Copy Link
Add to Bookmark
Report
Computer Undergroud Digest Vol. 10 Issue 13
Computer underground Digest Sun Feb 22, 1998 Volume 10 : Issue 13
ISSN 1004-042X
Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
CONTENTS, #10.13 (Sun, Feb 22, 1998)
File 1--Bruce Sterling's Closing Sppech / CFP '98
File 2--cDc Global Domination Update #24
File 3--"Intranet Security: Stories from the Trenches", Linda McCarthy
File 4--Cu Digest Header Info (unchanged since 7 May, 1997)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Sat, 21 Feb 1998 18:27:04 -0800 (PST)
From: Jim Thomas <jthomas@well.com>
Subject: File 1--Bruce Sterling's Closing Sppech / CFP '98
CFP Closing Speech, Austin, Feb 20, 1998
Literary Freeware -- Not for Commercial Use
Hi, my name's Bruce Sterling, I'm a local writer and a CFP
veteran. I'm grateful for this chance to once again bring you
the fabulous benefits of my freelance pontifications.
When I first got involved in the computer civil liberties
scene, it was 1990. We'd just had a Secret Service raid here in
Austin that had shut down a science fiction publisher. This was
a strange and rude intrusion in my daily life, this was an advent
calculated to waken me from my dogmatic slumbers. The more I
learned about this computer crime raid, the more peculiar and
significant it seemed. I ended up writing an entire book about
it. I was hoping the book would encourage some informed debate,
and maybe the deeper political issues behind the computer
revolution could somehow all be put straight.
Now, eight years later, almost to the day, we have these
four hundred interested and relevant parties all meeting here in
Austin to get together face to face and thrash some of these
things out. And you can even earn legal credit for it. This
gives me a warm sense of closure, a very fulfilled feeling.
There's plenty of thrash at CFP. There's always a lot of
thrash. Very interesting thrash.
Not a lot of permanent legal results, though. If you glance
back over the past eight years and examine the whole enterprise
to date, what you see is very remarkable. In the world of
computers, privacy, and freedom, crises go in and out of vogue,
but they are very rarely settled in any permanent legislative
way. The only real permanence is the thrash itself. I'd go so
far as to call this a new status quo. Permanent technological
revolution. Permanent thrash.
I was very intrigued by the remarkable presentation of our
first keynote speaker, Mr. Kahin. It was a very congenial and
gentle speech: "modest" was a word he used a lot. I don't think
I've ever, ever heard an Administration science and technology
expert describe the aims of American government as "modest."
This was a remarkable confession this gentleman was making. In
so many words, he said that policy development is cyberspace is
just plain too hard to do. There are too many competing values
to achieve a workable political balance. The Administration is
simply too overwhelmed by all this random electronic thrashing,
all this buzzing and bleeping. So they'll simply modestly step
back and let the mighty forces of technology and private
enterprise thrash the situation out on their own. And maybe
twenty years from now, when things calm down and get safer for
elected American politicians, we may see some actual laws
passed.
Well, of course this statement is very good news for the
techno-libertarian post-industrial contingent. Really, there
ought to be corks popping in the offices of WIRED magazine over
this keynote speech. The Bay Area WIRED folks are very into all
this: emergence, and market power, and bottom-up
entrepreneurism, and the sublime beauty of nonlinear network
economics that are profoundly Out of Control. And let's face
it, after that stinking Decency Act debacle, a hands-off policy
smells terrific.
I think you can make some good arguments that there are
aspects of reality that governments should be very modest about.
Our keynote speaker pointed out that the real nodes in the World
Wide Web are words. Hotlinked key words. So this isn't merely
chips and wires that we are talking about. This is language.
When government tries to regulate and police the structure of
language, this is generally considered to be double-plus ungood.
There's a long tradition of restraint and modesty here. The
First Amendment may be a local ordinance, but it's clearly served
us rather well, and the First Amendment says, "make no law." Be
modest. Make no law.
But point of view is worth eighty IQ points. From another
point of view, to say that American government should be modest
in a flagship technology is a very weird thing to say. I have
never before heard a federal official confess that some aspect of
industrial development is simply beyond the mental grasp of
government. That it just plain moves too fast to figure out, so
we might as well throw up our hands and step back out of its way.
