Copy Link
Add to Bookmark
Report
Computer Undergroud Digest Vol. 07 Issue 02
Computer underground Digest Wed Jan 11, 1995 Volume 7 : Issue 02
ISSN 1004-042X
Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
Archivist: Brendan Kehoe
Retiring Shadow Archivist: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Copy Reader: Laslo Toth
CONTENTS, #7.02 (Wed, Jan 11, 1995)
File 1-Royalities for GIFs at On-line Systems?
File 2-(fwd) Unisys's response to GIF furor (fwd)
File 3-Pioneer Awards--Call For Nominations
File 4- Politics of telecommunications "competition"
File 5-RFC: Key Capture Utility Survey
File 6-(fwd) AOL announcement on crackdown on illegal activities
File 7-Cu Digest Header Information (unchanged since 25 Nov 1994)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
----------------------------------------------------------------------
Date: Fri, 6 Jan 1995 09:23:58 CST
From: "John D. Pritchard" <jdp@CS.COLUMBIA.EDU>
Subject: File 1--Royalities for GIFs at On-line Systems?
----------------------Original message----------------------------
hi, i think the members of this list will find this interesting..
An Open Letter to Our Colleagues In the Online Communications Community:
------------------------------------------------------------------
By Pat Clawson <rip.support@telegrafix.com>
January 2, 1995
The announcement by CompuServe and Unisys that users of the GIF image
format must register by January 10 and pay a royalty or face lawsuits
for their past usage, is the online communications community's
equivalent of the sneak attack at Pearl Harbor.
The announcement of the CompuServe-Unisys GIF Tax on December 29,
during the lull between Christmas and New Year's Day, was clearly
timed to cause maximum damage while an unsuspecting public celebrated
the holidays.
We at TeleGrafix Communications have no quarrel with those who seek to
protect their intellectual property and profit from it. Indeed, we
are in business to do the same. We believe those who develop software
are entitled to reap financial rewards from their labors.
But in our opinion, the timing and circumstances of the CompuServe-
Unisys action indicates this is a shakedown of the online communications
community by two powerful corporations, rather than a reasonable
effort to protect intellectual property.
The GIF format has been in widespread public use since 1987. Its
widespread use and royalty-free licensing has been encouraged by
CompuServe for years. Neither CompuServe or Unisys have made any
significant improvements to GIF or its underlying LZW algorithm and
compression process to justify charging for what has been free.
Giving GIF users only 14 days to comply with sudden, unexpected
demands to pay the private CompuServe-Unisys GIF Tax or face
prosecution for past usage of what had been promoted for seven years
as free, open standard software is unconscionable. It is especially
outrageous since CompuServe and Unisys admit in writing that they
decided to require licensing SIX MONTHS AGO in June, and didn't
announce it to the public until now.
According to the CompuServe-Unisys GIF licensing agreement, the
settlement of the patent dispute was executed on June 21, 1994.
CompuServe agreed to implement the agreement "as soon as reasonably
practicable and in no case later than six (6) months after the date
this Agreement is executed..." That six month period ended on
December 21, 1994 -- but CompuServe did not make the licensing terms
public until December 28. Indeed, CompuServe appears to have violated
the terms of its own settlement agreement with Unisys.
While many of the messages we have read online in reaction to the
CompuServe-Unisys GIF Tax decree express both dismay and disbelief,
virtually none have analyzed the actual provisions of the licensing
agreement. It is in this area that TeleGrafix Communications wishes
to contribute to the dialogue.
In our opinion, the CompuServe-Unisys licensing agreement is both
illogical and overly broad. Let's examine some of its key provisions.
All quotes cited are directly from the agreement.
1. CompuServe will license Developers who want to use GIF technology.
The term "developer" is defined as "the other undersigned party to the
agreement," and it seems to apply to ANYONE who contemplates distributing
any product that uses the GIF format.
2. Developers will be licensed to sell or distribute "Products" that
"use and exploit GIF ... solely within the Field of Use." The term
"Field of Use" is defined as "primarily for accessing the CompuServe
Information Service and for manipulating and viewing data received
through the CompuServe Information Service." The licensing agreement
further defines the term "Products" as being "software that is
developed or distributed ... which is designed for and used primarily
for accessing the CompuServe Information Service and for manipulating
and viewing data received through the CompuServe Information Service."
