Computer Underground Digest--Thu Aug 9, 1991 (Vol #3.29)

       Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)

CONTENTS, #3.29 (AUGUST 9, 1991)
Subject: File 1--Moderators' Corner
Subject: File 2--Say Goodbye to FOIA?
Subject: File 3--Hackers Challenged to Break In
Subject: File 4--Reciprocity in Cyberspace, by Robert Jacobson
Subject: File 5--text of chron-spacemail
Subject: File 6--Reply to Gene Spafford
Subject: File 7--Estimates on virus activity
Subject: File 8--Research Analysis
Subject: File 9--comp.patents, misc.legal.computing and misc.int-property

Administratia:

           ARCHIVIST: BRENDAN KEHOE
           RESIDENT CONVALESCENT: BOB KUSUMOTO
           ULTRA-SCANMEISTER: BOB KRAUSE

CuD is available via electronic mail at no cost. Printed copies are
available by subscription.  Single copies are available for the costs
of reproduction and mailing.

Issues of CuD can be found in the Usenet alt.society.cu-digest news
group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG,
and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414)
789-4210, and by anonymous ftp from ftp.cs.widener.edu,
chsun1.spc.uchicago.edu, and dagon.acc.stolaf.edu.  To use the U. of
Chicago email server, send mail with the subject "help" (without the
quotes) to archive-server@chsun1.spc.uchicago.edu.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted as long as the source
is cited.  Some authors do copyright their material, and they should
be contacted for reprint permission.  It is assumed that non-personal
mail to the moderators may be reprinted unless otherwise specified.
Readers are encouraged to submit reasoned articles relating to the
Computer Underground.  Articles are preferred to short responses.
Please avoid quoting previous posts unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
             responsibility for ensuring that articles submitted do not
             violate copyright protections.

----------------------------------------------------------------------

Date: August 9, 1991
From: "The Moderators" <tk0jut2@mvs.cso.niu.edu>
Subject: Moderators' Corner

+++++++++++++
LEN ROSE ADDRESS
+++++++++++++

For those who missed the last blurb, Len Rose has begun his sojourn in
a Level-1 federal institution in North Carolina.  He reports that the
hardest part of incarceration is the separation from wife and children
(it's a long way from Naperville, Ill., to Goldsboro, N.C.), and the
intense loneliness of the first few weeks. He is assigned to menial
labor, and spends his "leisure" time playing cards, writing letters,
and trying to cope with his new environment. He *does not* have a
computer or a typewriter.

Prisons should be the stop of last resort for violent predators or for
those who demonstrate pattern of career criminality.  Nothing is
served by imprisoning Len or others like him.  Why not drop him a
humorous postcard just to say "hi?"

 Sheldon Zenner will continue to serve as as a conduit for funds send
 to help Len's family. Checks made out to Len Rose or money orders
 (*no cash*) may be sent to:

    Sheldon T. Zenner
    RE: Len Rose
    Katten, Muchin, and Zavis
    525 West Monroe Street (Suite 1600)
    Chicago, IL 60606-3693

Len's address for those who've missed it:

Len Rose  (27154-037)
FPC
Seymour Johnson AFB
Caller Box 8004
PMB 187
Goldsboro, NC 27531-5000

+++++++++++++
'Zines
+++++++++++++

The latest MONDO has been out, and from all accounts is first-rate.
Info on ordering can be obtained from   RUSIRIOUS@WELL.SF.CA.US

INTERTEK (Summer, '91) also is lookin' good. Of special interest are
the pieces by EFF's John Gilmore on "Preserving Privacy in America"
and the interview with sci-fi author Bruce Sterling.  The snippets of
news and reviews cover the new-hitek gamut, and where else could you
find a financial report that includes street prices of computers *and*
drugs? (The price of cocaine is down 25 pct--so much for the war on
drugs).

+++++++++
FTP SITE INFO
+++++++++

The U of Chicago ftp site address as changed:

The machine is now offically known as chsun1.spc.uchicago.edu although
chsun1.uchicago.edu is a valid alias. The ip address is 128.135.252.7
The archivist, Bob Kusumoto, will be unavailable for a few weeks while
recovering from a sports injury, so don't send email to him for
awhile. He should be able to throw the bull...uh, ball....with his
previous velocity.

