ONE - EIGHT - TWO : Issue 2
SECTION 182 PRESENTS
%^%^%^%^%^%^%^%^%^%^%^%^%^%^%^%
| |
| ONE EIGHT TWO |
| Volume 1, Issue 2 |
| |
%^%^%^%^%^%^%^%^%^%^%^%^%^%^%^%
Editor In Chief : Doktor Avalanche
ONE EIGHT TWO magazine is a quasi-monthly publication that focuses in on computers, the CU, and other relevant news. All articles, mail, and the like are to be sent to the editor via the Internet to wil@fiver.UUCP.
FROM THE EDITOR
Due to hectic schedules on both sides, ONE EIGHT TWO is unable to bring you the interview with John Draper. I apologize to those of you who were waiting for it.
We will carry the interview in a later issue, so keep smiling and keep your back to the wall.
FROM THE FRINGE
This month, ONE EIGHT TWO has dug up a whole slew of news, news from the Electronic Frontier Foundation, and the assorted bits and blurbs.
FROM THE ELECTRONIC FRONTIER FOUNDATION
Reprinted from EFFECTOR ONLINE
EFF SEEKS AMICUS STATUS IN TWO KEY COMPUTER CRIME CASES
The Electronic Frontier Foundation has sought to intervene as an amicus curiae in two important computer-crime cases.
In the case of United States vs. Robert Riggs, we have joined an appeal of part of the sentence imposed upon Riggs, who was a member of the so-called "Legion of Doom" and, at one time, a co-defendant of Craig Neidorf. We have gone on record as opposing the sentencing restriction on Riggs' private computer user and ownership after Riggs is released from prison.
We believe that the judges decision to forbid Riggs to own or privately use a computer during the supervisory period following his release is a restriction on his First Amendment rights beyond what is allowed by the federal sentencing statute. In addition, we believe such restrictions tend to promote the notion that computers are inherently dangerous instrumentalities, the access to which falls properly within the scope of governmental action. We hope here to lessen the momentum behind these restrictions, which prosecutors have been seeking in cases all across the country.
We are also seeking amicus curiae status in United States vs. Robert Morris. Morris, who was prosecuted under the Computer Fraud and Abuse statute was the author of the Internet Worm which accidentally shut down large portions of the Internet in 1988. Morris is seeking Supreme Court review of his case, and we are about to file an amicus curiae petition urging the Supreme Court to hear the case.
Our goal is not to defend or justify Morris's actions, but to establish that the law used to prosecute him was interpreted too broadly. As it now stands, the law would make no distinctions between someone like Morris, whose out of control program accidentally caused damage to remote computer use, and a computer terrorist who set out intentionally to cause damage on remote computers.
THE ORIGIN OF THE EFF AND THE CRACKING OF COMPUTER SYSTEMS
There is a persistent view in some quarters that the EFF exists solely as an institution to defend crackers of computer systems. This is an understandable perception but it is false.
The Electronic Frontier Foundation has never condoned the unauthorized entry into computer systems for any reason. There is absolutely no question that uninvited computer intrusions represent a major problem on the electronic frontier, and one that we, and thousands of others, struggle with on a daily basis.
In like manner, the EFF does not condone the use of governmental powers to seek out and punish legitimate users of computer systems. We have opposed this since our inception and will continue to do so to the limit of our ability and resources.
Throughout 1990, law enforcement activities which were ostensibly aimed at "cracking down on crackers" were, in fact, seizing the computer systems of innocent parties like Steve Jackson, and shutting down bulletin boards used by hundreds of utterly innocent people. Whether through ignorance or malice, these actions were depriving many of their legitimate rights under the constitution, chilling the free expression and growth of the Net.
The EFF was formed in response to these injustices. Our mission was to protect constitutional guarantees of free speech and freedom from unreasonable search and seizure. This remains the core of our mission today. We believe that these fundamental civil liberties must apply to all users of computer networks. A threat to the rights of anyone is a threat to the rights of all. Experience has taught us that these freedoms must be fought for if they are to be given a firm foundation in the online world. Constitutional guarantees, as we have seen by such actions as Operation Sun Devil, are not the default state online, but must be "designed: in from the start. To do nothing risks setting a series of precedents which will be difficult if not impossible to reverse at some time in the future.
