informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/hacking/ripco.txt

241 lines
13 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

DR. RIPCO SEIZURE
COPYRIGHT (C) 1991 BY FULL DISCLOSURE. ALL RIGHTS RESERVED.
On May 8, 1990, Agents of the United States Secret Service, along with police
and telephone company security personnel executed thirty-two search warrants
across the United States as part of a two year investigation into the
activities of computer hackers.
Full Disclosure's investigative reporting team was able to obtain the
application for one of the searches that occurred in Chicago, Illinois
(actually two identical warrants, one for the business and one for the
residence address of a computer bulletin board (BBS) system operator).
Copies of a number of other search & seizure warrants were also obtained.
First we will examine the two kinds of warrants and then look at the
specifics of the May 8, 1990 warrant executed in Chicago, Illinois.
The application forms for both types of warrants are nearly identical, except
for a key concept. The identification, government agent, and notary parts are
the same. The purpose of the application is where the difference comes in.
The search warrant application form reads as follows: ``I am a(n)
[official title] and have reason to believe that [] on the person of or [] on
the property or premises know as (name, description and/or location)
[property address], in the Northern District of Illinois there is now
concealed a certain person or property, namely (describe the person or
property to be seized) [descrip<>tion] which is (state one or more bases for
search and seizure set forth under rule 41(n) of the Federal Rules of
Criminal Procedure) concerning a violation of Title [ ] United States code,
Section(s) [ ]. The facts to support a finding of Probable Cause are as
follows:...'' [Emphasis added]
The seizure warrant application form reads as follows: ``I am a(n)
[official title] there is now certain property which is subject to
forfeiture to the United States, namely (describe property to be seized)
[property description], in the Northern District of Illinois which is (state
one or more reasons for seizure under the United States Code) concerning a
violation of Title [ ] United States code, Section(s) [ ]. The facts to
support a finding of Probable Cause for issuance of a Seizure Warrant are as
follows:...'' [Emphasis added]
The content of the applications varies in what is being sought, also. For
example, in one search warrant application seeking a warrant to search a
computer system in Lockport, Illinois, the applicant stated in part: ``My
investigation has revealed that on or about October 5, 1989, Richard Andrews
and Leonard Rose transported a stolen or fraudulently obtained computer
program worth $77,000.00 from Middle Town, Maryland to Naperville, Illinois
and then to Lockport, Illinois.'' This affidavit was not part of the May
8, 1990 series of ``Sundevil'' warrants.
Along with the other information provided in the application lead the
Magistrate to conclude that there was probable cause that evidence of a crime
would be found on the computer in Lockport. A search warrant was issued.
The application for a seizure warrant (filed by the Chicago Police Department
in Federal Court), however, was directed toward a different end: ``Our
investigation has revealed that Rufus Sims is a major narcotics dealer
operating primarily on the west side of Chicago. Since February 1989, the
United States has seized over $1.2 million in assets, including three parcels
of real estate (including an apartment building), numerous auto-mobiles and
over $650,000 in currency, that are the proceeds of Rufus Sims' narcotics
activity. Rufus Sims has not attempted to dispute the forfeiture of any of
this property or contested the fact that the property is narcotics proceeds.
. . . Our investigation has revealed that there is a safe deposit box
registered to Steven Sims at Austin Bank of Chicago, 5645 West Lake Street,
Chicago, Illinois. Based upon what our previous investigation has revealed
about the manner in which Rufus Sims conceals his narcotics proceeds, often
using safe deposit boxes registered in the names of friends and family
members, and based upon Steven Sims' direct involvement in Rufus Sims'
organization and his participation in the handling of narcotics proceeds with
Rufus Sims, I believe that this safe deposit box contains proceeds of
narcotics transactions and that such contents are subject to forfeiture
pursuant to 21 U.S.C. 881(a)(6).''
In short, the search warrant is to seek out evidence of a crime and may
involve the seizure of property for evidential purposes. The seizure warrant
is for transferring assets from an individual to the government because the
government is statutory ``owed'' those assets for some reason. In essence the
seizure warrant imposes a punishment without trial or such legal activities
as the average citizen equates with due process.
The May 8, 1990 warrant executed in Chicago, Illinois as part of the
nationwide sweep was not a search warrant. Rather it sought ``property
which is subject to forfeiture to the United States'' was located at a
particular location, being the location of a computer bulletin board named
``Dr. Ripco.''
From the start it was curious that Dr. Ripco was served a seizure warrant
seeking forfeiture of his computer equipment when the government was
apparently seeking evidence of the crimes of computer hackers. However, an
interview with the system operator disclosed that after his equipment was
carted off on May 8, 1990 he hadn't heard back. No arrest was forthcoming,
not even an interview.<M^>*1
Why was the system seized? The Secret Service employed a confidential
informant (CI 404-235) who accessed Dr. Ripco over three dozen times in 1989
and over a dozen in 1990. He is reported to have regularly seen messages
posted by other users which contained long distance carrier customer
authorization codes, references to hacking, and to credit cards and credit
bureaus.
Some of the messages in question were quoted in the warrant application. A
number of them that provided long distance access codes also had verification
by the long distance carrier that such codes had or had not been used
fraudulently. Additionally, CI 404-235 and one of the board users arranged
(apparently by way of private electronic mail on Dr. Ripco) to exchange
