💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud0944.txt captured on 2022-06-12 at 11:05:28.
-=-=-=-=-=-=-
Computer underground Digest Tue June 10, 1997 Volume 9 : Issue 44
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #9.44 (Tue, June 10, 1997)
File 1--Sen Murkowski's comments on S 771 (anti-spam bill)
File 2--NASA Nabs Teen Computer Hacker
File 3--Phil Zimmermann on PGP's future, lawsuits, next steps
File 4-- TEXANS SUE TO RECOVER DAMAGES FOR INTERNET "SPAM"
File 5--Purpose of CuD
File 6--Re: Germany "cybercops" battle offensive speech, violent games
File 7--RE: Anti-Spam bills....
File 8--Invitation - Interop Security Teleconference
File 9--Beyond Hope "Hackers Conference" '97
File 10--Cu Digest Header Info (unchanged since 7 May, 1997)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Thu, 29 May 1997 16:49:16 -0500
From: jthomas2@SUN.SOCI.NIU.EDU(Jim Thomas)
Subject: File 1--Sen Murkowski's comments on S 771 (anti-spam bill)
((MODERATORS' NOTE: Following is the introductin to Senator
Murkowski's note, obtained from his homepage))
S. 771
The Unsolicited
Commercial Email
Choice Act of 1997
I introduced S. 771, the Unsolicited Commercial Email Choice Act of
1997, on May 21, 1997 to combat the growing cost to society of
unsolicited bulk electronic mail messages. All Americans including
Alaskans waste time and money having to receive and delete unsolicited
commercial e-mails. Rural Americans pay transmission charges to
receive this unwanted information. While the cost of these
transmission charges may not be extreme, I fail to see why any
American should bear any costs for receiving something they did not
ask for.
Please note that my bill does not ban such emails. Some may oppose
this approach. However, I have no desire to set a precedent of the
government telling you what you can and cannot see in your inbox. My
bill merely provides a means for Internet users to filter out e-mails
that they do not wish to receive by requiring that senders of
unsolicited e-mails to include Advertisement as the first word of the
subject line and that the real street address, e-mail address and a
telephone number be contained within the body of the message. Routing
information that accompanies the message must also be accurate.
Internet users can request that their ISP filter out all such emails
at their request. ISP's can also unilaterally block all such inbound
messages. Consumers who are disappointed with a unilateral blocking
policy of their ISP can always seek another ISP that allows such
messages on its network. Per their ISP policy, Internet users can also
choose to receive such messages and filter them individually by seeing
the Advertisement tag and using the delete key or to stop them
permanently from specific senders by sending a message to that effect
to the original e-mail originating address.
Some have raised the concern that an offshore marketer sending out
junk e-mails would be beyond the reach of these restrictions. It is
certainly true that no bill that Congress passes can reach directly
beyond American territory. This does not mean, however, that S. 771
would not have an impact upon marketers who mass e-mail from overseas.
If the initiator of the message has a meaningful presence in the
United States such as an office, parent company, bank to deposit
funds, etc..., S. 771 would still reach these marketers under what's
generally known as "long arm jurisdiction." I feel that most Americans
would be hesitant to send money overseas to order from an item
advertised in an unsolicited e-mail.
As with most Internet users, I have no personal objection to the
concept of unsolicited commercial e-mails if those who receive them
actually want to receive them. Today, Internet users subscribe to
electronic mailing lists of their own free will and whatever topic
they choose.
The Internet is an excellent tool for commerce though the use of
commercial world wide web sites. However, America should be not be
burdened by unwanted commercial e-mail.
I welcome the Internet community's comments and suggestions on this
bill. Please feel free to make them to me at
commercialemail@murkowski.senate.gov
Signature
------------------------------
Date: Wed, 04 Jun 1997 22:32:06 -0400
From: "Evian S. Sim" <evian@escape.com>
Subject: File 2--NASA Nabs Teen Computer Hacker
.c The Associated Press
Monday, June 2, 1997
WASHINGTON (AP) - A Delaware teen-ager who hacked his way into a
NASA web site on the Internet and left a message berating U.S.
officials is being investigated by federal authorities, agency
officials said Monday.
