****************************************************************************
                  >C O M P U T E R   U N D E R G R O U N D<
                                >D I G E S T<
              ***  Volume 1, Issue #1.23 (July 18, 1990)   **
  ****************************************************************************

MODERATORS:   Jim Thomas / Gordon Meyer
ARCHIVISTS:   Bob Krause / Alex Smith
REPLY TO:     TK0JUT2@NIU.bitnet

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
DISCLAIMER: The views represented herein do not necessarily represent the
            views of the moderators. Contributors assume all responsibility
            for assuring that articles submitted do not violate copyright
            protections.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


CONTENTS:

File 1:  Moderators' Comments
File 2:  FTPing Thru Bitnet: BITFTP Help
File 3:  Phrack as "Evidence?"
File 4:  CU in the News
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

----------------------------------------------------------------------

********************************************************************
***  CuD #1.23, File 1 of 4: Moderators' Comments                ***
********************************************************************

++++++++++
In this file:
  1) Craig Neidorf's Trial
  2) Law Enforcement Contributions
  3) Berserker BBS
  4) The Well in Sausalito
  5) LoD/H Technical Journal, #4

+++++++++++++++++++++++++++++
CRAIG NEIDORF'S TRIAL
+++++++++++++++++++++++++++++

Craig Neidorf's trial begins Monday, July 23, in Chicago's Federal Court
building at 220 S. Dearborn in Judge Nicholas Bua's court. For those
planning to attend, the Federal Court is on the south edge of The Loop,
about a 10 minute walk from commuter trains. Jury selection begins in the
morning. The trial, originally expected to be fairly short, perhaps because
the prosecutor expected no opposition, could run for at least
two-and-a-half weeks. Judge Bua refused the prosecutor's request for a
postponement apparently intended to dig up more "dirt" and witnesses. Some
sources indicate that the prosecution has been attempting to amass
information intended to discredit the Craig's character that has nothing to
do with the charges, but might create an unfavorable imagery to persuade a
jury that he must be guilty of *something*!  Looks from this side like the
politics of desperation. Dorothy Denning will attend the entire trial, and
the CuD moderators will be on the scene as time allows.

******************
LAW ENFORCEMENT CONTRIBUTORS
******************

We have invited two high-level prosecutors to contribute their views of the
problems of evidence, defining computer crime, separating "real" criminals
from CU types, and other issues to CuD.  One has agreed when time allows,
the other is considering it.  We believe it is crucial to develop dialogue
between competing groups in order to address the complexity of the various
issues. Unless this happens, it will be more difficult to assure
Constitutional protections, to enact or change legislation, or to generally
establish some sort of peaceful co-existence.  So, we again encourage
contributions from all sides.

******************
BERSERKER BBS
******************

We have heard that Berserker BBS, one of the elite boards in the country,
went down. Does anybody have any information on this?

***************
THE WELL
***************

We have come across THE WELL (an acronym for Whole Earth 'Lectronic Link)
in Sausalito. It's more than a BBS, and offers files, net links, and
informed message sections. Anybody interested in the computer underground
should participate in the "Hacker's Conference," where a variety of
interesting topics are discussed by lawyers, journalists, hackers, and
many, many others. The hacker's conference was the source of HARPER'S Forum
on hacking this past March.  It's a bit expensive (a sign-up fee, monthly
fee, and user fee), but more than worth it for the price.  THE WELL'S data
phone: (415)-332-6106; Voice: (415)-332-4335.

***************************
LOD/H TECHNICAL JOURNAL, #4
***************************

LoD/H #4 came out in May and is available from the CuD archives.  The
introductory statement warned of confusion and potential imposters, so we
thought we'd reprint it. The issue also includes a history of the LoD from
the perspective of one participant that supplements the history found in
Phrack 31. Here's an excerpt from the introduction:

***************************************************************************


We are still alive. This publication is not released on any schedule. Past
attempts at scheduling issues have failed miserably. The editors refuse to
release issues which are not up to our self-defined standards. We have in the
past, and will continue in the future, to accept articles from anyone (e.g.
non LOD) as long as the articles adhere to our basic format and style. The
editors review all articles to verify accuracy and integrity however it may
not be  possible in all cases to check every fact. Plagiarized material is not
acceptable and we make every attempt to verify an article's originality. When
referenced material is used, the source for that material must be clearly
stated. The more articles we receive the sooner each issue is released. There
is a minimum 2 month review and editing period for each article. If you want
to contribute articles contact any member and they will forward articles to
the editors.