This is a radical admission to make. It's very out of the
ordinary. Rocket scientists are said to be pretty smart people,
but that didn't lead the federal government to declare that NASA
is impossible to manage politically, so that rockets should be
best left to Westinghouse and General Dynamics. I don't think
there are many Congressmen who fully grasp quantum
chromodynamics, either. But you would never see the
Administration say that quarks are too complex for government,
and that relativity and subatomic physics should be left to the
greater wisdom of the private sector.
But that's the Internet policy. No actual government.
Some form of emergent self-regulating governance. To me, that
was the core message of CFP 98. They really are just plain
giving up. That was the mellow, birdlike sound of the twilight
of sovereignty. The era of big government is over; the era of
puzzled, shrunken, benignly indifferent government is at hand.
It's the giant sucking sound of abdicated responsibility.
So what fills the power vacuum? I would argue that it is already
being filled by a different and more modern political
arrangement: not bureaucracy, but ad-hocracy.
I believe that the best known ad-hocracy, the classic
version, and certainly the one that gets the most admiring press,
is the internet engineering task force. These guys get plenty of
ink for their wonderful, cooperative, networking,
non-governmental, emergent, non-hierarchical way of organizing
their enterprise. They're a role model, a paradigm even. And
that management model seems to work pretty well on the Internet.
What do ad-hocracies look like in other contexts? Say, a
business context. I would argue that Silicon Valley is a giant
ad-hocracy. You see a particularly virulent aspect of this, in
weird, market-bubble, casino-economy, Silicon Valley IPOs.
Esther Dyson wrote a quite good article about this in the New
York Times recently, in which she pointed out that many Silicon
Valley companies are basically digital paper-tigers. They don't
actually develop and sell products. Not even software, not even
ones and zeros. They simply pitch high-concepts, sell stock in
the vaporware, cash out for the venture capitalists behind the
curtain, and then they are acquired by larger firms. If you
look for an actual industrial enterprise, something with
deliverables and a cash flow, there's simply no there there.
Hollywood film production companies are long-established
ad-hocracies. Show business has always been good at this. The
entertainment industry. The military-entertainment complex.
You're pitchforking a bunch of freelancers together, exposing
some film, using the movie as the billboard to sell the ancillary
rights, and after the thing gets slotted to video, everybody just
vanishes.
But in the political realm, I would argue that America's
most famous and powerful ad-hocracy is that nebulous entity that
our First Lady refers to as "the massive right-wing conspiracy."
And here we find our flagship industry giving an odd little
lurch. That's the grating sound of a postindustrial iceberg
hitting us below the waterline. It's not pleasant to have the
established order seriously menaced and frightened by their
sense of a covert conspiracy.
I don't believe in conspiracy in the grand Joseph McCarthy
paranoiac tradition, but I do believe in a real and powerful
right-wing ad-hocracy of Clinton's political enemies. I think
it's self-evident, it doesn't challenge my credulity. I think
these right-wing activist people are basically very much like
CFP. They're all on each other's Rolodexes, they're all on each
other's mailing lists, they all know each others' funding
agencies, think tanks and industrial backers. And when
anything, no matter how far-fetched or bizarre, comes up that
might conceivably harm the President, that information is
disseminated around the country and around the world at lightning
speed. It's data-mined, and catalogued, and embroidered, and
re-cycled, and re-circulated endlessly, and spun and spun and
spun.
The "massive right-wing conspiracy" is what our friends at
the infowar contingent at RAND corporation like to call a
"segmented, polycephalous influence network." It's a loosely
linked, leaderless enterprise which is constructed rather like an
art movement, or a literary movement. It doesn't have elections,
laws, bylaws, a code of ethics, a code of morals, or any kind of
brakes. It can't be defeated militarily any more than Russians
could defeat Afghan guerrillas or Americans defeat the Viet Cong.
And this isn't merely a theoretical exercise. The thing is as
real as dirt. It has real power.
