letter, you would find that the most common letters are (by total count): 'e', 't', 'a', 'o', 'i', 'n', 's', ... (just remember 'ETAOIN SHRDLU' and that way you remembered the 12 most common English let- ters). The following image shows the fingerprint of the English language. ## Figure 3: The distribution of letters of the alphabet in English by frequency of occurrence 0.14 | _ | | | 0.12 | | | | | | 0.1 | | | _ |_ | | | | 0.08 | | | | _ | | | | | | _ | | | | 0.06 | | | | _| | _| | _ _| | | | _| | | | | | | | | | | | 0.04 | | _| | | | | | _ | | | | | | | | | | | | | | | | | | | | | | | | |_ _ 0.02 | |_| | | |_ _| | | | |_| | |_ | | | | | | | _ | | | | | | | | | | _| | | | | | | | | | |_| | | | 0 | | | | | | | | | |_| | | | | | |_| | | | | | |_| |_ |___________________________________________________| a b c d e f g h i j k l m n o p q r s t u v w x y z This property is unique to the English language, however all languages have a "common letter use" property. To evade this, people built the polyalphabetic cipher. The polyalphabetic cipher works on the same idea as Caesar cipher, making multiple shift ciphers of the same plaintext. First, a codeword is established between the parties. The codeword denotes the shift ciphers, for example the codeword "snake" means that there are 5 shift ciphers each with their own designated shift. The first cipher substitutes the first 'A' to occur with 'S', 'B' with 'T', ... the second 'A' with N', 'B' with 'O', and so on. Now that we have 5 shift ciphers with different letter shifts, how do we apply them to the plaintext? We repeat the ciphers in order. The first cipher on the first/sixth/ eleventh/... letter, second cipher on the second/seventh/twelfth/seventeen/... letter, and so on. The most famous of polyalphabetic ciphers is the Vigenère cipher, which I have just explained. ## Figure 4: A polyalphabetic cipher | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z --+---------------------------------------------------- A | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B | B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C | C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D | D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E | E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F | F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G | G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H | H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I | I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J | J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K | K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L | L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M | M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N | N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O | O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P | P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q | Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R | R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S | S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T | T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U | U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V | V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W | W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X | X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y | Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z | Z A B C D E F G H I J K L M N O P Q R S T U V W X Y Take the initial left column to be the codeword, and first row to be the plaintext or ciphertext you want to encrypt/decrypt. Repeat the codeword over the letters of the plaintext/ ciphertext without any spaces. For example, try to decrypt "WEBFCSLYZVMYCPN" with codeword "lainchan". How would a cryptanalyst try to crack this? Since it's just many Caesar ciphers, frequency analysis of the ciphertext is safe bet, right? Well, after he does that he is presented with flat or equally distributed letter frequency. That's because there were several different shifts performed on one text. If he doesn't know the codeword, he can't really crack it. Unless he knows the length of codeword. Since we know that the length of the codeword is N letters, and that every 1+K×N letter shares the same shift cipher (where K is a number from 0 to infinity – or at least until K×N becomes longer than ciphertext), we can do frequency analysis on every K×N-th letter. Since we used "lainchan" as our codeword, we can do frequency analysis on every 8th letter in "WEBFCSLYZVMYCPN" and find out all 8 shift ciphers that way, or in English, we can find the codeword. If we don't know the length of the codeword, and we saw