A number of new files have been added, mostly 'zines, academic, and
legal papers. Bill Cook's opening statement in the Craig Neidorf trial
is also up.

------------------------------

Date: Sat, 27 Jul 91 09:56 EST
From: "Michael E. Marotta" <MERCURY@LCC.EDU>
Subject: Say Goodbye to FOIA?

    GRID News. ISSN 1054-9315. vol 2 nu 19e (Bitnet)    July 26, 1991.
    World GRID Association, P. O. Box 15061, Lansing, MI     48901 USA
+++++++++++++++++++++
    LIBRARIANS SUPPORT NREN, DECLINE TRIBE AMENDMENT;
    CALLS FOR ACCESS TO INFORMATION FAIL
    (c) Copyright 1991 by Michael E. Marotta

(86 lines) The White House Conference on Library and Information
Services was conceived in 1957 by Channing Bete, a library trustee
from Greenfield, Massachusetts.  Lyndon Johnson created the National
Advisory Commission on Libraries in 1965.  In 1974 Gerald Ford
authorized the first White House Conference on Library and Information
Systems which was convened in 1979 under Jimmy Carter.  The second
WHCLIS opened on July 9, 1991.

On July 10, WHCLIS was address by three representitives from the White
House. Barbara Bush, Marilyn Quayle and George Bush said that
libraries are really very important.  Support from the White House is
based on the historically pro-active nature of the 65 conferences that
have been called since 1908 when Roosevelt ordered two to discuss
Conservation and Children.  The general tendency is for various
advocacy groups to arrange acceptable wording for their agendas.  The
conference passes these and up to 80% are incorporated into laws.

Productivity, Literacy and Democracy defined WHCLIS when it was first
announced.  In Michigan, we began meeting in 1989, to discuss
censorship, technology, special services, funding and literacy.
Michigan's library supporters gave much thought to literacy across
generations and technologies beyond books.  By 1991, we drafted 15
proposals in the format recommended by the national leaders.

For instance, the issue statement for CENSORSHIP was: "A variety of
impediments censor or restrict open access to information."
Background material, questions for discussion and paths for solution
were outlined.  Two specific recommendations were developed: "Federal
legislation is needed to mandate open access to public information";
and "Federal legislation is needed to mandate protection of patron
privacy."  These were followed by implementation strategies and
recommended programs.  Finally, the impact on LITERACY, DEMOCRACY and
PRODUCTIVITY were identified.

WHCLIS delegates (and alterates) assembled according to nine issue
areas: Access, Governance, Marketing, National Information Policy,
Networking, Personnel, Preservation, Services, Technology and
Training.  These plenaries were divided into subgroups to facilitate
discussion.  Within a plenary, each subgroup received the same set of
issues and recommendations.  These were discussed and editorial
suggestions were forwarded.  This went on for two days.  Then it was
repeated in the plenary sessions.  These final recommendations were
voted on by the entire conference on the last day.

These were among the recommendations which were approved by the entire
WHCLIS body:  (1) "Establish an office within the US Department of
Education responsible for providing leadership to school library media
programs across the nation."   (2) "Congress shall enact legislation
creating and funding the National Research and Education Network that
will serve an information super-highway and will allow educational
institutions, including libraries, to capitalize on the advantages of
technology for resource sharing and the creation and exchange of
information."

The second WHCLIS opened on July 9, 1991.  In all, over 120 calls for
federal funding were approved.  Of the major recommendations, only one
was defeated: "Congress and the states shall recognize the right of
the American public to access works of all authors, artists, scholars,
politicians and other public figures."  Another call for open access,
farther down the list, was also defeated.


In addition to the officially sanctioned recommendations, eleven
petitions made their way to the agenda.  A call for the funding of
special literacy programs targeted to African-Americans was accepted.
A similar proposal to fund Native American libraries was defeated.


On Saturday, July 13, 1991, the White House Conference on Libraries
and Information Systems (WHCLIS) gave its overwhelming support to the
Nation Research and Education Network (NREN).  NREN is said to be a
multi-gigabit-per-second fiber optic network that will link 1,000
colleges and other facilities.   When proposed to the WHCLIS
conference, NREN came to the floor with endorsements from over 200
delegates. Speaking against the proposal, I was hissed and the chair
reprimanded the offenders.

