352 lines
18 KiB
Plaintext
352 lines
18 KiB
Plaintext
Combat Arms
|
|
2869 Grove Way
|
|
Castro Valley, California 94546-6709
|
|
Telephone (415) 538-6544
|
|
BBS: (415) 537-1777
|
|
December 5, 1990
|
|
|
|
|
|
The FBI Comes Rapping, Rapping At Your BBS
|
|
by
|
|
Brock N. Meeks
|
|
|
|
|
|
The dog-eared manila envelope spilled a coffee stained
|
|
report onto my cluttered desk. The title, "The FBI and Your BBS"
|
|
sounded a little too nefarious, even for this curmudgeon of the
|
|
information age. But I figured the report was worth at least a
|
|
quick read. After all, somebody had gone to the effort to track
|
|
down my address and forward a copy of the report to me. That
|
|
someone turns out to be the report's author, Glen L. Roberts,
|
|
director of The FBI Project an organization which publishes a
|
|
newsletter, Full Disclosure, under the self defined category
|
|
"privacy/surveillance."
|
|
|
|
The report is chilling, almost paranoid. And if more people
|
|
had known about its existence, a lot of grief might have been
|
|
saved. As I read I remembered an old, coffee-ringed file folder
|
|
I'd squirreled away. I remembered something about it's containing
|
|
information on what I'd off-handedly labeled "FBI Computer Hit
|
|
Squad." When I found the file, Roberts' report didn't seem so
|
|
paranoid and knew I was in for a long night of research and bunch
|
|
of early morning wake up interviews.
|
|
|
|
IF YOU DIG, YOU HIT DIRT
|
|
|
|
In 1984 a short series of discreet advertisements, placed by
|
|
the FBI, appeared in a few computer trade publications and in The
|
|
Wall Street Journal. The message was simple, and went something
|
|
like: "We're looking for computer literate persons to join the
|
|
Bureau." There was no mention of any special task force; however,
|
|
it was clear that the Bureau wanted to upgrade their high-tech
|
|
prowess.
|
|
|
|
Although the FBI won't confirm the existence of a
|
|
computerized "hit squad," an FBI public relations officer did
|
|
confirm that they "have made an extraordinary effort to recruit
|
|
more technically oriented personnel" since 1984.
|
|
|
|
If you dig hard enough, you'll find substantial evidence
|
|
that the FBI is most definitely working overtime in its efforts
|
|
to monitor the electronic community. "They are desperately wary
|
|
of the way information flows so freely in this medium," says
|
|
Roberts. Indeed, one has only to recall this past May when some
|
|
150 Secret Service agents, assisted by local police (backed up
|
|
with electronic "intelligence" gathered and provided by the FBI)
|
|
served some 27 search warrants in a dozen cities across the U.S.
|
|
|
|
The bust, code-named Operation Sun Devil, was patterned
|
|
after the tactics used to take down suspected drug rings:
|
|
simultaneous busts, synchronized arrests. All in an effort to
|
|
preclude any "early warnings" reaching the West via grapevine
|
|
information moving from the East.
|
|
|
|
I was curious about all these high tech hit tactics and
|
|
armed with my file folder and Roberts' report I called a number
|
|
scrawled on the inside flap of my file folder. It was annotated
|
|
"Former agent; possible source." I called the number, and got a
|
|
story.
|
|
|
|
"I was recruited in 1983 by the FBI for my computer skills,"
|
|
the former agent told me. Because he still does some consulting
|
|
for the Bureau, he asked not to be identified, but he laid out a
|
|
very specific plan by the FBI to increase their knowledge of the
|
|
electronic communications world. He confided, "During my time the
|
|
Bureau's monitoring of BBSs was extremely limited; we just didn't
|
|
know how." In those days, he said, the FBI drew on the expertise
|
|
of a small band of high-tech freelance snoops to augment their
|
|
staff, "while we all honed our own skills."
|
|
|
|
TRADITION
|
|
|
|
Certainly the FBI has a tradition of "investigating" groups
|
|
of people it deems "unsavory" or threatening.
