informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/magazines/CUD/cud0215.txt

954 lines
46 KiB
Plaintext
Raw Permalink Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
****************************************************************************
>C O M P U T E R U N D E R G R O U N D<
>D I G E S T<
*** Volume 2, Issue #2.15 (December 5, 1990) **
****************************************************************************
MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet)
ARCHIVISTS: Bob Krause / Alex Smith / Brendan Kehoe
USENET readers can currently receive CuD as alt.society.cu-digest.
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source is
cited. Some authors, however, do copyright their material, and those
authors should be contacted for reprint permission.
It is assumed that non-personal mail to the moderators may be reprinted
unless otherwise specified. Readers are encouraged to submit reasoned
articles relating to the Computer Underground.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
DISCLAIMER: The views represented herein do not necessarily represent the
views of the moderators. Contributors assume all responsibility
for assuring that articles submitted do not violate copyright
protections.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
CONTENTS:
File 1: Moderators' Corner
File 2: Len Rose Indictment in Illinois
File 3: 2600 Magazine Response to Atlanta Sentencing
File 4: List of Computer Underground Clippings
File 5: Computer Crime Laws list
File 6: Media and the CU
File 7: The Hermetic Underground
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
----------------------------------------------------------------------
********************************************************************
*** CuD #2.15: File 1 of 7: Moderator's corner ***
********************************************************************
From: Moderators
Subject: Moderators' Corner
Date: December 5, 1990
++++++++++
In this file:
1. FTP INFORMATION
2. WITNESSES FOR LEN ROSE'S BALTIMORE CASE
3. ADDRESS CHANGES
++++++++++
+++++++++++++++++++++
FTP Information
+++++++++++++++++++++
The current address for the widener ftp site is:
ftp.cs.widener.edu
The hours have been extended, and a number of files, including IIRG and NIA
(Network Information Access), individual state computer crime statutes (eg,
Calif, Fla, Ill.) have been added to all three sites.
++++++++++++
Request for Unix Witnesses for Len Rose
++++++++++++
Len Rose is currently planning the defense for his trial in Baltimore in
February, and is looking for Unix experts/gurus able to testify about the
Unix system. If you can recommend anyone, drop us a note or, better, call
Len at (708) 527-1293.
++++++++++++++++
ADDRESS CHANGES
++++++++++++++++
If you are going to lose your account for any reason, be sure to drop us a
line so we can delete your name from the mailing list. It reduces bounced
mail and helps net traffic. Thanks.
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: Moderators and others
Subject: Len Rose Indictment in Illinois
Date: December 5, 1990
********************************************************************
*** CuD #2.15: File 2 of 7: Len Rose Indictment and News Article***
********************************************************************
"Innocent Plea in Computer Case: Naperville Man Denies
Taking Key Program from Firm"
From: Chicago Tribune, December 4, 1990: Sect. 2, p. 7)
By Joseph Sjostrom
One of the first persons ever charged with computer tampering in Du Page
County pleaded not guilty Monday.
Leonard Rose, 31, of Naperville, entered the plea before Associate Du Page
County Judge Thomas Callum, who set the next hearing for January 14. Rose
is charged with gaining access to a computer at Interactive Systems, Inc.,
a Naperville software company where he worked for only a week last month,
and with "removing" a program called AT&T Unix Source Code, which is the
basic operating instructions that tell a computer how to receive and use
all the other programs.
If the case goes to trial, the prosecutor, Assistant State's Atty. David
Bayer, will have to convince a jury that Rose removed the source code and
that such action was illegal, even though the code remained in the computer
from which he allegedly took it.
Rose's attorney, Sheldon Zenner of Chicago, expects the case will never get
beyond the first of those questions.
"Quite simply, he didn't do it," Zenner said.
Rose is under federal indictment in Baltimore for copying a similar program
from a computer there and putting it on a computer bulletin board, where
computer users could copy and use it without paying fees to AT&T.
Rose was indicted on November 21 in Du Page County. Naperville police and
state's attorney's investigators searched his apartment and confiscated two
computers and a number of computer discs.
"There were certain commands made on %the Interactive Systems% computer
which suggest the source code was copied, or down-loaded %onto another
computer%," Zenner said.
"So they looked for the source code on Rose's computer, but it wasn't
there. So they'll have to try to analyze the commands made on his computer
and I expect they'll have an expert testify that, based on his analysis,
the code was downloaded %onto Rose's computer%.
"But the source code isn't there because Rose didn't do it," Zenner said.
"I expect to show the court that a serious mistake has been made."
Despite the large number of sophisticated research and business computers
in Du Page County, the only other recent prosecution for computer tampering
was the case of a woman who used a computer about two years ago to take
revenge on an employer for firing her.
She was put on probation after admiting that, in a fit of anger, she purged
several programs from the company computer before departing the office for
the last time.
