Computer underground Digest Wed Oct 7, 1992 Volume 4 : Issue 49 Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivist: Dan Carosone Copy Editor: Etaion Jhrdleau, Sr. CONTENTS, #4.49 (Oct 7, 1992) File 1--Viruses--Facts and Myths File 2--Defense Conversion Hearing File 3--FBI Wiretap Scheme Examined File 4--Intl. Piracy File 5--SysLaw Announcement File 6--Cu News: Dept Store Fraud / "MY PC PAL" File 7--Brazilian Politics in Need of Encryption? File 8--Police Charge Toronto Teenager in 911 Case Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM; on Genie in the PF*NPC RT libraries; from America Online in the PC Telecom forum under "computing newsletters;" on the PC-EXEC BBS at (414) 789-4210; and by anonymous ftp from ftp.eff.org (192.88.144.4) and ftp.ee.mu.oz.au Back issues also may be obtained from the mail server at mailserv@batpad.lgb.ca.us European distributor: ComNet in Luxembourg BBS (++352) 466893. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: 25 Sep 92 00:57:29 From: The Dark Adept <drkadpt@DRKTOWR.CHI.IL.US> Subject: File 1--Viruses--Facts and Myths Viruses--Facts and Myths by The Dark Adept This whole virus thing is a joke. Let me tell you why: What is a virus? ---------------- A virus is a tiny program that attaches itself to other programs. It does in fact operate as a biological virus does. It finds a victim program and infects it with a copy of itself. Then when the victim program is unsuspectingly run, the virus now inside it is activated. At this point, it can do one of two things: infect another program, or cause mischief. What do viruses do? ------------------- Well, a number of things. Some erase your disks. Others print silly messages to your screen. In any case, a virus is not written like other programs are. It uses things that other programs normally don't. If your computer is infected by a virus, whenever you turn on the machine that virus is in the memory, and even if all it does is print "I want a cookie," it can still interfere with other programs since they don't expect it to be there. How do people catch viruses? ---------------------------- Yikes! Here's where all the rumors are! You cannot get a virus from a modem, a printer, a CRT, etc. Viruses only come from other programs. So, whenever you add a program to your hard disk or run one off of a floppy, you stand a chance of catching a virus. Data files (files that are not programs, like text for your wordprocessor) cannot contain viruses. Only programs can contain viruses. On IBM PC's, programs usually end in ".exe" or ".com" and are the files that you run. The programs are the only ones that can contain viruses. The only way to activate the virus is to run the program. Say for example you got a new program called "game.exe". You put it on your hard drive, but you never run it (i.e., you never tried it). Even if game.exe has a virus in it, you WILL NOT catch it. The program has to be run at least once to make the virus active. Another thing is batch files. These are files on IBM PC's that end in ".bat". These DO NOT contain viruses. However, .bat files run other programs. So if the .bat file runs a program that has a virus, the virus WILL be activated. The cause is NOT the .bat file, but the program that was run BY the .bat file. Tell me more about these things... ---------------------------------- Ok. Viruses can only be made for specific machines. By this I mean that a virus that infects IBM PC's will NOT be able to infect Macs. There may be a tiny tiny chance if your Mac is running something like an IBM Emulator that a virus may cause problems, but in general, if you have a non-IBM compatible computer, and you can't run IBM software, then you can't catch IBM viruses and vice-versa. For the most part, only personal computers (i.e., IBM PC's and Macs) are affected by viruses. On IBM's, they are usually limited to DOS, so if you are running Unix on a 386 you don't really need to worry (yet). However, various flaws in NFS security and other technical aspects of computers mean that viruses could someday appear in other types of computers. The reason why personal computers have this problem and others don't is because of how they are designed. Personal computers of the past were designed for one user running only one program. So, they could use all the memory since it wouldn't hurt anyone else. On a mainframe or a Unix system, the hardware (and software) know that many people will be using it, so they are only allowed to use the memory given to them, and if they try and use another section of memory, the computer stops them. Viruses need access to memory that they shouldn't have, and on a personal computer, there is nothing to stop them from getting it. How do I *avoid* viruses? ------------------------- That's like asking "how do I avoid VD?" The answer is "don't stick it in your slot unless you know where it's been." If you buy the software from a computer store, you don't have to worry. Once in a million there might be some type of problem, but in general, store purchased software will NEVER have a virus. If you copy a program from a buddy, then you might have to think twice. Where did he get it from? How many times has it been in someone else's computer? The same goes for software you download with a modem. The only way