****************************************************************************
                  >C O M P U T E R   U N D E R G R O U N D<
                                >D I G E S T<
              ***  Volume 1, Issue #1.18 (June 25, 1990)   **
  ****************************************************************************

MODERATORS:   Jim Thomas (Sole moderator:  Gordon Meyer on vacation)
REPLY TO:     TK0JUT2@NIU.bitnet

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.
--------------------------------------------------------------------
DISCLAIMER: The views represented herein do not necessarily represent the
            views of the moderators. Contributors assume all responsibility
            for assuring that articles submitted do not violate copyright
            protections.
--------------------------------------------------------------------

            protections.
--------------------------------------------------------------------


File 1:  Moderators' Comments
File 2:  From the Mailbag  (3 items)
File 3:  Title 18 USC %Section% 1343 and comments (Mike Godwin)
File 4:  Have Federal Prosecutors gone too far? (Jim Thomas)
File 5:  FBI response to Rep. Don Edwards query of BBS Spying
--------------------------------------------------------------------


***************************************************************
***  Computer Underground Digest Issue #1.18 / File 1 of 5  ***
***************************************************************

MISC. ITEMS:

--CUD and USENET: Chip Rosenthal is investigating the possiblity of setting up
a group gateway into USENET for a newsgroup called alt.cud to
stimulate debate and dialogue of issues. If all goes as planned, it
will happen very soon. We will keep people posted.

--SUBSCRIPTIONS:
If you have requested to be added to the mailing list but have
not received anything from us, keep trying and include several
alternative addresses. Sometimes neither "reply" nor the addresses
listed work.
CuD is available hardcopy, and we will provide back issues to
libraries or other archival sources at no cost.

MAIL--We receive considerable mail, but we cannot print it all.
We strongly encourage comments to be related to the general issues
reflected here, and we will not print flames, insults, or general
opinions unless there is some additional (and strong) redeeming
value. We *STRONGLY* encourage law enforcement and others to
submit comments or articles as a way of stimulating dialogue and
understanding.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+                               END THIS FILE                                +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


***************************************************************
***  CuD, Issue #1.18 / File 2 of 5 / Mailbag (3 items)     ***
***************************************************************

Date:     Fri, 22 Jun 90 9:31:10 EDT
From:     Wes Morgan <morgan@engr.uky.edu>
To:       TK0JUT2%NIU.BITNET@UICVM.UIC.EDU
Subject:  Re:  C-u-D, #1.17

Stephen Tihor <TIHOR@NYUACF> writes:
>
>I am interested in ideas with low $ and personnel costs and which will avoid
>triggering more vandalism or even unguided explorations.

How about *guided* exploration?  I would assume that a university with
NYU's level of resources has PCs capable of running UNIX.  Why not run
a series of "Intro to UNIX" and "Intro to C" courses using UNIX PCs?
Encourage exploration; after all, there's not much damage to be done with
an isolated PC......and the accounts can stick around for months.

>===========================================================================
mis@seiden.com(Mark Seiden) writes, in his commentary on the LoD case:
>presumably there a precise legal definition of "traffic"?

BKEHOE@widener also expressed concern about this issue later in this
Digest.  This comment applies to both articles.

The use <and misuse> of "traffic" in this case has serious implications
on ALL computer networks.  Consider BITNET; if a user at TECMTYVM sends
stolen <or misappropriated> information to UKCC, are the 12 intermediary
site on the path implied accessories?  I don't even want to *think* about
the uucp network, where it can require passage through 15 or 20 sites to
reach some nodes.  Consider the frightening ease with which both BITNET
and UNIX mail <and list postings> can be forged.  Consider the CP TRANSFER
command; a little reading should make its potential clear.