Otherwise, the extent of computer tampering and fraud is impossible to
know, though experts say the opportunities for such activities are
extensive.
(end article)
*******************************
%Moderator's note: The story is a fair overview, but there is one major
inaccuracy. Len Rose's Baltimore five count indictment *DOES NOT* charge
him with "copying a similar program from a computer there and putting it on
a computer bulletin board, where computer users could copy and use it
without paying fees to AT&T." The federal indictment in Baltimore charges
him with two counts of sending a trojan horse login file (which is not, in
itself, illegal), and with three counts of transporting a very small
portion of a Unix file across state lines. He is *NOT* charged with theft
of that program in the indictment. Nor is he charged with downloading it
or with placing it on a BBS where it could be downloaded. This portion of
the story sounds like information provided by a prosecutor, because the
reporter indicated he had not read the Baltimore indictment.
*******************************
The following is a voice-transcribed version of Len Rose's indictment of
December 3, 1990 (Illinois, Du Page County; Case # 90-CF-2635). The form
may not correspond exactly with the original, but it approximates the
wording as closely as possible.
The status hearing is set for January 14, 1991.
******************
The grand jurors chosen, selected, and sworn, in and for the County of Du Page
in the State of Illinois, IN THE NAME AND BY THE AUTHORITY OF THE PEOPLE OF
THE STATE OF ILLINOIS, upon their oaths present that on or about
the 17th day of October, 1990, at and within Du Page County, Illinois,
Leonard Rose committed the offense of Computer Tampering in that said
defendant accessed a computer belonging to Interactive Services, a corporation
doing business at 1901 S. Naper Boulevard, Naperville, Du Page County,
Illinois, and removed a program known as AT&T Unix System without the
authority of the computer's owner, in violation of Illinois revised
statutes, 1989, Chapter 38, Section 16D-3(a)(3) AGAINST THE PEACE AND
DIGNITY OF THE SAME PEOPLE OF THE STATE OF ILLINOIS.
(end indictment)
************************
Following is the relevant language of the Illinois Criminal Code (Chapter 38):
************************
16D-3. COMPUTER tampering
s 16D-3. COMPUTER Tampering. (a) A person commits the offense of COMPUTER
tampering when he knowingly and without the authorization of a COMPUTER'S
owner, as defined in Section 15-2 of this Code, or in excess of the authority
granted to him:
(1) Accesses or causes to be accessed a COMPUTER or any part thereof, or a
program or data;
(2) Accesses or causes to be accessed a COMPUTER or any part thereof, or a
program or data, and obtains data or services;
(3) Accesses or causes to be accessed a COMPUTER or any part thereof, or a
program or data, and damages or destroys the COMPUTER or alters, deletes or
removes a COMPUTER program or data;
(4) Inserts or attempts to insert a "program" into a COMPUTER or COMPUTER
program knowing or having reason to believe that such "program" contains
information or commands that will or may damage or destroy that COMPUTER, or
any other COMPUTER subsequently accessing or being accessed by that COMPUTER,
or that will or may alter, delete or remove a COMPUTER program or data from
that COMPUTER, or any other COMPUTER program or data in a COMPUTER
subsequently accessing or being accessed by that COMPUTER, or that will or ma
cause loss to the users of that COMPUTER or the users of a COMPUTER which
accesses or which is accessed by such "program".
(b) Sentence.
(1) A person who commits the offense of COMPUTER tampering as set forth in
subsection (a)(1) of this Section shall be guilty of a Class B misdemeanor.
(2) A person who commits the offense of COMPUTER tampering as set forth in
subsection (a)(2) of this Section shall be guilty of a Class A misdemeanor an
a Class 4 felony for the second or subsequent offense.
(3) A person who commits the offense of COMPUTER tampering as set forth in
subsection (a)(3) or subsection (a)(4) of this Section shall be guilty of a
Class 4 felony and a Class 3 felony for the second or subsequent offense.
(c) Whoever suffers loss by reason of a violation of subsection (a)(4) of this
Section may, in a civil action against the violator, obtain appropriate
relief. In a civil action under this Section, the court may award to the
prevailing party reasonable attorney's fees and other litigation expenses.
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: well!emmanuel@APPLE.COM(Emmanuel Goldstein)
Subject: 2600 Magazine Response to Atlanta Sentencing
Date: Fri, 30 Nov 90 00:23:06 pst
********************************************************************
*** CuD #2.15: File 3 of 7: 2600 Response to Atlanta Sentences ***
********************************************************************
The following article is from the Autumn 1990 issue of 2600 Magazine, The
Hacker Quarterly. We encourage its distribution to anyone interested. If
anyone needs to get in touch with us, we can be reached at:
2600@well.sf.ca.us or (516) 751-2600.
