💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud0848.txt captured on 2022-06-12 at 11:02:18.
-=-=-=-=-=-=-
Computer underground Digest Sun Jun 23, 1996 Volume 8 : Issue 48
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Field Agent Extraordinaire: David Smith
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #8.48 (Sun, Jun 23, 1996)
File 1--GAO hacker report: selling wind
File 2--"Don't Shoot the Senator" (EYE reprint)
File 3--Cyber Gangs
File 4--Hacking news
File 5--ACLU Cyber-Liberties Update: 6/5/96
File 6--Re: British investigation into "cyber terrorists"
File 7--Child Molester Database on the web
File 8--Reno calls for new Federal agency to oversee crypto
File 9--Cu Digest Header Info (unchanged since 7 Apr, 1996)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Thu, 20 Jun 1996 16:34:12 -0500 (CDT)
From: Crypt Newsletter <crypt@sun.soci.niu.edu>
Subject: File 1--GAO hacker report: selling wind
"It is a great art to know how to sell wind."
-- Baltasar Gracian
The beginning of Summer has delivered a box load of public
announcements on the growing horror of ill-defined hacker menace.
Ever since the end of the Cold War, the U.S. government has been
madly casting about for new enemies to take the place of the old
bogeymen in the Politburo. At various times Third World nations
have been suggested. However, U.S. citizens are uninterested in
thugs from Somalia or Balkan butchers. They are loutish, messy,
and lacking in ICBM fields, B-52s or other obvious means of
projecting power or violence beyond their territories. Terrorist
groups domestic and international have been sought, too.
Unfortunately, the Japanese cult of nerve gas manufacturers has
proven unstable as have the U.S. militias. The militias also have
had the gall to hole up in isolated farm houses while surrounded
by regiments of FBI agents. The pictures at ten fail to move the
populace to panic, instead provoking laughter and ridicule or the
vague suspicion that government employees are overdoing it.
However, bands of hackers have proven far more durable
and roadworthy. This is because they are being cleverly sold as
capable of raping and pillaging the archdukes of capitalism simply
by pushing a few buttons from the refuge of a faraway land or county.
It is the closest anyone has been able to come to the symbolism of
ICBMs and computerized launch codes.
Hackers are good at making mechanisms, too. Small boxes utilized
for the purposes of defrauding everyone's nemeses, the telephone
companies, are now metamorphosing into bigger boxes.
The recent issue of FORBES ASAP featured a number of menacingly
posed fellows on its cover who consented to be avuncular bogeymen for
a roundtable of editors. They spoke of weaponry like remote mass
automatic garage door openers, HAM and short wave radio snoopers which
allow one to eavesdrop on and speak through fast food restaurant
drive-up speakerphones or those small walkie-talkie systems sold as baby
monitors in catalogs like THE SHARPER IMAGE. Electronic death ray
projectors called HERF guns were discussed. No one seems to have
actually seen a HERF death ray but few people ever got to see a real
ICBM or a shell loaded with sarin, either, so the point Crypt
Newsletter attempts to make is probably moot.
The Senate subcommittee on investigations was also hard at work
this month publicizing a 63-page Government Accounting Office
report entitled "Information Security: Computer Attacks at Department
of Defense Pose Increasing Risks" on the threatening world of computer
saboteurs and hacks on DoD networks.
But the Government Accounting Office's report (GAO/AIMD-96-84)
promised a lot more than it delivered. Disappointingly, Crypt noted it
proved to be an extremely general discussion of hackers leavened with
a lot of unsupported conjecture. A look at it convinced Crypt that
anyone wishing to know anything real about computer hacking incidents
would be better served by going to a good bookstore and purchasing
copies of "The Hacker Crackdown," "The Cuckoo's Egg" and "Firewalls
and Internet Security."
Long segments of the GAO treatise also retold -- much less effectively --
news stories that have appeared in the media in the last five
years. For no apparent reason other than to provide "what-if's,"
the GAO republished the tale of a scary Rand Corporation
information warfare gaming exercise reported in a August 21,
1995 cover story for TIME magazine. It read as fiction. The
GAO paper also anonymized and failed to properly cite the
perfectly precise and specific story of Bill Cheswick and Steve
Bellovin's tangle with the Dutch hacker "Berferd" in 1991
(and published in their book, "Firewalls and Internet Security.")
In the report, much is also made of a two year old incident
at the Air Force Material Command facility in Rome, New York.
