**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.14 (June 14, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer REPLY TO: TK0JUT2@NIU.bitnet COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. -------------------------------------------------------------------- DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. -------------------------------------------------------------------- In This Issue: File 1: Moderators' Comments File 2: Mail: 1) SS jurisdiction; 2) Busts File 3: Craig Neidorf's New Indictment (Gordon Meyer) File 4: Is this Evidence (response to indictment, Jim Thomas) File 5: Mike Godwin on Search Warrants etc. -------------------------------------------------------------------- *************************************************************** *** Computer Underground Digest Issue #1.14 / File 1 of 5 *** *************************************************************** ---------------- Gordon Meyer's Subversive Thesis ----------------- An inside source reported to us that Omar Stanford, who was indicted in Missouri for alleged phreaking, has had all the charges against him dropped by local authorities. They also returned all of his software and equipment......EXCEPT FOR the infamous M.A. thesis by Gordon Meyer. No reason was given for the failure to return it. ------------------- Withdrawal of Some Archives -------------------- We have been informed that files to be used for evidence against Craig Neidorf include those in our archives. As a result, we will not accept requests for Phracks 19, 22, 23 or 24. Although we find such repression abhorent, and although it would seem to constitute a challenge to legitimate research interests, we feel it best to err on the side of caution and have succumbed to the "chilling effect." *************************************************************** *** Computer Underground Digest Issue #1.14 / File 2 of 5 *** *************************************************************** ------------- Forwarded from Telecom Digest ------------- In article <8820@accuvax.nwu.edu> henry@garp.mit.edu writes: > >In reply to Frank Earl's note ... I would reckon one of the problems >is that most people don't know where the FBI's jurisdiction begins or >where the Secret Service's jurisdiction ends. I had a visit on Friday >afternoon from an FBI agent and it seemed to be mostly reasonable, >except he identified himself as being from a unit that I wouldn't >associate with this sort of investigation. Secret Service jurisdiction over computer crimes is set out in 18 USC 1030(d): The United States Secret Service shall, in addition to any other agency having such authority, have the authority to investigate offenses under this section. [18 USC 1030 is titled "Fraud and related activity in connection with computers.] Such authority of the United States Secret Service shall be exercised in accordance with an agreement which shall be entered into by the Secretary of the Treasury and the Attorney General. There is a similar provision in 18 USC 1029, which concerns "Fraud and related activity in connection with access devices." Mike Godwin, UT Law School ------------------ ******************************************************************** ------------------- The following is an anonymous submission. ------------------- Can someone answer the following? Operation Sun Devil is a two year investigation. If I'm counting right, including the number of federal and state officers involved in serving search warrants, at least 300 were involved in some capacity. Also, if I'm counting right, there have been only 9 arrests: 1) One guy in California who was arrested during a search on an unrelated charge (weapon's possession)(Doc Ripco?) 2) One guy in Chicago who was arrested during the search on an unrelated charge (weapons) 3) A woman in Pittsburgh (Electra?) 4) Terminus in New Jersey 5) Anthony Nusall in Tucson 6) Craig Neidorf (for publishing phrack) 7) Robert Riggs (for E911 documents) 8) Adam Grant (Atlanta) 9) Frank Darden (Atlanata) The first four were busted in January, and the last four in the last month. So, of the 9, only 7 were busted on computer-related charges. Of the 7, the charges seem bogus at best, such as Craig Neidorf's, if the information I've read is even half accurate. Now, here's my question: If warrants are supposed to indicate a crime has been committed, shouldn't there be more arrests if there is such a crime wave out there? After all that time, all that investigation, all that hype---where's all the crooks?? I suppose the cops could say it takes time to collect evidence. But aren't they supposed to have evidence when they get the search warrants? How long can it possibly take to acquire evidence if the groundwork has already been laid and if cops supposedly know what they're looking for?? Am I missing something? Will other charges be like those reported against Craig--for publishing? If I havae phrack 24 and the E911 file, does that make me a crook? If I uploaded it to a board. Can that board be busted for receiving stolen information? Maybe I'm missing something, but is there something wrong here? Where is this giant conspiracy? Where is all the harm that's going on? I guess the cops would say they can't talk while an investigation is going on, but hasn't it been going on for years? Shouldn't they have something they can convey other than general notions of threats to national security, huge losses, major conspiracies, and the rest of their babble? Is there something wrong with this picture?? <je> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** Computer Underground Digest Issue #1.14 / File 3 of 5 *** *************************************************************** ***************************************** PHRACK/KNIGHT LIGHTNING INDICTMENT UPDATE ***************************************** On June 12, 1990 Craig Neidorf (aka "Knight Lightning") was arraigned on charges of