There seems to be some confusion as to what writers are (or were) in LOD/H and
what ones aren't. JUST BECAUSE SOMEONE WRITES FOR THIS PUBLICATION DOES NOT
MEAN THEY ARE AN LOD/H MEMBER! Just to clear up any confusion, a current
member list follows:

Erik Bloodaxe
Lex Luthor
Prime Suspect
Phase Jitter
Professor Falken
                        (End excerpt from LoD/H #4)

********************************************************************
                           >> END OF THIS FILE <<
***************************************************************************

------------------------------

********************************************************************
***  CuD #1.23: File 2 of 4: FTPing thru Bitnet                  ***
********************************************************************

++++++++++++++++
Lang Zerner reminds us that bitnet users may be able to access FTP sites,
and has sent along the following instructions.
++++++++++++++++

        BITFTP -- Princeton BITNET FTP Server

BITFTP provides a mail interface to the FTP portion of the IBM TCP/IP
product ("FAL") running on the Princeton VM system, to allow
BITNET/NetNorth/EARN users to ftp files from sites on the Internet.

BITFTP currently accepts requests only via RFC822-format mail, IBM
NOTE-format mail, PROFS-format messages, or files with no headers at all.
BITFTP currently returns the requested files as NETDATA-format files or as
mail files containing UUENCODED data.  If you specify "UUENCODE" or
"NETDATA" on your "FTP" command, BITFTP will attempt to use that format.
If you do not specify the format, BITFTP will attempt to select the
appropriate format for your node.  BITFTP attempts to send NETDATA-format
files through the gateway from EARN into Janet via the NIFTP facility at
Rutherford Lab.

If BITFTP sends you a file you cannot read, THE FIRST THING TO DO is to
make sure that you specified ASCII if the file should contain textual
material or that you specified BINARY if the file should contain binary
data, executable programs, tar files, or the like.  VMS users should
specify BINARY F 512 and should use RECEIVE/BINARY to receive the
NETDATA-format binary files BITFTP sends them.

If BITFTP sends you a uuencoded file that you cannot uudecode, the first
thing to do is to translate all occurrences of 0x7E in the file to 0x5E and
then try uudecoding again.  (Some gateways are changing 5Es to 7Es when the
files pass through them.)

To use BITFTP, send mail containing your ftp commands to "BITFTP@PUCC".
The first command to BITFTP must be "FTP" or "HELP".

The recommended syntax for ftp requests is:

FTP hostname NETDATA    --or--    FTP hostname UUENCODE
USER username password
<other ftp subcommands>
QUIT

After the hostname on the FTP command, you may specify "UUENCODE" or
"NETDATA" to tell BITFTP the format in which you wish to receive files.

(If the username is "anonymous", no password is required; BITFTP will use
your userid and nodeid as the password.)

Note that on many systems passwords are case-sensitive; that is, the
password may be required to be in lower case or mixed case or upper case.
(The same is true of directory and file names.)

The following is an example of an ftp request:

FTP  f.ms.uky.edu  NETDATA
USER  anonymous
CD  /pub/msdos/Games
DIR
BINARY
GET  robotron.arc  msdos.robotron
QUIT

To request a list of some of the hosts that allow anonymous ftp, send
BITFTP mail or a message containing only the command "FTPLIST".  Note that
there is no guarantee that BITFTP can access all the hosts in this list.

BITFTP implements a subset of the ftp subcommands provided in the IBM
TCP/IP and uses the same syntax.  Therefore, you may find it useful to
obtain the "IBM TCP/IP for VM Command Reference Manual", IBM order number
GC09-1204.

The currently supported subcommands are:

  ACCT        -- to send host-dependent account information.
    format:   ACCT account-information

  ASCII       -- to change the file transfer type to ASCII.
    format:   ASCII

  BINARY      -- to change the file transfer type to image.
    format:   BINARY <FIXED record-len> <VARIABLE>

  CD          -- to change the working directory.
    format:   CD directory

  CLOSE       -- to disconnect from the foreign host.
    format:   CLOSE

  DIR         -- to get a list of directory entries.
    format:   DIR

  EBCDIC      -- to change the file transfer type to EBCDIC
    format:   EBCDIC

  GET         -- to get a file from the foreign host.
    format:   GET foreignfile <localfile>

              If you specify "localfile", it must be in
              the forms "filename.filetype" or "filename",
              and the filename and filetype may each be no
              more than 8 characters long and may not contain
              periods.