IT APPEARS THAT THE ONLY LAWFUL USE OF GIF WILL BE FOR COMPUSERVE-RELATED
PRODUCTS. Using GIF images in any other manner, such as on CD-ROMs or
bulletin board systems, is prohibited. Most of the thousands of
products that have used GIF in some manner are henceforth contraband.
3. Developers may no longer "use, copy, modify or distribute the GIF
specification, except as expressly permitted by CompuServe." This
states that the GIF specification can no longer be shared, published
or uploaded in any manner without the express consent of CompuServe.
4. Members of the public are prohibited from using any software
product containing GIF until they have become a REGISTERED user of the
product. The customer also must agree to use the product "primarily
for accessing the CompuServe Information Service and for manipulating
and viewing data received through the CompuServe Information Service."
This virtually eliminates the concept of freeware or shareware
containing GIF capabilities, since prospective customers can no longer
try out these software products without registering them first.
5. Software developers must pay $1.00 for a license to use GIF, PLUS a
fee equal to the GREATER of 1.5% of the selling price of the product,
or $0.15 per "Disposition." Disposition is defined as "the sale,
lease or license or any other grant of rights to a Product or any new
Product." All royalties must be paid quarterly. Noncommercial and
freeware usage of GIF technology is NOT exempted from the royalty
requirement. Because the royalty provisions and definition of
"Disposition" are so broad in scope, it appears that a GIF Tax payment
may be due to CompuServe-Unisys each time a GIF image is transmitted
via BBS or Internet. The operators of a BBS or World Wide Web site
with hundreds or thousands of GIF images online could easily be
bankrupted by these licensing requirements.
6. CompuServe must be notified of ANY new product using GIF when it is
first offered to customers.
7. Persons using GIF must keep records of its use, and CompuServe has
the right to audit those records every year upon seven days notice.
Persons using GIF must pay the cost of the audit if a royalty
underpayment of 10% or more is discovered, along with 12% interest on
any underpaid royalties.
8. Even if the patent is later found by the courts or the U.S. Patent
Office to be invalid and unenforcable, or if the patent expires, any
developer must "return all copies of the GIF specification and any
confidential information of CompuServe then in its possession or
control to CompuServe, (ii) stop using the Licensed Technology, and
(iii) stop distributing Products." This states that EVEN IF THE
PATENT IS OVERTURNED OR EXPIRES, YOU MUST STOP USING OR DISTRIBUTING
GIF.
9. Even though CompuServe has publicly disseminated the text of the
agreement it wants GIF users to sign, the terms of the agreement are
to remain confidential. This is illogical, to say the least, since
they have posted it for public download on their own system.
10. Developers have to indemnify and hold CompuServe harmless for any
damages if their CUSTOMERS somehow use GIF technology in a way not
permitted by the licensing agreement.
11. Unisys has the right to enforce the agreement, as well as
CompuServe. Further, Unisys has the right to pursue legal action or
seek damages against Developers even after the agreement has
terminated.
TeleGrafix Communicatons Inc. will not sign such a licensing
agreement. We think most other software developers, BBS sysops and
Web site operators also will refuse to sign.
We encourage our colleagues in the online communications community to
evaluate the CompuServe-Unisys action, and to lodge appropriate
protests directly with those companies.
We believe that the CompuServe-Unisys GIF Tax drives a stake through
the heart of Internet development. It will cripple the World Wide
Web, NCSA Mosaic, and other Internet multimedia technologies that rely
heavily on GIF imaging.
Fortunately, we at TeleGrafix Communications do not depend on GIF
imaging in our new RIPscrip 2.0 online multimedia technologies. We
chose to implement the JPEG image format and only recently decided to
add GIF support as a convienience to our customers. Due to the
restrictive conditions of the CompuServe-Unisys GIF Tax and licensing
agreement, we must now reevaluate our plans for supporting GIF use in
the upcoming release of RIPscrip 2.0.