Wire Fraud and Interstate Transportation of Stolen Merchandise. This new indictment supersedes the charges that were filed against him a few months ago. Note that the violation of the Computer Fraud charge has been dropped, with the wire fraud charges being added. The interstate transportation charge remains and is still related to his alleged receipt of the e911 documentation. The new Wire Fraud charges stem from 4 or 5 articles in past issues of "Phrack Inc.". A discussion of the specific articles named in the indictment is found elsewhere in this issue of CuD. Two additional changes are worth noting. The "retail cost" of the Bell South e911 documentation has been reduced from over $74K to $53K. Evidently the initial estimate was incorrectly calculated. Also, now that the fraud charge has been dropped mandatory sentencing guidelines may no longer require jail time should Niedorf be convicted. (This is speculation and has not been confirmed.) A new trial date has been set for July 23 (possibly the 24th, our sources were unsure of the exact date). The trial is expected to last about one week. The government still plans to call 13 witnesses, some of which are still unnamed (being listed as "a representative from Bell South, for example). As of this writing we have not been able to obtain a copy of the indictment itself. However, the information given here has been provided by those who have seen copies of it. There may be some errors, which will be corrected once we can compare our synopsis to the actual document. We were able to obtain a copy of the first indictment with relatively little hassle, however we have been told by both the US Attorney's office and the US Secret Service that this time we'll have to pick up a copy in person (which, to be fair, is standard operating procedure but it is a requirement that we did not anticipate). We will do so as soon as an opportunity to visit downtown Chicago arises. In the meantime if any CuD readers have a copy of the new indictment we would appreciate you forwarding a copy to us. As always we will continue to provide you with information as it becomes available. GRM 6/13/90 Related rumours and speculation: Sources indicate that much of the material being introduced as evidence by the Government has been sealed by the court. Additionally some people connected with the case are under a court order not to discuss certain aspects of it prior to the trial. The full reasoning behind this, and exactly what types of material it covers, is unknown at this time. This propensity to keep the details out of public scrutiny has led to speculation (from different sources) that the trial itself may take place behind closed doors. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** Computer Underground Digest Issue #1.14 / File 4 of 5 *** *************************************************************** We have not yet seen a copy of Craig Neidorf's June 12 indictment, but we are told that Phrack #19 (file 7) and Phrack #23 (file 3) will be introduced as evidence. We are also told that this stuff is sealed, so it would be unwise for anybody to request (or distribute) these files. PHRACK 19 (file 7, "Phrack World News"): This file announces that The Phoenix Project BBS returned on-line, and summarizes some general information. We are given the dictionary definitions of the terms "phoenix" and "project." We are told that Summer-con '87 was held on schedule, and that summer-con '88 would occur. We told that The Metal Shop BBS is down, perhaps permanently. Personnel from industry and law enforcement are explicitely invited to attend Summer-con '88. Dangerous stuff. PHRACK #23, File 3 (Part III of The Vicious Circle Trilogy). If it is true that this file will be used as evidence, we cannot comprehend what it is supposed to prove. It is a list of CU groups that have existed, and the premise of the article is that joining groups is a status thing and of no particular value. It discusses John Maxfield's work assessing the number of phreaks and hackers across the country, provides a logon application required by one p/h board, and discusses possible government informants who may have infiltrated various groups. There is nothing here that cannot be found in a media article or in the works of Maxfield or Donn Parker. PHRACK #22, Files 1, 4, 5, and 6: File 1 announces, for those who may not have figured it out, that some old-time hackers now have jobs, but that some still like to maintain links to the community. No names are mentioned in this revealing blurb. It also informs readers that Phrack will publish anonymous articles and provide E-mail delivery to legitimate accounts. The editors request submissions and provide an index of files in this issue. File 4 is a version of "The State of the Hack" entitled "A Novice's Guide to Hacking- 1989 edition." It is divided into four parts: Part 1: What is Hacking, A Hacker's Code of Ethics, Basic Hacking Safety Part 2: Packet Switching Networks: Telenet- How it Works, How to Use it, Outdials, Network Servers, Private PADs Part 3: Identifying a Computer, How to Hack In, Operating System Defaults Part 4: Conclusion; Final Thoughts, Books to Read, Boards to Call, It is essentially an essay with some basic technical information available in any computer science course integrated in. Files 5 and 6 would appear to be the most serious of the files. Both are labelled as Unix hacking tips. This may be more a rhetorical ploy than anything substantive. The "tips" provided can be found in help files, text books, over-the-counter type manuals, and many, many other sources. These files are really little more than a guide on how to use Unix. File 6, however, does discuss how passwords might be hacked. But, so does Stoll's The Cuckoo's Egg, and one in fact learns more from Stoll's book than from these files. If the authors of these files had added some sex, perhaps a murder or two, and told a few funny stories, they, too, might have had a best seller. Having re-read these files, some troubling questions arise. 