|
|
|
|
In Roberts' The FBI and Your BBS, there's a brief history of
|
|
the FBl's willingness to gather all known information on a target
|
|
group. Pulling from the Final Report of the Select (Senate)
|
|
Committee to Study Governmental Operations with respect to
|
|
Intelligence Activities, Book IV, Supplementary Reports on
|
|
Intelligence Activities, Roberts includes this excerpt:
|
|
|
|
"Detectives were sent to local radical publishing houses to
|
|
take their books. In addition, they were to find every private
|
|
collection or library in the possession of any radical, and to
|
|
make the arrangements for obtaining them in their entirety. Thus,
|
|
when the GID (General Intelligence Division) discovered an
|
|
obscure Italian born philosopher who had a unique collection of
|
|
books on the theory of anarchism, his lodgings were raided by the
|
|
Bureau and his valuable collection become one more involuntary
|
|
contribution to the huge and ever-growing library of the GID.
|
|
[pages 87-88]."
|
|
|
|
Change "any radical" to "any BBS" and "book" to "disk" and
|
|
quite suddenly the electronic landscape turns into a winter
|
|
still-life.
|
|
|
|
DATA COLLECTION
|
|
|
|
Roberts, quoting from his report, says, "Unlike other
|
|
communications media, information on a BBS does not get read by
|
|
anyone before its instantaneous publication. Therefore, the FBI
|
|
has much less of a possibility of intimidating the owner of a BBS
|
|
into not publishing certain information. The FBI also acts as if
|
|
BBSs have a monopoly on the distribution of so-called 'illegal
|
|
information.' The FBI often uses this 'danger' as justification
|
|
to monitor the activities on these systems. In reality, however,
|
|
BBSs transfer much less 'illegal information' than the phone
|
|
system."
|
|
|
|
Roberts statements are worth noting in light of the
|
|
government's increased interest in the marriage of criminal
|
|
activity and electronic communications.
|
|
|
|
A 455-page report issued by the President's Commission on
|
|
Organized Crime, dealing with drug abuse and trafficking cites
|
|
that fact that crime has moved into the high-tech arena. The
|
|
report states "To the extent that law enforcement agencies'
|
|
capabilities and equipment are inferior to those of drug
|
|
traffickers, immediate steps should be taken to rectify the
|
|
situation." The report then recommends that data-gathering
|
|
efforts of several agencies (including the FBI) should be tied
|
|
together in one "all-source intelligence and operations center."
|
|
|
|
ANY PROBLEM HERE?
|
|
|
|
There are no laws prohibiting the FBI (or other agencies)
|
|
from monitoring the public message traffic on a BBS; the
|
|
Electronic Communications Privacy Act of 1986 protects private
|
|
messages and privately stored files only. But what about an FBI
|
|
agent monitoring a BBS solely for the purpose of gathering
|
|
information on the board's users? Any problem here?
|
|
|
|
The former FBI agent I spoke with raised the concern that
|
|
such casual monitoring might be a violation of the 1968 Wiretap
|
|
Act. "In order for a wire tap, you have to get a court order. Now
|
|
if an FBI agent is monitoring a BBS to gather information, that
|
|
becomes an interesting question, because there are very specific
|
|
federal rules about a wire tap. My question to you about a BBS
|
|
[being monitored] is: "At what point does monitoring turn into a
|
|
wiretap-like act?"
|
|
|
|
Good point. The reality is, however, that there are no
|
|
rules. Unless that agent is asking for private message traffic,
|
|
he can, without impunity, monitor, store, and otherwise
|
|
manipulate your public messages as he sees fit.
|
|
|
|
Roberts points out that a BBS with public access is fair
|
|
game for any kind of governmental snooping. But there is a way to
|
|
make such casual snooping by a federal agent a crime.
|
|
|
|
"If you want your BBS readily accessible to the public but
|
|
want to protect against unwarranted monitoring, you have to
|
|
provide a warning to prospective users," says Roberts. "It should
|
|
read: 'This BBS is a private system. Only private citizens who
|
|
are not involved in government or law enforcement activities are
|
|
authorized to use it. The users are not authorized to divulge any
|
|
information gained from this system to any government or law
|
|
enforcement agency or employee."'
|
|
|
|
This does two things. It makes the entire board "private."
|
|
Second, it makes any kind of monitoring by the FBl (or other
|
|
agencies, such as the Secret Service) a criminal offense (because
|
|
they are would be guilty of unauthorized access; it also forces
|
|
them to use the established guidelines of gaining information via
|
|
a court ordered search warrant. The warning also protects you in
|
|
another way: it stops "freelancers" from doing the Bureau's work.
