**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.23 (July 18, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer ARCHIVISTS: Bob Krause / Alex Smith REPLY TO: TK0JUT2@NIU.bitnet COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTENTS: File 1: Moderators' Comments File 2: FTPing Thru Bitnet: BITFTP Help File 3: Phrack as "Evidence?" File 4: CU in the News ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------------------------------------------------------------------- ******************************************************************** *** CuD #1.23, File 1 of 4: Moderators' Comments *** ******************************************************************** ++++++++++ In this file: 1) Craig Neidorf's Trial 2) Law Enforcement Contributions 3) Berserker BBS 4) The Well in Sausalito 5) LoD/H Technical Journal, #4 +++++++++++++++++++++++++++++ CRAIG NEIDORF'S TRIAL +++++++++++++++++++++++++++++ Craig Neidorf's trial begins Monday, July 23, in Chicago's Federal Court building at 220 S. Dearborn in Judge Nicholas Bua's court. For those planning to attend, the Federal Court is on the south edge of The Loop, about a 10 minute walk from commuter trains. Jury selection begins in the morning. The trial, originally expected to be fairly short, perhaps because the prosecutor expected no opposition, could run for at least two-and-a-half weeks. Judge Bua refused the prosecutor's request for a postponement apparently intended to dig up more "dirt" and witnesses. Some sources indicate that the prosecution has been attempting to amass information intended to discredit the Craig's character that has nothing to do with the charges, but might create an unfavorable imagery to persuade a jury that he must be guilty of *something*! Looks from this side like the politics of desperation. Dorothy Denning will attend the entire trial, and the CuD moderators will be on the scene as time allows. ****************** LAW ENFORCEMENT CONTRIBUTORS ****************** We have invited two high-level prosecutors to contribute their views of the problems of evidence, defining computer crime, separating "real" criminals from CU types, and other issues to CuD. One has agreed when time allows, the other is considering it. We believe it is crucial to develop dialogue between competing groups in order to address the complexity of the various issues. Unless this happens, it will be more difficult to assure Constitutional protections, to enact or change legislation, or to generally establish some sort of peaceful co-existence. So, we again encourage contributions from all sides. ****************** BERSERKER BBS ****************** We have heard that Berserker BBS, one of the elite boards in the country, went down. Does anybody have any information on this? *************** THE WELL *************** We have come across THE WELL (an acronym for Whole Earth 'Lectronic Link) in Sausalito. It's more than a BBS, and offers files, net links, and informed message sections. Anybody interested in the computer underground should participate in the "Hacker's Conference," where a variety of interesting topics are discussed by lawyers, journalists, hackers, and many, many others. The hacker's conference was the source of HARPER'S Forum on hacking this past March. It's a bit expensive (a sign-up fee, monthly fee, and user fee), but more than worth it for the price. THE WELL'S data phone: (415)-332-6106; Voice: (415)-332-4335. *************************** LOD/H TECHNICAL JOURNAL, #4 *************************** LoD/H #4 came out in May and is available from the CuD archives. The introductory statement warned of confusion and potential imposters, so we thought we'd reprint it. The issue also includes a history of the LoD from the perspective of one participant that supplements the history found in Phrack 31. Here's an excerpt from the introduction: *************************************************************************** We are still alive. This publication is not released on any schedule. Past attempts at scheduling issues have failed miserably. The editors refuse to release issues which are not up to our self-defined standards. We have in the past, and will continue in the future, to accept articles from anyone (e.g. non LOD) as long as the articles adhere to our basic format and style. The editors review all articles to verify accuracy and integrity however it may not be possible in all cases to check every fact. Plagiarized material is not acceptable and we make every attempt to verify an article's originality. When referenced material is used, the source for that material must be clearly stated. The more articles we receive the sooner each issue is released. There is a minimum 2 month review and editing period for each article. If you want to contribute articles contact any member and they will forward