credit card numbers for long distance access codes. CI 404-235 was given
special authorization codes by U.S. Sprint to use for this purpose. No
mention is made as to whether any fraudulent calls were made on that
authorization code, nor whether the credit card numbers received by CI
404-235 would pass the cursory verification requested by retailers. Nor are
there any presented allegations that any attempts were made to utilize the
credit card numbers.
What did the system operator do? The application fails to allege that the
system operator was in any was involved in telecommunications fraud, credit
card fraud, or any other crime. In its definitions of BBS and system
operators it presents a picture where the job of being a system operator is
time consuming due to the volume of messages that have to be reviewed.
No statutes are cited defining any obligations or responsibilities of system
operations to either control the content of messages on their system, nor
report ``illegal'' messages to any authorities.
It only by implication states that the Dr. Ripco system operator didn't
fulfill their unsupported claim that a system operator has some obligation to
control content of messages: ``[s]pecial Agent Lawson's investigation has
further determined that the access codes posted on the RIPCO BBS are not
concealed from the system administrator of the bbs and could be seen by the
system administrator of the bbs during an examination.''
Part of the application's definition of the responsibility of the system
operator is the ability to read every message on the system, including
private electronic mail messages. The Electronic Communications Privacy Act
of 1986 raises legal questions about the right of a system operator to do so,
contrary to whatever technical abilities might exist. Similar to the
prohibitions of telephone company personnel taping phone lines.
The application is also silent about what efforts Dr. Ripco's system
administrator took to delete such messages if and when he discovered them.
Assuming that he didn't review, or that if he did review them, didn't delete
any messages, it is not clear that as merely as the provider of an electronic
communications service he is anymore liable for the content of messages, than
the telephone companies are liable for the content of conversations their
equipment carries. There were no allegations in the warrant application that
the system operated posted any such information.
There are many legal questions regarding the liability of BBS operators with
respect to message content on their services, legal responsibility to review
public and/or private messages raised by this case.
The action taken in this case appears to be directed at solving the computer
crime problem by indirect means. There are no allegations of criminal
activity by the system operator. Rather than issue a subpoena to the system
operator (under the Electronic Communications Privacy Act of 1986) for
applicable records and messages of those users that were involved in criminal
activity, they took an unique route.
They declared that third party equipment used by numerous members of the
public, including some who might have engaged in criminal activity (Full
Disclosure has been unable to find any federal criminal court cases relating
to the Dr. Ripco users named in the application that were involved in credit
card/long distance authorization access code trading) to be subject to
forfeiture to the United States. A court order was then obtained without the
knowledge or the ability of the owner to contest such proceeding.
The same technique used against other electronic communications providers
would be considered so outrageous as to not even be attempted; seizing AT&T
long distance microwave links, for example, because some drug dealers
arranged a deal in a conversation that was carried by them. However, many see
BBS systems as a threat to the power structure as they allow any individual
to reach a broad audience with his opinions. The power to reach a vast
audience with a political opinion has till now been limited to a select few.
Mixing up the problem of those desiring criminal intent with those simply
exercising first amendment rights is surely an effective method of smearing
those with no bad intent. Subjecting those who desire to provide a wide-area
public communications system to average members of the public to arbitrary
punishment because a few miscreants act inappropriately is as absurd as
seizing a long distance network over a drug dealers conversation.
*1 Interestingly, according to Federal Court records in Chicago,
Rufus Sims (as of January 7th, 1991) had never been charged with any federal
crime, even though the federal government had been seizing narcotics assets
since February 1989.
The above is reprinted from Full Disclosure Newspaper. Subscribe today and
get interesting articles like the above, plus more... pictures, graphics,
advertisement, and more articles. Full Disclosure is your source for
information on the leading edge of surveillance technology. Print the
following form, or supply the information on a plain piece of paper:
----
Please start my subscription to Full Disclosure for:
[ ] Sample issue, $2.00
[ ] 12 issue subscription, $18.00
[ ] 24 issue subscription, $29.95
With 24 issue susbcription include free one of the following:
[ ] Directory of Electronic Surveillance Equipment Suppliers
[ ] Citizen's Guide on How to Use the Freedom of Info/Privacy Acts
[ ] Maximizing PC Performance
Also available separately:
[ ] Directory of Electronic Surveillance Equipment Suppliers, $6.00
[ ] Citizen's Guide on How to Use the Freedom of Info/Privacy Acts, $5.00
[ ] Maximizing PC Performance, $6.00
Illinois residences, add 6.5% sales tax on above 3 items.
Enclosed is payment in the form of:
[ ] Check/Money order, [ ] Visa, [ ] Mastercard
Card no:___________________________________ Exp date:_______
Signature:__________________________________________________
Phone:______________________________________________________
(required for credit card orders)
My name/address:
Name:_______________________________________________________
Street:_____________________________________________________
City/State/Zip:_____________________________________________
Return to: Full Disclosure, Box 903, Libertyville, Illinois 60048

Reference in New Issue View Git Blame Copy Permalink