The potential for monitoring network traffic is also large.  The simple
command "sm <rscs-agent> cmd ohstvma q psuvm q" will allow me to see the
destination of every file travelling that link, one of BITNET's busiest.
A number of products (LANalyzer, Sniffer) allow their users the ability
to track, capture, and decode packets travelling on almost *any* network.
It's a simple matter to track usage of any network; how soon before we
see official "Sniffer Stations", driven by AI routines, watching and ana-
lyzing our network usage constantly?

>Are you still able/willing to make the entire archives available to, say,
>counsel needing access for trial preparation?  how about to someone who
>will be testifying before Congress (who are holding hearings in mid-July on
>this subject)?

A related question:  If a public document (i.e., PHRACK) is used as
evidence in a closed trial, does that restrict distribution on ALL copies
of that PUBLIC document?  This seems somewhat akin to intro-ducing the
Louisville Courier-Journal as evidence, expecting all the libraries to
hastily pull the appropriate issues from the shelves.  Are there any
attorneys on this list who would offer an opinion in this matter?

BKEHOE@widener writes, in his comments on the Neidorf indictment:
>
>2) Counts 3 and 4 were about as vague as anything I've read. From my
>interpretation, the counts are charging them with conspiring to perform the
>E911 "theft" via email. Does that then mean that if I were to write to
>someone with a scheme to break into a system somewhere, that I could be
>held accountable for my plans? Is the discussion of performing an illegal
>act of and in itself illegal?

Sure, if that break-in actually happens.  You'd be liable under that
wonderful "conspiracy" clause.  If the fellow with whom you discussed the
scheme subsequently discussed it with another individual, who actually
committed the crime, you could certainly be tracked down and charged as a
co-conspirator <or accessory>.  This is the sort of thing that makes me
wary when users ask for explanations of telnet/cu/ftp/et cetera.... I just
point them at the manuals, so they can't attribute *ANYTHING* to me.

>4) Finally, I must wonder how many more charges may be pulled up between
>now and the time of the trial, if that gem about transmitting Phrack 22 was
>so suddenly included. Will every Phrack be dug through for any "possibly"
>illegal information?

Certainly!  You know that those lists of bbs numbers imply that Neidorf
connected to EACH AND EVERY ONE of them, dispensing his ILLEGAL information!
<Emphasis added for the SS attorney who will be spouting this rubbish as
 he introduces past issues of PHRACK as evidence........yeesh>

>If I were to write up a file based on the
>information in Dave Curry's Unix Security paper, using language that
>"incites devious activity" (a.k.a. encourages people to go searching for
>holes in every available Unix system they can find), can I be held
>accountable for providing that information?

Well, how about this situation?  I'm the de facto "security guru" for my
site.  Should I attempt break-ins of machines under my domain?  Am I vio-
lating the law?  Am I liable, even though I have no malicious intent?
Needless to say, I have stopped all such activity until these points are
ironed out.

>Well, that's enough for now...I'm interested in hearing other peoples'
>opinions on all of this. I'm sure I'm not the only one out here who gets
>mildly PO'd each time I hear about a new result of Operation Sun Devil (and
>the associated fever).

Well, I wonder if anyone's planning a "Introduction to Modern Computing"
course for the judiciary.  I still don't understand how people such as
Neidorf, Riggs, and Rose can be tried by a "jury of their peers".  I'd
like to see the records of the _voir dire_ (jury selection) process. How
many of the prospective jurors do you think will be able to truly under-
stand the concepts involved?  Would you care to explain password security
to a <no offense intended> 2nd grade teacher or bus driver?  I mean no
slight to these people, but their presence on a jury in a computer case
is like asking me to serve on a jury for a case involving particle physics!
For that matter, will the defense attorney have a chance to object to the
definitions given various terms by the prosecutors in open court?  Hardly.