flat distribution of frequency analysis, then we would try frequency analysis of every (1+K×N) th letter, where K ranges from 0 to infinity. Since we don't know N (length of the codeword), we will assume it's 1 letter long, then we will assume its 2 letters long, and so on. We do this until we get the original, readable plaintext. This process can be automated with computers, which easily make it take less time. Longer codewords result in stronger ciphers since the cracker has to assume all possible codewords shorter than the real codeword. This is only possible because the codeword is repeating, but what if it wasn't repeating? What if we had a codeword as long as the plaintext itself? This is called a one-time pad. The codeword "lainzine" can be seen as a list of numbers by which the shift is occurring in each shift cipher ('L' = '11', 'A' = '0', 'I' = '8', and so on). Also note that having a random number sequence for codeword is much more secure than having a word. A multiple-shift cipher with random shifts on each letter that is as long as the ciphertext is unbreakable by frequency analysis because the shifts don't repeat. The only way to break this one-time pad is brute force. Bruteforce, in layman's terms, is trying out every possible combination. Since we know that shift ciphers can shift letters by at most 26 until they repeat (as there are only 26 letters in the alphabet that you can shift to), bruteforcing a Caesar cipher would be simple since the shift is always the same. So you try out all possible shifts (from 1 to 26). For the polyalphabetic cipher and the one-time pad, bruteforcing becomes impossible since there is a shift for every letter. You would need to try all possible letter shifts for all possible letters, meaning that you would need try out all 26 shifts for only one letter. The longer the ciphertext is, the greater amount of shifts you need to try out. Given that's 26 shifts for a letter, and N is the amount of letters in the ciphertext, you would need 26N tries to crack the text. Best explained by a simple example. ## Figure 5: An example of a one-time pad ZDXWWW EJKAWO FECIFE WSNZIP PXPKIY URMZHI JZTLBC YLGDYJ HTSVTV RRYYEG EXNCGA GGQVRF FHZCIB EWLGGR BZXQDQ DGGIAK YHJYEQ TDLCQT HZBSIZ IRZDYS RBYJFZ AIRCWI UCVXTW YKPQMK CKHVEX VXYVCS WOGAAZ OUVVON GCNEVR LMBLYB SBDCDC PCGVJX QXAUIP PXZQIJ JIUWYH COVWMJ UZOJHL DWHPER UBSRUJ HGAAPR CRWVHI FRNTQW AJVWRT ACAKRD OZKIIB VIQGBK IJCWHF GTTSSE EXFIPJ KICASQ IOUQTP ZSGXGH YTYCTI BAZSTN JKMFXI RERYWE Let's say that we encrypted word "lainchan" with one-time pad with codeword of "ZDXWEJKA", making it "KDFJGQKN". There are 26 possible shifts for all letters, making it 26×26×26×26×26×26×26×26 = 268 = 208,827,064,576 possible combinations of shifts. As the plaintext becomes longer, N becomes larger and so does the amount of possible outcomes 26N. If the codeword is truly random, one-time pads are on par with asymmetric encryptions. If you have a friend with whom you can practice encryption, try remembering pi to 300 decimals (it's not that hard, just listen to Hard n' Phirm's Pi song a bit and you already have 160 digits), and then encrypting everything with it (first letter shift by 3, second by 1, third by 4...). Although the codeword needs to be truly random, this would work fine as long as you and your friend don't reveal the codeword to anyone else. That's about all we need to know about the origins of cryptography and simple ciphers. In the next article, we will talk about XOR and asymmetric encryption. I hope you liked this short introduction, and that you will have loads of fun with your friends armed with this knowledge. |==[ Word Search ]==| Y T P S Y C H E T J C D U K D E A T H Z A Y R O R M A E R D D U A B N M S H S N U V V O L I V I A S A A Q J I O D V A P Y Y Y H S B N G F I O F S Z R I D B D R T H V V A N B H N S A U U A I J I C I I C D X K V S I E N F O K T R N H T R L S T U I O A L I B I I I S I V C J O A C J W T L Z H Z E O C A T E U A I F E P Z I A E C V R S K S R H I O T Q J R B H R C A C E U M V N I G M Z H O X C S U N M S Y R M R H O S I A S R B B O K E X B A B R J I P C U N S P H G Y A I E N L D E I L O C B P K A H S L W T S O X R S R K H C H U Z J M Y O I N U F Y I N O I T R O T S I D N S R E E T G E F J Z A E E J I V A N B N S D X Y W K K K C A L B N I N E M M H U S K J M M A M V V Y R O M E M E Z E V E F M K K W I R E D L M T M O E G |==[ Where Do I Start? ]==| | by Hash_Value | // A primer to offensive security // Every computer forum you find is flooded with questions about hacking. When lainchan makes it big, we are going to get these questions a lot on /cyb/, so point them to this guide when they ask! Hacking has a