Copy Link
Add to Bookmark
Report
Computer Undergroud Digest Vol. 04 Issue 11
Computer underground Digest Tue, Mar 10, 1992 Volume 4 : Issue 11
Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
Associate Editor: Etaion Shrdlu
CONTENTS, #4.11 (Mar 10, 1992)
File 1--Net Resources
File 2--Readers Reply: "Bury Usenet"
File 3--Readers Reply: Apology to Craig Neidorf (CuD #4.10)
File 4--F.B.I. and Digital Communications Amendment (NYT synopsis)
File 5--F.B.I.' Proposed Digital Communications Legislation
File 6--CPSR Response to FBI Proposal
File 7--"Real Hackers?" Comparing the old and the new (DFP Reprint)
File 8--BBSes and Telco Rates
File 9--HACKING grounds for dismissal
File 10--Updated Info on 2nd Annual Int'l BBSing & Elec. Comm Conf.
Issues of CuD can be found in the Usenet alt.society.cu-digest news
group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG,
and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414)
789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.132),
chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au. To use the U. of
Chicago email server, send mail with the subject "help" (without the
quotes) to archive-server@chsun1.spc.uchicago.edu.
European distributor: ComNet in Luxembourg BBS (++352) 466893.
NOTE: THE WIDENER SITE IS TEMPORARILY RE-ORGANIZING AND IS CURRENTLY
DIFFICULT TO ACCESS. FTP-ERS SHOULD USE THE ALTERNATE FTP SITES UNTIL
FURTHER NOTICE.
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source
is cited. Some authors do copyright their material, and they should
be contacted for reprint permission. It is assumed that non-personal
mail to the moderators may be reprinted unless otherwise specified.
Readers are encouraged to submit reasoned articles relating to the
Computer Underground. Articles are preferred to short responses.
Please avoid quoting previous posts unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
----------------------------------------------------------------------
Date: Mon, 9 Mar 92 19:58:41 CST
From: Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 1--Net Resources
Frank Klaess, sysop of ComNet in Luxembourg, is providing CuDs and
other text files on ComNet Luxembourg BBS. ComNet is a two-line,
14,400 board and the phone number is: (++352) 466893.
ComNet is not yet accessible through internet, but Frank can be
reached on PC-Exec BBS in Milwaukee (414) 789-4352.
+++++++
The Well, perhaps the best system in the country, is now accessible
through ftp (192.132.30.2). The initial sign-up is nominal, and usage
fees are more than reasonable ($10 a month and $2 an hour). There are
thousands of discussion topics, conferences on almost every issue
conceivable, and there are a number of services and features that make
it a valuable investment. Cybernauts would find the Hacking, EFF
(Electronic Frontier Foundation) and CPSR (Computer Professionals for
Social Responsibility) conferences especially interesting.
------------------------------
Date: 8 Mar 92 13:53:33 CST (Sun)
From: peter@TARONGA.COM(Peter da Silva)
Subject: File 2--Readers Reply: "Bury Usenet"
Building a new net with a wider bandwidth and tighter controls, as
Steve seems to want, is a SMOP. Write the software, build your Usenet
II, and if it's really that far superior then it will supplant Usenet
I.
People are always coming up with improvements they'd like to the basic
Usenet model, but none seem willing to put their money where their
mouth is. Come on, Steve. You can use the existing transport
mechanism, even. Just a new newsreader or two and you're in business!
------------------------------
Date: Sun, 8 Mar 92 13:55:28 EST
From: The Advocate <unixville@matrix.uunet.uu.net>
Subject: File 3--Readers Reply: Apology to Craig Neidorf (CuD #4.10)
A poster in CuD 4.10 writes:
> I never meant to suggest that Craig was in any way "at fault" for the
> cost of his defense, nor to discourage people from donating money to
> offset his expenses.
I was just wondering, did craig ever consider getting a public
defender? After all, he was above 18, he was an independent student.
I think he could have qualified, with a little finagling. A lot of
them are damn good.
I think I had disconnected, during the arrest periods, due to work
loads or i would have suggested it. HAve to admit, it would have been
nice to put the tab on uncle sam. and federal PDs are 1000 fold
better then local ones.
