Computer underground Digest    Sun  Aug 15 1993   Volume 5 : Issue 61
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Copie Editor: Etaoin Shrdlu, Senior

CONTENTS, #5.61 (Aug 15 1993)
File 1--ERRATA in CuD #5.60
File 2--EFF Job Opening for ONLINE ACTIVIST
File 3--NSA Seeks Delay in Clipper
File 4--CPSR and the Nat'l Info Infrastructure
File 5--Call for Papers IFIP SEC'94 Caribbean
File 6--UPDATE #21-AB1624: *ACTION ALERT*: END-GAME APPROACHING
File 7--Illinois BBS Sysop Busted for "porn-to-minors"
File 8--In response to E-fingerprinting in Calif
File 9--Re--NIRVANAnet (A View from Brazil)
File 10--Public Domain Internet Information for Teachers <fwd>
File 11--Gory details about texsun (breakin) (fwd)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The
editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG
WHQ) (203) 832-8441 NUP:Conspiracy; RIPCO BBS (312) 528-5020
CuD is also available via Fidonet File Request from 1:11/70; unlisted
nodes and points welcome.
EUROPE:   from the ComNet in LUXEMBOURG BBS (++352) 466893;
          In ITALY: Bits against the Empire BBS: +39-461-980493

ANONYMOUS FTP SITES:
  UNITED STATES:  ftp.eff.org (192.88.144.4) in /pub/cud
                  etext.archive.umich.edu (141.211.164.18)  in /pub/CuD/cud
                  halcyon.com( 202.135.191.2) in /pub/mirror/cud
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud
  AUSTRALIA:      ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD.
  EUROPE:         nic.funet.fi in pub/doc/cud. (Finland)
                  ftp.warwick.ac.uk in pub/cud (United Kingdom)

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: Sat, 14 Aug 1993 22:51:01 CDT
From: CuD Moderators <cudigest@mindvox.phantom.com>
Subject: File 1--ERRATA in CuD #5.60

Ooops---In thanking our NIU folk in CuD 5.60, we misspelled the
name of the Director of our Academic Computing Service. Michael
Prais, not "Preis." Sorry 'bout that, Michael.

We also indicated that WYLBUR was our operating system. Neil Rickert
gently corrected us:

     Actually WYLBUR is not an operating system at all.  It is
     just a multi-user interactive text editor which runs under
     the operating system MVS-XA.

     The computer center is finally taking the plunge and getting
     a Unix system for those university users who need Unix.
     We've been pushing them in this direction.  I don't yet know
     what the arrangements and policies will be for this system.

------------------------------

From: Shari Steele <ssteele@EFF.ORG>
Date: Thu, 5 Aug 1993 17:04:14 -0400
Subject: File 2--EFF Job Opening for ONLINE ACTIVIST

The Electronic Frontier Foundation (EFF), a nonprofit organization
dedicated to protecting civil liberties for users of newly emerging
technologies, is looking to hire an Online Activist.

The Online Activist will actively participate in and organize EFF's
sites on CompuServe, America Online, GEnie, Usenet and the WELL and
will distribute feedback from the various networks to EFF staff and
board through regular online summaries.  This person will provide
leadership to groups of members and will possibly set up and maintain
an EFF BBS.  The Online Activist will help to maintain EFF's ftp
library.  This person will train new EFF staff members on online
communications.  S/he will collect and solicit articles for, write
articles for, edit and assemble our biweekly electronic newsletter,
EFFector Online.  The Online Activist will work with the System
Administrator to distribute and post EFFector Online and other EFF
electronic publications and to maintain a database of form answers for
commonly asked questions, along with the Membership Coordinator.  This
person must be willing to work out of EFF's offices in Washington, DC.

The Electronic Frontier Foundation offers a competitive salary with
excellent benefits.  For immediate consideration, please forward a
resume, along with a cover letter describing your online experience
and reason for applying for this job by August 23, 1993, to:

Online Activist Search
Electronic Frontier Foundation
1001 G Street, NW
Suite 950 East
Washington, DC  20001
fax (202) 393-5509
e-mail ssteele@eff.org (ASCII only, please)

------------------------------

Date: Wed, 11 Aug 1993 16:05:14 EST
From: David Sobel <dsobel@WASHOFC.CPSR.ORG>
Subject: File 3--NSA Seeks Delay in Clipper

                   NSA Seeks Delay in Clipper Case


     The National Security Agency (NSA) has asked a federal court for
a one-year delay in a lawsuit challenging the secrecy of the
government's "Clipper Chip" encryption proposal.  The suit was filed
by Computer Professionals for Social Responsibility (CPSR) on May 28
and seeks the disclosure of all information concerning the
controversial plan.

