💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud0642.txt captured on 2022-06-12 at 10:54:59.
-=-=-=-=-=-=-
Computer underground Digest Tue May 17, 1994 Volume 6 : Issue 42
ISSN 1004-042X
Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
Archivist: Brendan Kehoe
Retiring Shadow Archivist: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Covey Editors: D. Bannaducci & S. Jones
CONTENTS, #6.42 (May 17, 1994)
File 1--Hope Conference
File 2--The creeping evil of people with funny nameZ (REVIEW)
File 3--Contributions Wanted for Book on Internet Culture
File 4--Letter to NSF Internet Pricing (TAP Info Policy Note)
File 5--Fidonet Crackdown in Italy (update)
File 6--FEDGOVT> Congress On-Line (fwd)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send a one-line message: SUB CUDIGEST your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
UNITED STATES: etext.archive.umich.edu (141.211.164.18) in /pub/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/cud/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
----------------------------------------------------------------------
Date: Sun, 15 May 1994 15:00:48 -0700
From: Emmanuel Goldstein <emmanuel@WELL.SF.CA.US>
Subject: File 1--Hope Conference
H A C K E R S O N P L A N E T E A R T H !
====================================================================
* T h e F i r s t U. S. H a c k e r C o n g r e s s *
Come together in the summer of 1994 to celebrate the hacker world
and the tenth anniversary of 2600 Magazine. We will have speakers and
demonstrations from around the globe, a collection of films and rare
videos on hacking, and our very own network between all of us
and the outside world!
This is an opportunity to feel the real magic of hacking instead of
hearing about how we're about to destroy the world in some cheap tabloid
or on the news during sweeps week. Government propaganda and corporate
doublespeak have finally met their match!
If you want to help put together this historic event, contact us
by telephone at (516) 751-2600, through the mail at H.O.P.E., PO Box 848,
Middle Island, NY 11953, on the Internet at 2600@well.sf.ca.us.
We need ideas, people, technology, and karma.
H.O.P.E. - August 13th and 14th at the Hotel Pennsylvania,
right in the middle of bustling New York City (Seventh Avenue and
34th Street, right across the street from Penn Station). We've rented out
the entire top floor (except for the mysterious NYNEX office).
Special rates of $99 a night are available from the hotel (double rooms,
four can probably fit easily). Cheaper places are also available as is
nearly anything else. This is New York City, after all.
Admission to the conference is $20 for the entire weekend if you
preregister, $25 at the door, regardless of whether you stay for two days
or five minutes. We encourage you to bring a computer so you can tie into
our giant Ethernet and add to the fun. We hope you try to hack root on
the system we'll be running - all attendees will get accounts with
prizes for the penetrators.
Dancing and merchandising in the halls
Cellular phone workshop
Celebration of the Clipper Chip (not)
Hacker videos from all over the world
Surveillance demos
Hacker legends from around the globe
It's not Woodstock - It's The Future
Many more details are on the way.
Information sources:
2600 Magazine
The Hacker Quarterly
Summer 1994 edition
Off The Hook
Wednesdays, 10:00 pm
WBAI 99.5 FM
New York City
2600 Voice BBS
516-473-2626
alt.2600
on the Internet
and random bits of text like this
------------------------------
Date: 16 May 94 16:40:30 EDT
From: Urnst Couch / Crypt Newsletter <70743.1711@COMPUSERVE.COM>
Subject: File 2--The creeping evil of people with funny nameZ (REVIEW)
"DR. SOLOMON'S PC ANTI-VIRUS BOOK" EXPOSES
THE CREEPING EVIL OF PEOPLE WITH FUNNY NAMES WHOM
YOU WILL NEVER MEET
Sometime at the dawn of the personal computer age, publishers reversed
the laws of good writing for the specialty niche of computer books.
In place, readers got anti-consumerism which mandated that, usually,
books about computers, computer issues, or software would be written
only by presidents or employees of computer manufacturers, consulting
firms peddling advice on computer issues defined by the same
consultants or software developers and their publicity stooges.