to complete ensure you never get a virus with 100% certainty is to allow no outside contact with your computer. This is called a "sterile environment" or a "Kosher komputer". This means that you cannot use disks in your computer that have been in other computers, and you cannot put any type of software in your computer that has not been purchased from a store. In other words, the only "safe software" is "no software". If you noticed, computer viruses operate a lot like biological viruses. In fact, they mostly operate like venereal disease. So look at viruses the same way as you would at VD. The only 100% assurance you have against infection is abstinence (from using outside programs and disks). If for some reason you cannot do this, then you must protect yourself. How do I protect myself? Is there a "computer condom"? ------------------------------------------------------- In a nutshell, the answer is NO NO NO!! Do not believe those ads for anti-virus this and that. It's crap. Like a condom, they *help* protect against infection, but there are no guarantees. Whenever you put something in your (disk) slot, you still run a chance of being infected - the "condom" may break or be infected itself. Well, what are the different types of protection available? ----------------------------------------------------------- There are 3 main types of "anti-virus" software available: o Scanners o Detectors o Removers +++Scanners+++ -------------- Each virus has what the anti-virus geeks call a "footprint". What this means is that there is a sequence of "characters" that uniquely identify the virus. For example, say someone gave you a book with no title or description or whatnot and said, "Can you tell me if this is Hamlet by Billy Shakespeare?" Being a virus wizard, you would say "Sure!" What you would do is then look at all the text for the words "to be or not to be". If you found them, then the book would be Hamlet. This is what virus scanners do. They are programmed with an identifying "phrase" or footprint for all known viruses. Then they look at each of your programs. If one of them contains "to be or not to be" then it means that the Hamlet virus has infected your program. Those of you who have drank your coffee this morning might realize that this doesn't help an awful lot. For one thing, what if the text isn't Hamlet but a review of Hamlet that has a sentence "Hamlet's soliloquy which begins with 'to be or not to be' is the most moving part of the play." Well, the virus scanner would see "to be or not to be" and think it is a virus! Of course, it would be wrong. Another thing is say I write a new virus, and the anti-virus cronies haven't seen it yet. Its footprint wouldn't be in the scanner. So the scanner wouldn't know it was a virus. A final problem is that the scanner will only really protect you if it scans the program *correctly* before you ever run it. Once you run it, if you haven't scanned it or the scanner didn't pick anything up, and there is a virus inside, you're toast. After you run the program, if you then run the scanner, sure it will pick it up, but that's like going to the doctor who tells you that you have the clap after you've got it. The scanner is most effective when used before ever running the program. It is also useful for giving your system a "check-up" every once in a while to make sure something didn't slip by. However, again, now you already have contracted the virus and now must worry about getting rid of it. So, if you're going to use a scanner, remember this: + You must have a current version so that the new footprints are in there. + It works best when you scan programs *BEFORE* they are run for the first time. + It might miss some or give you false results, so don't rely on it completely. +++Detectors+++ --------------- What the detectors do is watch for virus activity. For example, some viruses try and erase your hard disk. What a detector does is sit in the background and watches for an illegal or abnormal attempt to do something to the hard disk. Then all sorts of alarms and bells go off ("Warning Will Robinson! Warning!") and the detector tries to stop the virus from doing it. Some will also ask you if you want to allow whatever action is taking place since you might actually be trying to format your hard disk. Another thing that some detectors do is a checksum/byte count check on your files. Remember that a virus *adds* itself to another program. So what the detector does is make a list of all the programs on your drive and remembers what they look like. Then, when a virus changes one, the detector notices this, and gives you a warning like "Program games.exe failed checksum!" and asks you if you still want to run it. You must know that the detector only checks program files. It would be a real pain if every time you changed your term paper the detector went off. However, this is not a weakness since only program files can contain the viruses. It may seem that detectors are the answer, but they are not. Remember, the detector only detects virus activity. This means that you already have a virus running around in your system. It will help stop the damage, but the infection is already there. Another problem is that you must remember that the detector is hiding in the background