💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud0402.txt captured on 2022-06-12 at 10:47:45.
-=-=-=-=-=-=-
Computer underground Digest Wed, Jan 15, 1992 Volume 4 : Issue 02
Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
CONTENTS, #4.02 ( Jan 15, 1992)
File 1--Re: Whole Earth Review Questions Technology
File 2--Craig's submission in #4.01
File 3--Subscribing to PHRACK
File 4--Report: 8th Chaos Computer Congress
File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)
File 6--Political Organizing at the Individual Level
File 7--*DRAFT* "Guaranteeing Constitutional Freedoms"
File 8--The Compuserve Case (Reprint from EFF Vol 2, #3)
File 9--Senate Introduces Two FOIA Bills, S. 1929 & S. 1940
Issues of CuD can be found in the Usenet alt.society.cu-digest news
group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG,
and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414)
789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.132),
chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au. To use the U. of
Chicago email server, send mail with the subject "help" (without the
quotes) to archive-server@chsun1.spc.uchicago.edu.
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source
is cited. Some authors do copyright their material, and they should
be contacted for reprint permission. It is assumed that non-personal
mail to the moderators may be reprinted unless otherwise specified.
Readers are encouraged to submit reasoned articles relating to the
Computer Underground. Articles are preferred to short responses.
Please avoid quoting previous posts unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
----------------------------------------------------------------------
Date: Thu, 09 Jan 92 15:54:48 -0600
From: Neil W Rickert <rickert@CS.NIU.EDU>
Subject: File 1--Re: Whole Earth Review Questions Technology
In Cu Digest, #4.01 Tom White writes:
> Is technological innovation invariably beneficial? Do we control
>new technologies or do they control us?
This reminds me of the comments I occasionally have been heard to
make, with tongue only very slightly in cheek:
In the old days, before Xerox became a household word, everyone
participating in an important meeting would be given a copy of the
documentation. Attached was a check sheet. He/she would read the
documentation, cross his/her name off the check sheet, and pass the
documents onto the next person listed.
Today, everybody has an individual copy. There is not so much of a
rush to read it. Thus everyone can put off reading it until the last
minute or a little later, come to the meeting, and an important issue
is voted on without one participant having read it, or having the
courage to admit to not having read it.
+++++++++++
In the old days it was very costly to revise a draft, since the whole
thing had to be redone from the start, with the possibility of new
errors being introduced. As a result many letters and memos were
sent out with minor errors, because it was just not worth the trouble
of correcting them.
Today, with word processing, editing a memo or letter is much
simpler. As a result, drafts are revised ad infinitum. The total
number of man (and woman) hours spend on the document may be three or
more times as much as before. And the result - a few less minor
typos, but no improvement in the essential meaningfulness and
readability of the document.
+++++++++++
To top it off, there are probably thousands of MIPS (million
instructions per second) of computing power dedicated to the sole
purpose of printing address labels on junk mail, much of which will
finish up in land fills without having been read.
------------------------------
Date: Sat, 11 Jan 92 0:23:33 EST
From: tadvocate@anonymous.com
Subject: File 2--Craig's submission in #4.01
Reply to: File 2--How The Government Broke The Law And Went Unpunished
> JUSTICE DENIED
>
> How The Government Broke The Law And Went Unpunished
>
> by Craig Neidorf
> kl@stormking.com
>
>
> TO THE READER:
>
> During the summer of 1990, I wrote the following review of how the
> Privacy Protection Act of 1980 could have been applied to the above
> described incident. After several months of trying to find a way to
> file a claim, I have finally come to realize that the goal I seek is
> unreachable because I do not possess the financial resources to hire
> legal counsel and no law firm or organization capable of handling the
> case will agree to take it on a contingency basis. Furthermore, as I
> Protection Act of 1980 as described above.
>
> ********** Stuff Deleted***********
>
> *** What Are The Remedies?
>
> Section 106(a) provides a civil cause of action for damages for
> violations of the Act. Such an action may be brought by any person
> aggrieved by a violation of the statute.
>
> WE DARE NOT GIVE UP THAT RIGHT!
Craig, stop complaining. You are going to law school. File a pro se
action against the government. File it and ask some of your
professors to help you out. You'll learn more practical law then a
thousand class hours.
If we dare not give up our rights, then we dare not stop.
The Advocate.
[ This information published so that all members of the community can
know that they do not need to depend on lawyers to protect our rights.
The day an american may not protect his rights without a lawyer, is
the day his rights have died.]
PS For those interested. The supreme court is deciding a case where
a man was convicted of receiving child pornography only after being
targeted for 2 years in a blizzard of letters by undercover operators
into buying it by mail. The supreme court will try to determine what
limits the government may not violate in enticing people into breaking
the law.