articles to the editors. There seems to be some confusion as to what writers are (or were) in LOD/H and what ones aren't. JUST BECAUSE SOMEONE WRITES FOR THIS PUBLICATION DOES NOT MEAN THEY ARE AN LOD/H MEMBER! Just to clear up any confusion, a current member list follows: Erik Bloodaxe Lex Luthor Prime Suspect Phase Jitter Professor Falken (End excerpt from LoD/H #4) ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ ******************************************************************** *** CuD #1.23: File 2 of 4: FTPing thru Bitnet *** ******************************************************************** ++++++++++++++++ Lang Zerner reminds us that bitnet users may be able to access FTP sites, and has sent along the following instructions. ++++++++++++++++ BITFTP -- Princeton BITNET FTP Server BITFTP provides a mail interface to the FTP portion of the IBM TCP/IP product ("FAL") running on the Princeton VM system, to allow BITNET/NetNorth/EARN users to ftp files from sites on the Internet. BITFTP currently accepts requests only via RFC822-format mail, IBM NOTE-format mail, PROFS-format messages, or files with no headers at all. BITFTP currently returns the requested files as NETDATA-format files or as mail files containing UUENCODED data. If you specify "UUENCODE" or "NETDATA" on your "FTP" command, BITFTP will attempt to use that format. If you do not specify the format, BITFTP will attempt to select the appropriate format for your node. BITFTP attempts to send NETDATA-format files through the gateway from EARN into Janet via the NIFTP facility at Rutherford Lab. If BITFTP sends you a file you cannot read, THE FIRST THING TO DO is to make sure that you specified ASCII if the file should contain textual material or that you specified BINARY if the file should contain binary data, executable programs, tar files, or the like. VMS users should specify BINARY F 512 and should use RECEIVE/BINARY to receive the NETDATA-format binary files BITFTP sends them. If BITFTP sends you a uuencoded file that you cannot uudecode, the first thing to do is to translate all occurrences of 0x7E in the file to 0x5E and then try uudecoding again. (Some gateways are changing 5Es to 7Es when the files pass through them.) To use BITFTP, send mail containing your ftp commands to "BITFTP@PUCC". The first command to BITFTP must be "FTP" or "HELP". The recommended syntax for ftp requests is: FTP hostname NETDATA --or-- FTP hostname UUENCODE USER username password <other ftp subcommands> QUIT After the hostname on the FTP command, you may specify "UUENCODE" or "NETDATA" to tell BITFTP the format in which you wish to receive files. (If the username is "anonymous", no password is required; BITFTP will use your userid and nodeid as the password.) Note that on many systems passwords are case-sensitive; that is, the password may be required to be in lower case or mixed case or upper case. (The same is true of directory and file names.) The following is an example of an ftp request: FTP f.ms.uky.edu NETDATA USER anonymous CD /pub/msdos/Games DIR BINARY GET robotron.arc msdos.robotron QUIT To request a list of some of the hosts that allow anonymous ftp, send BITFTP mail or a message containing only the command "FTPLIST". Note that there is no guarantee that BITFTP can access all the hosts in this list. BITFTP implements a subset of the ftp subcommands provided in the IBM TCP/IP and uses the same syntax. Therefore, you may find it useful to obtain the "IBM TCP/IP for VM Command Reference Manual", IBM order number GC09-1204. The currently supported subcommands are: ACCT -- to send host-dependent account information. format: ACCT account-information ASCII -- to change the file transfer type to ASCII. format: ASCII BINARY -- to change the file transfer type to image. format: BINARY <FIXED record-len> <VARIABLE> CD -- to change the working directory. format: CD directory CLOSE -- to disconnect from the foreign host. format: CLOSE DIR -- to get a list of directory entries. format: DIR EBCDIC -- to change the file transfer type to EBCDIC format: EBCDIC GET -- to get a file from the foreign host. format: GET foreignfile <localfile> If you specify "localfile", it must be in the forms "filename.filetype" or "filename", and the filename and filetype may each be no more than 8 characters long and may not contain periods. LOCSTAT -- to display local status information. format: LOCSTAT LS -- to list the files in a directory. format: LS <name> PWD -- to print the working directory. format: PWD QUIT -- to disconnect from the foreign host. format: QUIT STATUS -- to retrieve status information from a foreign host. format: STATUS <name> SYSTEM -- to get the name of the foreign host's operating system. format: SYSTEM TYPE -- to specify Image, ASCII, or EBCDIC file transfer. format: TYPE <I|A|E> The files you request will be