Copy Link
Add to Bookmark
Report
Computer Undergroud Digest Vol. 05 Issue 30
Computer underground Digest Sun Apr 25 1993 Volume 5 : Issue 30
ISSN 1004-042X
Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
Archivist: Brendan Kehoe
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cyop Editor: Etaoin Shrdlu, Senior
CONTENTS, #5.30 (Apr 25 1993)
File 1--New disclosures in 2600 cas
File 2--Press release on "Clipper Chip" encryption initiative
File 3--THE CLIPPER CHIP: A TECHNICAL SUMMARY
File 4--Sysop jailed in Georgia (article by Lance Rose)
File 5--Phone Fraud in the Telecom Industry
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The
editors may be contacted by voice (815-753-6430), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL0 and DL12 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG
WHQ) 203-832-8441 NUP:Conspiracy
CuD is also available via Fidonet File Request from 1:11/70; unlisted
nodes and points welcome.
EUROPE: from the ComNet in Luxembourg BBS (++352) 466893;
ANONYMOUS FTP SITES:
UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud
uglymouse.css.itd.umich.edu (141.211.182.53) in /pub/CuD/cud
halcyon.com( 202.135.191.2) in /pub/mirror/cud
AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD.
EUROPE: nic.funet.fi in pub/doc/cud. (Finland)
ftp.warwick.ac.uk in pub/cud (United Kingdom)
Back issues also may be obtained through mailserver at:
server@blackwlf.mese.com
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
----------------------------------------------------------------------
From: David Sobel <dsobel@WASHOFC.CPSR.ORG>
Date: Wed, 21 Apr 1993 22:19:29 EST
Suject: File 1--New disclosures in 2600 cas
As you may recall, last November at a shopping mall outside of
Washington, DC, a group of people affiliated with the computer
magazine "2600" was confronted by mall security personnel, local
police officers and several unidentified individuals. The group
members were ordered to identify themselves and to submit to searches
of their personal property. Their names were recorded by mall
security personnel and some of their property was confiscated.
However, no charges were ever brought against any of the individuals
at the meeting.
Computer Professionals for Social Responsibility ("CPSR") filed suit
under the Freedom of Information Act and today received the Secret
Service's response to the FOIA lawsuit, in which we are seeking agency
records concerning the break-up of the meeting. I think it's safe to
say that our suspicions have now been confirmed -- the Secret Service
*did* obtain a list of names from mall security identifying the people
in attendance at the meeting.
There are three main points contained in the Secret Service's court
papers that are significant:
1) The agency states that the information it possesses concerning the
incident was obtained "in the course of a criminal investigation that
is being conducted pursuant to the Secret Service's authority to
investigate access device and computer fraud."
2) The agency possesses two relevant documents and the information in
those documents "consists solely of information identifying
individuals."
3) The information was obtained from a "confidential source," and the
agency emphasizes that the FOIA's definition of such a source includes
"any private institution which provided information on a confidential
basis."
Taken together, these facts seem to prove that the Secret Service
wanted names, they had the mall security people collect them, and they
came away from the incident with the list they wanted.
The agency asserts that "[t]he premature release of the identities of
the individual(s) at issue could easily result in interference to the
Secret Service's investigation by alerting these individual(s) that
they are under investigation and thus allowing the individual(s) to
alter their behavior and/or evidence."
CPSR, in conjunction with EFF and the ACLU, is planning to challenge
the actions of the mall security personnel, the local police and the
Secret Service on the ground that the incident amounted to a
warrantless search and seizure conducted at the behest of the Secret
Service.
David Sobel
CPSR Legal Counsel
dsobel@washofc.cpsr.org
------------------------------
Date: Mon, 19 Apr 93 19:12:48 PDT
From: ross@QCKTRN.COM(Gary Ross)
Suject: File 2--Press release on "Clipper Chip" encryption initiative
Date - Mon, 19 Apr 1993 16:44-0400
From - The White House <uunet!compuserve.com!75300.3115>
Subject - Press release on "Clipper Chip" encryption initiative
THE WHITE HOUSE
Office of the Press Secretary
++++++++++++++++++++++++++++++++++++
For Immediate Release April 16, 1993
STATEMENT BY THE PRESS SECRETARY
The President today announced a new initiative that will bring the
Federal Government together with industry in a voluntary program to
improve the security and privacy of telephone communications while
meeting the legitimate needs of law enforcement.