While our company hopes to profit financially from our advanced
RIPscrip 2.0 technology, we will not demand royalties from those who
have used the freeware versions of our earlier RIPscrip 1.54 products
and/or technical specifications. The RIPscrip 2.0 specification also
will be made public for third-party use after it is finalized.
We expect that the CompuServe-Unisys action will spell the death of
GIF as a commercially viable technology, shifting the attention of the
online communications community to JPEG imaging.
Sincerely,
Pat Clawson
President & Chief Executive Officer
TeleGrafix Communications Inc.
Huntington Beach, CA
Voice: (714) 379-2140
Fax: (714) 379-2132
BBS: (714) 379-2133
Internet: rip.support@telegrafix.com
------------------------------
Date: Tue, 10 Jan 1995 22:09:21 -0600 (CST)
From: David Smith <bladex@BGA.COM>
Subject: File 2--(fwd) Unisys's response to GIF furor (fwd)
Here's the scoop, from Unisys themselves.
thanks, | "The most exciting breakthroughs of the 21st century
| will not occur because of technology but because
David Smith | of an expanding concept of what it means to be human."
bladex@bga.com | -- John Naisbitt / Patricia Aburdene
---------- Forwarded message ----------
>From the GRAPHSUPPORT forum on CompuServe:
January 6, 1995
Unisys Clarifies Policy Regarding Patent Use in On-Line Service
Offerings
The concerns, inquiries and some apparent confusion that have resulted
from the December CompuServe advisory clearly indicate that we need to
clarify our policy concerning the use of the Unisys Lev Zempel Welch
(LZW) patent by software developers for the major on-line services.
We want to reiterate earlier communications that the issue of patent
licenses is not focused on the end users of on-line networks,
including the Internet. We encourage end users to continue to take
full advantage of the outstanding benefits of a rapidly growing
on-line community.
Unisys was awarded the patent in 1985. We became aware of the
increasing interest in our LZW patent beginning in 1990 when many
companies approached us to license the patent for their hardware and
software products. The growth in the use of compression technology
was mushrooming in order to meet the demands for transmitting
increased amounts of data. To date, more than 100 companies,
including hardware, software and on-line information services, have
licensed the Unisys LZW technology.
Two years ago, Unisys learned that the LZW method was incorporated in
the GIF specification and immediately began negotiations with
CompuServe in January of 1993. We reached agreement with CompuServe
on licensing the technology in June 1994, which calls for CompuServe
to pay Unisys a royalty of 1% of the average selling price it charges
for its software. This represents approximately 11 cents for each
copy sold and connected to its information service.
Under the agreement, CompuServe, at its discretion, could relicense
the LZW technology to commercial developers using the GIF
specification in software that connected directly to the CompuServe
information service.
With the agreement completed on June 21, 1994, CompuServe was given
six months to implement the terms of its license. CompuServe later
asked for a one-month extension, which we granted.
Unisys did not require CompuServe to pass on any fee to its
sublicensees or end users. Such a decision, and the content and
timing of CompuServe+s advisory, was at their discretion.
Consistent with the entire information industry+s desire to protect
intellectual property, Unisys will expect all of the major commercial
on-line information services companies employing the LZW patent to
license the technology from Unisys at a reasonable rate. The on-line
service companies are not required to sublicense the technology to
developers producing software for the commercial on-line services. It
will be, as it is today, at the on-line service+s discretion as to
whether it charges a license fee to developers or chooses an
alternative method to account for its licensing fees payable to
Unisys.
We recognize and are concerned -- thanks in large part to the recent
and very active use of the on-line network -- that developers did not
understand that the patented technology was resident in GIF. Taking
that into account, Unisys does not intend to pursue previous
inadvertent infringement by versions of GIF-based software products
marketed prior to 1995.
Concerning all future software product development and enhancement of
existing products for accessing on-line services, Unisys expects
developers of commercial, for-profit software to secure a license
from Unisys, or through the licensed on-line service, for the use of
the patented technology. The very reasonable terms should prove no
financial barrier to the introduction of product into the on-line
network.
Unisys does not require licensing, or fees to be paid, for
non-commercial, non-profit GIF-based applications, including those for
use on the on-line services.