These beliefs struck a chord with many users of computer networks who understood the importance of an open, public process by which this society sorts out the laws and customs which will apply to the online domain.
Today the EFF has evolved to become an advocacy organization, with broad concerns in the area of information technology policy, including. but not limited to civil liberties, which represent the interests of it's members and serve as a bridge between "Cyberspace" and other exotic locales, like Washington D.C.
AMERITECH ANNOUNCES NEW AUTOMATIONS FOR CEL-PHONES
Reprinted from comp.dcom.telecom
by Patrick Townson
Ameritech Mobile, the "B" cellular carrier here in the Chicago area has announced that effective July 12, 1991, 'Follow Me Roaming' will be completely automatic in the Chicago, Milwaukee and Madison, WI service areas.
Chicago cell phone users roaming north into Madison or Milwaukee, WI will no longer need to use the *18/*19 to turn on/off the 'follow me' feature, and likewise, cel users from those cities north of us will no longer need to specifically activate 'follow me' when traveling in the Chicago service area.
The Chicago CSA extends from the Wisconsin state line on the north; Fox Lake and Antioch, IL in the northwest; Aurora in the west; Morris and Joliet, IL to the southwest; Beecher, IL in the south; and almost to Michigan City, IN in the east.
The addition of the Milwaukee and Madison CSA's will give us another 100 miles to the north of automatic coverage.
According to Ameritech's announcement, within this new expanded area (in either direction of travel) calls will automatically be forwarded by the long distance carrier of your choice, just as outgoing long distance calls from our cell phones are now handled. That is, Ameritech in Chicago will (on discovering you are in Milwaukee) hand the call off to AT&T, Sprint, or MCI(your choice). The long distance carrier will give the call back to Ameritech in Milwaukee for handling.
We will have to pay the long distance charge while roaming just as we do now, but the *18/*19 part will be automatic. Ameritech said they hope to expand 'automatic follow me' to all the cities they serve over the next several months, which include many places in Ohio and Indiana.
Under 'automatic follow me', call forwarding on busy/no answer to voice mail will still operate correctly. If you are located in Milwaukee, for example and your line is busy or does not answer after three rings, the call will be transferred to voice mail as before.
'Regular' follow me service overrides transfer to voice mail, and users will still have the option of using the *18/*19 if desired in order to force calls away from voice mail (and be given a busy signal or no answer) if that is desired.
Ameritech answered objections from people who do NOT want to pay long distance charges incurred under the 'automatic follow me' by setting things up so customer service can 'toggle a bit on your account' and not provide the automatic service.
Of course, you may have to pay the $4.95 per month they charge for 'follow me' service to begin with, or you won't get this new feature. And when traveling outside the Ameritech service area, you'll still have to use the *18/*19 as always.
GEORGIA PASSES COMPUTER CRIME ACT
Reprinted from Information Weekly, 8 July 1991, Page 6
Taken from Risks Forum
A Computer Systems Protection Act when into effect last week in Georgia. The Act provides the same punishment for computer thievery as for other types of theft crimes. The bill calls for prison terms up to 15 years for "computer-assisted theft, trespass, invasion of privacy, and forgery". Under the Act, stealing someone's computer password in Georgia can get you a $5000 fine or one year behind bars.
[Ed. Note: Guess the incident with Bell South rattled someone's cage..]
JUST BECAUSE YOU'RE PARANOID
Opinion: "Hackers: 'Clamp Down Now'
Taken from THE AUSTRALIAN, 2 July 1991, p.34
Reprinted on comp.org.eff.talk by Felicity Jones
story by Tom Forester
[Ed. Note: We at ONE EIGHT TWO believe in equal time, and this is about as equal time as it gets. Mr. Forester indeed has a righteous axe to grind.]