Wes Morgan

--
  The opinions expressed above are not those of UKECC unless so noted.
Wes Morgan                 %       %rutgers,rayssd,uunet%!ukma!ukecc!morgan

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Date: Fri, 22 Jun 90 16:22:22 EDT
From: josephl@wb3ffv.ampr.org
To: tk0jut2

->->->->->->->->->
  A NETWORKER'S JOURNAL
      ->->->->->->->->->->->
         Vol. 5  June 22, 1990  No. 42

ALAN BECHTOLD PLANS MODEM USERS ASSOCIATION

Alan Bechtold, president of BBS Press Service, has launched a new
non-profit organization called the Modem User's Association of America that
he says will be active in cases in which phone companies propose rates that
affect telecomputerists. MUAA intends to be a clearing house for
information of interest to users and operators of computer bulletin board
systems. It also hopes to link local and regional modem user groups into a
nationwide network and set up a lobbying effort in Washington to push for
legislation favorable to modem users.

Bechtold says that so far the greater interest has come from people in
states currently affected by changes in phone company rates, including
Indiana and Texas.

The group's legal and lobbying support for the first year is being offered
by a Washington, D.C., group, Bechtold said. For more information about the
group, you may call 913/478-9239.

--------------------------------------------------------------------


UNCLE SAM OFFERS SECURITY GUIDES

Computer security guides, mandated by the Computer Security Act of 1987,
are being distributed by the National Institute of Standards and
Technology. They address viruses, data integrity and general system
security. The guides are available from the Government Printing Office or
directly from the NIST Computer Security Board. To check it out, make a
modem call to 301/948-5717.

Three of the guides cover security questions posed by executives, managers
and users, while the fourth is intended to assist federal agencies in
developing security training programs.


U.S. SUPREME COURT PREPARES TO BEGIN ELECTRONIC TRANSCRIPTIONS

Starting next month, the U.S. Supreme Court's decisions and supporting
options will be electronically transmitted to computer networks operated by
12 court-approved organizations as part of its new "Project Hermes," a
2-year experiment.

Writing in CompuServe's Online Today electronic publication this week,
James Moran notes that of the organizations directly receiving the Court
transmissions, one is a non-commercial, non-profit, consortium made up of
Case Western Reserve University, EDUCOM, and the National Public
Telecomputing Network. EDUCOM later will transmit the opinions to Internet
and BITNET for general distribution, as well as to NPTN which will
distribute copies to affiliated community computer systems.

Says Moran, "When the Supreme Court is ready to release an opinion, a
computer at the Supreme Court Building in Washington will simultaneously
open 12 telephone lines and transmit copies to the 12 primary information
distributors. Subsequently, the distributors will make the Court's
decisions available to other interested parties."

For more information, send your name, organization or firm, address, city,
state, and zip, to Project Hermes, CWRU Community Telecomputing Lab, 319
Wickenden Building, Cleveland, OH 44106.

                        * * *

   A NETWORKER'S JOURNAL is a weekly feature by Charles Bowen%ment

--------------------------------------------------------------------

To: tk0jut2
Subject: Re: Update: Alcor Life Extension Email Litigation
Date: Sat, 23-Jun-90 12:08:07 PDT


Update on the progress in the Alcor/email case as of June, 1990:

by H. Keith Henson

A suit under section 2707 of U.S.C. title 18 (the Electronic Communications
Privacy Act) against a number of individuals in the Riverside, California
Coroner's office, the District Attorney's office, and the Riverside police
department was filed Jan. 11, 1990, one day short of the statutory limit.
There were fifteen plaintiffs out of roughly fifty people who had email on
the Alcor system.  For those of you who are not familiar with the case, the
coroner removed a number of computers from Alcor in connection with an
investigation into the cryonic suspension of Dora Kent in December, 1987.

The defendants moved in March for a dismissal of the case, arguing that 1)
the warrant for the computer was enough to take any email found within it,
and 2) that even if the defendants had made "technical" errors in
confiscating the email, they should be protected because they acted in
"good faith."