Concerning developers of software for the Internet network, the same
principle applies. Unisys will not pursue previous inadvertent
infringement by developers producing versions of software products
for the Internet prior to 1995. The company does not require
licensing, or fees to be paid for non-commercial, non-profit offerings
on the Internet, including +Freeware+.
Commercial developers of GIF-based software for the Internet are
expected to secure a licensing agreement with Unisys for software
products introduced beginning in 1995, or enhancements of products
that were introduced prior to 1995. Again, terms should not preclude
the entry by these firms into the marketplace.
For organizations introducing World Wide Web servers and +Home Page+
offerings, most will not be required to secure a license from Unisys.
Most organizations acquire software from other developers to create
their offerings on their servers. Therefore, only the software firms
who sell the enabling software for profit would be expected to secure
a licensing agreement from Unisys.
Unisys understands that this issue has caused concern. We want to
reassure all users and developers that we are strong proponents of the
on-line industry.
We+re proud that this important Unisys technology has played a role
in the introduction of innovative products and services, many of which
are fueling the explosive growth of the information superhighway.
As members of the information community we want to strike the
appropriate balance between information access and the rights of all
information companies, including the developers of software, to
protect their intellectual property rights.
Patent information: Contact Welch Patent Licensing Department;
Unisys; Mail Stop C1SW19; P.O. Box 500, Blue Bell, PA 19424.
Or via Internet, send E-mail to LZW_INFOUNISYS.COM, or use a form
available on the Home Page of the Unisys Web Server
(http:\\www.unisys.com) to request follow-up information.
Media contacts: Unisys Public Relations -- Bob O+Leary (215)
986-6413 or Oliver Picher (215) 986-5367
------------------------------
From: Mike Godwin <mnemonic@EFF.ORG>
Subject: File 3--Pioneer Awards--Call For Nominations
Date: Wed, 4 Jan 1995 09:06:41 -0500 (EST)
THE FOURTH ANNUAL INTERNATIONAL EFF PIONEER AWARDS:
CALL FOR NOMINATIONS
Deadline: January 20, 1995
In every field of human endeavor,there are those dedicated to expanding
knowledge,freedom,efficiency and utility. Along the electronic frontier,
this is especially true. To recognize this, the Electronic Frontier
Foundation has established the Pioneer Awards for deserving individuals
and organizations.
The Pioneer Awards are international and nominations are open to all.
In March of 1992, the first EFF Pioneer Awards were given in Washington
D.C. The winners were: Douglas C. Engelbart, Robert Kahn, Jim Warren, Tom
Jennings, and Andrzej Smereczynski. The 1993 Pioneer Award recipients were
Paul Baran, Vinton Cerf, Ward Christensen, Dave Hughes and the USENET
software developers, represented by the software's originators Tom
Truscott and Jim Ellis. The 1994 Pioneer Award winners were Ivan
Sutherland, Whitfield Diffie and Martin Hellman, Murray Turoff and Starr
Roxanne Hiltz, Lee Felsenstein, Bill Atkinson, and the WELL.
The Fourth Annual Pioneer Awards will be given in Burlingame, California,
at the 5th Conference on Computers, Freedom, and Privacy, which will take
place on March 28-31 in 1995.
All valid nominations will be reviewed by a panel of impartial judges
chosen for their knowledge of computer-based communications and the
technical, legal, and social issues involved in networking.
There are no specific categories for the Pioneer Awards, but the following
guidelines apply:
1) The nominees must have made a substantial contribution to the
health, growth, accessibility, or freedom of computer-based
communications.
2) The contribution may be technical, social, economic or cultural.
3) Nominations may be of individuals, systems, or organizations in the
private or public sectors.
4) Nominations are open to all, and you may nominate more than one
recipient. You may nominate yourself or your organization.
5) All nominations, to be valid, must contain your reasons, however
brief, for nominating the individual or organization, along with a means
of contacting the nominee, and your own contact number. Anonymous
nominations will be allowed, but we prefer to be able to contact the
nominating parties in the event that we need more information..
6) Every person or organization, with the single exception of EFF staff
members, are eligible for Pioneer Awards.
7) Persons or representatives of organizations receiving a Pioneer
Award will be invited to attend the ceremony at the Foundation's expense.