Although the republic was not harmed, GAO and the military assessed
the difficulties caused by the hack to have set the Department of
Defense back $500,000.
Jack Brock, the congressional General Accounting Office's point man
on its hacker report, said in related congressional testimony:
"Terrorists and other adversaries now have the ability to launch
untraceable attacks from anywhere in the world. They could infect
critical systems with sophisticated computer viruses, potentially
causing them to malfunction."
Yes, and it is easy to imagine that this statement would come as a
very bitter surprise to Christopher Pile, a real British hacker who
cast his SMEG viruses into the computer underground. Of course, he
turned out to be far from "untraceable" and is now serving a year and
a half jail sentence on charges having to do with his comings and
goings in cyberspace.
The GAO reports DoD computers "may" have been the target of assaults
in the last year. Later on in the text, it is cited that there
were 559 "officially reported" incidents in 1995. Very little meaning
can be extracted from these figures since no real methodology on their
derivation is presented. For example, would 250,000 assaults
include Crypt Newsletter using telnet to bring up a network address
reprinted in a nonfiction book on UFO's and finding that it was
PENTAGON-AI.ARMY.MIL, a restricted site?
A recent Washington Post article on the GAO/hacker/DoD congressional
hearings also mentioned other reports which have built scenarios for
effect. To wit: although FAA traffic control computers are safe
because they are old, complicated and rickety, it is theoretically
possible that future replacements would prove to be playgrounds for
malicious but invisible hackers.
The metaphor of the popular movie was also used to make a point: In
"The Net" a hacker changes the medical records of the Secretary
of Defense at the Bethesda Naval Center. Readers are asked to
think of this as real.
Work published by the Computer Security Institute projects the
hacker menace onto US corporates, too. Forty two percent of 428
respondents to a poll insist they've been hacked within the past year.
The respondents are invisible. Always shielded by layers of
confidentiality and anonymity we do not grant victims of sex
offenders, corporate victims are said to speak of computer evil-doers.
Science Applications International Corp., a giant think tank
and Pentagon contractor pulls out of Congressional hearings on criminal
hacking. "We have non-disclosure agreements with our clients and we
were not given clear and absolute assurances that under questioning
we wouldn't be expected to violate those nondisclosure agreements,"
said a mouthpiece for the organization.
Many, many foreign countries -- "more than 120" -- appeared to have
hackers whom at one time or another try their hands on Department of
Defense systems, Mr. Brock said. According to the news, he added the
National Security Agency knew which countries these were but this was
classified information. Secret. None of your business even though you
paid for it. Invisible.
Crypt phoned Mr. Brock in an effort to shed more light on the data
in his report but he said he couldn't discuss anything about it with
anyone, particularly over the telephone. Mr. Brock said the NSA had
presented the data to him but had sworn him not to talk of it. Crypt
felt sorry for questioning Mr. Brock because his style made it clear he
was a little bit frightened of the mandarins at the NSA. One received
the distinct impression that Mr. Brock felt that even if the simple words
"hacker" or "computer virus" were mentioned on an open line too many
times a bad thing might happen. It was like the reading of a horror
novel by H. P. Lovecraft. If the wrong word were invoked an unspeakable
creature might be summoned from the Arkham of Ft. Meade, one that could
mutate the careless utterer of it into a many tentacled fish-frog.
In seriousness, perhaps a bad thing could occur. A career could be
smudged over something as simple as candor in a three minute phone
chat.
Mr. Brock also said a number of odd things. He said that there
had been information presented by the NSA of varying sensitivity and
there had been no decision on how it should be classified. So no blanket
classification had been made but still no one could speak of it.
"I'm not a good source," said Mr. Brock. Then he repeated it: "I am
not a good source." What? But if not the GAO investigator, then who?
Of course, the answer is a circular argument. The NSA was the final
source -- that's who.
Well, Crypt Newsletter readers no longer believe the standard
bromides delivered by intelligence agencies. They know that
excessive classification or gag orders are an indication of someone
wishing to hide data that qualifies the publicized announcement, to
disguise plagiarism from open sources, or cover up incompetence and
outright fraud.
Wrestling with invisibles, or symbols, was always what the Cold War
was about. No one except an obscure lunatic named T. K. Jones in
the Reagan administration really thought that either U.S. generals
or their Soviet counterparts would call down the wrath of 10,000
nuclear warheads. Yet the symbol of the nuclear-tipped missile
remained the stone tablet of the religion of geopolitics, a totem
that could be successfully shaken at newspapers, Congressional
meetings and international summits.
