Computer underground Digest    Sun  May 15, 1994   Volume 6 : Issue 41
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Retiring Shadow Archivist: Stanton McCandlish
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Covey Editors:         D. Bannaducci & S. Jones

CONTENTS, #6.41 (May 15, 1994)

File 1--Further info on the Tony Davis affair.
File 2--Fidonet Crackdown in Italy
File 3--hacker crackdown takes place in Italy
File 4--German CDROM cracked
File 5--PGP 2.5 available from EFF ftp site
File 6--MTV SUES CURRY
File 7--AOL Chat Rooms (In re: CuD 6.40)
File 8--Re: "Child Abuse in Cyberspace"
File 9--Re: CuD 6.27 -- Response to E. Weykers (in re 2600 Mag)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:   from the ComNet in LUXEMBOURG BBS (++352) 466893;
          In ITALY: Bits against the Empire BBS: +39-461-980493

FTP:   UNITED STATES:  etext.archive.umich.edu (141.211.164.18)  in /pub/CuD/
                       aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
  JAPAN:          ftp.glocom.ac.jp /mirror/ftp.eff.org/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: Sat, 14 May 94 18:05:00 -0600
Message-Id: <125.372.27.0C3F6D46@irs.com>
Subject: File 1--Further info on the Tony Davis affair.

Have heard little mentioned on the net regarding this case recently.
Saw a recent AP report on it though.  Below is a summarized version.

*****

Jury Finds man guilty in computer porn case.  (05-05-94)

Anthony Davis faces up to five years in prison after an Oklahoma jury
found him guilty of distributing obscene material on computer discs.

District Attorney Robert Macy praised the work of the Oklahoma City
Police Department's vice unit, which arrested Mr. Davis in July 1993
during a raid at his software publishing business in south Oklahoma
City.

The jury found Mr. Davis guilty of two counts of distributing obscene
material, one count of possession of obscene material, one count of
trafficking in obscene pictures, and one count of illegal use of a
computer.

In addition to the prison sentence, Mr. Davis was fined about
$33,000 and forfeited nine modems, two CD-ROM changers, four CD-ROM
drives, two keyboards, two monitors, four power strips, two power
boards, and two computers.  Prosecutors say he is appealing the
forfeiture.

District Judge Richard Freedman considered dismissing the case because
of concern that computerized images were not specifically included in
the state's obscenity statutes.

He allowed the trial to continue after prosecuters argued the obscenity
statute cites "writings" and that CD-ROMs are writings contained in
computer code.  The statute also includes the term "pictures" and the
images in question are computer reconstructions of pictures, the
prosecution argued.

Judge Freeman allowed Mr. Davis to remain free on bond pending formal
sentencing on June 17.

*****

The article did not detail many of the pertinent facts regarding the
case such as the excessive overreaching of the OK PD in seizing so much
material when the warrant was *specifically* for CD-ROM disks only. The
fact that Mr. Davis is a publisher of legitimate computer software and
the CD-ROMs in question were from a third party supplier, Mr. Davis was
acting as a distributor only of those CD's.  No information was given as
to the status of any suits Mr. Davis might have initiated against the
authorities in question, regarding violations of the ECPA or the PPA.

------------------------------

Date: Sun, 15 May 1994 11:37:04 -0700
From: Bernardo Parrella <berny@WELL.SF.CA.US>
Subject: File 2--Fidonet Crackdown in Italy

On May 10-12 1994, the first nationwide crackdown on telecom nets was
operated by Italian police.

Acting after a warrant issued by a Prosecutor in Pesaro, about 60
Bullentin Board Systems throughout the country have been visited and
searched by police officials.

Dozens of people were formally accused of "distribution of illegally
copied software and appropriation of secret passwords" under the law
approved by Italian Parliament in January this year.

In several cases police officials didn't know what to search for, thus
seizing computers, floppy disks, modems along with electric outlets,
answering machines, audiotapes, personal effects.

The raids also hit private houses and belongings, and in some places
sleeping people were abruptly woken up facing machine guns.

After searching probably around one third of the entire network - that
includes more than 300 BBSes - police officials closed several Fidonet
nodes, but no arrests  were made.

A still inaccurate figure of people were charged with software piracy, and
dozens of computers and related devices were seized - along with
thousands of floppy disks, CD-Roms, W.O.R.M.S.