     In an affidavit submitted to the United States District Court for
the District of Columbia on August 9, NSA Director of Policy Michael
A. Smith states that

     NSA's search for records responsive to [CPSR's] request is under
     way, but is not yet complete.  Because the Clipper Chip program
     is a significant one involving the participation of organizations
     in four of NSA's five Directorates and the Director's staff, the
     volume of responsive documents is likely to be quite large.
     Moreover, because the Clipper Chip program is highly complex and
     technical and is, in substantial part, classified for national
     security purposes, the review process cannot be accomplished
     quickly.

     CPSR called for the disclosure of all relevant information and
full public debate on the proposal on April 16, the day it was
announced.  While NSA has insisted from the outset that the "Skipjack"
encryption algorithm, which underlies the Clipper proposal, must
remain secret, the Smith affidavit contains the first suggestion that
the entire federal program is classified "in substantial part."  In
the interest of obtaining timely judicial review of the agency's broad
classification claim, CPSR intends to oppose NSA's request for delay
in the court proceedings.

     In another case involving government cryptography policy, CPSR
has challenged NSA's classification of information concerning the
development of the Digital Signature Standard (DSS).  The court is
currently considering the issue and a decision is expected soon.

     CPSR is a national public-interest alliance of computer industry
professionals dedicated to examining the impact of technology on
society.  CPSR has 21 chapters in the U.S. and maintains offices in
Palo Alto, California, and Washington, DC.  For additional information
on CPSR, call (415) 322-3778 or e-mail <cpsr@cpsr.org>.

David L. Sobel
CPSR Legal Counsel
<sobel@washofc.cpsr.org>

------------------------------

Date: Tue, 10 Aug 1993 09:43:40 PDT
From: Nikki Draper <draper@CSLI.STANFORD.EDU>
Subject: File 4--CPSR and the Nat'l Info Infrastructure

             COMPUTER PROFESSIONALS ADD SOCIAL CONSCIENCE
                      TO NATIONAL NETWORK DEBATE

Palo Alto, Calif., August 6, 1993  --  At a recent meeting in
Washington  D.C., board members from Computer Professionals for Social
Responsibility (CPSR) were challenged by top level telecommunications
policy experts to craft a public interest vision of the National
Information Infrastructure (NII).  The experts at the roundtable
discussion included Mike Nelson from the President's Office of Science
and Technology, Vint Cerf from the Internet Society, Jamie Love from
the Taxpayer's Assets Project, Ken Kay from Computer Systems Policy
Project, and Laura Breeden from FARnet.

"We were excited to discover that CPSR is in a position to play a key
role in shaping NII policy," said CPSR Board President, Eric Roberts.
"The commercial sector is already in the thick of the debate, but
there has been little coordinated response from the noncommercial
constituencies.  After talking about the issues and CPSR's role, the
Board committed to meeting this challenge."

So far, the debate about the NII has centered around fiber versus
ISDN, cable companies versus telephone companies, research versus
commercialization, and so on.  These are real questions with
important  implications.  However, CPSR believes that a better
starting point is a set of guiding principles as the context for all these
more detailed questions about "architecture," technical standards,
and prime contractor.  Before arguing over bits and bytes, it is crucial
to clarify the vision and values that underlie a major endeavor like
the NII.

As individuals in the computing profession, CPSR's membership
knows that new technologies bring enormous social change.
CPSR's goal is to help shape this change in an informed manner.
Key issues discussed in the paper will include:

o     ensuring that the design remains both open and flexible so
       that it can evolve with changing technology.

o     ensuring that all citizens have affordable network access and
       the training necessary to use these resources.

o      ensuring that risks of network failure and the concomitant
        social costs are carefully considered in the NII design.

o      protecting privacy and First Amendment principles in
        electronic communication.

o     guaranteeing that the public sector, and particularly schools
       and libraries, have access to public data at a reasonable cost.

o     seeking ways in which the network can strengthen democratic
       participation and community development at all levels.

o     ensuring that the network continues to be a medium for
       experimentation and non commercial sharing of resources,
       where individual citizens are producers as well as consumers.

o     extending the vision of an information infrastructure beyond
      its current focus of a national network, to include a global
      perspective.