NASA Inspector General Robert Gross cited the incident - the most
recent example of a computer invasion of a NASA web site - as an
example of how the space agency has become ``vulnerable via the
Internet.''
"We live in an information environment vastly different than 20
years ago," Gross said in a written statement. "Hackers are
increasing in number and in frequency of attack."
In the latest case, the Delaware teen, whose name, age and
hometown were not released, altered the Internet web site for the
Marshall Space Flight Center in Huntsville, Ala., according to
the statement from the computer crimes division of NASA's
Inspector General Office.
"We own you. Oh, what a tangled web we weave, when we practice to
deceive," the teen's message said, adding that the government
systems administrators who manage the site were "extremely
stupid."
The message also encouraged sympathizers of Kevin Mitnick, a
notorious computer hacker, to respond to the site. Mitnick was
indicted last year on charges stemming from a multimillion-dollar
crime wave in cyberspace.
The altered message was noticed by the computer security team in
Huntsville but the NASA statement did not mention how long the
message was available to the public or exactly when it was
discovered. NASA officials weren't made available to answer
questions about the event.
In the statement, NASA called the teen's hacking "a cracking
spree" and said it was stopped May 26 when his personal computer
was seized.
Prosecutors from the U.S. Attorney's office in Delaware and
Alabama are handling the case with NASA's computer crimes
division.
Last March, cyberspace invaders made their way into another NASA
web site and threatened an electronic terrorist attack against
corporate America. The group, which called itself ``H4G1S'' in
one message and ``HAGIS'' in another, also called for some
well-known hackers to be released from jail.
Engineers at the Goddard Space Flight Center in Greenbelt, Md.,
quickly noticed the change and took the page off the Internet
within 30 minutes. NASA officials said the agency installed
electronic security measures designed to prevent a recurrence.
------------------------------
Date: Fri, 6 Jun 1997 19:51:15 -0400
From: Declan McCullagh <declan@well.com>
Subject: File 3--Phil Zimmermann on PGP's future, lawsuits, next steps
Source - fight-censorship@vorlon.mit.edu
((Fwd from Phil Zimmerman))
Last month, Pretty Good Privacy Inc went through a reorganization in
its top management. We were spending too much money, too fast. Tom
Steding was replaced by Phil Dunkelberger as the president of PGP, and
I handed over the chairman title to Jonathan Seybold, who had been, with
me, the original cofounder of the company. Jonathan is devoting his time
to the business side of things, while I am focussing my attention on my
role as chief technology officer.
I have seen some speculation in some usenet newsgroups that these changes
were in some way connected with the fact that PGP was recently sued by RSA
Data Security over some dispute regarding royalties for use of the RSA
patent, which PGP holds a license to. Let me set the record straight
on this. There are sound business reasons why this shuffling of top
management occurred at PGP, and these reasons are known to all of our
employees. The RSA lawsuit against PGP is absolutely not one of the
reasons, not even remotely. I don't think shuffling top management is
a likely reaction for any company to take in response to a lawsuit, even
if the lawsuit had merit, which this one does not. We fully expect the
RSA matter to be resolved in arbitration proceedings, in our favor.
I know that it is common practice for some companies to issue statements
to "spin" the story about certain events, sometimes at the expense of
truth. This makes a lot of people understandably skeptical about such
explanations. I do have responsibilities toward my company, but no
one could get me to deny a truth about the reasons for the restructuring.
The truth is, the restructuring had absolutely nothing at all to do with
the RSA lawsuit.
I would now like to announce that we will be releasing PGP 5.0 in mid-June.
It's in beta release right now on our web page (www.pgp.com). In keeping
with my own dedication to personal freedom and privacy, we will be releasing
a freeware version for noncommercial use through MIT's web site
(web.mit.edu/pgp), just like in the old days before the company was formed.
And we do plan to publish the full PGP source code for Mac, Windows 95,
and Linux.