You may nominate as many as you wish, but please use one form per
nomination. You may return the forms to us via email to
pioneer@eff.org
You may mail them to us at:
Electronic Frontier Foundation
attn: Pioneer Awards
1667 K St. NW
Suite 801
Washington, DC 20006
You may FAX them to us at:
+1 202-861-1258
Just tell us the name of the nominee, the phone number or email address at
which the nominee can be reached, and, most important, why you feel the
nominee deserves the award. You may attach supporting documentation.
Please include your own name, address, and phone number.
We're looking for the Pioneers of the Electronic Frontier that have made
and are making a difference. Thanks for helping us find them.
The Electronic Frontier Foundation
-------EFF Pioneer Awards Nomination Form------
Please return to the Electronic Frontier Foundation via email to:
pioneer@eff.org via surface mail to:
Electronic Frontier Foundation
attn: Pioneer Awards
1667 K St. NW
Suite 801
Washington, DC 20006
You may FAX them to us at:
+1 202-861-1258
Nominee:
Title:
Company/Organization:
Contact number or email address:
Reason for nomination:
Your name and contact information:
Extra documentation attached:
DEADLINE: ALL NOMINATIONS MUST BE RECEIVED BY THE ELECTRONIC FRONTIER
FOUNDATION BY MIDNIGHT, EASTERN STANDARD TIME U.S., JANUARY 20, 1995.
------------------------------
Date: Wed, 11 Jan 1995 17:46:44 CST
From: Vigdor Schreibman - FINS <fins@ACCESS.DIGEX.NET>
Subject: File 4-- Politics of telecommunications "competition"
==================================================================
FINS SPECIAL REPORT January 10, 1995
==================================================================
POLITICS OF TELECOMMUNICATIONS "COMPETITION"
Dramatic Clash Over Real Competition, and Giant Collaborators
Washington, DC--Vice President Al Gore, addressing a
Federal-State-Local Telecommunications Summit in the U.S. Capitol, Jan
9, underscored the administration's goal to seek "real competition" in
the marketplace of local telephone exchange services [Fins-II2-01].
The Regional Bell Operating Companies (RBOCs) presently enjoy monopoly
power and complete control over virtually all of the telephone traffic
in the local bottleneck, reliable industry reports disclose. Gore's
remarks were aimed squarely at the proposal made last year by Senate
Finance Chairman Bob Packwood (R-OR) and Sen. John Breaux (D.LA),
calling for complete deregulation of the telecommunications industry
by a date certain-without regard to competitive conditions--expected
to be presented again this year.
Gore stated that "the game should not begin on some arbitrary date
without rules at all on the mistaken assumption that a calendar can
replace a rulebooks." He added that "Too many people and businesses
have too much at stake to be subject to the vagaries of trying to play
now and figure out the rule later." The administration "cannot
support a proposal to fully deregulate the local telephone exchanges
upon the mere prospect that some theoretical competitor might be able
to provide some services to some hypothetical customer," Gore added.
The Vice President's remarks provided a dramatic backdrop for a
hearing on telecommunications issues held Jan 9, in the U.S. Senate by
the full Committee on Commerce, Science, and Transportation (Pressler,
R-SD, Chairman). The list of witnesses scheduled to attend the Senate
hearing included, no Democrats, but all the Republican big guns on
telecommunications matters: Senate Majority Leader Dole (R-KS), House
Speaker Gingrich (D-GA), House Commerce Chairman Bliley (R-VA), and
House Commerce Telecommunications and Finance Subcommittee Chairman
Jack Fields (R-TX).
Sen. Packwood and Sen. Breaux engaged the witnesses in a spirited
discussion concerning their proposal for setting a specific date for
local telecommunications competition to begin. "Gentlemen, let the
games begin" Sen Packwood exclaimed. Packwood said that Congress
should not try to set fair rules for competition because that would
defeat the objective of having a simple administrative process.
"There will be winners and loosers, and the government should not
decide such matters ... the marketplace should," Packwood declared.
Republican members of the Commerce Committee seemed to agree with the
Packwood formula, although Sen. Stevens (R-Alaska) and Snow (R-Maine)
appeared concerned about the potential adverse impact on rural
America. The House witnesses generally supported the idea, although
none of the members were unable to come up with a viable formula that
would assure "a level playing field" in an industry that is currently
dominated by monopolists and oligopolists.