Our lawyer opposed the motion, arguing that the warrant originally used was
itself defective, even for taking the computers.  This is something Alcor
had never done, because (I think) people can only object to a warrant after
charges have been filed, and for all the accusations the coroner and DA
made in the press (which included murder, drugs, theft, and building code
violations), no charges have been filed in this case in the last two and a
half years.

The federal judge assigned to the case denied the motion after hearing oral
arguments in May.  Based on the comments of the judge from the bench, it
seems that he agrees that the plaintiffs have a case, namely that taking
email requires a warrant for the email, or the persons doing so will face
at least civil liability.

So far the legal bill stands at over $10,000.  Suggestions as to
organizations or individuals who might be interested in helping foot the
bills would be welcome.  (Donations would be returnable if we won the case
and the county has to pay our legal bills as required in section 2707.)

The text of the legal filings (40k, three files) have been posted to CuD.
If you can't get CuD, they are available by email from

hkhenson@cup.portal.com
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+                               END THIS FILE                                +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


***************************************************************
***  CuD, Issue #1.18 / File 3 of 5 /Title 18 USC Sect 1343 ***
***************************************************************

%We asked Mike Godwin to forward a copy of Title 18 USC %section% 1343
because it is the basis of eight of the 11 counts (the other 3 allege
violations of section 2314).

------------------------------------------------------------------

18 USC 1343:

Sec. 1343. Fraud by wire, radio, or television
	Whoever, having devised or intending to devise
any scheme or artifice to defraud, or for obtaining
money or property by means of false or fraudulent
pretenses, representations, or promises, transmits
or causes to be transmitted by means of wire,
radio, or television communication in interstate or
foreign commerce, any writings, signs, signals, pic-
tures, or sounds for the purpose of executing such
scheme or artifice, shall be fined not more than
$1000 or imprisoned not more than five years, or
both.

[Ed. note: This statute was modelled on the mail-fraud statute,
18 USC 1341:]

Sec. 1341. Frauds and swindles
        Whoever, having devised or intending to devise
any scheme or artifice to defraud, or for obtaining
money or property by means of false or fraudulent
pretenses, representations, or promises, or to sell,
dispose of, loan, exchange, alter, give away, distrib-
ute, supply, or furnish or procure for unlawful use
any counterfeit or spurious coin, obligation, securi-
ty, or other article, or anything represented to be
or intimated or held out to be such counterfeit or
spurious article, for the purpose of executing such
scheme or artifice or attempting so to do, places in
any post office or authorized depository for mail
matter, any matter or thing whatever to be sent or
delivered by the Postal Service, or takes or receives
therefrom, any such matter or thing, or knowingly
causes to be delivered by mail according to the
direction thereon, or at the place at which it is
directed to be delivered by the person to whom it is
addressed, any such matter or thing, shall be fined
not more than $1,000 or imprisoned not more than
five years, or both.

------------------------

Please note the breadth of the statutes. They're primarily designed to
enable federal jurisdiction in larger-scale crimes, since almost everybody
committing a crime ultimately ends up using the mails or the phone system
or both. Are there any limits to federal jurisdiction at all? Maybe, but
they're pretty tenuous. The leading cases delimiting mail fraud (and, by
extension, wire fraud) are:

Parr v. U.S., 363 U.S. 370 (1960)
U.S. v. Maze, 414 U.S. 395 (1974)
U.S. v. Tarnopol, 561 F.2d 466 (3d Circuit 1977)
Schmuck v. U.S., 109 S.Ct. 1443 (1989)

Maze is a particularly useful discussion. Not only is then-Justice
Rehnquist's majority opinion instructive on the (possible) limits of mail
fraud, but then-Chief Justice Burger's dissent is helpful in understanding
the tactical significance of mail-fraud counts--it explains how and why
such counts are so often included in federal prosecutions of NEW types of
crime.