It's about time we got tough with hackers and exposed them for the irresponsible electronic vandals they really are.
Jailing a few of these malicious meddlers would set an example to other would-be data thieves and help stem the tide of computerized anarchism which is threatening to engulf the IT industry.
Breaking into a computer is no different from breaking into your neighbors house. It is burglary plain and simple - though often accompanied by malicious damage and theft of information. Sometimes - as in the case of stolen credit cards - it is followed by fraud.
The essence of hacking is that it is about gaining unauthorized access to other peoples' systems. It is an activity which has not been sanctioned by or approved of by the system's owner, be they private or public.
Hackers are often portrayed as 'brilliant' or glamorized in the media as 'whiz-kids', but often they are only mediocre programmers. Most 'great' hacks have in fact involved very little in the way of intellectual liability - you don't have to be an expert to work an autodialer and Unix systems - a favorite target of the hacker - have notoriously poor security.
Far from being budding computer geniuses, hackers are often so incompetent and clumsy that they frequently cause more unintentional damage than intentional damage when blundering around inside someone else's system.
Far from being the heroes of the computer revolution, hackers are little more than common thieves. Their modus operandi involves stealing log-in names and passwords and the stealing information expensively collected by the victim.
Some hackers have even become infamous by betraying their country. Members of the Chaos Computer Club of Hamburg, in then West Germany, were caught selling United States military secrets to the KGB - the charred body of one of their number, Karl Koch, was later found in a forest outside Hanover.
Other hackers, such as the group that infiltrated London banks in 1989 have swiftly turned to blackmail. Yet some misguided persons have sought to justify this despicable crime by claiming hackers are really only helping 'test system security'.
A second justification of hacking is that hackers safeguard our civil liberties by keeping a check on the activities of governments. I know of no cases where revealing the contents of a state database has done good rather than harm.
If hacking cannot be defended, then virus creation is wholly unforgivable. Enormous time and effort has been spent in recent years making good the damage caused by the pranksters who gave us the 'Stoned', 'Bouncing Ball', 'Pakistani Brain' and 'Israeli' viruses, to name a few.
Such computer anarchists have caused mayhem in recent years in the US. The famous Internet worm let loose by Cornell University student Robert Morris in late 1988 infected no less than 6,000 systems and cost thousands of dollars to contain.
Last year, the so-called 'Legion of Doom' managed to completely stuff up the 911 emergency phone system in nine US states, thus endangering human life. They were also charged with trading in stolen credit card numbers, long distance phone card numbers and information about how to break into computers.
In another case, Leonard DeCicco was charged with stealing US $1 million worth of security software from Digital Equipment Corporation. Len Rose Jr. was charged with selling illegal copies of US $77,000 AT&T operating system.
One group of phone hackers was charged with stealing more than US $1.6 million worth of free long-distance phone calls, while another group was caught manipulating voice-mail boxes and 800 toll-free numbers to the tune of millions of dollars.
Unfortunately, attempts by US authorities to nail these delinquent nerds have not always been successful. This is because the law is unclear, and police lack the expertise in dealing with the crimes.
For example, last year's Operation Sun Devil, which involved raids in 14 cities and the seizure of 42 systems and 23,000 disks, has yet to result in any major prosecutions.
Robert Morris, who launched the disastrous Internet worm, got a mere slap on the wrist in the form of a US $10,000 fine and 400 hours of community service. Only in Britain, where the Computer Misuse Act became law in 1990m do the authorities seem to be winning the war against hackers: 'mad' hacker Nicholas Whitely was recently jailed for four months for a series of malicious attacks on university computers.
To some extent hacking has attracted individuals who are not at ease socially - the classic "nerd" if you like. They may relate better to machines than other humans.
One image of the hacker is of an adolescent mail, who, for reasons of shyness or "spots" does not get on with girls.
Instead, he tends to spend his time with the computer, rising at 2pm, then working right through to 6am..consuming mountains of delivered pizza and gallons of soft drink.
