Computer underground Digest    Wed Oct 7, 1992   Volume 4 : Issue 49

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Shadow-Archivist: Dan Carosone
       Copy Editor: Etaion Jhrdleau, Sr.

CONTENTS, #4.49 (Oct 7, 1992)
File 1--Viruses--Facts and Myths
File 2--Defense Conversion Hearing
File 3--FBI Wiretap Scheme Examined
File 4--Intl. Piracy
File 5--SysLaw Announcement
File 6--Cu News: Dept Store Fraud / "MY PC PAL"
File 7--Brazilian Politics in Need of Encryption?
File 8--Police Charge Toronto Teenager in 911 Case

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be
contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at:
Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL0 and DL12 of TELECOM; on Genie in the PF*NPC RT
libraries; from America Online in the PC Telecom forum under
"computing newsletters;" on the PC-EXEC BBS at (414) 789-4210; and by
anonymous ftp from ftp.eff.org (192.88.144.4) and ftp.ee.mu.oz.au
Back issues also may be obtained from the mail server at
mailserv@batpad.lgb.ca.us
European distributor: ComNet in Luxembourg BBS (++352) 466893.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited.  Some authors do copyright their material, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: 25 Sep 92 00:57:29
From: The Dark Adept <drkadpt@DRKTOWR.CHI.IL.US>
Subject: File 1--Viruses--Facts and Myths

                       Viruses--Facts and Myths
                          by The Dark Adept

This whole virus thing is a joke.  Let me tell you why:

What is a virus?
----------------
A virus is a tiny program that attaches itself to other programs.  It does
in fact operate as a biological virus does.  It finds a victim program and
infects it with a copy of itself.  Then when the victim program is
unsuspectingly run, the virus now inside it is activated.  At this point,
it can do one of two things: infect another program, or cause mischief.

What do viruses do?
-------------------
Well, a number of things.  Some erase your disks.  Others print silly
messages to your screen.  In any case, a virus is not written like other
programs are.  It uses things that other programs normally don't.  If your
computer is infected by a virus, whenever you turn on the machine that
virus is in the memory, and even if all it does is print "I want a cookie,"
it can still interfere with other programs since they don't expect it to
be there.

How do people catch viruses?
----------------------------
Yikes!  Here's where all the rumors are!  You cannot get a virus from a modem,
a printer, a CRT, etc.  Viruses only come from other programs.  So, whenever
you add a program to your hard disk or run one off of a floppy, you stand
a chance of catching a virus.  Data files (files that are not programs, like
text for your wordprocessor) cannot contain viruses.  Only programs can
contain viruses.  On IBM PC's, programs usually end in ".exe" or ".com" and
are the files that you run.  The programs are the only ones that can contain
viruses.

The only way to activate the virus is to run the program.  Say for example
you got a new program called "game.exe".  You put it on your hard drive,
but you never run it (i.e., you never tried it).  Even if game.exe has a virus
in it, you WILL NOT catch it.  The program has to be run at least once to make
the virus active.

Another thing is batch files.  These are files on IBM PC's that end in ".bat".
These DO NOT contain viruses.  However, .bat files run other programs.  So
if the .bat file runs a program that has a virus, the virus WILL be activated.
The cause is NOT the .bat file, but the program that was run BY the .bat
file.

Tell me more about these things...
----------------------------------
Ok.  Viruses can only be made for specific machines.  By this I mean
that a virus that infects IBM PC's will NOT be able to infect Macs.
There may be a tiny tiny chance if your Mac is running something like
an IBM Emulator that a virus may cause problems, but in general, if
you have a non-IBM compatible computer, and you can't run IBM software,
then you can't catch IBM viruses and vice-versa.

For the most part, only personal computers (i.e., IBM PC's and Macs) are
affected by viruses.  On IBM's, they are usually limited to DOS, so if
you are running Unix on a 386 you don't really need to worry (yet).
However, various flaws in NFS security and other technical aspects of
computers mean that viruses could someday appear in other types of
computers.

The reason why personal computers have this problem and others don't is
because of how they are designed.  Personal computers of the past were
designed for one user running only one program.  So, they could use all
the memory since it wouldn't hurt anyone else.  On a mainframe or a Unix
system, the hardware (and software) know that many people will be using
it, so they are only allowed to use the memory given to them, and if
they try and use another section of memory, the computer stops them.  Viruses
need access to memory that they shouldn't have, and on a personal computer,
there is nothing to stop them from getting it.

How do I *avoid* viruses?
-------------------------
That's like asking "how do I avoid VD?"  The answer is "don't stick it in
your slot unless you know where it's been."  If you buy the software from
a computer store, you don't have to worry.  Once in a million there might
be some type of problem, but in general, store purchased software will
NEVER have a virus.

