5 April 2002. Thanks to Anonymous, and Thomas Greene who writes:
You're welcome to publish this e-mail, and my addy: thomas.greene@theregister.co.ukI received the attached PowerPoint file from an anonymous source. It appears to be a Codex Data Systems marketing presentation touting something called TOAST (Tactical Overload Assured System Termination), which is a DDoS tool for governments. I'm not convinced that it's genuine, but I think it's worth a look. Perhaps readers can comment on it. If anyone knows something about this 'tool', I'd be pleased to hear from them.
If it's real, it's undeniably the most moronic thing Frank Jones has yet conceived. Imagine, encouraging governments to infect computers indiscriminately to target an opponent for a denial of service? What makes it seem plausible is that Jones has a history of re-packaging 31337 toys which are available free on the Web and selling them to governments at a high price. This would fit that pattern. On the other hand, there's something about the graphics that look decidedly un-Codex to me and to an acquaintance of mine. It could well be that this is a very clever parody. Of course, even then it's got solid entertainment value ;-)
Original PowerPoint file Zipped: http://cryptome.org/dirty-toast.zip (1.0MB)
Related Codex Data Systems files: http://cryptome.org/dirt-files.htm
[20 slides.]
T.O.A.S.T.TM
Tactical Overload Assured System Termination
Codex Data Systems
A new age...
The Dawn of the Digital Age has changed the way we must think...
Technology has made civilization computer dependant in the year 2000
Time is running out...
...on those who resist change
Several countries presently have cyberwar capabilities
do you?
It's a small world
We are no longer separated by vast oceans and great distance
We're connected by silicon, satellites and fiber optics
International boundaries aren't even a speedbump!
What links us?
The Net
We have the capability to reach anyone worldwide in seconds
The enormous power of the Internet is also its greatest weakness...
National Infrastructures are vulnerable to cyber attack from anywhere in the world in seconds
Coordinated Cyberwar is potentially more potent than an atomic bomb
Government Agencies
Military & Defense Commands
Power & Communications Infrastrucutre
Water & Fuel Suplies
Banking & Stock Exchanges
Air/Rail/Ground Transportation
By harnessing the omnipotent power of the electron its possible to deny service to any number of critical computer based infrastructures in the world
T.O.A.S.T.TM was designed...
...to distribute an anonymous worldwide denial of service attack on any single or multiple set of computer targets
A unique software application creates a small stealth program which is uploaded via the Internet.
This program "infects" multiple computers worldwide and commands them to launch a coordinated attack on a computer target
There is no defense...
Each computer worldwide that carries the attack software launches a massive data attack on the target system...
The distributed data attack is so devastating, the target system cannot function and crashes.
Efforts to get the target system back online will fail
Because the attack cannot be filtered...
The attack could be coordinated using over 100,000 launching pads located worldwide...
Security personnel have no chance to stop or investigate them all...
Anything that man invents... man can defeat...
However...this type of data attack would NOT be traceable back to the source simply because there is no direct link...
...the attacks are not coming directly from you...
A skilled computer technician, a PC or laptop and T.O.A.S.T.TM software
You'll need to do do some "due diligence" on your target and acquire Internet addresses of their computers
That's all...
Of the global network, it's possible to launch the attack from anywhere in the world at any time... even from a laptop...
Mobility adds to operation security and anonymity...
Depending on your operational requirements, multiple field agents could launch a coordinated strike from the four corners of the globe...
There is no heavy or restricted equipment to carry, only an ordinary laptop...
The applications are only limited by your imagination...
Military
Political
Economic
Covert Ops
T.O.A.S.T.TM the opposition
When you need to end the
game...
Stand alone machine with multi-strike capability
Site license is available
T.O.A.S.T.TM Minimum system requirements:
Windows 95/98/2000/NT operating system
Intel Pentium processor recommended
32 Meg Ram
Internet Connectivity - Dial-Up or LAN
Free upgrades for one year from date of initial purchase
D.I.R.T.TM
Data Interception by Remote Transmission
I-D.I.C.E.TM
Intrusion Detection, Identification
&Counterstrike Eradication
B.A.I.T.TM
Binary Audit Identification Transfer
Creates Trackable Electronic Documents
PC PhoneHomeTM
Theft Protection & Recovery Software
for Laptops & PCs
143 Main Street
Nanuet, New York 10954 USA
Tel: 845-627-0011
Fax: 845-627-0211
E-Mail: sales@codexdatasystems.com
Web Site: www.codexdatasystems.com
© 2000-2001, Codex Data Systems. All rights reserved
Following are Codex e-mails which reference TOAST. "Nick" is Nick Turner,
a Codex representative in South Africa (more on the Codex South Africa venture
at
http://cryptome.org/dirt-safrica.htm).
