Computer underground Digest Sun, Nov 16, 1991 Volume 3 : Issue 41 Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) CONTENTS, #3.41 ( November 16, 1991) File 1--Moderators' Corner File 2--"CRIME IN CYBERSPACE" Panel Discussion File 3--Bill Cook's opening statement in the Neidorf trial Issues of CuD can be found in the Usenet alt.society.cu-digest news group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414) 789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.132), chsun1.spc.uchicago.edu, and ftp.ee.mu.oz.au. To use the U. of Chicago email server, send mail with the subject "help" (without the quotes) to archive-server@chsun1.spc.uchicago.edu. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Thu, 16 Nov 91 9:39:58 EST From: Moderators <tk0jut2@mvs.cso.niu.edu> Subject: File 1--Moderators' Corner ------------------------------ Date: Thu, 16 Nov 91 9:39:58 EST From: Moderators <tk0jut2@mvs.cso.niu.edu> Subject: File 2--"CRIME IN CYBERSPACE" Panel Discussion The CuD moderators, Mike Godwin of the Electronic Frontier Foundation, and several other prominent scholars will participate in a panel on "CRIME IN CYBERSPACE" at the American Criminological Society annual meetings in San Francisco on Friday, November 22. Their session will be in the Yorkshire Room of the St. Francis hotel from 1:15 to 2:45. For more information, contact: Jim Thomas (jthomas@well.sf.ca.us or (815) 756-3839). The complete session: Chair: Gordon Meyer: Co-editor Computer underground Digest Mike Godwin (Staff Attorney, Electronic Frontier Foundation): "Criminal law and the computer youth culture" Richard C. Hollinger (University of Florida): "Hackers, Crackers, and Pirates: Rethinking Social Control" Lee Tien (University of California, Berkeley): "Folk Notions of Property & Privacy in the Information Society" Jim Thomas (Northern Illinois University): "From Disk to Discourse: The Images of Techno-Evil" Gary T. Marx (Department of Urban Studies and Planning): Discussant Albrecht Funk (University of Hamburg): Discussant ------------------------------ Date: Thu, 16 Nov 91 9:39:58 EST From: Moderators <tk0jut2@mvs.cso.niu.edu> Subject: File 3--Bill Cook's opening statement in the Neidorf trial JURORS: Good morning. MR. COOK: My name is Bill Cook. I'm an Assistant United States Attorney. I am going to be substantially aided in this prosecution by Colleen Coughlin, who is an Assistant United States Attorney, and Dave Glockner, who is also an Assistant United States Attorney. We will be having Special Agent Tim Foley of the United States Secret Service working with us. He is sitting at the trial table with us. In 1876, the first telephone communication ever made was: "Mr. Watson, come here, I want you". That was also the very first emergency telephone call ever made. Since that time, the telephone company has, obviously, sophisticated their operation to a large degree so that where we stand today in 1990, we are the beneficiaries of what is known as the Enhanced 911 system. That system is a life line for every person certainly in the Southern Bell region of the United States. It's taken for granted. It is an extensively developed system. You're going to hear a great deal of information about the development of that system and the architecture that that system is based upon. It is built on computers from bottom to top. In 1988, a road map to that computer system, that life line, was stolen from a computer in Atlanta, Georgia, by a man by the name of Robert Riggs, who is a member of an organization known as the Legion of Doom. That document, with its proprietary markings, its warnings on it, and the clear indications that it was the property of BellSouth, was transferred electronically to Mr. Craig Neidorf, the defendant here, seated right here. Mr. Riggs is a hacker, a person that breaks into computers. He answers to no one but his own ability to get into those computers. We anticipate that the evidence will show that in February of 1989, Mr. Neidorf published that extensive road map to the life line of the entire hacker community so far as he was able to determine it and define it. In many respects, I submit to you that this is not going to be a, "Whodunit", or "What was done?". There are two sets of violations charged in the indictment. Very briefly, they are the interstate transportation of stolen property and what is referred to in legal jargon as a wire fraud. With respect to the interstate transportation of stolen property, the evidence will show that Mr. Neidorf admitted to receiving the stolen property, the stolen E911 text file from Robert Riggs. He further admitted to Agent Foley that at the time he received the document, he knew it was stolen. With respect to the wire fraud the evidence will show that the wire fraud was really an outgrowth of what you are going to be hearing about and what will be described as the Phoenix Project, an effort by Mr. Neidorf to consolidate a group of hackers. The object of that wire fraud scheme was extensive, but it included providing hackers with information about how to crack into other people's computers, soliciting them to try to provide him articles, articles for his publication PHRACK newsletter which he would then distribute to other hackers. The evidence will also show that Mr. Riggs knew of the hacker activities, the break-ins that were occurring as he would follow along with their activities. In that respect, he was almost a "hacker groupie", except a groupie that sought to be in control and direct many of the operations. He received stolen property, property stolen from computers, stored on computers. Now, just one more set of observations about the indictment and the format of the indictment, and then I'll move on