sent to you in NETDATA format or UUENCODED inside mail files. You will also receive a mail file containing a log of your ftp session. In that mail file, entries prefixed by ">" are your original commands; those prefixed by ">>" are your commands as interpreted by BITFTP and passed to TCPIP; those prefixed by ">>>" are your commands as interpreted by TCPIP and passed to the remote host; those prefixed by "<<<" are messages from the remote host; and those prefixed by ">>>>" are completion messages from BITFTP. If BITFTP is unable to connect to the host you specify, it will send you mail after the first attempt, but will keep trying at intervals over three days. The only additional mail files you will receive will be when the connection is made successfully or when BITFTP gives up after three days. The load on BITFTP is often very heavy, and network backlogs are often so great that it may take several days for a file to get to you once BITFTP sends it, so please be patient and don't send multiple requests for the same file. If your system allows you to send interactive messages, you can inquire about BITFTP's backlog by sending the query "How are you?", e.g., on a VM system: TELL BITFTP AT PUCC How are you? This service is currently under development and is far from complete. Current plans for improvements include: 1. Acknowledgments via MSG when mail is received and when processing has been completed. 2. A much more complete HELP facility. Questions about BITFTP and suggestions for improvements should be directed to Melinda Varian, MAINT@PUCC on BITNET or MAINT@pucc.princeton.edu on the Internet. The author gratefully acknowledges the use of the FTP SUBCOM interface written by David Nessl, the SENDJANI EXEC written by Alan Flavell, the uuencoding utility written by John Fisher, and the RFC822 parsing routine written by Eric Thomas. NOTE: If you have any complaints or suggestions about the way any of these routines work in BITFTP, please send them to MAINT@PUCC (Melinda Varian), not to the authors. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ ******************************************************************** *** CuD #1.23: File 3 of 4: Phrack as Evidence??? *** ******************************************************************** If a clever prosecutor wanted to introduce evidence that "proved" how dangerous a defendant was, and if that evidence included something like what follows, what would this evidence actually show? Hypothetically, if the following were evidence, would Bill Cook think it so dangerous as to have it sealed? Can't blame him, though. It's well known throughout the modem community that PHRACK took its orders directly from the Kremlin, and secret codes and meanings are incrypted in vowels. Rumor also has it that if you change the ascii to hex, stick it in the oven for 23 minutes at 420 degrees, dry it, grind it up in the food processer and smoke it, it's better than crack. Sometimes it seems like the prosecution has tried it--and found that it works! What else could explain their actions? _______________________________________________________________________________ ==Phrack Inc.== Volume Two, Issue 23, File 3 of 12 <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> <> <> <> Subdivisions <> <> %%%%%%%%%%%% <> <> Part Three Of The Vicious Circle Trilogy <> <> <> <> A Study On The Occurrence Of Groups Within The Community <> <> <> <> Presented by Knight Lightning <> <> August 8, 1988 <> <> <> <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> A Rose By Any Other Name... Would Smell As Sweet =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= The Administration % Advanced Telecommunications, Inc./ATI ALIAS % American Tone Travelers % Anarchy Inc. % Apple Mafia The Association % Atlantic Pirates Guild/APG % Bad Ass Mother Fuckers/BAMF Bellcore % Bell Shock Force/BSF % Black Bag % Camorra % C&M Productions Catholics Anonymous % Chaos Computer Club % Chief Executive Officers/CEO Circle Of Death % Circle Of Deneb % Club X % Coalition of Hi-Tech Pirates/CHP Coast-To-Coast % Corrupt Computing % Cult Of The Dead Cow/-cDc- Custom Retaliations % Damage Inc. % D&B Communications % The Dange Gang Dec Hunters % Digital Gang/DG % DPAK % Eastern Alliance The Elite Hackers Guild % Elite Phreakers and Hackers Club The Elite Society Of America % EPG % Executives Of Crime % Extasyy (Elite) Fargo 4A % Farmers Of Doom/FOD % The Federation % Feds R Us % First Class Five O % Five Star % Force Hackers % The 414s % Hack-A-Trip Hackers Of America/HOA % High Mountain Hackers % High Society % The Hitchhikers IBM Syndicate % The Ice Pirates Imperial Warlords % Inner Circle Inner Circle II % Insanity Inc. International Computer Underground Bandits/ICUB % Justice League of America/JLA Kaos Inc. % Knights Of Shadow/KOS % Knights Of The Round Table/KOTRT League