lot of definitions depending on who you ask, but let's go straight to offensive security (which I know is what you all want anyway). First, you will need a basic but strong foundation in programming, networking and operating systems. To get a strong foundation in programming/scripting/coding you need to practice! I don't mean following along with easy college intro to programming course either. You need to build something useful. It doesn't have to be complex, just useful. Just run a web search every time you have a problem. Start off with some simple syntax and then go use that to solve problems and get better and go bigger. A lot of the time, you just need to know simple scripting languages such as python and ruby. If you plan on building something big, use C or C++. Personally, I always recommend this project based approach. That way you get to see how the pieces fit together and you actually end up with something at the end. Next is networking. You will need to know how packets move, and how routers and switches move them! There are hundreds of tutorials on this, as with programming. Visit Cisco's website and download a little program called packet tracer. This tool simulates creating a network, although it doesn't have all the security measures and you don't get the physical hands on experience. It's one of the best tools available, though, and I highly recommend playing with i ! If nothing else, you can buy an old Cisco router on the web for cheap and it will still be good, trust me. Businesses are usually slow to change their routers and switches. In addition to all of this, you also need a strong understanding of ports and TCP handshake. Moving on to operating systems, the big three are Windows, OS X, and Linux. Back in the early days, if you wanted to do any hacking it had to be on linux. That isn't necessarily true nowadays, as many tools have been ported to Windows and Mac. However, Linux is still your best bet. Regardless of which operating system you choose to work with, you have to learn both Windows and Linux. Why? Each holds about half of the server market, and if you plan on breaking in to either you have to learn both, including Linux and Windows server versions. Let's not forget web applications! Since the arrival of web 2.0, HTML5 web applications have become more and more popular. You will need to know HTML (HyperText Markup Language) and Javascript (a client-side scripting language). You also have to know how websites work, and how databases interact with websites. You can start by installing LAMP (Linux-Apache-MySQL-PHP5) in a virtual machine (which we will discuss later). Okay, now that you have a rough idea of what you should be learning, time for the good stuff! First the age old question: "Should I download a hacking specific distro?" The truth of the matter is, you don't really need too. You can download all the tools into any distro of Linux from the web, so the only real reason you would want to download a pentesting distro is the fact all the tools are the there and you don't have to waste time finding all the dependencies for metasploit. So my advice for you is this: Download a pentester, but don't install it as your main distro. Yes there are some distros that can serve both purposes, but I wouldn't recommend using them that way. Alright, you got your weapons and the skill to wield them, now all you need is a dojo But why can't I attack Shitbook or [insert other mainstream site here]?" I'm glad you asked! It's because that would be illegal, and you would get caught. I recommend visualizing everything because it's cheaper, if you fauurrk something up you can revert back to a snapshot, and it's cheaper. Now, many recommend VMware. It costs a lot of money, and I won't lie, VMware is really well made. However, Virtual Box does the same thing at a price you can't beat, free (as in both free beer and freedom). Well, this was just a starter's guide, rough and dirty. I do full time college and work, so opportunities to shitpost on the web are few and far between. I wanted to do a starter's guide on BeEF (browser exploitation framework) as well but it was going to take longer than I first suspected. I'll try for that next time, but no promises. If you want to talk to me, feel free to give me something to research; I love to learn new things. Chances are I'm lurking in #lainchan on freenode. --{ FAQ Q: I'm just a poor boy who has to steal wifi. A: Get Reaver or, if you're using Windows, Cain. Q: Kali Linux? A: Only liveboot, don't install it. Q: Do I have to learn to code? A: Tools can only go so far Anon. Q: How do i hack Facebook? A: Look into 'SET'. Q: What are the tools i need to