You don't have to stretch too far to perceive this as a
menace to democracy. It's certainly a real and visible menace to
the established order, because it can throw sand in the works at
any of a hundred different points, and there's no headquarters
where the established order can hit back. When the established
order hits back, it hits back with another, rival ad-hocracy.
You may have seen James Carville -- a very interesting and
significant postmodern figure -- appearing on television to
publicly declare war on the Ken Starr investigation. I noticed
some pundits scoffing at this declaration -- "Carville thinks
he's in the bunker! Carville thinks he's an army! The Cajun's
off his rocker!" This scoffing has a very hollow sound to me.
It reminds me of Stalin asking how many divisions the Pope has.
The Pope doesn't use divisions, Comrade Stalin. But the Pope
knows the ground in Poland, and he can put a stake through your
undead heart with no problem.
James Carville has never been elected to any office. As far
as I can see, James Carville has no legitimate or constitutional
role in our society whatsoever. All James Carville possesses is
a deep knowledge of the media, a gift for spin, a big Rolodex,
and a lot of people who owe him favors. Oh, and a law degree,
too, somewhere at the bottom of the list. But when the Clinton
Administration goes to the mattresses, this guy is the *first*
guy they call.
You're not going to see James Carville declaring large areas
of American reality off limits because they are beyond his mental
grasp. You're not going to see James Carville declaring that he
ought to be modest, and let the info-pundits and the venture
capitalists decide what to do with digital media. The guy will
do with digital media what he does with *all* media, bend it to
his own uses.
This is what ad-hocratic political power looks like in a
heavily mediated and thoroughly networked society. I don't know
what you call that form of power, but it sure doesn't look like
anything I recognize from a high-school civics text.
And it's not unique to the United States. Prime Minister
Blair has proved that it works great in Britain. If you want to
see how it develops in another social context -- a deeply
non-American context -- take a good look at postmodern Russia.
Yeltsin's campaign manager is a man named Anatoly Chubais, the
Carville of Russia. This man is basically running the entire
Russian government off of his laptop.
I happen to have a very warm and kindly feeling about
literary movements. I'd hate for the government to think that my
cyberpunk literary ad-hocracy was some kind of organized menace
against civil order, and that we should all be grilled in
Congress by an unAmerican activities committee. It might be kind
of an honor -- for a Texan writer it would be quite an honorable
thing to walk down the trail of tears with John Henry Faulk and
J. Frank Dobie -- but I don't think this would be a political
plus for the American Republic.
But I think it can be demonstrated that ad-hocracy can be a
living menace to civil order. Let's take the Lewinsky
wiretapping business. For eight years I've been to CFP, and for
eight years I've heard the law and order contingent tell us that
wiretapping is the only sure weapon against mafias, dope runners,
terrorists and child pornographers. I don't remember
Presidential sex partners being on that list, but it's getting
pretty clear to rest of us that they are way, way up there as
targets of opportunity.
Here we've got a wiretapping development that may bring down
an Administration, annul two elections, and plunge our country
into years of debilitating public shame and trauma. You know, if
terrorists or dope dealers did us a grievous harm like that, we'd
pursue those evil sons of bitches to the ends of the earth. But
instead it's our Justice Department, in league with a networked
rabble of oppo research freaks with a sick need to monitor and
surveill people's sex lives.
Hey, thanks a lot, Mr. Law-and-Order Body-Wire. I'm sure my
two innocent daughters will sleep a lot safer in their beds after
you've ritually sacrificed the nation's chief executive in a
neurotic orgy of national sex panic. After this gratifying
experience, I'm anxious to see your wiretapping powers expanded
radically, so that more American women, and their mothers, can be
turned into felons for lying about their sex lives. You guys
need more plug-in jacks and headphones, it's important for our
nation's safety and stability. So after you clean that prurient
filth off your tape heads, tell me just one more time why you're
so eager to have Digital Telephony.
It's very much a pattern. National moral sex panics have
definite political advantages. Ad-hocracies specialize in this
sort of agitation. The Christian right specializes in provoking
reflexive loathing for homosexuality. For years we've seen law
enforcement trumpet the terrifying menace of child pornography on
computer networks. If a rightist adhocracy can checkmate the
king through a mini-Profumo scandal, it's going to be open season
on politician's sex lives for as far as the eye can see.