This means that if you actually buy such books, you're getting a pig
in a poke. Nowhere is this more obvious than the "DOS For Dummies"
series, a line of pamphlets so easy to sell competitors have rushed
out mimics written for "Idiots" and/or "Morons."
And, in the true spirit of American mass marketing, you can now
purchase attractive yellow and black "DOS For Dummies" baseball caps,
suitable for wearing inside the house, restaurant, bowling alley or
local smart bar. In reality, the hats are a fiendishly clever IQ
test. If you buy one, you fail, signalling to the corporate office
that you are the kind of Pavlovian consumer ready to invest in a fax
subscription to weekly company press releases.
Which is a long way of bringing the reader to "Dr. Solomon's
Anti-Virus Book" (New-Tech/Reed Elsevier), which fits all the, uh,
_good_ characteristics of the _computer book_.
On the cover are always tip-offs. Look for concocted venal plaudits
and non-sequiturs. For instance, "The Anti-Virus Book" is "THE book
on how to eliminate computer viruses" ". . . from the foremost
anti-virus experts" and exposes "computer games and viruses - the
truth!" The publishing inference is that readers have somehow become
too stupid in 1994 to recognize something decent without a gratuitous
amount of pettifogging and boasting.
Alan Solomon and his co-author, Tim Kay, do realize the bogus nature
of computer literature. On page 26 they write, "If you hadn't the
money to start manufacturing, or the knowledge to program, you could
always aim at the book market . . . Anyone who could persuade a
publisher that he had an area of expertise and could write, which
wasn't that difficult, could get into print. One author was reputed
to be writing four or five books at once by using several different
typists in different rooms. The story went that he walked from room
to room dictating a sentence to each typist as he went. Looking at
some of the output, there is no reason to doubt this story."
That's a good tale. But rather ill-spirited when considering "The PC
Anti-Virus Book" is a higgledy-piggledy assembly of reprints from the
S&S International (Solomon's company) corporate organ Virus News
International, Solomon interviewing himself and bursts of writing
which make absolutely zero sense.
For example:
"It would be difficult to create more [virus] experts, because the
learning curve is very shallow. The first time you disassemble
something like Jerusalem virus, it takes a week. After you've done a
few hundred viruses, you could whip through something as simple as
Jerusalem in 15 minutes."
Or:
" . . . the DOS virus will become as irrelevant as CPM (an obsolete
operating system). Except that DOS will still be around 10 or 20
years from now, and viruses for the new operating system will start to
appear as soon as it is worth writing them."
And this favorite:
". . . take the game of virus consequences:
"In the game of Consequences, you start with a simple phrase, and
build up to a convoluted and amusing story. In the virus version of
consequences, you start off with a false alarm and build from there."
The computer underground also figures highly in Solomon's book as he
spent a great deal of time over the past couple years attempting to
track down and telephone American hackers from the United Kingdom.
Nowhere Man - the author of the Virus Creation Laboratory - is in the
book. Although VCL viruses never seemed to make it into the wild,
mentioning the software without pointing this out has always been in
vogue. Members of the hacking group phalcon/SKISM appear, as does
John Buchanan, a Virginia Beach resident, who sold his virus
collection to numerous takers, making about $6-7,000 in the process.
Solomon didn't have these numbers - they're mine. He also fails to
mention that at one point Buchanan contributed his virus collection to
S&S International and was nominated for membership in the
pan-professional Computer Anti-Virus Research Organization by Solomon,
one of its charter members.
Solomon's book wouldn't be complete if it didn't invoke the creeping
evil of virus exchange bulletin board systems. "The Hellpit" [sic]
near Chicago, is one.
And "Toward the end of 1992, the US Government started offering
viruses to people who called one of their BBS's . . . In 1993 the
Crypt newsletter blew the whistle on the US Government [AIS bulletin
board] system . . . " Solomon writes.
Since I edit the newsletter, this is a surprise to me and I'm sure,
Kim Clancy, the AIS system supervisor. But it's almost identical to
the nutty claim made by American computer security consultant Paul
Ferguson when the black-balling of AIS was featured news in Computer
underground Digest. As the story developed, Ferguson - egged on by
Solomon - planted complaints about AIS in RISKS Digest and, later, the
Washington Post. Solomon has been a reader of the Crypt Newsletter and
it must have seemed logical to embroider the story because a back
issue featured an interview with Clancy after she was profiled in
Computer underground Digest.