watching. Some programs don't expect the detector to be there, and freak out (just like they don't expect the viruses to be there either). So the detector might interfere with other programs. The better detectors are well-written so as to avoid this, but even then there might be problems. So, if you are going to use a detector, remember this: + Detectors help stop damage caused by viruses. + If it detects virus activity, you are already infected. + You must buy a good one so that all types of virus activity are detected. + The detector may interfere with other programs. +++Removers+++ -------------- Also called "disinfectors." What these programs do is get rid of the virus infection in your computer. Once you have detected an infection, you have to get rid of it. However, like with cancer, that means cutting something out usually. Nine times out of ten, a disinfector will have to delete *ALL* the programs that are infected. Gone. Erased. Never to come back. Some can get out the virus without deleting files, but this is rare. It depends on how good the disinfector is and what type of virus it is. The remover is probably the most crucial piece of anti-virus software. So, if you are going to use a remover (and you should), remember this; + Files (maybe important ones) will be deleted, so you need backup copies of your software at all times (you should have this anyhow). Who makes this and where can I get it? What do *you* use? ---------------------------------------------------------- There are a lot of companies who make this type of software. I've tried a bunch, and my *personal* favorite is made by Central Point Software. It comes in two types of packages: + PC Tools Deluxe + Central Point Anti-Virus PC Tools deluxe has 2 main anti-virus items: PCBackup and VDefend. What PCBackup does is backup your hard drive. You should be doing this anyhow. What it also does, however, is there is an option to scan as it backs up. What this means is before it backs up the program, it checks it for a virus like a scanner would. This is important. Say you backup your disk every month. Then like 3 weeks later you find that your word processor and some other programs are infected by a virus. You disinfect your disk, and go to install the back up copies. What if the backups are infected? You're back to square one. PCBackup helps to ensure that your backups are virus-free. And, like I said under scanners, you need the current version. Well, good news. The data file where all the footprints are is updated regularly and can be obtained at no cost (last time I checked) from Central Point via modem. So you don't need to buy a new copy of PC Tools every month, just get the new footprint file. VDefend is a virus detector with a lot of neat options. It is also part of the PC Tools Deluxe package. PC Tools deluxe is a nice product and well written and I like it. If you like Norton's software, that is good, too, and so are many others. I just happen to prefer PC Tools. So, you get a lot more for your money than virus detection. Check it out at your software store. Now, the mother of all anti-virus software is Central Point Anti-Virus. This is a killer package. All you could want and more. I've used it a couple of times, but it is more than I need. Either I'm not paranoid or I'm too trusting. However, if you want state-of-the-art TopGrade A-1 anti-virus protection, this is it. It also has a disinfector built in and a lot of other goodies. Now, why do I prefer these packages? I'll be honest with you. A lot of the other anti-virus companies are in it strictly for the money. The bigger the virus scare, the more money they make. Remember the Michaelangelo virus? That was a load of crap. It was a simple virus. There are a lot more dangerous ones out there, and they are more widespread. These companies make *only* anti-virus packages, so they need the hype to survive. Central Point and a few others are not in the anti-virus industry per se. They are regular software companies who also offer anti-virus software. Their programming experience is more widespread than those who concentrate on viruses alone, and this means that their software should be better in general. Why? Well, look at it this way: Say you want to add an equalizer to your stereo. Now, do you want the salesperson to know about stereos in general, or just about equalizers? Shouldn't he know how equalizers interact with the rest of the system? A software company that creates various pieces of software will know how they interact and perform. Further, an investigation into the history of some of these companies, like McAfee and Associates, brings up questions about their competence in this type of work. I ask you to draw your own conclusions, but as a hint as to what I am referring, try and see what type of work McAfee was involved in before viruses. However, since I took a shot at McAfee, I must also state this: I have known people to use McAfee's software and be 100% satisfied with no complaints. They like McAfee's software and continue to use it. It works for them and meets their needs. I hate both McAfee and his software, and I refuse to use it ever, so you must decide for yourself. Out of the general software houses, I like Central Point's goods. So those are my reasons for why I chose it: 