  LOCSTAT     -- to display local status information.
    format:   LOCSTAT

  LS          -- to list the files in a directory.
    format:   LS <name>

  PWD         -- to print the working directory.
    format:   PWD

  QUIT        -- to disconnect from the foreign host.
    format:   QUIT

  STATUS      -- to retrieve status information from a foreign host.
    format:   STATUS <name>

  SYSTEM      -- to get the name of the foreign host's operating system.
    format:   SYSTEM

  TYPE        -- to specify Image, ASCII, or EBCDIC file transfer.
    format:   TYPE <I|A|E>

The files you request will be sent to you in NETDATA format or UUENCODED
inside mail files.

You will also receive a mail file containing a log of your ftp session.  In
that mail file, entries prefixed by ">" are your original commands; those
prefixed by ">>" are your commands as interpreted by BITFTP and passed to
TCPIP; those prefixed by ">>>" are your commands as interpreted by TCPIP
and passed to the remote host; those prefixed by "<<<" are messages from
the remote host; and those prefixed by ">>>>" are completion messages from
BITFTP.

If BITFTP is unable to connect to the host you specify, it will send you
mail after the first attempt, but will keep trying at intervals over three
days.  The only additional mail files you will receive will be when the
connection is made successfully or when BITFTP gives up after three days.

The load on BITFTP is often very heavy, and network backlogs are often so
great that it may take several days for a file to get to you once BITFTP
sends it, so please be patient and don't send multiple requests for the
same file.  If your system allows you to send interactive messages, you can
inquire about BITFTP's backlog by sending the query "How are you?", e.g.,
on a VM system:

   TELL BITFTP AT PUCC How are you?


This service is currently under development and is far from complete.
Current plans for improvements include:

1.  Acknowledgments via MSG when mail is received and when
    processing has been completed.

2.  A much more complete HELP facility.

Questions about BITFTP and suggestions for improvements should be directed
to Melinda Varian, MAINT@PUCC on BITNET or MAINT@pucc.princeton.edu on the
Internet.

The author gratefully acknowledges the use of the FTP SUBCOM interface
written by David Nessl, the SENDJANI EXEC written by Alan Flavell, the
uuencoding utility written by John Fisher, and the RFC822 parsing routine
written by Eric Thomas.  NOTE:  If you have any complaints or suggestions
about the way any of these routines work in BITFTP, please send them to
MAINT@PUCC (Melinda Varian), not to the authors.

********************************************************************
                           >> END OF THIS FILE <<
***************************************************************************

------------------------------

********************************************************************
***  CuD #1.23: File 3 of 4: Phrack as Evidence???               ***
********************************************************************

If a clever prosecutor wanted to introduce evidence that "proved" how dangerous
a defendant was, and if that evidence included something like what follows,
what would this evidence actually show?  Hypothetically, if the following
were evidence, would Bill Cook think it so dangerous as to have it sealed?
Can't blame him, though.  It's well known throughout the modem community
that PHRACK took its orders directly from the Kremlin, and secret codes and
meanings are incrypted in vowels.  Rumor also has it that if you change the
ascii to hex, stick it in the oven for 23 minutes at 420 degrees, dry it,
grind it up in the food processer and smoke it, it's better than crack.
Sometimes it seems like the prosecution has tried it--and found that it
works! What else could explain their actions?

_______________________________________________________________________________
                                ==Phrack Inc.==

                      Volume Two, Issue 23, File 3 of 12

       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
       <>                                                            <>
       <>                        Subdivisions                        <>
       <>                        %%%%%%%%%%%%                        <>
       <>          Part Three Of The Vicious Circle Trilogy          <>
       <>                                                            <>
       <>  A Study On The Occurrence Of Groups Within The Community  <>
       <>                                                            <>
       <>                Presented by Knight Lightning               <>
       <>                       August 8, 1988                       <>
       <>                                                            <>
       <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