The initiative will involve the creation of new products to accelerate
the development and use of advanced and secure telecommunications
networks and wireless communications links.
For too long, there has been little or no dialogue between our private
sector and the law enforcement community to resolve the tension
between economic vitality and the real challenges of protecting
Americans. Rather than use technology to accommodate the sometimes
competing interests of economic growth, privacy and law enforcement,
previous policies have pitted government against industry and the
rights of privacy against law enforcement.
Sophisticated encryption technology has been used for years to protect
electronic funds transfer. It is now being used to protect electronic
mail and computer files. While encryption technology can help
Americans protect business secrets and the unauthorized release of
personal information, it also can be used by terrorists, drug dealers,
and other criminals.
A state-of-the-art microcircuit called the "Clipper Chip" has been
developed by government engineers. The chip represents a new approach
to encryption technology. It can be used in new, relatively
inexpensive encryption devices that can be attached to an ordinary
telephone. It scrambles telephone communications using an encryption
algorithm that is more powerful than many in commercial use today.
This new technology will help companies protect proprietary
information, protect the privacy of personal phone conversations and
prevent unauthorized release of data transmitted electronically. At
the same time this technology preserves the ability of federal, state
and local law enforcement agencies to intercept lawfully the phone
conversations of criminals.
A "key-escrow" system will be established to ensure that the "Clipper
Chip" is used to protect the privacy of law-abiding Americans. Each
device containing the chip will have two unique
"keys," numbers that will be needed by authorized government agencies
to decode messages encoded by the device. When the device is
manufactured, the two keys will be deposited separately in two
"key-escrow" data bases that will be established by the Attorney
General. Access to these keys will be limited to government officials
with legal authorization to conduct a wiretap.
The "Clipper Chip" technology provides law enforcement with no new
authorities to access the content of the private conversations of
Americans.
To demonstrate the effectiveness of this new technology, the Attorney
General will soon purchase several thousand of the new devices. In
addition, respected experts from outside the government will be
offered access to the confidential details of the algorithm to assess
its capabilities and publicly report their findings.
The chip is an important step in addressing the problem of
encryption's dual-edge sword: encryption helps to protect the privacy
of individuals and industry, but it also can shield criminals and
terrorists. We need the "Clipper Chip" and other approaches that can
both provide law-abiding citizens with access to the encryption they
need and prevent criminals from using it to hide their illegal
activities. In order to assess technology trends and explore new
approaches (like the key-escrow system), the President has directed
government agencies to develop a comprehensive policy on encryption
that accommodates:
the privacy of our citizens, including the need to employ
voice or data encryption for business purposes;
the ability of authorized officials to access telephone
calls and data, under proper court or other legal order,
when necessary to protect our citizens;
the effective and timely use of the most modern technology
to build the National Information Infrastructure needed to
promote economic growth and the competitiveness of American
industry in the global marketplace; and
the need of U.S. companies to manufacture and export high
technology products.
The President has directed early and frequent consultations with
affected industries, the Congress and groups that advocate the privacy
rights of individuals as policy options are developed.
The Administration is committed to working with the private sector to
spur the development of a National Information Infrastructure which
will use new telecommunications and computer technologies to give
Americans unprecedented access to information. This infrastructure of
high-speed networks ("information superhighways") will transmit video,
images, HDTV programming, and huge data files as easily as today's
telephone system transmits voice.
Since encryption technology will play an increasingly important role
in that infrastructure, the Federal Government must act quickly to
develop consistent, comprehensive policies regarding its use. The
Administration is committed to policies that protect all American's
right to privacy while also protecting them from those who break the
law.
Further information is provided in an accompanying fact sheet. The
provisions of the President's directive to acquire the new encryption
technology are also available.
For additional details, call Mat Heyman, National Institute of
Standards and Technology, (301) 975-2758.
