informis/textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/magazines/CUD/cud0219.txt
root@procul 278a90f7ce Initial commit
2021-04-15 13:31:59 -05:00

878 lines
41 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

****************************************************************************
>C O M P U T E R U N D E R G R O U N D<
>D I G E S T<
*** Volume 2, Issue #2.19 (December 31, 1990) **
****************************************************************************
MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet)
ARCHIVISTS: Bob Krause / Alex Smith / Bob Kusumoto
RESIDENT RAPMASTER: Brendan Kehoe
USENET readers can currently receive CuD as alt.society.cu-digest.
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source is
cited. Some authors, however, do copyright their material, and those
authors should be contacted for reprint permission.
It is assumed that non-personal mail to the moderators may be reprinted
unless otherwise specified. Readers are encouraged to submit reasoned
articles relating to the Computer Underground.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
DISCLAIMER: The views represented herein do not necessarily represent the
views of the moderators. Contributors assume all responsibility
for assuring that articles submitted do not violate copyright
protections.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
CONTENTS:
File 1: Moderators' Corner
File 2: From the Mailbag
File 3: Telecoms Ripping off BBSs?
File 4: Michigan Bell vs BBSs
File 5: Clarification of Gail Thackeray's Comment on Modem Licensing
File 6: a.k.a. freedom of expression
File 7: Z-modem Virus Alert
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
----------------------------------------------------------------------
********************************************************************
*** CuD #2.19: File 1 of 7: Moderator's corner ***
********************************************************************
From: Moderators
Subject: Moderators' Corner
Date: December 31, 1990
++++++++++
In this file:
1. NEW FTP SITE
2. RESOURCE CORRECTIONS
3. LEN ROSE UPDATE
++++++++++
+++++++++++
New FTP Site
+++++++++++
A second FTP archive has been set up at the University of Chicago, to help
distribute the load. It'll be an exact shadow of the
ftp.cs.widener.edu site. The info you'll need is:
ftp to chsun1.uchicago.edu [128.135.12.60]
login as anonymous
send your email address as the password
the stuff's in pub/cud
The Mail-server is also up and runing. People need to send mail to:
archive-server@chsun1.uchicago.edu with the word "help" on a line by itself
in the body of the letter. This will send them the help file for the email
server. Also, adding the word "index" on a line by itself will send the
general Index for all files on the email server (includes other things
besides the CuD archives). Basically, the sections are broken down to the
various directories contained in ^^/pub/cud on the ftp archives. So if
someone wanted to get specific index by a section, they would put the
phrase:
index cud
on a line by itself and get the cud index file. Since there are quite a
few large files contained in the archives, the arc-master will have to
personally make special requests to split the files up and make them
available to whoever asks (the email and ftp servers are linked together to
save space). This puts more delay for email requesters but it's probably
the best way to go for the time being.
+++++++++++++++++
Resource Corrections
+++++++++++++++++
The cost of TAP has increased a bit. They are now $2 for single issues or
$10 for ten.
NIA's correct address is: elisem@nuchat.sccsi.com
+++++++++++++
Len Rose Update
+++++++++++++
Len Rose's trial in Baltimore remains scheduled for January 28 in the
Federal District Court before judge J. Frederick Motz. Len's public
defender has been replaced with Jane Macht, described by those who know her
as highly competent and responsive. Len faces a five-count indictment
alleging "crimes" under 18 USC s1030(a)(6), 18 USC s2314, and 18 USC s2,
which, as written, charge him with interstate transportation of AT&T source
code and with transfering a "trojan horse login program." The indictment
also links Len to the Legion of Doom, which it describes in a highly
prejudicial narrative. Previous issues of CuD have provided in-depth
details of the case, including a copy of the indictment. A large (1650
line) file with complete background is available from the CuD ftp sites.
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
From: Various
Subject: From the Mailbag
Date: December 31, 1990
********************************************************************
*** CuD #2.19: File 2 of 7: From the Mailbag ***
********************************************************************
From: Wes Morgan <morgan@ENGR.UKY.EDU>
Subject: security checks from outside (In CuD 2.18)
Date: Fri, 28 Dec 90 10:12:09 EST
>From: gnu@TOAD.COM
>Subject: Re: "strangers probing for security flaws" -- another view
>
>Suppose there was a free program, available in source code and scrutinized
>by wizards all over the net, that you could run to test your security. If
>you had the time, you might run it and fix up the things it found. If you
>didn't have the time, those things would probably go unfixed.