to what some of our more immediate concerns might be. = . = . = . = MR. Cook: Mr. Neidorf is charged in each count of the indictment, except for the first count here. The coding here is this is the second count of the indictment on down to Count Eleven. These are the approximate dates that the violations or the activities occured that are alleged in the indictment. Specifically, in the second, the second count of the indictment alleges that on July 22, 1988 as part of the wire fraud scheme, Mr. Neidorf generated an issue of PHRACK World News in which he announced the instigation of the Phoenix Project, the Phoenix Project because it had been a year since the 1987, in their parlance, collapse of the computer world by virtue of a series of law enforcement raids. Mr. Neidorf announced here that he wanted the hacker community to come together again to be more effective than ever. The next activity is the third count of the indictment, September 19, 1988, a wire fraud allegation again, E-mail, electronic mail, generated from Mr. Neidorf to Mr. Riggs and Mr. Scott O, a computer hacker. This electronic mail, this electronic mail here also, these are efforts by Mr. Neidorf reaching out to consolidate, identify and pull together a group of hackers that he could be working with for the publication of PHRACK, people that would supply him with information and articles, and, as it turned out, people that in fact, supplied him with stolen information, stolen from computers. These allegations refer more directly to the interstate transportation and movement and file transfers of the E911 text file. Count Seven refers to the publication of a series of computer articles that deal with how to break into a UNIX operating system. Counts Eight and Nine refer to the text file being sent from Neidorf back to Riggs, from Neidorf in Missouri to Riggs who was physically in Atlanta, but who used the bulletin board, computer bulletin board, in Lockport, Illinois, sending it back for review and to make sure that Neidorf had done an adequate job of concealing the nature of the file fro the point of view not the contents so much of the file, but concealing where Riggs had stolen it from to protect Riggs, and, to a large degree, to protect himself so that it couldn't be identified exactly where the document had been stolen from. Finally, we have the publication of the E911 text file in the PHRACK newsletter by Mr. Neidorf. you will be seeing the indictment in the jury room as you deliberate. This is just an overview to give you an overfocus of where the allegations are going to fall and the types of information that you are going to be hearing about. Now, if I were you, if I were you, I would be sitting there, as some of you may be, thinking to myself, "What have I gotten myself in for? He's talking about computers. He's talking about operating systems. Whooooaaaa!" First of all, you don't need to be a computer user, or a computer ace, to understand what this case is going to be about. It really deals with, in its most essential form, stealing property and transferring property, the interstate transportation of stolen property. So it's a simple stealing and a simple fraudulent taking, taking by deception. But it just involves some relatively high-tech tools. Don't let the tools confuse you from the fact of the taking and the bottom-line information. I'm telling you to relax about the computer jargon. There are several concepts that we're going to be talking about here. What I'm going to give you is a kind of a lawyer's description. That is supposed to let you know that it is far from an expert's opinion on some of the things you're going to be hearing. (Blackboard) Well, let's talk about some of the technology that's involved, and see if we can't make ourselves more comfortable with it. I referred to the UNIX operating system. UNIX...U-N-I-X. What is that? Well, computers speak a language. Computers speak the language that the people that built the computer want them to speak, or they speak the language that the people that run the computer want it to speak. Sometimes computers can be set up so that you can have them speak several different languages. UNIX is just a language. It is just the language that the computer speaks. It talks UNIX. Some of you talk about MS/DOS. It's a microsoft disk operating system. Forget it! It's just the language that the computer speaks. (Blackboard) Now, this is a theft of information. You are gong to be coming in contact with the concept that when you take information from a computer, what you really do is you order the computer to make a duplicate original o what its memory is or what it contains with respect to that particular item. And when you are asking the computer to send that information to you, you are doing a file transfer. I'll get to that later. You are just telling the computer to send it to you. What the computer sends to you is a copy. It's an exact copy in every respect of the original information on the computer. So the value of the property comes from the fact that it contains information. There is an expression that, "Information is power". It is only power if it's communicated. That's where the value of information comes from in our society. Certain types of information are protected by companies. They are reasonably protected by companies, especially when they become sensitive. The E911 road map and the information about where all the stops along the way are, that was a sensitive piece of information. You're going to be hearing about the protections that BellSouth put on that information, and the efforts that they made to safeguard it. So when the information is stolen, what is stolen is a copy of the information. You will be