----- End Included Message -----
------------------------------
Date: Wed, 21 Apr 93 19:21:48 EDT
From: denning@cs.cosc.georgetown.edu (Dorothy Denning)
Suject: File 3--THE CLIPPER CHIP: A TECHNICAL SUMMARY
((REPRINTED FROM RISKS DIGEST, #14.52))
THE CLIPPER CHIP: A TECHNICAL SUMMARY
Dorothy Denning
Revised, April 21, 1993
INTRODUCTION
On April 16, the President announced a new initiative that will bring
together the Federal Government and industry in a voluntary program to
provide secure communications while meeting the legitimate needs of
law enforcement. At the heart of the plan is a new tamper-proof
encryption chip called the "Clipper Chip" together with a split-key
approach to escrowing keys. Two escrow agencies are used, and the key
parts from both are needed to reconstruct a key.
CHIP CONTENTS
The Clipper Chip contains a classified single-key 64-bit block
encryption algorithm called "Skipjack." The algorithm uses 80 bit
keys (compared with 56 for the DES) and has 32 rounds of scrambling
(compared with 16 for the DES). It supports all 4 DES modes of
operation. The algorithm takes 32 clock ticks, and in Electronic
Codebook (ECB) mode runs at 12 Mbits per second.
Each chip includes the following components:
the Skipjack encryption algorithm
F, an 80-bit family key that is common to all chips
N, a 30-bit serial number (this length is subject to change)
U, an 80-bit secret key that unlocks all messages encrypted with the chip
The chips are programmed by Mykotronx, Inc., which calls them the
"MYK-78." The silicon is supplied by VLSI Technology Inc. They are
implemented in 1 micron technology and will initially sell for about
$30 each in quantities of 10,000 or more. The price should drop as the
technology is shrunk to .8 micron.
ENCRYPTING WITH THE CHIP
To see how the chip is used, imagine that it is embedded in the AT&T
telephone security device (as it will be). Suppose I call someone and
we both have such a device. After pushing a button to start a secure
conversation, my security device will negotiate an 80-bit session key K
with the device at the other end. This key negotiation takes place
without the Clipper Chip. In general, any method of key exchange can
be used such as the Diffie-Hellman public-key distribution method.
Once the session key K is established, the Clipper Chip is used to
encrypt the conversation or message stream M (digitized voice). The
telephone security device feeds K and M into the chip to produce two
values:
E[M; K], the encrypted message stream, and
E[E[K; U] + N; F], a law enforcement field ,
which are transmitted over the telephone line. The law enforcement
field thus contains the session key K encrypted under the unit key U
concatenated with the serial number N, all encrypted under the family
key F. The law enforcement field is decrypted by law enforcement after
an authorized wiretap has been installed.
The ciphertext E[M; K] is decrypted by the receiver's device using the
session key:
D[E[M; K]; K] = M .
CHIP PROGRAMMING AND ESCROW
All Clipper Chips are programmed inside a SCIF (Secure Compartmented
Information Facility), which is essentially a vault. The SCIF contains
a laptop computer and equipment to program the chips. About 300 chips
are programmed during a single session. The SCIF is located at
Mykotronx.
At the beginning of a session, a trusted agent from each of the two key
escrow agencies enters the vault. Agent 1 enters a secret, random
80-bit value S1 into the laptop and agent 2 enters a secret, random
80-bit value S2. These random values serve as seeds to generate unit
keys for a sequence of serial numbers. Thus, the unit keys are a
function of 160 secret, random bits, where each agent knows only 80.
To genera}e the unit key for a serial number N, the 30-bit value N is
first padded with a fixed 34-bit block to produce a 64-bit block N1.
S1 and S2 are then used as keys to triple-encrypt N1, producing a
64-bit block R1:
R1 = E[D[E[N1; S1]; S2]; S1] .
Similarly, N is padded with two other 34-bit blocks to produce N2 and
N3, and two additional 64-bit blocks R2 and R3 are computed:
R2 = E[D[E[N2; S1]; S2]; S1]
R3 = E[D[E[N3; S1]; S2]; S1] .
R1, R2, and R3 are then concatenated together, giving 192 bits. The
first 80 bits are assigned to U1 and the second 80 bits to U2. The
rest are discarded. The unit key U is the XOR of U1 and U2. U1 and U2
are the key parts that are separately escrowed with the two escrow
agencies.
As a sequence of values for U1, U2, and U are generated, they are
written onto three separate floppy disks. The first disk contains a
file for each serial number that contains the corresponding key part
U1. The second disk is similar but contains the U2 values. The third
disk contains the unit keys U. Agent 1 takes the first disk and agent
2 takes the second disk. Thus each agent walks away knowing
an 80-bit seed and the 80-bit key parts. However, the agent does not
know the other 80 bits used to generate the keys or the other 80-bit
key parts.