Moving after a suspected software piracy ring run by people involved
in a Fidonet node, the crackdown started in the night between May 10
and 11 in Milano, targeting in the two following days BBSes in Pesaro,
Modena, Bologna, Ancona, Pisa and other cities.

Fidonet Italia, member of the worldwide Fidonet network, is a
non-profit organization devoted to distribution of shareware and
freeware programs as well as to electronic forums on topics ranging
from technological to social issues.

An essential communication tool for several groups and individuals
throughout the country, Fidonet Italia became an active multi-cultural
vessel and distributor of several different nodes dedicated to
specific issues: Peacelink (solidarity, human rights), Cybernet
(cyberpunk), Ludonet (games), Scoutnet, Amynet, and others.

For thousands of Italian people, Fidonet BBSes today are invaluable
tools of information-exchange, social activism and professional
activities.

The network policy strictly prohibits any distribution of illegally
copied software and fraudulent appropriation of secret passwords.
Also, Fidonet is one of the few International organizations which has
always stated and pursued a clear position against unauthorized
copying software.

At the moment, the raids seems to be motivated by accusations against
two people involved in a Pesaro-based BBS who were using Fidonet
contacts to allegedly distribute illegal copies of computer programs.

However, there are no reasons for such a vast law enforcement
operation.  Most likely the prosecutor acted simply on the basis of
the Fidonet telephone numbers list (publicly available) owned by the
two suspected of software piracy.

The vast majority of the people searched don't have any kind of
relationship with the suspected, and many of the search warrants
stated a generic "conspiracy with unknown" for the crime of software
piracy.

Particularly, the random and arbitrary seizures of floppy disks and
personal computers are completely unmotivated, because every BBS is a
completely independent structure and each sysop is running his/her own
hardware and software.

The seizures will resolve in a great economic loss for these people
and their professional activities will be surely affected from
negative publicity.  Some of them own small computer-related companies
while others are physicians, hobbyists, students who risk personal
savings to run their services.

Because police officials also seized electronic and paper archives
containing data and numbers of the people who logged onto Fidonet
nodes, it is evident that investigations are going even further - thus
violating the constitutional right to privacy.

The first result of this crackdown is that many Fidonet operators
decided to shut down immediately their systems all over the country,
fearing heavier police intrusions in both their public activities and
private lives.

While the Italian Parliament recently approved specific laws about
copyright and piracy of computer software, there are still no rules to
protect personal privacy in the electronic medium.

This legislative void inevitably makes the sysop the only responsible
person about anything happens onto and around his/her own BBS.

Fidonet operators do not want and can not be the target of
undiscriminated raids that, forcing them to closing down their
activities, cause serious damages to themselves as well as to the
entire community.

In an article published Friday 13  by the newspaper "La Repubblica",
Alessandro Marescotti, Peacelink spokesperson, said: "Just when the
worldwide BBS scene is gaining general respect for its important role
at the community level, in Italy the law hits those networks that have
always been strongly against software piracy. Charging dozens of
honest operators with unmotivated accusations, the main goal of this
crackdown is directed against the social activities of small community
nets - thus clearing the space for commercial networking."

While terms and figures of the entire operation should still be
clarified, on Sunday 15 Fidonet Italia operators will meet in Bologna
to study any possible legal counter-action.

------------------------------

Date: Fri, 13 May 1994 12:09:50 -0500 (CDT)
From: David Smith <bladex@BGA.COM>
Subject: File 3--hacker crackdown takes place in Italy

---------- Forwarded message ----------
Date--Fri, 13 May 94 11:23:02 EET
From--Riccardo Pizzi <staff@ita.it>
Subject--Busted!!

things are getting really bad here...

On Wednesday, 11th of May, at 3:30 pm, the italian Feds came into my
house while I was out of town for a consulting business. They went
into my bedroom and seized all my equipment, diskettes, tapes. This
action was part of a nationwide raid against software piracy that hit
some other 40+ FIDONET sites (yes, they seem to have used a Fido
nodelist to find out about sites to investigate). Needless to say, I
didn't even had DOS on my disk drives, let alone any copyrighted
software. Anyway, they have now all my work of the latest 5 (five)
years, including all backup copies of UniBoard and related stuff..
and I don't know if I will be ever able to have all my stuff back.  I
have also lost my nervous.com email address, but I can be reached here
as <staff@ita.it>; I will try to keep you informed about this (very
bad) story.  Please, forward this to the alt.bbs.* groups, since I do
not have news access here, and am also missing all the email addresses
of my customers and friends..