--Mike


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+                               END THIS FILE                                +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


***************************************************************
***  CuD, Issue #1.18 / File 4 of 5 / Is this Free Speech?  ***
***************************************************************

Mike Godwin's summary of Title 18 USC %section% 1343 raises a curious
point. Count two of Craig Neidorf's new indictment charges that the:

      ....defendant herein, for the purposes of executing the aforesaid
      scheme did knowingly transmit and cause to be transmitted by means
      of a wire and radio communication in interstate commerce from
      Columbia, Missouri to Lockport, Illinois certain signs, signals and
      sounds, namely:  a data transfer of Phrack World News announcing the
      beginning of the "Phoenix Project";
           In violation of Title 18, United States Code, Section 1343

One wonders what such a document could contain that it would subject the
offender to up to five years in prison and up to a $1,000 fine. Surely it
must contain some dangerous information to warrant a separate count.  We
took a look at this file, and here it is, reprinted directly from the
original:


--------------------------------------------------------------------

                               ==Phrack Inc.==

                     Volume Two, Issue 19, Phile #7 of 8

             PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
             PWN                                             PWN
             PWN      >>>>>=-* Phrack World News *-=<<<<<    PWN
             PWN                 Issue XVIV/1                PWN
             PWN                                             PWN
             PWN          Created by Knight Lightning        PWN
             PWN   Written and compiled by Knight Lightning  PWN
             PWN                                             PWN
             PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN

From The Creators Of Phrack Incorporated...

                             The Phoenix Project
                             >>>>>>>>>>>>>>>>>>>
-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Just what is "The Phoenix Project?"

Definition:  Phoenix (fe/niks), n.  A unique mythical bird of great beauty
                     fabled to live 500 or 600 years, to burn itself to death,
                     and to rise from its ashes in the freshness of youth, and
                     live through another life cycle.

             Project (proj/ekt), n.  Something that is contemplated, devised,
                     or planned.  A large or major undertaking.  A long term
                     assignment.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Why is "The Phoenix Project?"

On June 1, 1987 Metal Shop Private went down seemingly forever with no
possible return in sight, but the ideals and the community that formed the
famous center of learning lived on.  On June 19-21, 1987 the phreak/hack world
experienced SummerCon'87, an event that brought much of the community together
whether physically appearing at the convention or in spirit.  On July 22, 1987
the phreak/hack community was devastated by a nationwide attack from all forms
of security and law enforcement agencies...thus setting in motion the end of
the community as we knew it.  Despite the events of July 22, 1987, PartyCon'87
was held on schedule on July 26-28, 1987 as the apparent final gathering of
the continent's last remaining free hackers, unknown to them the world they
sought to protect was already obliterated.  As of August 1, 1987 all of the
original members and staff of the Metal Shop Triad and Phrack Inc. had decided
to bail out in the hopes that they could return one day when all would be as
before...

                             THAT DAY HAS COME...

A new millennium is beginning and it all starts on July 22, 1988.  How fitting
that the One year anniversary of the destruction of the phreak/hack community
should coincidentally serve as the day of its rebirth.

Announcing SummerCon '88 in (where else would you expect) St. Louis, Missouri!

Knowledge is the key to the future and it is FREE.  The telecommunications and
security industries can no longer withhold the right to learn, the right to
explore, or the right to have knowledge.  The new age is here and with the use
of every *LEGAL* means available, the youth of today will be able to teach the
youth of tomorrow.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SummerCon'88 is a celebration of a new beginning.  Preparations are currently
underway to make this year's convention twice as fun as last year's and the
greater the turnout the greater the convention shall be.  No one is directly
excluded from the festivities and the practice of passing illegal information
is not a part of this convention (contrary to the opinions of the San
Francisco Examiner, and they weren't even at the last one).  Anyone interested
in appearing at this year's convention should leave mail to Crimson Death
immediately so we can better plan the convention for the correct amount of
participants.