There are several packages available for UNIX sites. Two that come to
mind are:
- The suite of programs included in "UNIX System Security", by
Kochan and Wood (published by Hayden Books). These programs
will audit your system for such things as world-writable home
directories, world-writable .profiles, and the like. They will
also track down any setuid/setgid files outside of regular sys-
tem directories. I've seen this package on several archive sites,
but I don't know if it's legal to distribute them. If someone
can contact Kochan, Wood, or Hayden Books, and check on this, I'll
gladly get them into the CuD archive.
- COPS, written by Dan Farmer of CERT. This package is EXCELLENT.
The best feature of COPS is an expert system that pseudo-exploits
any holes it finds. It uses /etc/passwd and /etc/group to learn
what the users are capable of. It then looks for a way to assume
the identity of a particular user. It then checks /etc/group to
see what it can access as the new uid. The chain continues until
it either becomes root or runs into a dead end. The output looks
something like this:
write /usr2/admin/morgan/.profile become morgan group staff
write /bin become bin write /etc become root DO ANYTHING
<This output was caused by my .profile being left world-writable>
This is a SUPERIOR package for UNIX sites. It's available from
cert.sei.cmu.edu.
Both of these can be run via cron. I've been running them for several
months now, with excellent results.
>Sites all over the Internet *are* being probed by people who want to do
>them harm. We know this as a fact. I would prefer if we had some
>volunteer "cop on the beat"s who would walk by periodically and rattle the
>door to make sure it's locked.
I have no problems with this at all, *as long as* I know about it in
advance. With the advent of sophisticated security tools such as those
probably used by the group in Italy, it is awfully easy to claim "cop
on the beat" status after being discovered. There was sufficient concern
about the Italians for CERT to issue a Security Advisory about their
activities. I'm not trying to make any allegations against the folks
in Italy; as far as I know, they are exactly what they claim to be. In
the future, however, I'm going to be EXTREMELY wary of people coming in
"out of nowhere" claiming to be "remote security checkers". An ounce of
paranoia, you know........
Wes Morgan
*******************************
From: Thomas Neudecker <tn07+@ANDREW.CMU.EDU>
Subject: Re: Cu Digest, #2.18
Date: Fri, 28 Dec 90 22:56:16 -0500 (EST)
In a recent CuDigest it was argued copyright protection of user interface
code should be eliminated. The author wrote in part:
>While source code should generally be protected, there are times when it
>may be more profitable to a company to release either the source code or
>important information pertaining to it. A prime example is IBM and Apple.
>Apple chose to keep their operating system under close wraps. IBM, in their
>usual wisdom, chose to let some of it fly. This caused the market to be
>flooded with "clone" PC's. Given a choice, most people bought PC's or
>PC-compatibles.
In fact IBM does not own DOS, ask Mr. Gates at Micro Soft he _sells_
licenses to the clones and sues those who try to steal his code (so does
AT&T/U*ix) Bye the way the first series IBM-PCs came with PC-DOS and CP/M.
IBM wanted Gates to write CP/M for the new machine but he said it was
*owned* by Gary Kildall of Digital Research but he try to write something
else just as good. IBM covered all of the bases and licensed both.
Regarding Apple; the ][+ I bought came with copyrighted O/S in ROM. And a
version of BASIC licensed from Micro Soft. (my 1979 version came with a
complete listing of the code for the ROM). For the LISA and the Macintosh
Apple licensed concepts from PARC for the GUI. They then licensed parts of
their developments to Micro Soft for use in Windows.
For more background on these I suggest a good book on the history of the
personal computer written by Paul Freiberger and Michael Swain. It is
"Fire in the Valley" ISBN# 0-88134-121-5.
*****************************************
From: netcom!onymouse@APPLE.COM(John Debert)
Subject: Encryption dangers in Seizures
Date: Sat, 29 Dec 90 11:20 PST
With all the concern about government seizure of someone's computer
equipment for the purported intention of looking for some kind of criminal
activity, encryption is being seriously considered in order to protect
confidential information from Big Brother's prying eyes.
