💾 Archived View for gemini.spam.works › mirrors › textfiles › magazines › CUD › cud0213.txt captured on 2022-07-17 at 03:44:47.

View Raw

More Information

⬅️ Previous capture (2022-06-12)


                  >C O M P U T E R   U N D E R G R O U N D<
                                >D I G E S T<
              ***  Volume 2, Issue #2.13 (November 25 1990)   **

MODERATORS:   Jim Thomas / Gordon Meyer  (TK0JUT2@NIU.bitnet)
ARCHIVISTS:   Bob Krause / Alex Smith / Brendan Kehoe
USENET readers can currently receive CuD as alt.society.cu-digest.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may be reprinted as long as the source is
cited.  Some authors, however, do copyright their material, and those
authors should be contacted for reprint permission.
It is assumed that non-personal mail to the moderators may be reprinted
unless otherwise specified. Readers are encouraged to submit reasoned
articles relating to the Computer Underground.
DISCLAIMER: The views represented herein do not necessarily represent the
            views of the moderators. Contributors assume all responsibility
            for assuring that articles submitted do not violate copyright

File 1: Moderators' Corner
File 2: EPIC (Effective Performance in Candidates)
File 3: The Riggs Sentencing (reprint from Newsbytes)
File 4: First Conference on Computers, Freedom & Privacy
File 5: Hackers Break into DEA Lines



From:      Moderators
Subject: Moderators' Corner
Date:      November 25 1990

In this file:

Correction of SJG Affidavit

In CuD 2.11, we reprinted the search affidavit used for the Steve Jackson
Games raid.  We included several pages of logs from The Phoenix Project.
These logs *WERE NOT* originally attached to the affidavit, but were sent to
us independently of that document as background.  The judge apparently never
saw the logs. Having read them, one wonders if the investigator did either,
because it defies all sane logic to impute involvement in a criminal "scheme"
merely by explaining that Kermit is a 7-byte transfer protocol used primarily
on mainframes. If you have not read the document, we recommend it.

Len Rose Update

As of this week, Len Rose had not yet been indicted for the Illinois
charges. Len was arrested in late October on state charges alleging
computer tampering a few days after taking a job in Naperville, Ill. The
original indictment date was postponed by the state. His legal
difficulties, which some of us find the result of overzealous federal
prosecution, continue to hamper his employment possibilities.

Sheldon Zenner, the attorney who successfully defended Craig Neidorf, has
agreed to channel donations to Len for those wishing to support him. *THIS
IS NOT* a legal defense fund, but humanitarian assistance to provide food,
rent, and utilities for wife and family.

       Len Rose Donation
       c/o Sheldon Zenner
       Katten, Muchin and Zavis
       525 W. Monroe, Suite 1600
       Chicago,  IL  60606

New FTP Site

Another ftp site has been added from which CuD back issues and other
archives may be obtained. The hours are limited from 6 pm to 6 am. The
following should get you on it:

   % ftp cs.widener.edu
or % ftp

   Connected to cs.widener.edu.
   220 titan FTP server (SunOS 4.1) ready.
   Name (cs.widener.edu:): <enter 'anonymous'>
   Password (cs.widener.edu:anonymous): <enter your email address>
   331 Guest login ok, send ident as password.
   230 Guest login ok, access restrictions apply.
   ftp> cd pub/cud
   ftp> dir
      ... blah blah blah ...
   ftp> quit
   221 Goodbye.


NOTE: Be sure to use your e-mail address for the password or it
      not let you on.

                           >> END OF THIS FILE <<


From: Jeffery Aldrich <well!jefrich@APPLE.COM>
Subject: EPIC (Effective Performance in Candidates)
Date: Tue, 20 Nov 90 16:37:51 pst

            Constitutional Rights and the Electronic Community
                             (Copyright, 1990)

         Even if you're on the right track, you'll
         get run over if you just sit there.

                               Will Rogers

CPSR (Computer Professionals for Social Responsibility) and the EFF
(Electronic Frontier Foundation) have done a great deal in a very short
time to awaken the political consciousness of the electronic community.
The EFF managed to take some of the steam from the enforcement train
railroading members of the CU and gave this community its first taste of
political victory.  No doubt these victories will continue to strengthen
individual rights in the virtual world.  As a student of electronic
democracy, I am an ardent supporter of the goals expressed by the EFF.  the
goals expressed by the EFF.  With six years devoted to personal and
professional interest in the civil rights and political issues facing the
electronic community.

