F I D O N E W S -- | Vol. 8 No. 30 (29 July 1991) The newsletter of the | FidoNet BBS community | Published by: _ | / \ | "FidoNews" BBS /|oo \ | (415)-863-2739 (_| /_) | FidoNet 1:1/1 _`@/_ \ _ | Internet: | | \ \\ | fidonews@fidonews.fidonet.org | (*) | \ )) | |__U__| / \// | Editors: _//|| _\ / | Tom Jennings (_/(_|(____/ | Tim Pozar (jm) | ----------------------------+--------------------------------------- Published weekly by and for the Members of the FidoNet international amateur network. Copyright 1991, Fido Software. All rights reserved. Duplication and/or distribution permitted for noncommercial purposes only. For use in other circumstances, please contact FidoNews. Paper price: . . . . . . . . . . . . . . . . . . . . . . . $5.00US Electronic Price: . . . . . . . . . . . . . . . . . . . . . free! For more information about FidoNews refer to the end of this file. -------------------------------------------------------------------- Table of Contents 1. EDITORIAL ..................................................... 1 2. FIDONET NEWS .................................................. 2 (No FidoNetNews this week) .................................... 2 3. ARTICLES ...................................................... 3 Abstract: 'Computer Underground Digest' ....................... 3 THE ELECTRONIC FRONTIER FOUNDATION ............................ 7 International Public Emergency Comunications System, Inc ...... 13 4. RANTS AND FLAMES .............................................. 18 IS PROFANITY REALLY NECESSARY? ................................ 18 Waste of Space in FidoNews? ................................... 19 5. CLASSIFIEDS ................................................... 21 6. NOTICES ....................................................... 22 The Interrupt Stack ........................................... 22 7. LATEST VERSIONS ............................................... 24 FidoNews 8-30 Page 1 29 Jul 1991 ====================================================================== EDITORIAL ====================================================================== Well, another newsletter. I haven't yet started some of the things I wanted to, mainly soliciting articles from specific authors and groups. My excuse this week is that I just started a new job, which I think is a pretty good excuse. FUNNY FILES: FidoNews submissions must adhere to ARTSPEC.DOC standards. I don't have the time to manually rummage around in .LZH, .ZIP or other funny file formats. (Nor am I adventurous enough to sacrafice my disk drive -- when decompressing one such file, it created three nested subdirectories and put a file in the bottom one!) Other than FidoNews submissions, nodediffs, files from friends, etc., I generally delete files that I did not solicit. If you intend to submit things for inclusion in FidoNews, please read and follow ARTSPEC.DOC, to the spirit and letter. I do! FUNNY MESSAGES: Another thing happened when I became 1:1/1 -- I started getting misdirected mail. Some are of the "Hey Mary, how about goin' fishin' this weekend?", which I just delete. "Important looking" ones I generally bounce back to the author. Fabian Gordon seems to have figured it out -- software that doesn't properly handle zonegating/^AINTL lines, and intra-zone mail gets 'zonegated' to 1:1/1. Oh well. I suppose eventually these old non- functional programs will get replaced by newer versions (hint hint). * * * * * LAST AND LEAST: I will reiterate every week -- if you don't like what you see in FidoNews, write it or solicit it from people doing interesting work. Complaining is boring, and no one likes it except the author. (Meaning, complaining is selfish and inconsiderate of others -- and they go on and on, sometimes weeks after the original "offense".) If you find someone doing interesting work (ingenious uses of FidoNet, unique software, etc) by all means ask them if they've got something written up about their project. If you see an article in a magazine that's short and of interest to FidoNews, by all means write the publisher for rights to republish -- most like that, as it tends to attract new readers. Don't forget -- I am the publisher first, and editor second. I don't write this stuff! You do! ---------------------------------------------------------------------- FidoNews 8-30 Page 2 29 Jul 1991 ====================================================================== FIDONET NEWS ====================================================================== ################################################################ FidoNetNews -- a weekly section devoted to technical and factual issues within the FidoNet -- FidoNet Technical Standards Committee reports, *C