What is all this about, what's the commonality here?
It's a profoundly undemocratic process of shutting down informed
debate by cynically exploiting sexual hot-button issues. We're
supposed to be so panicked and stampeded by the specter of
kidporn that we somehow miss the fact that the FBI is installing
a Walkman jack in our phones. You see, it's just plain too
complicated and technical for us to make up our minds about! So
let's just panic! At least we can provoke some vigorous action
that way.
There's a flipside to the government's public abdication of
competence to regulate and judge. It's the unspeakable,
invisible, national-security underworld. Wired Power without the
inconvenience of democracy. The taps, the tapes, the dossiers,
ECHELON, the secret war against crypto -- none of this is
remotely democratic. This is a frozen Cold War underworld
accountable to none. If we can't regulate ourselves in an open,
above-board fashion, spooks traditionally expand to fill the
power vacuum. I would argue that in a true information society,
private spookdom is bound to flourish. We all take on a mild
flavor of spy. The walls between spy, journalist, pundit,
spin-doctor, guru, opinion leader, and political operative
become ever more vaporous. Don't believe me? Look around
yourself.
The day may come when powerful ad-hocracies abandon the
pretence of legality, and simply crush public figures to death
with the raw pressure of surveillance. In much the same way that
Princess Di and her scandalous boy-toy were bloodily crushed to
death by the sheer pressure of tabloid harassment.
Or it may be that ad-hocracies will display some real
benefits for real-world public order. We might see ad-hocracies
for sewage lines, or ad-hocracies for railroads and highways and
electrical power. People have been talking electronic democracy
for quite a while now. It looks good on paper, or maybe it would
be more accurate to say that it looks good glowing on a screen.
But where's the demo? I've yet to see even the smallest
American town, or the smallest unit of actual functional
government, becoming fully electronic. Virtual communities --
they don't seem to be living up to their hype. They seem to
work just about as well as other traditional American intentional
communities. Pilgrim pioneers, hippie communes, Amish
barn-raisings... these things are hard work. Most Americans
prefer TVs to quilting bees. Most Americans want to kick back in
the suburbs and have entertainment piped in.
And virtual communities have never worked out their bad
apple problem, their free rider problem. Spam has damaged USENET
in ways that malicious hackers could only dream about. Network
ad-hocracies are very good at forming a hostile overlay over the
deeper infrastructure. They don't seem to be much good at all at
forming structures themselves. Because ladies and gentlemen,
real political structures have *structure!* They have laws,
regulations, rights, grants of citizenship, constitutions, true
faith and allegiance. It's hard to fake all those things with a
Rolodex, an email list, and a starry-eyed sense of
techno-optimistic benevolence.
You know, the computer revolution really loves itself. It's
all about publicity really, it's about moving data fast and
cheap, so maybe it's only natural that it gets entranced by its
own hype. But you know, this isn't the last technological
revolution that you and I are going to witness. When I turn my
eyes to the future, I really have to wonder what kind of
precedent we're setting here. What kind of precedent are we
bequeathing to the organizers and attendees of "Biotech Freedom
and Privacy?"
Because you can smell that one on the wind. You got the
medical priesthood under seige by eager entrepreneurs, tremendous
market demand, bathtub genetic sequencers, cheaper and cheaper
equipment, cloned sheep on the front page, activists like
Kevorkian and Richard Seed all ready to jump out of their
basements and carry out a propaganda of the deed.... And we
already know what outlaw pharmaceuticals look like. These cats
aren't like computer outlaws, guys who are nine-tenths teenage
ideologue. These dope people have revenue streams bigger than
countries and they play for keeps.
I would also point out that this very week the FBI did us
the favor of busting a couple of biowar militia freaks. There's
often some kind of loudly trumpeted FBI action during Computers
Freedom and Privacy. Usually it's a computer bust. This time
it's anthrax. You can take that little chunk of data and make
of it what you may.
But maybe the next techno-revolution won't play out like
this one. It may be that there is something unique and special
about the world of computation. We can't seem to build permanent
structures; so maybe we're not a permanent problem. Come the
year 2000, we may well find that some large percentage of the
planet's installed computers simply cease to work.