If you copy a program from a buddy, then you might have to think twice.
Where did he get it from?  How many times has it been in someone else's
computer?  The same goes for software you download with a modem.

The only way to complete ensure you never get a virus with 100% certainty
is to allow no outside contact with your computer.  This is called a
"sterile environment" or a "Kosher komputer".  This means that you cannot
use disks in your computer that have been in other computers, and you cannot
put any type of software in your computer that has not been purchased
from a store.  In other words, the only "safe software" is "no software".

If you noticed, computer viruses operate a lot like biological viruses.
In fact, they mostly operate like venereal disease.  So look at viruses
the same way as you would at VD. The only 100% assurance you have against
infection is abstinence (from using outside programs and disks).  If
for some reason you cannot do this, then you must protect yourself.

How do I protect myself?  Is there a "computer condom"?
-------------------------------------------------------
In a nutshell, the answer is NO NO NO!!  Do not believe those
ads for anti-virus this and that.  It's crap.  Like a condom, they
*help* protect against infection, but there are no guarantees.  Whenever
you put something in your (disk) slot, you still run a chance of being
infected - the "condom" may break or be infected itself.

Well, what are the different types of protection available?
-----------------------------------------------------------
There are 3 main types of "anti-virus" software available:

o  Scanners
o  Detectors
o  Removers

+++Scanners+++
--------------
Each virus has what the anti-virus geeks call a "footprint".  What this
means is that there is a sequence of "characters" that uniquely identify
the virus.  For example, say someone gave you a book with no title or
description or whatnot and said, "Can you tell me if this is Hamlet by
Billy Shakespeare?"  Being a virus wizard, you would say "Sure!"  What
you would do is then look at all the text for the words "to be or not to be".
If you found them, then the book would be Hamlet.  This is what virus scanners
do.  They are programmed with an identifying "phrase" or footprint for
all known viruses.  Then they look at each of your programs.  If one
of them contains "to be or not to be" then it means that the Hamlet virus
has infected your program.

Those of you who have drank your coffee this morning might realize that
this doesn't help an awful lot.  For one thing, what if the text isn't
Hamlet but a review of Hamlet that has a sentence "Hamlet's soliloquy which
begins with 'to be or not to be' is the most moving part of the play." Well,
the virus scanner would see "to be or not to be" and think it is a virus!
Of course, it would be wrong.  Another thing is say I write a new virus,
and the anti-virus cronies haven't seen it yet.  Its footprint wouldn't
be in the scanner.  So the scanner wouldn't know it was a virus.

A final problem is that the scanner will only really protect you if it
scans the program *correctly* before you ever run it.  Once you run it,
if you haven't scanned it or the scanner didn't pick anything up, and there
is a virus inside, you're toast.  After you run the program, if you then
run the scanner, sure it will pick it up, but that's like going to the
doctor who tells you that you have the clap after you've got it.  The
scanner is most effective when used before ever running the program.  It
is also useful for giving your system a "check-up" every once in a while
to make sure something didn't slip by.  However, again, now you already
have contracted the virus and now must worry about getting rid of it.

So, if you're going to use a scanner, remember this:
+  You must have a current version so that the new footprints are in there.
+  It works best when you scan programs *BEFORE* they are run for the
   first time.
+  It might miss some or give you false results, so don't rely on it
   completely.

+++Detectors+++
---------------
What the detectors do is watch for virus activity.  For example, some
viruses try and erase your hard disk.  What a detector does is sit in
the background and watches for an illegal or abnormal attempt to do
something to the hard disk.  Then all sorts of alarms and bells go off
("Warning Will Robinson!  Warning!") and the detector tries to stop
the virus from doing it.  Some will also ask you if you want to allow
whatever action is taking place since you might actually be trying to
format your hard disk.

Another thing that some detectors do is a checksum/byte count check on
your files.  Remember that a virus *adds* itself to another program.
So what the detector does is make a list of all the programs on your drive
and remembers what they look like.  Then, when a virus changes one, the
detector notices this, and gives you a warning like "Program games.exe
failed checksum!" and asks you if you still want to run it.

You must know that the detector only checks program files.  It would be a
real pain if every time you changed your term paper the detector went off.
However, this is not a weakness since only program files can contain
the viruses.

It may seem that detectors are the answer, but they are not.  Remember,
the detector only detects virus activity.  This means that you already
have a virus running around in your system.  It will help stop the damage,
but the infection is already there.  Another problem is that you must
remember that the detector is hiding in the background watching.  Some
programs don't expect the detector to be there, and freak out (just like
they don't expect the viruses to be there either).  So the detector might
interfere with other programs.  The better detectors are well-written so
as to avoid this, but even then there might be problems.