Some suffer from what Danish doctors are now calling "computer psychosis"- an inability to distinguish between the real world and the world inside the screen.
For the hacker, the machine becomes a substitute for human contact, because it responds in a rational manner, uncomplicated by feelings and emotions.
In some senses, one can't help but feel sorry for hackers, but by taking out their hang ups on society they do enormous damage and we all end up paying for their anarchic antics.
One day, these meddlers will hack into vital military, utility, or communications systems and cause a human and social catastrophe. It's time we put a stop to their adolescent games right now.
REBUTTAL FROM THE EDITOR
Why Mr. Forester is misinformed
Members of the Chaos Computer Club in Hamburg, in then West Germany, were caught selling United States military secrets to the KGB - the charred body of one of their number, Karl Koch, was later found in a forest outside Hanover.
No, Mr. Forester: The CCC was NOT involved in selling secrets to the KGB. In fact, the CCC had nothing to do with the whole thing, other than the fact Cliff Stoll's book, "The Cuckoo's Egg" paid lip service to their organization.
Last year, the so called 'Legion of Doom' managed to completely stuff up the 911 emergency phone system in nine US states, thus endangering human life.
The purported 'stuffing up' of the 911 system was that of capturing a document that explained how the 911 system was to be administered. How a document explaining how the 911 system works could be attributed to the endangerment of human life has no bearing on any worse case scenario a risks management and assessment team could ever devise.
They were also later charged with trading in stolen credit card numbers, long-distance phone card numbers, and information about how to break into computers.
To begin with, handing out information on how to break into computers isn't a crime in the United States. It's no more illegal than George Haydukes 'Getting Even'. In fact, the people who purport themselves to be on the other side of the fence often publish such articles, books, etc. They usually title them "How To Secure Your System". The only slant is that hackers generally can see through the holes the security experts leave wide open.
The only charges I know were brought against them were wire fraud, and transporting stolen goods over state lines.
For example, last year's Operation Sun Devil, which involved raids in 14 cities and the seizure of 42 systems and 23,000 disks, has yet to result in any major prosecutions.
Only 42 systems? Nice, round, and very conservative number.
Forester obviously discluded the number of innocent bystanders who had their computer's seized that day, including one Steve Jackson Games, whose only crime was hiring an ex member of LoD, and for creating a game that, according to the Secret Service, was a 'handbook on computer crime'. Because of this, SJG has taken a crippling fiscal blow, and may as well be mortally wounded.
On the lighter side, the Electronic Frontier Foundation is suing the Secret Service for their dereliction of duty and shoddy treatment of suspects in regards to their Constitutional rights. Maybe there is justice after all....
On a final note, Mr. Forester has made a few distortions and then effectively killed said distortions. You know what they say about opinions..
FROM THE 'NASTY CRASHES' DEPT.
Computer Glitch 'Kills' Constitution
by Douglas Farah, Special to the Washington Post
Taken from THE WASHINGTON POST, 30 June 1991, p.A23
Posted on comp.risks
BOGOTA, Columbia, June 29 -- The approval of Columbia's new constitution, which modernizes the judicial, political, and economic structures, is in jeopardy because a computer apparently ate the text.
The committee writing the final version was to turn over the text for final voting Wednesday. However, a technician storing the material in a computer borrowed from the office of the presidency, erased or lost the final document -- after many of the papers with the drafts of the articles had been thrown away.
"We literally have people going through trash cans looking for scraps of paper", said one source close to the process. "We do not know how this was allowed to happen, and we have lost an almost vital three days. We cannot debate or vote on a text we do not have in front of us."
While there are different versions of how the computer foul-up occurred, sources said a member of the codification committee refused to allow technicians from the office of the president to have access to the computer, fearing that some of the material could be pirated or changed. Instead, he had a nephew to do the computer work.
It turned out that the nephew had only taken a one-year correspondence course in computer programming.
[Ed. Note: Hi, my name is Joe Ford. I was President of the United States, but I quit that to enter the glamorous and exciting field of computer programming...]