Of Adepts/LOA % Legion Of Doom/LOD % Legion Of Hackers/LOH Lords Of Chaos % Lunatic Labs, Unlimited % Master Hackers % MAD! The Marauders % MD/PhD % Metal Communications, Inc./MCI MetalliBashers, Inc./MBI % Metro Communications % Midwest Pirates Guild/MPG NASA Elite % The NATO Association % Neon Knights % Nihilist Order Order Of The Rose % OSS % Pacific Pirates Guild/PPG % Phantom Access Associates PHido PHreaks % Phlash % PhoneLine Phantoms/PLP Phone Phreakers Of America/PPOA % Phortune 500/P500 Phreak Hack Delinquents % Phreak Hack Destroyers Phreakers, Hackers, And Laundromat Employees Gang/PHALSE Gang Phreaks Against Geeks/PAG % Phreaks Against Phreaks Against Geeks/PAP Phreaks and Hackers of America % Phreaks Anonymous World Wide/PAWW Project Genesis % The Punk Mafia/TPM % The Racketeers Red Dawn Text Files/RDTF % Roscoe Gang % SABRE % Secret Circle of Pirates/SCP Secret Service % 707 Club % Shadow Brotherhood % Sharp Inc. % 65C02 Elite Spectral Force % Star League % Stowaways % Strata-Crackers % The Phrim Team Hackers '86 % Team Hackers '87 % TeleComputist Newsletter Staff Tribunal Of Knowledge/TOK % Triple Entente % Turn Over And Die Syndrome/TOADS 300 Club % 1200 Club % 2300 Club % 2600 Club % 2601 Club % 2AF % Ware Brigade The Warelords % WASP % The United Soft WareZ Force/TuSwF United Technical Underground/UTU - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Its literally unbelievable just how many different groups and organizations there are or have been in the phreak/hack/pirate community. The list of 130 groups displayed above is probably still just a fraction of the actual amount of groups that there have been, but those are the only ones I am aware of at this time. In the past John Maxfield has estimated that there are about 50,000 hackers/phreaks/pirates operating in the United States today. That figure has multiplied to to a point where it probably comes close to 500,000. Believe it or not, almost everyone has been a member of one of the above groups (or perhaps a group not mentioned) at one time or another. Today's telecom security consultants and law enforcement agencies know this too and that is how group affiliations can be turned against us. What does being in a group mean? In the modem community being in a group is supposed to mean that the people in the group work on projects together and trade specific information that people outside of the group are not allowed to access and by the same token, have no way to get it. However, obviously the people in the group all feel that the other people with whom they are sharing information, can be trusted and are worthy of associating with them to begin with. So when you stop and think about it, if there was no group, the people in question would still be trading information and would still trust each other because they would not have formed the group unless this criteria was met in the first place. So in truth, being in a group really means nothing on the basis previously mentioned. You see in the modem community, being in a group really is more like a power trip or a "security blanket" for people who feel that they need to let people know that they associate with a specific clique in the hopes that the popularity of some of the other members will lend popularity to themselves. Many groups form in such a way that they try to make it look otherwise and thus begins the real problem. Some groups are formed by a person who tries to get a lot of guys together that he feels knows a lot or seems to post a lot of good information - Bad Move; If you are going to form a group at all, stick with people who you know can be trusted (can you really ever "know" who can be trusted?) and then out of those people form your group or choose who you feel should be in it. Anyway, to prove that they are elite, most groups begin to gather specific data for giving to group members, and this includes handing out their own names and phone numbers with other members of the group. They feel a false loyalty and psychologically create such utter faith in all the members that the faith is ultimately blind and based on hopes and aspirations of greatness. What is the best way for a security agent or informant to blend in with the modem community? Join as many groups as possible, start gathering data on the members, and spread your handle throughout the community to become "well known." Example: Taken From Phrack World News Issue XV; [This article has been edited for this presentation. -KL] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Mad Hatter; Informant? July 31, 1987 %%%%%%%%%%%%%%%%%%%%%% We at Phrack Inc. have uncovered a significant amount of information that has led us to the belief that Mad Hatter is an informant for some law enforcement organization. When Taran King, Cheap Shades, Forest Ranger, and Knight