So, if you are going to use a detector, remember this:
+  Detectors help stop damage caused by viruses.
+  If it detects virus activity, you are already infected.
+  You must buy a good one so that all types of virus activity are
   detected.
+  The detector may interfere with other programs.


+++Removers+++
--------------
Also called "disinfectors."  What these programs do is get rid of
the virus infection in your computer.  Once you have detected an infection,
you have to get rid of it.  However, like with cancer, that means cutting
something out usually.  Nine times out of ten, a disinfector will have to
delete *ALL* the programs that are infected.  Gone. Erased.  Never to come
back.  Some can get out the virus without deleting files, but this is
rare.  It depends on how good the disinfector is and what type of virus
it is.  The remover is probably the most crucial piece of anti-virus
software.

So, if you are going to use a remover (and you should), remember this;
+  Files (maybe important ones) will be deleted, so you need backup
   copies of your software at all times (you should have this anyhow).

Who makes this and where can I get it?  What do *you* use?
----------------------------------------------------------
There are a lot of companies who make this type of software.  I've tried
a bunch, and my *personal* favorite is made by Central Point Software.

It comes in two types of packages:
+  PC Tools Deluxe
+  Central Point Anti-Virus

PC Tools deluxe has 2 main anti-virus items: PCBackup and VDefend.  What
PCBackup does is backup your hard drive.  You should be doing this anyhow.
What it also does, however, is there is an option to scan as it backs up.
What this means is before it backs up the program, it checks it for
a virus like a scanner would.  This is important.  Say you backup your
disk every month.  Then like 3 weeks later you find that your word
processor and some other programs are infected by a virus.  You disinfect
your disk, and go to install the back up copies.  What if the backups are
infected?  You're back to square one.  PCBackup helps to ensure that your
backups are virus-free.  And, like I said under scanners, you need the
current version.  Well, good news.  The data file where all the footprints
are is updated regularly and can be obtained at no cost (last time I checked)
from Central Point via modem.  So you don't need to buy a new copy of
PC Tools every month, just get the new footprint file.

VDefend is a virus detector with a lot of neat options.  It is also part
of the PC Tools Deluxe package.  PC Tools deluxe is a nice product and
well written and I like it.  If you like Norton's software, that is good,
too, and so are many others.  I just happen to prefer PC Tools.  So, you
get a lot more for your money than virus detection.  Check it out at
your software store.

Now, the mother of all anti-virus software is Central Point Anti-Virus.
This is a killer package.  All you could want and more.  I've used it a
couple of times, but it is more than I need.  Either I'm not paranoid
or I'm too trusting.  However, if you want state-of-the-art TopGrade A-1
anti-virus protection, this is it.  It also has a disinfector built in
and a lot of other goodies.

Now, why do I prefer these packages?  I'll be honest with you.  A lot
of the other anti-virus companies are in it strictly for the money.  The
bigger the virus scare, the more money they make.  Remember the
Michaelangelo virus?  That was a load of crap.  It was a simple virus.
There are a lot more dangerous ones out there, and they are more widespread.
These companies make *only* anti-virus packages, so they need the hype
to survive.  Central Point and a few others are not in the anti-virus
industry per se.  They are regular software companies who also offer
anti-virus software.  Their programming experience is more widespread
than those who concentrate on viruses alone, and this means that their
software should be better in general.  Why?  Well, look at it this way:
Say you want to add an equalizer to your stereo.  Now, do you want the
salesperson to know about stereos in general, or just about equalizers?
Shouldn't he know how equalizers interact with the rest of the system?
A software company that creates various pieces of software will know how
they interact and perform.

Further, an investigation into the history of some of these companies,
like McAfee and Associates, brings up questions about their competence
in this type of work.  I ask you to draw your own conclusions, but as
a hint as to what I am referring, try and see what type of work McAfee
was involved in before viruses.

However, since I took a shot at McAfee, I must also state this: I have
known people to use McAfee's software and be 100% satisfied with no
complaints.  They like McAfee's software and continue to use it. It
works for them and meets their needs.  I hate both McAfee and his software,
and I refuse to use it ever, so you must decide for yourself.

Out of the general software houses, I like Central Point's goods.  So those
are my reasons for why I chose it: 1) It is one of the reputable companies,
and, 2) Out of those reputable companies, this software has what I want.

Some people will say "You are picking on the little guys trying to start out."
Maybe.  I wouldn't if this were a word processor where if something is
screwy in version 1, you can live til version 2.  But this is for your
protection.  Would you rather buy a gun made by Smith and Wesson or
Uncle Bob's Bullet Co.?  When it comes down to protection, you don't
want any misfirings, and you must rely on reputation.