Later, the 27th Amendment suggested by Dr. Lawrence Tribe was moved
for acceptance by Andrew Spano of New York.  Feeling that the present
Bill of Rights is adequate, the delegates rejected the proposal.

(GRID News is FREQable from FidoNet 1:159/450, the Beam Rider BBS)

------------------------------

Date: 06 Aug 91 19:29:34 EDT
From: "m.lolich%briggs.stad@mich.al"
Subject: Hackers Challenged to Break In

            Company Dares Computer Intruders to Hack Away
           (From  The Detroit News, Sunday, Aug. 4, p. 3A).

It's a little like inviting robbers to knock over your bank.

To prove its computer programs are secure from electronic intruders,
Unix System Laboratories wants hackers to try to break in.

The company set up an unattended test computer at its headquarters in
Summit, N.J., and bets that unauthorized users can't get into its mock
payroll accounts, can't cut phony checks and can't breach private
files.

Initially, the challenge was issued to corporate security experts--and
none has been able to sneak in during the past few months, said
spokesman D. Scott Belin. Now, in a bold publicity stunt, the company
will offer a toll-free phone number to let any whiz kid or mischief
maker log onto a computer and hack away.

"There's probably 10,000 computer hackers out there," Belin said.
"We're trying to figure out a way tohandle all the phone calls once we
make the number available."

He said the company, which makes a computer operating system widely
used by phone companies, has yet to decide how to publicize the
toll-free access number.

Marilyn Partel, an operating systems manager at the company, said the
software has been redesigned so that no one--even if authorized--has
unlimited access to the system.

%Moderator's note: We called D. Scott Belin, and he informed us that
challenge is not yet open to the general public. There are three pha
to the challenge. Beta SV5 was first released to source code customers
of 4.1 ES (Enhanced Security). The second phase, currently underway,
is to all UNIX SVR4 customers. The final phase, in which it will be
to the public, is still in planning stage, and they will release the
phone number as soon as all the kinks are worked out.  User restrict
are built into the operating system. There will be regular user perm
and superuser permissions.sions. No single user will have
superuser permissions.

------------------------------

Date: August 9, 1991
From: Comp.org.eff.talk (usenet)
Subject: Reciprocity in Cyberspace, by Robert Jacobson

The following paper was prepared for the "Civilizing Cyberspace"
meeting on law and cyberspace hosted by the CPSR and ACLU (with
support from the EFF, I believe), to be held in Washington, DC, on
June 26-27, 1991.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Reciprocity in Cyberspace

Robert Jacobson
June 1991

Cyberspace is the term used to express the evolving and expanding
electronic/photonic/neuronic network of computers and similar
communication devices that encircles the globe.  In cyberspace, one or
many persons can exchange ideas, in many forms, with correspondents
around the world.  But despite the appearance of autonomous action
that such communications, on their face, might suggest, in fact
cyberspace is a designed medium -- and the designers' criteria may
differ substantially and significantly from the expectations of those
who travel cyberspace.  In this short paper, I argue that the concept
of "reciprocity," which Webster's defines as "a mutual or cooperative
exchange of favors or priviliges," must become the rallying cry of
those who hold for personal and collective freedom in cyberspace.

An analogy can be suggested by air travel.  One can plan to visit
anyplace, at any time, to conduct whatever business or take whatever
pleasure one has in mind.  But in fact, one's plans are literally at
the mercy of those who build aircraft and those who operate them.
What appears at first to be a tremendous freedom, the ability to jet
off to distant realms, is in fact highly constrained by the offerings
of aircraft manufacturers and airlines.  These purveyors of air travel
are organized into oligopolies and the operations of the individual
firms are largely determined by the formal and informal codes of the
oligopolies.  Prices for travel, selection of destinations, and modes
of transport are less at the command of the traveller than of the
sellers of travel.  These factors select who can travel by air, at
what time, and to where.  The permutations of these factors can appear
manifold, but in fact there are a relatively few combinations and the
air traveler must accept them, buy his or her own plane, or take a
bus.