               A Rose By Any Other Name... Would Smell As Sweet

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

          The Administration % Advanced Telecommunications, Inc./ATI
         ALIAS % American Tone Travelers % Anarchy Inc. % Apple Mafia
  The Association % Atlantic Pirates Guild/APG % Bad Ass Mother Fuckers/BAMF
    Bellcore % Bell Shock Force/BSF % Black Bag % Camorra % C&M Productions
   Catholics Anonymous % Chaos Computer Club % Chief Executive Officers/CEO
 Circle Of Death % Circle Of Deneb % Club X % Coalition of Hi-Tech Pirates/CHP
        Coast-To-Coast % Corrupt Computing % Cult Of The Dead Cow/-cDc-
    Custom Retaliations % Damage Inc. % D&B Communications % The Dange Gang
            Dec Hunters % Digital Gang/DG % DPAK % Eastern Alliance
          The Elite Hackers Guild % Elite Phreakers and Hackers Club
  The Elite Society Of America % EPG % Executives Of Crime % Extasyy (Elite)
   Fargo 4A % Farmers Of Doom/FOD % The Federation % Feds R Us % First Class
          Five O % Five Star % Force Hackers % The 414s % Hack-A-Trip
Hackers Of America/HOA % High Mountain Hackers % High Society % The Hitchhikers
       IBM Syndicate % The Ice Pirates Imperial Warlords % Inner Circle
                        Inner Circle II % Insanity Inc.
International Computer Underground Bandits/ICUB % Justice League of America/JLA
     Kaos Inc. % Knights Of Shadow/KOS % Knights Of The Round Table/KOTRT
       League Of Adepts/LOA % Legion Of Doom/LOD % Legion Of Hackers/LOH
       Lords Of Chaos % Lunatic Labs, Unlimited % Master Hackers % MAD!
            The Marauders % MD/PhD % Metal Communications, Inc./MCI
  MetalliBashers, Inc./MBI % Metro Communications % Midwest Pirates Guild/MPG
       NASA Elite % The NATO Association % Neon Knights % Nihilist Order
Order Of The Rose % OSS % Pacific Pirates Guild/PPG % Phantom Access Associates
                PHido PHreaks % Phlash % PhoneLine Phantoms/PLP
              Phone Phreakers Of America/PPOA % Phortune 500/P500
               Phreak Hack Delinquents % Phreak Hack Destroyers
         Phreakers, Hackers, And Laundromat Employees Gang/PHALSE Gang
     Phreaks Against Geeks/PAG % Phreaks Against Phreaks Against Geeks/PAP
      Phreaks and Hackers of America % Phreaks Anonymous World Wide/PAWW
             Project Genesis % The Punk Mafia/TPM % The Racketeers
 Red Dawn Text Files/RDTF % Roscoe Gang % SABRE % Secret Circle of Pirates/SCP
   Secret Service % 707 Club % Shadow Brotherhood % Sharp Inc. % 65C02 Elite
    Spectral Force % Star League % Stowaways % Strata-Crackers % The Phrim
     Team Hackers '86 % Team Hackers '87 % TeleComputist Newsletter Staff
 Tribunal Of Knowledge/TOK % Triple Entente % Turn Over And Die Syndrome/TOADS
  300 Club % 1200 Club % 2300 Club % 2600 Club % 2601 Club % 2AF % Ware Brigade
           The Warelords % WASP % The United Soft WareZ Force/TuSwF
                       United Technical Underground/UTU

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Its literally unbelievable just how many different groups and organizations
there are or have been in the phreak/hack/pirate community.  The list of 130
groups displayed above is probably still just a fraction of the actual amount
of groups that there have been, but those are the only ones I am aware of at
this time.

In the past John Maxfield has estimated that there are about 50,000
hackers/phreaks/pirates operating in the United States today.  That figure has
multiplied to to a point where it probably comes close to 500,000.  Believe it
or not, almost everyone has been a member of one of the above groups (or
perhaps a group not mentioned) at one time or another.

Today's telecom security consultants and law enforcement agencies know this too
and that is how group affiliations can be turned against us.

What does being in a group mean?  In the modem community being in a group is
supposed to mean that the people in the group work on projects together and
trade specific information that people outside of the group are not allowed to
access and by the same token, have no way to get it.  However, obviously the
people in the group all feel that the other people with whom they are sharing
information, can be trusted and are worthy of associating with them to begin
with.  So when you stop and think about it, if there was no group, the people
in question would still be trading information and would still trust each other
because they would not have formed the group unless this criteria was met in
the first place.  So in truth, being in a group really means nothing on the
basis previously mentioned.

You see in the modem community, being in a group really is more like a power
trip or a "security blanket" for people who feel that they need to let people
know that they associate with a specific clique in the hopes that the
popularity of some of the other members will lend popularity to themselves.