Terrance Kawles was Codex Vice President and Counsel. "Frank" is Frank Jones,
head of Codex, and named as last reviser of the TOAST PowerPoint presentation
in May 1999. It is not clear if TOAST was ever a workable product, and, if
so, whether there were any sales. Codex business plans exaggerate its products'
prowess and potential markets -- one projection was for nearly $300 million
sales over 5 years made during the dot-com boom for funding much cyber-security
and online spying snakeoil.
X-Persona: <CDS Account>
X-Sender: tkawles@mail.tco.com
Date: Wed, 23 Feb 2000 07:56:48 -0500
To: tkawles@codexdatasystems.com
From: "House of Security" <cctv@iafrica.com> (by way of
"Terrance L. Kawles" <tkawles@tco.com>)
Subject: Re: TOAST
Frank
Never was a truer word spoken, except maybe you should have
added one important bit...Gee I'm (soon going to be filthy
rich) and dangerous!!
>Gee I'm dangerous ;-) See attached zip file...
Terrific, apart from a couple of slides where text seems to
overlap the graphic, I love it. But how much is a decent atom
bomb these days??
I imagine if last night's DDW went on like the one I was last
at you probably won't get this till Monday...
Now..to some really important developments.
The demonstration was, to put it mildly, very well received. It
always gives me a kick when I see the jaw drop and it stays
that way... Today (Saturday) high level meetings are taking
place, and Denis (who was at the demo) is reporting back
personally to the Minister of State Security. He spoke with him
immediately after the demo and has recommended we do another
demo to the Ministers of Defence and the Director General
Intelligence on Tuesday 22nd. Further, at a time to be
confirmed on Wednesday, you will be doing a demonstration to
the President, Thabo Mbeki. I will not be advised of the actual
time until probably Tuesday, or maybe even Wednesday morning.
Obviously I will be back in Johannesburg Tuesday.
I also need to update you on some of the people. Bruce, Ian and
Gary have amongst them access into the entire African
continent, UK and France. I will not burden you with details
here, you will be meeting them when you come here. I almost
hesitate to identify numbers here, but suffice to say we are
looking at a base sale price into your account of not less than
$250,000 per 100 target deal for the first 4 deals we have on
the go. This excludes Tanzania which I had made a commitment to
prior to associating myself with the other guys. These deals
should be fairly quick, hopefully all to be concluded within
the next 6 weeks. These are in addition to the other 8 pending
deals in other locations. The sums are simple, I genuinely
expect based on evidence I have seen, to be putting not less
than $3 million into your pocket by year end, and maybe even
more.
I met with the Managing Director of the Isle of Man company
whose business it is to set up and establish legitimate
offshore companies. I have instructed him to register with
immediate effect an offshore company for me which will be
responsible for paying you in either $'s or Pounds. As soon as
I am advised of the company name and specific details I will
advise you so your invoices will be directed to that account
name etc. I have requested information only for you at this
time, but clearly similar opportunities apply to you. I hasten
to add that as you are aware, I am a New Zealander, I have NZ
citizenship and a NZ passport, and I can reside in South Africa
just as easily as if I were to go back to London. This simply
means that I am perfectly entitled to own and operate outside
of this country. It also makes payment from foreign countries
much easier.
Now, I also need to identify a couple of concerns here. I am
talking in some instances of amounts of money that would in
some cases cause people to forget friendships and agreements. I
fully expect not only from South Africa, but also other very
highly placed government officials to approach you direct, and
I am talking Deputy President and Senior Advisor to the
President status. How do you feel about this? I trust you guys
completely, after all, without you I have nothing to sell. But
at this time it is my belief that the clients I will bring to
you will take us quite literally into a whole new arena,
financially speaking. I am taking care of protecting myself by
putting into place an agreement with Bruce, Ian and Gary, such
that I do not expect them to approach you other than when we
are working together. I do however want to retain overall
control, in a manner of speaking, quite simply to eliminate
before it arises, any attempts to change the relationship you
and I have developed over the last year or so.