|
|
|
|
GET REAL
|
|
|
|
How real is the possibility of the FBI monitoring your BBS?
|
|
Much more than I'd like to believe. Although details of Operation
|
|
Sun Devil are still sketchy, it's clear that the FBI, working in
|
|
tandem with the Secret Service, is monitoring several hundred
|
|
"suspected" boards across the electronic landscape. What kind of
|
|
board is a potential monitoring target? "Any board that advocates
|
|
hacking," said a Secret Service spokesman. Yet when I asked for a
|
|
definition of hacking, all I was told was "illegal activity."
|
|
|
|
The information provided here bears out, if nothing else, an
|
|
increased interest by the FBI in the hard ball practice of going
|
|
after electronic criminals. But are the "good guys" getting
|
|
caught up with the bad?
|
|
|
|
How extensive is the FBl's actual fact gathering by
|
|
monitoring BBSs? No one knows really knows. However, given the
|
|
history of Bureau, and the hard facts that crime in the
|
|
information age makes full use of all the technology it can get
|
|
its hands on, it's a small leap to believe that at least specific
|
|
monitoring, of certain target groups, is taking place.
|
|
|
|
Where does that leave you and me in all this? Back to square
|
|
one, watching carefully what we say online. If you're a member of
|
|
a "controversial" BBS, you might pass the concerns of Roberts on
|
|
to your sysop. If you are a sysop, you might want to consider
|
|
adding a bit of protection to the board . . . for the rest of us.
|
|
|
|
Brock Meeks is a Washington, D.C. based columnist whose
|
|
articles have appeared in several publications including Byte
|
|
Magazine. His favorite radical BBS is ... well...private.
|
|
|
|
|
|
|
|
-= RESPONSE FROM MUSTANG SOFTWARE REGARDING THIS ISSUE =-
|
|
|
|
Msg #: 107 Area: Wildcat_BBS Sent: 30 Nov 90 07:39:29
|
|
From: Rick Heming <Mustang Software>
|
|
To: All
|
|
Topic: Policy Statement - Mustang Software, Inc.
|
|
|
|
This text is available in the file POLICY2.TXT on the Mustang Software,
|
|
Inc. HQ BBS for registered WILDCAT! sysops.
|
|
|
|
-------------------------------
|
|
|
|
SOFTWARE COPYRIGHT, PIRACY, AND THE BBS COMMUNITY
|
|
Mustang Software, Inc. - 11/29/90
|
|
|
|
Recently several computer trade publications have published
|
|
reports of computer software piracy through the use of bulletin
|
|
board systems. The articles in question briefly outline the
|
|
confiscation of computer hardware from several BBS system
|
|
operators as a result of a year-long investigation by the FBI.
|
|
This investigation solicited support from several software
|
|
developers, including Novell, Inc. and Mustang Software, Inc.
|
|
This policy statement is designed to clarify the activities and
|
|
position of Mustang Software, Inc. in these activities.
|
|
|
|
1. In the fall of 1989 Mustang Software was approached by the
|
|
FBI regarding an investigation they were conducting into the
|
|
activities of several bulletin boards in the Nashville area.
|
|
The agents indicated that they were in contact with Novell,
|
|
Inc. as a part of their investigation and requested
|
|
information on how BBS were operated in general. Our contact
|
|
with the agents consisted of verbal telephone contacts on
|
|
several occasions throughout the following year, during
|
|
which we offered technical support and inquired as to the
|
|
progress of the investigation.
|
|
|
|
2. At no time during the FBI's independent investigation did
|
|
anyone connected with Mustang Software initiate or receive
|
|
any BBS or modem-related calls for investigative purposes.
|
|
We made absolutely no calls to any other BBS, WILDCAT! or
|
|
otherwise, other than test calls requested by registered
|
|
sysops of our technical support staff. Furthermore, Mustang
|
|
Software was not involved in any verbal contacts or
|
|
telephone call to any sysops with regard to this activity.
|
|
|
|
3. According to affidavits filed with the U.S. Attorney's
|
|
Office in Nashville, the FBI gained access to the BBSs in
|
|
question through paid memberships and by convincing the
|
|
sysops that they were interested in exchanging copyrighted
|
|
material. Access to the BBS systems involved was not gained
|
|
using a back-door, trojan program, or a security breach. The
|
|
WILDCAT! BBS has never incorporated code to allow access
|
|
through a "back door", nor would such a provision be added
|
|
for investigative purposes in the future. As a matter of
|
|
record, the BBS software in operation on the systems in
|
|
question was not WILDCAT! when the "sting" was conducted.