So it may be with cyberspace.  Large entities, manufacturers of
computer and communications equipment, network operators, and
information-service vendors pretty well define the possibilities for
travelers in this new ether.  It doesn't always appear so -- the rogue
traveler, whom some would call a bandit, makes his or her presence
known, or is revealed, to a wide public.  This is the cracker/hacker
phenomenon, aided and abetted by the forces of law and order,
including the press, in the service of those who otherwise control the
means of telecomputing.  We mistake the occasional lapse in the order
as a sign of freedom.  But the lapse is very infrequent and usually
gets turned around, one way or another (as law or calls for "ethics")
into a defense of the order.

The notion that "interactivity," which simply means (again according
to Webster) "the ability to act on each other," somehow equates with
freedom is nonsense.  I can interact with the U.S. government, Exxon,
or more to the point, an ATM terminal standing in for my bank, but no
one believes that our dealings are in any way equal or that I am
necessarily going to get a square deal.  Moreover, if I am wronged, my
chances of righting that wrong are slim to none.  It is an ill-founded
idea, too freely propagated on the nets and in the press, that
interactive media are also equitable media.  As Vincent Mosco has
illustrated in The Pay-Per Society (Ablex, 1989), my interaction with
the electronic machinery of domination is act of submission.

In contrast, I would like to propose that _reciprocity_ is an
essential criterion that should be incorporated into cyberspace, and
the sooner the better.  Reciprocity requires that not only can I
interact with and through the network, but that I be fully apprised of
the who operates the network and how it functions Q and that I, or we
(including my correspondents), be involved in its design and be able
to alter its workings.

I know this is a tall order in a social order that values (perhaps too
greatly) the role of the entrepreneur and the entrepreneur's
inheritor, the corporate manager, in making design decisions
unilaterally.  Unilateral power to design, we are taught, fosters
originality and system alternatives.  Autonomous decision making,
otherwise known as democracy, gets lip service in our schools but is
seldom acted on in the real world of economic and political power.
Those who enjoy the freedom to design for others seldom give it away.
The more enlightened among the owners may make token offerings of
involvement:  they have learned that there is greater power (as, for
example, the Pacific Northwest Indian chief knew) in appearing to
surrender power in a way that ultimately buys compliance.  But
genuinely sharing design responsibilities?  This is a real threat to
the hegemony that determines our cyberspace possibilities, and the
owners of the means know it.

Still, this principal is one that the rest of us, who do not own the
networks and the technology (machinery and organization) behind the
networks, cannot cease to invoke.  It is our one way out of a
technological trap that otherwise binds us tighter and tighter to the
prerogatives of the already powerful.  If we have to sing the song, at
least let us write the lyrics.

------------------------------

Date: Wed, 7 Aug 91 20:11:05 CDT
From: edtjda@MAGIC322.CHRON.COM(Joe Abernathy)
Subject: text of chron-spacemail

             Electronic mail beams shuttle's message home
                  8/5/91, Houston Chronicle, Page 1A

By JOE ABERNATHY and MARK CARREAU Copyright 1991, Houston Chronicle

Electronic mail networks, the message medium of the information age,
made their debut in the space age Sunday aboard the shuttle Atlantis
as part of an effort to develop a communications system for a future
space station.

Details of the test were being closely guarded because of concerns
over a possible hacker incident or "public free-for-all'' on the
nation's computer networks, according to one engineer involved with
the project. Privacy and medical ethics also loom large as issues.

Astronauts Shannon Lucid and James Adamson conducted the first
experiment with the e-mail system on Sunday afternoon, exchanging a
test message with Marcia Ivins, the shuttle communicator at Johnston
Space Center.

The connection flickered out of focus after only a few minutes because
of alignment problems with one of the satellites in the communications
link, according to the flight director at JSC.

The messages follow a winding path from the shuttle, to a satellite in
NASA's Tracking Data Relay Satellite System, to the main TDRSS ground
station in White Sands, New Mexico, back up to a commercial
communications satellite, then down to Houston, where they enter one
or more computer networks.

Further tests of the system will be conducted on each remaining day of
the flight, which continues through Sunday.

The shuttle tests are part of a larger project to develop computer and
communications systems for the space station Freedom, which the agency
plans to assemble during the late 1990s.

"These are all steps toward that goal, how we work in space,'' said
Byron Han of Apple Computer, whose machines are being used for this
stage of the experiment.

Electronic mail offers a new way for astronauts to stay in touch with
their families, Mission Control, and potentially, the millions of
people who use the nation's interlinked computer networks. It could
produce far-reaching change in the way scientists and others interact
with the space program.