The national membership of CPSR brings a unique perspective to the
overall conception of the NII.  Throughout CPSR's history, the
organization has worked to encourage public discussion of decisions
involving the use of computers in systems critical to society and to
challenge the assumption that technology alone can solve political and
social problems.  This past year, CPSR's staff, national and chapter
leadership have worked on privacy guidelines for the National Research
and Education Network (NREN), conducted a successful conference on
participatory design, created local community networks, organized
on-line discussion groups on intellectual property, and much more.

To ensure that its position paper is broadly representative, CPSR will
work in concert with other public interest groups concerned about the
NII, such as the newly established coalition in Washington D.C., the
Telecommunications Policy Roundtable.  CPSR chapters are will be
conducting a broad based public campaign to reach out beyond the
technical experts and producers -- to people who will be affected by
the NII even if they never directly log on.

CPSR will begin distributing its completed paper to policy makers on
October 16th at its annual meeting in Seattle, Washington.  The
meeting will bring together local, regional and national decision
 makers to take a critical look at the NII.

Founded in 1981, CPSR is a national, non-profit, public interest
organization of computer scientists and other professionals concerned
with the impact of computer technology on society.  With offices in
Palo Alto, California, and Washington D.C., CPSR works to dispel
popular myths about technological systems and to encourage the use of
computer technology to improve the quality of life.

For more information on CPSR's position paper , contact Todd Newman,
CPSR board member, at 415-390-1614 .

For more information about CPSR, contact Nikki Draper, Communications
Director, at 415-322-3778 or draper@csli.stanford.edu.

------------------------------

Date: Thu, 12 Aug 1993 01:43 +0100
From: fortrie@CIPHER.NL
Subject: File 5--Call for Papers IFIP SEC'94 Caribbean

  Call for Papers IFIP SEC'94 - updated information August 1993

Technical Committee 11 - Security and Protection in Information
Processing Systems - of the UNESCO affiliated INTERNATIONAL
FEDERATION FOR INFORMATION PROCESSING - IFIP,

                      announces:

Its TENTH INTERNATIONAL INFORMATION SECURITY CONFERENCE, IFIP SEC'94
TO BE HELD IN THE NETHERLANDS ANTILLES (CARIBBEAN), FROM MAY 23
THROUGH MAY 27, 1994.

Organized by Technical Committee 11 of IFIP, in close cooperation with
the Special Interest Group on Information Security of the Dutch
Computer Society and hosted by the Caribbean Computer Society, the
TENTH International Information Security Conference IFIP SEC'94 will be
devoted to advances in data, computer and communications security
management, planning and control. The conference will encompass
developments in both theory and practise, envisioning a broad perspective of
the future of information security.
The event will be lead by its main theme "Dynamic Views on
Information Security in Progress".


Papers are invited and may be practical, conceptual, theoretical, tutorial
or descriptive in nature, addressing any issue, aspect or topic of
information security. Submitted papers will be refereed, and those presented
at the conference, will be included in the formal conference proceedings.
Submissions must not have been previously published and must be the
original work of the author(s). Both the conference and the five
tutorial expert workshops are open for refereed presentations.

The purpose of IFIP SEC'94 is to provide the most comprehensive international
forum and platform, sharing experiences and interchanging ideas, research
results, development activities and applications amongst academics,
practitioners, manufacturers and other professionals, directly or indirectly
involved with information security. The conference is intended for computer
security researchers, security managers, advisors, consultants, accountants,
lawyers, edp auditors, IT, administration and system managers from
government, industry and the academia, as well as individuals interested and/or
involved in information security and protection.

IFIP SEC'94 will consist of a FIVE DAY - FIVE PARALLEL STREAM - enhanced
conference, including a cluster of SIX FULL DAY expert tutorial workshops.

In total over 120 presentations will be held. During the event the second
Kristian Beckman award will be presented. The conference will address
virtually all aspects of computer and communications security, ranging
from viruses to cryptology, legislation to military trusted systems,
safety critical systems to network security, etc.

The six expert tutorial workshops, each a full day, will cover the
following issues:

Tutorial A: Medical Information Security
Tutorial B: Information Security in Developing Nations
Tutorial C: Modern Cryptology
Tutorial D: IT Security Evaluation Criteria
Tutorial E: Information Security in the Banking and Financial Industry
Tutorial F: Security of Open/Distributed Systems

Each of the tutorials will be chaired by a most senior and internationally
respected expert.