Wish me luck,

Rick
     Riccardo Pizzi, SysAdmin                  Tel--  +39 71 204046
     I.T.A. Informatica e                      Fax-- +39 71 2073033
     Tecnologie Avanzate s.r.l.                E-Mail--staff@ita.it

------------------------------

Date: Sun,  8 May 94 22:25:00 UTC
From: grmeyer@GENIE.GEIS.COM
Subject: File 4--German CDROM cracked

                   The Fairytale of Data-Encryption
                                  or
          How to Crack a CD ROM full of Commercial Software

by HOWARD FUHS 100120.502@compuserve.com

((MODERATORS' NOTE: The following article details the events of a
CD-ROM "software sampler" that was promptly cracked by some German
programmers. We've edited the article slightly, but for the most part
have left it as it was submitted. Please note that English is not the
first language of the author.))

Once upon a time a company decided that the world might be ready and
so they tried to invent a new way of distribution for commercial
software. It was a few weeks before the CeBit Computer Fair in
Hannover and the company sent out merry men to talk to the giants of
the software industry. The software giants listened well and thought
it might be a very good idea.  They accepted and so they started to
distribute their good and expensive software in an encrypted form on a
CD ROM.

The encryption software was especially programmed for the inventive
distributor and he believed that the encryption was so secure that
even a evil hacker can't get access to the software. According to an
official statement of the company, the encryption method is similar to
DES and as secure as DES.

His project has to become a success so he gave away the CD ROM for a
fee of 10 DM ( $ 6.-) and the Ziff Verlag (German office of the Ziff
Publishers with own magazines in the german language) distributed the
CD ROM for free as an inlet in one of their magazines. And, really,
the CD ROM was a success. But that's not enough. To complete the total
success of the project, the CD ROM was given away on the CeBIT
Computer Fair. What a success! About 300 000 CD ROMs were produced.
Most of them were given away.  The distributing company claimed in
some public statements that this might be the future way to distribute
commercial software and they will lead the pack.

The content of the CD ROM was the "Who is Who" of the software giants.
Novell, Microsoft, Lotus, Borland and so on.  The software giants
claimed that the total value of the software is more than 100 000 DM
(70 000 $) and they all were pretty sure that this concept will be
very successful.

The future concept was to generate a checksum with a program which
was also the content of the CD ROM. This checksum was calculated
especially for that program the daring user wanted to buy. The user
just had to call a hotline number of the distributing company and tell
the operator the software package he wanted to purchase. The operator
asked for the generated checksum and the credit card number. After
verification the operator gave away the golden key to decrypt the
desired software.

For using the golden key the user had to start the decryption
program which was also stored on the CD ROM. The decryption program
asked for the key, and voila, the decrypted commercial software can be
stored on diskettes ready for installation. Life can be so easy.

What a challenge for a really bad, mean and intelligent hacker. First
of all, he checked the content of the CD ROM - and found a strange DLL
file. After a close look at the DLL file the Gentleman started his
debugger and checked the whole decryption program. And after a few
days of work he was able to write a program to calculate the
decryption codes.  He still refuses to tell the public in which way he
was able to crack the encryption of the software.

Members from the Chaos Computer Club in Hamburg claim that the intend
was to show how easy it is to crack the encryption and not to get
access to the commercial software. The fact was told to the
distribution company and the Ziff Verlag during the CeBIT and was
demonstrated in front of an audience. Both companies stopped the
distribution of the CD ROM immediately.

The results of the crack:
Everybody is looking for the CD ROM. People are willing to pay more
than 100.- DM for the CD ROM and are looking for crack codes or the
crack program. The first crack codes are appearing in the FIDO Net.
And a lot of cracks are working almost fine. Two persons tried to sell
faked crack programs for 200.- DM each.

The giants of the software industry are checking the possibility to
charge the distribution company for the amount of more than 3 Billion
US$.  In an official statement the giants are claiming that they will
lose more than 3 Billion US$. If it is necessary they will bring the
case to court.