Currently, only the shuttle communicator is allowed to talk with the
astronauts during a flight, except for a private medical conference
each day. E-mail could change that by letting any number of people
exchange information, while scientists and engineers on the ground
could assume direct control over their experiments in space.

One drawback is the potential for NASA to impose a virtual reign of
silence regarding sensitive information without anyone realizing that
such had been done.

E-mail, which is becoming commonplace in offices, is simply the
transmission of messages via computers to one or more people, using
electronic addresses. Users linked to the right networks can send
electronic messages or other data to specific recipients nearly
anywhere in the world ^-and now to space.

Han and fellow Apple employees Michael Silver and James Beninghaus
have donated their time to the project.  They are using low-cost,
commercially available products, rather than the costly custom
products often used in science.

The e-mail will play a role in controlling experiments, electronic
flight information, and transfer of experiment results to the ground,
Han said, as well as sending data up to the shuttle.

In the future, the system might be used to transmit and manipulate
information from the many medical experiments NASA conducts. But this
raises a number of problems regarding privacy and medical ethics.

For example, one experiment in this flight seeks to correct a
blood-flow problem associated with weightlessness that causes some
astronauts to faint upon their return to Earth.

But this experiment is being monitored with the same Apple computer
that is playing host to the e-mail system.  Even though the results
aren't being transmitted over computer networks this time, they might
be next time ^-and computer networks are notoriously insecure.

Inquisitive computer enthusiasts -- hackers -- are in fact one of
NASA's chief concerns in regard to the use of electronic mail.

The space agency initially sought to conduct the tests without
publicity, but word quickly percolated around the nation's computer
networks -- perhaps indicating that the concerns were justified.

A chorus of calls was heard requesting the e-mail address of the
astronauts -- but that raised another problem more pressing than any
threat from malicious hacking, that of capacity.

"We have things we need to accomplish with the limited amount of time
we have, and we do have a very limited amount of data we can move
between Mission Control and the orbiter,'' said Deborah Muratore, an
engineer in the space station support office at Johnson Space Center
and the experiment manager.

In addition to voice communication, the shuttles are equipped with
Teletype and fax machines for the transmission and reception of
printed material and even photo graphs.

"Conceivably, everything they move that way could be moved from
computer to computer,'' Muratore said. "From a space station
standpoint it would be much preferable to transfer the information
electronically without paper in the loop the way we do today on the
shuttle.''

"Paper is going to be a limited resource, something that has to be
thrown away or reused on the space station,'' she said. "It becomes
trash. So the more we can eliminate on the space station the better
off we are.''

The current experiment does not represent the first time that
civilians have had a direct communications link with those in space.
Since January, the Soviet space station Mir has maintained a "mail
drop'' for ham radio operators to use in leaving messages for the
cosmonauts.

"It's very similar'' in function, said Gary Morris, a former member of
the Johnson Space Center Amateur Radio Club who now lives in San
Diego. "The packet bulletin board system on Mir allows an amateur (ham
radio operator) on the ground to leave mail messages.

"What they're doing with the Mac is different in that they're going
through the whole (electronic mail) network.  It's much more
complex.''

Sidebar:

Send mail to Atlantis

Computer users who presently have an electronic mail address of their
own can send electronic mail to the crew of the shuttle Atlantis.

The address to which your comments should be sent is:

          atlantis@applelink.apple.com

If you don't understand how to use this address, ask the administrator
of your online system to explain the proce dure and etiquette for
sending Internet-style mail.

Because of concerns over security, privacy and capacity, NASA has not
revealed the specifics of the Atlantis e-mail experiment, but the
information leaked out on the nation's computer networks. The e-mail
address is being provided unofficially to accommodate the resulting
flurry of inquiries. Using it sends mail to an earthbound network,
not Atlantis itself, so capacity is not a concern.

It is not known whether the astronauts will read their electronic mail
while they are in space, or wait until they return.

Atlantis is commanded by Air Force Col. John Blaha. His crew includes
pilot Mike Baker, a Navy commander; flight engineer David Low;
biochemist Shannon Lucid; and Army Col. James Adamson.