receiving further instructions from the judge on all that. So it is the information that is being stolen. (Blackboard) Now, the next concept--I talked about protection--file transfers. File transfers. Here's a riddle for you: "Why is a file transfer the same as a high school graduation?" Here's the answer. When you hear about this, think about a high school graduation. They call your name from the audience. You come up to the stirs, probably by the path that the nun ordered you to take to get to the stage, and you had better not vary from the path. You follow that route up to the stage, across the stage, and a file transfer takes place at center stage in the auditorium. You reach out, you shake hands with the principal, and with the other hand, after you have shaken hands with the principal, you receive your diploma, or you receive your information, you receive your file. That's really all a file transfer is on a computer. You come up, you are ordered, someone in a remote location, the principal in this case, calls your name, you come up to the stage, you are the computer on one side and he is the computer on the other side. You shake hands. And in the computer world, all that means is that you are able to communicate. It's actually called that. It is called a "handshake relationship" with another computer. There are some other words, like "protocol" and things like that, but, really, it is just a handshake relationship with another computer. After the handshake is there and the principal recognizes you to be the problem kid that he's glad to get rid of--he didn't like you--then he gives you the file. That's the file transfer. It is no different transferring information from one computer to another. (Blackboard) Computer network. Well, that is probably a pretty easy concept to get hold of these days. It is really not much different than with your televisions, especially if you have cable television where you have some designated programming and it comes in to your machine, your television in this case. Of course, the difference is with cable television as opposed to a computer, with the computer you are able to have more of an interchange with the TV and what is going on with the program. So don't be concerned about the network idea. Keep in mind the idea of a cable coming into your computer as part of a centralized system. That is really all the network is, a series of computers joined together. In the case of BellSouth, you are going to see that that is a very expensive computer network. In order to provide service to their customers, they hang a lot of computers on that network, computers that do different things, computers that keep track of where the people that are using the phones are at, computers that keep track of what telephone number goes with what address, computers that keep track of the switches, the computer switches. Now, that's another concept I'll talk about for a second. (Chart) When people think of computer switches, they are telephone switches. The concept of a lady at the switchboard always comes to mind with a knob here that goes to a hole up here, connecting one person to another person. Today, all of that is done by high-speed computers, high-speed switches. They are electrical. Because they are electrical, they are referred to as ESS. All this means is an electronic switch. This is a computer. This computer has the memory of how to get the numbers that are diales to the phone that corresponds with those numbers. These computers also have the information about how to get your call all the way across the country, which route are we going to take to get there, which road are we going to take. The Enhanced 911 system was built on these computers. Part of the reason was because of the high speed that is involved. You can get the emergency call through faster if it goes like thing. Now, the switches at various areas: Switch 1, Switch 2. This is the first switch we produced, Switch 1. And the second switch we produced, Switch 2. The fifth switch, Switch 5. When they increased the capabilities of those switches, the way they kept track of which switch they were talking about was to label the switches: 1 or 1A, 2, 3, 4, 5, a fairly easy way to keep track of the switch development. But the idea is that all electronic switches operate essentially the same. So if you have the key to get into this (indicating), you have the keys to get into them all. The evidence will show that the hackers in the BellSouth Region had the keys to get into them for a period of time. Now, another question, a riddle: "Why is computer security like a hotel?" Mr. Garcia is going to be explaining that to you. Actually, it's a lot like staying in a private hotel. In the case of the computers at BellSouth, the computers that drive the E911 system and support the phone company system aren't known to the public. They are unpublished numbers. They have their own network. The network, to be sure, has interlinks with the private sector and can be reached by field people in the telephone company, but it is really a closed system. It is designed to be for protection. So the hotel, the computer, is not known to the outside world. Where the door is is not known to the outside world. When you walk into the hotel, it's like if you try to walk into a hotel in downtown Chicago. If you go to the desk and ask them, you know, "I want to have Joe Jones' room". Well, first of all you say: "I want to see Mr. Jones." "Well, we can't tell you if he's here." "Well, if you tell me he's here, I want to talk to him. I want to speak to him. Give me his room number. "Well, we're not going to give you his room number. You are going to have to call him on the house phone and he'll have