There are various ways, of course, to encrypt files but one particularly
comes to mind as being at least as much hazard as protection.
The use of the "one-time" method of encryption has been considered the best
way to keep information from those not entitled to it but it seems to me a
two-edged sword, if you will, that can cause harm to whomever uses such a
method to keep the government out of their business.
The one time method uses a unique random key of equal length to the data to
be encrypted which is then XOR'ed with the data to produce the encrypted
result. Without the original key, the plaintext is not recoverable. Or is
it?
Now, suppose that someone has used this method to encrypt files on his/her
system and then suppose that Big Brother comes waltzing in with a seizure
warrant, taking the system along with all the files but does not take the
code keys with them. Knowing Big Brother, he will really be determined to
find evidence of a crime and is not necessarily beneath (or above) fudging
just a bit to get that evidence. What's to keep him from fabricating such
evidence by creating code keys that produce precisely the results that they
want-evidence of a crime? Would it not be a relatively simple procedure to
create false evidence by creating a new key using the encrypted files and a
plaintext file that says what they want it to? Using that new key, they
could, in court, decrypt the files and produce the desired result, however
false it may be. How can one defend oneself against such a thing? By
producing the original keys? Whom do you think a court would believe in
such a case?
One should have little trouble seeing the risks posed by encryption.
jd / onymouse@netcom.UUCP netcom!onymouse@apple.com
********************************
From: Andy Jacobson <IZZYAS1@UCLAMVS.BITNET>
Subject: Hackers as a software development tool
Date: Wed, 02 Jan 91 03:49 PST
I received one of those packs of postcards you get with comp. subscription
magazines (Communications Week) that had an unbelievable claim in one of
the ads. I quote from the advertisement, but I in no way promote,
recommend, or endorse this.
"GET DEFENSIVE!
YOU CAN'S SEE THEM BUT YOU KNOW THEY'RE THERE.
Hackers pose an invisible but serious threat to your information system.
Let LeeMah DataCom protect your data with the only data security system
proven impenetrable by over 10,000 hackers in LeeMah Hacker Challenges I
and II. For more information on how to secure your dial-up networks send
this card or call, today!" (Phone number and address deleted.)
So it seems they're claiming that 10,000 hackers (assuming there are that
many!) have hacked their system and failed. Somehow I doubt it. Maybe they
got 10,000 attempts by a team of dedicated hackers, (perhaps employees?)
but has anyone out there heard of the LeeMah Hacker Challenges I and II?
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: "Michael H. Riddle" <riddle@CRCHPUX.UNL.EDU>
Subject: Telecoms Ripping off BBSs?
Date: Thu, 27 Dec 90 05:59:11 cst
********************************************************************
*** CuD #2.19: File 3 of 7: Telecoms Ripping off BBSs? ***
********************************************************************
%Moderators' note: A number of states have already begun charging BBSs with
business rates. In some states, this may be a nuisance but not prohibitive.
In Illinois, for example, our own base rate in DeKalb of $24.02 would
increase to $34 were we to run a BBS. In other states (see following
file), the charges could be prohibitive if multi-line charges required
deposits and other fees. A representative from GTE in Indiana indicated
that they had no formal means of enforcing the charges other than to
investigate if they received reports of an unregistered BBS operating in
their jurisdiction. We have heard of no hobbyist in the U.S. paying for a
business line to run a non-commercial BBS, but the implications, if the
practice is allowed to spread unchecked, are serious. Enforced charges
could be the end of the local or regional Bulletin Board as they currently
exist.
The issue, according to the Indiana spokesperson, is alleged to be one of
fairness and equity in billing. Why, they, ask, should someone whose phone
is in constant use pay the same as somebody who uses their phone only a
fraction of the time? Our response is that there is little, if any, added
expense to telecom operations whether a phone is used for 20 minutes or 20
hours during a given day. Further, the user is already paying an added
charge simply for the receipt of calls. If one adds in toll charges for the
hundreds of thousands of those who call long distance, BBSs generate
considerable revenue for telecom companies. Classifying BBSs as business
lines and increasing the charges strikes us as unabashed greed. Why not
*REDUCE* the rates for BBS lines, which only receive calls and generate
considerable revenue in long distance charges?