1) It is one of the reputable companies, and, 2) Out of those reputable companies, this software has what I want. Some people will say "You are picking on the little guys trying to start out." Maybe. I wouldn't if this were a word processor where if something is screwy in version 1, you can live til version 2. But this is for your protection. Would you rather buy a gun made by Smith and Wesson or Uncle Bob's Bullet Co.? When it comes down to protection, you don't want any misfirings, and you must rely on reputation. So, if you are going to buy "anti-virus" software, remember this: + Well-known, reputable, and experienced companies with good user support like Central Point, Norton, etc. are preferred. + Out of those companies, pick the one that best suits *your* needs. Everyone's system differs. You might love using Norton's backup program, so you just want virus protection and not the full PCTools. Etc., etc., etc. Look at all the software and see what you need and want. Myths ----- Finally, I would like to expose some myths and misconceptions about viruses: "They threaten net connectivity" -------------------------------- If by "net" you mean the Internet, this is 100% false. The machines connected to the net do NOT run programs from other machines, so cannot be infected by them. They merely store programs from other machines. It would be like if a friend asked you to put that game.exe program on your disk and hold it for him until he had space on his. As long as you don't use it, you won't be injured by just storing it. Another thing to remember is that most viruses are for personal computers and most machines on the Internet are NOT personal computers, so the viruses won't affect them anyhow. The only role that the Internet plays in virus propagation (the spreading of viruses) is that if someone gets a program from the Internet for his PC and runs it he might get infected. But remember that you could also get infected by getting a program from a friend. The Internet, therefore, is not threatened by nor the cause of virus contamination. However, if by "net" you mean the LAN at work, then this is true. A lot of viruses spread rapidly through LAN networks, so if one machine gets infected, all of them can. This is because all the personal computers on the LAN run the same programs. Again, the cause here is the running of the program by computers on the net. Internet computers generally do not run the programs that contain viruses. If some idiot says that their Internet connection should be severed due to virus propagation, that would be like saying we should shut down Lake Shore Drive in Chicago since a bank robber might drive down it to get away. Sure it provides a path for viruses (bank robbers), but 99% of the time it is providing a path for legitimate purposes (law abiding citizens). "BBS's are the major cause of virus spreading" ---------------------------------------------- FALSE FALSE FALSE!! The major cause of virus spreading is LAN's and also copying from friends. BBS's merely store programs that you can copy and most people who run BBS's try and make sure none of them have viruses. A BBS is just copying from a friend over a modem. BBS's do not need to be shut down or restricted because of viruses. It is up to *you* to protect yourself from *any* program contamination no matter where you copy the program from (i.e., a friend or BBS). Some of you may have heard of Virus Exchange BBS's. Let me explain what this is: Any type of program ever written starts out as a "source file". This is a regular text file made by a word processor that contains instructions for a computer. This source file must be fed into either an "assembler" or a "compiler" to become a program that can run. This is true whether the program is a spreadsheet or a virus (viruses are programs, just very very tiny ones). Now the source file can have all of the program in it, or just part. The rest would be in other source files. So, for example, if you look at your wordprocessor in two parts you might see that one thing it does is let you type stuff in, and the other part is it lets you print things out. So it might have 2 source files: 1) tells the computer how to let you type things in, and 2) tells the computer how to print things out. A virus is made up of two basic parts: an infector and a destructor. The INFECTOR is the part of the program which hides the virus and makes it spread. The DESTRUCTOR is the mischief maker. This is the part that draws crazy pictures on your screen or erases a file on you. Now on these virus exchange BBS's, they 99% of the time just have virus SOURCE FILES not virus programs. The source files CANNOT cause infection. They must be fed to an assembler or a compiler first to become a program. Remember that for a virus to become active it must be run as a program. These BBS's do not distribute virus programs, but virus source files. Furthermore, most of the source code for viruses on these BBS's is just the INFECTOR part. This is what the programmers are interested in. This is where the innovation and creativity and "wow! Nice piece of code!" happens. The DESTRUCTOR is very basic and any idiot can do one: "del *.