Jim Thomas has asked on several occasions that I write something for CuD
about The EPIC (Effective Performance in Candidates) Project, a nonprofit
group I founded last year.  A description of The EPIC Project is included
in this article as background information.  Political action by a nonprofit
is limited by law.  Most of what we learn about electronic politicking in
the nonprofit must be used elsewhere.  I was hired earlier this year to
help qualify a citizen initiative for the November elections in California.
The measure included a provision making public use of computer
telecommunications a state constitutional right.  This article focuses on
that effort and concludes with a notice of plans underway for 1992.

The EPIC Project

This project is an extension of research conducted at Sacramento State
University focusing on the impact of electronic democracy in American
politics.  We *may* have created a back-door link of computer
telecommunication technology to the U.S. Constitution (Campaign Industry
News, Feb. 1990).  We're years away from solving the dependent variable
dilemma of a Supreme Court test.  Board members include Dave Hughes (the
founding father of electronic democracy) and Dr. Gene Shoemaker,
constitutional scholar and author of the War Powers Act (1974).  Projects
include R&D of software to insure text data integrity from a network
distribution source via end user verification software; research into the
development of national electronic political party organizations
(Communications Daily, 2-2-90), and; research compiled on the Sundevil
raids assisted Ohio Supreme Court Justice William McMahon, ABA Technology
and the Courts Committee chairman, in opening a Sundevil subcommittee
looking into federal court rule changes.  This subcommittee and Judge
McMahon are now working closely with the EFF.

Political Action and Electronic Rights

With all the consternation over abused constitutional rights in the online
community this year, Californians missed an opportunity to vote themselves
a Constitutional Right to telecommunicate.  Below is part of the opening
text from a file containing a print, sign and snail mail ballot initiative
signature petition to qualify a proposed California Constitutional
Amendment for the November 1990 general election (Western Edition WSJ
4-20-90; Middlesex News 4-23-90).  I directed the statewide electronic file
distribution and speech forums:

                        are linked by

  What your signature and signatures which you gather can do for you and
your family (and your business), is provide a Constitutional Right to
electronic citizen oversight of Legislative redistricting plans -- right in
your home computer --if you like!

  There are now NO RULES for drawing voting district lines to establish a
competitive election process.  The FAIR REDISTRICTING INITIATIVE lays out
POLITICIANS and eliminates the possibility of gerrymandering -- the drawing
of electoral district lines to protect incumbents and deny fair
representation.  One of the most important SECTIONS included in this
Initiative creates electronic citizen oversight of redistricting or
reapportionment plans drafted by the Legislature before any legislative

  SECTION 5:  The Legislature shall DISSEMINATE and make PUBLICLY
available, in hard copy and COMPUTER-READABLE FORMAT, any data base or
other information submitted or developed for its use in establishing and
redistricting or reapportionment plans...


                        IT'S ABOUT TIME FOR

  Are you ready to join other people of the world in this era our
politicians praise as the "Decade of Democracy?"  Are you tired of cheering
the democratic victories of others?  Your opportunity to take action in the
name of DEMOCRACY is right in front of you.  The Revolutionary Power of the
Information Age is at your fingertips. THE FAIR REDISTRICTING INITIATIVE
lets you put that power to work for you!!
                            *** end ***

In addition to the first effort at state level constitutional rights to
telecommunicate, and to access government data in electronic form, this was
the first statewide electronic distribution of print and sign political
action material.  In April and May of this year, issues about
constitutional rights were still considered boring as dirt to most of the
online community.

The discussions that follow are excerpts from a WELL conference
on the initiative.  It is not presented as a representative
sample and is reprinted with permission.

Topic 333:  Californians seek Information Age Democracy -- print
Jeff Aldrich (jefrich)      Mon, Apr 23, '90  (22:35)      18

   One item I've noticed absent from this discussion is any reference to
the fact that this initiative, if passed, will link this technology to the
Ca Constitution by creating a constitutionally mandated right of public
access to specific info in "computer-readable" format.