So, if you are going to buy "anti-virus" software, remember this:
+  Well-known, reputable, and experienced companies with good user
   support like Central Point, Norton, etc. are preferred.
+  Out of those companies, pick the one that best suits *your* needs.
   Everyone's system differs.  You might love using Norton's backup
   program, so you just want virus protection and not the full PCTools.
   Etc., etc., etc.  Look at all the software and see what you need and
   want.

Myths
-----
Finally, I would like to expose some myths and misconceptions about
viruses:

"They threaten net connectivity"
--------------------------------
If by "net" you mean the Internet, this is 100% false.  The machines
connected to the net do NOT run programs from other machines, so cannot
be infected by them.  They merely store programs from other machines.  It
would be like if a friend asked you to put that game.exe program on your
disk and hold it for him until he had space on his.  As long as you
don't use it, you won't be injured by just storing it.

Another thing to remember is that most viruses are for personal computers
and most machines on the Internet are NOT personal computers, so the
viruses won't affect them anyhow.

The only role that the Internet plays in virus propagation (the spreading
of viruses) is that if someone gets a program from the Internet for his PC
and runs it he might get infected.  But remember that you could also
get infected by getting a program from a friend.  The Internet, therefore,
is not threatened by nor the cause of virus contamination.

However, if by "net" you mean the LAN at work, then this is true.  A lot
of viruses spread rapidly through LAN networks, so if one machine gets
infected, all of them can.  This is because all the personal computers
on the LAN run the same programs.  Again, the cause here is the running
of the program by computers on the net.  Internet computers generally
do not run the programs that contain viruses.

If some idiot says that their Internet connection should be severed due
to virus propagation, that would be like saying we should shut down Lake
Shore Drive in Chicago since a bank robber might drive down it to get
away.  Sure it provides a path for viruses (bank robbers), but 99% of
the time it is providing a path for legitimate purposes (law abiding
citizens).

"BBS's are the major cause of virus spreading"
----------------------------------------------
FALSE FALSE FALSE!!  The major cause of virus spreading is LAN's and
also copying from friends.  BBS's merely store programs that you can copy
and most people who run BBS's try and make sure none of them have viruses.
A BBS is just copying from a friend over a modem.  BBS's do not need to
be shut down or restricted because of viruses.  It is up to *you* to
protect yourself from *any* program contamination no matter where
you copy the program from (i.e., a friend or BBS).

Some of you may have heard of Virus Exchange BBS's.  Let me explain what
this is:

Any type of program ever written starts out as a "source file".  This is
a regular text file made by a word processor that contains instructions
for a computer.  This source file must be fed into either an "assembler" or
a "compiler" to become a program that can run.  This is true whether the
program is a spreadsheet or a virus (viruses are programs, just very very
tiny ones).

Now the source file can have all of the program in it, or just part.  The
rest would be in other source files.  So, for example, if you look at your
wordprocessor in two parts you might see that one thing it does is let you
type stuff in, and the other part is it lets you print things out.  So
it might have 2 source files: 1) tells the computer how to let you type
things in, and 2) tells the computer how to print things out.

A virus is made up of two basic parts: an infector and a destructor.
The INFECTOR is the part of the program which hides the virus and makes
it spread.  The DESTRUCTOR is the mischief maker.  This is the part
that draws crazy pictures on your screen or erases a file on you.

Now on these virus exchange BBS's, they 99% of the time just have virus
SOURCE FILES not virus programs.  The source files CANNOT cause infection.
They must be fed to an assembler or a compiler first to become a program.
Remember that for a virus to become active it must be run as a program.
These BBS's do not distribute virus programs, but virus source files.

Furthermore, most of the source code for viruses on these BBS's is just
the INFECTOR part.  This is what the programmers are interested in.  This
is where the innovation and creativity and "wow! Nice piece of code!"
happens.  The DESTRUCTOR is very basic and any idiot can do one: "del *.*".
People who run VXB's (Virus eXchange Boards) are interested in code for the
INFECTOR and the DESTRUCTOR is worthless.

In other words, they are merely giving out the blueprints and not the
bomb itself.

Some jerks argue that this in itself should be illegal.  Well, another
article will deal with that, so please hold comments on this
aspect until after I have presented my position.

For right now, let me just say that in a nutshell, Virus Exchange BBS's do
NOT DIRECTLY cause infections.  I think even the so-called "experts" would
agree with that.