However, Clancy had been a target of CARO since opening her system to
hacker underground files. Finally, the negative publicity campaign
did that part of the AIS system in.
What a lot of people don't know is that other public systems have been
a target of the same people. About a year earlier, Hans Braun's
COM-SEC computer security BBS in San Francisco had been a target of a
similar smear campaign for carrying issues of 40Hex, a
phalcon/SKISM-edited virus-programming electronic magazine. In a
recent interview for the book "The Virus Creation Labs," Braun
mentioned security workers David Stang (who has by turns been involved
with or worked for the National Computer Security Association in
Carlisle, Pennsylvania; the International Computer Security
Association - now defunct - in Washington, DC; and Norman Data Defense
of Falls Church, Virginia) and Alan Solomon as responsible for the
pressure. Since COM-SEC wasn't politically sensitive like AIS, Braun
said the efforts to tar him were unsuccessful. COM-SEC still carries
40Hex magazine.
"The anti-virus software industry is going through a shake-out; not
everyone is successful anymore," said Braun. "It's my opinion, most
of these kinds of things are really attempts to keep access to
information from competitors."
"The Anti-Virus Book" also has annals of alleged virus-related
computer crime, which illustrates the same rush to seize everything
without leveling criminal charges as seen in the United States.
In the book there is the case of an unnamed man in the town of Rugby,
who had his door broken down by a sledgehammer and all his equipment
grabbed by New Scotland Yard officers in December of 1992 after taking
out an ad selling a virus collection in the English periodical Micro
Computer Mart. The charges were ethereal to non-existent.
About the same time, a hacker was arrested for stealing phone service
from his neighbor's line and his equipment confiscated, too. The
hacker turned out to be Apache Warrior, a member of the small United
Kingdom virus-writing group called ARCV (for Association of Really
Cruel Viruses).
Some background information not included in the book: Alan Solomon
was apparently able to convince New Scotland Yard's computer crime
unit that they should also try to prosecute Apache Warrior as a
virus-writer and that the rest of the group should be rounded up, too.
In conversation, Solomon has said Apache Warrior turned over the names
of other group members. Subsequently, New Scotland Yard and local
constabularies conducted raids at multiple sites in England, arresting
another man. Paradoxically, prior to the arrests, Solomon joked that
ARCV was better at cyber-publicity than virus programming and its
creations were little more than petty menaces. The book offers no
reported incidences of ARCV viruses on the computers of others,
although Virus News International, by extension S&S International,
solicited readers for such evidence in 1993.
Later in the year, Solomon telephoned John Buchanan to tell him he had
been implicated as a member of ARCV - he was not - and that Scotland
Yard might be interested in extraditing him for trial. It turned out
to be so much air.
Apache Warrior settled with the telephone company for the fraud and
the virus-writing prosecutions remain unresolved. Most of this is
left out of "The PC Anti-Virus Book" except parts about the necessity
of jailing virus programmers.
The final part of "The Anti-Virus Book" is devoted to around fifty
pages of leaden legal boilerplate addressing computer meddling
supplied by a lawyer named Wendy R. London. Only those required under
penalty of death or the mentally ill would be interested in paying
attention to it.
A computer book must also include poor reviews of the author's
competitors' products. "The Anti-Virus Book" toes the line in this
regard, criticizing McAfee Associates and Central Point Software.
Also included is a diskette containing an extravagant color
advertisement for S&S International and a poster-sized Virus Calendar
for 1994 and 1995.
The calendar was fun. I'm thinking of sending it to some middle
manager in computer services at a large, boring corporation (or an
editor at a computer magazine). Then they can vex their underlings
(or readers) every day with network e-mail like, "It's May 31. Be on
the lookout for Tormentor-Lixo-Nuke, VCL-Diogenes, AntiCad-COBOL,
Month 4-6, Ital Boy, and Kthulhu computer viruses."
Finally, it would be unfair not to mention "The Anti-Virus Book's"
GOOD parts. The technical analyses of well known PC computer viruses
were fascinating as was Solomon's description of how he developed
specialized virus identification programming for S&S International.