Lightning arrived at Control C's in Chicago, Illinois, Mad Hatter had already searched the place and had found some papers that could only have done ^C harm. We destroyed this information and thought everything was ok. However, as it turns out, we searched Mad Hatter's bags and found a duplicate set of this information and the general hypothesis was they he intended to leave it behind as incriminating evidence. Mad Hatter had also brought down several disks for the purpose of copying Phantasie Realm. Please note; PR was an IBM program and MH has an apple. Control C told us that when he went to pick Mad Hatter up at the bus terminal, he watched the bus pull in and saw everyone who disembarked. Suddenly Mad Hatter was there, but not from the bus he was supposed to have come in on. In addition to this, he had baking soda wrapped in a five dollar bill that he tried to pass off as cocaine. Perhaps to make us think he was cool or something. Mad Hatter constantly tried to get left behind at ^C's apartment for unknown reasons. He also was seen at a neighbor's apartment making unauthorized calls into the city of Chicago. When asked who he called, his reply was "Don't worry about it." Mad Hatter had absolutely no money with him during PartyCon (and incidentally he ate everything in ^C's refrigerator) and yet he insisted that although he had taken the bus down and had return trip tickets for the bus, that he would fly back home. How was this going to be achieved? He had no money and even if he could get a refund for the bus tickets, he would still be over $200 short. When asked how he was going to do this, his reply was "Don't worry about it." On Saturday night while on the way to the Hard Rock Cafe, Mad Hatter asked Control C for the location of his computer system and other items 4 times. This is information that Hatter did not need to know, but perhaps a SS agent or someone could use very nicely. When Phrack Inc. discovered that Dan The Operator was an FBI informant and made the news public, several people were criticizing him on Free World II Private. Mad Hatter on the other hand, stood up for Noah and said that he was still his friend despite what had happened. Then later when he realized that people were questioning his legitimacy, his original posts were deleted and he started saying how much he wanted to kill Dan The Operator and that he hated him. Mad Hatter already has admitted to knowing that Dan The Operator was an FBI informant prior to SummerCon '87. He says the reason he didn't tell anyone is because he assumed we already knew. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - When Mad Hatter first entered the phreak/hack world, he joined; Phreaks Anonymous World Wide (PAWW), MetalliBashers, Inc (MBI), Order of The Rose, and Cult of The Dead Cow (-cDc-). If you were a security agent or a loser hacker turned informant and you wanted to mix in with the phreak/hack community, wouldn't you try to join as many groups as possible to spread your name? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Phreaks Anonymous World Wide, MetalliBashers, Inc., Order of The Rose, and Cult of The Dead Cow, not exactly the toughest groups to join and once there is one security person in the group, he is bound to vouch for others, etc. So while he spreads his name as an elite modem user throughout the community, he is busy gathering information on group members who are foolish enough to trust him. Its not bad enough that some groups are easy enough to infiltrate as it is, but does anyone remember this? Taken From Phrack World News Issue XI; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Phortune 500: Phreakdom's Newest Organization February 16, 1987 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% For those of you who are in the least bit interested, Phortune 500 is a group of telecommunication hobbyists who's goal is to spread information as well as further their own knowledge in the world of telecommunications. This new group was formed by: Brew Associates / Handsomest One / Lord Lawless / The Renegade Chemist Quinton J. Miranda / Striker / The Mad Hacker / The Spiker These eight members are also known as Board Of Directors (BOD). They don't claim to be *Elite* in the sense that they are they world's greatest hacker, but they ARE somewhat picky about their members. They prefer someone who knows a bit about everything and has talents exclusive to him/herself. One of the projects that Phortune 500 has completed is an individual password AE type system. It's called TransPhor. It was written and created by Brew Associates. It has been Beta tested on The Undergraduate Lounge (Sysoped by Quinton J. Miranda). It is due to be released to the public throughout the next few months. Phortune 500 has been in operation for about 4 months, and has released two newsletters of their own. The Phortune 500 Newsletter is quite like the "People" of contemporary magazines. While some magazines cover the deep technical aspects of the world in which we communicate, their newsletter tries to cover the lighter side while throwing in information that they feel is "of technical nature." The third issue is due to be released by the end of this month. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - *>=-> The Phortune 500 Membership Questionnaire <-=<* Note: The following information is of a totally confidential nature. The reason you may find this so lengthy and in depth is for our knowledge of you. We, with Phortune 500, feel as though we should know prospective members well before we allow them into our organization. Pending the answers you supply us, you will be admitted to Phortune 500 as a charter member. Please answer the following completely... ............................................................................... Handle : First Name : Voice Phone Number : Data Phone Number : City & State : Age : Occupation (If Applicable) : Place of Employment (Optional) : Work Phone Number (Optional) : Computer Type : Modem Type : Interests : Areas Of Expertise : References (No More Than Three) : Major Accomplishments (If Any) : ............................................................................... Answer In 50 Words Or Less; ^*^ What Is Phortune 500 in Your Opinion? ^*^ Why Do You Want To Be Involved With Phortune 500? ^*^ How Can You Contribute to Phortune 500? ............................................................................... Please answer each question to the best of your ability and then return to any Phortune 500 Board of Directors Member Or a Phortune 500 BBS: The Private Connection (Limited Membership) 219-322-7266 The Undergraduate AE (Private Files Only) 602-990-1573 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - An actual application form for joining a group. Perhaps the concept was a good one, perhaps not, but from a standpoint of publicity and security, this was a complete and utter catastrophe. Basically we are all here to learn in one way or another. Groups and clubs in our community only seem to segregate it and at a time when everyone should be pulling together, this is not such a good idea. Privacy and security are important factors that motivate these sects within the society, but ultimately are the final consequences worth the trouble of creating a group? If groups had not been created, there would not be as much attention on the phreak/hack community as there is right now. When group names start spreading, it starts the law enforcement agencies into a panic that its big time organized crime. This allows them to justify more time and money into the apprehension of computer criminals and usually they go after the big names; the people in the most "elite" groups. Now before you, a member of a group, start criticizing this file, please understand, I am not referring to any particular groups here, just groups in general. Any and all comments made about MBI, -cDc-, PAWW, OOTR, and P500 should not be taken personally and were used only as examples of how groups can be potential security problems. There are some groups that are worthwhile organizations and its obvious because that have existed through the years and been productive. However, the only way to keep this community alive is for everyone to work together to protect and learn from each other. :Knight Lightning "The Future Is Now" =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ ******************************************************************** *** CuD #1.23: File 4 of 4: The CU in the News *** ******************************************************************** +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- From: ekrell@ulysses.att.com Date: Mon, 9 Jul 90 16:14:38 EDT Subject: Legion of Doom Members Plead Guilty Extracts from an AP news wire: Three members of the Legion of Doom group pleaded guilty to federal conspiracy charges Monday. U.S. Attorney Joe Whitley said the group disrupted telecommunications, stole computer source codes and information, stole credit card information and fraudulently obtained money and property. In May, authorities in Indiana prosecuted a juvenile who pleaded guilty to 11 counts of fraud and agreed to testify against the three Atlanta men, in a trial scheduled to start today. Instead, the three pleaded guilty. They are E. Grant, 22 and Robert Riggs, 22 (both from Atlanta) and Franklin E. Darden Jr, 24 of Norcross. Whitley said in a statement that they illegally accessed various BellSouth computers between Sept. 10, 1987 and July 21, 1989. Grant and Darden also monitored private telephone conversations. They were carged with conspiracy to commit computer fraud, wire fraud, access code fraud and interstate