informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/magazines/CUD/cud0856.txt

798 lines
32 KiB
Plaintext
Raw Blame History

Computer underground Digest Tue Jul 30, 1996 Volume 8 : Issue 56
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Field Agent Extraordinaire: David Smith
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #8.56 (Tue, Jul 30, 1996)
File 1--CERT Vendor-Initiated Bulletin VB-96.12 - FreeBSD (fwd)
File 2--Re: "Blocking Software (CuD 8.53)
File 3--Singapore officials censor U.S. newgroup posting
File 4--Net-child porn ring apprehended, details from SJMN
File 5--Net Porn: The Communism of the 1990s
File 6--U.S. Official Warns OF "Electronic Pearl Harbor"
File 7--BoS: WITAT 96 (Info-Tech Conference) (fwd)
File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Tue, 30 Jul 1996 16:46:48 -0400 (EDT)
From: Noah <noah@enabled.com>
Subject: File 1--CERT Vendor-Initiated Bulletin VB-96.12 - FreeBSD (fwd)
From -Noah
---------- Forwarded message ----------
Date: Tue, 30 Jul 1996 15:17:25 -0400
From: CERT Bulletin <cert-advisory@cert.org>
To--cert-advisory@cert.org
Subject--CERT Vendor-Initiated Bulletin VB-96.12 - FreeBSD
=============================================================================
CERT(sm) Vendor-Initiated Bulletin VB-96.12
July 30, 1996
Topic: "Trojan Horse" vulnerability via rz program
Source: FreeBSD, Inc.
To aid in the wide distribution of essential security information, the CERT
Coordination Center is forwarding the following information from FreeBSD, Inc.
FreeBSD, Inc. urges you to act on this information as soon as possible.
FreeBSD, Inc. contact information is included in the forwarded text below;
please contact them if you have any questions or need further information.
=======================FORWARDED TEXT STARTS HERE============================
=============================================================================
FreeBSD-SA-96:17 Security Advisory
Revised: Tue Jul 16 21:44:54 PDT 1996 FreeBSD, Inc.
Topic: "Trojan Horse" vulnerability via rz program
Category: ports
Module: rzsz
Announced: 1996-07-16
Affects: All FreeBSD ports collections released before 2.1.5-RELEASE
Corrected: ports collection as of 1996-07-06
Source: rzsz shareware package
FreeBSD only: no
Patches: ftp://freebsd.org/pub/CERT/patches/SA-96:17/
=============================================================================
I. Background
All existing versions of the rz program (a program for receiving
files over serial lines using the Z-Modem protocol) are equipped
with a feature that allows the sender of a file to request the
execution of arbitrary commands on the receiver's side. The user
using rz does not have any control over this feature.
The workaround is to have rz never execute any command, and
always pretend a successful execution.
All FreeBSD users are encouraged to use the workaround provided.
Since the intent of the Z-Modem protocol is to provide a reliable
connection between systems of a vastly different architecture,
the execution of local commands at request of the sending side
cannot even be considered a useful feature at all.
II. Problem Description
The Z-Modem protocol specifies a mechanism which allows the
transmitter of a file to execute an arbitrary command string
as part of the file transfer. This is typically used to rename
files or eliminate temporary files. A malicious "trusted" sender
could send down a command that could damage a user's environment.
III. Impact
The rzsz package is an optional port that made be installed on
some FreeBSD systems. This program is not installed by default.
Systems without this program are not vulnerable.
rz allows "Trojan Horse" type attacks against unsuspecting users.
Since the rz executable does not run with special privileges,
the vulnerability is limited to changes in the operating environment
that the user could willingly perform.
This vulnerability is a fundamental flaw in the Z-Modem protocol.
Other operating systems and other implementations of the Z-Modem
protocol may also suffer similar vulnerabilities.
IV. Workaround
Disable the rz program. If it has been installed, it would
typically be found in /usr/local/bin.
# chmod 000 /usr/local/bin/rz
# ls -l /usr/local/bin/rz
---------- 1 root wheel 23203 Mar 4 23:12 /usr/local/bin/rz
V. Solution(s)
This feature is a relatively unknown part of the Z-Modem protocol.
It is not critical to file transfers in general. The safest
approach is to disable this feature in the receiving program.