The third disk is used to program the chips. After the chips are
programmed, all information is discarded from the vault and the agents
leave. The laptop may be destroyed for additional assurance that no
information is left behind.
The protocol may be changed slightly so that four people are in the
room instead of two. The first two would provide the seeds S1 and S2,
and the second two (the escrow agents) would take the disks back to
the escrow agencies.
The escrow agencies have as yet to be determined, but they will not
be the NSA, CIA, FBI, or any other law enforcement agency. One or
both may be independent from the government.
LAW ENFORCEMENT USE
When law enforcement has been authorized to tap an encrypted line, they
will first take the warrant to the service provider in order to get
access to the communications line. Let us assume that the tap is in
place and that they have determined that the line is encrypted with the
Clipper Chip. The law enforcement field is first decrypted with the
family key F, giving E[K; U] + N. Documentation certifying that a tap
has been authorized for the party associated with serial number N is
then sent (e.g., via secure FAX) to each of the key escrow agents, who
return (e.g., also via secure FAX) U1 and U2. U1 and U2 are XORed
together to produce the unit key U, and E[K; U] is decrypted to get the
session key K. Finally the message stream is decrypted. All this will
be accomplished through a special black box decoder.
CAPSTONE: THE NEXT GENERATION
A successor to the Clipper Chip, called "Capstone" by the government
and "MYK-80" by Mykotronx, has already been developed. It will include
the Skipjack algorithm, the Digital Signature Standard (DSS), the
Secure Hash Algorithm (SHA), a method of key exchange, a fast
exponentiator, and a randomizer. A prototoype will be available for
testing on April 22, and the chips are expected to be ready for
delivery in June or July.
ACKNOWLEDGMENT AND DISTRIBUTION NOTICE. This article is based on
information sB^Yided by NSA, NIST, FBI, and Mykotronx. Permission to
distribute this document is granted.
------------------------------
Date: Wed, 14 Apr 93 12:02:29 GMT
From: rwebb@nyx.cs.du.edu (Russell Webb)
Suject: File 4--Sysop jailed in Georgia (article by Lance Rose)
((MODERATOR'S NOTE: The following article comes from BOARDWATCH
Magazine, a monthly hardcopy summary of news and features devoted to
the BBS world. Subs are $36 for one year or $59 for two. Information
about BOARDWATCH can be obtained from Jack Rickard (editor) at
jrickard@teal.csn.org or by writing: BOARDWATCH; 7586 West Jewell Ave.,
Suite 200; Lakewood CO (80232)).
I ran into this article on a local NYC BBS. Lance Rose, the author,
has kindly granted permission for the article to be posted to
comp.org.eff.talk.
I haven't seen any discussions about this event on this newsgroup.
If I've missed any sort of prior discussion on this in comp.org.eff.talk,
then I offer my apologizes in advance for the use of bandwidth.
-Russell Webb
rwebb@nyx.cs.du.edu
+++++++
LEGALLY ONLINE
==============
SYSOP JAILED IN GEORGIA
+++++++++++++++++++++++
by Lance Rose
Adult BBS' continue to spread across the country. Many of them openly
carry industrial-strength hardcore materials, without much apparent
concern for legal reprisals. One might wonder if the sysops of these
BBS' are fools to proceed so fearlessly, or perhaps the vanguard of a
new era of online sexual liberation. More likely, they simply assume
the coast is clear. There is virtually no hard news about adult BBS'
or their operators getting into trouble. Murky rumors abound
(including some retold in this column several months ago), but they're
easy to shrug off in their vagueness.
The suspense is over. A man named Robert Houston is currently doing
time in a jail in Jackson, Georgia, based on the presence of sexually
oriented materials on the BBS he owned and operated. Ironically, he
seems to be one of the guys who took all the right precautions. In the
end, his prudent measures lost out to a repressive local cultural
climate and petty personal vengeance.
For over two years, Mr. Houston's quiet incarceration did not raise
even a murmur. Then suddenly, he showed up briefly in a segment of the
CNN news show Technology Week as an example of a sysop who got popped.