1. It appears that the charges against Craig have shifted from the E911 files to the content of what he has published. If found guilty, would a precedent be set that allows agents to indict anybody who prints information about entering a computer system? Would it allow prosecution of people who support hacking, even though they themselves have not engaged in any illegal activities? 2. Where would the line be drawn between legitimate and illigetimate information? Stoll's book provides a useful primer for a would-be Unix hacker. Could Stoll be indicted? What about Levy's Out of the Inner Circle? That book, published by Microsoft, provides explicit detail on hacking techniques. What about computer courses in a unversity? If an instructor provides details on how to use Unix that one could then apply in attempting to hack a system, would that instructor be liable? What protections would exist for teaching computer use? 3. What is the liability of anybody who possesses a copy of the Phracks in question? What happens if they upload one to another board? If a caller to a board, ignorant of the current witch hunt mentality, uploads a Phrack for upload credit, as many do, then would that user be liable? Would that constitute sufficient grounds for a search warrant that would allow confiscation of computer equipment? 4. What is the liability of sysops? Should they remove text files for fear that they might be raided or harrassed, even if those files are not illegal on the fear that they might SOMEDAY be deemed illegal and justify prosecution? 5. What happens, as occasionally does, if an attorney asks the moderators of CuD for a copy of Phrack #22 or the E911 file? If we send it, have we committed a crime? If the recipient accepts it has a second crime occured? It seems that federal agents are not particularly interested in clarifying these issues. It leaves the status of distribution of information in limbo and turns the "chilling effect" into a sub-zero ice storm. Perhaps this is what they want. It strikes us as quite irresponsible. Perhaps we are wrong, and these files are not, in fact, in question. If not, then we are worrying for nothing. If, however, we are correct, then it seems that the very future of electronic communication currently hangs in the balance. Case and statute law being formulated today will provide the protections (or lack of them) for the computer world for the coming decades. The future seems to lie in electronic communication and information flow. Without establishing protections now, we are committing ourselves to a bleak future indeed. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** Computer Underground Digest Issue #1.14 / File 5 of 5 *** *************************************************************** ------------- The following was sent simultaneously to CuD and to Telecom Digest Mike Godwin. Pat was not able to print it, so we reprint it here. It is a response to a TCD contributor criticizing those who are uncomfortable with the current witch hunts. -------------- ----------------------------------------------------------------- Newsgroups: comp.dcom.telecom Subject: Re: Update: LOD Woes - Part II of II References: <8763@accuvax.nwu.edu> Reply-To: mnemonic@dopey.cc.utexas.edu.UUCP (Mike Godwin) Distribution: Organization: The University of Texas at Austin, Austin, Texas In article <8763@accuvax.nwu.edu>, in a posting titled "Law 101," Frank E. Carey writes: >The signal to noise ratio is becoming intolerable. Let's go back to >FACTS and LOGIC. Unfortunately, much of what Frank subsequently says about law-enforcement procedures in this country is either nonfactual or illogical or both. >Searches and seizures are authorized by warrants. If anybody believes >that the government raids were done without warrants I'm sure we'd all >like to hear about it. Whether warrants were obtained should be a >verifiable fact. So far as I know, there has been no dispute as to whether any of the Operation Sun Devil searches and seizures were warrantless. Critics of this operation are not claiming that the searches and seizures lacked warrants, but that the warrant-approval process has proved to be an insufficient protection of Fourth Amendment rights. This comes as no surprise, of course, to those who have more than a high school civics textbook familiarity with criminal procedure. >Warrants are issued by judges and are based on evidence. Not exactly. Typically, warrants are issued by judges (or some other "neutral magistrate") on the basis of affidavits written by law-enforcement agents. The agents describe and characterize the illegal activity they seek to investigate. So long as the FORM of warrant-seeking procedure is adhered to, the content of the warrant is rarely (one is tempted to say "never," but that's not quite true) inquired into by the judge. The procedure is NONadversarial--that is, there's no one there to challenge the law-enforcement agent's characterization of the facts. So long as the judge has no reason to believe that the agent is INVENTING facts, she'll normally approve the warrant. But the agent's good faith is NOT a measure of the accuracy of the information contained in a warrant, especially in computer-crime cases, in which the very nature of the property crime is being defined in the process of prosecuting alleged wrongdoers. (These are the cases that will set the precedents for how the federal computer-crime law will be interpreted in the future.) There is little doubt that the agents have a good-faith belief that they are going after genuine wrongdoers. But to assume that law-enforcement officials have any kind of *objective* sense of the magnitude and damage of the "crimes" being prosecuted here is to misunderstand the character of federal law-enforcement--generally, these