((Moderators' note: Craig's initial attorney seemed unfamiliar with
the issues his case raised. The Advocate is correct in observing
that many public defenders are competent, idealistic, and hard
working. Unfortunately, the issues raised in this case were beyond
the resources and expertise of most public defenders and required
some specialized skills.
In Chicago, the jurisdiction of Craig's trial, Federal public
defenders are appointed only if the defendant can demonstrate
financial need, and Craig, at best, probably would not have qualified.
Public defense attorneys appointed by the presiding judge from a pro
bono list, and while, through luck if the draw, it is possible to
obtain some of the best legal counsel in the country, it is just as
likely that he would be appointed one who neither was familiar with
nor willing to take on the line of defense ultimately used.
Unfortunately, our system of justice requires investment of resources
before the wheels turn properly.))
------------------------------
Date: Mon, 9 Mar 92 01:32:06 EST
From: Cy Burway <finder@canfield.com>
Subject: File 4--F.B.I. and Digital Communications Amendment (NYT synopsis)
As Technology Makes Wiretaps More Difficult, F.B.I. Seeks Help
(From: New York Times, March 8, 1992: p. I-12)
By Anthony Ramirez
The Department of Justice says that advanced telephone equipment in
wide use around the nation is making it difficult for law-enforcement
agencies to wiretap the phone calls of suspected criminals.
The Government proposed legislation Friday requiring the nation's
telephone companies to give law-enforcement agencies technical help
with their eavesdropping. Privacy advocates criticized the proposal as
unclear and open to abuse.
In the past, the Federal Bureau of Investigation and other agencies
could simply attach alligator clips and a wiretap device to the line
hanging from a telephone pole. Law-enforcement agents could clearly
hear the conversations. That is still true of telephone lines carrying
analog transmissions, the electronic signals used by the first
telephones in which sounds correspond proportionally to voltage.
But such telephone lines are being steadily replaced by high-speed,
high-capacity lines using digital signals. On a digital line, F.B.I.
agents would hear only computer code or perhaps nothing at all because
some digital transmissions are over fiber-optic lines that convert the
signals to pulses of light.
In addition, court-authorized wiretaps are narrowly written. They
restrict the surveillance to particular parties and particular topics
of conversation over a limited time on a specific telephone or group
of telephones. That was relatively easy with analog signals. The
F.B.I. either intercepted the call or had the phone company re-route
it to an F.B.I. location, said William A. Bayse, the assistant
director in the technical services division of the F.B.I.
But tapping a high-capacity line could allow access to thousands of
conversations. Finding the conversation of suspected criminals, for
example, in a complex "bit stream" would be impossible without the aid
of phone company technicians.
There are at least 140 million telephone lines in the country and more
than half are served in some way by digital equipment, according to
the United States Telephone Association, a trade group. The major
arteries and blood vessels of the telecommunications network are
already digital. And the greatest part of the system, the capillaries
of the network linking central telephone offices to residences and
businesses, will be digital by the mid-1990s.
Thousand Wiretaps
The F.B.I. said there were 1,083 court-authorized wiretaps--both new
and continuing--by Federal, state, and local law-enforcement
authorities in 1990, the latest year for which data are available.
Janlori Goldman, director of the privacy and technology project for the
American Civil Liberties Union, said she had been studying the
development of the F.B.I. proposal for several months.
"We are not saying that this is not a problem that shouldn't be
fixed," she said, "but we are concerned that the proposal may be
overbroad and runs the risk that more information than is legally
authorized will flow to the F.B.I.
In a news conference in Washington on Friday, the F.B.I. said it was
seeking only to "preserve the status quo" with its proposal so that
it could maintain the surveillance power authorized by a 1968 Federal
law, the Omnibus Crime Control and Safe Streets Act. The proposal,
which is lacking in many details is also designed to benefit state and
local authorities.
Under the proposed law, the Federal Communications Commission would
issue regulations to telephone companies like the GTE Corporation and
the regional Bell telephone companies, requiring the "modification" of
phone systems "if those systems impede the Government's ability to
conduct lawful electronic surveillance."
In particular, the proposal mentions "providers of electronic
communications services and private branch exchange operators,"
potentially meaning all residences and all businesses with telephone
equipment.