There is no official statement from the distribution company.

Each and every newspaper or news service was selling the story all
over Germany. Even if they have not the faintest idea what they are
talking about.

Depending on the point of view, the CD ROM and the distribution
concept were very successful.

==end==

------------------------------

Date: Wed, 11 May 1994 16:46:49 -0400 (EDT)
From: Stanton McCandlish <mech@EFF.ORG>
Subject: File 5--PGP 2.5 available from EFF ftp site

With the early May announcement of the availability of the new version
of PGP (Pretty Good Privacy) a free encryption program for email and
other files, EFF has decided to provide PGP and other cryptographic
material to users of the Internet.  EFF applauds and congratulates the
PGP development team, MIT (who initially made PGP 2.5 available), and
RSA Data Security (patent holders of the RSA and RSAREF encryption
code) for coming to an agreement and providing this new version of the
most popular email encryption program in the world - a free version
that is finally legal in the US.

Previous versions of PGP arguably violated US patent law, with the
exception of ViaCrypt's commercial PGP 2.4, but the new 2.5 is built
upon the free RSAREF encryption functions, rather than the previous
RSA functions which required a special licensing arrangement for use
in applications like PGP.

Despite the patent & licensing issues being resolved, PGP is still not
legally exportable from the United States (except to Canada), due to
ITAR export restrictions which categorize cryptographic materials as
weapons of war.  Thus, EFF can only make PGP and other crypto tools
and source code available to US and Canadian nationals currently
residing in the US or Canada and connecting to EFF's site from a US or
Canadian site.

PGP and similar material is available from EFF's ftp site in a hidden
directory, and only to Americans and Canadians.  Access to this
directory can be obtained by reading and following the instructions in
the README.Dist
file at:

ftp.eff.org, /pub/Net_info/Tools/Crypto/
gopher.eff.org, 1/Net_info/Tools/Crypto
gopher://gopher.eff.org/11/Net_info/Tools/Crypto
http://www.eff.org/pub/Net_info/Tools/Crypto/

PGP can only be obtained from EFF via ftp currently.  Gopher and WWW
access to the material itself is not supported at this time.

Only the DOS and Unix versions of PGP 2.5 have been released so far.
The Unix version is in source code form, and so can be readily ported to
VMS, NeXT and many other operating systems.  A Macintosh version has yet to
be released.

If you would like to see US export restrictions on cryptography removed,
please send a message supporting Rep. Cantwell's export reform act (bill
HR3627) to cantwell@eff.org, ask your Representatives to co-sponsor this
bill, and ask your Senators to co-sponsor Sen. Murray's companion bill
(S1846) in the US Senate.  Congress contact information is available from
ftp.eff.org, /pub/EFF/Issues/Activism/govt_contact.list

------------------------------

Date: 10 May 1994 03:44:36 -0400
From: curryco@PANIX.COM(Adam Curry)
Subject: File 6--MTV SUES CURRY


                             [IMAGE] MTV SUES CURRY
===============================================================

Last update: May 10 1994

_New Jersey, May 10 1994_

I had planned to keep the following quiet until more information was
available, but since several journalists have already caught wind of
it, I decided to get it out into the open so my side of the story is
heard as well.

The domain I maintain and operate on the Internet, mtv.com was founded
approximately one year ago. At that time I registered mtv.com with the
InterNIC, purely because it was a cool address to have, and it was
available.  What a great "vanity plate"!

The site quickly became a frequently accessed "hangout" on the net,
with an average of 35000 accesses daily from Mosaic clients alone.
During the start up months I had many conversations with executives at
MTV Networks about my endeavors, which btw, were all financed out of
my own pocket, and vps from MTV Programming as well as Viacom New
Media were aware of what I was doing on the internet, and although
they stated "MTV has no interest in the internet" they gave me their
blessing and supported my efforts.

This was enforced when I set up several email accounts on mtv.com for
use in MTV's on-air programming. Ever since the summer of '93,
popquiz@mtv.com was used for trivia quiz questions, that were then
aired on MTV's "Most Wanted" a program I hosted at the time.
Solicitations were made on the air, and the address was shown on the
screen. For MTV's annual Valentines video dedications, viewers were
offered the choice of calling in their dedications, or sending them
via email to elove@mtv.com.