hack X? A: * Portscanning: nmap * Password cracking: hydra * Web app: Burbsuite is popular, but I like w3af * General use: Metasploit is an all-in-one tool which is pretty much perfect for everything * Social engineering: payphone/SET Q: Where can I get hands-on experience? A: Places to practice hacking: * https://www.hackthissite.org * https://www.hackthis.co.uk * https://pentesterlab.com * https://hack.me * https://community.rapid7.com/docs/DOC-1875 Networking help and tutorials: * https://www.netacad.com/web/about-us/cisco-packet-tracer * https://www.youtube.com/user/danscourses Very good resources and general use education: * http://pastebin.com/cRYvK4jb * https://udacity.com * https://www.youtube.com/user/thenewboston Exploit development: * http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html |==[ FreeBSD Guide for Newbs and Dummies ]==| | by gh0st_ | --{ Getting the release First go to freebsd.org and pick the proper architecture. You will see the option of x86 and x64. To find out which one to pick you generally need to go by how much RAM you have. If you have under 4gigs of RAM the go with x86, 4gigs or more then go with x64. --{ Knowledge requirements * Unix basics – ie. directory setups and concepts. * Shell, i.e. Bash, CSH, KSH, etc. – You need to have a basic grasp on this * Unix concepts – i.e., everything is a file, shit like this. --{ Install If you have never messed around with Unix like OS's before then you probably should go to Linux first, pick something like Ubuntu and learn the Unix basics (also, the installer on Ubuntu is generally more friendly). Note: If you don't want to, then go and grab the FreeBSD handbook and read through it. --{ First boot Press Enter and go through the basic installer (it is pretty fucking easy). If you can't navigate through that then you shouldn't be reading this. --{ Part 1: Wireless If you are on a desktop, you don't have to worry about this. However, if you are on a laptop you, will be confronted with a wireless connection screen inside the installer. Just find your wireless network id and click it, then enter your password and continue. After the install, you should auto connect to your home wireless, but if you go somewhere else it won't do this (obviously). So follow these simple steps: 1. "ifconfig" – this will print out your card name and its alias. Most of the time it is just "wlan0". 2. "ifconfig wlan0 scan" – brings up network ids 3. "ifconfig wlan0 nwid 'FooBar Network' wpakey "FO0Bar_password" 4. If your network is unencrypted use the "-wep" or "-wpa" option where the "wpakey" would normally be 5. "dhclient wlan0" – this will setup all the DHCP shit 6. to test run "ping google.com" --{ Part 2: Users You will come to a point where you will be asked if you want to create a user. Select yes and go thru the basics until you get to the part where it asks you if you want to add this person to any groups. In this you want to type "wheel" this will be used later when adding you to the list of sudoers --{ Part 3: Post install After you are done you will reboot your computer and take out the medium which you used to install FreeBSD with. The computer should boot normally and you will be confronted with a basic CLI login screen (we will be adding a graphical login manager later). Login as root (only for this section, doing this routinely is a rootkit waiting to happen). Once you are logged in as the root user you will do the following: 1. We are assuming you are connected to your home network; run "ping google.com" to test this. 2. Now we are going to install a few basic packages. You will be doing all this as root for now but later you can finally use the user you created. Run the "pkg" command and go through the dialog. Next, run "pkg install sudo". 3. Run "visudo" and once you see text press the 'i' key to start editing text. Scroll down until you see "Uncomment to allow members of the wheel to" blah blah blah, press the Del key to uncomment. Next press the Esc key then press Shift ":wq". Having done that will allow the user you created to have access to sudoers. We will now be setting up our desktop en- vironment and login manager as well as a shit ton of other stuff to get you started. First run "pkg install nano". Once that installs you want to install basic GUI packages such as a desktop environment I will later write a file on how to customize xfce, but for now we are just setting up. --{ Part 4: Packages and settings up the desktop environment and login manager Run "pkg install xorg xfce4-session firefox hexchat epdfview". Once that finally installs run pkg install "xfce4-wm-themes slim xfce4-mixer" (or "xfce4-pulseaudio-daemon"). Once you