   With the volume of discussion I've seen in the Well on Electronic
Citizenship and the need for same, I find it rather odd there has yet been
commentary posted on this aspect of the initiative.  And what about the
fact that for the first time in Ca history an initiative is being
distributed, in complete form, electronically -- giving people an
opportunity to make an informed decision prior to signing a petition to
qualify a measure for statewide ballot?  Instead of some fellow pushing a
pen at you to sign something on an ironing board when you leave the grocery

Topic 333:  Californians seek Information Age Democracy -- print
# 26: Daniel A. Murphy (murphy)      Tue, Apr 24, '90  (21:39)

 Jeff:  I think you're looking at Fenno's paradox.  Look at what people
think of *their* representative, not Congress as a whole.  For the most
part, people support their representative, and where they don't (e.g.
Cranston) it's clear they aren't likely prospects for reelection.

Topic 333:  Californians seek Information Age Democracy -- print
# 29: David Gans (tnf)      Wed, Apr 25, '90  (10:49)       4

 In the long run, information access would tend to produce a better
informed electorate.  If you don't think the GOP takes public apathy and
stupidity to the bank and the ballot box year after year, you haven't been
paying attention!

Topic 333:  Californians seek Information Age Democracy -- print
# 31: harry henderson (hrh)      Wed, Apr 25, '90  (17:39)

 The GOP don't have a monopoly on taking voter stupidity to the bank. The
Democrats also have a specialty: economic shell games that take advantage
of voters' lack of knowledge of basic economic principles like supply and
demand, incentive, etc.

Topic 333:  Californians seek Information Age Democracy -- print
# 32: Jeff Aldrich (jefrich)      Wed, Apr 25, '90  (18:02)

 The fact is, while we sit around on our butt's chewing the finer points of
who's doing what to who, we're all loosing the right to access government
data information.  I just got a report today from the firm in Sacramento
counting signatures on petitions that have come in.  The few we've received
on computer printed paper are from sysop's I've been working with -- Zero
from the Well.

 The point is we have an opportunity to open a door that is closed and
being welded shut. I'm beginning to wonder if all the talk here in the Well
about how great the concept of Electronic Citizenship is -- protect our
future, power to those without power, etc. -- was little more than
sanctimonious rubbish.

Topic 333:  Californians seek Information Age Democracy -- print
# 33: Bob Jacobson (bluefire)      Wed, Apr 25, '90  (18:34)

 I think an initiative targeted on open information would be clearer,
easier to understand, less expensive to run, and more certain of passage.

Topic 333:  Californians seek Information Age Democracy -- print
# 34: Daniel A. Murphy (murphy)      Wed, Apr 25, '90  (18:54)

 I agree completely with Bob.  Better information access would help the
process; it shouldn't me mixed up with a reapportionment scheme.

Topic 333:  Californians seek Information Age Democracy -- print
# 35: David Gans (tnf)      Wed, Apr 25, '90  (20:02)       2

 And phrases like "sanctimonious rubbish" aren't likely to
inspire very many people around here.

Topic 333:  Californians seek Information Age Democracy -- print
# 36: Jeff Aldrich (jefrich)      Thu, Apr 26, '90  (01:53)

 Your right, David, that remark does not belong here.

 Bob's right on all four items.  Such an initiative would be easier to
understand and pass.  But I don't have any problems with constitutional
access tied to this initiative.  Neither does the Rose Institute at
Clairmont.  My difficulty is understanding the inactivity from the Well.

Topic 333:  Californians seek Information Age Democracy -- print
# 37: Robert Deward (bobd)      Thu, Apr 26, '90  (13:37)       6

 Are there any models for an initiative addressing open access to govt.
information?  I can check with Reference Point if no one has anything

 This sounds to me like a perfect issue on which to test our beliefs about
the efficacy of the on-line medium.  What do you people think?

Topic 333:  Californians seek Information Age Democracy -- print
# 38: Daniel A. Murphy (murphy)      Thu, Apr 26, '90  (18:41)

 It will be interesting to see if electronically-circulated petitions
become common, as part of conventional signature-gathering campaigns.

Topic 333:  Californians seek Information Age Democracy -- print
# 39: Art (arb)      Thu, Apr 26, '90  (19:29)       2 lines

 Gee, Bobd, sounds like this project would have been a perfect
match for your Electronic Citizenship project with a Gateway!