I never charged MTV Networks for this service, I purely saw it as a
cool feature to introduce to MTV's programming, spreading the
"gospel", so to speak.


Then I started to get a lot of press about mtv.com, and some people
started to wake up at 1515 Broadway (MTV's HQ in New York City). And I
was served with a "Cease and desist" on the use of mtv.com. MTV's
attorneys claimed that there could be "confusion" for users of the
internet, when connecting to *anything* that had the letters mtv in
the address, and then receiving music and entertainment information. I
was obviously hurt by this move, but did see what point they were
driving at, an asked if we could settle this matter amicably.

The situation cooled down for a couple of months, but when I resigned
on-air from my job as a VJ, which MTV chose not to air btw, things
started to get ugly.

Long story short, MTV Networks has filed a lawsuit against me, for
copyright infringement of their "trademark", that being their "MTV"
call letters, as well as having information online that was MTVN
"property". In this case they are referring to several press releases
I put up on mtv.com, such a an announcement about Beavis and
Butthead's "experience" cd release. Understand that MTVN sent me these
releases over their own internal computer network for this very
purpose! Again, I was only doing this to promote the channel, not for
my own personal gain..after all...mtv.com is free access for all, no
charge.

Throughout all of this I have offered to maintain the site
specifically for mtv, but again they said "we're not interested".
Of course I have no problem whatsoever removing all references to MTV
Networks and it's projects from mtv.com, no that I don't work there
anymore gives me even more reason to want to do this, but the kicker
is they are moving for an injunction to make me stop using the
internet address mtv.com!

This is ofcourse totally unacceptable, I registered the domain name,
and I don't plan on giving it up. Sure MTV and their parent company
Viacom have a vast legal team, but david also nailed goliath, so I
have faith. In the long run, everyone knows that the only *true*
winners will be the lawyers.

There are many different viewpoints on this situation, but I feel that
the use of mtv in an addressing scheme can't be seen as an
infringement of intellectual property laws, and a search of the
InterNIC database shows at least 15 domain names registered with mtv
in the address. Irony is that I incorporated a company called ON RAMP,
Inc (tm) and onramp.com was already registered to someone else, but
I'm not suing them :)

It appears to me that MTV has their mind set on the address mtv.com,
maybe not for now, but possibly for future use, and I feel extremely
used, in that I built up quite an audience for that address, and they
are basically saying "thank you very much, you may go".

A pre-motion hearing is scheduled for this thursday morning at 11am,
wit the honourable Judge McKenna presiding, in an attempt to get an
injunction to make me stop using the address mtv.com. I will update
the situation as it unfolds.

Adam Curry, adam@mtv.com

------------------------------

Date: 9 May 94 17:48:36 GMT
From: dbatterson@ATTMAIL.COM(David Batterson)
Subject: File 7--AOL Chat Rooms (In re: CuD 6.40)

This is a followup to Howard Rheingold's article, "Why Censoring
Cyberspace Is Futile," Cud #6.40.

Young Gay Chat Rooms on America Online
by David Batterson

     America Online (AOL) took some heavy media hits over the widely
reported story involving a 14-year-old boy and an adult male he met
through the online service.  As a result, AOL's TOS (Terms Of
Service) dept.--also known as TOSAdvisor--began a crackdown on
certain Member Rooms.

     As a clarification, chat rooms on AOL consist of three types:
Public, Member and Private.  Public Rooms are as described, and
explicit language of a sexual, "vulgar" or "bashing" nature is now
allowed under TOS guidelines.  AOL has volunteers called Guides who
help keep order.

     Member Rooms are created by AOL users who want to meet others,
generally for "dating" and sexual reasons.  More explicit language is
tolerated in such rooms, since users specifically go looking for
these rooms.  Examples of Member Rooms are "Married but not dead,"
"Yng Men 4 Older Women," "Men 4 Men," "Bi F 4 Bi F," "Men's Locker
Room," "Fantasies and Dreams" and so forth.

     Guides can enter Member Rooms, but don't do so as much as they
do Public Rooms.  When AOL users want total privacy, they can create
a Private Room where even Guides and TOS representatives cannot
enter.