Frocene Adams, a security official with US West in Denver is the
chairman of Telecommunications Security Association, which served as
the liaison between the industry and the F.B.I. "We don't know the
extent of the changes required under the proposal," she said, but
emphasized that no telephone company would do the actual wiretapping
or other surveillance.
Computer software and some hardware might have to be changed, Ms. Adams
aid, but this could apply to new equipment and mean relatively few
changes for old equipment.
------------------------------
Date: Mon, 9 Mar 92 19:58:41 CST
From: Jim Thomas <tk0jut2@mvs.cso.niu.edu>
Subject: File 5--F.B.I.' Proposed Digital Communications Legislation
Increasingly sophisticated technology available to the average citizen
undeniably makes it more difficult for law enforcement to pursue
legitimate investigations. When technology expands faster than
society's capacity to examine the social, ethical, or legal
implications of the changes, two potential problems emgerge: Laws
that correspond to technological advances do not change, leaving law
enforcement either handicapped or forced to implement illicit means in
investigations, or laws change in ways that potentially intrude on
civil liberties by reducing Constitutional protections. The trick is
to find a happy medium.
The legislation proposed by the U.S. Government reflects an attempt to
bring current Federal legislation in line with technology. In
principle, this is wise. In practice, questions arise that should be
addressed in order to assure that the proposed legislation allows law
enforcement to pursue its legitimate ends while simultaneously
protecting the interests of citizens.
The proposed legislation has not yet been submitted to Congress, and
our understanding is that there is as yet no draft of the proposed
changes. CPSR, EFF, the ACLU, and other groups appear to be actively
involved in assuring that the language and implications of the final
document will be carefully examined prior to submission.
As we understand the proposed legislation, it would make it easier for
investigators to conduct *legal* surveillance of digital, broad-band,
communications by implementing technology that targets a specific user
rather than an entire stream of users. To do this, telecommunications
systems would require modification that would be implemented by the
phone companies and would include changes in user devices.
Among the questions the proposed legislation raises are:
1. Who would bear the costs of the modifications? Should costs be
passed on to end telecommunications users?
2. How would the modifications change the requirements for obtaining
warrants?
3. What potential abuses might arise from the modifications?
4. What unanticipated advantages or social benefits might emerge?
5. How might the concept of "good faith" be interpreted when
non-targeted information is obtained?
6. How would the proposed legislation dovetail into recent U.S.
Supreme Court decisions that expand the search powers of law
enforcement?
7. What concepts or definitions of "telecommunications" and other
terms would be established? How far would the scope of the legislation
extend? Would it include data lines if it were suspected that the
target were transferring an unlicensed version of Word Perfect? Among
the "evidence" used to justify the seizure of Steve Jackson Games, the
Secret Service claimed that the simple description of Kermit as a
7-bit protocol used to transfer data between mainframes and PCs was
evidence of a conspiracy. Would this allow monitoring of all Kermit
up/downloads by Steve Jackson employees?
There are many other questions to be addressed, but the ultimate one
remains: What is the best language that would protect both law
enforcements' ability to carry out its function while preserving
Constitutional rights? The recent history of some law enforcement
officials, particularly in the Secret Service and a few local
jurisdictions, indicates that the question is more than a
philosophical debate. The consequences of ill-considered language for
all involved require careful consideration of balance.
The following is the press release proposing the legislation:
+++++
U.S. Department of Justice
Federal Bureau of Investigation
Office of the Director Washington, D.C. 20535
March 6, 1992
STATEMENT BY FBI DIRECTOR WILLIAM S. SESSIONS
CONCERNING PROPOSED DIGITAL COMMUNICATIONS LEGISLATION
Law enforcement's continued ability to conduct court-authorized
electronic surveillances is one of the most critical issues facing law
enforcement today. However, recent telecommunications systems
improvements have outpaced the government's ability to technologically
continue this highly successful, and lawful technique.
Consequently, the U.S. Government has proposed legislation requiring
the telecommunications industry to ensure that its advanced digital
telephone systems accommodate the legitimate needs of federal, state,
and local law enforcement.
Specifically, this legislation seeks to preserve the status quo of an
extraordinarily efficient and effective technique utilized by law
enforcement to conduct court-authorized electronic surveillances, as
authorized by Congress in Title III of the Omnibus Crime Control and
Safe Streets Act of 1968. The approach suggested in the legislation
represents by far the least costly alternative and is the only certain
method of addressing the issue.