Many groups form in such a way that they try to make it look otherwise and thus
begins the real problem.  Some groups are formed by a person who tries to get a
lot of guys together that he feels knows a lot or seems to post a lot of good
information - Bad Move; If you are going to form a group at all, stick with
people who you know can be trusted (can you really ever "know" who can be
trusted?) and then out of those people form your group or choose who you feel
should be in it.

Anyway, to prove that they are elite, most groups begin to gather specific data
for giving to group members, and this includes handing out their own names and
phone numbers with other members of the group.  They feel a false loyalty and
psychologically create such utter faith in all the members that the faith is
ultimately blind and based on hopes and aspirations of greatness.

What is the best way for a security agent or informant to blend in with the
modem community?  Join as many groups as possible, start gathering data on
the members, and spread your handle throughout the community to become "well
known."

Example:  Taken From Phrack World News Issue XV;

           [This article has been edited for this presentation. -KL]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Mad Hatter; Informant?                                            July 31, 1987
%%%%%%%%%%%%%%%%%%%%%%
We at Phrack Inc. have uncovered a significant amount of information that has
led us to the belief that Mad Hatter is an informant for some law enforcement
organization.

When Taran King, Cheap Shades, Forest Ranger, and Knight Lightning arrived at
Control C's in Chicago, Illinois, Mad Hatter had already searched the place and
had found some papers that could only have done ^C harm.   We destroyed this
information and thought everything was ok.  However, as it turns out, we
searched Mad Hatter's bags and found a duplicate set of this information and
the general hypothesis was they he intended to leave it behind as incriminating
evidence.

Mad Hatter had also brought down several disks for the purpose of copying
Phantasie Realm.  Please note; PR was an IBM program and MH has an apple.

Control C told us that when he went to pick Mad Hatter up at the bus terminal,
he watched the bus pull in and saw everyone who disembarked.  Suddenly Mad
Hatter was there, but not from the bus he was supposed to have come in on.  In
addition to this, he had baking soda wrapped in a five dollar bill that he
tried to pass off as cocaine.  Perhaps to make us think he was cool or
something.

Mad Hatter constantly tried to get left behind at ^C's apartment for unknown
reasons. He also was seen at a neighbor's apartment making unauthorized calls
into the city of Chicago.  When asked who he called, his reply was "Don't worry
about it."  Mad Hatter had absolutely no money with him during PartyCon (and
incidentally he ate everything in ^C's refrigerator) and yet he insisted that
although he had taken the bus down and had return trip tickets for the bus,
that he would fly back home.  How was this going to be achieved?  He had no
money and even if he could get a refund for the bus tickets, he would still be
over $200 short.  When asked how he was going to do this, his reply was "Don't
worry about it."

On Saturday night while on the way to the Hard Rock Cafe, Mad Hatter asked
Control C for the location of his computer system and other items 4 times.
This is information that Hatter did not need to know, but perhaps a SS agent or
someone could use very nicely.

When Phrack Inc. discovered that Dan The Operator was an FBI informant and made
the news public, several people were criticizing him on Free World II Private.
Mad Hatter on the other hand, stood up for Noah and said that he was still his
friend despite what had happened.  Then later when he realized that people were
questioning his legitimacy, his original posts were deleted and he started
saying how much he wanted to kill Dan The Operator and that he hated him.

Mad Hatter already has admitted to knowing that Dan The Operator was an FBI
informant prior to SummerCon '87.  He says the reason he didn't tell anyone is
because he assumed we already knew.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
When Mad Hatter first entered the phreak/hack world, he joined;

                     Phreaks Anonymous World Wide (PAWW),
                     MetalliBashers, Inc (MBI),
                     Order of The Rose, and
                     Cult of The Dead Cow (-cDc-).

If you were a security agent or a loser hacker turned informant and you wanted
to mix in with the phreak/hack community, wouldn't you try to join as many
groups as possible to spread your name?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Phreaks Anonymous World Wide, MetalliBashers, Inc., Order of The Rose, and
Cult of The Dead Cow, not exactly the toughest groups to join and once there is
one security person in the group, he is bound to vouch for others, etc.  So
while he spreads his name as an elite modem user throughout the community, he
is busy gathering information on group members who are foolish enough to trust
him.

Its not bad enough that some groups are easy enough to infiltrate as it is, but
does anyone remember this?

