💾 Archived View for aphrack.org › issues › phrack28 › 10.gmi captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content
View Raw
More Information
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
==Phrack Inc.==
Volume Three, Issue 28, File #10 of 12
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN P h r a c k W o r l d N e w s PWN
PWN ~~~~~~~~~~~ ~~~~~~~~~ ~~~~~~~ PWN
PWN Issue XXVIII/Part 2 PWN
PWN PWN
PWN October 7, 1989 PWN
PWN PWN
PWN Created, Written, and Edited PWN
PWN by Knight Lightning PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
Grand Jury Indicts Student For Crippling Nationwide Computer Network 7/26/89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
by John Markoff (New York Times)
After more than eight months of delay, the Justice Department said Wednesday
that a federal grand jury in Syracuse, N.Y., had indicted the 24-year-old
Cornell University graduate student who has been blamed for crippling a
nationwide computer network with a rogue software program.
The student, Robert Tappan Morris, was charged with a single felony count under
a 1986 computer crimes law, the Computer Fraud and Abuse Act. Justice
Department officials said the indictment was the first under a provision of the
law that makes it illegal to gain unauthorized access to federal computers.
A spokesman for the Justice Department said Wednesday that the indictment had
been delayed simply because of the time taken to develop evidence.
But legal experts familiar with the case said the department had been stalled
in efforts to prosecute Morris because of an internal debate over whether it
might be impossible to prove the charges. Under the 1986 law, prosecutors must
show that Morris intended to cripple the computer network.
As a result of this concern, the U.S. attorney in Syracuse, Frederick J.
Scullin Jr., had considered a plea bargain in which Morris would have pleaded
guilty to a misdemeanor charge. This approach was apparently resisted,
however, by Scullin's superiors in Washington, who wanted to send a clear
signal about the seriousness of computer crime.
Three bills now pending before Congress would make it easier than with the 1986
law to prosecute malicious invasion of computer systems.
The indictment charges that Morris was the author of a computer program that
swept through a national network composed of more than 60,000 computers
November 2, 1988 jamming as many as 6,000 machines at universities, research
centers and military installations.
The software, which computer hackers call a "virus," was supposed to hide
silently in the computer network, two of Morris' college friends said, but
because of a programming error it multiplied wildly out of control. The
friends said Morris' idea had been to simply to prove that he could bypass the
security protection of the network.
According to Wednesday's indictment, Morris gained unauthorized access to
computers at the National Aeronautics and Space Administration's Ames Research
Center in Moffett Field, California; the U.S. Air Force Logistics Command at
Wright Patterson Air Force Base in Dayton, Ohio; the University of California
at Berkeley, and Purdue University.
The indictment charges that the program shut down numerous computers and
prevented their use. It charges Morris with causing "substantial damage" at
many computer centers resulting from the loss of service and the expense
incurred diagnosing the program.
The felony count carries a maximum penalty of five years in prison and a fine
of $250,000, in addition to which the convicted person can be ordered to pay
restitution to those affected by his program.
Morris' lawyer, Thomas A. Guidoboni, said his client intended to plead not
guilty. Morris, who now lives in the Boston area, was scheduled to be
arraigned on Wednesday, August 2, before Gustave J. DiBianco, a U.S. magistrate
in Syracuse.
Morris' father, Robert, the chief scientist for the National Security Agency,
said the family planned to stand behind their son. "We're distressed to hear
of the indictment," he said.
After realizing that his program had run amok, Morris went to his family home
in Arnold, Maryland, and later met with Justice Department officials.
The 1986 law was the first broad federal attempt to address the problem of
computer crime. Morris is charged with gaining unauthorized access to
computers, preventing authorized access by others and causing more than $1,000
in damage.
The incident raised fundamental questions about the security of the nation's
computers and renewed debate over the who should be responsible for protecting
the nation's non-military computer systems.
Last year Congress settled a debate between the National Security Agency and
the National Institute of Standards and Technology by giving authority over
non-military systems to the civilian agency.