*". People who run VXB's (Virus eXchange Boards) are interested in code for the INFECTOR and the DESTRUCTOR is worthless. In other words, they are merely giving out the blueprints and not the bomb itself. Some jerks argue that this in itself should be illegal. Well, another article will deal with that, so please hold comments on this aspect until after I have presented my position. For right now, let me just say that in a nutshell, Virus Exchange BBS's do NOT DIRECTLY cause infections. I think even the so-called "experts" would agree with that. "The first virus was written by..." ----------------------------------- No one knows. However, if you were to ask me, I will say the first virus was written by the first person who made copy-protection. Why? Having the benefit of looking at both copy-protection and virus source code, I can tell you that they do things the same way. The infector part of the virus wants to hide itself and so does the copy-protection. They both use the same types of methods to do so. Both also make programs unusable if certain conditions are met. If it is a copy, the copy-protection stops it from working properly. If it is an infected program that meets the criteria for the destructor part of the virus to start, the virus kicks in the destructor and does its job. Again, please notice I am comparing the copy-protection with the infector, and not the word processor with the destructor. The copy-protection and the infector only differ in that the infector affects more than one program and that the actual reason for both being there (the word-processor vs. the destructor) are different. They both perform the same job - protection and sustenance of the main program. From this idea of small programs that operate to protect a piece of software known as copy-protection sprang forth the first viruses. So next time you buy a piece of copy protected software you know who to thank for your screwed up harddrive ("wah! but we don't write them!" no, but you gave them the idea and techniques! Plus, copy protection is for loser companies that don't give decent support to registered users thereby creating a huge incentive to register a product. Enuff said.). Another important similarity is that the techniques for removing copy protection from a program and removing a virus from an infected file while retaining the file are very similar (I've done both a few times). "We're all doomed!! It's Michaelangelo!!" ----------------------------------------- Yeah, eat me. I have been using computers for about 11 years. I have been on everything from a Timex Sinclair to a Cray. I've had things on my system you wouldn't feed to your dog. How many times have I been infected by a virus? ZERO I deal with over 100 computer-related people per day (I'm a graduate student in Computer Science). Here is what contact I've had with virus infection: When I was an undergrad at the University of Illinois at Champaign-Urbana (I started out in Electrical Engineering), the Mac labs got infected by a virus. Rumor has it that it was caused by someone using an infected copy of MacPlaymate (an X-rated video game for Macs) on one of the computers. Last year, the PC-LAN at Loyola University of Chicago was slightly infected by Michaelangelo, and one of the professors' PC's caught it because a student handed in his infected programming assignment (it got infected because he wrote it on the LAN). So, everyone who handed in their program got infected if they reran the program when it was returned. Like 2 more people got infected this way. A friend of mine got infected by using an infected copy of a pirated video game (serves him right hehehe!). So, for someone who uses a computer every day and knows mostly computer people, I have personally know 4 people and 2 sites that were infected by viruses, and this is over 11 years. Total damage? Not much. Nothing Anti-Virus and equivalent type software couldn't fix and a quick restore from some backups. So next time they yell "The sky is falling," tell them to line their pockets somewhere else. You should protect yourself, but it's not the end of the world. In fact the only time my harddrive got erased on accident was when I was installing OS/2. It was my fault for not reading the directions. Oops! "They endanger National Security and the military!" --------------------------------------------------- Hahahahahahaha! All I have to say is that most viruses (like 99.9%) attack only personal computers, and any military or government that depends on personal computers for national security and weaponry has more problems than viruses. And furthermore, what are they doing letting missile officers run MacPlaymate on the missile control computer anyhow? Conclusion ---------- I just hoped I made this virus thing clearer. This is not based on any virus "expertise" I have, just a thorough knowledge of computers and my experience with them (which is extensive). I am not a "virus expert" nor am I a virus author. But next time someone tries to scare you or calls themselves a "virus professional" call them an idiot. Just use common sense, make backups, and maybe get a piece of software from a good company. No one is "out to get you". Most of the virus authors are teenagers and are actually nice guys who just like to write intricate programs -- they don't even spread them around! PHALCON/SKISM is a good example. They don't even want