Topic 333:  Californians seek Information Age Democracy -- print
# 40: Dave Hughes (dave)      Sun, Apr 29, '90  (07:08)      29

 Any objection from posters so far to my copying this out for Colorado
candidate for Secretary of State Aaron Harber (D)?  (He is a Harvard grad,
serious challenger, owned two computer companies, and forced the current
incumbent to better automate the SecStates office last race. One of his
main themes is better citizen access to government, and he is ready for
fresh electronic communications ideas to show voters that the Repub Sec of
State is not doing all she could to use modern technology to give people
that access.

 He is mulling over my suggestion to use the state telecom network (sorry
US West) which is little used nights and weekends to put terminals in
county offices for free citizen access to state government in Denver across
a wide range of info - including state laws, regs, voter lists, licensing
data, candidate reports etc)  He might find this useful to think how to
break out of the traditional mind-set about where/how 'official' political
information is stored/distributed.

 It seems to me that the objection above about individual citizens not
being that interested in mountains of facts misses a point. There are
always local activists who would scour such facts, extract useful info, and
present to local people. If they had timely, cheap, and total access to
publicly stored info.  Media is supposed to be doing this 'for the voters'
and up to a point, on hot 'mass interest' topics do. But news media are
decliningly useful sources of information about government.

Topic 333:  Californians seek Information Age Democracy -- print
# 42: Jeff Aldrich (jefrich)      Tue, May  1, '90  (21:45)

 the latest signature count has too many printed petition forms from all
over the state for me to trace back to the well.  I suspect several came
from Wellies...thanks for the effort

 Bob, my research has yet uncovered a 'model access' amendment.  If we
can't come up with one ready-made, anyone with ideas on using resources
here in the Well to pull one together for Calif.  in '92?  Or failing that,
what about ideas on our ability to pull the industry together to support
such an effort?

      +-+-+-+-+-+ END OF WELL CONFERENCE +-+-+-+-+-+

Most of the discussion in the WELL conference focused on the politics
behind the measure, rather than looking at benefits extended to the
electronic community.  It's said that timing in politics is everything.  If
concerns about Operation Sundevil had been two months earlier, or our
filing deadlines two months later, The FAIR REDISTRICTING INITIATIVE would
have collected enough signatures to qualify for the November General

Initiative '92 -- Computer Rights and Economic Impact on Business

We learned a lot about the online community from distributing the ballot
measure earlier this year -- from identifying politically active systems
statewide, to distribution, to political issues considered palatable by the
electronic community.  Successful efforts to promote computer rights and
industry growth utilizing the electronic distribution initiative process in
California offer a range of policy issues including, but not limited to,
the following:

legislative info in data format dispensed at no cost to info service
companies providing educational access; incentives for development of rural
telecommuting centers, including a) increased rate of return on investment
for rural telephone utilities, b) redirecting transportation funds to
reduce site construction and development costs, c) business tax incentives
for participation in rural telecommunicating centers; revision of computer
crime statutes and enforcement procedures; association member access to,
and use of, California State University computer systems for the purpose of
increasing international trade in conjunction with the California State
World Trade Commission, and; add telecommuting projects to the smart
Freeway Corridor Telecommunications Demonstration Project by redirection of
Federal Transportation Appropriations.

There is no question all of these items will be considered in the drafting
of a 1992 California ballot measure.  The measure will also include
language mandating that computer telecommunications become a state
constitutional right.  Many of the issues listed above have the potential
to create positive economic impact for general business, trade associations
and specific computer industries.  As a focal point of the initiative,
Rural telecommuting development cuts to a broad based, organized

I've been retained by clients interested in forming a committee to sponsor
development of this initiative.  I have been asked to determine the
support, if any, of others interested in forming a sponsor committee.  And
to determine if the level of this support is sufficient to justify further

   Committee membership guidelines:

   Committee Member Sponsor  $7,500.00     < per 1 vote >

   Total Committee Member Sponsors            < ten >

   Minimum Committee Member Sponsors to vest  < five >

   Committee will vest January 7, 1991.

   Letters of intent to fund are due and payable no latter than
   January 4, 1991.  Failure to vest refunds are due and payable
   January 17, 1991.