There are a lot of new exciting features, including automatic key lookups
from remote key servers on the Internet, which will likely result in the
rapid growth of a ready-made nationwide PGP public-key infrastructure,
on an unprecedented scale. We are also encouraging the migration to new
public key algorithms in addition to RSA, namely the NIST Digital
Signature Standard (DSS), as well as Diffie-Hellman (Elgamal) keys.
We expect most of the new users to be using these new algorithms instead
of RSA, in part because they offer new features, better performance, and
better security for the same key sizes. I hope that you will all join me
in this opportunity to move to these new algorithms, allowing everyone to
finally enjoy the use of public key cryptography without the encumberances
of patents.
Philip Zimmermann
Chief Technology Officer, PGP Inc.
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBM5WoZWV5hLjHqWbdAQGaxgP/UM+i7Pz38x68zdWVOsTrQVepa+0FUndC
NkvTi5iMTC9up7HJgleXMWuAB00qVB8XlC1/6oSx4Ot+gTecu0wXgNG/l8LXFBAo
YYxlPhR497fvKfnWXATkJ3jQJAQbACHXzh7Wycc1MGq+46o6+CkECrUvUs8//KQT
toJMdfVJEVA=
=ywNo
-----END PGP SIGNATURE-----
------------------------------
Date: Thu, 29 May 1997 20:06:51 -0700 (PDT)
From: jonl@well.com
Subject: File 4-- TEXANS SUE TO RECOVER DAMAGES FOR INTERNET "SPAM"
FOR IMMEDIATE RELEASE
TEXANS SUE TO RECOVER DAMAGES FOR INTERNET "SPAM" CLAIMING
ELECTRONIC TRESPASS AND NUISANCE
Austin, Texas, May 28, 1997: Several Internet leaders in Austin,
Texas filed a lawsuit yesterday afternoon against a company and an
individual believed to be responsible for the mass distribution of
junk mail over the Internet, also called "spam." The suit claims that
C.N. Enterprises and Craig Nowak of San Diego, California, sent
thousands of electronic messages selling information on "Free Cash
Grants" for $19.95. The ad's content was not only misleading, the
lawsuit claims, but the company's e-mail used a false return address,
causing the electronic mail boxes of several Austin residents to
overflow with returned copies of the junk mail.
According to the lawsuit, by using a false return address, those who
send junk mail over the Internet can avoid the anger that results from
this controversial practice. They can also avoid dealing with the
thousands of "bounce" messages that result from sending e-mail to
invalid or outdated addresses. "In effect," the lawsuit alleges,
"C.N. Enterprises deliberately dumped tons of its electronic garbage
and pollution" into the Austin residents' mailboxes. The lawsuit
claims that the use of false return addresses on junk e-mail, and the
resulting fallout on those who own the addresses used, is illegal
under the traditional common law causes of action of nuisance,
trespass and conversion.
The lead plaintiff is Tracy LaQuey Parker, a leading Internet
author, who owns the Internet domain name used by C.N. Enterprises
without her permission. Said Ms. Parker, "As a long-time Internet
advocate, I am saddened that the goodwill spirit of the Internet is
being spoiled by irresponsible individuals who forge their identity in
order to make a quick buck. There are plenty of examples of
legitimate commercial uses of the Internet. This isn't one of them."
Joining Ms. Parker in the lawsuit are her husband Patrick Parker and
Peter Rauch, both Ms. Parker's business partners. Also joining the
suit are Zilker Internet Park, Ms. Parker's Internet service provider,
which had to deal with the flood of messages stemming from the "spam,"
and two active Texas Internet groups, the Texas Internet Service
Providers Association (TISPA), a group of commercial Internet service
providers, and EFF-Austin, a local Internet civil liberties
organization.
John Quarterman, an owner of Zilker Internet Park, stated, "'Spam'
is a large and rapidly growing problem which has cost Zilker Internet
Park and many other ISPs and Internet users much time and money. We
have put many technical blocks in place to limit it. With this
lawsuit, we are taking the next step to help stop this abuse of the
Internet."