Computation may be America's flagship industry, but when you
see how people live in computation, they're not like the settled
aristocrats on the first class deck of the Titanic. They're a
lot like the post-iceberg Titanic. They have a raft called the
IBM mainframe, and then another raft called Apple II, and then a
raft called Macintosh, and then they make a frantic leap sideways
to Windows 95, dropping heaven only knows how much precious data
in the transfer. And those who somehow fall overboard, end up
stiff and pale and bobbing in the chill dark waters of technical
obsolescence. Maybe that's what we have to offer to the future
here at CFP. Pundits destined to sink without a trace, our
solemn pontie all take on a mild flavor of spy. The walls
between spy, journalist, pundit, spin-doctor, guru, opinion
leader, and political operative become ever more vaporous.
Don't believe me? Look around yourself.
The day may come when powerful ad-hocracies abandon the
pretence of legality, and simply crush public figures to death
with the raw pressure of surveillance. In much the same way that
Princess Di and her scandalous boy-toy were bloodily crushed to
death by the sheer pressure of tabloid harassment.
Or it may be that ad-hocracies will display some real
benefits for real-world public order. We might see ad-hocracies
for sewage lines, or ad-hocracies for railroads and highways and
electrical power. People have been talking electronic democracy
for quite a while now. It looks good on paper, or maybe it would
be more accurate to say that it looks good glowing on a screen.
But where's the demo? I've yet to see even the smallest
American town, or the smallest unit of actual functional
government, becoming fully electronic. Virtual communities --
they don't seem to be living up to their hype. They seem to
work just about as well as other traditional American intentional
communities. Pilgrim pioneers, hippie communes, Amish
barn-raisings... these things are hard work. Most Americans
prefer TVs to quilting bees. Most Americans want to kick back in
the suburbs and have entertainment piped in.
And virtual communities have never worked out their bad
apple problem, their free rider problem. Spam has damaged USENET
in ways that malicious hackers could only dream about. Network
ad-hocracies are very good at forming a hostile overlay over the
deeper infrastructure. They don't seem to be much good at all at
forming structures themselves. Because ladies and gentlemen,
real political structures have *structure!* They have laws,
regulations, rights, grants of citizenship, constitutions, true
faith and allegiance. It's hard to fake all those things with a
Rolodex, an email list, and a starry-eyed sense of
techno-optimistic benevolence.
You know, the computer revolution really loves itself. It's
all about publicity really, it's about moving data fast and
cheap, so maybe it's only natural that it gets entranced by its
own hype. But you know, this isn't the last technological
revolution that you and I are going to witness. When I turn my
eyes to the future, I really have to wonder what kind of
precedent we're setting here. What kind of precedent are we
bequeathing to the organizers and attendees of "Biotech Freedom
and Privacy?"
Because you can smell that one on the wind. You got the
medical priesthood under seige by eager entrepreneurs, tremendous
market demand, bathtub genetic sequencers, cheaper and cheaper
equipment, cloned sheep on the front page, activists like
Kevorkian and Richard Seed all ready to jump out of their
basements and carry out a propaganda of the deed.... And we
already know what outlaw pharmaceuticals look like. These cats
aren't like computer outlaws, guys who are nine-tenths teenage
ideologue. These dope people have revenue streams bigger than
countries and they play for keeps.
I would also point out that this very week the FBI did us
the favor of busting a couple of biowar militia freaks. There's
often some kind of loudly trumpeted FBI action during Computers
Freedom and Privacy. Usually it's a computer bust. This time
it's anthrax. You can take that little chunk of data and make
of it what you may.
But maybe the next techno-revolution won't play out like
this one. It may be that there is something unique and special
about the world of computation. We can't seem to build permanent
structures; so maybe we're not a permanent problem. Come the
year 2000, we may well find that some large percentage of the
planet's installed computers simply cease to work.