The hotel rooms purchased for SummerCon'88 are for the specified use of
invited guests and no one else.  Any security consultants or members of law
enforcement agencies that wish to attend should contact the organizing
committee as soon as possible to obtain an invitation to the actual convention
itself.

Sorry for the short notice this year...

:Knight Lightning                                      "The Future Is Forever"

-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

That's it.  This file provides a few standard dictionary definitions,
announces a past and forthcoming conference, and invites security personnel
to attend. Yet, the meanings proferred by the indictment suggest this
announcement reflects something far more insidious, something criminal, and
something in dire need of prosecution.

The issues are not whether the file reflects poor judgment or a vocabulary
that some find inappropriate. Our increasing worry is this: Is this file so
dangerous that its publication warrants an indictment that subjects a young
defendant to up to five years in prison? Does this file, by any reasonable
standard, meet the good faith standards for prosecution outlined in Section
1343?  The more we follow the Secret Service activities and U.S. Attorney
William J. Cook's handling of the trial, the more we question the motives
and procedures of the investigators and prosecutors.  If those who abuse
the computer system violate the trust of other computer users, as argued by
prosecutors, then those who would seem to abuse the fundamental law of the
land by apparently violating First and Fourth Amendment rights and by
seemingly abusing federal statutes to obtain a prosecution violate
something even more sacred: THE SPIRIT OF JUSTICE AND THE RULE OF LAW!
Those convicted of violating a federal statute face serious consequences.
Those who abuse federal statutes can enhance careers.  Is the statute being
abused? Have we read the law, the indictment, and the file correctly? How
do others read it?

Yes, there are other charges against Craig Neidorf. But, again, as we read
both the indictment and the law, there is a curious twist of language that
distorts his behavior and translates it into something quite different than
it was. We do not argue that accessing other computers is acceptable, and
we do not claim that any person has a "right" to access information
surreptitiously.  However, this isn't the point. If this file constitutes a
"crime," then it would seem to strike at the heart of freedom of speech.

Computer technology is changing the way we communicate. The Constitutional
protections (or lack of them) decided now will shape the status of
electronic communication in the coming decades. We do not see this as a
"hacking" issue, but as an issue the will affect all computerists who
communicate across the wired for many years.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+                               END THIS FILE                                +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


***************************************************************
***  CuD, Issue #1.18 / File 5 of 5 /                       ***
***************************************************************


In CuD 1.05, we reprinted FOIA information from Marc Rotenberg of CPSR
(Computer Professionals for Social Responsibility, 1025 Connecticut Avenue,
NW (Suite 1015), Washington, D.C. (20036) - (202) 775-1588)).  Marc
provided a copy of a response by the FBI to U.S. Representative Don Edwards
(chair, House Subcommittee on Civil and Constitutional Rights on the
Judiciary). Mr. Edwards submitted a list of questions to the FBI asking
about surveillance of BBSs. We reprint with permission and thanks.
--------------------------------------------------------------------



                                         DEPARTMENT OF TREASURY
                                         UNITED STATES SECRET SERVICE
                                          WASHINGTON, DC 20223
                                         APR 30 1990

 The Honorable Don Edwards
 Chairman
 Subcommittee on Civil and Constitutional Rights
 Committee on the Judiciary
 House of Representatives
 Washington,  D.C.  20515

 Dear Mr. Chairman:

 Thank you for your letter of April 3, 1990, concerning your
 committee's interest in computer fraud.  We welcome the
 opportunity to discuss this issue with your committee and I
 hope the following responses adequately answer your
 questions.

 Question 1:

 Please describe the  Secret Service's process for investigating
 computer related crimes under Title 18, United States Code,
 Section 1030 and any other related statutes.

 Response:

 The process by which the  Secret Service investigates
 computer related crimes is similar to the methods we use to
 investigate other types of criminal investigations.  Most of the
 investigative techniques are the  same; surveillances, record
 checks, witness and suspect interviews, etc.  the primary
 difference is we had to develop resources to assist in the
 collection and review of computer evidence.