Joe Abernathy

((Moderator's note: We send a message to the listed address and
have not yet received a response))

------------------------------

Date: Sun, 4 Aug 91 23:26:21 cdt
From: sjackson@TIC.COM(Steve Jackson)
Subject: Reply to Gene Spafford

I was sorry to see Gene Spafford's comments in CuD 3.24. Can anything
be more divisive, more likely to widen the gulf between the talented
outlaw and the rest of the electronic community, than to say that the
ex-cracker will NEVER be allowed to use his skills honestly? What
happened to "paying your debt" and re-entering society? Never mind
that some of these people have never been charged with any crime, let
alone convicted!

Spafford says that "to prefer confessed crackers over honorable
professionals is quite an insult." It can't possibly be an insult
unless the so-called professionals have equal or better skills. And
perhaps they don't! Given their backgrounds, there's every reason to
think that Comsec can provide valuable advice to those who will
listen.  If not, they'll soon vanish from the marketplace. But Dr.
Spafford would deny them the chance to compete. He thinks that
Comsec's attempt to use their skills honestly is an "insult,"
regardless of how great those skills might be, and anyone utilizing
them is a traitor to the legitimate establishment.

Spafford's argument can just as easily embrace the proposition that NO
ex-criminal should ever be hired for ANY job. To his credit, he
expressly denies that he'd go that far. But it follows from his logic.
Why not just brand their foreheads with a big red H, and cut off their
thumbs so they can't type?

By contrast, Gail Thackeray, who has talked on both sides of the Evil
Hacker issue, now takes a stand in the clearest possible way. I
applaud her part in the Majette sentencing. She didn't ask for
revenge; she didn't try to "make an example"; she didn't exaggerate
Majette's exploits and grab press. She calmly pointed out that he
wasn't dangerous and wasn't the criminal type outside of this
particular behavior, and asked for a rehabilitative sentence. And the
judge agreed with her. Thanks, Gail. I hope your peers notice, too.

------------------------------

From: The Moderators'
Subject: Estimates on virus activity
Date: 16 Apr 91 23:52:15 EDT

This newspaper clipping was recently submitted to CuD.  Despite the
lack of source or date, it is interesting as an illustration of
"industry" estimates of virus infection rates, an activity that is
often blamed on the CU.   If the estimates presented as fact in this
article are correct, we should see 104 new viruses introduced in 1991.
The assertions made in this article are not unlike those often made
by so-called "hacker experts".  While we make no claim as to the
accuracy, or inaccuracy, of the information discussed in this article
it does raise some questions concerning methodology, results, and
definitions of terms when conducting research on marginal activities.

+++++++++++++++++++++++++++++++++++++++++++++++++

"Computer virus infections continue to grow, multiply"
From: _Compute-It_
Bart Ziegler
AP business writer

[This appears to be a syndicated AP column, although no date is given on
the clipping we were sent it is thought to be from Feb-April 1991.]

NEW YORK -  The threat of computer viruses continues to grow as existing
viruses multiply and computer marauders introduce new varieties at the
rate of two a week, computer experts say.

The destructive invaders infect more than one-quarter of major U.S.
personal computer users each month, according to a survey released...in
conjunction with a computer virus conference.

Viruses are multiplying so rapidly that by the end of the year, nearly
every major U.S. company that is a heavy user of personal computers will
experience a virus infection once a month, predicted Peter Tippett, a
computer virus consultant.

The attacks are growing because viruses are multiplying exponentially as
they spread among computer networks and shared software, Tippett said.

In addition, he told a news conference, "There are more and more people
writing more and more viruses all the time."

[stuff omitted about viruses, bulletin boards, and the Jerusalem virus]

"People write computer viruses mainly for sport, I believe," said
Tippett, who released a survey of major personal computer users
conducted by his software company, Certus International Corp. of
Cleveland, Ohio.

The telephone survey was conducted earlier this month, aimed at computer
security and support employees at 150 companies and government agencies
with more than 400 personal computers installed.

Half the respondents said they had had a virus infection at least
once, 26 percent had an infection during January 1991, and 13 percent
said they had had at least one attack so severe it crippled at least 25
computers at once, Tippett said.

(...)

Tippett, a former biological researcher with a medical degree, said
viruses mimic the growth of their biological namesakes.  He projects
that by the end of this year, most companies with 400 or more personal
computers will have a virus attack once a month.

(...)