The formal proceedings will be published by Elsevier North Holland
Publishers, including all presentations, accepted papers, key-note talks,
and invited speeches.

The Venue for IFIP SEC'94 is the ITC World Trade Center Convention
Facility at Piscadera Bay, Willemstad, Curacao, Netherlands Antilles.

A unique social program, including formal banquet, giant 'all you can eat'
beach BBQ, island Carnival night, and much more will take care of leisure
and relax time.

A vast partners program is available, ranging from island hopping, boating,
snorkeling and diving to trips to Bonaire, St. Maarten, and Caracas.
A special explorers trip up the Venezuela jungle and the Orinoco River
is also available.
For families a full service kindergarten can take care of youngsters.

The conference will be held in the English language. Spanish translation
for Latin American delegates will be available.

Special arrangements with a wide range of hotels and apartments complexes
in all rate categories have been made to accommodate the delegates and
accompanying guests. (*)
The host organizer has made special exclusive arrangements with KLM Royal
Dutch Airlines and ALM Antillean Airlines for worldwide promotional fares
in both business and tourist class. (**)

(*)(**) Our own IFIP TC11 inhouse TRAVEL DESK will serve from any city on
the globe.

All authors of papers submitted for the referee process will enjoy special
benefits.

Authors of papers accepted by the International Referee Committee will enjoy
extra benefits.

If sufficient proof (written) is provided, students of colleges, universities
and science institutes within the academic community, may opt for
student enrollment. These include special airfares, apartment accommodations,
discounted participation, all in a one packet prepaid price.
(Authors' benefits will not be affected)

**************************

INSTRUCTIONS FOR AUTHORS

**************************

Five copies of the EXTENDED ABSTRACT, consisting of no more than 25 double
spaced typewritten pages, including diagrams and illustrations, of
approximately 5000 words, must be received by the Program Committee no
later than November 15th, 1993.

We regret that electronically transmitted papers, papers on diskettes,
papers transmitted by fax and handwritten papers are not accepted.

Each paper must have a title page, which includes the title of the paper,
full names of all author(s) and their title(s), complete address(es),
including affiliation(s), employer(s), telephone/fax number(s) and
email address(es).
To facilitate the blind refereeing process the author(s)' particulars
should only appear on the separate title page. The language of the
conference papers is English.
The first page of the manuscript should include the title, a keyword list
and a 50 word introduction. The last page of the manuscript should include
the reference work (if any).

Authors are invited to express their interest in participating in the
contest, providing the Program Committee with the subject or issue that
the authors intend to address (e.g. crypto, viruses, legal, privacy, design,
access control, etc.) This should be done preferably by email to
< TC11@CIPHER.NL >, or alternately sending a faxmessage to
+31 43 619449 (Program Committee IFIP SEC'94)

The extended abstracts must be received by the Program Committee on or
before November 15th, 1993.

Notification of acceptance will be mailed to contestants on or before
December 31, 1993. This notification will hold particular detailed
instructions for the presentation and the preparation of camera ready
manuscripts of the full paper.

Camera ready manuscripts must be ready and received by the Program Committee
on or before February 28, 1994.

If you want to submit a paper, or you want particular information on
the event, including participation, please write to:

IFIP SEC'94 Secretariat
Postoffice Box 1555
6201 BN   MAASTRICHT
THE NETHERLANDS  -  EUROPE

or fax to:

IFIP SEC'94 Secretariat: +31 43 619449 (Netherlands)

or email to:

< TC11@CIPHER.NL >

***************************************************************

Special request to all electronic mail readers:

Please forward this Call for Papers to all networks and listservices
that you have access to, or otherwise know of.

****************************************************************

Sincerely

IFIP TC 11 Secretariat

Call for Papers - updated information August 1993

------------------------------

Date: Mon, 9 Aug 1993 16:49:06 -0700
From: Jim Warren <jwarren@WELL.SF.CA.US>
Subject: File 6--UPDATE #21-AB1624: *ACTION ALERT*: END-GAME APPROACHING

        *** PLEASE WRITE, NOW!***      PLEASE, DON'T STOP NOW!

  Assembly Bill 1624, mandating online public access to public
legislative information via the public networks (i.e., the Internet
and all the nets connected to it - including wherever you are
receiving this msg), will either pass the Legislature by Sept. 10th,
or will die - and we have to re-fight the whole battle, year after
year.

