💾 Archived View for spam.works › mirrors › textfiles › hacking › ripco.txt captured on 2023-06-14 at 16:56:12.

View Raw

More Information

-=-=-=-=-=-=-

DR. RIPCO SEIZURE

COPYRIGHT (C) 1991 BY FULL DISCLOSURE. ALL RIGHTS RESERVED.

On May 8, 1990, Agents of the United States Secret Service, along with police 
and telephone company security personnel executed thirty-two search warrants 
across the United States as part of a two year investigation into the 
activities of computer hackers.

Full Disclosure's investigative reporting team was able to obtain the 
application for one of the searches that occurred in Chicago, Illinois 
(actually two identical warrants, one for the business and one for the 
residence address of a computer bulletin board (BBS) system operator).

Copies of a number of other search & seizure warrants were also obtained. 
First we will examine the two kinds of warrants and then look at the 
specifics of the May 8, 1990 warrant executed in Chicago, Illinois.

The application forms for both types of warrants are nearly identical, except 
for a key concept. The identification, government agent, and notary parts are 
the same. The purpose of the application is where the difference comes in.

The search warrant application form reads as follows: ``I am a(n) 
[official title] and have reason to believe that [] on the person of or [] on 
the property or premises know as (name, description and/or location) 
[property address], in the Northern District of Illinois there is now 
concealed a certain person or property, namely (describe the person or 
property to be seized) [descrip<>tion] which is (state one or more bases for 
search and seizure set forth under rule 41(n) of the Federal Rules of 
Criminal Procedure) concerning a violation of Title [ ] United States code, 
Section(s) [ ]. The facts to support a finding of Probable Cause are as 
follows:...'' [Emphasis added]

The seizure warrant application form reads as follows: ``I am a(n) 
[official title] there is now certain property which is subject to 
forfeiture to the United States, namely (describe property to be seized) 
[property description], in the Northern District of Illinois which is (state 
one or more reasons for seizure under the United States Code) concerning a 
violation of Title [ ] United States code, Section(s) [ ]. The facts to 
support a finding of Probable Cause for issuance of a Seizure Warrant are as 
follows:...'' [Emphasis added]

The content of the applications varies in what is being sought, also. For 
example, in one search warrant application seeking a warrant to search a 
computer system in Lockport, Illinois, the applicant stated in part: ``My 
investigation has revealed that on or about October 5, 1989, Richard Andrews 
and Leonard Rose transported a stolen or fraudulently obtained computer 
program worth $77,000.00 from Middle Town, Maryland to Naperville, Illinois 
and then to Lockport, Illinois.'' This affidavit was not part of the May 
8, 1990 series of ``Sundevil'' warrants.

Along with the other information provided in the application lead the 
Magistrate to conclude that there was probable cause that evidence of a crime 
would be found on the computer in Lockport. A search warrant was issued.

The application for a seizure warrant (filed by the Chicago Police Department 
in Federal Court), however, was directed toward a different end: ``Our 
investigation has revealed that Rufus Sims is a major narcotics dealer 
operating primarily on the west side of Chicago. Since February 1989, the 
United States has seized over $1.2 million in assets, including three parcels 
of real estate (including an apartment building), numerous auto-mobiles and 
over $650,000 in currency, that are the proceeds of Rufus Sims' narcotics 
activity. Rufus Sims has not attempted to dispute the forfeiture of any of 
this property or contested the fact that the property is narcotics proceeds. 
. . . Our investigation has revealed that there is a safe deposit box 
registered to Steven Sims at Austin Bank of Chicago, 5645 West Lake Street, 
Chicago, Illinois. Based upon what our previous investigation has revealed 
about the manner in which Rufus Sims conceals his narcotics proceeds, often 
using safe deposit boxes registered in the names of friends and family 
members, and based upon Steven Sims' direct involvement in Rufus Sims' 
organization and his participation in the handling of narcotics proceeds with 
Rufus Sims, I believe that this safe deposit box contains proceeds of 
narcotics transactions and that such contents are subject to forfeiture 
pursuant to 21 U.S.C. 881(a)(6).''

In short, the search warrant is to seek out evidence of a crime and may 
involve the seizure of property for evidential purposes. The seizure warrant 
is for transferring assets from an individual to the government because the 
government is statutory ``owed'' those assets for some reason. In essence the 
seizure warrant imposes a punishment without trial or such legal activities 
as the average citizen equates with due process.

The May 8, 1990 warrant executed in Chicago, Illinois as part of the 
nationwide sweep was not a search warrant. Rather it sought ``property 
which is subject to forfeiture to the United States'' was located at a 
particular location, being the location of a computer bulletin board named 
``Dr. Ripco.''

From the start it was curious that Dr. Ripco was served a seizure warrant 
seeking forfeiture of his computer equipment when the government was 
apparently seeking evidence of the crimes of computer hackers. However, an 
interview with the system operator disclosed that after his equipment was 
carted off on May 8, 1990 he hadn't heard back. No arrest was forthcoming, 
not even an interview.<M^>*1

Why was the system seized? The Secret Service employed a confidential 
informant (CI 404-235) who accessed Dr. Ripco over three dozen times in 1989 
and over a dozen in 1990. He is reported to have regularly seen messages 
posted by other users which contained long distance carrier customer 
authorization codes, references to hacking, and to credit cards and credit 
bureaus.