WHERE WERE YOU ON MAY 8, 1990?
Bruce Sterling Wants You!
by Bruce Sterling
If you, or someone you know, had a bulletin board seized on May 7,8, or 9, 1990, by policemen or federal agents, I'm very interested in talking to you regarding a book I am writing on electronic civil liberties issues: THE HACKER CRACKDOWN, The True Story of the Digital Dragnet of 1990 and the Electronic Frontier Foundation.
Also, if you are a policeman, federal agent, informant, prosecutor, or telco security, and you or someone you know was seizing computers on May 8, I am very interested indeed in your story. Discretion guaranteed on request.
Please contact:
Bruce Sterling
4525 Speedway
Austin, Texas 78751
Voice: 512-323-5176
Fax: 512-479-0912
Email: bruces@well.sf.ca.us
THE POLICE AND YOU
One Net Resident Expresses Himself About The Law
by The Jester (IZZYCY1@MVS.OAC.UCLA.EDU)
reprinted from comp.org.eff.talk
[Ed note: This article is reprinted without permission. I hope friend Jester understands that I couldn't get in touch with him to get his permission, and also hope that he doesn't mind that his article appears in my newsletter. I thought this to be the most well written and absolutely the best article I have ever read. It deserves more than just being on comp.org.eff.talk.]
I have been taking a lot of flack over my views, but the flack just seems to indicate that either I'm not clearly expressing myself or everyone is intentionally misinterpreting me in order to harass me. Well, as much as I would like to believe the second I'm afraid I have no choice but to cop to the first so I'm going to try to now express my thoughts directly instead of responding to people.
My attitude toward law enforcement is that the police, the FBI, the CIA, etc. are NOT our enemies. They are NOT law breakers. They are NOT vigilantes who hate the public and want everyone to be slave to whatever concept of legality they currently hold. Instead, I see them as humans, just like the rest of use. Basically honest, upright folks who are trying to do their job as best as they can. People who are out to 'serve and protect'.
Now, this folksy attitude obviously colors my view in how to properly deal with the law enforcement. First of all, I believe that when dealing with law enforcement, one should always be respectful. One should try to be honest, up front, non-confrontational, and nice.
This translates to the following: I view Operation Sun Devil, the seizure of Steve Jackson Games, and the charges against Phrack as an honest attempt to try and enforce the law as the police understand it. They aren't trying to destroy anyone, they aren't deciding that your rights should be violated or any none such. Instead, they are trying to stop crimes they just don't understand. What do they know about 911 information? AT&T said "this is dangerous stuff that could hurt people"...how do they know better? When someone said "7 bit protocol" a bunch of guys who don't know what a bit or protocol is are being told hackers are destroying the world and hurting people (the media gas done a good job of pushing that view). This might as well be the purple code and a reason to declare war. As for Sun Devil, the was an honest attempt by the Secret Service to enforce the law as they view it.
I think we all agree that the results were wrong and should be stopped, never allowed to happen again. The first way to go about this is to bring suit, which has and or is being done. However, the second part is to try and honestly educate the police about what is really going on. To explain what a laser printer, a pc, a modem, protocols, internet, checksums, etc. ad infinitum ad nauseum is.
So while this all sounds very nice, what is the problem? Well, when I suggested being civil to the police and helping them to understand these new, confusing duties that have been thrust upon them, I ended up getting my head bit off by people who view the cops as the enemy.
Which is my next and final point. What if everyone is correct and the police are our enemies? My first instinct would be to avoid the police at all costs. If I see a cop on the street, I turn around. Next, I would forget about obeying most laws. After all, I'm gonna get busted by some cock-eyed cop, whether or not I do anything, so I might as well 'enjoy' myself. Finally, I wouldn't waste my time in courts. After all, the cops are bad to the core and trials just make them 'play good' until the media forgets whatever they did and everything will go back to normal. As soon as the King trial goes away, the cops will go back to beating the shit out of everyone, so why bother in the first place?