Any rzsz port that is obtained from the official ports collection
after 1996-07-06 includes the following patch to disable this feature.
This patch applies to rzsz v3.42, if you have an earlier version
of the rzsz sources, please upgrade to the latest version first.
*** rz.c.orig Sat Jul 6 17:34:26 1996
--- rz.c Sat Jul 6 17:44:52 1996
***************
*** 1020,1039 ****
--- 1020,1045 ----
case ZCOMMAND:
cmdzack1flg = Rxhdr[ZF0];
if (zrdata(secbuf, 1024) == GOTCRCW) {
+ #ifdef BIG_SECURITY_HOLE
void exec2();
if (cmdzack1flg & ZCACK1)
stohdr(0L);
else
stohdr((long)sys2(secbuf));
+ #else
+ stohdr(0L);
+ #endif
purgeline(); /* dump impatient
questions */
do {
zshhdr(4,ZCOMPL, Txhdr);
}
while (++errors<20 && zgethdr(Rxhdr) !=
ZFIN);
ackbibi();
+ #ifdef BIG_SECURITY_HOLE
if (cmdzack1flg & ZCACK1)
exec2(secbuf);
+ #endif
return ZCOMPL;
}
zshhdr(4,ZNAK, Txhdr); goto again;
=============================================================================
FreeBSD, Inc.
Web Site: http://www.freebsd.org/
Confidential contacts: security-officer@freebsd.org
PGP Key: ftp://freebsd.org/pub/CERT/public_key.asc
Security notifications: security-notifications@freebsd.org
Security public discussion: security@freebsd.org
Notice: Any patches in this document may not apply cleanly due to
modifications caused by digital signature or mailer software.
Please reference the URL listed at the top of this document
for original copies of all patches if necessary.
=============================================================================
========================FORWARDED TEXT ENDS HERE=============================
If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in the Forum of Incident Response
and Security Teams (FIRST).
We strongly urge you to encrypt any sensitive information you send by email.
The CERT Coordination Center can support a shared DES key and PGP. Contact
the CERT staff for more information.
Location of CERT PGP key
ftp://info.cert.org/pub/CERT_PGP.key
CERT Contact Information
- ------------------------
Email cert@cert.org
Phone +1 412-268-7090 (24-hour hotline)
CERT personnel answer 8:30-5:00 p.m. EST
(GMT-5)/EDT(GMT-4), and are on call for
emergencies during other hours.
Fax +1 412-268-6989
Postal address
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
USA
CERT publications, information about FIRST representatives, and other
security-related information are available from[-1z
http://www.cert.org/
ftp://info.cert.org/pub/
CERT advisories and bulletins are also posted on the USENET newsgroup
comp.security.announce
To be added to our mailing list for CERT advisories and bulletins, send your
email address to
cert-advisory-request@cert.org
CERT is a service mark of Carnegie Mellon University.
This file: ftp://info.cert.org/pub/cert_bulletins/VB-96.12.freebsd
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMf4jb3VP+x0t4w7BAQH8OwP+LUNb+2PueYArBM8OEqXz1s/8O64pPngY
ar8A6e9aCL/GjOltw+cuVPlqqefEPqsOVa2UZZTezZlv1+AkXgdUhr47L7Tc9kEH
KARlnuiFAMvWPN3rMZqcU7zT7x5jgMsHxM4bIA48SARKStACBdVnFWpLg7h6+utm
U1o1DPizbS0=
=DcYg
-----END PGP SIGNATURE-----
------------------------------
Date: Thu, 18 Jul 96 13:54 PDT
From: Michael Gersten <michael@STB.INFO.COM>
Subject: File 2--Re: "Blocking Software (CuD 8.53)
In regard to Vladimir Nuri's post of Jul 9th on blocking software:
Vladimir, you are correct that this is an infancy of an industry,
and that they cannot be expected to have all the answers yet.
And you are correct that people out there are willing to pay for
something that works.
And you are correct that much of the question is one of judgement
calls, which is not the problem.
The problem is when sites are blocked without indending to be blocked.
When a service decides to block site X, and blocks either every web
page from that machine, or every page that has the same first three
letters.
The problem is when a service claims to only block X type of page,
but actually blocks type Y.