Computation may be America's flagship industry, but when you
see how people live in computation, they're not like the settled
aristocrats on the first class deck of the Titanic. They're a
lot like the post-iceberg Titanic. They have a raft called the
IBM mainframe, and then another raft called Apple II, and then a
raft called Macintosh, and then they make a frantic leap sideways
to Windows 95, dropping heaven only knows how much precious data
in the transfer. And those who somehow fall overboard, end up
stiff and pale and bobbing in the chill dark waters of technical
obsolescence. Maybe that's what we have to offer to the future
here at CFP. Pundits destined to sink without a trace, our
solemn pontifications reduced to the weightless state of so much
long-forgotten newsgroup chatter. No monument, just the churn.
Floppies change shape and won't fit the new machines, CD-ROMs
flake apart and delaminate. And government was wisest just to
step back and let us be. We're glad they didn't have to warp the
Constitution to fit our peculiar needs, because when it was all
summed up in retrospect, we were gone like the 17-year cicada.
But you know -- I can live with that. I prefer evanescence
to catastrophe. When I think about all the scaremongering, and
alarm stories, and gloomy predictions about computer crime that
I've had to absorb over the past eight years, I feel very proud
of the American republic. I think we've done an incredible job
of assimilating this technology. When I went to CFP One, that
event was a total freak scene. There were convicted criminals
and their arresting officers buying each other drinks in the bar.
In newpaper stories of 1990 you had to define the word "modem."
But here we are eight years later and websurfing is a genuinely
popular enterprise, it's like Monday Night Football or country
line-dancing.
I can live with hype, as long as we have a chance to keep
making new mistakes. Sure, we've got ad-hocracies scurrying
around in the woodwork destabilizing the American democratic
process, but let's get real. This is America we're talking
about. It's seen hard times and hard, hard tests. Slavery,
civil war. Machine politics, the Tweed Ring, Tammany Hall,
Chicago in the 20s. Jim Crow. Watergate. Texas state
politics. Louisiana politics, for heaven's sake. The railroads,
the steel mills, the robber barons. The military industrial
complex. We survived all that. We look good now. We have
resilience. We toughed it out. We have hope as a culture, we're
not afraid to reinvent ourselves. We make ludicrous spectacles
of ourselves that cause civilized people to wonder if we've lost
our minds, but there's nothing new about that. It's what
Americans always do.
Let's look at the general situation here, the big picture.
Stock market at an all time high. Balanced federal budget,
practically kind of. We even have patches of deflation.
Deflation! I'm a middle-aged man and I never in my life saw
deflation, I thought it was a mythical beast. And there's jobs,
even! They may be burn-out jobs in the high-end sector, with
burger-flipping service jobs at the low end, but hey, at least
there's work around. The computer industry is a very strange
flagship industry to have, but Dell is headquartered in Austin,
and Dell just set a bunch of new sales records. It's an
industry! The Texas oil industry smells really bad. The Texas
cattle industry has screwflies, brucellosis and droughts. I'm
down with this Texas chip and computer thing. It's working out
down here.
In fact, I really suspect that this historical moment may be
a little Golden Age for our community. Compared to what else has
been going on, and compared to what else may be coming, this
seems like a little Belle Epoque. We're no longer so eccentric
that we seem freakish, and yet we have not yet settled down quite
so much that we've become wallpaper. The electronic frontier is
no longer a howling wilderness, and it hasn't yet matured into a
decaying rust-belt slum. We've really got it good!
When it's all said and done, my primary concern in the year
1998 is that we ought to be enjoying this more. I think the
computer community just plain works too hard. We're all wrapped
up in the eighty-hour weeks, and the piles of mounting email, and
the constantly bleeping cellphones. We need to learn to kick
back. We need to live less like galley slaves and more like
human beings. We may never have it this good again.
That's why I've made it my personal goal at this CFP to try
and buy everybody a beer. The con's over now, our beloved CFP
ad-hocracy is shutting down for another twelve months. There's
one important thing about ad-hocracies, a charming quality they
have. If you just get them outside of the video surveillance,
and away from their podiums and microphones, and add a little
social lubricant in the form of a couple of beers, they
spontaneously disintegrate into parties. And I don't mean grim,
committed, political parties. I mean good old-fashioned
yahoo-style parties.
When you come right down to it, virtual communities are a
pretty thin and cerebral parody of actual communities. But I can
slap a patch on that problem right now. You're in my home town.