This is not a trivial concern. Telephone rates, like all utilities, tend to
rise. The policies identified in the following two files should motivate
all of us to become involved by
1) Writing letters to local telecom companies
2) Writing to elected officials
3) Introducing these campaigns in local and regional elections
4) Writing to state utililty commissions
5) Attending and participating in hearings
************************************************
--- original post on alt.cosuard as reposted on comp.dcom.telecom---
The following cross-posted information is extracted from alt.cosuard.
Can anyone in Indiana or a closely neighboring state provide any
details on this?
>From: BILL BLOMGREN - Sysop: St. Pete Programmers Exchange RIME: PETEX
Well ... thought I would pass this tidbit of bad news along ... GTE
Indiana prevailed against the BBS systems there ... ALL BBS's in GTE's
area there are now at BUSINESS RATES. Which means $50 per month base
rates, plus MUCH higher long distance charges.
Indiana Bell ... has filed the same tariff with the PUC (Public
Utilities Commission) there, making it state wide.
Needless to say, GTE has a history of going after the little guy, so
you can expect it here in the REAL near future! I expect it nation-
wide in the near future. In Indiana, they decided that THE PHONE
COMPANY can decide that your residence is a business, and charge high
rates to all service incoming.
Unfortunately, the courts agreed with them.
Ain't Monopolies Nice???
-----
Not a nice situation huh? We didn't need a precedent to be set like
this ... now this paves the way for other companies to follow suit.
It'll be interesting to watch the nodelist to see if the nets in
Indiana (201 in Lafayette, 227 in South Bend, 230 in the Gary Area,
231 in Indy, 236 in Ft. Wayne/NE IN and 2230 in Terre Haute and 11/15
in Evansville) start shrinking.
Paul
UUCP: crash!pro-lep!shiva
ARPA: crash!pro-lep!shiva@nosc.mil
INET: shiva@pro-lep.cts.com
--- End of Cross Posting ---
<<<< insert standard disclaimer here >>>>
riddle@hoss.unl.edu | University of Nebraska
postmaster%inns@iugate.unomaha.edu | College of Law
mike.riddle@f27.n285.z1.fidonet.org | Lincoln, Nebraska, USA
---- my own responses to comments in the Omaha Sysops echo ----
In a message to M. RIDDLE, JACK WINSLADE writes as of 25-DEC-90 14:30:26
>Since you are the closest to being a real lawyer of any of us, and since
>you were the one who 'broke' the story to Tel_Dig, would you be willing to
>give an educated opinion on specifically what, when, and how much the
>Indiana decision will affect us here in Omaha.
See the previous response to Joan for what news there is.
>I'm sure that this will result in Yet Another round of 'The Sky Is
>Falling' <tm> messages in every sysops' conference just as soon as it hits
>Arfnews, etc. and enters the distortion-prone person-to-person-to-person
>chain of communication.
The only thing faster than the speed of light is the manner is which
disinformation about BBS law propagates across the net.
>Is this decision effective immediately, or will a higher court (or
>something else) intervene ?? How might this affect the situation in
>Nebraska (where Clink is about to buy the farm) and in the other states
>such as Texas ??
Since the limited information we have suggests this is a PUC decision, it is
still appealable to the courts. If appealed, it will probably not go into
effect until final judgment. It's direct effect would only be in Indiana.
The Nebraska PUC might not care a great deal what Indiana did, or it might
give them some value as "persuasive precedent." The arguments GTE used
might have some value. They might not. It all depends on how the
Indiana statutes are worded. My guess is the fight is over "what is a
business for the purpose of telephone rates?", which will in turn include
"why do businesses pay higher rates than residences?"
The answer to the second is generally "because they use the phone more."
The answer to the first has usually been "some kind of organization that
either makes a profit or has formal nonprofit status."
We all know that successful BBSes use telephone resources more than a
residence, perhaps more than many businesses. That supports GTEs position.
The fact that they are hobby operations is what complicates the picture,
and the PUC reaction is difficult to predict.
>Comments, suggestions ??
Keep calm and wait for a better report on what happened.