For more information concerning the formation of this ballot
measure committee, contact:

                          Jeff Aldrich
jefrich@well.ca.us        Aldrich & Associates,
Voice: (707)426-1679      Political Consulting
Fax:   (707)425-9811      2791F North Texas, Suite 341
                          Fairfield, CA 94533

                           >> END OF THIS FILE <<


From: John and Barbara McMullen
Subject: The Riggs Sentencing (reprint from Newsbytes)
Date:  November 21, 1990

(The following articles, by John and Barbara McMullen, were originally
published in Newsbytes. They are reprinted with permission. They corrects
some errors in the original AP wire service story reported in the last
issue of CuD).



 ATLANTA, GEORGIA, U.S.A., 1990 NOV 19 (NB) -- Robert J. Riggs,
 Adam E. Grant and Franklin Darden, who pleaded guilty in July to various
 charges relating to computer break-ins to systems of BellSouth, have been
 sentenced by U.S. District Judge Owen Forrester to prison sentences and
 ordered to make financial restitution of $233,000 to BellSouth.  Riggs,
 who had pleaded guilty to one conspiracy count and could have received a
 maximum sentence of five years in prison and a $200,000 fine, was
 sentenced to a 21-month prison term and was ordered to begin serving the
 sentence on February 15th. Darden, who faced similar penalties, received
 14 months as did Grant. Grant had pleaded guilty to possessing 15 or more
 BellSouth access devices with the intent to defraud and faced a maximum
 penalty of 10 years in prison and a $250,000 fine. In sentencing Grant and
 Darden, Judge Forrester stipulated that seven months of their sentences
 may be served in a halfway house. Grant and Darden are scheduled to report
 for confinement on January 4th.

 Craig Neidorf, who had been indicted for publishing an electronic
 document which Riggs admitting copying from BellSouth's files, expressed
 surprise at the sentence, telling Newsbytes "The sentence seems severe
 when one considers the lesser sentence given to Robert Morris who
 disrupted thousands of computers and caused untold financial expense to
 those who had to undo the damage that he caused. I am not saying that
 Morris should have received a harsher penalty; I'm saying rather that the
 Atlanta sentences seem disproportionate. I don't know much about all of the
 Atlanta charges but the testimony concerning them at my case did not
 indicate that there had been great financial damage to anyone because of
 the actions of these three."

 Neidorf also questioned the determination of damages in the case, saying
 "I hope that the damages claimed by BellSouth have been well scruitinized
 by the government. You may remember that, before the charges against me
 were dismissed, BellSouth had claimed that the value of the document in
 question was over $70,000. It turned out that the document was available
 in print for under $20. Riggs, Darden and Grant had already pleaded guilty
 when this gross overstatement came out. I hope, for justice's sake, that
 the restitution awarded actually relates to substantiated damages."

 Kent Alexander, Assistant U.S. Attorney, told Newsbytes that he "is
 comfortable with the method under which the damages were determined." He
 also clarified the order for restitution, saying that Riggs, Darden and
 Grant are jointly responsible for the $233,000 and that each of them is
 individually liable for the entire amount should the others default in

 Alexander had, in July, told Newsbytes that the plea agreement entered
 into by the defendants "allows the United States Attorney's office to, in
 return for substantial assistance from the defendants, to ask for a
 downward departure from the sentencing guidelines. The substantial
 assistance referred to includes debriefing by the Secret Service and
 truthful testimony in other related computer cases." Alexander confirmed,
 in his current comments to Newsbytes, that the sentences given were, in
 fact, downward departures from the sentencing guidelines.

 New York State Police Senior Investigator Donald Delaney, who has been at
 the forefront of New York State investigations into computer crime,
 commented on the sentencing to Newsbytes, saying "I think that the
 sentence is significant and appropriate given the severity of the crimes.
 I hope that this sends a message to others engaged in telecommunications
 fraud that such actions can result in actual jail terms."

 (Barbara E. McMullen & John F. McMullen/19901119)


 ATLANTA, GEORGIA, U.S.A., 1990 NOV 20 (NB) -- In response to questions by
 Newsbytes concerning the rationale underlying the sentences received by
 Robert J. Riggs, Adam E. Grant and Franklin E. Darden, Jr.  on November
 16th for activities involving illegal access to computer systems of
 BellSouth, Assistant United States Attorney for the Northern District of
 Georgia Kent B. Alexander has released the "Government's Sentencing
 Memorandum And S.G. & 5K1.1 Motion".  This 21 page document, prepared by
 Joe D. Whitney, United States Attorney for the Northern District of
 Georgia, and Alexander and sent to United States District Court Judge J.
 Owen Forrester, puts forth the factors which the prosecuting attorneys
 wish the judge to consider in determining sentence.