Without an ultimate solution, terrorists, violent criminals,
kidnappers, drug cartels, and other criminal organizations will be
able to carry out their illegal activities using the
telecommunications system without detection. This proposal is critical
to the safety of the American people and to the law enforcement
officers who must daily enforce the laws of this country.
The Legislative proposal is not solely a law enforcement proposal but
is a result of a cooperative effort by Administration and Congressional
leaders, telecommunications industry executives and law enforcement.
------------------------------
Date: Tue, 10 Mar 1992 17:47:59 -0500
From: dbanisar@washofc.cpsr.org
Subject: File 6--CPSR Response to FBI Proposal
CPSR letter on FBI Proposal
CPSR and several other organizations sent the following letter to
Senator Patrick Leahy regarding the FBI's recent proposal to undertake
wire surveillance in the digital network.
If you also believe that the FBI's proposal requires further study at
a public hearing, contact Senator Hollings at the Senate Committee on
Commerce. The phone number is 202/224-9340.
Dave Banisar,
CPSR Washington Office
====================================================
March 9, 1992
Chairman Patrick Leahy
Senate Subcommittee on Law and Technology
Committee on the Judiciary
United States Senate
Washington, DC 20510
Dear Senator Leahy,
We are writing to you to express our continuing interest in
communications privacy and cryptography policy. We are associated
with leading computer an telecommunication firms, privacy, civil
liberties, and public interest organizations, as well as research
institutions and universities. We share common concern that all
policies regarding communications privacy and cryptography should be
discussed at a public hearing where interested parties are provided an
opportunity to comment or to submit testimony.
Last year we wrote to you to express our opposition to a Justice
Department sponsored provision in the Omnibus Crime Bill, S. 266,
which would have encouraged telecommunications carriers to provide a
decrypted version of privacy-enhanced communications. This provision
would have encouraged the creation of "trap doors" in communication
networks. It was our assessment that such a proposal would have
undermined the security, reliability, and privacy of computer
communications.
At that time, you had also convened a Task Force on Privacy and
Technology which looked at a number of communication privacy issues
including S. 266. The Task Force determined that it was necessary to
develop a full record on the need for the proposal before the Senate
acted on the resolution.
Thanks to your efforts, the proposal was withdrawn.
We also wish to express our appreciation for your decision to
raise the issue of cryptography policy with Attorney General Barr at
his confirmation hearing last year. We are pleased that the Attorney
General agreed that such matters should properly be brought before
your Subcommittee for consideration.
We write to you now to ask that you contact the Attorney General
and seek assurance that no further action on that provision, or a
similar proposal, will be undertaken until a public hearing is
scheduled. We believe that it is important to notify the Attorney
General at this point because of the current attempt by the
administration to amend the Federal Communications Commission
Reauthorization Act with provisions similar to those contained in S.
266.
We will be pleased to provide assistance to you and your staff.
Sincerely yours,
Marc Rotenberg,
Computer Professionals for Social Responsibility
David Peyton,
ITAA
Ira Rubenstein,
Microsoft
Jerry Berman,
Electronic Frontier Foundation
Mike Cavanagh
Electronic Mail Association
Martina Bradford,
AT&T
Evan Hendricks,
US Privacy Council
Professor Dorothy Denning,
Georgetown University
Professor Lance Hoffman,
George Washington University
Robert L. Park,
American Physical Society
Janlori Goldman,
American Civil Liberties Union
Whitfield Diffie, Sun Microsystems
John Podesta,
Podesta and Associates
Kenneth Wasch,
Software Publishers Association
John Perry Barlow,
Contributing Editor, Communications of the ACM
David Johnson,
Wilmer, Cutler & Pickering
cc: Senator Joseph R. Biden, Jr
Senator Hank Brown
Senator Ernest F. Hollings
Senator Arlen Specter
Senator Strom Thurmond
Representative Don Edwards
Attorney General Barr
Chairman Sikes, FCC
------------------------------
Date: Mon, 2 Mar 92 18:52:34 CST
From: Digital Free Press <max%underg@uunet.uu.net>
Subject: File 7--"Real Hackers?" Comparing the old and the new (DFP Reprint)
((Moderators' note: The following article is reprinted from the
Digital Free Press. DFP and the Underground Computing Foundation BBS
are useful sources for material on the Computer Underground. The DFP
can be contacted at: max%underg@uunet.uu.net))
Real Hackers?