     Because AOL came under pressure, TOS started removing rooms from
the Member Rooms list with names such as "Yng M 4 Yng M."  Such rooms
are frequented by gay and bisexual teens and young adults, although
older adults may also access the rooms too.

     After complaints against TOS by a number of users--and a
petition campaign launched by a teen AOL subscriber, and a request
from me to TOS for an explanation, I received the following e-mail:

     "To avoid giving the impression that we allow solicitation of
minors online, we are very cautious in allowing room names
referencing youth.  Anything that could possibly be construed as
sexual is usually made private.  'Yng M 4 Yng M falls under this
category.  It is ambiguous in that 'M' could mean 'male', hence
underage male.

     You may create the room 'Yng Men 4 Yng Men', which specifically
states that the occupants seek to meet adults.  I hope this clears up
our position on this."  The letter was signed by Pete, Terms of
Service Advisor, America Online, Inc.
                                   #

NOTE:  Following is an excerpt of e-mail from the person who
circulated the petition on AOL.  It speaks for itself.  He wishes to
remain anonymous, for obvious reasons.


Subj:  Re: TOSAdvisor hysteria
Date:  94-05-07 21:45:46 EDT
From: KC 16M
To:    Dbatterson
Posted on: America Online


I hope you find relevant remarks contained herein for anything you
wish to write.  Feel free to forward it as an example of how not
everyone's writing skills have been damaged by the American
Educational System.  :-)

In making any statement of position, I strongly believe that I echo
the views of teenagers, both gay, bi, and straight.


WHO I AM

I am soon to be a 17 year old male.  I'm from down-state New York.  I
am a president of a prominent nationwide youth group and a former
vice-president of an honor student's organization.  I have a number
of years experience in dealing with peer counseling and in active
leadership roles.

I have never been a gay rights activist.  I am a teen activist and am
involved currently with 3 organizations.  I don't have time for a
typical social life, because I am dedicated to my interests.  While
this has a number of low points (I can only be on AOL at midnight,
and sometimes fall asleep while typing), it has many very lofty
rewards that I enjoy.  I have received certificates, awards, and many
thank you cards in the last 3 years.

I am an honors student, and have a particular interest in education
techniques, cognitive and behavioral psychology,  and human
sexuality.  I have audited college classes on those topics for 2
years (at night!).

WHY I'M GETTING INVOLVED IN A PETITION

As a high school student, I am well aware of the discrimination that
affects my generation.  I have many gay friends online as a result of
my own exploration of sexual identity and have not settled on any
singularity of attraction yet.

While I don't limit my online friends to any particular group, I
identify with the struggle that fellow teens have in keeping a room
open for discussion and FUN of relevant issues.  If an issue so
immediate as sexuality can be considered a relevant issue, then rooms
should be available for it.

To state it simply:  If it can be available for adults, why should
there be a limit in what is available for teens?  Don't even bother
with the law, as it cannot be enforced in a domain where people won't
give out more than their screen names to strangers.

What about the dumb kids who give out personal information?  Well,
don't worry about them; they are just as likely to drown in a bowl of
cereal.

WHY PETITION?

A petition will demonstrate to AOL that there is an interest in it,
by teens FOR TEENS.  We are not stockholders.  We are customers.  AOL
provides a computer and networking system....we use it. AOL gives
ground rules for using it....we follow them.  AOL requires
payment...we pay.  Customers want something done....business doesn't
respond.

Notice the problem?  :-)

There are many admirable aspects of the system.  What we want is the
huge corporate entity to respond to its customers, as any other
company must.  All of us who use AOL have money at our disposal, and
we use it freely.

HOW WE INTERPRET AOL's POSITION ON TEEN ROOMS:

It seems highly hypocritical for an organization, for-profit
especially, to discriminate against gay teenage males simply for
their age.  Notice, we are not discussing the issue of homosexuality,
per se, because it is obvious that AOL is a gay-friendly employer and
company."

It is hypocritical for a few reasons:

  1)  There already exists "teen chat" rooms.  If the policy of AOL
was to protect minors from untoward sexual advances from
perverts/adults in those rooms, they would not exist.

  2)  There already exists "gay adult" rooms.  There are "adult chat"
areas.  Now that we've established that there are teen rooms, adult
rooms, and adult gay rooms, the question we should think about is,
"Why aren't there gay teen rooms?"