The opportunities are so great that I intend selling the
business (if I can) and stepping down from those
responsibilities so that Bruce and I can concentrate 100% on
Codex business in the Territory you have provided us. Bruce has
already resigned his directorship from his South African
interests in favour of what we are planning to do here and in
the other regions. I must warn you that I may come and
negotiate with you a wider area of sales territory after the
first million (or two) is in your pocket!! After that, I would
like you to consider my purchasing an interest in Codex itself,
but we can discuss that once I have proved my credentials so to
say.
It's funny in a way, I recognised some time ago the power,
value and potential of what you had developed, but I was
getting very frustrated not being able to get to the people who
have the authority to make the decisions. Well, that stage is
now behind us, and I am delighted to say that all the things I
have spoken about are about to become a reality.
You will obviously spend time with my team when you are here.
Let me know when you have picked up your airline tickets.
I am REALLY looking forward to the next couple of demo's but I
guess it won't be President Mbeki's personal computer we use!!
Nick
_______________________________________________________________
X-Persona: <CDS Account>
X-Sender: tkawles@mail.tco.com
Date: Wed, 23 Feb 2000 07:57:01 -0500
To: tkawles@codexdatasystems.com
From: "House of Security" <cctv@iafrica.com> (by way of
"Terrance L. Kawles" <tkawles@tco.com>)
Subject: Re: Update SA
Frank
Following a meeting yesterday with some government people, we
were given two options for our next presentation. Neither of
them are particularly attractive from your point of view as the
Deputy President and the President himself are not particularly
concerned about your sleeping habits!!
We were offered half an hour at 9:30 Monday morning (to which
we said not enough time) or one hour Thursday, probably also at
9:30am, but will be officially confirmed probably Monday. At
9:30 am our time, that means about 2:30 in the morning your
time.....well, it is the State President of South Africa!! If
it goes well, he may want to make you an offer in person that
you will find irresistible!!
I wonder if you should bring a tie with you. Ah what the heck,
if he wants to sweet talk you, I'll buy you a couple of ties
and a shirt when you're here!
I have been through the PPT on TOAST about 6 times, and each
time the price goes up another million...this is awesome stuff,
perhaps I had better see my life insurance agent about an
increase...
Nick
_______________________________________________________________
X-Persona: <CDS Account>
X-Sender: tkawles@mail.tco.com
Date: Wed, 23 Feb 2000 07:57:46 -0500
To: tkawles@codexdatasystems.com
From: "Dr. Olaf Rankis" <merlin@netquarters.net> (by way of
"Terrance L. Kawles" <tkawles@tco.com>) Subject:
Company Review
Dear Frank and Terry,
Its been a few days since the seminar and I'm still savoring
what I learned. I enjoyed the training as much as meeting and
talking to you. As promised, I put together some notions I had
about your business and perhaps some way of sorting out the
complexities involved. My comments and recommendations are
intended to be constructive rather than critical of your
current operational system. Moreover, my intention is to offer
some ideas as to improving marketing strategy. See what you
think and let me know, I'm interested in your feedback.
You really have three businesses, software services, forensic
services, and training. Any organizational mission statement
would be difficult to market given the multiple business focus.
Your company currently (as I understand) has four employees. It
is no doubt difficult and confusing at times to present the
various services under one mission statement. I have taken the
liberty of taking the basic services you offer and grouping
(reorganizing) them under each of the business headings below.
One thing you can consider is forming an additional company
that would incorporate both the Forensic and Training
businesses. You would then have better liability protection,
i.e., limiting your exposure in each of the (now) two business
areas. Plus each company could borrow and lend money, rent
space, equipment, etc, from the other. It is also easier to
market one business at a time. Terry would know if this is a
useful thought or not.
Secondly, I would appoint interested IT people and others as
"staff consultants" to bolster the numbers and perceived
credibility in your two organizations. They would only get
remunerated if they actually worked. Often, it is the
perception of power rather than the facts that is important.
That works for both your organization and the individuals you
appoint. While you have already have technical credibility as
an organization, being able to taut some additional, and
hopefully recognizable names, (them or where they work), as
associates can only enhance what you already have.
Third, I would restructure some things in the training area.
Your training is good, but it could be improved in terms of
target marketing and associated content. The DDW is a good
overview program, but it could be broken down into several
areas more extensively. You could make some of the areas less
expensive for more body count, and make some of the training
more expensive depending on content. If training is going to
give you practical skills people will spend the money. I would
recommend more hands on in all areas.
Even topics such as cyberlaw has policy application that would
be well served to have hands on training for the corporate
executive. Technical hands on training in areas where people
come to learn skills will leave you with two things, one, a
very satisfied attendee; secondly, a cadre of trained people
that you could call upon for assistance when required, thus
improving the tactical capabilities of your organization.