The problem is that there is no ability for the market to make
any type of informed decision. Would you pay $X per month, to
be told that a cetain service was provided to you, with no
ability to even determine what service was ACTAULLY performed?
It's one thing if the services were to provide you with a list
of "Here's all the sites that were blocked by you this month".
It's something else for a service to claim, "Yes, we're valuable.
Keep sending us money. We provide no proof of quality of service".
And then the first investigative report shows that the actual
provided service does not agree with the claimed service.
In short, the complaint is one of truth in advertising.
------------------------------
Date: Fri, 19 Jul 1996 13:00:31 -0500
From: Declan McCullagh <declan@well.com>
Subject: File 3--Singapore officials censor U.S. newgroup posting
This move by Singapore to censor a newsgroup posting is a good
example of the overbreadth of government censorship. It's a
bait-and-switch maneuver: say you're going after porn but censor
"offensive" speech.
Of course, this gives the lie to the Singapore government's
assertion that "we are not censoring discussion groups."
Some excerpts from the recent regulations requiring the registration
of political or social groups: "Political and religious
organisations are free to conduct discussions provided they guard
against breaking the law or disrupting social harmony.
The regulations ban contents that "tend to bring the Government into
hatred or contempt," are "pornographic," or "depict or propagate
sexual perversions such as homosexuality, lesbianism, and
paedophilia."
I have more information on the regulations at:
http://www.eff.org/pub/Global/Singapore/
http://www.cs.cmu.edu/~declan/international/
-Declan
---
Singapore Internet Regulators Take First Action, Censor Posting
July 19, 1996
AP-Dow Jones News Service
SINGAPORE -- In its first action since assuming powers this week to
police the Internet, the Singapore Broadcasting Authority has yanked
off a newsgroup's posting that criticized some lawyers, a newspaper
reported Friday.
The SBA acted on a complaint by an unidentified law firm, which said
the contents of the anonymous posting defamed some of its lawyers in
Singapore, according to a report in the Straits Times newspaper Friday.
The newspaper said the posting on the newsgroup was apparently made
by a disgruntled client who claimed he lost a case even though his
lawyers told him he could win it. The client also questioned the
ability of the lawyers who belongs to one of the oldest firms in
Singapore, the Straits Times said.
Under new SBA regulations that came into effect Monday, the
government agency has the power to ask Internet service providers to
remove material that it considers objectionable. A
government-appointed panel of prominent citizens decides what is
objectionable.
The Straits Times said the posting is believed to have been made from
the U.S., which means the SBA, in keeping with its own rules, will
not be able to take action against the offender.
The SBA says its rules are mainly directed against pornography,
anti-government or seditious views, racially motivated slurs and
articles that could inflame religious passions.
Since Monday, Internet providers, political parties that maintain Web
sites, groups and individuals who run discussion sites on politics
and religion, and on-line newspapers are deemed to have become
automatically licensed. This means refusal to follow the SBA rules
will result in fines. The amounts are yet to be determined.
------------------------------
Date: Fri, 26 Jul 1996 19:55:55 -0700 (PDT)
From: Declan McCullagh <declan@eff.org>
Subject: File 4--Net-child porn ring apprehended, details from SJMN
[Forwarded from c-r. --Declan]
// declan@eff.org // I do not represent the EFF // declan@well.com //
Sender: madavis@deliberate.com (Marilyn Davis)
Yesterday and today the front page of the SJMN ran a story about a
net-porn ring that was apprehended.
I'll type some of it for your consideration.
If it wasn't for the internet, only one child molester would have been
caught instead of 16.
Marilyn Davis
----- some of the article ----
Net-porn ring traded stories at 'pedo party'
Suspects recruited family members, papers indicate
By Brandon Bailey
Mercury News Staff Writer
It was a horrifying "summit," authorities said: Three out-of-state men
accused of belonging to an Internet child-pronography ring got
together last April at the home of a fourth in Santa Rosa.
At the meeting the members of the so-called Orchid Club allegedly
traded stories about pre-teen girls they had molested and photographed
in sexually explicit poses, authorities say. They even showed off a
large poster mounted with photos of eight girls who appeared to be no
older than 10. Investigators called it a "victim board."