Speaker Gingrich did not show up for the Senate hearing. However,
Gingrich has devoted considerable intellectual efforts to this subject
in the past [See e.g., The Futurist, June 1985]. Moreover, reports
circulating around the U.S. Capitol during recent weeks indicate that
Gingrich intends to play an important role in designing the future of
"the Knowledge Age." INTERACTIVE AGE, reported Dec 12, 1994 that
Speaker Newt Gingrich was "looking to a new think tank to map out a
Vision of America's high-tech future." The Progress and Freedom
Foundation, established for that purpose, has close links to Gingrich
according to IA.
Placed under retainer by The Progress and Freedom Foundation, are
well known technocrats George Gilder, Alvin Toffler, Jay Keyworth, and
Esther Dyson, who have written a plan calling for "deregulation of
every aspect of telecommunications." The vision document, which was
written by those celebrities of technology is called the "Magna Carta
for the Knowledge Age" [Fins-PaN-18]. The document was ultimately
expected to be passed on to Gingrich and his aides, as a basis for
legislative planning, according to IA.
The "Magna Carta" calls for sweeping deregulation of
telecommunications, in the name of promoting "competition," while also
calling for "much greater collaboration between the cable industry and
phone companies." What is intended is a plan to join the huge fiber
optic resources of the phone companies with the massive asset of 57
million broadband links (i.e. into homes now receiving cable-TV
service) of the cable TV companies to produce a new kind of national
network -- multimedia, interactive. The planners hope that this
network would become accessible to Americans of modest means "as costs
fall." The authors of the "Magna Carta" attempt to explain the
evident sharp contradiction in their plan, between promoting
competition through sweeping deregulation and santioning collaboration
between the two largest players, with this rationale:
... obstructing such collaboration -- in the cause of forcing a
competition between the cable and phone industries -- is socially
elitist. To the extent it prevents collaboration between the
cable industry and the phone companies, present federal policy
actually thwarts the administration's own goals of access and
empowerment.
Bell Atlantic Corp., and Telecommunications Inc., proposed last
October, a merger of phone and cable resources that could have paved
the way for such a national network. A number of lawmakers such as
Rep. Edward L. Markey (D-MA), and Sen. Howard M. Metzenbaum (D-OH),
expressed "extreme concern" over the anticompetitive nature of the
proposed Bell-TCI merger, and the plan was eventually scrapped under a
cloud of uncertainty.
George Gilder, one of the team of technocrats who wrote the "Magna
Carta" now writes about telecommunications issues for Forbes, ASAP.
In an article appearing in the June 6, 1994 issue of Forbes ASAP,
Gilder indicated a strong interest in the theory of unrestrained
*laissez-faire* capitalism, and called for a return to the ideas
advanced by the Robber Barons of the 19th century--Andrew Carnegie,
John D. Rockefeller, and J.P. Morgan--who he claimed were the
architects of America's early industrial growth. Toffler is known as
"The Buck Rogers of Blip Sociology." He was co-founder of the World
Future Society and author of the landmark work, "Future Shock" and
best seller "The Third Wave," concerned with radical changes in
civilization brought about by the evolution of technology. Keyworth,
was director of the Office of Science and Technology Policy under the
Reagan administration. Dyson, is an essayist and lecturer on computer
information, and head of Computer Industry Daily.
==================================================================
BECOME A MEMBER OF FINS--COLLABORATE IN ADVANCING THE GENIUS OF CYBERSPACE
---------------------------------------------------------------------------
NEW Personal Subscription: $2.95 a year. Receive 24 issues of your own copy
of Fins News Column, plus Special Reports and Fins Information Age Library.
---------------------------------------------------------------------------
Federal Information News Syndicate, Vigdor Schreibman, Editor &
Publisher, 18 - 9th Street NE #206, Washington, DC 20002-6042.
Copyright 1995 FINS. Internet: fins@access.digex.net. Browse Fins
Information Age Lib located at the inforM system of the University of
Maryland. With a gopher client gopher to inform.umd.edu and go to the
directory Educational_Resources/
AcademicResourcesByTopic/Computers_and_Society/Fins_Information_Age.