to format a hard drive, just have a little fun programming. Once in a while one of their "projects" might get out of hand, but they're not there to make your life miserable. Sure I'd be pissed at em if Flight Simulator got infected, but no biggie. Just clean up and reinstall. Don't blame someone else if you don't make backups. So have phun, and: "Don't worry; be happy!" P.S. Sara(h) Gordon: Your rebuttal to Phrack touched me. Right about... ...there. NOT! (thanks Sarlo) Tiny Bibliography ----------------- 40HEX - the Journal of viruses published by PHALCON/SKISM. Contains new viruses by P/S and a lot of source code. Great reading for programmers, virus authors, and copy-protection people. I've used some of their disk access tricks for utilities I've written for my 386 system that bypass the device drivers. They also provide an excellent and professional analysis of virus code with commented source code from time to time. Tells ya how the varmints really tick. 4 stars! (When's the next issue, guys?!?) Hell Pit BBS - Of Sara(h) Gordon fame. If you want to see what a Virus Exchange BBS is like and why all the screaming, bitching, and whining that Sara(h) and the other people who call themselves "anti-virus" people is for nothing, give it a call. Just don't run anything you download. Most of it is source code, anyhow. Some of it is Sara(h) Gordon's source code. I wonder if ACM would approve of her "research" in virus propagation? I hope Hell Pit is still up. Sarah(s) crap caused Kato a lot of trouble including making people think it was a Fed sting operation (lie). Various hacker nets - like DarkStar, CyberCrime, etc. A lot of virus authors can be contacted on these FidoNet type BBS's. Most of them will answer any question about viruses you have unless you get too specific like "Duh, what did you write?" or too idiotic like "Viruses are terrible! Look at what Michaelangelo did!" (not much). That's just a start, but if you're curious about what viruses really are, don't ask those "anti-virus" goobers, ask the authors. ------------------------------ Date: Mon, 28 Sep 1992 13:29:05 -0400 From: "(Gary Chapman)" <chapman@SILVER.LCS.MIT.EDU> Subject: File 2--Defense Conversion Hearing The Department of Defense has set up a Defense Conversion Commission, which is traveling around the country to conduct hearings on local conversion requirements. So far there have been hearings in Atlanta; Long Beach, California; St. Louis; Dallas; Groton, Connecticut; and Seattle. The public hearings last one day, and the commission also visits sites of major defense contractors and speaks to the local press about defense conversion. The commission is scheduled to release a report on its findings no later than December 31. On September 24th, the commission held its hearing in Seattle and testifying on behalf of CPSR and The 21st Century Project was Professor Philip Bereano, professor of technology and public policy at the University of Washington. Phil spoke for ten minutes -- the alloted time for each hearing witness -- about The 21st Century Project and its program of democratizing U.S. technology policy and redirecting research and development programs to peaceful and environmentally responsible goals. There were eighteen other hearing witnesses testifying, representing a broad range of public interest and business organizations, including Washington State SANE/Freeze, Seattle Women Act for Peace, and the Washington Association of Churches. Professional organizations represented included the Seattle Professional Engineering Employees Association and the IEEE Engineering Manpower Committee. There was also testimony from the King County Diversification Committee, the local commission on economic conversion. There are six members of the commission, most of them Pentagon officials; there is one representative from the Department of Labor, and one from the President's Council of Economic Advisers. It is chaired by David J. Berteau, Deputy Assistant Secretary of Defense for Production and Logistics, and former director of the DoD's Office of Economic Adjustment. The representative from the Department of Labor (and the only woman on the panel) is Robin Higgins, Assistant Secretary of Labor for Veteran's Employment and Training, a former Marine officer, and widow of Colonel William R. Higgns, the Marine officer captured and executed by Lebanese terrorists in 1988. For more information about the commission and its work, contact the Commission on Defense Conversion, 1825 K Street, N.W., Suite 310, Washington, D.C. 20006, or call (202) 653-1664. ------------------------------ Date: Wed, 30 Sep 1992 17:05:06 PDT From: "(Nikki Draper)" <draper@CSLI.STANFORD.EDU> Subject: File 3--FBI Wiretap Scheme Examined FOR IMMEDIATE RELEASE Contact: Nikki Draper (415) 322-3778 Computer Public Advocacy Group To Examine FBI Wiretap Scheme at October Annual Meeting. Palo Alto, Calif., October 1, 1992 -- Computer Professionals for Social Responsibility (CPSR), the national public interest organization based here, will take an in-depth look at its recent suit against the Federal Bureau of Investigation (FBI) during CPSR's 1992 Annual Meeting, October 17th and 18th at Stanford University in Palo Alto, Calif. CPSR Legal Counsel, David Sobel, will talk about the FBI suit for