The summit, which the host reportedly labeled a "pedo party," is
described in court documents that shed further light on a federal
indictmend issued this week in San Jose. All told, the indictment
charges 16 men with an international conspiracy to produce and
exchange homemade child pornography over the Internet.
The documents suggest a parent's nightmare
[skipping a bunch]
But officials also said much of their case is built on old-fashioned
detective work. They interviewed victims and suspects who led them
to more suspects.
How case unfolded
It began with what Monterey County sheriff's Lt. Dave Allard called
child molestation "in the more traditional sense." A mother in the
Monterey County town of Greenfied reported on April 5 that her
6-year-old daughter had beeen touched inappropriately during a slumber
party at the nearby home of Ronald Riva, a well-known father of four
who inadvertently became the linchpin of the federal investigation.
Sheriff's investigators interviewed Riva, 38, who once worked as a
state prison guard but more recently earned a living driving farm
trucks in the Salinas Valley. They also talked with other girls who
attended the party, which was hosted by Riva's 8-year-old daughter.
Monterey County prosecutor Edward Hazel said some of those girls led
detectives to more victims.
Local authorities arreste Rival on April 7 and eventually charged him
with molesting five girls, ages 4 to 10, some of them repeatedly over
the last five years. None of those children was his own. Officials
say the molestations occurred under circumstances they characterize as
psychological manipulation, rather than physical coercion.
[some skipped]
But the case didn't end there. According to an investigator's
affidavit, one of the girls told of a second man who helped fondle and
photograph her at Riva's house. With the consent of Riva'wife,
deputies say they searched Riva's computer files and found some of
those photos. After talking with Riva and his wife, investigators
identified the second man as Melton Lee Myers of Santa Rosa, who was
convicted on two counts of child molestation in the '70s.
April 22 arrest
Monterey County deputies arrested Myers on April 22. Just two days
before, according to the federal affidavits, Myers had hosted the
videotaped "pedo party" for three other alleged Orchid Club members at
his home.
Federal investigators say they later learned from computer files that
Riva had chatted on the Internet about planning to attend that meeting
and about the possibility ...
[some skipped]
In Riva's computer, for example, investigators found records of
Internet chat sessions in which Riva and someone named Billyj
described ... With a subpoena to the commericial Intrnet service that
Billyj used for e-mail, agents identified him as Paul Laney, 34.
After agents found him at home in Yuba City, ... led them to other
Internet contacts.
Authorities say they moved quickly to locate other members of the
group -- in Oklahoma, Mississippi, Massachusetts, Michigan, Illinois,
Minnesota, Kansas and Washington. Officials said two suspects
cooperated ... Three other suspects haven't been identified but are
believed to live in Finland, Australia and Canada.
[rest skipped]
------------------------------
Date: Fri, 26 Jul 1996 21:13:52 -0700 (PDT)
From: Declan McCullagh <declan@well.com>
Subject: File 5--Net Porn: The Communism of the 1990s
[Bob Chatelle has an interesting essay about child pornography (below
namd as the "Communism of the 90s") and the limits of free expression
somewhere near <http://world.std.com/~kip/>. --Declan]
---------- Forwarded message ----------
Date--Fri, 26 Jul 1996 11:00:18 -0400
From--Noah Robischon <noah@pathfinder.com>
>From this week's Village Voice
Who Opened Their E-mail?
It's the Kiddie Porn Crusaders
by ANNETTE FUENTES
Don't look now, but some FBI suits may be lurking around the chat
room or, worse, secretly surveilling your e-mail and other private
cyberspace communications. And chances are it's all in the name of
fighting child pornography.
That's what two New York City women learned recently when each
received certified mail from the U.S. Justice Department. The
letters, dated May 20, explained that "between the dates of August
1, 1995 and August 26, 1995, electronic communications involving you
or persons using your America Online username were intercepted."
The letters listed six targeted AOL account numbers and their
respective screen names, like Cyberqueer, Yngcumlvr, and Borntocum
none of which had any connection to the women.
"I was horrified," said Elizabeth Ewen. "At first I didn't
understand what it was all about. I didn't recognize any of the
screen names."
Ewen, a professor at SUNY Old Westbury, called the assistant U.S.
attorney who'd signed the letter, John David Kuchta, in Virginia. He
told her the rationale for the surveillance was child porn. She told
him she felt her privacy and civil rights had been violated.