install this, you can poke around and configure xfce to your liking but that is for a different zine. 4. Log out of root and login as the user you created. You should have basic permissions now that you are a sudoer. Next you want to configure things so that xfce will work, run "sudo nano /etc/rc.conf" and add the following to the file: dbus_enable="YES" hald_enable="YES" slim_enable="YES" moused_enable="YES" powerd_enable="YES" (if you are on a laptop only) Next, press Ctrl-O and press Enter. Now your xfce should be able to function normally. Next run "cd ~" to get to your home directory and run "nano .xinitrc ". Add the following to the file: exec /usr/local/bin/startxfce4 This will make it so when you boot up and login with SLIM or the CLI login screen you will be able to boot into xfce. Note that if you aren't using a graphical login manager you will need to run "startx" to boot into the desktop. That's all for now folks. Stay tuned for my next article in the next issue of lainzine. I will be covering ricing your xfce desktop. Note: This will have some spelling errors and maybe even some gaps in the guide. Don't bitch about it, figure it out. If you can't, there are tons of forums, discussion boards, mailing lists and IRC channels dedicated to Unix full of helpful, enthusiastic people. |==[ Youtube Proxy ]==| The following script runs on vanilla Node.js and requires an executable of youtube-dl. If it's not located in the same directory as the script, change the line var job = spawn('./youtube-dl', args); to something like var job = spawn('~/path/to/youtube-dl', args); --{ Usage examples Download a video in MP4 from YouTube: http://example.com:8567/https://www.youtube.com/watch?v=XXXXXXX Download a video from YouTube and extract audio in M4A format: http://example.com:8567/https://www.youtube.com/watch?v=XXXXXXX.m4a Currently, the headers it sets are designed for downloading. You can change them so that it plays in your browser, but I mainly wanted it for downloading videos on my phone and Firefox on Android wouldn't download it without them. Also, be aware that it needs a "downloads" directory that is not created automatically. --{ The code var spawn = require('child_process').spawn, fs = require('fs'), http = require('http'), mime = require('mime'); var server = http.createServer(function(req, res) { var m = req.url.match(/\/(.*)\.(.*?)/), format = m[2], url = m[1]; if (!/^.*\.[a-z0-9]{3,5}$/.test(req.url)) { format = 'mp4'; url = req.url.match(/\/(.*)/)[1]; } var file = url.replace(/[\/:?!&=\.]/g, '') + '.' + format, mimeType = mime.lookup(file), args = ['-o', 'downloads/' + file]; if (['m4a', 'mp3', 'opus'].indexOf(format) !== -1) { args = args.concat(['-x', '--audio-format']); } else { args.push('-f'); } args.push(format); args.push(url); console.log(args.join(' ')); var job = spawn('./youtube-dl', args); job.on('close', function(code, signal) { var fileStream = fs.createReadStream('downloads/' + file); pipeReadstream(req, res, fileStream, mimeType, file, function(err) { console.log('error: ' + err); }); }); job.stdout.on('data', function(data) { console.log('stdout: ' + data); }); job.stderr.on('data', function(data) { console.log('stderr: ' + data); }); }); server.listen(8567); // Pipe some stream as HTTP response function pipeReadstream(req, res, readStream, mimeType, filename, cb) { var headWritten = false; readStream.on('data', function(data) { if (!headWritten) { res.writeHead(200, { 'Content-Disposition': 'attachment; filename=' + filename, 'Content-Type': mimeType }); headWritten = true; } var flushed = res.write(data); // Pause the read stream when the write stream gets saturated if (!flushed) { readStream.pause(); } }); res.on('drain', function() { // Resume the read stream when the write stream gets hungry readStream.resume(); }); readStream.on('end', function() { res.end(); }); readStream.on('error', function(err) { cb(err); }); } |==[ Structure-based ASCII Art ]==| | Xuemiao Xu | | Linling Zhang | | Tien-Tsin Wong | This article has some very wide ascii art and some comparisons with normal images, that together render it very hard to display it in pure text form. I apologize for this omission, but butchering the ascii art for sake of having a complete zine seemed like the worse option. The original article can be read in the pdf version of this zine or you can grab it at its original source: http://www.cse.cuhk.edu.hk/~ttwong/papers/asciiart/asciiart.pdf Thanks for understanding, --barnet dMMMb MMMMMMMM MMMMMMMMMb MMMMMM MMMMMM MMMMMb MMMMM MMMMMMb dMMMMMMM MMMMMMMMM MMMMMMMMMM MMMMM MMMMb MMMMM MMMMM MMMMM MMMMM MMMMMP MMMMM dMMMMM MMMMM MMMMM MMMMMM MMMMMP YMMMMM MMMMMM MMMMMM lainchan.org