 The memorandum states "Although the government is going to recommend a
 downward departure from the Sentencing Guidelines, the three defendants
 are clearly criminals who have caused a significant amount of damage and
 should be punished accordingly. Moreover, the computer hacker world is
 watching this case very closely, and the Court should send a message that
 illegal computer activities will not be tolerated" (The word "hacker" is
 footnoted and explained by saying "The government uses the term 'hacker'
 to describe a person who uses computers for criminal activity. The Court
 should note, however, that the term 'hacker' can also be used to describe
 legitimate computer users. At one time all computer users were known as
 'hackers' and some computer users still identify themselves as

 In explaining the gravity of the crimes, the memorandum states  "In all,
 they stole approximately $233,800 worth of logins/passwords and connect
 addresses (i.e. access information) from BellSouth.  BellSouth spent
 approximately $1.5 million in identifying the intruders into their system
 and has since spent roughly $3 million  more to further secure their

 In explaining the perceived need to send a message to the  "hacker
 community", the memorandum points out that the last  federally prosecuted
 adult criminal hacker, Robert Morris,  Jr. received probation and that
 that sentence was followed  very closely by 'hackers' throughout the
 nation.  The  memorandum states "Any sentence that does not include
 incarceration would send the wrong message to the hacking  community; that
 is, that breaking into computer systems is  not really a crime."

 The document also states that "All three defendants have  provided
 significant cooperation that has fueled further  investigation into the
 activities of a number of computer  hackers throughout the country."
 Because of this  cooperation, the "government moves for this Court to make
 a  downward departure pursuant to S.G. 5k1.1 in the amount of three levels
 for defendants Grant and Darden and two levels  for defendant Riggs." The
 memorandum then details the  cooperation of each of these defendants in
 cases involving  Craig Neidorf in Chicago and an unnamed "fellow Legion of
 Doom member" in Detroit. The memorandum also explains why a  lesser
 departure is recommended for Riggs - "Defendant Riggs strikes the
 undersigned counsel as an unusually quiet  and pensive person. Throughout
 the investigation, he has  been cooperative, but because of his nature, he
 sometimes  comes across as uninterested and evasive. The bottom line  is
 that he provided helpful information that furthered  several
 investigations around the country, though his  assistance was not as
 substantial as that of Grant and  Darden; hence the recommendation of only
 a two-level  departure." An earlier conviction for Riggs related to
 computer fraud was also mentioned.

 In the actual sentencing by Judge Forrester, Grant and  Darden received 14
 months incarceration of which 7 will be  in a half-way house  while Riggs
 received 21 months incarceration . Additionally, they were directed to
 make  restitution payments to BellSouth of $233,000.

 In a conversation with Newsbytes, the aforementioned Craig Neidorf
 questioned the determination of damages in the case, saying "I hope that
 the damages claimed by BellSouth have been well scrutinized by the
 government. You may remember that, before the charges against me were
 dismissed, BellSouth had claimed that the value of the document in
 question was over $70,000. It turned out that the document was available
 in print for under $20. Riggs, Darden and Grant had already pleaded guilty
 when this gross overstatement came out. I hope, for justice's sake, that
 the restitution awarded actually relates to substantiated damages." An
 examination of the sentencing memorandum finds that the E911 file, "the
 subject of the Chicago indictment" was estimated by Bob Kibler of
 BellSouth Security to be valued, based on R&D costs, at $24,639.

 Kent Alexander, Assistant U.S. Attorney, told Newsbytes that he "is
 comfortable with the method under which the damages were determined." He
 also clarified the order for restitution, saying that Riggs, Darden and
 Grant are jointly responsible for the $233,000 and that each of them is
 individually liable for the entire amount should the others default in

 The Department of Justice release also stated "The United  States Attorney
 commented that most computer users engage  in legal and constructive
 activities. Criminal hackers,  however, who break into computer systems of
 others, are  breaking the law and will be prosecuted accordingly."