An interview with Mr. Houston was hastily arranged afterward, just in
time for this issue of Boardwatch. In a collect call from the Georgia
Diagnostic Center, Robert Houston described how he went from sysop of
an adult BBS to convicted felon:
Houston owned and operated a video store and repair shop in Georgia.
His BBS, a Wildcat system called the Stonewall BBS, was a hobby, and
did not net him any money. There was a sister BBS called "Stonewall
West" in California, but the two operations shared little but their
names.
The Stonewall BBS contained sexually-oriented adult materials, both
straight and gay varieties. Different types of adult materials were
separated from each other by security levels defined on the BBS. The
materials were relatively mild by adult BBS standards. According to
Houston, nothing on the BBS was racier than what one might find in
Hustler, a popular magazine nationally distributed on newsstands.
There were no files with extreme material such as child pornography or
bestiality. There was also a popular chat area, which Houston
describes as the BBS version of a 900 sex talk line. using computers
to converse instead of our voices.
These areas and materials were closed to casual visitors. Anyone
wishing access to the adult materials on Stonewall BBS first had to
pass through Houston's hair-raisingly exhaustive verification
procedures. On the first call to Stonewall, each caller had to fill in
a standard questionnaire of personal information - name, address, age,
phone number, and so on. Upon completion, the caller was asked if he
desired access to any of the adult areas of the BBS. If the answer was
yes, the caller was asked which category of materials interested him,
and what kind of lifestyle he led. Houston says he used this
classification to try and group together people of similar interests
within the system. Houston himself was gay, and had a fair amount of
gay-oriented materials on the system.
Next, all callers, regardless of whether they filled out both
questionnaires or only the first one, were placed in the "new users
romper room" area of Stonewall. Callers still wishing to proceed with
registration were then led into an automated callback verification
sequence, where the BBS software called back the number submitted by
the caller. After callback verification, new callers were still
restricted to the new users romper room. In this area, callers could
sample limited, non-adult-oriented sections of the BBS, but could not
upload or download any files.
In the evenings, Houston read through all new applications for the
day. He called back all applicants personally the next day, and
verified their applications by voice. In certain cases, such as
borderline-age applicants stating they were college students, he
checked their references to make sure they were genuine. All callers
who passed this verification step then had to send Houston photocopies
of their driver's licenses, after which they were finally given access
to the adult areas. Houston's verification process was quite an
extended routine, but he says he fully verified over 600 callers using
this method.
Houston's troubles started when he fired a teenage employee of his
video store business for basic laziness. According to Houston,
directly upon being fired the ex-employee went to Sheriff Earle Lee of
Douglas County, Georgia, the county in which Stonewall BBS operated.
He told Sheriff Lee that Houston was running a nationwide network for
the distribution of homosexual materials from the Stonewall BBS. The
police moved like lightning on these charges. The employee was fired
Saturday, September 8, 1990. Two days later, on Monday, September 10,
Sheriff Lee and his deputies hauled Houston off to jail and
confiscated his computer equipment.
The arrest and seizure warrant, and the indictment that followed,
contained four counts against Houston: 2 counts of distribution of
obscene materials; 1 count of solicitation of sodomy; and 1 count that
Houston "provided a medium as to which sexually explicit materials
containing children could be found". The counts in the indictment
were based on the testimony of two of Houston's ex-employees: the one
who started the legal process against Houston, and another who had
been fired some months earlier.
The second ex-employee, according to Houston, was a computer hacker
whom Houston had suspected of stealing some money from his business,
then altering his business computer records to cover it up. For the
indictment, both ex-employees testified that Houston had created sex
videos with them (another allegation he entirely denies), and that he
had given them both access to the adult areas of his BBS while they
were his employees, even though they were 17- year-old minors. Houston
thought they were 18 years old until then. Houston entirely denies
all accusations.
After sitting in jail for a couple of months, Houston went to trial
and lost. The prosecuting attorney was D.A. David McDade of Douglas
County. Houston paid his own lawyer $10,000, and had no money left to
pay for an appeal after the trial.