  LETTERS & FAXES ARE *NEEDED*!.  THEY *WILL* DETERMINE THE OUTCOME.

REMAINING 1993 LEGISLATION SCHEDULE
  Jul 16th, the Legislature went into remission - uh, recess.
  Aug 16th, the Legislature reconvenes to diddle remaining 1993 business.
  Sep 10th, the Legislature quits working in Sacramento for the year.
  Oct 10th, the Governor must veto legislatively-approved bills he opposes.
On AUGUST 18TH, the Senate Rules Committee run by Sen. Dave Roberti
(D-Van Nuys area) will hear AB1624.  If Roberti doesn't like it, he can and
will kill it.   If Roberti passes it, it will almost-certainly pass the
Senate. Then we need for the Assembly to "concur in amendments" and the
Governor to not veto it.


  Address letters/faxes to "State Capitol, Sacremanto CA 95814."

AS SOON AS POSSIBLE, send a one-page letter supporting AB1624 to the
Senate Rules Committee - who have seen essentially *no* support for it:
Sen. David Roberti, Chair, Room 400; fax/916-323-7224; voice/916-445-8390.
 and to the other four members (tiny, *powerful* committee!):
Sen. Ruben Ayala (D-Chino area), Room 5108; f/916-445-0128; v/916-445-6868.
Sen. Robert Beverly (R-Long Bch), Room 5082; f/not avail.; v/916-445-6447.
Sen. William Craven (R-Oceanside), Room 3070; f/not avail.; v/916-445-3731.
Sen. Nick Petris (D-Alameda), Room 5080; fax/916-327-1997; v/916-445-6577.

Important:  Please send COPIES of ALL letters to the AB1624 author:
Hon. Debra Bowen, Room 3126; voice/916-445-8528; fax/916-327-2201.


CAN EMAIL VIA ME, IF YA CAN'T FIND TIME FOR SNAIL-MAIL
  If you don't have time to send snail-mail, you can email your message via
jwarren@well.sf.ca.us.
  Write it exactly as you would snail-mail, but be SURE TO INCLUDE
your name, address and phone #s for legislators' independent
verification.  Upon receipt by email, I will print and/or fax the
entire message to Bowen and to the legislator(s) to whom you address
it.  (Please allow for that delay.)

LEGI-TECH'S OLDER BROTHER DONE GOOD!
  The McClatchy organization is the owner of Legi-Tech, one of the two
largest online distributors of California legislative information.  They are
also owner of a number of newspapers - their flagship being the powerful
Sacramento Bee.
  On Jul 26th, the Bee ran an editorial *strongly* supportive of AB1624 -
laudable, principled action by The Bee, McClatchy, and presumably by
Legi-Tech in the face of a difficult trade-off between the public's
interests versus their business interests.
  Applause!  Applause!


CALIFORNIA LEGISPEAK: "AUTHOR" VS. "SPONSOR" VS. "SUPPORTER"
  In California legislative circles:
A bill's AUTHOR is a legislator who introduced the bill.
A bill's SPONSOR(S) is a person or organization, if any, that requested that
the bill be introduced by the bill's author.
A bill's SUPPORTER(S) is a person or organization that is officially listed
as being in favor of the bill, usually including its sponsor(s), if any.
  All bills have one or more authors.  Some bills do NOT have sponsors.
  AB1624's author was Assembly Member Debra Bowen.  It had no sponsors, but
has a growing number of supporters.


PROGRAMMERS:  SAMPLE LEGISLATIVE DATA-FILES ALSO AVAILABLE AT CPSR.ORG
  AB1624 Update #19 detailed a set of sample data-files for review and
test-programming, available from Tim Pozar's KUMR.LNS.COM by anonymous ftp.
  As of Jul 22nd, those Legislative Data Center sample files were/are also
online at cpsr.org in  /ftp/cpsr/states/california/ab1624/sample_data
for binary ftp access.  For questions about accessing them there, contact:
Al Whaley        al@sunnyside.com       +1-415 322-5411(Tel), -6481 (Fax)
Sunnyside Computing, Inc., PO Box 60, Palo Alto, CA 94302

We have a voice.  Use it or loose it.