********************************************************************
Over the past year there has been a great deal of publicity concerning the
actions of computer hackers. Since we began publishing in 1984 we've
pointed out cases of hackers being unfairly prosecuted and victimized. We
wish we could say things were getting better but we cannot. Events of
recent months have made it painfully clear that the authorities, above all
else, want to "send a message". That message of course being that hacking
is not good. And there seems to be no limit as to how far they will go to
send that message.
And so we come to the latest chapter in this saga: the sentencing of three
hackers in Atlanta, Georgia on November 16. The three, Robert Riggs (The
Prophet), Frank Darden, Jr. (The Leftist), and Adam Grant (The Urville)
were members of the Legion of Doom, one of the country's leading hacker
"groups". Members of LOD were spread all over the world but there was no
real organization, just a desire to learn and share information. Hardly a
gang of terrorists, as the authorities set out to prove.
The three Atlanta hackers had pleaded guilty to various charges of hacking,
particularly concerning SBDN (the Southern Bell Data Network, operated by
BellSouth). Supposedly Riggs had accessed SBDN and sent the now famous 911
document to Craig Neidorf for publication in PHRACK. Earlier this year,
BellSouth valued the document at nearly $80,000. However, during Neidorf's
trial, it was revealed that the document was really worth $13. That was
enough to convince the government to drop the case.
But Riggs, Darden, and Grant had already pleaded guilty to accessing
BellSouth's computer. Even though the facts in the Neidorf case showed the
world how absurd BellSouth's accusations were, the "Atlanta Three" were
sentenced as if every word had been true. Which explains why each of them
received substantial prison time, 21 months for Riggs, 14 months for the
others. We're told they could have gotten even more.
This kind of a sentence sends a message all right. The message is that the
legal system has no idea how to handle computer hacking. Here we have a
case where some curious people logged into a phone company's computer
system. No cases of damage to the system were ever attributed to them. They
shared information which we now know was practically worthless. And they
never profited in any way, except to gain knowledge. Yet they are being
treated as if they were guilty of rape or manslaughter. Why is this?
In addition to going to prison, the three must pay $233,000 in restitution.
Again, it's a complete mystery as to how this staggering figure was arrived
at. BellSouth claimed that approximate figure in "stolen logins/passwords"
which we have a great deal of trouble understanding. Nobody can tell us
exactly what that means. And there's more. BellSouth claims to have spent
$1.5 million tracking down these individuals. That's right, one and a half
million dollars for the phone company to trace three people! And then they
had to go and spend $3 million in additional security. Perhaps if they had
sprung for security in the first place, this would never have happened.
But, of course, then they would have never gotten to send the message to
all the hackers and potential hackers out there.
We think it's time concerned people sent a message of their own. Three
young people are going to prison because a large company left its doors
wide open and doesn't want to take any responsibility. That in itself is a
criminal act.
We've always believed that if people cause damage or create a nuisance,
they should pay the price. In fact, the LOD believed this too. So do most
hackers. And so does the legal system. By blowing things way out of
proportion because computers were involved, the government is telling us
they really don't know what's going on or how to handle it. And that is a
scary situation.
If the media had been on top of this story and had been able to grasp its
meaning, things might have been very different indeed. And if BellSouth's
gross exaggerations had been taken into account at the sentencing, this
injustice couldn't have occurred. Consider this: if Riggs' sentence were as
much of an exaggeration as BellSouth's stated value of their $13 document,
he would be able to serve it in full in just over two hours. And the
$233,000 in restitution would be under $40. So how much damage are we
really talking about? Don't look to BellSouth for answers.
In early 1991, the three are to begin their sentences. Before that happens,
we need to reach as many people as possible with this message. We don't
know if it will make a difference in this particular case if the general
public, government officials, and the media hear this side of the story.
But we do know it would be criminal not to try.
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: <KRAUSER@SNYSYRV1.BITNET>
Subject: List of Computer Underground Clippings
Date: Fri, 30 Nov 90 21:41 EDT
********************************************************************
*** CuD #2.15: File 4 of 7: List of CU News Articles ***
********************************************************************
Computer Hackers News Articles
Compiled By
Bob Krause
KRAUSER@SNYSYRV1.BITNET
The following is a list of articles that I have found concerning the
computer underground in various magazines and news-papers. The list is in
chronological order. If you know of an article that should be included in
this list or correction, send me the information and I will add it to the
listing.
Nov 18 '90 Crackdown on computer crime is raising question of computer
rights.
Chicago Tribune pg.17
Oct 29 '90 Users paying big price for PBX fraud.
Network World pg.1
Oct 28 '89 Halting hackers.
The Economist pg.18
Oct 15 '90 Target: The Corporate PBX
Information Week pg.24
Sept 9 '90 Can invaders be stopped but civil liberties upheld?
The New York Times pg.F12
Sept 1 '90 United States v Zod
The Economist pg.23
Sept '90 Digital Desperados; hackers indictments raise constitutional
questions.