------------------------------
Date: Tue, 14 Jan 92 17:44:09 EST
From: Storm King ListServ Account <server@STORMKING.COM>
Subject: File 3--Subscribing to PHRACK
We here at phrack have been getting mail bouncing all over the place
due to people writing PHRACK@STOMKING.COM the correct contact for
phrack is at PHRACKSUB@STORMKING.COM. Please correct this!
These days people must do the following to get on the phrack mailing
list.
The distribution of Phrack is now being performed by the software
called Listserv. All individuals on the Phrack Mailing List prior to
your receipt of this letter have been deleted from the list.
If you would like to re-subscribe to Phrack Inc. please follow these
instructions:
1. Send a piece of electronic mail to "LISTSERV@STORMKING.COM". The mail
must be sent from the account where you wish Phrack to be delivered.
2. Leave the "Subject:" field of that letter empty.
3. The first line of your mail message should read:
SUBSCRIBE PHRACK <your name here>
4. DO NOT leave your address in the name field!
(This field is for PHRACK STAFF use only, so please use a full name)
Once you receive the confirmation message, you will then be added to
the Phrack Mailing List. If you do not receive this message within 48
hours, send another message. If you STILL do not receive a message,
please contact
"SERVER@STORMKING.COM".
You will receive future mailings from "PHRACK@STORMKING.COM".
If there are any problems with this procedure, please contact
"SERVER@STORMKING.COM" with a detailed message.
Sincerly,
The Phrack Staff
------------------------------
Date: Tue, 14 Jan 92 12:15 MST
From: Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 4--Report: 8th Chaos Computer Congress
((For those who do not receive either RISKS-L or TELECOM Digest,
we reprint the following form TELECOM Digest, Vol 13 #35 (14 Jan '92)).
***********************************************
Date: Tue, 14 Jan 1992 06:33:50 PST
From: Eric_Florack.Wbst311@xerox.com
Subject: Report: 8th Chaos Computer Congress
The following message was copied from RISKS-L. Of particular interest
to TELECOM reader will be where the writer speaks of HACKTIC. That
such gatherings are becoming more sparsely populated is a positive
step. But is it, perhaps, time for people such as the UN , or perhaps
the ITU, to invoke sanctions against countries that allow such groups
to thrive? ( Comments are my own ... I don't expect anyone else to
have the guts to agree with me.) (Grin)
-=-=-=--=-=-=
Date: 9 Jan 92 16:37 +0100
From: Klaus Brunnstein <brunnstein@rz.informatik.uni-hamburg.dbp.de>
Subject: Chaos Congress 91 Report
Report: 8th Chaos Computer Congress
On occasion of the 10th anniversary of its foundation, Chaos Computer
Club (CCC) organised its 8th Congress in Hamburg (Dec.27-29, 1991). To
more than 400 participants (largest participation ever, with growing
number of students rather than teen-age scholars), a rich diversity of
PC and network related themes was offered, with significantly less
sessions than before devoted to critical themes, such as phreaking,
hacking or malware construction. Changes in the European hacker scene
became evident as only few people from Netherlands (see: Hacktick) and
Italy had come to this former hackers' Mecca. Consequently, Congress
news are only documented in German. As CCC's founding members develop
in age and experience, reflection of CCC's role and growing diversity
(and sometimes visible alienity between leading members) of opinions
indicates that teen-age CCC may produce less spectacular events than
ever before.
This year's dominating theme covered presentations of communication
techniques for PCs, Ataris, Amigas and Unix, the development of a
local net (mousenet.txt: 6.9 kByte) as well as description of regional
(e.g. CCC's ZERBERUS; zerberus.txt: 3.9 kByte) and international
networks (internet.txt: 5.4 kBytes), including a survey (netzwerk.txt:
53.9 kByte). In comparison, CCC'90 documents are more detailed on
architectures while sessions and demonstrations in CCC'91 (in "Hacker
Center" and other rooms) were more concerned with practical navigation
in such nets.
Phreaking was covered by the Dutch group HACKTIC which updated its
CCC'90 presentation of how to "minimize expenditures for telephone
conversations" by using "blue" boxes (simulating specific sounds used
in phone systems to transmit switching commands) and "red" boxes
(using telecom-internal commands for testing purposes), and describing
available software and recent events. Detailed information on
phreaking methods in specific countries and bugs in some telecom
systems were discussed (phreaking.txt: 7.3 kByte). More information
(in Dutch) was available, including charts of electronic circuits, in
several volumes of Dutch "HACKTIC: Tidschrift voor Techno-Anarchisten"
(=news for techno-anarchists).