transportation of stolen property. Darden and Riggs pleaded guilty to one count of conspiracy each and face a maximum of 5 years in prison and a $ 250,000 fine. Grant pleaded guilty to possessing 15 or more BellSouth access devices with intent to defraud and faces up to 10 years in prison and a $ 250,000 fine. Eduardo Krell AT&T Bell Laboratories, Murray Hill, NJ UUCP: %att,decvax,ucbvax%!ulysses!ekrell Internet: ekrell@ulysses.att.com ++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ And here's another little article from Computerworld, July 2, 1990 issue, p. 78, in the column "Inside Lines," no definite author given, only the Assistant News Editor Jim Connolly (a phone number is given for news tips, 800-343-6474): "That old hack magic The infamous Internet worm, created by ex-Cornell graduate student and hacker Robert T. Morris, still rears its head from time to time, according to one security expert. "It's taken on a life of its own," he said. Admirers of Morris' handiwork have added names to the worm's built-in password-cracking dictionary to make it more effective. One estimate puts the dictionary at 560 passwords, up from the original 430, the expert said. Morris, meanwhile, is still trying to work out a deal with his probation officer on how he will spend his 400 hours of community service -- part of his sentence for writing the untamed program, according to his lawyer. A decision will come next week, he added." +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ COMPUTER TRANSFER OF STOLEN DATA RULED A FEDERAL CRIME By Janan Hanna (From Chicago Daily Law Bulletin, June 13, 1990, pp 1, 14) The transfer of confidential information from one computer to another constitutes a violation of the federal law prohibiting the interstate transportation of stolen property, a federal judge has ruled. U.S. District Judge Nicholas Bua made this first-impression ruling in a criminal computer "hacker" case brought against two young men. Attorney Sheldon T. Zenner, representing one of the defendants, said the ruling improperly broadens the federal statue against interstate transportation of stolen property--18 U.S.C. %section% 1343. Under the ruling, Zenner argued, simple communications between persons or news organizations could be construed as illegal. Bua denied a motion to dismiss by defendant Craig Neidorf, who was indicted along with Robert J. Riggs for allegedly breaking into Bell South Telephone Co.'s computer system, copying its emergency 911 system and publishing the information on a computer bulletin board. Riggs allegedly gained acess to Bell South's computer, downloaded the system into his home computer and sent it to Neidorf who allegedly published it in a computer newsletter known as "PHRACK," according to Bua's decision. Neidorf, who was charged with violating the wire fraud and interstate transport statutes, argued that the government's allegation did not fall within the definition of those statutes because no goods, wares, or merchandise was transferred. The original indictment also charged Neidorf with violations of the Computer Fraud and Abuse Act of 1986, but government prosecutors dropped those charges in a superseding indictment and added additional wire fraud charges. 18 U.S.C. %section% 2314 provides, in part, that "whoever transports, transmits, or transfers in interstate or foreign commerce any goods, wares, merchandise, securities or money, of the value of $5,000 or more, knowing the same to have been stolen, converted or taken by fraud...shall be fined not more than $10,000 or imprisoned not more than 10 years or both." "The question is, where what takes place is merely a telephone call, where information is transported and the property never leaves Bell, because they still have it, is that interstate transportation of stolen property?" Zenner asked. "Other cases have held that property must be tangible property. If a kid...had stolen a computer disk, gotten in his car and drove it %to another person% or mailed it, that's ITSP %interstate transportation of stolen property%." But Bua disagreed. "This court is unpersuaded by Neidorf's disingenuous argument that he merely transferred electronic impulses across state lines," Bua said. "Several courts have upheld section 2314 charges based on the wire transfer of fraudulently obtained money, rejecting the arguments of the defendants in those cases that only electronic impulses, not actual money, crossed state lines. " Bua noted that no other court has ever held that the electronic transfer of confidential, proprietary business information from one computer to another across state lines constitutes a violation of section 2314, but he added that no other court has addressed the issue. "Over the course of the past decade, advances in technology and growing respect and acceptance for the powers