to verify that you're somebody he knows." So there are a series of checks that are set up inside the system. But once you get inside the hotel, you can make contact with Jones. And you will see, just as in real life, you have a number of people at one hotel. You will have people going back and forth in the hotel. And the person that runs the hotel assumes that they're all there for good valid reasons. He's not going to do anything but just a cursory check to make sure that everything is still in order. It is really the same thing and the same principle is involved if you are the system administrator on one of these computers. You are in the position, in the shoes, of the hotel operator, the guy that runs the hotel or the lady that runs the hotel. You make sure that the right people show the right credentials to get in and you exercise and upfront control. You also exercise control over some of the common spaces. You make sure the halls are lit. You make sure that things aren't being badly destroyed to the best of your knowledge, although you don't know always what's going on inside each of the rooms. It's very much the same. So when you hear a person talk about running a system or computer system security, think to the analogy of being a hotel operator. We have a man, Mr. Garcia, from BellSouth, who will be testifying to that and to that analogy, and I think you'll find it most interesting. (Blackboard) Text file. You will hear a lot about that. That is probably a new term for you when you walked in: text file. Just think of it as a book or a pamphlet stored on a computer. That's it. That's the end of the mystery. A book or a pamphlet stored on a computer. But because it is stored on a computer, it can be copied if you can get into the computer. That's what happened here. (Blackboard) BBS. It means bulletin board system. Sometimes it will have a "C" in front of it. All that means is computer bulletin board system. Now, here's my analogy to that. The computer bulletin board system is a lot like a private high school where you have to have permission to get in the front door. And the people that run the high school have to give you permission to get into their private location. But once you get into their private high school and as you walk through, one of the first things that meets you as you walk into the private high school is a bulletin board with messages posted on it. And what you will also see along the sides of it are going to be lockers, student lockers. The principal bulletin board that you are going to be hearing about during the course of this case is the Jolnet bulletin board in Lockport, Illinois. The Jolnet bulletin board in Lockport, Illinois, acted as a central clearing house for the information that was being sent from Riggs in Atlanta to Neidorf in Missouri. To carry the analogy a little further, the evidence is going to show that Riggs used the bulletin board. He used it under a false name which he used to disguise his real identity. He use it under the name of Robert Johnson instead of Robert Riggs. He had authorization to use the bulletin board section where you post messages generally, and he also had a storage locker on the bulletin board, on of those lockers along the wall in a high school, where he thought he could safely store the text file, the E911 text file that he had stolen. The evidence is going to be, though, that law enforcement, Hank Kluepfel, found out about it. Mr. Kluepfel's efforts to get into and to use Jolnet in that storage area will be testified by Mr. Kluepfel. But the only thing we need to remember here at this point is that the information was stored in Lockport, Illinois. That is where the private high school is located. It was stored in the locker of a private high school in Lockport. But because computer technology is the way it is, Riggs is able to transfer the file by E-mail or a file transfer down to Neidorf in the computers at the University of Missouri. Again, this analogy is not quite the same as the bulletin board, but the University of Missouri has a capability there at the university to allow students to have essentially a locker on their computer system where Neidorf generated PHRACK Magazine from. Just a final note of reassurance. As we go through the evidence here, we are going to try to have the witnesses explain as each step progresses what the technology is again. So hang in there and listen with an open mind, as I know you will anyhow, listen to the explanations of the technology. (Chart) The evidence in this case is going to show that the text file that was stolen here described in vivid detail each of the locations along the E911 path to an emergency call. It's going to show and it did show the central location and the central significance of two places. When an emergency call is made in the BellSouth area, BellSouth region--it is really the area geographically that southerners describe as "Ol' Dixie"--when an emergency call is made there, it goes to a thing called a PSAP, public safety access point. The public safety access point is the one that is in direct communication on secure lines with the fire, police, and ambulance. Under the old 911 system, the old emergency dialing system, the call would come in, and they would have to trace it back to the origin in many cases. You have a situation potentially where someone would call, perhaps a child, and say, "My dad's hurt", and before the operator could talk to the child, they hang up the phone. The child, of course, figures, "Well, I called them. I told them y dad was hurt. They'll e here". So it is, obviously, not that easy. Under the old 911 system, a complicated tracing procedure had - 20 - to be established. They had to try