Scientific American pg.34
Aug 26 '90 The rights of computer users.
Los Angles Times pg.D9
Aug 22 '90 Open sesame; in the arcane culture of computer hackers, few
doors stay closed.
The Wall Street Journal pg.A1
Aug 20 '90 NY State Police round up hackers.
Computerworld pg.99
Aug 17 '90 U.S. Arrests boy, 5 others in computer hacker case.
The Wall Street Journal pg.82
Aug 6 '90 Computer anarchism calls for a tough response.
Business Week pg.72
Aug 6 '90 Charges dropped against alleged BellSouth hacker.
Telephony pg.12
July 30 '90 Hacker trial begins in Chicago.
Computerworld pg.8
July 30 '90 'Hacking' crackdown is dealt a setback in trial in Chicago
The Wall Street Journal pg.B3
July 21 '90 Crackdown on hackers 'may violate civil rights'.
New Scientist pg.22
July 21 '90 Group to defend civil rights of hackers founded by computer
industry pioneer.
The Wall Street Journal pg.B4
July 10 '90 Group to fight for computer users' rights.
Los Angles Times pg.D5
July 10 '90 Computer hackers plead guilty in case involving BellSouth.
The Wall Street Journal pg.84
July 2 '90 Hackers of the World, Unite!
Newsweek pg.36
May 21 '90 Throwing the book at computer hackers.
Business Week pg.148
May 14 '90 Justice failed in refusing to make Morris an example.
Computerworld pg.23
May 14 '90 Morris sentence spurs debate.
Computerworld pg.128
May 14 '90 Wheels of justice grind to a halt in 'worm' case.
PC Week pg.16
May 7 '90 Three-year probation for Morris.
Computerworld pg.1
May '90 Just say No
Communications of the ACM pg.477
May '90 Uncovering the mystery of Shadowhawk.
Security Management pg.26
Apr 30 '90 The hacker dragnet: the Feds put a trail on computer crooks -
and sideswipe a few innocent bystanders. Newsweek pg.50
March 26'90 Internet interloper targets hacker critics.
Computerworld pg.127
March '90 Cyber Thrash
SPIN pg.24
March '90 Is Computer Hacking a Crime?
Harper's pg.45
Wntr '90 Comp. crime and the Computer Fraud and Abuse Act of 1986
Computer Law Journal pg.71
Feb 19 '90 Morris code.
The New Republic pg.15
Feb 12 '90 Alleged hackers charged wit theft of BellSouth 911 data.
Telephony pg.10
Feb 12 '90 Babes in high-tech toyland nabbed.
Computerworld pg.8
Feb 11 '90 Revenge on the nerds; sure, jail our hackers - who needs
software stars anyway?
Washington Post pg.C5
Feb 9 '90 Hacked to pieces.
New Statesman and Society pg.27
Feb 2 '90 Prevention is better than cure.
Public Finance and Accountancy pg.9
Jan 5 '90 Computer hacking: is a new law needed.
Public Finance and Accountancy pg.7
Feb 7 '90 Four charged with scheme against phones.
The Wall Street Journal pg.B5
Dec 4 '89 Hackers: Is a cure worse than the disease?
Business Week pg.37
Sept '89 Free the hacker two.
Harper's Magazine pg.22
June 19 '89 Hacker invades So. Bell switch.
Telephony pg.11
June '89 Consensual realities in cyberspace
Communication of the ACM pg.664
Apr 3 '89 Strong scruples can curb computer crime.
Computerworld pg.100
March 9 '90 Hackers revealed as spies.
Nature pg.108
March 6 '89 Are ATM's easy targets for crooks?
Business Week pg.30
Feb 20 '89 Prison term for first U.S. hacker-law convict.
Computerworld pg.1
Jan 9 '89 Hacker prosecution: suspect held, denied phone access by
district court.
Computerworld pg.2
Jan 9 '89 Drop the phone: busting a computer whiz.
Time pg.49
Dec 26 '88 The Cyberpunk
People pg.50
Dec 11 '88 Computer intruder is urged by authorities to contact the
laboratory he invaded.
The New York Times pg.24
Nov 14 '88 Portrait of an artist as a young hacker.
Computerworld pg.6
Nov '88 Robopsychology
Omni pg.42
Aug 1 '88 Is your computer Secure?
Business Week pg.64
Apr 28 '88 Hacker runs rings around military security.
New Scientist pg.25
April '88 Computer hackers follow Guttman-like progression.
Sociology and Social Research pg.199
Oct '87 Brian Reid, A Graphics Tale of a Hacker Tracker
Communications of the ACM pg.820
April '86 Positive Alternatives: A report on an ACM Panel on Hacking
Communications of the ACM pg.297
Jan '84 Hacking away at morality.