Houston says the trial against him was filled with misconduct. Perhaps
his most shocking charge is that the State did not use a police expert
or independent expert to evaluate the materials contained in his
confiscated BBS. Instead, they put his own ex-employee, the computer
hacker who testified against him for the indictment, in charge of
investigating the computer to conduct the State's own inspection of
the evidence! This amazing approach bore no resemblance to normal
procedure, which was to send seized evidence requiring technical
examination to the Georgia Crime Lab. If Houston's charge is true,
this is fatal contamination of the evidence - placing key evidence
against the accused in the hands of a hostile and complaining witness!
Further, Houston says the hacker/ex-employee made the most of his
opportunity, tampering with the BBS computer files to create damning
evidence against Houston. Specifically, Houston says that computer
files were altered before trial to make it look like he had been using
his BBS to solicit two 17-year-olds. There were indeed two
17-year-olds on Stonewall BBS, but Houston had given them access only
to a special "teen board" area he set especially up for them. Houston
believes his ex-employee, while he had control of BBS computer, raised
the 17 year olds' security level to make it look like they had access
to the adult materials, and added suggestive messages addressed from
Houston to these callers.
Houston moved for inspection of the computer prior to trial, but the
judge denied his motion. Houston also lined up 3 different computer
experts to check the BBS system for tampering using software tools for
inspecting the computer's hard disk, and to testify to the tampering
at trial. For reasons that are unclear, his lawyer refused to use the
experts. Finally, Houston wanted to show the judge at trial how his
BBS worked and how he maintained system security and age verification,
but the judge would not permit the demonstration.
In the end, Houston was convicted of a single count of sexual
exploitation of children, under Georgia Statute 16-12-100-B6. This
conviction classifies him as a craven sex offender, equivalent to a
rapist. The only evidence supporting his conviction were the computer
records regarding the 17-year-olds submitted by the ex-employee
hacker. As mentioned above, Houston's lawyer failed to offer expert
testimony disputing the authenticity and accuracy of the computer
records regarding the 17-year-olds' status on the system. Houston's
lawyer further failed to obtain testimony from the 17-year-olds
themselves, which could have shown the computer evidence to be false.
Houston seems bewildered at the approach taken by his lawyer. The only
reasoning the lawyer seems to have given him for these seeming
enormous strategic lapses is that such attempts to discredit the
state's case would only make Houston look worse in the eyes of the
judge.
Houston says there is no law against precisely what he's been
imprisoned for, and says the prosecuting D.A. said the same thing
publicly after his conviction. Despite the unanimous confusion over
whether Houston is actually guilty of any wrongdoing, he remains in
jail for the time being. Houston is due to be released in September,
1993, and says he plans to head out of Georgia as soon as he is
permitted to do so. Douglas County has not been very kind to Robert
Houston. It is hard to say exactly what role local intolerance of his
sexual preferences might have played in the insulting abridgement of
personal rights Mr. Houston has suffered through, but it would explain
the shocking manner in which his prosecution was carried out.
The story above is based solely on the interview with Mr. Houston.
Clearly there are some areas in which it would be useful to know the
other side of the story. Nonetheless, we can make some useful
observations looking at things just from his side of the cell bars.
First, here is a sysop in jail for running an adult bulletin board.
For those who refused caution up to now for lack of evidence that
people are getting in trouble: here is your evidence. Take note that
Houston was not convicted of having any obscene or child pornography
materials on his BBS. Those carrying such materials could end up in
hotter water than he did if they are ever exposed to the court
process.
Second, sysops reading this may be comforting themselves that the
exact freakish course of events Houston suffered through will not
likely be repeated. However, Houston's case is also illustrative of
the way things can break down and land you in a heap of trouble. In
his case, canning a lazy employee ended up landing him in jail,
convicted of being a sleazy, child-molesting BBS sysop. Future sysop
convictions, whenever and wherever they occur, can easily follow
similarly tortuous paths from precipitating cause to miserable result.
Those who think they are clever enough to stay out of trouble while
running a hardcore porn board may see their whole scheme unravel due
to one forgotten loose end.
Third, Houston's situation provides yet another example of the
institutional amnesia still inflicting far too many law enforcement
authorities and agents: they forget all about the Constitution,
especially the First Amendment, when they seize a BBS. Houston's BBS
was not adjudged to have any illegal materials falling outside the
First Amendment's protection of freedom of speech and of the press.
His conviction, contrived though it may have been, was only for
certain conduct. Yet his BBS was taken down, and likely will never be
resurrected, at least in Georgia.