"The first virus was written by..."
-----------------------------------
No one knows.  However, if you were to ask me, I will say the first
virus was written by the first person who made copy-protection.  Why?
Having the benefit of looking at both copy-protection and virus source
code, I can tell you that they do things the same way.  The infector
part of the virus wants to hide itself and so does the copy-protection.
They both use the same types of methods to do so.  Both also make programs
unusable if certain conditions are met.  If it is a copy, the copy-protection
stops it from working properly.  If it is an infected program that meets
the criteria for the destructor part of the virus to start, the virus
kicks in the destructor and does its job.

Again, please notice I am comparing the copy-protection with the infector, and
not the word processor with the destructor.  The copy-protection and the
infector only differ in that the infector affects more than one program
and that the actual reason for both being there (the word-processor vs.
the destructor) are different.  They both perform the same job - protection
and sustenance of the main program.

From this idea of small programs that operate to protect a piece of software
known as copy-protection sprang forth the first viruses.  So next time
you buy a piece of copy protected software you know who to thank for
your screwed up harddrive ("wah! but we don't write them!" no, but
you gave them the idea and techniques! Plus, copy protection is for loser
companies that don't give decent support to registered users thereby
creating a huge incentive to register a product.  Enuff said.).

Another important similarity is that the techniques for removing copy
protection from a program and removing a virus from an infected file while
retaining the file are very similar (I've done both a few times).

"We're all doomed!! It's Michaelangelo!!"
-----------------------------------------
Yeah, eat me.  I have been using computers for about 11 years.  I have
been on everything from a Timex Sinclair to a Cray.  I've had things on
my system you wouldn't feed to your dog.  How many times have I been
infected by a virus? ZERO

I deal with over 100 computer-related people per day (I'm a graduate
student in Computer Science).  Here is what contact I've had with virus
infection:

When I was an undergrad at the University of Illinois at Champaign-Urbana
(I started out in Electrical Engineering), the Mac labs got infected by
a virus.  Rumor has it that it was caused by someone using an infected
copy of MacPlaymate (an X-rated video game for Macs) on one of the computers.

Last year, the PC-LAN at Loyola University of Chicago was slightly infected
by Michaelangelo, and one of the professors' PC's caught it because a student
handed in his infected programming assignment (it got infected because he
wrote it on the LAN).  So, everyone who handed in their program got infected
if they reran the program when it was returned.  Like 2 more people got
infected this way.

A friend of mine got infected by using an infected copy of a pirated video
game (serves him right hehehe!).

So, for someone who uses a computer every day and knows mostly computer
people, I have personally know 4 people and 2 sites that were infected
by viruses, and this is over 11 years.

Total damage?  Not much.  Nothing Anti-Virus and equivalent type software
couldn't fix and a quick restore from some backups.

So next time they yell "The sky is falling," tell them to line their
pockets somewhere else.  You should protect yourself, but it's not the
end of the world.

In fact the only time my harddrive got erased on accident was when I was
installing OS/2.  It was my fault for not reading the directions. Oops!

"They endanger National Security and the military!"
---------------------------------------------------
Hahahahahahaha!  All I have to say is that most viruses (like 99.9%)
attack only personal computers, and any military or government that depends
on personal computers for national security and weaponry has more problems
than viruses.  And furthermore, what are they doing letting missile officers
run MacPlaymate on the missile control computer anyhow?

Conclusion
----------
I just hoped I made this virus thing clearer.  This is not based
on any virus "expertise" I have, just a thorough knowledge of
computers and my experience with them (which is extensive).  I am not a
"virus expert" nor am I a virus author. But next time someone tries to
scare you or calls themselves a "virus professional" call them an idiot.
Just use common sense, make backups, and maybe get a piece of software from
a good company.  No one is "out to get you".  Most of the virus authors
are teenagers and are actually nice guys who just like to write intricate
programs -- they don't even spread them around!  PHALCON/SKISM is a good
example.  They don't even want to format a hard drive, just have a little
fun programming.  Once in a while one of their "projects" might get out
of hand, but they're not there to make your life miserable.  Sure I'd be
pissed at em if Flight Simulator got infected, but no biggie.  Just clean
up and reinstall.  Don't blame someone else if you don't make backups.

So have phun, and: "Don't worry; be happy!"

P.S. Sara(h) Gordon: Your rebuttal to Phrack touched me.  Right about...



...there.

NOT!

(thanks Sarlo)

Tiny Bibliography
-----------------
40HEX - the Journal of viruses published by PHALCON/SKISM.  Contains
new viruses by P/S and a lot of source code.  Great reading for
programmers, virus authors, and copy-protection people. I've used some
of their disk access tricks for utilities I've written for my 386
system that bypass the device drivers. They also provide an excellent
and professional analysis of virus code with commented source code
from time to time.  Tells ya how the varmints really tick.  4 stars!
(When's the next issue, guys?!?)