Taken From Phrack World News Issue XI;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Phortune 500:  Phreakdom's Newest Organization               February 16, 1987
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
For those of you who are in the least bit interested, Phortune 500 is a group
of telecommunication hobbyists who's goal is to spread information as well as
further their own knowledge in the world of telecommunications.  This new
group was formed by:

    Brew Associates / Handsomest One / Lord Lawless / The Renegade Chemist
          Quinton J. Miranda / Striker / The Mad Hacker / The Spiker

These eight members are also known as Board Of Directors (BOD).  They don't
claim to be *Elite* in the sense that they are they world's greatest hacker,
but they ARE somewhat picky about their members.  They prefer someone who knows
a bit about everything and has talents exclusive to him/herself.

One of the projects that Phortune 500 has completed is an individual password
AE type system.  It's called TransPhor.  It was written and created by Brew
Associates.  It has been Beta tested on The Undergraduate Lounge (Sysoped by
Quinton J. Miranda).   It is due to be released to the public throughout the
next few months.

Phortune 500 has been in operation for about 4 months, and has released two
newsletters of their own.  The Phortune 500 Newsletter is quite like the
"People" of contemporary magazines.  While some magazines cover the deep
technical aspects of the world in which we communicate, their newsletter tries
to cover the lighter side while throwing in information that they feel is "of
technical nature."  The third issue is due to be released by the end of this
month.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
             *>=-> The Phortune 500 Membership Questionnaire <-=<*

Note:  The following information is of a totally confidential nature.  The
       reason you may find this so lengthy and in depth is for our knowledge of
       you.  We, with Phortune 500, feel as though we should know prospective
       members well before we allow them into our organization.  Pending the
       answers you supply us, you will be admitted to Phortune 500 as a charter
       member.  Please answer the following completely...
...............................................................................

Handle                          :
First Name                      :
Voice Phone Number              :
Data Phone Number               :
City & State                    :
Age                             :
Occupation (If Applicable)      :
Place of Employment (Optional)  :
Work Phone Number   (Optional)  :
Computer Type                   :
Modem Type                      :
Interests                       :
Areas Of Expertise              :
References (No More Than Three) :
Major Accomplishments (If Any)  :
...............................................................................
Answer In 50 Words Or Less;

^*^  What Is Phortune 500 in Your Opinion?

^*^  Why Do You Want To Be Involved With Phortune 500?

^*^  How Can You Contribute to Phortune 500?
...............................................................................

Please answer each question to the best of your ability and then return to any
Phortune 500 Board of Directors Member Or a Phortune 500 BBS:

           The Private Connection (Limited Membership) 219-322-7266
           The Undergraduate AE   (Private Files Only) 602-990-1573
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

An actual application form for joining a group.  Perhaps the concept was a good
one, perhaps not, but from a standpoint of publicity and security, this was a
complete and utter catastrophe.

Basically we are all here to learn in one way or another.  Groups and clubs
in our community only seem to segregate it and at a time when everyone should
be pulling together, this is not such a good idea.  Privacy and security are
important factors that motivate these sects within the society, but ultimately
are the final consequences worth the trouble of creating a group?

If groups had not been created, there would not be as much attention on the
phreak/hack community as there is right now.  When group names start spreading,
it starts the law enforcement agencies into a panic that its big time organized
crime.  This allows them to justify more time and money into the apprehension
of computer criminals and usually they go after the big names; the people in
the most "elite" groups.

Now before you, a member of a group, start criticizing this file, please
understand, I am not referring to any particular groups here, just groups in
general.  Any and all comments made about MBI, -cDc-, PAWW, OOTR, and P500
should not be taken personally and were used only as examples of how groups can
be potential security problems.

There are some groups that are worthwhile organizations and its obvious because
that have existed through the years and been productive.  However, the only way
to keep this community alive is for everyone to work together to protect and
learn from each other.

:Knight Lightning

                              "The Future Is Now"

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

********************************************************************
                           >> END OF THIS FILE <<
***************************************************************************

------------------------------

********************************************************************
***  CuD #1.23: File 4 of 4: The CU in the News                  ***
********************************************************************

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-

From: ekrell@ulysses.att.com
Date: Mon, 9 Jul 90 16:14:38 EDT
Subject: Legion of Doom Members Plead Guilty


Extracts from an AP news wire:

Three members of the Legion of Doom group pleaded guilty to federal
conspiracy charges Monday. U.S. Attorney Joe Whitley said the group
disrupted telecommunications, stole computer source codes and information,
stole credit card information and fraudulently obtained money and property.