>Good (??) Day! JSW
G'Day back to you, mate! MHR
--- end of quoted messages ---
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: Ed Hopper <ehopper@ehpcb.wlk.com>
Subject: Michigan Bell vs BBSs
Date: Mon, 31 Dec 90 23:49:03 CST
Organization: Ed Hopper's BBS - Houston, Texas 713-997-7575
********************************************************************
*** CuD #2.19: File 4 of 7: Michigan Bell vs. BBSs ***
********************************************************************
From: TELECOM Digest Tue, 1 Jan 91 03:46:40 CST Volume 11 : Issue 1
(Note: I am sending this on behalf of Bruce Wilson.)
From the FACTS BBS in Flint, Michigan, by way of the Vehicle City BBS in
Davison, Michigan:
On January 15, 1991, an administrative hearing will be held before the
Michigan Public Service Commission to discuss a complaint filed against
Michigan Bell Telephone Company.
Early this year, a private bulletin board in Grosse Point, called the
Variety and Spice BBS, was ordered to pay an increased charge for phone
service because it was discovered he was accepting donations for use of his
BBS.
This BBS ran on an IBM, and supports sixteen separate lines. Although a
portion of the BBS was open to the public, most of the BBS (including an
"adult file" area, were restricted to those who sent a donation to the BBS.
The money collected didn't even come close to the actual cost of running
such a BBS.
Michigan Bell claims that placing any condition on the use of a BBS
constitutes a business, and that the sysop must pay a business rate for his
phone line, plus pay a $100 deposit for EACH LINE in use. This means the
Variety and Spice sysop would have to pay a $1600 deposit, plus about $50
additional each month if he wanted to continue his BBS.
The sysop refused to pay this fee, so Michigan Bell disconnect his lines.
The sysop filed a complaint with the MPSC. Until this case was heard, he
decided to re-install the phone lines (at a considerable cost to himself).
If Michigan Bell wins this case, they will require every BBS sysop to pay
business rates for each of their lines, if it is determined that the BBS is
accepting fees or donations. The Variety and Spice sysop claims that MBT
considers requiring users to upload files or post messages (ie
upload/download ratios) the same as a donation, and will require the sysop
to upgrade his line to a business line whether money was exchanged or not.
However, in an interview I did in March, I talked to the chief spokesman of
MBT, who claimed that this was not the case. Only if money is accepted
will MBT demand the sysop pay business rate.
The important thing here is that AT THIS TIME, these are the rules that MBT
believes is in the tariff. If Variety and Spice loses this case, it is
conceivable that MBT can request further restrictions to be placed.
At this hearing, the public will be allowed to voice their opinions and
comments. This applies to both sysops and users. If MBT wins this case it
can cause serious restrictions to be place on BBS's, and will set a
precedence for other phone companies around the country to follow.
Your help is urgently needed!! Please try to attend this hearing. It will
be held at the Public Service Building, 6545 Merchant Way, Lansing,
Michigan. The date is January 15. I do not have the exact time but I
assume this hearing will last most of the day. You do not have to testify,
but it would really be helpful if you can attend as a show of support. The
MPSC does not think the Michigan public even cares about BBS's. But we can
certainly jar their thinking if we can pack the room with sysops and users!
For more information, please contact Jerry Cross at 313-736-4544 (voice) or
313-736-3920 (bbs). You can also contact the sysop of the Variety & Spice
BBS at 313-885-8377.
Please! We need your support.
Notes from Ed Hopper:
In our case against Southwestern Bell, the same cockeyed logic was applied.
For a brief period, Southwestern Bell also maintained that the requirement
of file uploads was, in and of itself, cause for them to declare a BBS to
be a business because it required something "of value" for access. We were
able to force Southwestern Bell to see things in a more moderate tone.
Recently, I had the opportunity to testify before the Texas PUC regarding
the Texas BBS case. In that testimony, I stated that the telcos draw all
sorts of extreme scenarios in which the provision of residential service to
BBS systems is against the public good. Their argument goes: "If we allow
them to have residential service, it will upset the equations and raise the
cost of telecommunications services to everyone." However, there is not a
BBS on every block, or even one in every subdivision, and no rational
observer would ever expect that to be the case. There is, however, cause
for most rational observers to believe that the increased cost of business
service, including it's increased burden in the area of deposits and
installation charges, could cause the closing of many BBS outlets. This,
truly, would not be in the public good.