------------------------------
Date: Mon, 2 Jan 1995 12:24:35 -0800
From: KEY-CAPTURE@LSD.COM(Dave Del Torto)
Subject: File 5--RFC: Key Capture Utility Survey
REQUEST FOR COMMENTS ON KEY CAPTURE UTILITIES
---------------------------------------------
Key capture utilities present a serious threat to the security of
passwords on individual and networked computing systems, especially
when novice users are unaware of their presence. Well-educated users
and administrators help make all systems on and off the Internet more
reliably safe for everyone's data.
If you are a:
-- privacy, system security or cryptography advocate/activist
-- network admin concerned with the password-hygiene of your users or
-- computing professional with an appreciation of good security,
then please complete and return this quick survey. By contributing to
the knowledgebase on the subject of password protection, you can help
educate yourself and many novice/intermediate users about a common
weakness --utilities that may capture their keystrokes unseen as they
enter their *password* -- in ALL secured systems (a user's encryption
app, your network or its dial-in access, your company's email system
or database fileserver, etc.).
The intent here is to create a *central list of all key-capture
utilities* which will help people to at least be aware of their
existence or operation on a given system and describe in simple terms
how to disable the utility.
The results of the survey will be tabulated and put in the public
domain on the Internet. If your reply is included, your name will be
acknowledged in the resulting document, which will be: part of the new
"Beginner's PGP FAQ" for new users of the PGP (Pretty Good Privacy)
application; a msg posted on various Internet lists and online
services and; a text file available by anonymous FTP as:
ftp.netcom.com:/pub/dd/ddt/crypto/crypto_info/key_cap_util.txt
Please forward this survey to anyone you think can/will help - and
thanks in advance for your contribution!
_______________________________
THE KEY CAPTURE UTILITY SURVEY:
The survey is very easy to participate in. Just send as much information as
you can, even if you're only partially able to complete the form. Every
piece of information that can lead us to the utility - even just a fragment
of a name and an email address of someone who might know more about it -
will help us compile a fairly exhaustive list. To assist us in easily
tabulating the incoming mail on this topic, please send your reply to:
- - <KEY-CAPTURE@lsd.com>
- - Format your answer as follows:
******* PLEASE RETURN ONLY THIS INFORMATION *******
TO: KEY-CAPTURE@lsd.com
SUBJ: PLATFORM/Utility Name
MSG BODY:
[1] OPERATING-SYS <--- i.e. WIN/DOS/MAC/OS2/UNIX, etc.
[2] "Utility-Name" (utility-package-name, if not a stand-alone product)
[3] Developer-Name (company-individual)
[4] <developer-email-address>
[5] Type <--- i.e.: system extension, autoexec, TSR
[6] Path-to-file-location-when-loaded.
[7] How to disable the utility's key capturing operations (step-by-step if
possible). Please be brief, but aim for a novice level user. If disabling
the key capturing is too complex to describe easily, then just explain
what the user should ask a sys admin to do for them (while they watch, if
applicable).
***************************************************
(Here's an Example:)
SUBJ: MAC/Now Save
MSG BODY:
[1] MAC
[2] "Now Save" (Now Utilities v5.x), "NowSave" (Now Utilities v4.x)
[3] Now Software, Inc.
[4] <support@nowmail.nowsoft.com>
[5] System extension/Control Panel device (CDEV)
[6] [startup HD]:System Folder:Control Panels:Now Save (or :NowSave)
[7] How to Disable:
Open the "NowSave" (v4.x) or "Now Save" (v5.x) Control Panel.
v4.x: Click the "Preferences" button.
Click the "Key Capture..." button.
Click the "OFF" radio button (upper right corner of dialog).
Click the "OK" button.
v5.0: Click the "Key Capture..." button in the button-bar.
Click the "OFF" radio button (in upper right corner of dialog).
Click the "OK" button.