"He said, 'Don't worry, you were just caught up in the net. You
didn't do anything criminal, and you should support what we're
doing,' " Ewen recalled.
Two days after Ewen got her letter, a friend of hers got the same
thing. Margaret S. (she asked that her last name not be used), an
educator in the Queens library system, was stunned to learn that
almost a year after the fact, the FBI was disclosing that they'd
been spying on her travels through cyberspace.
"I don't expect total privacy online the same way I know the
telephone isn't really private," she said. "But how often will the
government raise the specter of child porn to justify this? We're
just supposed to forget our civil rights in the name of it."
Margaret e-mailed AOL with a message of outrage. In return she got
a form letter from Jean Villanueva, a vice president for corporate
communications, stating that AOL had merely complied with a court
order obtained by the Justice Department when it "monitored" the
e-mail of six AOL subscribers. It was part of Justice's campaign,
"Innocent Images," Villanueva wrote. In closing, he referred
members to a special Justice Department hotline set up to deal with
AOL subscribers like Margaret and Ewen, innocents caught in the web.
(By deadline, AOL had not responded to several calls seeking
comment.)
Margaret called the hotline, left a message, and two weeks later got
a call back from Tonya Fox at Justice. Fox told her there were some
840 other AOL subscribers like her who'd accidentally stumbled into
the FBI's cyber wiretaps. "She kept telling me over and over that I
was 'clean,' that I shouldn't worry," Margaret said. "She also
said if I wanted to read the file on my surveillance, I should get a
lawyer."
How Ewen and Margaret were scooped up by the FBI they can't figure
out. If one of them tripped into FBI surveillance of a suspected
pornographer, did she then lead the feds to her friend through their
e-mail correspondence? ACLU associate director Barry Steinhardt says
that while it's legal for the government armed with a warrant to
surveil the e-mail and other private cyber communications of
suspected criminals, it is not legal to extend the surveillance to
unrelated communications of innocent bystanders who chance into chat
rooms or read electronic bulletin boards while a suspect is also
present.
"What has happened here is the most intrusive form of e-mail
interception," Steinhardt said. "The government can get a
subpoena to intercept real-time e-mail, which is the equivalent of
phone wiretapping. They can also use a variety of devices to
retrieve stored e-mail." But, adds Steinhardt, what is legal and
what should be lawful are two different things.
Mike Godwin, an attorney with the San Francisco'based Electronic
Frontier Foundation, a civil liberties organization, warns that as
government expands its reach into cyberspace, such incursions into
private lives will pose a greater threat to civil liberties than
simple phone taps. "It was necessary for law enforcement to learn
how to narrow the scope of wiretapping, but here you have this
technology where you're always making copies, always storing
material somewhere," Godwin said. "It makes it very easy to get
even deleted files that stay around for a while. That's not true
about telephone calls."
Justin Williams, chief of the Justice Department's criminal division
in Alexandria, Virginia, could not comment on the particular
investigation that snared Ewen and Margaret. But he insisted that
what happened to them "was not a surveillance."
"You wouldn't say their e-mail was read," Williams said. "It
could be they were surfing the Internet and happened into a
particular room where by chance there is an [individual] under
electronic surveillance."
Williams said their hotline received 160 calls from AOL subscribers
such as Ewen and Margaret. While the statute regulating government
surveillance Title III requires Justice to notify the targets of
eavesdropping, notifying innocent bystanders is discretionary, he
said.
Williams could not say how many such online surveillances the
Justice Department is conducting. But ACLU lawyer Steinhardt says in
the past year, the government's pursuit of child porn in cyberspace
has reached a fever pitch.
"Most online surveillance by the government is now centered on
child porn," he said. "It has people assigned to child porn
investigations who are fascinated by the use of the Internet to
distribute it. They're no longer going after the producers who
actually abuse children. They're going after consumers. It's easier,
splashier."
Splashy and messy for those who happen to be in the wrong cyber
place, if only for a nanosecond. For Ewen, the witch-hunt has begun
again.
"Child porn will become the communism of the '90s," she said.