Some of the messages in question were quoted in the warrant application. A 
number of them that provided long distance access codes also had verification 
by the long distance carrier that such codes had or had not been used 
fraudulently. Additionally, CI 404-235 and one of the board users arranged 
(apparently by way of private electronic mail on Dr. Ripco) to exchange 
credit card numbers for long distance access codes. CI 404-235 was given 
special authorization codes by U.S. Sprint to use for this purpose. No 
mention is made as to whether any fraudulent calls were made on that 
authorization code, nor whether the credit card numbers received by CI 
404-235 would pass the cursory verification requested by retailers. Nor are 
there any presented allegations that any attempts were made to utilize the 
credit card numbers.

What did the system operator do? The application fails to allege that the 
system operator was in any was involved in telecommunications fraud, credit 
card fraud, or any other crime. In its definitions of BBS and system 
operators it presents a picture where the job of being a system operator is 
time consuming due to the volume of messages that have to be reviewed.

No statutes are cited defining any obligations or responsibilities of system 
operations to either control the content of messages on their system, nor 
report ``illegal'' messages to any authorities.

It only by implication states that the Dr. Ripco system operator didn't 
fulfill their unsupported claim that a system operator has some obligation to 
control content of messages: ``[s]pecial Agent Lawson's investigation has 
further determined that the access codes posted on the RIPCO BBS are not 
concealed from the system administrator of the bbs and could be seen by the 
system administrator of the bbs during an examination.''

Part of the application's definition of the responsibility of the system 
operator is the ability to read every message on the system, including 
private electronic mail messages. The Electronic Communications Privacy Act 
of 1986 raises legal questions about the right of a system operator to do so, 
contrary to whatever technical abilities might exist. Similar to the 
prohibitions of telephone company personnel taping phone lines.

The application is also silent about what efforts Dr. Ripco's system 
administrator took to delete such messages if and when he discovered them. 
Assuming that he didn't review, or that if he did review them, didn't delete 
any messages, it is not clear that as merely as the provider of an electronic 
communications service he is anymore liable for the content of messages, than 
the telephone companies are liable for the content of conversations their 
equipment carries. There were no allegations in the warrant application that 
the system operated posted any such information.

There are many legal questions regarding the liability of BBS operators with 
respect to message content on their services, legal responsibility to review 
public and/or private messages raised by this case.

The action taken in this case appears to be directed at solving the computer 
crime problem by indirect means. There are no allegations of criminal 
activity by the system operator. Rather than issue a subpoena to the system 
operator (under the Electronic Communications Privacy Act of 1986) for 
applicable records and messages of those users that were involved in criminal 
activity, they took an unique route.

They declared that third party equipment used by numerous members of the 
public, including some who might have engaged in criminal activity (Full 
Disclosure has been unable to find any federal criminal court cases relating 
to the Dr. Ripco users named in the application that were involved in credit 
card/long distance authorization access code trading) to be subject to 
forfeiture to the United States. A court order was then obtained without the 
knowledge or the ability of the owner to contest such proceeding.

The same technique used against other electronic communications providers 
would be considered so outrageous as to not even be attempted; seizing AT&T 
long distance microwave links, for example, because some drug dealers 
arranged a deal in a conversation that was carried by them. However, many see 
BBS systems as a threat to the power structure as they allow any individual 
to reach a broad audience with his opinions. The power to reach a vast 
audience with a political opinion has till now been limited to a select few.

Mixing up the problem of those desiring criminal intent with those simply 
exercising first amendment rights is surely an effective method of smearing 
those with no bad intent. Subjecting those who desire to provide a wide-area 
public communications system to average members of the public to arbitrary 
punishment because a few miscreants act inappropriately is as absurd as 
seizing a long distance network over a drug dealers conversation.


Rufus Sims (as of January 7th, 1991) had never been charged with any federal 
crime, even though the federal government had been seizing narcotics assets 
since February 1989.

The above is reprinted from Full Disclosure Newspaper. Subscribe today and 
get interesting articles like the above, plus more... pictures, graphics, 
advertisement, and more articles. Full Disclosure is your source for 
information on the leading edge of surveillance technology. Print the 
following form, or supply the information on a plain piece of paper:

----

Please start my subscription to Full Disclosure for:

[ ] Sample issue, $2.00

[ ] 12 issue subscription, $18.00

[ ] 24 issue subscription, $29.95
     With 24 issue susbcription include free one of the following:
         [ ] Directory of Electronic Surveillance Equipment Suppliers
         [ ] Citizen's Guide on How to Use the Freedom of Info/Privacy Acts
         [ ] Maximizing PC Performance

Also available separately:

[ ] Directory of Electronic Surveillance Equipment Suppliers, $6.00

[ ] Citizen's Guide on How to Use the Freedom of Info/Privacy Acts, $5.00

[ ] Maximizing PC Performance, $6.00

    Illinois residences, add 6.5% sales tax on above 3 items.

Enclosed is payment in the form of:

[ ] Check/Money order, [ ] Visa, [ ] Mastercard

Card no:___________________________________ Exp date:_______

Signature:__________________________________________________

Phone:______________________________________________________
(required for credit card orders)

My name/address:

Name:_______________________________________________________

Street:_____________________________________________________

City/State/Zip:_____________________________________________

Return to: Full Disclosure, Box 903, Libertyville, Illinois 60048