to find out where the call had come from, and it's all done in an emergency posture. Now comes Enhanced 911. You will hear the lady that is operating that system, or operated it for the balance of time involved in this case. You will also hear from the man, Richard Helms, that brought all the pieces together for the bellSouth region, and put them in one central location so that all the phone companies supporting the 911 system, the Enhanced 911 system, would all be on board and be working with the same game plan, never thinking that that game plan was going to be over over to hackers. The Enhanced 911 gives you this capability within three to five seconds of the time that the person picks up an emergency call and that 911 is entered in, sometimes even before the person at the public safety access point can pick up the phone. The computers that drive the 911 system have done this: They have gone, in this case, to the remote location in Sunrise, Florida, where the back-up systems and the support systems for the control, the maintenance and the operation of 911 are kept, and it has pulled up all kinds of information about the person making the call. When the person picks up the phone, it's connected wit police, fire and ambulance. They have a TV monitor in front of them or a computer monitory, if you will, which has all kinds of information. It has the name of the caller or the people that the are known to be at the calling address. It will have location information with respect to where the closest department is, fire department, police department, to that person. It will also contain information in their computer storage banks about special problems that may exist. If it's a business, if it's a business involving chemicals, the fact that those chemicals are explosive will be reflected on that screen. If it is a private home, if there is a handicapped person there, it will be reflected on that screen. And it's all done within a matter of three to five seconds. They have it captured there. That is what Enhanced 911 is about. That's the system that Robert Riggs stole: how that all works together, and how the computers at BellSouth support that kind of capability, consistent with the telephone company's long history, going back to that first phone call, "watson, I want you", their tradition of providing emergency services as the first priority of the phone system. You will be hearing from essentially three groups of witnesses. You will be hearing from people at bellSouth that will tell you about the steps taken to protect the system. They will tell you about the way the file was defined. They will also tell you that at the same time that they were having these problems with 911 in terms of the los of the file, at the same window, they recognized that there was a larger problem throughout the network as a result of hacker intrusions, that there were a series of bellSouth computers along the network that had been attacked or were under attack. Some of those computers included the ESS switches. They recognized that the Enhanced 911 theft was a symptom of a disease. The disease was the hackers into switches, and they took remedial steps. They started out slowly to try to identify it, and then they rapidly expanded, trying to solve the disease along with the problem of E911. So you will hear from the BellSouth people. You are also going to be hearing from three members of the Legion of Doom, three hackers. You're going to be hearing from Robert Riggs, Frank Darden and Adam Grant. They have hacker handles. These hacker handles sometimes seem to get to be a little on the colorful side, a little bit like "CB" handles. You are going to be hearing the testimony of the hackers. You're going to be hearing the testimony of Robert Riggs who will testify that Mr. Neidorf had been after him to give him information to put into PHRACK, this hacker newsletter. That when Riggs had broken into the AIMS-X computer in BellSouth, he saw on that AIMX-X computer at BellSouth the 911 text file. You're going to hear that he contacted Neidorf in advance, that in that advance conversation or communication, he advised Neidorf that he had the text file, he was sending him the text file to put in PHRACK, that he had gotten it from an unauthorized account that he had on the BellSouth computer. Essentially, what he told Neidorf is, "This is a stolen piece of material you're getting". He indicated to Neidorf and Neidorf agreed...first, he agreed to take the stolen property, and he agreed to disguise the identity of the stolen property to some degree so that it wouldn't run off on Riggs. Riggs' name wouldn't appear on the file when it was published in PHRACK. He would try to disguise some of the indiations that it was stolen from the BellSouth area...Neidorf would. You will hear evidence that that is exactly what Neidorf did to some degree or another. You will hear evidence bout Neidorf seeing and noting the proprietary warnings that made it clear that this was stolen property belonging to BellSouth. He even made a joke of it. He put a little, "Whoops"next to it when he sent it back to Riggs because he didn't want BellSouth to know that he was inside their computers. You're also going to hear evidence that Riggs was never satisfied with the final result that Neidorf had because it always contained too much information even for Riggs. But the E911 system, the text file and the road map, was published by Neidorf all the same. You are going to be hearing from Agent Foley who will testify that he talked to Neidorf about this at his fraternity house at the University of Missouri. Neidorf said he has freedom of expression. That was his response to Foley: Freedom of expression to publish it in