In May, authorities in Indiana prosecuted a juvenile who pleaded guilty
to 11 counts of fraud and agreed to testify against the three Atlanta men,
in a trial scheduled to start today.

Instead, the three pleaded guilty. They are E. Grant, 22 and Robert
Riggs, 22 (both from Atlanta) and Franklin E. Darden Jr, 24 of Norcross.

Whitley said in a statement that they illegally accessed various
BellSouth computers between Sept. 10, 1987 and July 21, 1989. Grant and
Darden also monitored private telephone conversations. They were carged
with conspiracy to commit computer fraud, wire fraud, access code fraud and
interstate transportation of stolen property.

Darden and Riggs pleaded guilty to one count of conspiracy each and face
a maximum of 5 years in prison and a $ 250,000 fine. Grant pleaded guilty
to possessing 15 or more BellSouth access devices with intent to defraud
and faces up to 10 years in prison and a $ 250,000 fine.


Eduardo Krell                   AT&T Bell Laboratories, Murray Hill, NJ

UUCP: %att,decvax,ucbvax%!ulysses!ekrell  Internet: ekrell@ulysses.att.com

++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

And here's another little article from Computerworld, July 2, 1990 issue,
p. 78, in the column "Inside Lines," no definite author given, only the
Assistant News Editor Jim Connolly (a phone number is given for news tips,
800-343-6474):

"That old hack magic The infamous Internet worm, created by ex-Cornell
graduate student and hacker Robert T. Morris, still rears its head from
time to time, according to one security expert.  "It's taken on a life of
its own," he said.  Admirers of Morris' handiwork have added names to the
worm's built-in password-cracking dictionary to make it more effective.
One estimate puts the dictionary at 560 passwords, up from the original
430, the expert said.  Morris, meanwhile, is still trying to work out a
deal with his probation officer on how he will spend his 400 hours of
community service -- part of his sentence for writing the untamed program,
according to his lawyer.  A decision will come next week, he added."

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

          COMPUTER TRANSFER OF STOLEN DATA RULED A FEDERAL CRIME
                              By Janan Hanna
        (From Chicago Daily Law Bulletin, June 13, 1990, pp 1, 14)

The transfer of confidential information from one computer to another
constitutes a violation of the federal law prohibiting the interstate
transportation of stolen property, a federal judge has ruled.

U.S. District Judge Nicholas Bua made this first-impression ruling in a
criminal computer "hacker" case brought against two young men.

Attorney Sheldon T. Zenner, representing one of the defendants, said the
ruling improperly broadens the federal statue against interstate
transportation of stolen property--18 U.S.C. %section% 1343.

Under the ruling, Zenner argued, simple communications between persons or
news organizations could be construed as illegal.

Bua denied a motion to dismiss by defendant Craig Neidorf, who was indicted
along with Robert J. Riggs for allegedly breaking into Bell South Telephone
Co.'s computer system, copying its emergency 911 system and publishing the
information on a computer bulletin board.

Riggs allegedly gained acess to Bell South's computer, downloaded the
system into his home computer and sent it to Neidorf who allegedly
published it in a computer newsletter known as "PHRACK," according to Bua's
decision.

Neidorf, who was charged with violating the wire fraud and interstate
transport statutes, argued that the government's allegation did not fall
within the definition of those statutes because no goods, wares, or
merchandise was transferred. The original indictment also charged Neidorf
with violations of the Computer Fraud and Abuse Act of 1986, but government
prosecutors dropped those charges in a superseding indictment and added
additional wire fraud charges.

18 U.S.C. %section% 2314 provides, in part, that "whoever transports,
transmits, or transfers in interstate or foreign commerce any goods, wares,
merchandise, securities or money, of the value of $5,000 or more, knowing
the same to have been stolen, converted or taken by fraud...shall be fined
not more than $10,000 or imprisoned not more than 10 years or both."

"The question is, where what takes place is merely a telephone call, where
information is transported and the property never leaves Bell, because they
still have it, is that interstate transportation of stolen property?"
Zenner asked.  "Other cases have held that property must be tangible
property. If a kid...had stolen a computer disk, gotten in his car and
drove it %to another person% or mailed it, that's ITSP %interstate
transportation of stolen property%."

But Bua disagreed.