Hell Pit BBS - Of Sara(h) Gordon fame.  If you want to see what a
Virus Exchange BBS is like and why all the screaming, bitching, and whining
that Sara(h) and the other people who call themselves "anti-virus"
people is for nothing, give it a call.  Just don't run anything you download.
Most of it is source code, anyhow.  Some of it is Sara(h) Gordon's source code.
I wonder if ACM would approve of her "research" in virus propagation?
I hope Hell Pit is still up.  Sarah(s) crap caused Kato a lot of trouble
including making people think it was a Fed sting operation (lie).

Various hacker nets - like DarkStar, CyberCrime, etc.  A lot
of virus authors can be contacted on these FidoNet type BBS's.  Most of
them will answer any question about viruses you have unless you get
too specific like "Duh, what did you write?" or too idiotic like
"Viruses are terrible!  Look at what Michaelangelo did!" (not much).

That's just a start, but if you're curious about what viruses really are,
don't ask those "anti-virus" goobers, ask the authors.

------------------------------

Date: Mon, 28 Sep 1992 13:29:05 -0400
From: "(Gary Chapman)" <chapman@SILVER.LCS.MIT.EDU>
Subject: File 2--Defense Conversion Hearing

The Department of Defense has set up a Defense Conversion Commission,
which is traveling around the country to conduct hearings on local
conversion requirements.  So far there have been hearings in Atlanta;
Long Beach, California; St. Louis; Dallas; Groton, Connecticut; and
Seattle.  The public hearings last one day, and the commission also
visits sites of major defense contractors and speaks to the local
press about defense conversion.  The commission is scheduled to
release a report on its findings no later than December 31.

On September 24th, the commission held its hearing in Seattle and
testifying on behalf of CPSR and The 21st Century Project was
Professor Philip Bereano, professor of technology and public policy at
the University of Washington.  Phil spoke for ten minutes -- the
alloted time for each hearing witness -- about The 21st Century
Project and its program of democratizing U.S. technology policy and
redirecting research and development programs to peaceful and
environmentally responsible goals.

There were eighteen other hearing witnesses testifying, representing a
broad range of public interest and business organizations, including
Washington State SANE/Freeze, Seattle Women Act for Peace, and the
Washington Association of Churches.  Professional organizations
represented included the Seattle Professional Engineering Employees
Association and the IEEE Engineering Manpower Committee.  There was
also testimony from the King County Diversification Committee, the
local commission on economic conversion.

There are six members of the commission, most of them Pentagon
officials; there is one representative from the Department of Labor,
and one from the President's Council of Economic Advisers.  It is
chaired by David J. Berteau, Deputy Assistant Secretary of Defense for
Production and Logistics, and former director of the DoD's Office of
Economic Adjustment.  The representative from the Department of Labor
(and the only woman on the panel) is Robin Higgins, Assistant
Secretary of Labor for Veteran's Employment and Training, a former
Marine officer, and widow of Colonel William R. Higgns, the Marine
officer captured and executed by Lebanese terrorists in 1988.

For more information about the commission and its work, contact the
Commission on Defense Conversion, 1825 K Street, N.W., Suite 310,
Washington, D.C. 20006, or call (202) 653-1664.

------------------------------

Date: Wed, 30 Sep 1992 17:05:06 PDT
From: "(Nikki Draper)" <draper@CSLI.STANFORD.EDU>
Subject: File 3--FBI Wiretap Scheme Examined

FOR IMMEDIATE RELEASE
Contact: Nikki Draper  (415) 322-3778

     Computer Public Advocacy Group To Examine FBI Wiretap Scheme
                     at October Annual Meeting.

Palo Alto, Calif., October 1, 1992 -- Computer Professionals for
Social Responsibility (CPSR), the national public interest
organization based here, will take an in-depth look at its recent suit
against the Federal Bureau of Investigation (FBI) during CPSR's 1992
Annual Meeting, October 17th and 18th at Stanford University in Palo
Alto, Calif.  CPSR Legal Counsel, David Sobel, will talk about the FBI
suit for the first time since it was filed and moderate a panel
discussion on the politics of cryptography at the annual meeting.  The
CPSR annual meeting is a provocative two-day conference that addresses
critical issues facing society as a result of information technology.

CPSR filed suit against the FBI in September, after the Bureau failed
to make public documents that would justify the need for its new
wiretap proposal.  The FBI proposal would redesign the telephone
network to make wiretapping easier.  Recognizing the importance of
cryptography policy, CPSR catalyzed a national debate earlier this
year, as to whether or not the FBI and National Security Agency (NSA)
should be involved in setting the technical standards for the computer
and communications industry.