|
|
Mustang Software, Inc. has every intention of continuing to
|
|
strengthen our position as the fastest growing BBS in the
|
|
world. To do so, we must rely heavily on our reputation in
|
|
the international BBS community. We would not compromise
|
|
that reputation for anything. You can continue to trust that
|
|
WILDCAT!'s source code has no undocumented features which
|
|
would compromise the security aspects of our product.
|
|
|
|
The above statements are presented to provide factual
|
|
information regarding Mustang Software's physical activities
|
|
during the period of the FBI's investigation. Apart from our
|
|
participation, it is also important to understand our company
|
|
position on the matter of software copyright, piracy, and the BBS
|
|
community.
|
|
|
|
BBS systems have many potential applications, most of which
|
|
are legitimate endeavors. We realize however that there are some
|
|
uses which may be looked upon as questionable, and others which
|
|
are clearly illegal. Mustang Software does not believe it is not
|
|
our function to concern ourselves with the use to which our
|
|
product is placed, nor will we ever become involved in gathering
|
|
this information from system operators. We do however adhere to
|
|
the principals and guidelines of Software Publishers Association
|
|
(SPA) regarding software piracy, and cannot condone this type of
|
|
activity when it is brought to our attention. Our cooperation
|
|
with the FBI investigation is an example of our response when
|
|
such activity becomes apparent. Should such an investigation
|
|
request information beyond simple conversation and technical
|
|
support in the future, we will provide it in response to a proper
|
|
legal request. The FBI investigation represents the possible
|
|
consequences when a BBS operator openly engages in activities of
|
|
questionable legality, and does so over a long period of time.
|
|
|
|
A more common situation is one which arises almost monthly
|
|
at Mustang Software. We are often advised by sysops that WILDCAT!
|
|
is being used without proper registration, or that a particular
|
|
BBS has made the registered release of our product available for
|
|
download. Our response is always a simple phone call to the
|
|
system operator bringing the matter to his attention. This call
|
|
is all that is needed 98% of the time, and others are cleared-up
|
|
with a standard form letter. We have never had to resort to legal
|
|
action when handling a copyright issue with any BBS operator or
|
|
other individual. This cooperation by responsible sysops is in
|
|
direct contrast to the blatant pirating of a wide range of titles
|
|
alleged in the FBI affidavit.
|
|
|
|
Mustang Software, Inc. has invested a great deal of time
|
|
during the past 2 years in an attempt to integrate BBS Software
|
|
and communications software to the level of other applications
|
|
such as database software, word processing software, or
|
|
spreadsheet software. This effort was undertaken to help move
|
|
away from the common misconception that BBSs are primarily
|
|
operated by individuals not a part of the mainstream. We believe
|
|
this representation of sysops as roguish computer hackers is
|
|
inaccurate, and does not lend credibility to the
|
|
telecommunications aspect of the PC marketplace. The BBS
|
|
community has made great strides in this regard during the past
|
|
year. Many software and hardware manufacturers have implemented
|
|
BBS support systems, major corporations are installing BBSs for
|
|
employee support and communication, and retailers such as
|
|
Software Etc. now carry BBS software on store shelves nationwide.
|
|
|
|
Software piracy using BBSs hurts us all. We firmly believe
|
|
that the vast majority of system operators try to operate their
|
|
BBS in a responsible manner, and avoid activities which violate
|
|
the rights of others. In order to prevent encroachment and
|
|
limitation of our telecommunication activities, we must make it
|
|
clear that the activities of a small minority of BBS operators do
|
|
NOT represent those of the masses. One of the best ways to
|
|
accomplish this is to stand united against software piracy and to
|
|
let the press know that BBS operators in general do not engage in
|
|
this activity.
|
|
|
|
We appreciate your time in reviewing this policy statement,
|
|
and hope it has answered any questions on your mind.
|
|
|
|
Sincerely,
|
|
|
|
|
|
Mustang Software, Inc.
|
|
P.O. Box 2264
|
|
Bakersfield, CA 93303
|
|
|