Communications of the ACM pg.8
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: brendan@CS.WIDENER.EDU(Brendan Kehoe)
Subject: Computer Crime Laws list
Date: Sun, 2 Dec 90 18:15:07 EST
********************************************************************
*** CuD #2.15: File 5 of 7: State Computer Crime Laws ***
********************************************************************
The following are the computer crime laws for various states for
those wishing to track them down.
AL Computer Crime Act, Code of Alabama, Sections 13A-8-100 to 13A-8-103
AK Statutes, Sections 11.46.200(a)(3), 11.46.484(a)(5),
11.46.740, 11.46.985, 11.46.990
AZ Revised Statues Annotated, Sections 13-2301(E), 13-2316
CA Penal Code, Section 502
CO Revised Statutes, Sections 18-5.5-101, 18-5.5-102
CT General Statutes, Sections 53a-250 to 53a-261, 52-570b
DE Code Annotated, Title 11, Sections 931-938
FL Computer Crimes Act, Florida Statutes Annotated, Sections
815.01 to 815.07
GA Computer Systems Protection Act, Georgia Codes Annotated, Sections
16-9-90 to 16-9-95
HI Revised Statutes, Sections 708-890 to 780-896
ID Code, Title 18, Chapter 22, Sections 18-2201, 18-2202
IL Annotated Statutes (Criminal Code), Sections 15-1, 16-9
IN Code, Sections 35-43-1-4, 35-43-2-3
IO Statutes, Sections 716A.1 to 716A.16
KS Statutes Annotated, Section 21-3755
KY Revised Statutes, Sections 434.840 to 434.860
LA Revised Statutes, Title 14, Subpart D. Computer Related Crimes,
Sections 73.1 to 73.5
ME Revised Statutes Annotated, Chapter 15, Title 17-A, Section 357
MD Annotated Code, Article 27, Sections 45A and 146
MA General Laws, Chapter 266, Section 30
MI Statutes Annotated, Section 28.529(1)-(7)
MN Statutes (Criminal Code), Sections 609.87 to 609.89
MI Code Annotated, Sections 97-45-1 to 97-45-13
MS Revised Statutes, Sections 569.093 to 569.099
MT Code Annotated, Sections 45-2-101, 45-6-310, 45-6-311
NE Revised Statutes, Article 13(p) Computers, Sections 28-1343 to 28-1348
NV Revised Statutes, Sections 205.473 to 205.477
NH Revised Statutes Annotated, Sections 638:16 to 638:19
NJ Statutes, Title 2C, Chapter 20, Sections 2C:20-1, 2C:20-23 to 2C:20-34,
and Title 2A, Sections 2A:38A-1 to 2A:38A-3
NM Statutes Annotated, Criminal Offenses, Computer Crimes Act, Sections
30-16A-1 to 30-16A-4
NY Penal Law, Sections 155.00, 156.00 to 156.50, 165.15 subdiv. 10,
170.00, 175.00
NC General Statutes, Sections 14-453 to 14-457
ND Century Code, Sections 12.1-06.1-01 subsection 3, 12.1-06.1-08
OH Revised Code Annotated, Sections 2901.01, 2913.01, 2913.04, 2913.81
OK Computer Crimes Act, Oklahoma Session Laws, Title 21, Sections
1951-1956
OR Revised Statutes, Sections 164.125, 164.377
PA Consolidated Statutes Annotated, Section 3933
RI General Laws (Criminal Offenses), Sections 11-52-1 to 11-52-5
SC Code of Laws, Sections 16-16-10 to 16-16-40
SD Codified Laws, Sections 43-43B-1 to 43-43B-8
TN Code Annotated, Computer Crimes Act, Sections 39-3-1401 to 39-3-1406
TX Codes Annotated, Title 7, Chapter 33, Sections 33.01 to 33.05
UT Computer Fraud Act, Utah Code Annotated, Sections 76-6-701 to 76-6-704
VA Computer Crime Act, Code of Virginia, Sections 18.2-152.1 to
18.2-152.14
WA Revised Code Annotated, Sections 9A.48.100, 9A.52.010, 9A.52.110 to
9A.52.130
WI Statutes Annotated, Section 943.70
WY Statutes, Sections 6-3-501 to 6-3-505
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: Moderators, Joe Abernathy, and "4 8"
Subject: Media and the CU
Date: December 4, 1990
********************************************************************
*** CuD #2.15: File 6 of 7: Media and the CU ***
********************************************************************
%Moderators' note: We received a number of responses, including logs from
various net sources, about the DEA/PBX story in CuD 2.14. We invited Joe to
respond, and received another, unsolicited, commentary. We add a final
concluding comment at the end of this file%.