Hackers are a totem of great power, too. For a short period of
time, Kevin Mitnick became the 1995 equivalent of Muammar Ghaddafi, at
least in newspapers and on TV. Unknowable and unknown, his image - that
of a menacing-looking cypher in thick glasses - was an appropriately
fearful symbol to some. When the Mitnick-Ghaddafi turned out to be
normal looking months later, no one cared anyway. Tsutomu
Shimomura, like US F-111s, had already been dispatched to banish the
Mitnick-Ghaddafi to the trashpits of Gehenna -- in this case
city jails in North Carolina and Los Angeles. Shimomura, it
turned out, appeared to have missed the real target but the F-111s sent
to mail the Ghaddafi menace C.O.D. to Allah missed, too, and media
history has been kind to both affairs.
The Mitnick-Ghaddafi, said those with the loudest voices, at one
point in the dim past might have been able to start World
War III by diddling computers in Cheyenne Mountain. They were confused
by Hollywood and appeared to believe that a teen movie called "Wargames"
actually featured the Mitnick-Ghaddafi. Since the Mitnick-Ghaddafi had
neither a press agent or a constant address he was certainly hard
to find and not in much of a position to clarify matters. This worked
against him and for the forgers of symbols and the tellers of tales. If
Mitnick had possessed the wit to walk into a TV studio the day
after his face showed up on the front page of The New York Times or to
spend $500 dollars for a couple of news releases on the PR Newswire, his
career as a religious totem used to scare and thrill the citizenry
would have been over long before media momentum and book sales
transformed him into a myth.
From virus writers to Internet marauders the average computer d0od
who fancies himself a successful hacker has never understood the
mechanisms of media symbolism.
Invariably, the hacker can always be lured into exaggerating his
impact upon the republic by appropriate blandishments from reporters
in the mainstream media. In need of a malevolent sounding man to portray
as a dangerous computer-master weirdo? Place a query on the Internet
and the editorial phone will ring off the hook.
From the perspective of the hacker this seems like an attractive deal.
He gets to tweak the nose of suits, make Congressmen scurry about at the
behest of the NSA and cause the neighbors to keep the cat in at night.
Power! Celebrity! The euphoria lasts until the inevitable story is
published and a couple hundred thousand people read it. The reality of
this leaves the interviewed computer jockey feeling nervous and cheated.
He has been cast as a hideous but banal carnivorous ogre, not a cool
clove cigarette-smoking anti-hero. If a photo is published it will
invariably be the one that was the product of an atrocious camera angle,
the one that made him look like a creepy slug or Doctor Octopus. Locals
may be sufficiently frightened by this image to consider mustering a
party to slay the ogre. Instead of getting on the cover of People, it has
become time to lay low at the job, to change one's phone number or to ask
the parents to fund a sojourn at an anonymous state university. The
hacker so treated finds his life transformed as if by a philosopher's
stone. But instead of being transmuted from lead into gold, the media
has cruelly turned him into just a different isotope of lead -- that of
the pariah.
Malicious hackers are a fact of life. Some of them break into systems
or write viruses that spread around the world. Some of them get away
with a lot. But the lesson to be learned is not that they can smash
the republic or loot corporate treasure. Rather the lessons are the
stories of Kevin Mitnick, James Gentile, Chris Pile, Kevin Poulsen,
Phiber Optik or whomever is the newest flavor of the week in the myth
business. One can count on, at the least, family embarrassment and the
inability to conduct one's future affairs in private or, at worst, a
criminal record based, in part, on wind and an image that becomes a
radical millstone in conservative times.
Notes: The quote from Scientific Applications was taken from a
story in the June 6 issue of the Washington Post: "U.S., Private
Computers Vulnerable to Attacks by Hackers, Study Says" by
Elizabeth Corcoran.
------------------------------
Date: Sun, 23 Jun 1993 22:51:01 EDT
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 2--"Don't Shoot the Senator" (EYE reprint)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
eye WEEKLY May 30, 1996
Toronto's arts newspaper .....free every Thursday
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
EYENET EYENET
DON'T SHOOT THE SENATOR
by
K.K . CAMPBELL
Last week, the police were hot on the trail of the net.inspired
Watermelon Bombers of Edmonton. "A reign of exploding fruit terror!"
Well, the terror never stops online.