"This court is unpersuaded by Neidorf's disingenuous argument that he
merely transferred electronic impulses across state lines," Bua said.
"Several courts have upheld section 2314 charges based on the wire transfer
of fraudulently obtained money, rejecting the arguments of the defendants
in those cases that only electronic impulses, not actual money, crossed
state lines.  " Bua noted that no other court has ever held that the
electronic transfer of confidential, proprietary business information from
one computer to another across state lines constitutes a violation of
section 2314, but he added that no other court has addressed the issue.

"Over the course of the past decade, advances in technology and growing
respect and acceptance for the powers of computers have created a true
explosion in the computer industry," Bua said.  "Quite naturally, the
growth of computer availability and application has spawned a host of new
legal issues.

"This case requires the court to wrestle with some of these novel legal
issues which are a product of the marriage between law and computers."

Drawing a parallel between this case and cases involving the wire transfer
of funds, Bua characterized Neidorf's alleged conduct not merely as the
transmission of electronic impulses, but as the transfer of properitary
%sic% business information.

"The question this case presents, then, is not whether electronic impulses
are 'goods, wares or merchandise' within the meaning of %page break%
section 2314, but whether the proprietary information contained in Bell
South's E911 file constitutes a 'good, ware, or merchandise' within the
purview of the statute," Bua said. "This court answers that question
affirmatively."

The case is schedule to be tried July 23. U.S. v. ROBERT J. RIGGS AND CRAIG
NEIDORF, No. 90 CR 0070.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
             "U.S. Raid Stirs Drive for Computer Rights"
     By Linda P. Campbell, The Chicago Tribune, 7/11/90: Page 6.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Washington--Steve Jackson says he still doesn't know exactly why Secret
Service agents raided his computer-game business last March in Austin,
Texas, and confiscated computers, software, vital business data and a game
book that was soon to be published.

But at a Washington news conference Tuesday, Jackson suggested that it may
be because the book described a "totally imaginary" futuristic fantasy game
involving computer intrusion that government agents saw as "a handbook for
computer crime." The raid, Jackson claimed, nearly ruined his business.

Now a group of computer pioneers has championed Jackon's case as an example
of overzealous law-enforcement officials trampling an individual's rights
in the pursuit of computer criminals.

Mitchell Kapor, who founded the software giant Lotus Development Corp., has
teamed with Apple Computer Inc. co-founder Steven Wozniak and an anonymous
Silicon Valley entrepreneur to fund the Electronic Frontier Foundation,
dedicated to protecting a kind of "keyboard freedom."

The group is seeking 1st Amendment protections for electronic communication
such as computer bulletin boards and newsletters, and wants to halt
intrusive law-enforcement techniques.

"Speech is speech. It doesn't really matter whether it's formulated on
paper or in bits nd bytes," said John Perry Barlow, a writer who helped put
together the foundation.

The group, which was formaly announced Tuesday, has focused debate on the
difficult balance between securing computer systems from intruders, known
as "hackers," and protecting rights to get information and communicate
through electronic media.

But Kapor denied that was simply a "hackers' defense fund." "We don't see
our mission as defending people who illegally enter the computer systems,"
he said.

He and others involved with the group argued that the government has gone
too far, partly because ignorance about rapidly advancing computer
technology has generated widespread anxiety.

They cited the case of Craig Neidorf, a University of Missouri student
indicted on federal charges of wire fraud and interstate transportation of
stolen property. Neidorf published in his electronic magazine, Phrack, a
telephone company document about 911 emergency phone services that someone
else allegedly stole from the BellSouth computer system.

New York Lawyer Terry Gross, who represents Neidorf, called the prosecution
"an unprecedented threat to the free press." And Kapor argued that computer
news networks should have the same protections as print or broadcast media.

But Secret Service Special Agent Rich Adams said that legitimate computer
bulletin board users were not at risk. The agency, he said, is cracking
down on hackers who "are maliciously trying to get into" hospital records
and 911 systems or stealing credit card information and telephone access
codes "for personal gain."

Earlier this year, a 2-year anti-hacker investigation dubbed Operation
Sundevil led to the seizure of more than 40 computers and 23,000 disks in
13 cities.

Adams said that Jackson, who was not arrested in the raid on his business,
got caught in the Sundevil net because one of his employees was accused of
a computer crime.

On Monday three men belonging to a hackers group known as the Legion of
Doom pleaded guilty to charges of conspiring to defraud BellSouth, which
oversees telephone service in nine Southern States.

                            ----END ARTICLE----

********************************************************************

------------------------------

                           **END OF CuD #1.23**
********************************************************************