*****************
From: chron!magic322!edtjda@UUNET.UU.NET(Joe Abernathy)
Subject: A Response to recent critics by Joe Abernathy
Date: Thu, 29 Nov 90 20:35:30 CST
The debate of the word hacker, while worthy and fascinating, is not
something that makes proper material for a daily newspaper. The fact is
that the force of society has made "hacker" into the bad guys, despite the
fact that it used to refer to people like myself, who sit around playing
with modems and assembly language. Most people in the press possess more
knowledge about things like this -- and things like the difference between
worm and virus, or usenet and Internet -- than they're given credit for.
What the critics always miss is that reporters don't write just for
computer scientists --they write for their grandmothers, their children,
and for the public record. So what happens is that the reporters always
choose the most accurate word or description that can be understood by the
largest number of people.
Screaming at reporters, or suggesting their ignorance, won't change the way
hacker is used in stories. That definition is already written in the public
consciousness, and in the laws of the land.
Jack Minard, the second correspondent, invalidated his complaint by failing
to read my article. I don't have time to do his reading for him, but I will
respond to the one thing he alluded to that really does matter from a
standpoint of journalist ethics: why the "hackers" weren't identified. They
weren't because they wanted it that way ... which raises the issue of why
anyone would allow one's accusers to go faceless. The answer is that we
didn't -- the facts of that story were provided by the DEA itself, albeit
upon my request, with the members of the computer underground identified
only to provide color and perspective.
Best Regards.
***************************************************
From: 4 8 (Figure it out)
Subject: In regards to the comments about the "DEA article" in the last CuD
Date: 11/30/90 @ 4:43 PM
In regards to the comments about the "DEA article" by Joe Abernathy of the
Houston Chronicle:
I find that what you have stated is limited in your knowledge to the story
and exactly what happened.
I'm very upset at the fact that you present Joe Abernathy as an
"anti-hacker" journalist. Furthermore, you continue to present the quotes
in the article as also being "anti-hacker".
As it may be, I tipped off Joe about the story and it's background so he
could publish it. Now, you may not know who wrote this, but if you did--
I'm almost positive you wouldn't dare to call me an "anti-hacker". Hell
man, I'd make you eat those words. [And trust me, you don't want that]
(Thank you for letting my ego surpass yours for that last paragraph)
The PBX that was mentioned was abused ridiculously to the point at which
someone had to come forward and tell who owned the lines. As many as 200+
were using this PBX nationally. The story wasn't done to "thrash" hackers,
nor to embarrass the government (Well.. maybe a little bit!), it was done
to show how stupid toll fraud can be if not exposed over a period of time.
Now, I have something to say regarding the author of the article. Joe
Abernathy is a very important symbol of these times. He what the community
needs more of: A journalist who sees "grey" and has the power to reach
people.
I think you've made a great mistake in publicly voicing your opinion on the
article and Joe. We need more Journalists like Abernathy who do see "grey"
in this community.
It appears to me that you didn't actually read the story. Otherwise, it
would be obvious to you that it wasn't one sided. The quotes taken were
from REAL hackers, ones that fed up with the BS of the current state of the
community.
You are "ragging" on a very good ally of this community, the press. In the
past the press "bashed" hackers. I seldom see journalists hacker-bash
anymore.
Furthermore, the 1.8 million figure that Joe published was incorrect.
Hell, I think it was more than 1.8 million! The PBX was accessable for
about 1 year. And don't tell me that it would take 9.7 hackers dialing 24
hours a day to get that total. Hell! One hacker could EASILY surpass that
total.
I suggest you re-evaluate your views. YOU ARE THE ONE-SIDED STORY.
Take heed to this warning:
Your comments were taken personally by me. I believe that if YOU continue
to bash the "grey-journalists" of this period, than you'll destroy a needed
link between these journalists and the community.
Regards,
4 8
PS: Most of the material that was in your comments came directly from various
other news-posts around the net
************************************
%Moderators' Comment%:
An important goal of CuD remains that of stimulating debate, and we try to
print, uncensored and without commentary, the views as expressed by
contributors, whatever they may be. The media stands in an ambiguous
relationship with the CU. One one hand, we encourage them to print
favorable, or at least factual, stories but, on the other, we are
suspicious or hostile when those stories are not to our liking. Reporters,
like the rest of us, learn, and when we feel they are in error, it's most
helpful to engage in dialogue and let the "dialectic of knowledge" take its
course, keeping an ever-watchful eye that the course paints a clearer
picture not only of "reality," whatever and wherever that may be, but also
tries to understand the "reality" of others as well. The danger in
criticizing individual reporters, especially those who are actively
reporting on issues in which we are interested, is that we remain blind to
their positive contributions and remain focused on a perceived past
grievance. This, in the long run, seems unproductive. We run the risk of
becoming our own worst enemy, fragmenting into splinter groups supporting,
opposing, squabbling, over sometimes important , but--more
often--short-term issues. When this happens, we divert attention from the
broader issues of Constitutional rights, civil liberties, crackdowns, and
the rest. Rather than castigate an individual, we would, as moderators,
prefer to see reasoned alternatives developed, argued, examined, and
clarified.