------------------------------

Date: Fri, 6 Aug 93 09:28:12 CDT
From: anonymous@name.deleted
Subject: File 7--Illinois BBS Sysop Busted for "porn-to-minors"

                     "Kids, Computers, and Porn:
           For Many, Adult Material just a Keystroke away"
                Chicago Tribune, 6 Aug, 1993, p. 1, 16
                           By Susan Kuczka

     Steven's mother described her 12-year old son as a "computer
     nerd," and she believed he spent all his time engaged in
     good, clean digital fun.

                             .......

     What she didn't know was that her son also was using his
     computer to watch hard-core pornography delivered to his
     northwest suburban home by modem from a computer bulletin
     board service.

                             .......

     The discovery led to the arrest of a Des Plaines bulletin
     board operator in the first prosecution of its kind in state
     history.

                             .......

     Nancy Clausen, spokeswoman for the National Coalition Against
     Pornography, said, "Kids are getting this all the time, but
     it's hard for parents to know it's happening because it's
     easy for a child to hide.  You think your kid's a computer
     genius when he's spending hours at a computer, but when he
     has a modem, he has access to a different world, and kids
     are very curious."

<The story cites Lisa Palac, 29, editor of the quarterly magazine
FUTURE SEX, who calls it "cybersex:porn of the next generation."
According to the story, computer porn is becoming big business
with users being charged $25 to $50 year for file access, and
some of the larger services have toll-free 800 numbers.
It indicates that 13 million computer users are connected to
55,000 commercial bulletin boards nationwide, although less than
5 percent, according to the author, are "adult bulletin boards.">

     There is nothing illegal about distributing most forms of
     pornography to adults. Transmission of pornographic
     materials to a minor--whether in print or by computer--is a
     crime, though.

     But the computer pornography industry is so new that law
     enforcement authorities are only now beginning to investigate
     it as more and more bulletin board services begin to operate
     throughout the country.

<The story notes that Steven's mother spent weeks trying to interest
law enforcement officials to pursue the case, including her local PD,
the Illinois State Police, the Cook County sheriff, and the FBI.
Finally, the Cook County state's attorney accepted her complaint,
which resulted in a grant jury indictment.  The BBS sysop is Raymond
F. Netupski, 30, of 10106 Holly Lane, Des Plaines (Ill.), who began
operating his board in 1987.  Netupski's attorney is John J. Seno.
Netupski was indicted for distributing harmful materials to a minor
and obscenity, both misdemeanors. He was also charged with "unlawful
use of sound or audio visual recordings," because some of the
transmitted material was copyright-protected.  The "piracy" charge, a
felony, carries a potential sentence of up to 3 years imprisonment and
a $100,000 fine.

The remainder of the story cites a several law enforcement agents,
sysops, and others, for their comments.

------------------------------

Date: Mon, 2 Aug 1993 17:17:38 CST
From: roy@SENDAI.CYBRSPC.MN.ORG(Roy M. Silvernail)
Subject: File 8--In response to E-fingerprinting in Calif

In comp.society.cu-digest, sfs0@PHPMTS1.EM.CDC.GOV writes:

[in regard to e-fingerprinting as a condition of public assistance]

>      I fail to see this as a "Big Brother" issue.  After all, isn't
> the goal of social services in a majority of the cases to provide
> assistance temporarily?  Once the assistance is no longer needed, the
> recipient is no longer tracked.

Government and law enforcement agencies have shown a dismal track record
in the area of civil liberties of late.  I have a very hard time
believing, even for a minute, that this vast amount of personal
information will be discarded.

Furthermore, once some kind of 'evidence of benefit' can be wrested from
the selective interpretation of the program's operational record,
pressure will be brought to expand the system to more and more areas.
I've seen mention in this very forum that L.A. intends to expand to GA
and Food Stamp recipients.  California now has a magnetic stripe on
their drivers' licenses.  Will that soon contain your e-fingerprint, as
well?

Don't you agree that this is perhaps a bit too much information to be
collecting on anyone?

Or perhaps you don't see any reason to stop with fingerprints.  Coded
transponders carrying a unique identification number could easily be
implanted, say, at the base of the right thumb.  That would be even
harder to spoof than e-fingerprints.  So why not have all AFDC
recipients implanted with serial numbers?  Hey, we could even make that
number tie in to your credit card numbers, so you'd be safe from fraud.
Make it your ATM card number, and you'd be safe from the shoulder
surfers at the ATM.  And I'm sure you wouldn't mind the occasional
doorknob noting the exact time of your passage.  After all, you're an
honest man with nothing to hide, so it doesn't matter that someone could
effortlessly track your every move.