Ed Hopper
President
The Coalition of Sysops and Users Against Rate Discrimination
BBS: 713-997-7575 ehopper@attmail.com ehopper@ehpcb.wlk.com
****************************
[%Telecom Digest% Moderator's Note: The problem of course is that the
telephone company only has two basic rates: a rate for residence/personal
communications and a rate for all else, which they term 'business phones'.
Where Ed's counter-argument fails is that while there are not BBS's on
every block, neither are there churches and charities on every block -- yet
they pay full business rates, as do social service hotline, information and
referral services. Are BBS information providers to be treated differently
than dial-a-prayer lines which run on business phones, or the proverbial
"Battered Women's Shelter outgoing phone line where the calls can't be
traced" which also pays business rates?
Here are some questions you may wish to give response to: Should there be a
third rate category made available, covering charitable and religious
organizations? Should this third rate category be available to all
not-for-profit phone services such as BBS lines and social service referral
numbers or hotlines? If BBS operators who charge money got such a rate,
should Compuserve or GEnie also be allowed to use the same rate? Should
telco be the one to audit the revenues and decide which computer sites
should be treated as 'business' and which should be 'charitable
organization'? Is it the fault of telco if the BBS operator does not
charge enough money to make a profit? Where is the line to be drawn?
Answers? PAT]
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: well!jwarren@APPLE.COM(Jim Warren)
Subject: Clarification of Gail Thackeray's Comment on Modem Licensing
Date: Sun, 30 Dec 90 12:59:54 pst
********************************************************************
*** CuD #2.19: File 5 of 7: Gail Thackeray Clarification ***
********************************************************************
GAIL THACKERAY RE LICENSING MODEMS & RESTRICTING MODEM USE
On 12/21, as a postscript on e-mail to Gail Thackeray, I asked:
+++++++++++++++++++++++++
Been meanin' to check this *rumor* for months (I rarely trust what I
haven't checked, personally): Have you said that modems should be licensed
and their use restricted? (It's been widely quoted/paraphrased and is a
common [mis?]perception of your views.) If you ever said it, do you now
hold that view?
I'm not challenging it; just tryin' to verify or refute a provocative
rumor.
+++++++++++++++++++++++++
To which, Gail responded:
+++++++++++++++++++++++++
Date: Sat, 22 Dec 90 10:04:05 pst
From: gailt (Gail Thackeray)
To: jwarren
No, I never said so -- when talking about the lack of parental
supervision of computer use for beginning youngsters, I have pointed
out that in other instances involving driving, guns, etc. we
recognize that kids don't have good judgment and we insist on training,
supervision, licensing, etc. to minimize the risk to the rest of
society. I have specifically said that I DON'T want to see licensing
of modems, or FCC regulation, etc. -- but that if we look at historic
parallels involving new technology (driving, airplanes, etc.) when
society grows annoyed/concerned enough with abuses, damage, risk to
others, "entry requirements" such as licensing have been imposed.
I have recommended that to avoid such a trend in electronic technology,
we should put a lot of effort into developing "rules of the road"
that we all agree on and abide by & teach youngsters -- or the back-
lash may cause formal regulation (just think about the regulations
controlling ham radio, etc. -- and the potential for similar rules
is quite real, computer-wise.)
Regulation usually comes about as a reaction to complaints of
enough people to attract the interest of legislators. We are
rapidly approaching that "critical mass" stage with computer
communications, and if we don't want to see licensing of BBS's, we
need to do whatever will curb the abuses (interference with other
people's rights). I have recommended that parents check into what
their kids are doing with their modems, set rules, ans if need be,
"ground" their kids just as they do for other kinds of rules-
violations, like being reckless with the family car....
--------------------------------------------
This prompted my 12/24 comments and request:
--------------------------------------------
& mail gailt
Subject: licensing etc.
Gail,
This is important:
If you have not yet posted exactly those comments, in detail, regarding
licensing and regulation of modem users, I *urge* you to post them
immediately and completely to the eff Conference, and explicitly add a note
encouraging their widespread duplication (without editing, of course)
across the nets.
You are more than welcome to preface it with a comment that I urged you to
post the comments (if that has any value :-).