We printed both articles in the last issue because they typified the
shorter concerns we read. One contributor identified four points that,
despite the tone of the post, we thought legitimate for debate. Borrowing
from that article, and paraphrasing (perhaps beyond the original meaning of
the post), we identify:
1. What is a hacker, and who gets to define the term? This is a crucial
issue, and not merely a semantic quibble, because law enforcement defines
hackers as felons by definition.
2. What is the relationship between law enforcement and media? We tend to
agree that the figure of $1.8 seems high when one calculates it. This is an
issue that extends beyond our own interests (as the recent uncritical
articles of the "earthquake scare" and other stories indicate). The
question, as we see it, is: To what degree do those with an interest in
prosecuting hackers manipulate the media by distorting definitions, the
English language, and facts and figures to create an alternative reality
more to their liking? It would seem we should be working to alert the media
to be more critical of the information they receive.
3. News media tend to rely on law enforcement sources because most do not
know any hackers and because many reports perhaps give law enforcement more
credibility than to their targets. Punching them in the nose is not likely
to make the media want to get to know us. Like all of us, most reporters
are just doing their job, and most who write these stories cover a variety
of other topics as well. Therefore, they are often simply not computer
literate. One of our goals is to expand their literacy. Sometimes this is
successful, but other times not. But, the struggle must continue, and
struggle is as long as history. We see most of the CU issues (privacy,
judicial process, who gets to define "crime") as broader issues, and our
collective participation is not simply an attempt to make the world safe
for hackers, a rather silly and myopic goal, but to address broad issues in
one tiny slice of our existence, that of cyberspace, and hopefully the
implications will, in the aggregate, contribute to a more tolerable world.
When aging radicals begin to sound like moderate liberals, perhaps they've
fought one fight too many. Nonetheless (there's always a "nonetheless"), we
find it more productive to "keep our eye on the prize" rather than continue
internal bickering over "who's right" or "who's wrong."
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
Subject: The Hermetic Underground
From: Dark Adept
Date: Wed, 28 Nov 90 2:15:52 CST
********************************************************************
*** CuD #2.15: File 7 of 7: The Hermetic Underground ***
********************************************************************
Reinforcing the cloak of the Underground...
The Hermetic Underground
by
The Dark Adept
Greetings! This phile will take a different twist than the previous ones.
In the past few philes, I have given security (common sense) advice to the
members of the "real" world. The purpose was to try and build a rapport
between industry and computer society. However, there is a question as to
whether computer society will survive or not. In an effort to keep the
Underground alive, I will be relating some ideas for survival during the
"witch-hunt."
----------------------
| Modern-day Wizards |
----------------------
A long time ago in a place far, far away there were once many wizards. Now
wizards did not really raise the dead or turn gold into lead. What they
did do was to try and learn about and explain the universe as best as they
could. They delved into dark territories such as death, alchemy, and
mechanical engineering in order to improve the world they lived in. From
these evil doings, two things were produced. Science, including
Philosophy, Logic, Math, Chemistry, Physics, etc. And witch-hunts. They
weren't witch-hunts as one may see by looking at Salem. The effect was
much more devastating. Not only were wizards wiped from the face of the
earth, but the way they viewed life was also removed. You see, a wizard
was a jack-of-all-trades. The wizards believed that everything was
interrelated. Physics was actually related to Philosophy, and Alchemy was
a form of religion. So, the wizards studied everything possible so as to
see how the ideas interrelate. (Sort of a twisted Unified Field Theory).
There was also another reason why wizards tried to master everything. This
was because they could not come together and form a wizards guild. They
were not liked or trusted by society since they had access to information
that society did not. If they had come together they would have been wiped
from the face of the earth. Yes, I lied. In the previous paragraph I said
that wizards no longer existed. The fact is that they do and always will.
A wizard is a person who believes everything is interrelated and attempts
to find the interrelation and control his universe by it. One such branch
of wizardry is known as the Computer Underground. (To read about a real
wizard who lived in ancient times, pick up John Dee by Peter French. You
will see everything I have said is true).
So, what can we modern-day mages learn from the wise wizards of yesteryear?
--------------------
| Atomic Particles |
--------------------
The worst thing the underground could do now is organize on a mass level.
Our strength is to be found in that we are a mass of atomic entities
operating against a concerted effort. The attacks on the Underground by
the witch-hunters may smash a few individuals here and there, but the
overall body lives on. Just as the United States Army failed to fight
effectively against a dispersed phantom force like the Vietnamese, so too
will the onslaught fail against a patternless weaving of hackers. What the
opposition is trying to do is like trying to shoot gnats with a shotgun.
As long as the Underground remains dispersed and loosely organized, there
is no way they can search out and destroy the entire bunch of us. If we
band together, then, of course, they have a much larger target.