This is Austin. Slackerville. Berkeley on the Colorado. Come
on out of the public spotlight, let's mosey on over to my house
and let our hair down. It's not a black-tie do, it's very laid
back and Texan. You're gonna have to twist off your own beer
caps and nibble your own chips and sandwiches, but at least you
can wear whatever the hell you want. Expectations are low, and
the entry barriers are nonexistent. Nancy and I will be glad to
have you. Let's get actually communal, let's have a little
life-affirming celebration. Let's tie one on.
So I dunno about you, but I'm outta here. Last guy out of
the building has to log off and shut down!
------------------------------
Date: Fri, 20 Feb 1998 22:33:13 -0800 (PST)
From: editor@CULTDEADCOW.COM
Subject: File 2--cDc Global Domination Update #24
FOR IMMEDIATE RELEASE GLOBAL DOMINATION UPDATE
_______________ http://www.cultdeadcow.com/cDc_files/ ____________________
_ _
((___))
[ x x ] cDc Communications
\ / Global Domination Update #24
(' ') February 15th, 1998
(U)
Est. 1984
- * -
Busy, busy, busy. The file-packs took a back-seat for a bit during the
holiday season and the mad dash to an undisclosed location in the French
Quarter for HoHoCon '97! Unfortunately, this time it was invite-only.
Thanks to everyone who attended for making it the best HoHoCon yet!
Here's a coupla files. Practice your phonics.
________________________________/text files\________________________________
346:"The Man With The Creosote Grin" by Oxblood Ruffin.
347:"SPANK MY MONKEY" by Lady Carolin.
348:"When Cults Collide" by The Nightstalker.
349:"High School Reunion: The Nardcore Adventures of Reid Fleming"
by Reid Fleming.
350:"Where Have My Heroes Gone?" by KSM.
File submissions: editor@cultdeadcow.com
- * -
Thanks to the following items of influence this time around:
WAREZ: dFx's STICKFIGHTER XXIX
PRINT: _Apocalypse WOW_ by James Finn Garner
MUSIC: Weasel MX
RERUNS: Hogan's Heroes and The Six Million Dollar Man
BEVERAGES: Coca Cola straight-up.
_______________________________/ - x X x - \________________________________
Fools better recognize: CULT OF THE DEAD COW is a gift to the women of
this world and the trademark of cDc communications. Established in 1984,
the cDc is the largest and oldest krewe in telecom, inventor of the e-zine
and stool loosener to sysadmins everywhere. Each and every issue is
produced on an Apple II for genuine effect. Yo, bee-atch! Find the flavor
at these fine locations:
World Wide Web: http://www.cultdeadcow.com
http://www.L0pht.com/cdc.html
FTP/Gopher: ftp://ftp.cultdeadcow.com/cDc
Usenet: alt.fan.cult-dead-cow
BBS: 806/794-4362 Entry:KILL
Any questions, jackass?
Grandmaster Ratte'
cDc/Phat Daddy & Pontiff
Email: gratte@cultdeadcow.com
Postal: POB 53011, Lubbock, TX, 79453, USA
"cDc. Hyperbole is our business."
_____________________________________________________________________________
Copyright(c)1998 Oxblood Ruffin, Straight Buttah & cDc communications
------------------------------
Date: Mon, 16 Feb 1998 08:39:27 -0800
From: "Rob Slade" <rslade@sprint.ca>
Subject: File 3--"Intranet Security: Stories from the Trenches", Linda McCarthy
BKINTRSC.RVW 971122
"Intranet Security: Stories from the Trenches", Linda McCarthy, 1998,
0-13-894759-7, U$29.95/C$41.95
%A Linda McCarthy
%C One Lake St., Upper Saddle River, NJ 07458
%D 1998
%G 0-13-894759-7
%I Prentice Hall
%O U$29.95/C$41.95 800-576-3800 201-236-7139 fax: +1-201-236-7131
%O betsy_carey@prenhall.com
%P 260 p.