I absolutely agree with your observations and think we have *much* to fear
from overzealous legislators/regulators responding to the miniscule
minority who are abusive of our tremendously productive cooperative anarchy.
...
------------------
I also urged her to send it to jthomas for the Computer Underground Digest
and emmanuel for 2600, and sent mail to both of them urging them to publish
it, if Gail sent it, saying, in part:
------------------
Her explanation of what she had and had not said related to such matters
was both reasonable and **illustrated a very real threat** (from legislators
and regulators; *not* from Gail T) against all of us. Her comments were
very realistic; her prognosis highly likely, if we cannot exercise adequate
discipline within our ranks.
I have urged her to post her comments on the WELL, and forward them to
Cud and 2600 for publication (and release them for general posting around
the nets).
---------------------------------------------------------------
I hope you will help do so, because we now have her permission:
---------------------------------------------------------------
From gailt Mon Dec 24 19:51:53 1990
Date: Mon, 24 Dec 90 19:51:51 pst
From: gailt (Gail Thackeray)
To: jwarren
Subject: Re: licensing etc.
Willing, but ignorant: so how do I DO that? I thought whatever
was sent in E-mail went into the cosmic winds.... is there a way I
can retrieve what I sent you, & post it? Can you retireve & upload
it? I'm (definitely) still stumblin' around here, and help would be
great/grate/fully accepted....
&
Date: Mon, 24 Dec 90 19:55:02 pst
From: gailt (Gail Thackeray)
To: emmanuel, jthomas, jwarren
Subject: Re: Thacvkeray and licensing
By the by -- feel free to use it -- I just don't know (after scanning%
the manual -- how to retrieve what I sent Jim, and publish it out of
e-mail. ...
**************
For those who don't know of Ms. Thackeray, she is an Assistant State
Attorney General for the State of Arizona, active in pursuing computer
crime, and controversial for some of her public statements and/or
statements that.some press *allege* she said. In some cases, she may have
been as misleadingly quoted-out-of-context -- or flat-out abusively
misquoted -- as has been the case with some reports about Mitch Kapor, John
Perry Barlow and the Electronic Frontier Foundation.
--Jim Warren [permission herewith granted to circulate this-in-full]
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: balkan!dogface!bei@CS.UTEXAS.EDU(Bob Izenberg)
Subject: a.k.a. freedom of expression
Date: Tue, 18 Dec 90 08:21:26 CST
********************************************************************
*** CuD #2.19: File 6 of 7: a.k.a. Freedom of Expression ***
********************************************************************
I read this in issue 2.16 of the Computer Underground Digest:
[ quoted text follows ]
IN THE UNITED STATES DISTRICT COURT
FOR THE NORTHERN DISTRICT OF GEORGIA
ATLANTA DIVISION
UNITED STATES OF AMERICA :
: CRIMINAL ACTION
v. :
: NO. 1:90-CR-31
:
ADAM E. GRANT, a/k/a The :
Urvile, and a/k/a Necron 99, :
FRANKLIN E. DARDEN, JR., a/k/a :
The Leftist, and :
ROBERT J. RIGGS, a/k/a :
The Prophet :
GOVERNMENT'S SENTENCING MEMORANDUM AND S.G. SS 5K1.1 MOTION
[ quoted text ends ]
The assumption here, that an alias employed in computer communications is
the same as an alias used to avoid identification or prosecution, doesn't
reflect an awareness of the context within which such communications
exist. The very nature of some computer operating systems demands some
form of alias from their users. Management policy also affects how you
can identify yourself to a computer, and to anyone who interacts with you
through that computer. Look at some of the monikers that were assigned
to me to allow me to use various computer systems:
Izenberg_Bob (pretty straightforward)
bei
76615,1413
BIZENBERG
3935gbt
root ;-)
Some of those account names identify me personally with me the computer
user easily, some not at all. Is it accurate to say that I'm Bob Izenberg,
a.k.a. one of the above account names? Sure, between you and me, outside
of a court of law. In the context of that court of law, that a.k.a. is an
accusation in itself. If we strip the implication from those three letters
that the party of the leftmost part is calling themselves the party of the
rightmost part to avoid getting nabbed with the goods, what's left? I am
known by another name when I use a computer? Where's the surprise in that?
