CONFIDENTIAL Page 61 of 125 4/15/2004
© LoudWolf Holdings Ltd., LoudWolf Ltd. Edison Laboratories, Digital Animation Inc. All Rights Reserved 2002 - 2003.
__________________________________________________________________________________________________
E x e c u t i v e S u m m a r y
LoudWolf Holdings Ltd. Is a limited liability corporation based in Guernsey. Its primary focus is to act as a coordinating entity to exploit the various technologies and products recently acquired by LoudWolf from its contributing partners. These partners are companies that have pooled their combined technologies and expertise into LoudWolf and are now wholly owned subsidiaries of LoudWolf Holdings Ltd.
___Table of Contents 1________________________________________________
Contributing Partners page 5
Digital Animation Inc. page 5
Startech (US) Computer Consultancy Inc. page 5
Startech Computer Consultancy Ltd. Page 5
Edison Research Labs page 5
Summary of Core Technologies page 5
Business Overview page 6
Market Size page 7
Growth Trends page 7
Competitors page 8
Expected Competitor’s Responses page 9
LoudWolf’s Competitive Strategy page 10
Risk Factors page 11
Risk Factors & Their Mitigation page 11
Competitive Products page 11
Loss of Trade Secrets page 11
Development Delays page 11
Government Interference page 11
Hacker Interference page 11
The Rixa “STEEL” Series – Born of Necessity page 12
Rixa STEEL Historical Context page 12
Rixa Presents a New Challenge for IP Security Industry page 13
Background Regarding Security Issues page 13
Stealth Trojans on the Horizon page 13
Definitions of a Trojan page 13
The Stealth Trojan page 13
Trojans on the Web page 14
ProRAT Trojan page 14
ProRAT Commands page 15
Toquito Bandito page 15
Optix ICQ page 16
Professional versions page 16
Wheels within wheels (Trojaned Trojans) page 16
Commercial Countermeasures page 17
Trojan Hunter page 17
TDS3 page 18
Anti-Anti-Virus functionality page 18
Security Community Response page 18
The Mature Hacking Corporation page 19
The “Take” (Money to Be Made) page 20
More Examples of IP Theft page 21
High-Value IP theft – A case study page 22
Hackers Need Discipline Too page 23
The WolfPak page 23
WolfPak Rules page 24
High-Value IP in today’s connected World page 25
Hacker Quotes page 26
Analysis of Current Hacker Software page 27
Purpose of This Document page 27
Cautionary Disclaimer page 28
Design Rules as a way of describing Functions page 28
Engineer’s Notes on Descriptive Style page 29
The Threat, an Overview page 29
General description, Development Status page 29
Software goals page 30
Overview page 30
Standard IT Procedures on a Trojaned System page 31
A Scenario page 31-33
How It Was Done page 34
___Table of Contents 2________________________________________________
Defining Terms page 35
Dangerous page 35
Harmful page 35
Nullable page 35
Useful page 36
Unknown page 37
Benign page 37
Fallback Procedures page 38
Note Regarding PNF Files page 38
Rules regarding PNF files page 39
Dealing With Threats page 40
The Trojan Masters – History and Splinter Groups page 41
Cyber Crooks page 41
Tech Officers ` page 41
Zombies page 42
Extending the NameSpace page 42
Hackers United page 42
Design Rules page 43
First Infection page 44
Untraceable UDP Communications page 44
Rules Regarding Communications page 45
UDP & non-routable Protocols page 45
PC HEALTH page 45
Behavior & Sources of Code page 46
The Unexplained page 46
Pinch Points page 47
The Various Secrets of the Secret Vault page 48
Cache Memory page 48
OS2 page 48
DoubleSpace Drives page 48
Bad Blocks on Hard Disk Drives page 49
Operating System Files page 49
System Restore Area page 49
Driver Rollback Files page 49
Windows \System Directory page 49
Page File page 49
HiberFile page 49
Exotic Operating Systems page 50
The Windows Registry page 50
Print Spooler ` page 50
USB devices page 50
Hiding Techniques page 51
NTFS Hidden Date Streams page 52
UPX Ultimate File Packer page 52
Morphine page 52
Undetectables page 52
E. T. Phone Home page 52
Hacker Communications in General page 53
Telephone Techniques page 53
Telephone Dial Up page 53
Telephone Techniques page 53
Anonymous Pager page 53
Call Back page 53
Fax In & Out page 53
UDP Over Telephone page 53
ICMP page 53
TCP/IP page 53
Wireless Communications page 53
Blue Tooth page 53
Radio Keyboards & Mice page 54
Infra-Red Communications page 54
Wireless Access to Non-Wireless page 54
Audio Communications page 55
Soft Modem Communication page 55
Hacking With Audio Communications page 56
Voice Command & Voice Recognition page 57
User Names & Permissions page 58
Certificates of Authority & Digital Signature Certificates page 59