Fourth, I would change the alumni organizational structure.
People want to be part of "elite or special" organizations.
Most have no interest in something "anyone" has access to. Your
organization has something very special, and you need to
capitalize on that. I would recommend two distinct
organizations, one for the cadre of specialists that you
develop. They have attended all appropriate seminars and are
knowledgeable. They will network with you and each other as
"elites." They will bring you business and get the word out
about you. Don't underestimate the power of the "word of mouth"
credibility. You can have a special website and software/info
sharing here. In essence, you are creating a "professional
society" and can therefore have members pay dues. The dues go
into the purchase of software, etc, that can be shared. Not
being overly familiar with IT "cool buzz terms" I called
this association the "Cyber-war Defense Group". I don't know if
this is a good name or not, but the idea is there.
The second organization would be specialized more in line with
the "knowledgeable cop" syndrome.
Less technically sophisticated than the first organization, but
a good place for networking and getting business. Again,
nominal dues after the first year pay for "goodies" that you
can give out. Society pins, software, certificates, mousepads,
hats, etc. What Chief, Agency head, COO, or Sheriff wouldn't
want his or her "expert" in such an organization? What "expert"
wouldn't want to be part of such an organization?. None
currently exist that I am aware of. Don't let the Bureau get
the idea first. As you know, they have a way of co-opting
people and making them feel good about being part of something.
You really want to think about this notion of elite. If you
come too cheap as a consultant, nobody respects you. I think
you have probably learned that lesson already. Likewise with
your alumni associations, make it special! I would make the
focus of membership international in nature for both
organizations. You could grandfather some of your alumni into
this organization and give them the opportunity to get to
the other group. Right now you have 150 alumni (as I
understand). How many will you have in two years? I believe
that if you target market and create these alumni groups, you
will attract not only new business, but more people to your
organization. I think that the suggestions could help
strengthen your marketing strategies. Word of mouth as well as
identifiable organizational structure will put you way ahead of
the competition. There is also something to be said for "safety
in numbers."
If you have any questions or comments you can reach me at
207-751-6206, or email me at home at merlin@nqi.net. My CV is
online at http://educators.jenzabar.com/meorankis/homepage.htm
I would be interested in working with your organization as a
staff consultant in the area of psychological profiling. I can
provide law enforcement and military references in this area.
Regards, Olaf.
A REVIEW OF CODEX DATA SYSTEMS
CODEX SOFTWARE SERVICES
A. Product Development
B. Product Sales
*DIRT
*BAIT
*PCPHONE HOME
*TOAST
*ETC
CODEX FORENSIC SERVICES
Digital Evidence Acquisition
Password/File recovery
E-mail traced to source
Remote PC/Net monitoring
tracking/locating stolen documents
Intrusion detection/honey pot sting ops
Location and ID of unauthorized software users
Computer surveillance
Laptop theft recovery
Retrieval deleted/suspect hidden files
ID of internet activity
Psychological profiling
Et Cetera
CODEX TRAINING SERVICES
Computer usage/policy and supervision
Introduction to Hacking (general info)
Digital Detective Workshop (intro part I)
Forensic Analysis Workshop (advanced part II)
Advanced Forensic Analysis (advanced part III)
Tracking Pedophiles Workshop
Cyber Law
Et Cetera
-ALUMNI ASSOCIATIONS-
Cyber-war Defense Group (Association "elite" member has
attended all relevant seminars)
Forensic Cyber Security Group (Association-member has attended
relevant seminars)
_______________________________________________________________
[Cryptome: "nia" in the following message means the South
African National Intelligence Agency.]
From: "Luchi" <amss@icon.co.za>
To: "FJ" <fjones@codexdatasystems.com>
Cc: <tkawles@tco.com>
Subject:
Date: Mon, 17 Apr 2000 09:21:40 +0200
X-Priority: 3
hi there guys
it seems that some one(unknown to us at this point ) sent a fax
to the nia informing them of the COST price of dirt. the letter
was unsigned and undated. this however does not create too much
of a problem in our getting our price or close to our price as
there are "other" factors at play here that the arse hole who
did this is not aware of. all you have to do should you in the
unlikely event get a phone call, state that the local agent
will discuss all prices.
as an aside, one of the agencies are wanting to talk about
toast as well. i have said that the product can only be bought
on the back of a purchase of the latest version of dirt.
correct?
regards
luchi
_______________________________________________________________