%T "Intranet Security: Stories from the Trenches"
Data security is more than somewhat akin to the weather. Many people
talk a good line about how important it is to their company, but few
invest the time, money, vigour, and rigour to make it really
effective. There are some very good, practical, computer security
books on the market. Leaving aside the really bad ones, though, there
are also a great number of works that take a rather pompous academic
approach to the concepts only, leaving the actual details of real
dangers and protection as an exercise to the reader.
McCarthy takes a different tack. Each chapter in this book is an
authentic case study, with the names changed to protect the
unfortunate. While this means that the text can't be easily used as a
reference, with quick indexing of specific tasks, the content is
firmly based in the real world, and informed with the author's
insights into how people actually do react in an emergency. Techies
may be unhappy with the lack of technical details in the inquiries.
Too bad. Security is much more of a management issue than a technical
one, and the stories show that clearly. The result is, therefore,
much closer to "Digital Woes" (cf. BKDGTLWO.RVW) or "Computer-Related
Risks" (cf. BKCMRLRS.RVW) than, say, "Practical UNIX and Internet
Security" (cf. BKPRUISC.RVW).
The book is also very readable. The chapters follow a format that
includes a fictional worst case scenario, then presents the incident
itself, gives a summary of the problems that led to the predicament,
and finally suggestions for avoiding the trouble. The text is almost
light, and loaded with personal entries both as observations of
company situations and lively trivia. (I, too, have a sister much
younger than I am.)
Each investigation is chosen with a view to emphasizing a particular
security problem or issue. Chapter one shows that without an incident
response procedure, and exception report communications, even
detection of attacks can fail to protect the enterprise. The danger
of shrink-wrapped, out-of-the-box solutions is demonstrated in chapter
two. As I noted at the beginning, data security gets a lot of lip
service, particularly from management. Chapter three reveals the
wrong way for executives to promote security--and also tells you how
to do it right. Security requires a cooperative effort, as chapter
four points out, and failure to specify areas of responsibility can
result in loopholes and vulnerabilities. Chapter five looks at
another area that gets more speeches than spending--training. Risk
assessment, and the risk of not assessing risks, is the theme of
chapter six. Where chapter four looks at the negligence in
determining roles with respect to security, chapter seven finds that
drawing the lines too finely can also result in gaps in coverage and
protection. Over the years I have railed against antivirus procedures
that are not effective because they are too draconian for people to
actually use if they want to get work done. Chapter eight discloses
the problem with unrealistic policies in any field of security. As
chapters four and seven point out the potential difficulties where
individual partners each leave security to the other, so chapter nine
demonstrates the same problem between companies doing business
together. Chapter ten points out the importance of encryption--the
backbone of all data security--in every area of corporate activity.
Finally, the techies can be happy with chapter eleven. It gives a
detailed log of a system penetration. I will forgive McCarthy her use
of the term "hacker" (she does mention the hacker/cracker controversy)
for someone bent on security breaking, since she so forcefully derides
the image of the invader as an "evil genius."
An appendix provides contact information for tools, products, incident
response teams, and security organizations. I was rather disappointed
to find that Internet references for a number of the tools do not
specify full location information, that relatively few security
organizations are listed, that the antiviral systems mentioned are not
of the top rank, and, most important of all, none of the international
emergency response teams are from Canada.
This book belongs on every security and management bookshelf. For the
non-specialist manager, it provides enough background to prompt the
right questions and concerns. For the head down data security
specialist ... when was it you needed to make that pitch to the
executive committee?
copyright Robert M. Slade, 1997 BKINTRSC.RVW 971122
======================
rslade@vcn.bc.ca rslade@sprint.ca slade@freenet.victoria.bc.ca
BCVAXLUG Admin Chair http://peavine.com/bcvaxlug/
DECUS Canada Communications, Desktop, Education and Security groups
------------------------------
Date: Thu, 7 May 1997 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 4--Cu Digest Header Info (unchanged since 7 May, 1997)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send post with this in the "Subject:: line:
SUBSCRIBE CU-DIGEST
Send the message to: cu-digest-request@weber.ucsd.edu
DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
In ITALY: ZERO! BBS: +39-11-6507540
UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
Web-accessible from: http://www.etext.org/CuD/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #10.13
************************************