Among preventive measures are special anti-viral programs that inoculate
computers from known viruses or alert computer users to the presence of
these invaders.

But Tippett says that does little to block the spread of new viruses,
which he says are created all the time.  What is more important is
greater control over the sharing of software, he said.

International Business Machines Corp., the largest personal computer
maker, disputed Tippett's dire forecasts. ... IBM said...that using
atni-viral programs to detect known viruses is more effective than
Tippett asserts.  It also said that the rate viruses spread is slower
than Tippett claims because the sharing of software is not as widespread
as Tippett assumed for his projections.

------------------------------

Date:    28 May 91  12:19:12 bst
From:    P.A.Taylor <EJPA09@uk.ac.edinburgh.emas-a>
Subject: Research Analysis

 Here is a selective and very rough analysis of the questionnaire you  %
 answered.
 It is from the first 50 responses out of a total of just under 200.
 A full analysis will be distributed when the target of 3-400 responses is
 achieved.

 Q1. Gender: 1 female respondent out of 50 (2 out of 200).

 Q7. Security of respondent's computer environment:
     Too strict - 0%
     Adequate   -62%
     Lax        -26%

 Q9. Length of professional experience: 38% - over 10 years.

 Q11. Serious interest in computing: 68% - over 10 years.

 Q12. Nature of interest: mainly professional 28%
                          Professional and Recreational 72%

 Q13. Experience of: Malicious hack/harmless browse/viral incident.
                     All of these 26%
                     None         16%

 Q14. Number of times: 0-5 - 60%
                       6-10- 6%
                       10 -> 20%

 Q15. What was it? : virus - 38%
                     worm  - 16%
                     Trojan- 18%

 Q16. How serious? : very -  6%
                     not very - 42%
                     not at all serious - 38%
                     combination of these -14%

 Q18. Non-destructive access to data - crime?
                      yes - 42%
                      no  - 20%
                      don't know 38%

 Q19. Happy with current legislation?
                      yes, about right - 12%
                      no, it's too draconian - 38%
                      Not strong enough - 18%
                      Don't know - 32%

 Q20. More professional structure to computing industry needed?
                      yes  -30%
                      no   -40%
                      don't know -30%

 Q21. Greatest threat to security?
                      insiders  -70%
                      outsiders -8%
                      about the same - 18%
                      don't know  -4%

 Q22. Viruses - potentially useful?
                      yes  -40%
                      no   -42%
                      don't know 18%

 Q23. Benefits to System Breaking?
                      yes  -60%
                      no   -28%
                      don't know -12%

 Q24. Knowledge of Cyberpunk?
                      yes  -64%
                      no   -36%

 Q25. Future trends of viruses?
                      increase  -64%
                      decrease  -10%
                      stay the same -26%

A complete analysis will be coming soon.

------------------------------

Date: Sun, 04 Aug 91 12:22:57 -0400
From: emv@MSEN.COM
Subject: CFV:  comp.patents, misc.legal.computing and misc.int-property

For those of who don't read news.announce.newgroups, here's a set of
proposal for some new newsgroups.  Voting continues to the end of the
month.

A group for the discussion of issues related to patents and their
relationship to computer technology (hardware and software); Peter
Treloar, University of Sydney, is moderator.

A group for the discussion of the legal aspects of computers, or
places where computers or computer users bump into the law.  This
charter is very broad, and the group is unmoderated.

A group for the discussion of intellectual property rights, that is to
say the field clustering around the notions of patents, copyrights,
trade secrets, or other rights and benefits retained by the original
producer of a creative work.  The group is unmoderated.

To vote you may reply to this message.  Using this suggested text will
let the votes be counted quickly and painlessly.

   To: patents-vote@msen.com
   Subject: vote

   vote yes/no/abstain comp.patents
   vote yes/no/abstain misc.legal.computing
   vote yes/no/abstain misc.int-property
   quit

Vote early and often!  (But be sure to vote either yes, or no, or
abstain;
votes for "yes/no/abstain" will be sent back...)  Early returns have been
generally positive.

--
Edward Vielmetti, vice president for research, MSEN Inc. emv@msen.com
      MSEN Inc., 628 Brooks, Ann Arbor MI  48103 +1 313 741 1120
for more information on MSEN products and services contact info@msen.com

------------------------------

End of Computer Underground Digest #3.29
************************************