Last week, however, a General Accounting Office report based on an
investigation of the incident recommended that the Office of Science and
Technology Policy coordinate the establishment of an interagency group to
address computer network security.
The incident has also bitterly divided computer scientists and computer
security experts around the country. Some have said they believe that "an
example" should be made of Morris to discourage future tampering with computer
networks.
Others, however, have argued that Morris performed a valuable service by
alerting the nation to the laxity of computer security controls.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Other articles about Robert Tappan Morris, Jr. and the Internet Worm are;
"Computer Network Disrupted By 'Virus'" (11/03/88) PWN XXII -Part 2
"Virus Attack" (11/06/88) PWN XXII -Part 2
"The Computer Jam: How It Came About" (11/08/88) PWN XXII -Part 2
"US Is Moving To Restrict {...} Virus" (11/11/88) PWN XXII -Part 2 *
"FBI Studies Possible Charges In Virus" (11/12/88) PWN XXII -Part 2
"Big Guns Take Aim At Virus" (11/21/88) PWN XXII -Part 3
"Congressman Plan Hearings On Virus" (11/27/88) PWN XXII -Part 3
"Pentagon Severs Military {...} Virus" (11/30/88) PWN XXII -Part 3 *
"Networks Of Computers At Risk From Invaders" (12/03/88) PWN XXII -Part 4 *
"Computer Virus Eradication Act of 1988" (12/05/88) PWN XXII -Part 4 *
"Breaking Into Computers {...}, Pure and Simple" (12/04/88) PWN XXIV -Part 1 *
"Cornell Panel Concludes Morris {...} Virus" (04/06/89) PWN XXVI -Part 1
"Robert T. Morris Suspended From Cornell" (05/25/89) PWN XXVII -Part 2
"Justice Department Wary In Computer Case" (05/28/89) PWN XXVII -Part 2
- - Indicates that the article was not directly related to Robert Morris, but
did discuss him as well as the Internet Worm incident.
_______________________________________________________________________________
The Free World Incident July 5, 1989
~~~~~~~~~~~~~~~~~~~~~~~
Special Thanks to Brew Associates of Phortune 500
[Some articles edited for this presentation --KL]
Numb: 84 of 98 7/2/89 at 8:56 pm
Subj: ...
Sect: General Messages
From: Major Havoc
Here is the story...
Evidently, someone got into Chesapeake & Potomac's (C&P) computer systems, and
added call forwarding to the telephone line that the Free World is being run
on. It was not done through social engineering, because there was not an order
pending on my line. Therefore, I had "free" call waiting on my line.
What the individual who did this does not realize is that service cannot be
changed on my line unless it is typical service, because because my father is a
retired VP from C&P.
The phone lines at this location are paid for by C&P, so the only way that the
service on these lines could have been changed is directly via the C&P computer
systems. I had a long talk with C&P security, and they know who the individual
was that made the changes in the system. My parents (since I do not even
really live here anymore) are supposed to be signing papers that will have this
individual prosecuted sometime next week, because he was foolish enough to
leave something for them to track down.
My guess is that it was someone who was denied access to the system that has
some type of grudge to hold or something. I will have the pleasure of seeing
this individual serve time, if they are not a minor.
C&P Security questioned me in person and asked me if I had any information on
different incidents concerning central office burglaries or theft of C&P
property. Some of you may be getting a BIG surprise REAL soon.
The bottom line is that I am not going to put up with this hassle much longer.
The mere fact that I am under possible investigation for something that I am
not involved with is really starting to get me upset. I am 20 years old, and I
have a nice 32K salary job, and I am not going to tolerate these situations any
longer. I have been doing this for so long, that it is about time that I got
some kind of recognition, and not more grief from a bunch of worthless
Christmas modemers.
Shape up or pay the consequences.
-Major Havoc
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 86 of 98 7/2/89 at 11:54 pm
Subj: Hmm..
Sect: General Messages
From: Weatherman
I would do the same thing. If some guy thinks he is being really slick and
does something like that just to cause trouble, they deserve a rude awakening
to real life. Keep us posted on the situation. I can see your point as to
your job and age and everything since I am in the same boat. I am not going to
sacrifice my future life for any reason. Unfortunately, I don't make 32k yet.