 (Barbara E. McMullen & John F. McMullen/19901119)

                           >> END OF THIS FILE <<


From: Jim Warren (jwarren@well.sf.ca.us)
Subject: First Conference on Computers, Freedom & Privacy
Date: Undated

%One good consequence of Operation Sun Devil has been the increased
awareness of the need to address issues of ethics, computer rights, and
computer abuse. The following conference is an attempt to bring a variety
of individuals and groups together to exchange information and

March 25-28, 1991, Monday-Thursday
SFO Marriott Hotel, reservations: 800-228-9290
San Francisco Airport, 1800 Old Bayshore Hwy, Burlingame CA 94010

Electronic Networking Association
Videotex Industry Association
Electronic Frontier Foundation
The WELL, Portal Communications
[as of 11/23/90, more expected shortly]
Sponsor: Computer Professionals for Social Responsibility

1.  The Constitution in the Information Age [opening session]
coordinator: Jim Warren;  Chair: Jim Warren
  Introductory remarks; then, major policy proposal regarding electronic
communications and Constitutional rights.
speaker:  Professor Lawrence Tribe, Harvard Law School

2.  Trends in Computers & Networks
coordinator: Peter Denning;  Chair: Peter Denning
  Overview and prognosis of computing capabilities and networking as they
impact personal privacy, confidentiality, security, one-to-one & many-to-one
communication, and access to information about government, business & society.

3.  Public-Sector Information About Individuals
coordinators: Les Earnest, Bruce Koball;  Chair:
  Collection, verification, use, sharing and protection of, and access to and
responsibility for personal information, by government agencies, such as
census, voter, tax,  license, permit and criminal records.

4.  Private-Sector Information About Individuals
coordinators: Les Earnest, Bruce Koball;  Chair:
  Collection, marketing, verification, use and protection of, and access to
and responsibility for personal information, by private organizations, such as
banking, credit, health, consumer, employment, family & lifestyle information.

5.  International Perspectives & Impacts
coordinator: Mark Graham;  Chair:
  Other nations' models for protecting personal information and communication,
and granting access to government information; existing and developing laws;
requirements on trans-national dataflow, personal expression & accountability.

6.  Law Enforcement Practices and Problems
coordinators: Dorothy Denning, Glenn Tenney;  Chair:
  Issues relating to investigation, prosecution, due process and deterrence
of computer crimes, now and in the future; using computers to aid law

7.  Law Enforcement and Civil Liberties
coordinators: Dorothy Denning, Glenn Tenney;  Chair:
  Interaction of computer crime, law enforcement, and civil liberties; issues
of search and seizure, sanctions, and shared or networked equipment, software
and information.

8.  Legislation & Regulation
coordinators: Marc Rotenberg, Elliot Fabric;  Chair:
  Legislative and regulatory roles in protecting privacy and insuring access;
legal problems posed by computing and computer networks; approaches to
improving related government decision-making.

9.  Computer-Based Surveillance of Individuals
coordinators: Les Earnest, Bruce Koball;  Chair:
  Monitoring electronic-mail, public & private teleconferences, electronic
bulletin boards, publications and subscribers; tracking individuals' location,
work performance, buying habits & lifestyles; pattern recognition & profiling

10. Ethics and Education
coordinators: Dorothy Denning, Glenn Tenney;  Chair:
  Ethical principles for individuals, system administrators, organizations,
corporations, and government; copying data, copying software, distributing
confidential information; relations to computer education and computer law.

11. Electronic Speech, Press and Assembly
coordinators: Marc Rotenberg, Elliot Fabric;  Chair:
  Freedoms and responsibilities regarding electronic speech, public and
private electronic assembly, electronic publishing, prior restraint and
chilling effects of monitoring.

12. Access to Government Information
coordinator: Mark Graham;  Chair:
  Implementing individual and corporate access to federal, state & local
information about communities, corporations, legislation, administration, the
courts and public figures; allowing access while protecting confidentiality.

13. Where Do We Go From Here? [closing session]
coordinator: Jim Warren;  Chair: Jim Warren
  Perspectives and recommendations of participating groups, proposed next
steps to protect person privacy, protect fundamental freedoms and encourage
responsible policies and action.