There is a lot of talk these days about how the word 'hacker' has
been redefined by the press. The theory is that the old hackers, as
portrayed in Steven Levy's excellent book _Hackers: Heroes of the
Computer Revolution_, were good and pure and this breed of hacker
dramatized in the press is some new evil non-hacker terrorist. This is
nonsense.
According to the book, the hacker ethic(paraphrased) is as
follows:
1. Access to computers should be unlimited and total.
2. All information should be free.
3. Mistrust Authority - Promote Decentralization.
4. Hackers should be judged by their hacking.
5. You can create art and beauty on a computer.
6. Computers can change your life for the better.
In pursuit of the hacker ethic these heroes performed various acts
that would not be looked upon favorably in today's anti-hacker
society:
Used Equipment Without Authorization (Page 20)
++++++++++++++++++++++++++++++++++++++++++++++
"So, without any authorization whatsoever, that is what Peter
Sampson set out to do, along with a few friends of his from an
MIT organization with a special interest in model railroading. It
was a casual, unthinking step into a science-fiction future, but
that was typical of the way that an odd subculture was pulling
itself up by its bootstraps and growing to underground
prominence-to become a culture that would be the impolite,
unsanctioned soul of computerdom. It was among the first computer
hacker escapades of the Tech Model Railroad Club, or TMRC."
Phone Phreaked (Page 92)
++++++++++++++++++++++++
"He had programed some appropriate tones to come out of the
speaker and into the open receiver of the campus phone that sat
in the Kluge room. These tones made the phone system come to
attention, so to speak, and dance."
Modified Equipment Without Authorization (Page 96)
++++++++++++++++++++++++++++++++++++++++++++++++++
"Nelson thought that adding an 'add to memory' instruction
would improve the machine. It would take _months_, perhaps, to go
through channels to do it, and if he did it himself he would
learn something about the way the world worked. So one night
Stewart Nelson spontaneously convened the Midnight Computer
Wiring Society."
Circumvented Password Systems (Page 417)
++++++++++++++++++++++++++++++++++++++++
"Stallman broke the computer's encryption code and was able to get
to the protected file which held people's passwords. He started
sending people messages which would appear on screen when they
logged onto the system:
'I see you chose the password [such and such]. I suggest that
you switch to the password "carriage return. "It's much
easier to type, and also it stands up to the principle that
there should be no passwords.'
'Eventually I got to the point where a fifth of all the users on
the machine had the Empty String password.' RMS later boasted.
Then the computer science laboratory installed a more
sophisticated password system on its other computer. This one was
not so easy for Stallman to crack. But Stallman was able to study
the encryption program, and as he later said, 'I discovered
changing one word in that program would cause it to print out
your password on the system console as part of the message that
you were logging in.' Since the 'system console' was visible to
anyone walking by, and its messages could easily be accessed by
any terminal, or even printed out in hard copy, Stallman's change
allowed any password to be routinely disseminated by anyone who
cared to know it. He thought the result 'amusing.'
Certainly these hackers were not anarchists who wanted only to
destroy. They had a personal code of ethics, the hacker ethic to base
their behavior on. In fact the modern hacker has his/her ethics
intact. Compare the above hacker ethic with the hacker ethic found in
_Out of the Inner Circle_ by Bill 'The Cracker' Landreth, a teenager
arrested by the FBI (Page 18,60):
1. Never delete any information you can not easily restore.
2. Never leave any names on a computer.
3. Always try to obtain your own information.
The common denominator to these ethics systems are the respect for
technology, and the personal growth through free access and freedom of
information. Certainly the attitude towards private property is the same.
Accessing and using equipment that you do not own is okay as long as
you do not prevent those who own it from using it, or damage anything.