The panel discussion will include a screening and discussion of film
clips from the movie, Sneakers.  Panelists include, Joan Feigenbaum,
Technical Staff, Computing Principles Research, ATT Bell Labs, John
Gilmore, founder of Cygnus Support, and Dave Banisar, CPSR Policy
Analyst.

CPSR's annual meeting will  bring together computer scientists from
across the country to examine the relationship between politics and
technology.  Other topics include:

    *  Teledemocracy & Citizen Participation:
        Beyond the Electronic Town Meeting,

This session is an election year look at the dangers and the
opportunities of electronic democracy.  Speaker, Susan G. Hadden,
professor in the LBJ School of Public Affairs, University of Texas at
Austin, an expert on telecommunications and citizen participation.

    *  Everything's Digital!  Media Convergence: Hope, Hype or Hell?

This session examines the social implications of multimedia
convergence which is the merging of computer, telephone, and video
technology.  Panel discussion with David Bunnell, Editor, New Media,
Denise Caruso, Editor, Digital Media, and Howard Rheingold, Whole
Earth Review

    *  Envisioning Technology Policy in a Democratic Society;

A panel of technologists looks at the development of American
technology policy.  Panelists include, Gary Chapman, The 21st Century
Project, Judy Stern, CPSR/Berkeley, Claire Zvanski, SEIU Local 790.

President of Interval Research, Dave Liddle, will be the keynote
speaker at CPSR's awards banquet Saturday evening.  Liddle will be
speaking on the Computing in the 21st Century.  IBM researcher,
Barbara Simons will be presented with the 1992 Norbert Wiener Award
for Social and Professional Responsibility in Computing.

Founded in 1981, CPSR is a national, non-profit, public interest

------------------------------

Date: 05 Oct 92 19:05:29 EDT
From: Gordon Meyer <72307.1502@COMPUSERVE.COM>
Subject: File 4--Intl. Piracy

Congress Urged to Strengthen International Intellectual Property Laws

 Foreign copyright piracy of computer software, as well as movies,
 books, and music and audio recordings costs U.S. firms between $12
 billion and $15 billion in trade losses each year, says the
 International Intellectual Property Alliance.

 The Alliance told a Senate Judiciary subcommittee on patents,
 copyrights and trademarks that losses in Mexico alone -- which were
 not included in the international study -- topped $150 million
 annually.

 Eric Smith, director of the Alliance, said that although Mexico has
 new intellectual property laws, "the situation in Mexico is still
 quite serious."

 He urged Congress to increase U.S. anti-piracy teams to crack down on
 foreign copying operations and aid to foreign nations to help them
 write tougher laws and enforce them.

 Countries where piracy is particularly prevalent include Italy,
 Taiwan, Eastern Europe, Russia, China, Paraguay, Peru, El Salvador,
 Guatemala and Honduras. Brazil and Venezuela are considered problem
 nations especially for software piracy.

------------------------------

Date: 02 Oct 92 11:13:46 EDT
From: Lance Rose <72230.2044@COMPUSERVE.COM>
Subject: File 5--SysLaw Announcement

           NEW SYSLAW BOOK! MASSIVELY REVISED AND EXPANDED!

 SysLaw, Second Edition: The Legal Guide for Online Service Providers
           by Lance Rose, Esq., and Jonathan Wallace, Esq.

SysLaw provides BBS sysops, network moderators and other online
service providers with basic information on their rights and
responsibilities, in a form that non-lawyers can easily understand.
Subjects covered include the First Amendment, copyrights and
trademarks, the user agreement, negligence, privacy, criminal law,
searches and seizures, viruses and adult materials.  SysLaw not only
explains the laws, it gives detailed advice enabling system operators
to create the desired balance of user services, freedom, and
protection from risk on their systems.

SysLaw is available from PC Information Group, 800-321-8285 or
507-452-2824, and located at 1126 East Broadway, Winona, MN 55987.
You may order by credit card or by mail.  Price is $34.95 plus $3.00
shipping and (if applicable) sales tax.  Price is subject to change
after January 1, 1993.  For additional information, please contact
publisher Brian Blackledge at 800-321-8285.

------------------------------

Date: 03 Oct 92 11:54:38 EDT
From: Gordon Meyer <72307.1502@COMPUSERVE.COM>
Subject: File 6--Cu News: Dept Store Fraud / "MY PC PAL"

 DEPARTMENT STORE COMPUTER FRAUD

 The US Attorney's Office in Sacramento, California has announced an
 indictment against a Fresno department store for using a 'special
 computer program' to alter its financial records. The store,
 Gottschalks, has pled guilty to three criminal counts and has agreed
 to pay 1.5 million dollars in fines for taking illegal tax deductions
 and violating securities exchange laws. The store reportedly
 developed the program to overstate sales, supposedly by nearly half a
 million dollars in one quarter, allowing it to claim a profit when it
 was really operating at a loss. (Information Week, August 3, 1992: 10).