                           >> END OF THIS FILE <<


From: chron!magic322!edtjda@UUNET.UU.NET(Joe Abernathy)
Subject: Hackers Break into DEA Lines
Date: Wed, 21 Nov 90 17:32:59 CST

     " Hackers break into DEA lines:  Long-distance Service the Target"
         From:  Houston Chronicle, Saturday, Nov. 17, 1990 (p. 1A)
           By JOE ABERNATHY  (Copyright 1990, Houston Chronicle)

Computer hackers and others stole long distance service worth up to $1.8
million from the government through the Houston offices of the Drug
Enforcement Administration, the agency acknowledged Friday.

"We became aware of it last spring," said DEA spokesman Thomas Lentini.
"Southwestern Bell telephone security told us that they suspected somebody
was hacking into our FTS system. That's the Federal Telephone System."

The agency cannot estimate the precise value of the long distance service
since it used a dedicated line without per-call billing.  But an Arizona
prosecutor who specializes in computer fraud has estimated that such a
breach can use service worth at least $100,000 a month.

Self-described hackers told the Houston Chronicle that hundreds of people
around the nation used the government phone lines over a period of 18

The DEA has taken measures to protect its system, Lentini said.

The thefts were discovered during a nationwide, previously undisclosed
Southwestern Bell investigation into the fraudulent use of phone credit

"There were some folks that were making unauthorized use of customers'
credit cards," said Ken Brasel, Southwestern Bell spokesman. "In our
investigation of these people we discovered that they had used these credit
cards to call a local number which turned out to be the DEA."

By punching in an access code after connecting with this number, callers
could place outgoing calls using the federal government's dedicated,
private phone lines.

"You just had to dial 8 and you could go anywhere," said a hacker who
brought the DEA system invasion to the Chronicle's attention.  "Hundreds
used it."

"A guy even walked up to me in Safeway once and asked if I'd heard about
the 221 PBX," said another hacker.

These two and other hackers, identifying themselves by their computer
system "handles" but declining to give their real names, discussed the
matter with a Chronicle reporter in a series of late-night conference calls
that they initiated.

PBX, or private branch exchange, is the name given to the telephone
switching systems used in medium to large companies, while 221 is the
downtown prefix of the three DEA lines offering access into the federal
phone system.

"The way the system works is we call an access number that puts us into
FTS, then we can call anywhere," Lentini said, explaining that the system
was dedicated to upper management's use, typically for calls to Washington.

"In effect, they have their own WATS line," Brasel said. "When they talk
from here to Washington, they don't go through an AT&T operator."

The phone lines were used both for normal calls and for computer data
telecommunications, hackers said, and calls were placed around the world.

According to the Arizona state attorney general's office, which has become
renowned for its vigorous pursuit of hackers, PBXs are a prime source for
overseas phone fraud, and give hackers a layer of security. If a call is
traced,it is traced back to the company that owns the PBX, not to the

"In the last two years it's just skyrocketed in terms of international"
calls, said Gail Thackeray, an assistant attorney general in Arizona. "All
of the long distance carriers are under siege."

Thackeray estimated in a recent Chronicle interview that PBX abuse will
cost industry $500 million this year. According to her formulas, the DEA
hackers may have used service worth $100,000 or more during each of the 18
months in which the agency's phone system was compromised.

"We have some anti-social, fairly dangerous hackers out there because of
the size of tools they have," Thackeray said.

Assisted by computers, the hackers find the PBX numbers through trial and
error by calling all available numbers in a prefix. "Numbers get passed
around like a stock commodity," said one.

A breach can go undetected for a long time because the government doesn't
render bills on its dedicated phone lines.

"Once the break-in was discovered, we immediately changed the access
number," Lentini said.

"We worked with Southwestern Bell trying to determine who the culprit was
and we just couldn't do it," he said. "They were getting into it from pay
telephones" as well as from residences and places of employment.

"Southwestern Bell is still monitoring our lines for indicators that
they're hacking into it again."

Referring to the larger investigation of credit card fraud, Brasel urged
that consumers exercise caution.

"What these guys were doing is calling up and saying 'We're from AT&T and
we've had a computer failure' and they say 'We need your credit card number
and your PIN (personal identification number),' " he said. "That's like
giving someone the key to the bank vault. You just don't do that."


                           **END OF CuD #2.13**