of computers have created a true explosion in the computer industry," Bua said. "Quite naturally, the growth of computer availability and application has spawned a host of new legal issues. "This case requires the court to wrestle with some of these novel legal issues which are a product of the marriage between law and computers." Drawing a parallel between this case and cases involving the wire transfer of funds, Bua characterized Neidorf's alleged conduct not merely as the transmission of electronic impulses, but as the transfer of properitary %sic% business information. "The question this case presents, then, is not whether electronic impulses are 'goods, wares or merchandise' within the meaning of %page break% section 2314, but whether the proprietary information contained in Bell South's E911 file constitutes a 'good, ware, or merchandise' within the purview of the statute," Bua said. "This court answers that question affirmatively." The case is schedule to be tried July 23. U.S. v. ROBERT J. RIGGS AND CRAIG NEIDORF, No. 90 CR 0070. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "U.S. Raid Stirs Drive for Computer Rights" By Linda P. Campbell, The Chicago Tribune, 7/11/90: Page 6. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Washington--Steve Jackson says he still doesn't know exactly why Secret Service agents raided his computer-game business last March in Austin, Texas, and confiscated computers, software, vital business data and a game book that was soon to be published. But at a Washington news conference Tuesday, Jackson suggested that it may be because the book described a "totally imaginary" futuristic fantasy game involving computer intrusion that government agents saw as "a handbook for computer crime." The raid, Jackson claimed, nearly ruined his business. Now a group of computer pioneers has championed Jackon's case as an example of overzealous law-enforcement officials trampling an individual's rights in the pursuit of computer criminals. Mitchell Kapor, who founded the software giant Lotus Development Corp., has teamed with Apple Computer Inc. co-founder Steven Wozniak and an anonymous Silicon Valley entrepreneur to fund the Electronic Frontier Foundation, dedicated to protecting a kind of "keyboard freedom." The group is seeking 1st Amendment protections for electronic communication such as computer bulletin boards and newsletters, and wants to halt intrusive law-enforcement techniques. "Speech is speech. It doesn't really matter whether it's formulated on paper or in bits nd bytes," said John Perry Barlow, a writer who helped put together the foundation. The group, which was formaly announced Tuesday, has focused debate on the difficult balance between securing computer systems from intruders, known as "hackers," and protecting rights to get information and communicate through electronic media. But Kapor denied that was simply a "hackers' defense fund." "We don't see our mission as defending people who illegally enter the computer systems," he said. He and others involved with the group argued that the government has gone too far, partly because ignorance about rapidly advancing computer technology has generated widespread anxiety. They cited the case of Craig Neidorf, a University of Missouri student indicted on federal charges of wire fraud and interstate transportation of stolen property. Neidorf published in his electronic magazine, Phrack, a telephone company document about 911 emergency phone services that someone else allegedly stole from the BellSouth computer system. New York Lawyer Terry Gross, who represents Neidorf, called the prosecution "an unprecedented threat to the free press." And Kapor argued that computer news networks should have the same protections as print or broadcast media. But Secret Service Special Agent Rich Adams said that legitimate computer bulletin board users were not at risk. The agency, he said, is cracking down on hackers who "are maliciously trying to get into" hospital records and 911 systems or stealing credit card information and telephone access codes "for personal gain." Earlier this year, a 2-year anti-hacker investigation dubbed Operation Sundevil led to the seizure of more than 40 computers and 23,000 disks in 13 cities. Adams said that Jackson, who was not arrested in the raid on his business, got caught in the Sundevil net because one of his employees was accused of a computer crime. On Monday three men belonging to a hackers group known as the Legion of Doom pleaded guilty to charges of conspiring to defraud BellSouth, which oversees telephone service in nine Southern States. ----END ARTICLE---- ******************************************************************** ------------------------------ **END OF CuD #1.23** ********************************************************************