There is a danger of reading too much into what happened to Robert
Houston (except for sysops knowingly running hardcore porn boards, who
should pay very careful attention to his plight). His peculiar
treatment at the hands of the Douglas County legal system does not
mean that all BBS' have suddenly become unsafe. Running a BBS carries
about the same risk as it always has. If you are reasonable in how you
run your BBS, and don't knowingly get involved with anything illegal,
your chances of legal trouble are next to nothing. Think of Robert
Houston as a sysop who tried very hard to be careful while running a
BBS with contents that were riskier than average, and one day got hit
by lightning.
THAT'S ENTERTAINMENT!
Just as this column was being readied for submission, WNBC's "News at
Eleven" showed the first installment of a news series to be aired all
week called "Software: Hard Porn." This astonishing piece of
television journalism starts off with a surveillance film showing two
men on a couch discussing a snuff movie they'd like to make using a
little kid. The narrator's voice-over informs us that this time, the
snuff guys are talking about procuring their dispensable prey using a
computer bulletin board . . .
The segment segues into much milder territory, next featuring the
talking head of Bruce Fancher of MindVox (a NYC Unix-based BBS system
and Internet access site) discussing the easy availability of adult
GIF image files on BBS'. Several shots of files supposedly taken from
BBS' are shown, mostly just girlie pictures almost too tame for
Playboy. Surprisingly, the voice-over informs us that such pictures
are all quite legal. They are legal, of course. The surprising part is
that the TV folks got it right.
But don't relax yet. In the very next breath, we are told that the
same BBS' carrying the adult image files also play host to pedophiles,
who seek out youngsters and attempt to arrange illicit meetings for
sexual purposes. Through the magic of TV sequencing, those cute
girlie shots are instantly converted from admittedly protected free
speech to cheesecake posters on the walls of dens of sin inhabited by
sleazy, lecherous old men. The dens of sin, of course, are the BBS' in
which they prowl.
So ends the first short episode of "Software: Hard Porn", with the
promise of more rating-boosting tidbits about the sleazy world of BBS'
in tomorrow's news report.
This is a good postscript to the Houston piece. It shows that not only
did someone with an adult board get nailed, but the anti-BBS porn
drumbeat is steadily swelling in the public consciousness. This is not
the first news show covering the BBS porn angle. Last year, WOR in New
York ran a story with a similar theme. But as Howard Stern likes to
remind his listeners (after his show on WOR ended), no one watches
WOR, while WNBC is one of the real TV stations in the New York market.
Those who are committed to running hard core porn BBS' should watch
their backs.
(Copyright 1993, Lance Rose)
[Lance Rose is an attorney practicing high-tech, computer and
intellectual property law in Montclair New Jersey, and is available on
the Internet at elrose@well.sf.ca.us and on CompuServe at 72230,2044.
He works with shareware publishers, software authors, system
operators, technology buyers, interactive media developers, on-line
database services and others in the high technology area. He is also
author of the book SYSLAW, a legal guide for bulletin board system
operators, available from PC Information Group (800)321-8285. -
Editor]
------------------------------
Date: 16 Apr 93 21:55:03 EDT
From: Gordon Meyer <72307.1502@COMPUSERVE.COM>
Suject: File 5--Phone Fraud in the Telecom Industry
Information Week (4/12/93 pg 68) cites an article that appeared in the
San Francisco Chronicle (4/7/93 pg D1)... Of the nations 700 largest
telecommunications customers, 70% reported toll fraud losses that
averaged $125,000 in the past five years.
Network Security
================
The April 12, 1993 edition of Information Week has a cover story on
'network insecurity'. Refer to "Are Your Networks Secure?" (pgs 30 -
35) for the full details. One amusing quote from an unnamed security
analyst..."Companies would rather admit their CEO is an alcoholic
than acknowledge a security break."
Webster's Adds Nerdspeak
========================
The next edition of Merriam-Webster's Collegiate Dictionary, due out
May 3, 1993, will add several computer-related words. The company
says these words have become common enough that people outside of the
computer industry may need to look up their meaning. Some of the words
added include "computerphobe", "technobabble", "vaporware", and
"voice mail".
(Information Week. April 12, 1993 pg 60)
------------------------------
End of Computer Underground Digest #5.30
************************************