TISPA and EFF-Austin joined the lawsuit in an effort to broaden the
legal precedent beyond Ms. Parker's single Internet domain name,
according to Gene Crick, TISPA's president. "Increasingly, 'spammers'
are using false return addresses to avoid taking full responsibility
for the harm caused by their unsolicited commercial e-mail," Crick
said. "These forgeries dump huge volumes of unwanted junk mail onto
Internet companies and their customers. TISPA would like to see the
court grant a broad and clear injunction prohibiting this practice."
The lawsuit was filed on behalf of LaQuey and the others by Pete
Kennedy and Roger Williams of George, Donaldson & Ford, L.L.P. of
Austin. Among its other Internet related cases, the law firm has
been
involved in lawsuits against the United States Secret Service and
Simon Leis, the Hamilton County (Ohio) Sheriff, over the seizure of
private e-mail.
# # #
For more information, contact:
Plaintiffs:
Tracy LaQuey Parker and Patrick Parker, 512-454-7748
John Quarterman, Zilker Internet Park, 512-451-7620
Gene Crick, Texas Internet Service Providers Association (TISPA),
512-303-1021
Jon Lebkowsky, EFF-Austin, 512-444-5175
Law Firm:
Peter Kennedy or Roger Williams
George, Donaldson & Ford, L.L.P., 512-495-1400
Media Contact:
Peggy Hubble or Sondra Williams, MEM/Hubble Communications,
512-480-8961
------------------------------
Date: Wed, 4 Jun 1997 09:19:26 -0700
From: Mike Oar <mike_oar@MENTORG.COM>
Subject: File 5--Purpose of CuD
Dear Editors,
I general, I have enjoyed skimming or reading through CuD. Much
of what is contained in there tends to speak towards the
controversial issues which surround computing and society. Many
good points have been raised and provocative and/or
thought-provoking articles are common. I'm sorry to say though
that I've removed myself from the mailing list due to some brash
and poor-taste articles that you've allowed to be published.
Most recently the article (Cu Digest, #9.42) by Meeks. His
hostile tone and language disgust me and make me wonder that if
such people are the main stream of the "movement" to combat
government control over the internet and information, can such a
battle be won?
You may guess that I tend to draw a middle of the road
perspective on censorship. I believe that participants
(on-liners) need to be more civil than they now are, and that
those that aren't continue to destroy the reputation and ability
of the "real" users to use the information that is/could be out
there.
I also believe that while there's nothing inherently wrong with
annonimity, it is often abused and used to cover up sick and
disgusting acts by those who are simply too cowardly or perverse
to reveal their true identity.
However, I have not found that the majority of your articles are
far off the mark or raise concerns that are not worthy to be
heard. As a whole, I think that the information and service that
CuD provides is good. I take note against articles such as
Meeks' which voice slanderous and degrading feelings or opinions
with the intent of putting down people, not policies. I also do
not feel that his use of language is warranted or needed.
There are real issues to deal with as technology becomes more
readily available to the world. It's no longer the play ground
of the select few who can learn how to program or spend endless
hours on-line. And as this technology and it's uses begin to
demand more information and becomes more intimately a part of our
lives, it begins to become the responsibility of those that
create it to do all that they can to educate the users to it's
proper use. Computers are becomming the tool of non-programmers
(and I think that some programmers find that irksome). The
governments are simply responding (fairly well I think) to
something that they don't understand well but that the public
demands. I think it is our charge as the creators of technology
to promote and insure it's proper use, it's ethical use, and do
all that we can to support actions against using it to hurt
others or to promote illeagal behavior. I would like to see CuD
begin to become more proactive in the fight for the proper use of
current and developing technology. I would like to see CuD
support ethical uses of technology instead of complaining about
cyber-cops doing their best to crack down against child
pornography, etc. True, there are some censorship activities
that are going much too far. But I think that we need to realize
that there are malicious people who choose to use it as a weapon;
we should do what we can to stop that. If you will work to
better edit the articles you publish, and begin to look into the
issues I've state above, pleae let me know as I will want to
resume my readings.
Thank you.
--