------------------------------
Date: Mon, 22 Jul 1996 23:49:05 -0400 (EDT)
From: Noah <noah@enabled.com>
Subject: File 6--U.S. Official Warns OF "Electronic Pearl Harbor"
U.S. OFFICIAL WARNS OF "ELECTRONIC PEARL HARBOR"
Deputy U.S. Attorney General Jamie Gorelick told a Senate
subcommittee last week that the possibility of "an electronic Pearl
Harbor" is a very real danger for the U.S. She noted in her
testimony that the U.S. information infrastructure is a hybrid
public/private network, and warned that electronic attacks "can
disable or disrupt the provision of services just as readily as --
if not more than -- a well-placed bomb." On July 15 the Clinton
Administration called for a President's Commission on Critical
Infrastructure Protection, with the mandate to identify the nature
of threats to U.S. infrastructure, both electronic and physical, and
to work with the private sector in devising a strategy for
protecting this infrastructure. At an earlier hearing, subcommittee
members were told that about 250,000 intrusions into Defense
Department computer systems are attempted each year, with about a
65% success rate. (BNA Daily Report for Executives 17 Jul 96 A22)
------------------------------
Date: Thu, 11 Jul 1996 18:53:58 -0400 (EDT)
From: Noah <noah@enabled.com>
Subject: File 7--BoS: WITAT 96 (Info-Tech Conference) (fwd)
---------- Forwarded message ----------
Date: Thu, 11 Jul 1996 17:04:20 -0400 (EDT)
From: Marvin V. Zelkowitz <mvz@cs.UMD.EDU>
(My apologies if you received several of these.)
WORKSHOP ANNOUNCEMENT - WITAT '96
Third Annual Workshop on Information Technology - Assurance and Trustworthiness
September 3-5, 1996
Columbia Hilton, Columbia, MD
Co-sponsored by Aerospace Computer Security Associates,
National Institute of Standards and Technology, and
University of Maryland Institute for Advanced Computer Studies
-- Are you sure your information is adequately protected?
-- How do you know that your privacy is being guarded?
-- Can your customers trust you?
The Workshop on Information Technology Assurance and Trustworthiness (WITAT)
investigates and promotes promising methods of gaining assurance in
information technology.
WITAT '96 is the third in a series of annual workshops addressing the
assurance and trustworthiness. The first workshop identified and analyzed
crucial issues on assurance in IT systems and provided input to the
development of policy guidance for determining the type and level of
assurance appropriate in a given environment. The participants came to the
consensus that no one technique can provide comprehensively adequate
assurance. The second workshop built upon the first by making recommendations
based on the issues and problems identified.
Building upon the results of the previous two workshops, WITAT '96 recognizes
the existence and emergence of numerous methods to obtain assurance. However,
the relative value, promise, and applicability of each is unclear for
specific systems. These will be discussed through the presentation of
alternative assurance approaches to assurance stakeholders and producers,
receiving immediate feedback from a diverse audience, reviewing reaction to
presented approaches and creating a strategy for moving ahead.
Information on WITAT '96, costs, and registration information can be found at
WWW address: http://aaron.cs.umd.edu/witat/witat96.html.
Send mail to witat-info@cs.umd.edu for a copy of the complete call for
participation, including fees, and registration form.
WORKSHOP COMMITTEE
Marshall Abrams The MITRE Corp. Diana Akers The MITRE Corp.
Maryam Alavi Univ. of Maryland Lynn Ambuel Natl. Security Agency
Karen Ferraiolo Arca Systems, Inc. Jay Kahn The MITRE Corp.
*Douglas Landoll Arca Systems, Inc. Carolyn Wichers BDM
Jeff Williams Arca Systems, Inc. Marvin Zelkowitz Univ. of Maryland
* - Workshop Chair
REGISTRATION
Costs: Tutorial (Sept. 3) $110.00 (includes lunch)
Workshop (Sept. 4-5) $120.00 (includes lunches)
Location: Columbia Hilton, 5485 Twin Knolls Road, Columbia, MD. 410-997-1060.
------------------------------
Date: Thu, 21 Mar 1996 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send post with this in the "Subject:: line:
SUBSCRIBE CU-DIGEST
Send the message to: cu-digest-request@weber.ucsd.edu
DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org
In ITALY: ZERO! BBS: +39-11-6507540
In LUXEMBOURG: ComNet BBS: +352-466893
UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #8.56
************************************
Reference in New Issue View Git Blame Copy Permalink