___Table of Contents 3________________________________________________
Persistence of Control- Hanging On page 60
CMOS RAM page 61
EEPROM page 61
Error Messages: & Other Time Gainers page 62
Other Noted Trojan Functionality page 63
LoudWolf Solutions page 64-67
Rixa STEEL Secure Servers page 68
Rixa STEEL Concept page 69
Product Description page 70-72
Military Servers page 73
Commercial Servers page 74
General Topography page 75
Consumer Systems page 76
STEEL Standard equipment page 77
SuperKey Technologies page 78
The Problem page 78
Security Encryption Today page 78
Every-day Security page 78
Vital Security page 78
Unbreakable Security-Isn’t page 78
The Best Encryption Available page 79
The LoudWolf Way page 79
Superkeys Product Description page 80
Implementation of a Hardware Session Key page 81
Why Keys are So Important page 82
Anatomy of a Key-Breaker Program page 82
The “Dictionary Attack” page 82
Combination Word Attack page 82
Multiple Language Variant page 82
Number Substitution page 82
The Brute Force Attack page 82
Components of the Super-Key Product page 83
Key Length & Complexity Issues page 84
Variables as Key Components page 85
Secure Satellite Superkeys Sample Application page 86
The Sentinel Series page 87-89
The Sentinel Sharp page 87
Sentinel Standalone Functionality page 89
Hot ROD Read Only Drive page 90
HVIP Drive Chemical Erasure System page 91
Business Plan Implementation page 92
Overview page 92
Time Lines Months 1-7 page 93
Time Lines Month 8-12 page 94
End of First Year Summary page 94
Time Lines Months 13-16 page 95
End of Second Year Summary page 95
End of Third Year Summary page 95
Budget Assumptions page 96
Average Salary Per Category of Job page 96
Headcount Over Time page 96
Reference Section page 97
Rixa STEEL Utility Board Documentation page 97
Micro-Controller Specifications page 98
Processor Schematic Diagram page 99
Printed Circuit boards & Schematics page 100
Software Guidelines & Connection Lists page 101-107
Trojan Read Me Files page 108-118
Hacker Defender page 108-116
Optix Pro page 116-117
FuRootKit page 118
In the News page 119
Biographies: page 120
Paul Fullwood page 120-125
THIS DOCUMENT CONTAINS HIGHLY CONFIDENTIAL INFORMATION AND MAY CONTAIN ELEMENTS OF CERTAIN PRORIETARY PRODUCTS, SERVICES AND BUSINESS INTELLIGENCE WHICH, IF DISCLOSED, MAY CAUSE HARM TO COMPANIES AND INDIVIDUALS - PLEASE DO NOT COPY OR DISTRIBUTE.
Contributing Partners
Digital Animation Inc.
A Silicon Valley-based company specializing in the development of complex software for the encoding and decoding of highly compressed and secure data streams.
Startech Computer Consultancy Inc.
A Los Angeles-based company, specializing in the development and production of custom integrated hardware and software products for the television and movie industry.
Startech Computer Consultancy Ltd.
A UK-based hardware & software development company specializing in circuit design for industrial automation.
Edison Research Labs
A Central California-based R&D partnership focused on security research and advanced countermeasure development.
Summary of Core Technologies
As a result of the acquisition of these companies, LoudWolf owns and controls all aspects of several new and important technologies. These combined technologies are focused in the following areas:
· Process-based computer security systems for military, industrial and commercial applications.
· Hardware-based security devices and technologies for high value intellectual property protection.
· Advanced computer intrusion detection systems for high security military data systems.
· Personal privacy, spy-ware detection technology and data theft protection software systems.
· Hardware-mediated system integrity and verifications systems.
· Cryptographic key systems, utilizing hardware-based keys and non-shared secret key technology.
· Encoding systems advanced compression and secure delivery of entertainment and educational media.
· Encoding systems secure transmission of high-value data over insecure pathways.
Business Overview
One of the major difficulties we have faced during the preparation of our business strategy has been the large number of products envisaged. In two years of fundamental product research we have produced dozens of potentially marketable solutions and products. Only a selected few products have been presented in this document. One of the first imperatives as we move forward will be a thorough review of all of these products with a view to extracting the best of these possibilities for further analysis. It must be assumed that this review will produce additions and modifications to our product line.