\%\%eatherman
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 87 of 98 7/3/89 at 12:07 pm
Subj: Umm...
Sect: General Messages
From: Lost Carrier
Major Havoc -- The only part of your message I am concerned about is "I had a
long talk with C&P security and a lot of you will be in for a big surpirse," or
something to that effect. I hate surprises. Which of us? heh.
LC, 2af
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 89 of 98 7/3/89 at 4:03 pm
Subj: ....
Sect: General Messages
From: Raving Lunatic
I am shocked. Major Havoc turning people in? About time, I guess it takes
income and responsibilities for most geeks to grow up and I am glad Havoc is not
going to tolerate it. Would be interesting to at least hear the alias(es) of
the people/person that did the forwarding.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 90 of 98 7/3/89 at 5:03 pm
Subj: I find this interesting...
Sect: General Messages
From: The Mechanic
I have seen Major Havoc post several messages recently (both here [The Free
World bulletin board] and elsewhere) on the topic of telephone security. While
it was not explicitly mentioned, it was implied that some activities discussed
might not be entirely legal. In fact, there is a logon message encouraging
users to post as much as possible, as well as upload and download software,
including software that may be copyrighted. Now we see a message from MHavoc
that some of us may be looking forward to "BIG Surprises." I do not know about
you, but I'm going to think twice before I post *anything* to this system, at
least until I am assured that material on this board is not being monitored by
C&P personnel.
I think that if MHavoc wants this system to go anywhere, he is going to have to
- prove* to us that he is not going to be narcing on people as a result of what
they post.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 91 of 98 7/3/89 at 5:23 pm
Subj: ...
Sect: General Messages
From: Major Havoc
The information was not supplied by myself. It was information that was read
to me by C&P security people. I stood there plainly denying that I even knew
what a modem was.
The bottom line is that you do not have to worry about me. You need to worry
about the information that they already have. They merely asked me if I knew
anything about it. Of course I did not...seriously, I don't even know.
-Major Havoc
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 93 of 98 7/3/89 at 8:29 pm
Subj: ...
Sect: General Messages
From: Juan Valdez
I am sure Major Havoc cannot reveal the name of the person who did it, since he
is under investigation, it would make matters more difficult to make his name
public. I am sure we'd all like to know maybe after everything is all done
with. This thing about C&P cracking down scares me. I know that I have not
done anything like what you mentioned and I am not connected to anything
directly as far as I know. Now you are getting me paranoid.
Mike
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 94 of 98 7/3/89 at 9:31 pm
Subj: Hmm...
Sect: General Messages
From: Mr. Mystery
When it becomes possible, please post his name, and, more
importantly, the date of his court appearance. Might be worth
watching.
- MR. MYSTERY
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 95 of 98 7/3/89 at 11:10 pm
Subj: That
Sect: General Messages
From: The Killer
Is he a local or just an upset user. What sort of stuff was the
phone company upset about? Phreakers or people tampering with
their equipment? That is pretty messed up.
So long as my ass is clean, I really hope you get the idiot. I
am curious --Is he a phone company employee? How did he get into
the system?
[Killer/USAlliance] - FW:301/486-4515
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 96 of 98 7/4/89 at 2:26 am
Subj: Things.........
Sect: General Messages
From: Hellraiser
Would I be correct to assume that this board is completely
"private." At any rate, I would be interested in knowing who
this person causing the disturbance is/was (drop a hint).
Numb: 97 of 98 7/4/89 at 6:33 pm
Subj: Jesus...
Sect: General Messages
From: The Disk Jockey
Geez... Someone learns a few LMOS commands and they seem obsessed
with doing stupid things.
I have absolutely no idea why people would act wary towards
Havoc, I am sure that I and anyone else who ran a board would,
given the chance, burn the person disrupting the system. What
the hell did you think? Havoc should just let it slide? I think
not. People like that (doers of such cute call forwarding
things) should be screwed. They are the people that give you a
bad reputation.