 To provide  our agents with this expertise, the secret service
 developed a computer fraud investigation course which, as of
 this date, has trained approximately 150 agents in the proper
 methods for conducting a computer fraud investigation.
 Additionally, we established a computer  Diagnostics center,
 staffed  with computer professional, to review evidence on
 computer  systems.

 Referals of computer related criminal investigations occur in
 much the same manner as any other case.  A victim sustains a
 loss and reports the crime, or, a computer related crime is
 discovered during the course of another investigation.

 In the investigations  we do select, it is not our intention to
 attempt to supplant local or state law enforcement.  We
 provide enforcement in those cases that are interstate or
 international in nature and for one reason or another are
 beyond the capability of state and local law enforcement
 agencies.

 When computer related crimes are referred by the various
 affected industries to the local field offices, the Special
 Agent in  Charge (SAIC) determines which cases will be
 investigated based on a variety of criteria.  Each SAIC must
 consider the economic impact of each case, the prosecutive
 guidelines of the United States Attorney, and the investigative
 resources available in the office to investigate the case .
 In response to the other portion of your question, the other
 primary statute we use to investigate computer related crimes
 is Title 18, United States  Code,  Section 1029 ( Access Device
 Fraud).  This service  has primary jurisdiction in those cases
 which are initiated outside a bank and do not involve
 organized crime, terrorism, or foreign counterintelligence
 (traditional responsibilities of the FBI).

 The term "access device" encompasses credit cards, debit
 cards, automatic teller machines (ATM) cards, personal
 identification numbers (PIN's) used to activate ATM machines,
 credit or debit card account numbers, long distance telephone
 access codes, computer passwords and logon sequences, and
 among other things the computer chips in cellular car phones
 which assign billing.

 Additionally, this Service has primary jurisdiction in cases
 involving electronic fund transfers by consumer (individuals)
 under Title 15, U. S. code, section 169n (Electronic Fund
 Transfer Act).  This could involve any scheme designed to
 defraud EFT systems used by the public, such as pay by phone
 systems, home banking, direct deposit, automatic payments,
 and violations concerning automatic teller machines.  If the
 violations can be construed to be a violation of the  banking
 laws by bank employee, the FBI would have primary
 jurisdiction.

 There are many other statutes which have been used to
 prosecute computer criminals but it is within the purview of
 the U.S. Attorney to determine which statute will be used to
 prosecute an individual.

 Question 2:

 Has the Secret  Service ever monitored any computer bulletin
 boards or networks?  Please describe  the procedures for
 initiating such monitoring, and list those computer bulletin
 boards or networks monitored by the Secret  Service since
 January 1988.

 Response:

 Yes, we have occasionally monitored computer bulletin boards.
 The monitoring occurred after we received complaints
 concerning criminal activity on a particular computer bulletin
 board.  The computer bulletin boards were monitored as part of
 an official investigation and in accordance with the directives
 of the Electronic Communications  Privacy  Act of 1986 (Title
 18 USC 2510)

 The procedures used to monitor computer bulletin boards
 during an official investigation have involved either the use of
 an informant (under the direct supervision of the investigating
 agent)  or an agent operating in an undercover capacity.  In
 either case, the informant or agent had received authorization
 from the computer bulletin board's owner/operator to access
 the system.

 We do not keep records of the bulletin boards which we have
 monitored but can provide information concerning a particular
 board if we are given the name of the board.

 Question 3:

 Has the Secret Service or someone acting its direction ever
 opened an account on a computer bulletin board or network?
 Please describe the procedures for opening such an account and
 list those bulletin boards or networks on which such accounts
 have been opened since January 1988.

 Response:

 Yes, the U.S.  Secret Service has on many occasions, during the
 course of a criminal investigation, opened accounts on
 computer bulletin boards or networks.