Now a kid has been arrested for "terrorism" in California because he
posted a suggestion to Usenet that a California senator who supports
hunting mountain lions for fun should himself be declared open season
for hunting.
On March 6, a 19-year-old college student in El Paso, Texas, Jose
Eduardo Saavedra (zuma@primenet.com), contributed a post in a Usenet
thread about hunting mountain lions:
"Let's hunt Sen. Tim Leslie for sport ... I think it would be great to
see this slimeball, asshole, conservative moron hunted down and
skinned and mounted for our viewing pleasure.
"I would rather see every right-wing nut like scumface Leslie
destroyed in the name of political sport, than lose one mountain lion
whose only fault is having to live in a state with a fucked up jerk
like this shit-faced republican and his supporters."
It seems making the hunting of mountain lions legal is a hot issue in
California. Leslie supports such hunting. Saavedra is apparently an
animal-rights/anti-hunter activist, and so proposed hunting the
senator instead. And he sent that proposal to newsgroups
talk.environment, sci.environment, talk.politics.animals, rec.pets,
ca.politics, rec.pets.cats, rec.animals.wildlife, rec.food.veg and
alt.save-The-Earth.
On March 13, Saavedra reappeared in the ca.general (general shit about
California) newsgroup saying a California reporter had seen a copy of
his original post and was just wondering if he really wanted people to
kill the senator. Saavedra clarified his position:
"I recently was contacted by a reporter for a northern California
newspaper wanting to know if I really meant what I said about hunting
Tim Leslie. Since it appears that the post has frightened some people
-- let me offer some clarification," and he ends his post with this
statement: "Would I hunt down Tim or anyone else -- no. Would I
support such an action -- no. Would I be happy if some nut actually
did such a thing? YES, just like a German Jew would have celebrated
the death of Hitler. So -- If California would pass a law allowing the
hunting of hunters -- then, and only then, would I go out, buy a gun,
and become a hunter."
On the morning of May 8, Saavedra was arrested on a no-bail warrant
based on felony charges alleging that he made "terrorist threats and
threatened a public official," according to Sgt. Don Marshall of the
El Paso County Sheriff's office.
The student was taken into custody in El Paso County Jail on a
"Fugitive from Justice" warrant issued by the Sacramento district
attorney's office.
On May 10, the Sacramento Bee ran a story headlined "Internet Threat
to Leslie Brings Arrest." It quoted Leslie: "I hope the message to the
public is that it is not legal to abuse the Internet." The paper noted
that Saavedra refused to waive extradition, so California would have
to execute a governor's warrant to drag him there for trial.
On May 11, the San Francisco Examiner ran an AP story titled "Net
threat is traced to student."
Free speech activists everywhere couldn't believe it was true at
first, it was so ludicrous. But it was true, so they began analyzing
Saavedra's posts with a legal eye. On the fight-censorship list, Jay
Holovacs (holovacs@ios.com) noted: "This statement is so obviously
sarcastic that I don't think any reasonable person reading it would
actually believe he is planning to kill Leslie. If however, after this
statement was made, someone took pot shots at Leslie, then it would be
basis for investigation."
EFF counsel Mike Godwin (mnemonic@well.com) made the comment that what
Saavedra was doing was not very different from other "protected"
political speech, like wearing a T-shirt emblazoned "Fuck The Draft."
Leslie, meanwhile, told the press he was "relieved" an arrest had been
made -- whew! He says Saavedra's case raises "big new issues" about
the net. The senator also says it's a "very serious matter" to
"threaten or intimidate or extort others in a public forum like this."
OK, class -- having read the senator's observations, do you think he
is a regular user of Usenet?
Ann Beeson (beeson@nyc.pipeline.com), from the ACLU's National Office,
says the ACLU of Northern California has agreed to take Saavedra's
case. "The ACLU attorneys in North California are strategizing with
Saavedra's attorney, a public defender in Texas," she says.
The Sacramento DA's office says cops located Saavedra through
information from the student's Internet provider, Arizona's Primenet.
Beeson and the ACLU understand these kinds of cases are far bigger
than just one student angry about the slaughter of mountain lions, or
an asshole sitting in the U.S. senate. It's about the entire structure
of the Internet and how quickly Internet service providers will pull
down their pants when the cops come calling. How ready is your own ISP
to just hand over access to all your email when John Law appears at
their door asking for "cooperation" against whatever they are
labelling you: terrorist/child pornographer/anarchist/drug dealer,
etc.?