The need for the type of security that LoudWolf provides is clear. LoudWolf has identified large markets in multiple industries that are clearly awaiting the introduction of the definitive and complete intellectual property protection system.
The investment opportunity presented clearly has a huge potential. LoudWolf will provide “enabling technology” for various large market sectors.
The full exploitation of all of the opportunities afforded by these broad technologies will involve numerous partnerships with industry-leaders, aggressive protection of LoudWolf’s intellectual property and judicious maintenance of market leadership.
In some cases LoudWolf act as a technology provider rather than a manufacturer / distributor. We will license our technology to companies who can efficiently sell into their existing markets. In other cases the technology lends itself to direct sale to consumers; industry and military customers.
In these areas maintenance of market share may involve anti-competitive measures, such as; acquisitions of fledgling competitors, enforcement of patents and so on. For this reason we will depend heavily on expert management decisions pertaining to our market protection and anti-competitive strategies.
The various new technologies we will be introducing must be revealed, implemented and exploited with extreme delicacy. Patents, trade secrets, copyrights and brand-name maintenance must all be coordinated as a whole so as to ensure maximum investor return. We may hold back on the introduction of certain products or technologies in certain market segments in anticipation of earning greater rewards by implementing these technologies at different times. For example:
It would not be unreasonable to withhold a consumer level product incorporating the concept of super keys until such time as the military implementation of these super keys has been exploited to its fullest. This is consistent with our financial and marketing model which proscribes the relative marketing economy derived from direct sales to the military giving LoudWolf the opportunity for early revenues without a large sales and marketing effort and providing us with high profile reference customers which, in turn, naturally eases the task of introducing to market our commercial and consumer products at some later date.
Effective exploitation of our discoveries and innovations can be assured only by utilizing the very best of marketing and business expertise available. The full potential of LoudWolf can be effectively realized by the delicate application of our existing management expertise provided with sufficient capital to generate a powerhouse group of companies. We are confident that we can then maintain market leadership in a multitude of markets. The business structure that we have created is designed to form an effective launch pad for this strategy.
We have designed various short-term profitability products with short time to market timelines, these are intended to be distributed by several reliable partners. We have also several midterm high potential products many of which imply long term an ongoing revenue streams. In addition we possess a small number of market controlling fundamental technologies. Whilst we cannot expect to maintain dominance in all aspects of our enterprise, we can certainly anticipate high likelihood of significant return for our investors. The team of experts we are assembling for these tasks provide us with an enhanced certainty of success.
Market Size
LoudWolf’s technologies are applied to various products and services described herein. The market for these various technologies is very large indeed. Encompassing a broad swath of markets including, but not limited to, the following areas:
In US Dollars.
Tactical and strategic military computing devices Estimated Market: 20 Billion
Commercial data communications systems Estimated Market: 10 Billion
Personal computer security products Estimated Market: 10 Billion
Enabling technology in entertainment media transmission Estimated Market: 1 Billion
Enabling technology in media compression systems Estimated Market: 2 Billion
Total overall sales per year Estimated Market: 43 Billion
Growth Trends
The growth of these markets exceeds the growth in the overall worldwide computing technology sector due to existing need to add our technologies to the current installed computer user base in addition to the incorporation of our technologies into new computer systems. Many of the threats and solutions presented are not yet widely known and as such are un-tapped markets with growth curves typical of emerging technologies.
Security Related Growth
The computer security industry, enjoys one of the highest growth rates in the World. For example: In just a few short years the Anti-Virus program has transitioned from a optional component to essential software for all computers. We are in the midst of a further transition from “Security as a one-time purchase” to “Security as a subscription service”. Security technologists are in high demand, one of the few computer technical specialties still in short supply after the ballooning of tech resources in the period 1998-2000.
Security is an industry that grows when stimulated by advances in hacker technology. “Fed by fear” one could say. Described in this document are several hundred advances in hacker technology, any one of which could , and should, be feared. Growth of this market is assured, in fact to keep up with the hacker techniques we will describe it must accelerate dramatically.
Competitors
Leaving aside LoudWolf’s data compression technology, which has no known competitors, the main competition comes from established companies in the computer security sector.
Computer Associates
McAffee
Norton
FarStone
Internet Security Systems (ISS)
Trend Microsystems
At this time, all of the companies mentioned are in a position to make inroads into LoudWolf’s market. We can expect that after we launch various products, we will see some combination of the following responses from these companies and possibly some other startup companies forming who will attempt to build upon our technologies as they are released.