With respect to the hacker ethic the hackers mentioned in
_Cyberpunk: Outlaws and Hackers on the Computer Frontier_ by Katie
Hafner and John Markoff were in fact good hackers. If free access, and
free information were the law of the land would Kevin Mitnick have
gone to jail? I do not think so. Sure he got the source code for VMS,
but is there any evidence that he used this information for personal
gain, or did he simply use the information to improve his
understanding of the VMS operating system?
Robert T. Morris's worm program was a clever hack. Of course he
'gronked' it by programming the replication rate much too fast, but
still there is no evidence that he had any intention of doing harm to
the system. It was simply a computer experiment. Who owns the
Internet? Is it some mysterious 'them' or is it our net? If it is out
net, then we should be able to try some stuff on it, and to heck with
'them' if they can't take a joke.
Of course the German hackers are a different story. What they got
in trouble for was espionage, and not hacking, which is a breach of
faith, and is hacking for personal gain. However selling Minix to the
KGB almost makes it forgivable...
It is my contention that hackers did not change. Society changed,
and it changed for the worse. The environment the early hackers were
working in correctly viewed these activities as the desire to utilize
technology in a personal way. By definition hackers believe in the
free access to computers and to the freedom of information. If you do
not believe in these principles you are not a hacker, no matter how
technologically capable you are. You are probable just a tool for the
greed society. Current bad mouthing of hackers is simply snobbery.
Rather than cracking down on the modern hacker, we should reinforce
the hacker ethic, a code of conduct not based upon greed and lust for
the almighty dollar, but instead for personal growth through the free
access of computers and information, and a respect for technology.
It is the humane thing to do.
------------------------------
Date: Sun, 8 Mar 92 03:21 EST
From: "Michael E. Marotta" <MERCURY@LCC.EDU>
Subject: File 8--BBSes and Telco Rates
GRID News. ISSN 1054-9315. vol 3 nu 5 March 7, 1992.
World GRID Association, P. O. Box 15061, Lansing, MI 48901 USA
------------------------------------------------------------------
(54 lines) Say YES! to Business Rates
(C) 1992 by Michael E. Marotta
BBS sysops in Oregon are fighting a telco policy to charge busi-
ness rates for any phone with a fax or modem attached. BBS users
know of similar telco policies from Kansas City, New York,
Illinois, Indiana, Michigan and Texas over the last two years.
Actually, there are at least two ways to view the situation.
(1) THE HOME DATA CENTER In an information society, every home
must be an information center. We have telephones and televisions,
books, newspapers and magazines, computers, copiers, faxen, cable
TV, VCRs, camcorders and answering machines. There is a view,
wrongly held by sysops, that they "provide a service to many
users." EVERY BBS USER IS A SYSOP. Whether you go to them or they
go to you, data travels from home to home.
(2) THE HOME TREASURY In a commercial society every home
must be a business. We all buy and sell. Most of us buy and sell
labor. (Anyone can build a car; most people choose not to.) In
addition, people everywhere and Americans especially buy and sell
housewares, nutritional supplements, baseball cards, comic books,
automobiles and very many other goods. We routinely trade
childcare, bookkeeping and computer programming services. Your
checkbook is your general ledger.
In 1892, "no one" had an adding machine or typewriter in their
home. In 1942, dishwashers were found only in restaurants. Should
your phone rate depend on whether or not you have a dishwasher or
adding machine in your home? If yours should not, then why should
General Motors'?
Karl Marx's "Communist Manifesto" mandated public schools as a
prerequisite to socialism. It is no accident that schools
supported by tax dollars justify many marxist assertions. Among
these is the myth that "businesses" are "rich" and can afford
higher phone rates, while "workers" are "poor" and deserve a
subsidy for the "right" to a phone.
Another fallacy of marxism is that telephones are a "public
utility" that must be regulated or owned by the state.
Judging by other markets, if you let anyone become a phone company
you will find that those who use more service will pay more in
toto less per call. A user's or provider's race, sex, sources of
income, height or weight will be equally irrelevant. Those who
are good at providing information and carrier services will
prosper and the others will become telco hobbyists.
------------------------------
Date: Fri, 6 Mar 1992 19:55:42 GMT
From: NEELY_MP@DARWIN.NTU.EDU.AU(Mark P. Neely, Northern Territory
Subject: File 9--HACKING grounds for dismissal
A recent article in the _Solicitors Journal_ (Sept. 1991, p.1008-10)
posed the question as to whether the unauthorised access to a
Company's computer was grounds for dismissal of an employee. It was
written by Geoff Holgate, and the following is based on it.