-The Disk Jockey
I hope he gets nailed, I just find it hard to believe that he
left any information that could lead back to him, as someone who
was at least smart enough to get into an LMOS or equivalent could
have at least some common sense, but I suppose his acts dictate
otherwise.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Numb: 98 of 98 7/4/89 at 7:21 pm
Subj: Well...
Sect: General Messages
From: Microchip
When it was on interchat, it said Major Havoc was fed up and it
was going to do this until we all calmed down
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
For those who never found out, the perpetrator of the call
forwarding was none other than SuperNigger (who is also
responsible for crashing Black Ice). There never was any solid
proof that could be used and any comments about him leaving a
trail to follow back to him were bluffs. -KL
_______________________________________________________________________________
Conman Loses Prison Phone Privileges September 23, 1989
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
About a year ago there was a plot to steal $69 million from the
First National Bank of Chicago through a fraudulent wire-transfer
scheme masterminded by a man named Armand Moore. Using the
telephone and a computer -- the tools of his trade, Mr. Moore
planned to transfer money from the accounts of corporate
customers at First National to his account in Switzerland.
He needed some inside help to bring it off, and he found two
young guys in the wire transfer room at the bank who were willing
to help. Both of the clerks were fellows in their early
twenties, who had worked for the bank a couple years each. Both
had come from families living in a ghetto neighborhood on the
south side of Chicago; but their families had raised them to be
honest. Both had been average high school students; neither had
any previous criminal record of any sort; both had been given a
break by an employer who treated them fairly and allowed them to
rise to positions of trust: handling huge sums of money --about
a hundred million dollars a day -- in the wire-transfer unit at
the bank. Both showed great promise; then Armand Moore came
along.
Moore wined and dined these two kids; showed them the best of
times and what it was like to have a fancy apartment in a wealthy
neighborhood instead of living with your parents in an inner-city
ghetto. Its not that they weren't guilty --after all, they did
provide the secret passwords and phrases which bank employees say
to one another on the telephone, and they did press the buttons
which sent $69 million dollars on its way to Europe -- but they
would not have done it if Armand Moore had not been there.
So instead of a career at the bank, the guys exchanged it for an
indictment for bank fraud; loss of their jobs; humiliation for
themselves and their families; and the right to say "convicted of
bank fraud" on future job applications. Naturally, they are
blacklisted in the banking and computer industries for the rest
of their lives. One of the guys said Armand had promised to give
him money to buy his mother a new coat.
The job at First National was bungled as we all know, two young
guys had their lives ruined, and the court took all this into
consideration when Armand Moore was sentenced to ten years in
prison last June. But as Paul Harvey would say, "...then there
is the rest of the story...."
It seems Armand Moore was no stranger to bank fraud. He had
previously pulled a couple of smaller jobs, using a telephone and
a computer to net about a million dollars from two banks in the
Detroit area. The FBI had not previously connected him with
those jobs. He had this money stashed away, waiting for him when
he got released from prison, which in this latest scheme, would
be a lot sooner than the government expected.
Mr. Moore is the sort of fellow who could sell the proverbial
ice-box to an Eskimo... or a newspaper subscription to a blind
man... he can get anybody to do anything it seems... by flirting
with them, showering them with attention, and if necessary, just
bribing them. Now two more lives have been ruined by Armand
Moore, and his only regret is he got caught.
Since his trial in June, Armand Moore has been a guest of the
government at the federal penitentiary in downtown Chicago. As a
long term resident, he's gotten to know a lot of the folks,
including the employees of the prison. In particular, he got to
be very good friends with Randy W. Glass, age 28, an employee of
the prison in the computer facility there. Glass' duties include
entering data into the prison computer about the inmates, their
sentences and other data. Oh... is the story becoming clearer
now?