are a bunch of zealous (and sometimes over-zealous) policemen who tend to define the reach of federal crime statutes VERY broadly. >Any >information suggesting that warrants were improperly issued or that >evidence was fictitious, falsified, illegally obtained, etc. would >probably be welcomed in this forum. I think warrants are public >information. This is more or less a non sequitur. It ignores the fact that warrants, like indictments, are *rhetorical* documents, designed to convince the reader that the goals of the writer are correct. The question is not whether the facts are wrong, but how they are characterized for rhetorical purposes. >If we can determine that searches were done with properly issued >warrants we would have a situation that would be closer to due process >than "abridging of First Amendment rights". This assumes that if the Fifth Amendment requirement of Due Process (as well as, I assume, the Fourth Amendment requirement of "reasonable" searches and seizures), there can be no First Amendment interests at stake. This is a misreading of Constitutional Law; the requirements of the respective Amendments must be met independently of each other. >Indictments are handed down by grand juries - your peers. Indictments >are based on evidence and are customarily (depending on jurisdiction) >judgments that the evidence, if not refuted, is sufficient for a >reasonable presumption of guilt. This is incorrect. The presumption of innocence is never overcome by grand-jury indictments, even if the allegations contained therein are unrefuted. Properly, one should say that a grand-jury indictment reflects a prima facie case against the defendant(s), who are nevertheless presumed innocent until judged guilty beyond a reasonable doubt. >INDICTMENTS ALSO SERVE TO PROTECT >THE ACCUSED AGAINST FRIVOLOUS PROSECUTIONS. No, they do not. The grand-jury process is NOT a screen against any kind of prosecution, regardless of what you may have been told. Patrick allowed in his comment to your letter that "sometimes" grand juries are merely rubber-stamps for prosecutors. "Sometimes" actually is "the great majority of the time"--it was not for nothing that Rudy Giuliani said he could get the jury to indict a ham sandwich. Grand-jury proceedings are orchestrated by prosecutors, and no one has a right to have her attorney present when questioned by the grand jury. >Once you have been indicted you >go to trial. The indictment is not a guilty verdict! No, but it vastly increases the likelihood of one, especially if it comes from a federal grand jury. Assuming that you can afford the cost of defending yourself in federal court (most people find the cost crippling), you're up against an organization that has fact-gathering organizations in every state in the U.S., and whose agents have automatic credibility with most jurors. >It's hard for >me to conclude that indictment by grand jury constitutes harassment by >government. How soon we forget the 1960s! >If you don't like the grand jury process or you don't >trust your peers to evaluate evidence you've got a more fundamental >problem that probably belongs in net.politics. Or, perhaps, on misc.legal, where this topic has been discussed in the past. >Some postings imply that motive or resulting damage should be a factor >in these cases. I think we need to read the law and look at the way >the courts apply the law. It's not helpful to argue a case on the >basis of what you think the law should be. Sure it is, when the law is being interpreted in new and more expansive ways. Moreover, given the fact that even unindicted third parties can be crippled by overzealous (but warranted) seizures, Fourth Amendment interests require that we tell judges and legislators how we think the law should be interpreted. >Perhaps the biggest problem some of you have with the raids, seizures, >is that you don't like the law. If that's the case go see your >congressman and stop flaming the law enforcement people. This statement assumes that law-enforcement folks have no discretion in how they conduct their searches or prosecutions. This is untrue. Some law-enforcement agents have a great deal of respect for the Constitution, while others have an us/them mentality that motivates them to pay only cursory attention to the Constitutional interests at stake. >The common carrier issue is one of the few lucid topics to surface >recently. Indeed, we don't arrest the UPS guy for delivering a >package of stolen property and we don't sieze the mail truck when it >contains stolen documents being mailed. Is the law weak on this >aspect of computer crime? Yes, indeed. Which is one of the main problems. >Should sysops be treated as common >carriers? Would this solve some problems but create others? I'd be >interested in opinions on this. Sysops who received common-carrier status would be a bit dismayed at their inability to deny access to some users. What is needed is a new status, somewhere between common-carrier and private-operator status. Such a middle ground would allow sysops to control their user bases while not being required to read every bit of verbal information that is transferred into or through their systems. >Disclaimer: I'm not an attorney and I have no personal connection >with any of the discussed cases. My views may be colored by the >report in UNIX Today 5/28/90 that Leonard Rose was accused of >stealing source code from my employer. It may be that Len Rose was indicted for "stealing source code" (I haven't seen that particular indictment), but the other Legion of Doom indictments concern the alleged "theft" of an E911 text document. Many newspapers and journals have misreported this. Disclaimer: I have a law degree, but until I take and pass the bar exam, I won't be a lawyer, either. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END C-u-D, #1.14 + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=