The issue came before the court English Employment Appeals Tribunal
(EAT) and is reported in Denco Ltd. v. Joinson [1991] 1 Weekly Law
Reports 330.
The employee, Michael Joinson, worked as a sheet metal worker for
Denco Ltd. which manufactured air drying and air conditioning
equiptment. In 1988 Denco installed a computer which had a number of
VDU terminals attached to it. The computer was also used by another
company, Intek, which operated out of the same premises. Denco's
policy was to encourage its employees to use the terminal even though
their jobs didn't strictly require it.
The computer, via a series of menus, provided information relating to
the part-icular department within the company.
To gain access to a particular menu (or sub-menu) the user was
required to enter a user identity code and password. The password was
changed every week. The purpose of the passworded system was that the
information was provided on a 'need to know' basis, and only those
authorised to access a particular menu were entitled to use it.
The system's history file (which recorded every stroke entered on
every terminal on the system) revealed an unauthorised access to
certain of Intek's records on the system. This access was traced to
Joinson (who admitted the unauthorised access). He had used the
password of the daughter of a fellow employee who was an Intek
trainee.
Joinson was a member of the Amalgamated Engineering Union. Indeed, he
was chairperson of a joint committee representing the AEU and other
unions.
Denco alleged that Joinson had used the identity code and password to
obtain information which would be of use to him in his trade union
activities, such use being hostile to the company. Joinson claimed
that his access to the unauthorised information was accidental.
He was summarily dismissed for gross misconduct. Joinson complained he
had been unfairly dismissed.
The Employment Appeal Tribunal (hearing an appeal by Denco against an
industrial tribunal which found in favour of Joinson) held that
"if an employee deliberately used an unauthorised password in order
to enter, or attempt to enter, a computer known to obtain information
to which he was not entitled, then that of itself was gross misconduct
which prima facie would attract summary dismissal..."
[quote from article, p.1009, not judgement]
However the EAT then went on to limit their decision by emphaising that
"there may be some exceptional circumstances in which such a response
might be held ule".
[quote from case in article, p.1009]
The tribunal reasoned that as maintenance of the integrity of
information stored on an employer's computer was important, it was in
the best interests of management to make it "abundantly clear" that
interference with its integrity would result in severe penalty.
Any comments from the floor?
------------------------------
Date: Tue, 3 Mar 92 02:49:54 MST
From: mbarry@ISIS.CS.DU.EDU.CS.DU.EDU(Marshall Barry)
Subject: File 10--Updated Info on 2nd Annual Int'l BBSing & Elec. Comm Conf.
FOR IMMEDIATE RELEASE
Contact: Terry Travis or Michelle Weisblat
IBECC
A Non-Profit Educational, Literary, and Scientific Society
P.O. Box 486
Louisville, CO 80027-0486
Presents
The 1992 International BBSing and Electronic Communications Conference
(303) 426-1847 [VOICE]
(303) 429-0449 [Fax]
(303) 426-1866 [DATA/BBS]
E-Mail: IBECC@f69.n104.z1.FidoNet.Org
What is IBECC '92?
------------------
IBECC '92 is the SECOND ANNUAL International BBSing and Electronic
Communications Conference.
It will be held AUGUST 13-16, 1992 in Denver, Colorado. This year's
theme is "Socially Responsible Computing."
--------------
Special Guests
--------------
DR. JERRY POURNELLE, Ph.D. - Computer Columnist and Editor (Byte),
Author (Science Fact and Fiction), Lecturer, Consultant on the Impact
of High Technology on Society, Chairman of the Citizen's Advisory
Council on National Space Policy, and Outspoken Social Critic -
Speaking on "Socially Responsible Computing", the future of
communications and technology in an electronic world, as well as his
own views on the society of tomorrow.
LARRY NIVEN - Futurist, Hugo Award-Winning Author, Designer of Worlds,
Supporter of Space Conquest - Speaking on the future of networks as
personal interfaces, reality overtaking fantasy, and living with
computers when you really don't want to.