the first time since it was filed and moderate a panel discussion on the politics of cryptography at the annual meeting. The CPSR annual meeting is a provocative two-day conference that addresses critical issues facing society as a result of information technology. CPSR filed suit against the FBI in September, after the Bureau failed to make public documents that would justify the need for its new wiretap proposal. The FBI proposal would redesign the telephone network to make wiretapping easier. Recognizing the importance of cryptography policy, CPSR catalyzed a national debate earlier this year, as to whether or not the FBI and National Security Agency (NSA) should be involved in setting the technical standards for the computer and communications industry. The panel discussion will include a screening and discussion of film clips from the movie, Sneakers. Panelists include, Joan Feigenbaum, Technical Staff, Computing Principles Research, ATT Bell Labs, John Gilmore, founder of Cygnus Support, and Dave Banisar, CPSR Policy Analyst. CPSR's annual meeting will bring together computer scientists from across the country to examine the relationship between politics and technology. Other topics include: * Teledemocracy & Citizen Participation: Beyond the Electronic Town Meeting, This session is an election year look at the dangers and the opportunities of electronic democracy. Speaker, Susan G. Hadden, professor in the LBJ School of Public Affairs, University of Texas at Austin, an expert on telecommunications and citizen participation. * Everything's Digital! Media Convergence: Hope, Hype or Hell? This session examines the social implications of multimedia convergence which is the merging of computer, telephone, and video technology. Panel discussion with David Bunnell, Editor, New Media, Denise Caruso, Editor, Digital Media, and Howard Rheingold, Whole Earth Review * Envisioning Technology Policy in a Democratic Society; A panel of technologists looks at the development of American technology policy. Panelists include, Gary Chapman, The 21st Century Project, Judy Stern, CPSR/Berkeley, Claire Zvanski, SEIU Local 790. President of Interval Research, Dave Liddle, will be the keynote speaker at CPSR's awards banquet Saturday evening. Liddle will be speaking on the Computing in the 21st Century. IBM researcher, Barbara Simons will be presented with the 1992 Norbert Wiener Award for Social and Professional Responsibility in Computing. Founded in 1981, CPSR is a national, non-profit, public interest ------------------------------ Date: 05 Oct 92 19:05:29 EDT From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: File 4--Intl. Piracy Congress Urged to Strengthen International Intellectual Property Laws Foreign copyright piracy of computer software, as well as movies, books, and music and audio recordings costs U.S. firms between $12 billion and $15 billion in trade losses each year, says the International Intellectual Property Alliance. The Alliance told a Senate Judiciary subcommittee on patents, copyrights and trademarks that losses in Mexico alone -- which were not included in the international study -- topped $150 million annually. Eric Smith, director of the Alliance, said that although Mexico has new intellectual property laws, "the situation in Mexico is still quite serious." He urged Congress to increase U.S. anti-piracy teams to crack down on foreign copying operations and aid to foreign nations to help them write tougher laws and enforce them. Countries where piracy is particularly prevalent include Italy, Taiwan, Eastern Europe, Russia, China, Paraguay, Peru, El Salvador, Guatemala and Honduras. Brazil and Venezuela are considered problem nations especially for software piracy. ------------------------------ Date: 02 Oct 92 11:13:46 EDT From: Lance Rose <72230.2044@COMPUSERVE.COM> Subject: File 5--SysLaw Announcement NEW SYSLAW BOOK! MASSIVELY REVISED AND EXPANDED! SysLaw, Second Edition: The Legal Guide for Online Service Providers by Lance Rose, Esq., and Jonathan Wallace, Esq. SysLaw provides BBS sysops, network moderators and other online service providers with basic information on their rights and responsibilities, in a form that non-lawyers can easily understand. Subjects covered include the First Amendment, copyrights and trademarks, the user agreement, negligence, privacy, criminal law, searches and seizures, viruses and adult materials. SysLaw not only explains the laws, it gives detailed advice enabling system operators to create the desired balance of user services, freedom, and protection from risk on their systems. SysLaw is available from PC Information Group, 800-321-8285 or 507-452-2824, and located at 1126 East Broadway, Winona, MN 55987. You may order by credit card or by mail. Price is $34.95 plus $3.00 shipping and (if applicable) sales tax. Price is subject to change after January 1, 1993. For additional information, please contact publisher Brian Blackledge at 800-321-8285. ------------------------------ Date: 03 Oct 92 11:54:38 EDT From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: File 6--Cu News: Dept Store Fraud / "MY PC PAL" DEPARTMENT STORE COMPUTER FRAUD The US Attorney's Office in Sacramento, California has announced an indictment against a Fresno department store for using