Glass and his wife live in Harvey, IL, a middle class suburb on
the south side of Chicago. It seems like so many other people
who meet Armand Moore, Glass enjoyed the company of this older,
very sophisticated and friendly chap. After several meetings in
the past three months, Glass was finally seduced by Moore's
money, like everyone else who meets him. That, plus his pleasant
manners, his smooth conversation and his assurance that nothing
could go wrong led to Glass finally agreeing to accept a $70,000
bribe in exchange for punching a few buttons on the computer to
show Armand Moore's sentence was complete; him and a couple other
inmates who were sharing the same room at the prison. Just
change a few details, punch a few buttons -- and to be on the
safe side, do it from home with your modem and terminal, using
the Warden's password which I just happen to have and will give
to you in exchange for your cooperation.
$70,000 was hard to resist. But Glass was a prudent man, and he
asked what guarantee would he have of payment once Armand Moore
was released. After all, hadn't he promised those fellows at the
bank all sorts of things and then tried to skip town immediately
when he thought the transfer had gone through? He would even
cheat his fellow crooks, wouldn't he?
Moore offered a $20,000 "down payment" to show his intentions. A
confederate outside the prison would meet Glass' wife and give
her the money. Then the job would be done, and following Moore's
untimely release from the joint, the rest would be paid. The
deal was made, alleges the government, and Armand Moore used a
pay phone at the prison that day to call his stepsister and have
her arrange to meet Mrs. Glass. The money would be exchanged;
Glass was off two days later and would make the necessary
"adjustments" from his home computer; the prison roll would
reflect this on the next morning's roster of prisoners with the
notation "Time Served/Release Today." They would meet that
evening and exchange the rest of the money.
All telephones at the prison, including the public pay phones,
are subject to monitoring. A sign on each pay phone advises that
"your call may be monitored by an employee authorized to do so."
The FBI alleges that recordings were made of Moore on the phone
telling his stepsister that she should "...work with Randy, a
person affiliated with the law..." and that she would meet Mrs.
Glass the next day. With a court ordered tap obtained a few
minutes later, the FBI heard Stephanie Glass agree to meet
Moore's stepsister at 5:45 AM the next morning in a parking lot
in Richton Park, IL.
At the appointed time the next morning, the two cars met in the
parking lot, and the FBI alleges the one woman handed the other a
package containing $20,000 in cash. The FBI videotaped the
meeting and waited until Mrs. Glass had driven away. They
followed her home, and arrested her at that time. Randy Glass
was arrested at the prison when he arrived for work about an hour
later. Armand Moore was arrested in his cell at the prison once
Glass had been taken into custody. To do it the other way around
might have caused Glass to get tipped off and run away.
On Thursday, September 21, 1989 Mr. & Mrs. Glass and Armand Moore
appeared before United States Magistrate Joan Lefkow for
arraignment and finding of probable cause. Finding probable
cause, she ordered all three held without bail at the prison
until their trial. Randy Glass is now, so to speak, on the wrong
side of the bars at the place where he used to work. He was
suspended without pay at the time of his arrest.
At the hearing, Magistrate Lefkow directed some particularly acid
comments to Mr. Moore, noting that he was forbidden to ever use
the telephone again for any reason for the duration of his
confinement, and was forbidden to ever be in the vicinity of the
computer room for any reason, also for the duration.
She noted, "...it seems to me you continue to seek the
conspiracy's objectives by using the telephone, and convincing
others to manipulate the computer..." you stand here today and
show no remorse whatsoever except that you were caught once
again. Your prison record notes that on two occasions, prison
staff have observed you using the telephone and "...pressing the
touchtone buttons in a peculiar way during the call..." and that
you were counseled to stop doing it. I will tell you now sir
that you are not to use the telephone for any reason for the
remainder of your current sentence. I find probable cause to
hold you over for trial on the charge of bribery of a government
employee. Stay away from the phones and computers at the prison
Mr. Moore!"
Like Gabriel Taylor at the First National Bank, neither Randy
Glass or his wife had any prior arrest record or conviction. In
a foolish moment of greed, spurred on by a friendly fellow who
Randy really enjoyed talking to "...because he was so smart and
well-educated..." they now get to face prison and the loss of
everything in their lives. When all three were leaving the
courtroom Thursday, Armand Moore snickered and smiled at the
audience. He'll find other suckers soon enough.
______________________________________________________________________