You see, once this trend gets started, it will grow to envelop us all.
Don't know about you, but I don't want that transponder.  And I'd rather
not be e-fingerprinted, either.

------------------------------

Date: Wed, 11 Aug 93 18:27:00 -0300
From: luiz.marques@BBS816.MANDIC.ONSP.BR(Luiz Marques)
Subject: File 9--Re--NIRVANAnet (A View from Brazil)

Dear CUD,

       I'd like to thank you for your wonderful journal,and
tell you that it's enjoyed even in Brazil.

       Reading the Time article on CuD 5.59,I couldn't help but
laugh after reading the following:

>One bulletin board, Burn This Flag, requires callers to fill out an
>application before gaining access to an adults-only section that
>contains files describing "bizarre sexual behavior."  But in a written
>message, Burn This Flag's system operator, known as "Zardoz,"
>acknowledges there is no foolproof way to ensure all users of the
>adult section are at least 18.

Does paper adults magazines have any way to "unsure that all
users" of it will be at least 18?To the best of my knowledge,
this magazines are sold openly without directly checking ages(this
"checking" stops at appearance analysis).And that does not consider
what will happen to the magazine AFTER it's sold...

About this kind of assault on BBS reputation,I'd like to say that
it's probably international.Recently,here in Brazil,one of the
biggest newspapers of the country published a article with wild
remarks like these:
"BBS are little stores which sell pirated programs"
"There are 120 pirate BBSs in Sao Paulo"(there aren't even
120 BBS in Sao Paulo!!!)

   These remarks are totally absurd,and most BBS around here
are completely legal(there is a small amount of "underground
BBS"here too),and hurt the BBS community as a whole.

  And the effect of such remarks are much worse here,since
the computer community (and BBSs) are greatly underdeveloped
(taking the USA as a standard).

luiz.marques@bbs816.mandic.onsp.br

------------------------------

Date: Wed, 11 Aug 1993 05:26:41 -0500
From: CuD moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 10--Public Domain Internet Information for Teachers <fwd>

From--"samizdat@world.std.com"  "B.R. Samizdat Express"

PLEASE COPY THIS DISK -- UPDATE 8/1/93
The B&R Samizdat Express
PO Box 161
West Roxbury, MA 02132
samizdat@world.std.com

(Reminder -- We're the folks who are making public-domain Internet
information available on disk, primarily for teachers who have no
access or limited access to the Internet.  We encourage you to make as
many copies of these texts as you need to share with your colleagues
and students.  If you would like to receive a list of our current
offerings, please send us email requesting it.  If you didn't see our
initial message, where we explain what we're doing and why, and who we
are, just let us know and we'll send you a copy of that as well.)

It's been a busy week:
1) All our offerings are now available for Macintosh as well as IBM
PCs.
2) The United Nations Department of Public Information has given its
support to Global Education Motivators (GEM) in our joint project
to make on-line U.N. information available in our PLEASE COPY THIS
DISK format.
3) Your suggestions and requests pointed us to the Educational
Resources Information Center (ERIC) as a possible source for a whole
series of disks about teaching techniques and educational issues, as
well as lesson plans.  4) One of you let us know the importance of
books on disks for the blind, many of whom have equipment which can
"read" such material aloud to them.
5) We've added six new disks.
6) We've learned that in the summer, with people away, obtaining
permissions from sources can take a while.
7) We've been delighted by the enthusiastic response we received.
8) We learned that there simply isn't enough time in the
day to personally respond to everyone.  (Please accept
our apologies, and our thanks for your helpful suggestions.)

We'd appreciate your help in finding sources of information to meet
the particular needs of people who have responded to us.  We are
looking for public-domain on-line sources for:  1) Chaucer, 2) current
information on Africa, and 3) history c. 1850 of importation into the
U.S. of castorbean plants (source of the toxin Ricin, which is
possibly linked to Lou Gehrig's disease) and its use in fertilizer.

The information resources available on the Internet and from the
United Nations are immense.  We need to target our efforts to provide
maximum benefit. For now, we're basing our decisions on the assumption
that some of you would like to use these like textbooks (having
students make their own copies), that others would like to assemble
your own anthologies, and that still others are interested in
government reference tools to encourage students to become informed
and active citizens.  Please let us know as specifically as you can
what information would be most useful for you and your colleagues to
have on disk.