a 'special computer program' to alter its financial records. The store, Gottschalks, has pled guilty to three criminal counts and has agreed to pay 1.5 million dollars in fines for taking illegal tax deductions and violating securities exchange laws. The store reportedly developed the program to overstate sales, supposedly by nearly half a million dollars in one quarter, allowing it to claim a profit when it was really operating at a loss. (Information Week, August 3, 1992: 10). MY COMPUTER, MY FRIEND. Logitech, Inc recently completed a "PC's and People" survey in which 98% of the 300 computer users surveyed indicated that they feel they have personal relationships with their machines. In addition, 13% said they ascribe personalities to their machines, while 9% admitted that they have named them. At least 50% said they consider their computers to be extensions of themselves. (CompuServe Magazine, October 1992: 8) ------------------------------ Date: 7 Oct 92 15:24:01 From: Moderators <tk0jut2@mvs.cso.niu.edu> Subject: File 7--Brazilian Politics in Need of Encryption? Sometimes those suspected of massive offenses should either learn to use computers properly or else not commit crimes. The current Brazilian political scandals, which threaten to topple President Fernando Collor de Mello, escalated this week when Brazilian investigators began exploring the computer files of a man reportedly at the center of the political corruption, Paulo Cesar ("PC") Farias. According to an article in England's GUARDIAN WEEKLY (Oct 4, 1992 - thanks to Bruce Sterling for sending it over), unencrypted data files may provide considerable information describing the extent of his involvement in Brazilian corruption. According to the article: Under the filename "Collor", they ((the investigators)) had found a list of several of the biggest government ministries, beneath each of which were listed in methodical fashion the main projects in that ministry, the value of the contracts allocated and the commissions charged. One of the most interesting entries concerned the Xingo hydro-electric power station--the only large development project undertaken by the Collor government. This project, involving a consortium of large Brazilian construction companies, including Mendes Junior and Odebrecht, has long aroused suspicion, largely because its costs soared $1.5 billion over budget. Now, thanks to PC's meticulous accounting, the federal police, working with the tax inspectors, believe they will be able to find out where most of the extra money went. One aspect of the listing remains baffling. At the end of each entry PC wrote the name of a star or constellation: the Southern Cross, the Great Bear, the Milky Way, Orion. These heavenly bodies, the accountants guess but cannot yet demonstrate, are probably codenames for sensitive information that PC did not want to entrust to his computer--the names of the powerful economic groups paying the commissions. ........... Though part of the computer files are damaged, the inspectors say they are finding enough evidence to establish the size of the corruption network and the president's close involvement in it. Perhaps somebody could send Brazilian crooks a copy of Phil's Pretty Good Encryption program and the investigators a registered version of Norton Utilities. ------------------------------ Date: Wed, 7 Oct 92 17:54:07 EDT From: <Nigel.Allen@LAMBADA.OIT.UNC.EDU> Subject: File 8--Police Charge Toronto Teenager in 911 Case Here is a press release that I received from the Metropolitan Toronto Police. The Toronto Star ran a story (based on the press release) on its front page today. 1992 October 06, 1950 hours Teenage Computer Hacker Nabbed by Police Detectives from the Major Crime Squad at Police Headquarters have arrested a 15-year-old North York boy and charged him with a number of computer-related crimes. Investigations have revealed that on some occasions his pranks paralyzed the Metropolitan Toronto 911 emergency telephone system. Last July, a young man called the 911 emergency number from a location in the west end of Metropolitan Toronto and reported a number of medical emergencies which caused units from the Metropolitan Toronto Police, ambulance services and local fire departments to respond. All of these calls were determined to be false. On one occasion, he totally monopolized the 911 system and rendered it inoperable thereby denying citizens access to the 911 lifeline throughout the Metropolitan Toronto area. Bell Canada security officers assisted police in their search for the source of the calls. Acting on a Criminal Code search warrant, police today entered a North York home, seized a quantity of computers and arrested a teen-age boy. He is to appear in Youth Court, 47 Sheppard Avenue East, North York, Friday, November 6, 1992, charged with theft of telecommunications, 24 counts of mischief and 10 counts of convey false message. Investigations are continuing. (end of press release) Note from NDA: More information may be available from the public affairs office of the Metropolitan Toronto Police at (416) 324-2222 or from Detective W. Johnston of the Major Crime Squad at (416) 324-6245. ------------------------------ End of Computer Underground Digest #4.49 ************************************