Maybe I'm Bob the person a.k.a. Bob the user ID. For another slant on
this, let's borrow from my days covering town meetings. I might also be
Bob, trading as Bob the user ID, as in: Bob Izenberg, t/a Bob's Bar and
Grill. There's no criminal intent there, not in the kinda bar I run.
In using a computer communications medium, particularly an informal one
like a BBS, the name you choose can set the tone for the aspect of your
personality that you're going to present (or exaggerate.) Are radio
announcers using their "air names" to avoid the law? How about people with
CB handles? Movie actors and crew members? Fashion designers? Society
contains enough instances of people who, for creative reasons, choose
another name by which they're known to the public. I certainly hope that
somebody mentions that Len Rose calling himself Terminus (which springs
from his correct perception of himself as somebody who kept the wheels of
comunication between legitimate users of AT&T's products moving, or from
the Foundation series by author Isaac Asimov) is fair use of a pseudonym,
well in line with community standards set by his peers. Whenever somebody
uses a.k.a., correct them!
Bob Izenberg (512) 346 7019 [ ] cs.utexas.edu!%kvue,balkan%!dogface!bei
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
------------------------------
From: Bob Mahoney (Sysop, PC-Exec)
Subject: Z-modem Virus Alert
Date: December 5, 1990
********************************************************************
*** CuD #2.19: File 7 of 7: Z-Modem Virus Alert ***
********************************************************************
%The following was downloaded from Bob Mahoney's BBS%
* * * * * W A R N I N G ! ! ! * * * * *
On December 3rd, 1990 a group called RABID National Development Corp.
released hacked version of Chuck Foresburg's DSZ Z-Modem Protocol dated
12-03-90. This is really the 11-19-90 version with the dates edited and a
virus added to the program. *** THIS VIRUS IS DESTRUCTIVE!!! ***
I obtained the virused version early this week and worked quickly to
provide this program to you. The information I provide here may not be all
there is t know about the virus, but it is sufficient to determine that the
virus is not what you want to have.
RABID Virus Information
Preliminary testing has revealed these facts about the virus:
* The virus is not memory resident.
* The virus infects .COM files only, including COMMAND.COM.
(There was one report that it infected and .EXE file and
several text files but this could not be confirmed or
duplicated.)
* Infected files increase in size by 5,302 bytes.
* The virus infects other .COM files at execution time.
* The virus will activate on 12-25-90 (Christmas) or any date
thereafter.
* When activated the boot sector, FATs and root directory will
be overwritten with garbage. Recovery is impossible unless
you use a program such as PcTools Mirror to make backup copies
of the system areas.
As far as programming goes the virus is poorly written, but it does
accomplish what it was designed to do. The actual virus code is about
1,300 bytes with a 4,000 byte ansi screen that is supposed to be displayed
upon activation. I sa "supposed to" because on every test I performed the
screen displayed as a bunc of video garbage. This occurs when loading the
screen data starting at the wrong location.
The virus has been passed along to John McAfee and he will have a fix in
his next release. However, this release is not due until February and that
is too late for those infected already. The information has also been
passed along t Chuck Foresburg and he is aware of the situation.
VirusFix Instructions
The operation of VirusFix is simple.
To scan entire disk(s), just specify the disk(s) you wish to scan.
Examples:
VIRUSFIX C:
VIRUSFIX C: D:
VIRUSFIX A:
To scan a single directory, specify the directory to scan.
Examples:
VirusFix will notify you if the RABID virus is found and ask if you wish to remove the virus. Every file that I infected and removed
the virus from has worked properly so VirusFix should work with most files. If you remove a viru from a file and it doesn't work,
delete the file and replace it with and uninfected copy. If you suspect a file other that .COM files is infected, use text search
program and search for the string "RABID" in the suspect file.
If you have questions or comments about VirusFix or need help with removing a virus from a file I can be reached through the following
sources:
CompuServe - User ID: 76645,3446
Home Phone - (313) 937-xxxx
********************************************************************
------------------------------
**END OF CuD #2.19**
-> END OF VOLUME 2 -- VOLUME 3 BEGINS NEXT ISSUE <-
********************************************************************

Reference in New Issue View Git Blame Copy Permalink