Remark #1: recent events (e.g. "Gulf hacks") and material presen-
ted on Chaos Congress '91 indicate that Netherland emerges as a new
European center of malicious attacks on systems and networks. Among
other potentially harmful information, HACKTIC #14/15 publishes code
of computer viruses (a BAT-virus which does not work properly;
"world's shortest virus" of 110 bytes, a primitive non-resident virus
significantly longer than the shortest resident Bulgarian virus: 94
Bytes). While many errors in the analysis show that the authors lack
deeper insight into malware technologies (which may change), their
criminal energy in publishing such code evidently is related to the
fact that Netherland has no adequate computer crime legislation. In
contrast, the advent of German computer crime legislation (1989) may
be one reason for CCC's less devotion to potentially harmful themes.
Remark #2: While few Netherland universities devote research and
teaching to in/security, Delft university at least offers introductory
courses into data protection (an issue of large public interest in NL)
and security. Professors Herschberg and Aalders also analyse the
"robustness" of networks and systems, in the sense that students may
try to access connected systems if the addressed organisations agree.
According to Prof. Aalders (in a recent telephone conversation), they
never encourage students to attack systems but they also do not punish
students who report on such attacks which they undertook on their own.
(Herschberg and Alpers deliberately have no email connection.)
Different from recent years, a seminar on Computer viruses (presented
by Morton Swimmer of Virus Test Center, Univ. Hamburg) as deliberately
devoted to disseminate non-destructive information (avoiding any
presentation of virus programming). A survey of legal aspects of
inadequate software quality (including viruses and program errors) was
presented by lawyer Freiherr von Gravenreuth (fehlvir.txt: 5.6 kByte).
Some public attention was drawn to the fact that the "city-call"
telephone system radio-transmits information essentially as ASCII. A
demonstration proved that such transmitted texts may easily be
intercepted, analysed and even manipulated on a PC. CCC publicly
warned that "profiles" of such texts (and those addressed) may easily
be collected, and asked Telecom to inform users about this insecurity
(radioarm.txt: 1.6 kByte); German Telecom did not follow this advice.
Besides discussions of emerging voice mailboxes (voicebox.txt: 2.8
kBytes), an interesting session presented a C64-based chipcard
analysis systems (chipcard.txt: 3.3 kBytes). Two students have built
a simple mechanism to analyse (from systematic IO analysis) the
protocol of a German telephone card communicating with the public
telephone box; they described, in some detail (including an
elctronmicroscopic photo) the architecture and the system behaviour,
including 100 bytes of communication data stored (for each call, for
80 days!) in a central German Telecom computer. Asked for legal
implications of their work, they argued that they just wanted to
understand this technology, and they were not aware of any legal
constraint. They have not analysed possibilities to reload the
telephone account (which is generally possible, due to the
architecture), and they didnot analyse architectures or procedures of
other chipcards (bank cards etc).
Following CCC's (10-year old charta), essential discussions were
devoted to social themes. The "Feminine computer handling" workshop
deliberately excluded men (about 25 women participating), to avoid
last year's experience of male dominancy in related discussions
(femin.txt: 4.2 kBytes). A session (mainly attended by informatics
students) was devoted to "Informatics and Ethics" (ethik.txt: 3.7
kByte), introducing the international state-of-discussion, and
discussing the value of professional standards in the German case.
A discussion about "techno-terrorism" became somewhat symptomatic for
CCC's actual state. While external participants (von Gravenreuth,
Brunnstein) were invited to this theme, CCC-internal controversies
presented the panel discussion under the technical title "definition
questions". While one fraction (Wernery, Wieckmann/terror.txt: 7.2
kByte) wanted to discuss possibilities, examples and dangers of
techno-terrorism openly, others (CCC "ol'man" Wau Holland) wanted to
generally define "terrorism" somehow academically, and some undertook
to describe "government repression" as some sort of terrorism. In the
controversial debate (wau_ter.txt: 9.7 kByte), few examples of
technoterrorism (WANK worm, development of virus techniques for
economic competition and warfare) were given.
More texts are available on: new German games in Multi-User
Domain/Cyberspace (mud.txt: 3.8 kByte), and Wernery's "Btx
documentation" (btx.txt: 6.2 kByte); not all topics have been
reported. All German texts are available from the author (in
self-extracting file: ccc91.exe, about 90 kByte), or from CCC (e-mail:
SYSOP@CHAOS-HH.ZER, fax: +49-40-4917689).
------------------------------
Date: Wed, 15 Jan 1992 11:45:54 GMT
From: John F. McMullen (mcmullen@well.sf.ca.us)
Subject: File 5--Net "do-it-yourself" political activity (NEWSBYTES Reprint)
Warren Announces Do-It-Yourself "NET" Political Activity 1/13/92
WOODSIDE, CALIFORNIA, U.S.A., 1992 JAN 13 (NB) -- Jim Warren, founder
of InfoWorld and the West Coast Computer Faire, has announced a plan
under which US taxpayers may let their legislators know their desire
for expenditure of tax revenues.