reports, information on FidoNet standards documents and the like. ################################################################ ---------------------------------------------------------------------- There were no FidoNetNews submissions this week. Tune again in next week! ---------------------------------------------------------------------- FidoNews 8-30 Page 3 29 Jul 1991 ====================================================================== ARTICLES ====================================================================== Abstract: 'Computer Underground Digest' by Tom Jennings /* NOTE: This is something I'd like to see every week -- abstracts of other electronic newsletters. While at least mine will occasionally contain personal likes dislikes (if you knew me that would be funny), these are meant to be abstracts -- quick descriptive summaries, rather than "reviews" intent on passing judgment of good vs. bad. You can make up your own mind. On the list for the future are the Electronic Frontier Foundation's EFFECTOR, and HOME POWER MAGAZINE's electronic-conference/articles. If you see any others worth considering, either write up an abstract (see definition above) or if you're absolutely lazy, send me one. Though that won't guarantee I'll even read it... -- tomj */ COMPUTER UNDERGROUND DIGEST (CUD) is an electronic-only newsletter, with it's readership centered on the usenet/internet world, though they're widening their audience a bit. CUD comes out weekly, at about 40K bytes of ASCII text. (They are expirimenting with file-format, to allow it to me automatically processed by mailers -- I will be following this one!) It's available from at least one FidoNet node (1:100/345, see below) by filerequest. CUD has two moderators (ie. editors, more or less), Jim Thomas and Gordon Meyer. The content is legal/social more than technical, at least lately dealing with the "hacker" (sic) "busts" (sic) by the FBI and such, as well as the more legitimate busts of actual computer criminals. The rest of what follows was clipped from CUD #3.25. /* Begin CUD quote */ "Computer Underground Digest--Sat Jul 13 01:10:10 CDT 1991 (Vol #3.25) " Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) "Today's Contents: Moderators' Corner Spaf's Response to Bill Vajk Comments to Bill Vajk's posting in CuD #3.22 (T. Klotzbach) LOD Members for Comsec Computer Security (News Reprint) Alcor Email (ECPA) Case Settled (Keith Henson) NIST announces public-key digital signature standard (gnu) FidoNews 8-30 Page 4 29 Jul 1991 Secret Service Pays Hacker Call (Reprint from Newsbytes) "Administratia: ARCHIVISTS: ROB KRAUSE, BOB KUSUMOTO, AND BRENDAN KEHOE "CuD is available via electronic mail at no cost. Printed copies are available by subscription. Single copies are available for the costs of reproduction and mailing. "Issues of CuD can be found in the Usenet alt.society.cu-digest news group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM, by FidoNet file request from 1:100/345, on Genie, on the PC-EXEC BBS at (414) 789-4210, and by anonymous ftp from ftp.cs.widener.edu, chsun1.uchicago.edu, and dagon.acc.stolaf.edu. To use the U. of Chicago email server, send mail with the subject "help" (without the quotes) to archive-server@chsun1.uchicago.edu. "COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. "DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- /* Only one example article is included. Note the nice easy to understand format! You might see it in FidoNews... -- tomj */ Date: Fri, 5 Jul 1991 13:52 CDT From: "ROBERT G. HEARN" <9999AH02@UHDBIT.BITNET> Subject: LOD Members for Comsec COmputer Security (News Reprint) Reprint from Sunday, June 23, 1991 Houston Chronicle (1A, 15A) By Joe Abernathy FORMER HACKERS OFFER SERVICES IN COMPUTER SECURITY The most notorious force of computer hacking's heyday is asking forgiveness and joining the forces of good. FidoNews 8-30 Page 5 29 Jul 1991 The storied Legion of Doom, nemesis to the Secret Service, is forming a computer security consulting firm in Houston. Drawing members from around the nation and its name from comic book villains, the youthful hackers' group dominated the underground electronic landscape of the middle and late 1980s. Finally, a controversial penetration of phone company computers landed several members in jail. According to documents, activities of the Legion of Doom were a primary motivation for Operation Sun Devil, a nationwide crackdown on computer crime coordinated by the U.S. Secret Service. But remaining members in Austin and Houston, who disavowed any connection with the phone company incident, now say they are on the right side of the law and are offering their expertise on computer security. "People