 The procedure for opening an account involves asking the
 system administrator/operator for permission to access to the
 system.  Generally, the system administrator/operator will
 grant everyone immediate access to the computer bulletin
 board but only for lower level of the system.  The common
 "pirate" computer bulletin boards associated with most of
 computer crimes have many different level in their systems.
 The first level is generally available to the public and does not
 contain any information relation to criminal activity.  Only
 after a person has demonstrated unique computer skills, been
 referred by a known "hacker," or provided stolen long-distance
 telephone access codes or stolen credit card account
 information,  will the system administrator/operator permit a
 person to access the higher levels of the bulletin board system
 which contains the information on the criminal activity.

 As previously reported in our answer for Question 2, we do not
 keep records of the computer bulletin boards on which we have
 established accounts.

 Question 4:

 Has the Secret Service or someone acting under its direction
 ever created a computer bulletin board or network that was
 offered to the public?  Please describe any such bulletin board
 or networks.

 Response:

 No, the U. S. Secret Service has not created a computer bulletin
 board nor a network which was offered to members of the
 public.   We have created an undercover bulletin board which
 was offered to a select number of individuals who had
 demonstrated an interest in conducting criminal activities.
 This was done with the guidance of the U.S. Attorney's  office
 and was consistent with the Electronic Communications
 Privacy Act.

 Question 5:

 Has the Secret Service ever collected, reviewed or
 "downloaded" transmissions or information from any computer
 network or bulletin board?  What procedures does the Secret
 Service have for obtaining information from computer bulletin
 boards or networks?  Please list the occasions where
 information has been obtained since January 1988, including
 the identity of the bulletin boards or networks,  the type of
 information obtained,   and how that information was obtained
 (was it downloaded, for example).

 Response:

 Yes, during the course of several investigations, the U. S.
 Secret Service has "down loaded" information from computer
 bulletin boards.  A review of information gained in this manner
 (in an undercover capacity after being granted access to the
 system by it's system administrator)  is performed in order to
 determine whether or not that bulletin board is being used to
 traffic in unauthorized access codes or to gather other
 information of a criminal intelligence nature.  At all times,
 our methods are in keeping with the procedures as outlined in
 the Electronic Communications Privacy Act (ECPA).

 If a commercial network was suspected of containing
 information concerning a criminal activity, we would obtain
 the proper court order to obtain this information in keeping
 with the ECPA.

 The U. S. Secret Service does not maintain a record  of the
 bulletin boards we have accessed.

 Question 6:

 Does the Secret Service employ, or is it considering employing,
 any system or program that could automatically review the
 contents of a computer file, scan the file for key items,
 phrases or data elements, and flag them or recommend further
 investigative action?  If so, what is the status of any such
 system.  Please describe this system and research being
 conducted to develop it.

 Response:

 The Secret  Service has pioneered the concept of a Computer
 Diagnostic Center (CDC)  to facilitate the review and
 evaluation of electronically stored information.  To streamline
 the tedious task of reviewing thousands of files per
 investigation, we have gathered both hardware and software
 tools to assist our search of files for specific information or
 characteristics.  Almost all of these products are
 commercially  developed products and are available to the
 public.  It is conceivable that an artificial intelligence process
 may someday be developed and have application to this law
 enforcement function but we are unaware if such a system is
 being developed.

 The process of evaluating the information and making
 recommendations for further investigative action is currently
 a manual one at our CDC.  We process thousands of computer
 disks annually as well as review evidence contained in other
 types of storage devices (tapes, hard drives, etc.).   We are
 constantly seeking  ways to enhance our investigative mission.
 The development of high tech resources like the CDC saved
 investigative manhours and assist in the detection  of criminal
 activity.

 Again, thank you for your interest.  Should you have any further
 questions, we will be happy to address them.

                                                 Sincerely,
                                                 /s/
                                                 John R.  Simpson, Director


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+                               END CuD, #1.18                               +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
!