"In addition to the obvious infringement on Saavedra's free speech
rights, we are curious to learn just how much info PrimeNet of Arizona
turned over to law enforcement to enable the arrest," Beeson says.
"There may be a privacy issue here as well."
California Senator Tim Leslie's office can be reached at (916) 445-
5788. Timmy... get yer gun...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Retransmit freely in cyberspace Author holds standard copyright
http://www.eye.net Mailing list available
eyeNET archive --------------> http://www.eye.net/News/Eyenet
eye@eye.net "...Break the Gutenberg Lock..." 416-971-8421
------------------------------
Date: Wed, 5 Jun 1996 06:15:35 -0400 (EDT)
From: NOAH <noah@enabled.com>
Subject: File 3--Cyber Gangs
From--Rogue Agent :::
City of London Surrenders To Cyber Gangs
Copyright 1996 Nando.net
Copyright 1996 Times of London
(Jun 2, 1996 00:06 a.m. EDT) -- City of London financial institutions
have paid huge sums to international gangs of sophisticated "cyber
terrorists" who have amassed up to 400 million pounds worldwide by
threatening to wipe out computer systems.
Banks, broking firms and investment houses in America have also secretly
paid ransom to prevent costly computer meltdown and a collapse in
confidence among their customers, according to sources in Whitehall and
Washington.
A Sunday Times Insight investigation has established that British and
American agencies are examining more than 40 "attacks" on financial
institutions in London and New York since 1993.
Victims have paid up to 13 million pounds a time after the blackmailers
demonstrated their ability to bring trading to a halt using advanced
"information warfare" techniques learnt from the military.
<snip>
European and American police forces have set up special units to tackle
the cyber criminals, who, Ministry of Defence sources believe, have
netted between 200 and 400 million pounds globally over the past three
years. But law enforcement agencies complain that senior financiers have
closed ranks and are hindering inquiries.
<snip>
Scotland Yard is now taking part in a Europe-wide initiative to catch
the cyber criminals and has appointed a senior detective from its
computer crime unit to take part in an operation codenamed Lathe
Gambit. Such is the secrecy that few details about the inquiry have
emerged.
In America, the FBI has set up three separate units to investigate
computer extortion.
The NSA believes there are four cyber gangs and has evidence that at
least one is based in Russia. The agency is now examining four examples
of blackmail said to have occurred in London:
- -- January 6, 1993: Trading halted at a broking house after blackmail
threat and computer crash. Ransom of 10 million pounds paid to
account in Zurich.
- -- January 14, 1993: a blue-chip bank paid 12.5 million pounds after
blackmail threats.
- -- January 29, 1993: a broking house paid 10 million pounds in ransom
after similar threats.
- -- March 17, 1995: a defence firm paid 10 million pounds in ransom.
In all four incidents, the gangs made threats to senior directors and
demonstrated that they had the capacity to crash a computer system. Each
victim conceded to the blackmailers' demands within hours and
transferred the money to offshore bank accounts, from which it was
removed by the gangs within minutes.
...............
------------------------------
Date: Wed, 5 Jun 1996 06:20:44 -0400 (EDT)
From: NOAH <noah@enabled.com>
Subject: File 4--Hacking news
(Some Headers and Sigs removed)
-Noah
-----------------------
From--Rogue Agent :::
Shedding light on a 'darkside hacker'
By Chris Nerney
05/06/96
A magazine publisher says he has repeatedly invaded her
computer system and tampered with her phones - a three-year campaign
of harassment she estimates has cost her $1 million.
A systems administrator for an Internet service provider (ISP)
in Massachusetts alleges he knocked out an entire server and posted
anti-Semitic messages through the service.
Workers at the Boston Herald say he threatened to sabotage the
newspaper's computer system after stories were printed about him.
His name is u4ea. He calls himself a 'darkside hacker.'
And no one knows his real identity.
He may be anonymous, but u4ea is not unique. There are
hundreds, maybe thousands, of hackers easily capable of breaking
into systems while eluding detection.
<snip>
Copyright 1995 Network World, Inc.
------------------------------
Date: Tue, 4 Jun 1996 20:14:08 GMT
Subject: File 5--ACLU Cyber-Liberties Update: 6/5/96
From: beeson@nyc.pipeline.com (Ann Beeson)
----------------------------------------------------------------
June 5, 1996
ACLU CYBER-LIBERTIES UPDATE
An e-zine on cyber-liberties cases and controversies at the state and
federal level.
----------------------------------------------------------------