need us. We're the best," said Scott Chasin, known in his hacking days by the computer handle Doc Holliday. "Ten years from now we'll be the leaders in data security." Computer security is a burgeoning field, but one that is almost impossible to define in terms of dollars lost to penetrations or dollars spent on security. Tales are plentiful among police of losses in the six-figure range that went unprosecuted in order to spare the affected firms embarrassment. Estimates of the yearly loss to industry from computer break-ins range from $500 million to more than $2 billion -- much of it lost to long-distance phone service theft or credit card fraud. Some industry observers welcomed the creation of Comsec Computer Security, as the new company will be known, while others derided it as a new twist on a familiar theme. "There's lots of precedent for that," said Richard A. Schaffer of New York, editor of the industry publication ComputerLetter. "Crooks of all types try to hire themselves out after the fact." "So these guys are purporting to tell you how to protect against folks like them," he mused. "It strikes me that people should refuse to hire them just on principle...although from what I've seen they're qualified." But Linda Laskey of the Computer Security Institute in San Francisco said she believes the firm will provide a valuable service. "They know what they're doing as far as doing as far as security systems go," she said. Laskey said the Computer Security Institute, a worldwide organization of computer security professionals from business and government will be among the first clients of Comsec. FidoNews 8-30 Page 6 29 Jul 1991 The value of computer security is pitched now by those associated with particular security products. Accounting firms also provide security consulting. By contrast, Comsec is banking on its past association with the Legion, which gained a high profile from run-ins with the Secret Service and BellSouth, one of the regional phone companies. Robert J. Riggs, Franklin E. Dardin Jr. and Adam E. Grant were sentenced on Nov. 16, 1990, in federal court in Atlanta for breaking into the computers of BellSouth and stealing a document on the administration of the emergency 911 system. Hacking grew up around the Legion, which wasn't content merely to penetrate computer systems and networks. The deed wasn't finished until the intimate details of each system were written up and electronically published. Legion followers became associated with tutorials on obscure subjects, such things as how to make nitroglycerin and drugs, and with electronic documents on "social engineering," the fine art of the scam. Born in the swirling computer underground of the 1980s and named after the minions of Superman archrival Lex Luthor, the Legion's "educational services" ultimately helped reshape the online community and gave the group a stature beyond its nominal activities. But the best summary may have been written by Comsec principal Chris Goggans, the historian of the Legion and only member associated with it from its official founding in 1984 until it was disbanded late last year. "The Legion of Doom has been called everything from 'Organized Crime' to 'a communist threat to national security' to 'an international conspiracy of computer terrorists bent on destroying the nation's 911 service,'" he wrote under his pseudonym, Eric Bloodaxe. "Nothing comes closer to the actual truth than 'bored adolescents with too much spare time.'" Now Sun Devil has put an end to hacking's innocence and perception of among computer enthusiasts that it is a noble pursuit. As for the Legion members, a few got busted, a few got bored, and the rest are pondering a direction for their lives as young adults. "I didn't want to be 30 years old and still breaking into systems," said Chasin, who is 21. "I want to be securing systems." Chasin and Goggans, 22, will be joined in the firm by Ken Shulman, 21, the son of Houston socialite Carolyn Farb, who is providing discounted office space and other assistance. FidoNews 8-30 Page 7 29 Jul 1991 Comsec will be managed by Robert Cupps, 24, a graduate of Emory University and former securities trader. Chasin and Goggans are pursuing degrees at the University of Houston. "From a marketing standpoint, we've got a real strong presentation," said Cupps, a Baytown native who does not consider himself a computer expert. "What we will do is a brief demonstration. When you can walk into someone's office and get root (administrative privileges) on their system, that says something in itself, that maybe you're the person they should be talking to about securing their systems." The only member of Comsec who has faced crimin