Please send your suggestions as well as your requests to be added to
our distribution list to:  samizdat@world.std.com

------------------------------

Date: Fri, 6 Aug 1993 22:16:59 -0500 (CDT)
From: vswr!bobi@SPSGATE.SPS.MOT.COM(Bob Izenberg)
Subject: File 11--Gory details about texsun (breakin) (fwd)

# Date--Fri, 6 Aug 93 11:55:45 CDT
# From--William.Reeder@adhara.Central.Sun.COM (William Reeder)
        (Sun Central Area Network Support)

# Subject--Gory details about texsun

# Eric Schnoebelen (eric@cirr.com) writes:
# >   What I heard was that texsun got cracked, so SUN changed
# > policies to require call back on all connections.  This means that
# > SUN/texsun has to originate all calls.  I recently converted the UUCP
# > link between convex and texsun to route mail via smtp, to get "around"
# > this problem..
# >
# >   Personal thought? texsun is now out of the news providing
# > business.  And quite likely out of the general UUCP providing business.
# > Perhaps its time for another connectivity meeting. (just what _I_ need,
# > another meeting!)

# I think I can speak authoritatively about what happened to texsun :-(

# Actually, we have no evidence that anyone broke in through any of the
# modems in Sun's Dallas office (hosts texsun or dallas).  What did
# happen was that one or more people (most likely more) broke in via
# modem to a number of Sun sites around the world (must've had a good
# calling card).  We think that the initial entries were due to the most
# brain-dead of actions on our part: the intruders called us on the phone
# and asked for accounts, and we provided them.  The callers would
# identify themselves as Sun employees on vacation near the local Sun
# office (visiting parents or such) and say that they wanted to login to
# read their email.  They were able to provide enough credible
# information to convince over-worked and under-brained part-time
# sys-admins to create the accounts.  Any one of you who reads USENET
# news can probably gather enough such information from headers and
# signatures (name, title, personal workstation, office phone number,
# etc.) to make the same claims.

# Anyway, once they were in we were totally compromised.  We hadn't done
# much to keep up with security patches.  And we had lots of machines
# with "+" in /etc/hosts.equiv.  And lots of quickly crackable passwords
# on accounts (and NIS accessible password files).  In other words, no
# internal security.  The intruders almost instantly had bunches of other
# accounts to use, and seemed able to find other modem numbers (can you
# say, "directory assistance"?  I thought you could.)

# The next question is, did they damage anything?  Yes.  At the very
# least they stole source code, which is a valuable product.  They also
# deleted stuff, but I don't know what, and may have modified some
# things.  They also crashed machines or in other ways denied service to
# legitimate users.  All of those things are illegal, and damaging.  We
# are doing our best to track the intruders, but it is very difficult, as
# any of you who have tracked intruders knows.

# What we can do is secure our network.  That is why we are removing
# modems from all sales offices and setting up a small number of regional
# modem pools for employee dialup access (with three different and
# non-crackable passwords and dialback).

# I have spent the better part of the last week rebuilding texsun from
# the ground up and doing everything possible to secure it (all security
# patches applied, many services disabled, nothing trusted, security
# monitoring programs running, dialback software installed, etc.).  I
# have finally convinced my management that there is no security risk in
# restoring the UUCP accounts for a short time, allowing our connections
# to make other arrangements and smoothly move over.  The reason it is
# only temporary is that management doesn't want my UUCP modems to be the
# proverbial camel sticking its nose under the tent.  They are very
# serious about strictly limiting the number of entry points into the
# company.

# So there you have it.  Another one bites the dust.  I'm sorry to have
# to pull out of the regional UUCP community, but I can understand Sun's
# needs to maintain a secure environment.  While I agree that a properly
# configured machine running UUCP is not a security risk, Sun's employees
# have repeatedly demonstrated that they will not always properly
# configure machines or employ proper security procedures when creating
# accounts.  The only way for Sun to maintain security is to strictly
# limit access, and that is what we are now doing.  I have enjoyed being
# able to provide what I hope has been a useful service to the community,
# and will miss being a participant.  I will show up to this Month's
# lunch-bunch meeting in case anyone wants to verbally abuse Sun through
# me.
#
# -- Wills

------------------------------

End of Computer Underground Digest #5.61
************************************