----------------------
| As Above, So Below |
----------------------
The Underground is shaped by the events that occur in the "real" world.
If Company ABC gives a grant to University XYZ to add a node to the Net,
then the Underground is expanded. If there are laws passed banning
cross-state telecommunications, then the Underground is diminished. The
topics of discussion in the Underground are also determined by "real"
world events. For this reason, the battle must be fought in the "real"
world and in the "real" world alone. The only way to conclusively affect
the existence of the Underground is to affect society. This means to
affect society in the Courts, Congress, and Senate. There are already
legitimate and capable vehicles for doing so: the EFF, for example.
These organizations need your support. Support them, but as citizens of
the United States, and not as hackers. The only way to decisively defeat
our opponents is to defeat them in their own lairs, and by using their
means.
To win the fight to get the Constitution to protect the rights of the
computer user, we must fight intelligently, morally, and ethically. We
must not succumb to the temptation to use terrorist tactics in order to
extort rights from the opposition. To do so would just anger potential
supporters. To do so would be to lower ourselves to the level of our
antagonists. We must fight with honor, with dignity, and with tenacity.
-----------------------------------------------
| Of the Bloody Sacrifice and Matters Cognate |
-----------------------------------------------
We have lost a few valuable members during the Computer Revolution. We
should not let their "deaths" be in vain. Let us learn from their mistakes
in order to better ourselves. One example is security hacking. Yeah, it's
fun. Yeah, it's better than the last Zork (tm Infocom, Inc.) game that
came out. But it's illegal. It gives the Underground a bad name. It
causes problems, and things get real ugly real fast. Way back when
security hacking first started, there were no problems since no one caused
any real trouble. Then came the few idiots who tried such things as
mercenary work, extortion, and a couple of other assorted nasty dealings
that caused corporations to RIGHTFULLY fear and dislike hackers. We caused
the problem ourselves. The blame cannot be laid on people who are trying
to protect their own property.
I am therefore asking that we all cease and desist from hacking into
private computers from this point on. There are plenty of things we can do
without inciting death threats from telephone companies. Why not set up
our own networks? A decent Unix system can be built for under $8,000. If
we can get a bunch of people together to donate some money (hey, you big
businesses, here's a hint!), then we can have our own "playground" so that
the "adults" won't be bothered by us snot-nosed (Cyber)punks. Slap
together a couple of nodes, and we can send worms and hack all we want
LEGALLY.
Again, there are other methods that can be used to gain the free flow of
information than illegal system entry. Laws could be passed that require
detailed descriptions of systems to be made public if the use of those
systems directly affects the public. An example is the infamous 911 info.
The 911 system is paid for by the public, services the public, and the
public is now dependent on it. Yet, the public knows nothing about it.
Does it make sense that something upon which human lives depend should be
classified as a "trade secret"? Should not the public be made aware of its
limitations so as to know whether it is feasible? This obviously does not
require disclosure of the source code, but it does require the disclosure
of specifications, limitations, testing data, and all instances of failure.
It would also require the general algorithm so as to prove the value of the
method.
The whole point of this section is that the day of the security hacker is
dead along with that of the Blue Boxer. Let them lie peacefully. We can
still hack code, transfer messages across the country, access tons of
information, and many other things. Is it worth risking that in order to
get into some TSO system?
---------------------
| Forbidden Secrets |
---------------------
The final icing on the cake is the fact that the people persecuting the
Underground are incompetent for the task at hand. After reading the SJG
affidavit, I am positive that they are excellent purveyors of law
enforcement, but don't know beans about computers. The belief that Kermit
was some type of illegal information is, obviously, ridiculous. When all
of this explodes, it is they who will have egg on their faces, and not we.
While doing research on the events, I came across a statement by someone in
law enforcement who said that when the results of Operation Sundevil are
made public, Mitch Kapor will be embarrassed since he is defending common
criminals. No, in reality I think it is they who will be embarrassed. They
are the ones who destroyed private property and valuable data. They are
the ones who destroyed lives and businesses with incompetence, not hackers.
--------------------
| And finally..... |
--------------------
To sum up: Stay dispersed and unorganized. Help out the EFF. Fight for
your rights using legal means in court. Don't hack security, but start
building public access systems. Expose the truth every chance you get.
My next article will once again deal with security issues in general.
Specifically, I will begin talking about the problem of copyrighting and
patenting things other than source code.
Keep up the faith, people. We can't lose. I chose the handle The Dark
Adept because I believe that out of darkness comes light. Out of the
darkness of lies and oppression comes the light of truth and freedom. One
just needs to be Adept enough to catalyze the reaction.
So, as always, I remain....
The Dark Adept 11/26/90, Chicago, IL
E-Mail: Ripco BBS (312)-528-5020
********************************************************************
------------------------------
**END OF CuD #2.15**
********************************************************************