Solomon's development project, called Virtran, was capped when John
Buchanan - the same fellow who was denounced by him for selling
viruses in America - gave the programmer a copy of the NuKE Encryption
Device, or NED - a piece of code written by Nowhere Man and designed
to encrypt viruses in an esoteric manner. At the time Solomon
received it, the NED code wasn't actually in any viruses. It still
isn't, in fact, except for one called ITSHARD. And the story of the
development of Solomon's anti-virus software shows how the virus
underground and one developer in 1993 had each other in a weird
involuntary combination stranglehold and symbiosis.
". . . it does everything in a hundred different ways; it uses word
and byte registers, there are lots of noisy nonsense bytes, little
jumps . . . The NED looked like something out of a Salvador Dali
nightmare and I thought it was going to take a month of programming
[to detect ITSHARD]," writes Solomon.
According to the book, Solomon threw up his hands and decided to
revive a stalled project called the Ugly Duckling. The result was a
major revision of his software, the fruition of the proprietary
Virtran programming techniques used in it and a Queen's Award for
Technological Achievement in 1993. The one NED virus - ITSHARD -
still isn't in the wild almost two years after Nowhere Man wrote the
original encryption code.
These sections didn't suffer at the hands of the patchwork editors who
threw most of "The Anti-Virus Book" together. Unfortunately, they
comprise a small part of "The Anti-Virus Book" and were written so
that only someone already acquainted with the field - not your average
computer user - would get much from them. Just like most of the
dubious literature marketed by computer book publishers.
------------------------------
Date: 15 May 1994 04:18:11 GMT
From: dporter@LELAND.STANFORD.EDU(David Porter)
Subject: File 3--Contributions Wanted for Book on Internet Culture
I am looking for people who might be interested in contributing to a
new book on Internet Culture. The project is still in its early
planning stages, but I foresee an anthology gathering together a
collection of essays, stories and even poetry about life on the Net.
I'm particularly interested in the way the possibilities of
"cyberspace" get people thinking in new ways about things like
community, social interaction, authority, manners, sexuality,
education, story-telling, youth culture, the public sphere, and so on.
I don't have any set line on any of these things beyond my conviction
that things are changing out there in interesting ways, and ways that
are worth thinking and talking about.
At this stage I am not yet asking for contributions, but rather for
comments and initial expressions of interest from people who might
like to contribute something later. If you have an idea for a piece
you might like to do (or that you have already done), please send me a
brief description of what you're thinking about via e-mail
(dporter@leland.stanford.edu) within the next couple of weeks. Based
on the responses I receive, I'll decide if the project actually seems
feasible, and if so, try to form a better idea of the shape the book
might take. At that point I'll write back to all those who responded
to talk about how we might proceed.
I see my own role in all this primarily as that of an editor, though I
might also contribute a piece myself. My own background happens to be
academic (I'm a doctoral student in Comparative Literature at
Stanford), and though I would welcome scholarly contributions, I'm
hoping this collection will represent a wide range of styles and
approaches, and don't want to prescribe in advance the forms
submissions might take. I've edited a book before (Between Men and
Feminism, Routledge, 1992), and taught a couple of courses on the
social impact of computing, so I'm reasonably confident about my
ability to bring the project off.
Please write to let me know what you think, and what you might like to
contribute! Also, if you can suggest other newsgroups where this
message might find a favorable reception, I'll try to post it there
too.
Thanks,
David Porter
dporter@leland.stanford.edu
Dept. of Comparative Literature
Stanford University
Stanford, CA 94305-2087
------------------------------
Date: Sat, 7 May 1994 16:38:20 -0400
From: email list server <listserv@SNYSIDE.SUNNYSIDE.COM>
Subject: File 4--Letter to NSF Internet Pricing (TAP Info Policy Note)
This message is being forwarded to the cpsr-announce list as it is
very relevant to the issue of equal access to the NII- a principle
fundamental to CPSR's NII policy.
TAP postings are archived at cpsr.org:/taxpayer_assets.
Several other postings on the Internet are listed there.