In a statement posted of the Whole Earth 'Lectronic Link (WELL),
Warren outlined a proposal under which taxpayers would fill out a form
that specifies the desires of the taxpayer for the uses of her/his tax
payment. The form will then be sent to the taxpayer's elected
representatives. Warren said "As we approach tax-day, it emphasizes
that we again worked more than a third of last year for the
government and politicians. This year, let's tell them how WE want
them to use the hard-earned money they take from us. When we send in
our taxes, let's also send copies of this to our current and
potential elected representatives, especially to this year's political
candidates. (Let's not blame the IRS; they're just doing what our
elected representatives tell them to do.) Please feel free to copy
this to friends, neighbors, customers, business associates and
company and community bulletin boards."
The form, designed by Warren, provides spaces for the taxpayer to fill
in dollar and percentage figures for the expenditure of the funds.
Warren also committed, if taxpayers send copies of the forms to him,
to publish summary reports reflecting the desires of the aggregate of
the reporting taxpayers. Warren's form follows:
To: ______________________________
______________________________
______________________________
______________________________
TAX ALLOCATION INSTRUCTIONS FROM A VOTER
Here are the taxes that I know you are taking from my work last
year, and here is how I want you to use them. (For other projects
that you or your campaign donors desire, please depend on the
hidden taxes that I cannot easily identify.)
This is a very serious matter to me, even though this note is a
form. Please respond and tell me how much of our earnings you, as
our elected representative, want to take in taxes, and how much you
want to spend in each budget-area. Please send me _____ copies of
your response for my friends, neighbors and business associates.
(And, a lack of response will be noted as a response.)
How to use MY taxes: Federal allocations: Fiscal-1992 Federal Budget
1. % $ 18.0% $ 290,820M National Defense
2. % $ 2.2% 35,679M International Affairs
3. % $ 1.2% 18,934M Science, Space and Technology
4. % $ 0.3% 4,129M Energy
5. % $ 1.2% 19,708M Natural Resources and Environment
6. % $ 1.2% 20,219M Agriculture
7. % $ 6.5% 105,780M Commerce and Housing Credit
8. % $ 2.1% 34,312M Transportation
9. % $ 0.4% 5,768M Community & Regional Development
10. % $ 2.9% 46,934M Education,Employment, Soc.Services
11. % $ 5.0% 81,300M Health
12. % $ 7.0% 113,811M Medicare
13. % $ 13.8% 222,691M Income Security
14. % $ 21.7% 351,109M Social Security
15. % $ 2.1% 33,380M Veterans' Benefits and Services
16. % $ 0.9% 14,842M Administration of Justice
17. % $ 0.8% 12,688M General Government
18. 12.7% $ 12.7% 206,343M Net Interest
19. % $ <not an expense> deficit reduction
20. % $ 0.0% 0 tax reduction/refund/rebate to me
------ --------- ------ -----------
100.0% $ 100.0% $1,618,447M my taxes & your FY-1992 budget
Thanking you for your attention to this constituent request, I
remain,
From:______________________________
______________________________
______________________________
______________________________
Warren told Newsbytes that, following his posting, MicroTimes editor
Mary Eisenhart told him that he can include a copy of the form in an
up-coping column in that 200,000 circulation publication.
Warren also stated that any forms sent to him for summarization will
be held in the strictest confidence and not shown to others. He said
"I must hold them for the possibility that anyone doubts that the
basis for our published summary actually existed."
Warren also commented to Newsbytes on the potential of network
mobilization, saying "We have in the computer network the largest
circulation publication in the nation and it is free for the logon
cost. This is the beginning of the implementation of effective
electronic citizenship.
Warren said that at least 2 other electronic political projects are
planned for 1992.
(Barbara E. McMullen & John F. McMullen/Press Contact: Jim Warren,
415-851-2814 (fax); jwarren@autodesk.com (e-mail)/19920113)
------------------------------
Date: Tue, 14 Jan 92 18:45:21 EST
From: Jim Warren (jwarren@well.sf.ca.us)
Subject: File 6--Political Organizing at the Individual Level
Once every four years, with less opportunity each two years -- i.e.,
each election year -- citizen-groups have a brief-but-major
window-of-opportunity to obtain government by and for the People. We
rarely use it effectively.
Civil liberties in the electronic frontier simply cannot wait until
1996. By then, it may be too late to protect online rights, freedom
and privacy.
We need to act now.
We *can* act. And we *can* be effective:
1. Meet with candidates.
Do this in their offices, preferably, as a group of no more than 2-4
articulate, presentable spokespeople. It helps if you have formal
backing of a group, but it is certainly not necessary. What is
greatly persuasive to candidates is whether you are likely to sway a
group of voters.
2. Be informative.
Plan a careful, logical, brief oral presentation of our concerns.
Back it up with a 2-10 page summary of major points, positions and
requests. Supporting newspaper articles are particularly helpful.
3. Seek explicit committments.