------------------------------
Date: Tue, 10 Jan 1995 22:36:22 -0600 (CST)
From: David Smith <bladex@BGA.COM>
Subject: File 6--(fwd) AOL announcement on crackdown on illegal activities
---------- Forwarded message ----------
====== AOL Community Update ======
1/6 Community Update
Ever since we first launched America Online we've remained committed
to fostering an electronic community that provides a fun, enjoyable
and enriching experience for all members. We've asked our members to
honor the privilege of interactivity, and we've strictly enforced our
Terms of Service to help foster the kind of community of which we can
all be proud. Recently, however, some material has been brought to
our attention by some of our members which involves illegal activity
-- the trading of images in electronic mail which appear to be child
pornography. Upon receiving the material, and verifying that it was a
violation of our Terms of Service, and in all likelihood illegal, we
immediately contacted the FBI and terminated the accounts of the
senders.
While we recognize that any community around the United States with
more than 1.5 million citizens will have its share of illegal
activity, we were nonetheless disheartened to find that some members
are abusing the communications features of AOL in this way. We simply
will not tolerate such illegal activity on America Online. To anyone
who may be using America Online for illegal purposes, be advised that
we will terminate the accounts of those participating and we will
notify the proper authorities of any illegal activity that is brought
to our attention.
Our policy is that all private communications -- including e-mail,
instant messages, and private chat rooms -- are strictly private. We
do not, will not, and legally cannot monitor any private
communications. But if we are alerted to a potential offense and we
are sent evidence, as we were recently, we will vigorously pursue the
matter. In this case, electronic mail was forwarded to our attention
by our members, and as recipients of the mail we were able to turn the
material over to the authorities.
We have over 250 people who help us provide assistance in the public
areas of the service and give guidance to members who are new or who
have questions. Of late, we've had a growing problem with
member-created rooms whose title and discussion violate our Terms of
Service. Member-created rooms have always been a unique and
much-valued aspect of America Online. Often, these rooms provide the
seeds for new special interest forums that later emerge. But as more
members abuse the privilege and establish rooms that suggest illegal
activity, or detract from the enjoyment of others with offensive
titles, we are faced with looking at a higher level of safeguards as
it relates to member-created rooms. We simply cannot keep up with the
sheer volume of rooms created, and as a result, from time to time
rooms that violate TOS remain open for some period of time. We're
looking at several alternatives to improve the situation. We don't
want to see our members denied the privilege of this fun and creative
interactive environment due to the abuses of a few, but at the same
time we do feel some action is warranted to safeguard this popular
"neighborhood" in our community.
Unfortunately, this is not the first time we have encountered this
problem, nor is it unique to AOL. In 1991, we were faced with a
similar situation. At that time, we went to our members -- as we're
doing now --advised them of the situation and asked for their help.
And recently, recognizing the potential for abuses in this emerging
medium, online service providers banded together to sponsor a "child
safety" brochure that gives parents tips and guidelines to foster a
productive and safe environment for children online. A copy of this
brochure can be found in the Parents Information Center, keyword:
Parents. We encourage parents to take the time to review it. In
addition we strongly encourage parents to monitor their children's use
of this medium, much as they would any other medium such as
television, magazines, etc. We've also implemented "parental
controls" which allow parents to restrict their children's online
access.
Each one of us needs to respect and honor the privileges of this
electronic community. If you haven't reviewed our Terms of Service,
take a few minutes now and do so. If you observe what you believe may
be illegal activity on AOL, bring it to our attention. The problem is
not widespread -- we believe only a mere fraction of this community is
involved. Let's work together to insure that America Online remains
the kind of community that you want your friends and family to enjoy.
Thanks for your continued support.
Transmitted: 95-01-06 17:07:42 EST
------------------------------
Date: Thu, 23 Oct 1994 22:51:01 CDT
From: CuD Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 7--Cu Digest Header Information (unchanged since 25 Nov 1994)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send a one-line message: SUB CUDIGEST your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
In ITALY: Bits against the Empire BBS: +39-461-980493
In LUXEMBOURG: ComNet BBS: +352-466893
UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/cud/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD
ftp://www.rcac.tdi.co.jp/pub/mirror/CuD
The most recent issues of CuD can be obtained from the NIU
Sociology gopher at:
URL: gopher://corn.cso.niu.edu:70/00/acad_dept/col_of_las/dept_soci
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #7.02
************************************