It's ironic I suppose. Among my friends, I am known as the ultimate pessimist, yet on this sig I seem to be the only optimist left.
HAS THIS HAPPENED TO YOU?
Almost Slammed...by AT&T
A Commentary by Steven Shimatzki (SJS132@psuvm.psu.edu)
reprinted from comp.dcom.telecom
I remember a while back that everyone was afraid of being 'slammed' into another long distance carrier. Recently, I had an experience that might be of interest because of that, and because it involved AT&T
Now I'll admit that I'm a college student, and unlike all the telcom execs who contribute daily, I only contribute to a list once in a blue moon...but, I read it faithfully.
So I'm curious if this is any real problem or if I'm just being paranoid.
Here's what happened:
I was at home working on my computer Friday afternoon when my computer room phone rings. Not many people call me there, because it is a separate phone number, just for our DATA calls. When I answered it, it was a telemarketer, presenting herself for AT&T. She then stated that we did not have AT&T, and said we had another long distance carrier, and jumped into her spiel about how much I can save with AT&T.
That threw me for a loop, because we have AT&T, and as long as I could remember, we had it. So I told her kindly, that to the best of my knowledge, I did have AT&T, and if that status had changed, I would call my local telco rep, and change it myself. End of story.
Here's the strange part: Long distance calling was discontinued on that line (well, locked out or whatever) because I got carried away in my early years, and had a VERY large phone bill to the 201 area code (Yeah, a few cents a minute adds up :()
Anyway, not only was long distance calling blocked from the phone, but like a day or two before all this, an AT&T rep called about how much money I could save on the 201 area code (now you know why it was mentioned) with their new plan...so, if they know I'm AT&T, why didn't they know that I'm AT&T? (understand?) I've thought about it, and all I can think of is:
- A: I used to call 201 a lot as a kid
- B: We blocked long distance calling
- C: YEARS (NOT current at all!) later they ask us about this plan
- D: We tell them NO
- E: They try and RECONNECT our long distance calling by tricking us with the 'not using AT&T as your carrier...'
I know it sounds like I'm paranoid about the phone company and all, but it's the only way I can make sense of it; that after telling them no, we CAN live without the long distance calls, they try and trick us into getting it.
Just VERY curious.
FROM THE EDITOR
Well, this summer is sure going by VERRYYYY slow. In fact, nothing in the way of news is happening anywhere.
My counterpart, RISKS, reports the same slow traffic as well. I guess we can safely say that the news, for what it's worth, has taken the summer off.
Perhaps I should do the same?
The interview with Mr. Draper will appear in the next issue of 182, plus the article from my new staff writer will also appear. My apologies for not getting them to you this issue. Apart from my hectic schedule, many a setback has kept me from delivering as promised. I appreciate your patience, and being the good readers you are, I will reward you with an killer next issue.
Until then, keep smiling, keep your back to the wall, and keep the suggestions coming.
Until next issue
Sincerely
DOKTOR AVALANCHE
wil@fiver.UUCP
Smeared Across The Universe By:
_________________________________________________________
|| Junk Culture Hallucination ||
|| xe0nsun ration ||
||Junk Culture|!|415-930-6786|!30-200!|4hs Per Midnight||
|| ||
| {-} Creators {-} ||
|| Bg: Kave f Timen ||
|| Remote Bog: Carcinogenic 'Nam Cure ||
|| {-} Welldoers {-} ||
|| Miniser of echnolgy: Th Living Ego ||
|| Minister of P/H/CU: The Blak Avengr ||
| {-} Staff {-} |
|| Godless wine, Nuer, Oota of the Helioscrotums ||
|| Howizer Exploion Guy, illiam Tel ||
|| ||
|| |!|Official Dopsite of ONE EIGHT TWO- Magazine |!| ||
|| || Editor: Dktor Avalanhe |!| ||
|| ||
| "I can't xplain myself, I'm |
|| fraid, sir, bcause I'm not ||
|| mself, you see. ||
|| -Lewis Carrll ||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^