 MY COMPUTER, MY FRIEND.

 Logitech, Inc recently completed a "PC's and People" survey in which
 98% of the 300 computer users surveyed indicated that they feel they
 have personal relationships with their machines. In addition, 13%
 said they ascribe personalities to their machines, while 9% admitted
 that they have named them. At least 50% said they consider their
 computers to be extensions of themselves. (CompuServe Magazine,
 October 1992: 8)

------------------------------

Date: 7 Oct 92 15:24:01
From: Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 7--Brazilian Politics in Need of Encryption?

Sometimes those suspected of massive offenses should either learn to
use computers properly or else not commit crimes.  The current
Brazilian political scandals, which threaten to topple President
Fernando Collor de Mello, escalated this week when Brazilian
investigators began exploring the computer files of a man reportedly
at the center of the political corruption, Paulo Cesar ("PC") Farias.
According to an article in England's GUARDIAN WEEKLY (Oct 4, 1992 -
thanks to Bruce Sterling for sending it over), unencrypted data files
may provide considerable information describing the extent of his
involvement in Brazilian corruption.  According to the article:

    Under the filename "Collor", they ((the investigators)) had
    found a list of several of the biggest government ministries,
    beneath each of which were listed in methodical fashion the
    main projects in that ministry, the value of the contracts
    allocated and the commissions charged.

        One of the most interesting entries concerned the Xingo
    hydro-electric power station--the only large development
    project undertaken by the Collor government.

        This project, involving a consortium of large Brazilian
    construction companies, including Mendes Junior and Odebrecht,
    has long aroused suspicion, largely because its costs soared
    $1.5 billion over budget. Now, thanks to PC's meticulous
    accounting, the federal police, working with the tax
    inspectors, believe they will be able to find out where most
    of the extra money went.

        One aspect of the listing remains baffling. At the end of
    each entry PC wrote the name of a star or constellation: the
    Southern Cross, the Great Bear, the Milky Way, Orion.  These
    heavenly bodies, the accountants guess but cannot yet
    demonstrate, are probably codenames for sensitive information
    that PC did not want to entrust to his computer--the names of
    the powerful economic groups paying the commissions.

                            ...........

        Though part of the computer files are damaged, the
    inspectors say they are finding enough evidence to establish
    the size of the corruption network and the president's close
    involvement in it.

Perhaps somebody could send Brazilian crooks a copy of Phil's Pretty
Good Encryption program and the investigators a registered version of
Norton Utilities.

------------------------------

Date: Wed, 7 Oct 92 17:54:07 EDT
From: <Nigel.Allen@LAMBADA.OIT.UNC.EDU>
Subject: File 8--Police Charge Toronto Teenager in 911 Case

Here is a press release that I received from the Metropolitan Toronto
Police. The Toronto Star ran a story (based on the press release) on
its front page today.

                    1992 October 06, 1950 hours
              Teenage Computer Hacker Nabbed by Police

Detectives from the Major Crime Squad at Police Headquarters have
arrested a 15-year-old North York boy and charged him with a number of
computer-related crimes. Investigations have revealed that on some
occasions his pranks paralyzed the Metropolitan Toronto 911 emergency
telephone system.

Last July, a young man called the 911 emergency number from a
location in the west end of Metropolitan Toronto and reported a number
of medical emergencies which caused units from the Metropolitan
Toronto Police, ambulance services and local fire departments to
respond. All of these calls were determined to be false.

On one occasion, he totally monopolized the 911 system and rendered
it inoperable thereby denying citizens access to the 911 lifeline
throughout the Metropolitan Toronto area.

Bell Canada security officers assisted police in their search for the
source of the calls. Acting on a Criminal Code search warrant, police
today entered a North York home, seized a quantity of computers and
arrested a teen-age boy.

He is to appear in Youth Court, 47 Sheppard Avenue East, North York,
Friday, November 6, 1992, charged with theft of telecommunications, 24
counts of mischief and 10 counts of convey false message.

Investigations are continuing.

(end of press release)

Note from NDA: More information may be available from the public affairs
office of the Metropolitan Toronto Police at (416) 324-2222 or from
Detective W. Johnston of the Major Crime Squad at (416) 324-6245.

------------------------------

End of Computer Underground Digest #4.49
************************************