DAVID HUGHES, SR. - Architect of Big Sky Telegraph (the Montana
Electronic School House), Consultant, Mover and Shaker, President of
Old Colorado City Communications, U.S. Military (ret) - Speaking on
NREN, the SuperComputer Highway, and education through computers and
networking.
Attending IBECC '92
-------------------
IBECC '92 is an intensive THREE-DAY conference. Sessions planned
include: "Introduction to BBSing" (What is a BBS, and How Do I Use
It?), "BBSes and the Law" (The Legal Rights and Responsibilities of
BBS Operators and Users), "Safe Computing" (The Detection and
Prevention of Computer Infection), "Rumor Control 1992" (Knowing the
Difference Between Fact and Fiction, and Taking Action Where Needed),
"Why Kelly CAN Read" (An Exploration into Education and the Computer),
"NREN" (The National SuperComputer Highway and How it Will Affect Us
All), "Staying Alive" (BBSing, Electronic Communication and the
Homebound / Physically Challenged), and "Security? What's That?" (The
What, Why, and How of Keeping Your Data and Information Safe).
Should you attend? If you have an interest in electronic
communications, bulletin boards, telecommuting, security or safe
computing, yes. If you would like to understand what a "hacker" is,
and is not, and what you can do to protect your electronic privacy,
yes. If your children make more use of your modem or computer than you
do, yes. In fact, unless you have absolutely no interest in using
your computer for interacting with the world, you should be there!
So that the conference will retain its personal and informal
atmosphere, attendance at IBECC '92 is strictly limited.
What Is IBECC?
--------------
IBECC is a Non-Profit Educational, Scientific, Literary and Charitable
Society (IRS 501(c)(3) applied for). Incorporated in Colorado,
IBECC's purposes include the promotion of national and international
electronic communications, the advancement of telecommunications and
teleconferencing, the improvement of communications between electronic
networks, education in the uses, requirements, and security of online
services, and general support of the electronic community.
A non-profit organization, IBECC is much MORE than just another %trade
show' -- it is a year-round clearing house for ideas, news, and
relevant information. IBECC represents the interests and concerns of
not only the professional, but the hobbyist and home user as well.
IBECC is primarily Volunteer-Run. Membership (currently $25.00/year
individual, $100.00/year corporate) pays for the IBECC Newsletter and
electronic Bulletin Board System (BBS), telephones, support and
information services, etc. - not salaries. The founders of IBECC, who
are all handicapped, are extensively involved in computer networks and
electronic communications, and also run several BBSes in the Denver
area.
----------------------------------------
IBECC '92 Membership & Hotel Information
----------------------------------------
(All Rates are in U.S. Dollars)
VIP (Includes IBECC Membership and VIP Suite)
SPECIAL RATE THROUGH MARCH 8, 1992: $80.00
March 9, 1992 through June 15, 1992: $125.00
June 16, 1992 through July 31, 1992: $175.00
August 1, 1992 and at the door (if available): $200.00
Spouse/Significant Other, with VIP Member: $9.69
Children (Under 14), with VIP Member: FREE
Call or Write for Other Rates
(Conference Only, Handicapped, etc)
Conference Location
-------------------
The conference will be held in the SAME HOTEL AS LAST YEAR:
Sheraton Denver West Hotel & Convention Center
360 Union Boulevard, Lakewood, CO 80228
(800) LAKEWOOD or (303) 987-2000
Rates
-----
$62.00 (+ tax) Single or Double
Please Mention IBECC for this DISCOUNTED RATE!
Special Rates on Hospitality and Sleeping Suites
may be Arranged through IBECC
----------------------------------
VENDORS, DEALERS, and DISTRIBUTORS
----------------------------------
Dealer and Vendor Booths and Tables Available
at VERY Competitive Rates
Please Call or Write for Information and Rates
IBECC - Now, More than Ever, Your Connection to the WORLD!
IBECC BBS: (303) 426-1866 (3/12/24/96/14.4 v.32bis/v.42/HST)
IBECC VOICE INFORMATION: (303) 426-1847 (Mon-Sat, 9AM-7PM, MST)
IBECC Mailing Address: P.O. Box 486, Louisville, CO 80027-0486
------------------------------
End of Computer Underground Digest #4.11
************************************