PHRACK. The First Amendment can't be used as a defense to theft. When you steal something, you can't claim that coming up the back door, the First Amendment protected you. You will be hearing from Agent Foley though that as part of this discussion with Mr. Neidorf, Mr. Neidorf, in fact, admitted that he knew the file was stolen, the text file was stolen, and he published it in PHRACK. He also turns over to Foley a hacker tutorial, a hacker lesson to other hackers on how to break into the ESS switches. He turns that over. The evidence will also indicate that in addition to that stolen information was information about a stolen AT&T source code document. Here he goes again...source code! The source code program had a Trojan horse in it. It made it clear right on the face of it that it was a Trojan horse, a way of stealing passwords from a computer. I am going to have to pause here for a second to make sure that I reassure you again on the descriptions and the items we'll talk about. The source code is a type of language. It is kind of a way human beings write things down as a first step toward communicating with computers. They write it down in source code, which is directions. A rough analogy would be if I'm going to give you directions on how to get to my house. The source code for that kind of program might be something like: "Go to the door. "Open the door. "Go through the door. "Go forward to the sidewalk. "Go the the sidewalk and stop. "Stop at the sidewalk. Turn left. "After you turn left, start walking. Step by step by step progression along the way. That is kind of what the source code is about. You will hear, fortunately, a much better description of this from the witnesses on the stand. The source code program that was stolen here that Mr. Neidorf received, again, basically was clear from the face of the document that it was stolen. And, again, Mr. Neidorf transferred it out to somebody else. Again, stolen property was received and distributed in interstate commerce. The nature of this source code was that it would act a lot like a false front door to a computer, where you walk up to the false front door of the computer, you knock on the door, and somebody inside the door or inside the house says, "Who is it?" The person knocking on the door uses their secret word, or their name or an identifier, or it's recognized by the person inside the house: "My name is Joe Jones." "My name is Bill Cook." "My name is Colleen Coughlin." "My name is Tim Foley." Except with this door, it was a false door, and what it had the capability to do is it would record the information. It would record, "Bill Cook," "Joe Jones," "Colleen Coughlin," "Tim Foley". Those are the passwords to get into the house that a legitimate user of the house would use. But this Trojan horse, what it would do is it would store those, and after it had stored all that information, it would essentially disappear. And the person trying to get in the house would all of a sudden get a communication from the other side that would say, "I didn't hear you. Try it again". It would steal those passwords, and it would then put them in a private place where the hacker would come back whenever he wanted to, and just pick up the bucketful of passwords and log-ons, and use them to break into the same computer systems again and again, kind of an elaborate piced of scientific perversion but that is what it is about. That was the document that Mr. Neidorf also trafficked in as part of this fraud scheme. The final expert that you will probably hear from on the government's side is going to be a man from inside the phone company, a man who was with bell laboratories before he was with the phone company. His name is Mr. Williamson. Mr. Williamson will talk to you about the property, the property being the text file, and the way in which and the reason that the phone company protects this kind of property, this information. He will testify, we anticipate, to the obligations of the phone company, to the significance of the text file, along with other people, and the fact that the theft was the theft of critical information for the operation of that system, and that the proprietary markings made it clear to anyone who took it that that was stolen and that they didn't have authorization for that document. No matter what other information floating around about 911 that might be out there, this document was proprietary and contained the inside information about what this system was all about, and how an emergency call is driven from the point of someone picking up the receiver to the time when the help is actually generated from the fire, police and ambulance stations. As I've said before, it's that text file that Mr. Neidorf deliberately compromised into the hacker community. At the conclusion of this case, we are going to be coming back here and asing you to find a guilty verdict against Mr. Neidorf for the interstate transportation of that stolen text file both from the time he got it from Riggs, and it was sent from Rigs in Georgia to the bulletin-board in Lockport down to Neidorf at the University of Missouri, that's one interstate transportation of stolen property, and the interstate transportation of stolen property, that same stolen information back from Neidorf to Riggs in Lockport. In this situation, it was reviewing the stolen property to make sure that they could disguise themselves. And then the final interstate transportation of that stolen property when Mr. Neidorf compromised the text file into the hacker community. (end of excerpts / entire opening can be obtained from CuD ftp sites) ------------------------------ End of Computer Underground Digest #3.41 ************************************