  3)  Screen names make it impossible for adults and teens to tell
each other apart.  One method we use is discussion of relevant issues
(including sex); those who are unable to relate to the discussion are
"Pervs" who we know to avoid.

  4)  There are procedures for dealing with perverts, which most
teens (in contrast with most of the adults we've encountered) are
familiar with.  Flooding e-mail boxes of annoying perverts,
IGNORE'ing them in chat rooms, and shutting off our Instant
Message'ing are all very effective methods.  In addition, there
already exists many corporate techniques of handling jerks,
such as "GuidePager" and TOS.

  5)  We are not defenseless, nor innocent.  Most, though not all, o
the teenage users of AOL have extensive "modeming/BBSing" experience.
We are neither ignorant of the protection that AOL provides through
screen names, or of how to handle an annoying person.

In essence, the issue is one of age discrimination for teenagers who
do not need protection.  Another user on AOL wrote: "a request has
already been made to the GLCF (Gay Lesbian Community Forum) on AOL to
have an adult-monitored teen room for outreach, networking and
discussion."

I don't wish to sound arrogant or resentful, but that is an
adult-centered approach.  It doesn't recognize the fact that most
teenagers, sexually explorative or not, are uncomfortable by any
adult presence.   If teens know that an adult is present, we will IM
(Instant Message) each other, and go to a private room.

Further, to assume that perverted adults will not enter that room i s
to dismiss that they are just as capable of creating phony profiles
as anyone else...a foolish assumption by any person.

Some of what is written below is repetitive, but may serve to further
clarify our position.  Because QUIRK [GLCF Forum Host] took the time
to write out specific logistical questions, I'll repeat them with
answers that I hope you both can use (IN KEEPING WITH THE SPIRIT OF
QUIRK'S NAME, MY ANSWERS ARE IN CAPS):

* How can AOL insure that such a space will not become a magnet for
chickenhawks?

     THEY CAN'T.  NOR, FROM A LEGAL PERSPECTIVE, EVEN TRY.  ONCE AN
ORGANIZATION TAKES A POSITION WHEREBY IT SEEKS TO "PROTECT" ITS
CUSTOMERS, IT BECOMES LIABLE FOR INFRACTIONS.  THE SMARTEST APPROACH
WOULD BE TO ACKNOWLEDGE THAT AOL IS A DATABASE AND NETWORKING SYSTEM,
NOT A SOCIAL AGENCY.  IN DOING THAT THEY DISCLAIM AND INDEMNIFY
THEMSELVES FROM ANY LIABILITY RESULTING FROM ABUSES OF THAT NETWORK,
WHERE USE OF THE NETWORK CONSTITUTES A VIOLATION OF LAW.

* What restrictions/rules are teens willing to generate and adhere to
that will keep adult predators out of the area?

     A FEW BASIC ONES.  PRIMARILY, WE WOULD AGREE TO LIMIT EXPLICIT
SEXUAL DISCUSSIONS TO INSTANT MESSAGES AND PRIVATE ROOMS.  WE WOULD
AGREE THAT THE "TOS" RULES WILL REMAIN IN EFFECT FOR PUBLIC CHATTING.

     WE WOULD AGREE THAT AN ADULT'S PRESENCE, AS DEFINED BY THE ROLE
OF "GUIDES", IS TOLERABLE.  IN PRACTICE AND THEORY, GUIDES ARE
NOTIFIED ONLY WHEN THERE IS JUSTIFIABLE NEED, THOUGH THEY ARE SOCIAL
CREATURES WHO LIKE TO POP INTO "TEEN ROOMS" ANYWAY.  HOWEVER, WE
WOULD NO MORE APPRECIATE A CONTINUOUS PRESENCE THAN ANYONE OF ANY
OTHER GROUP WOULD.

* How will you verify the age of the teens using such a space?

     WE CAN'T, NOR SHOULD.  AOL SHOULD DISCLAIM ITSELF OF ANY ABILITY
TO VERIFY AGE.  WE ARE ALL CUSTOMERS OF AOL FOR 3 COMMON REASONS:  1)
CONVENIENCE/ACCESSIBILITY,  2) AFFORDABILITY, 3)  ANONYMITY.

* Who will monitor the area to make sure the it remains "youth only"
?

     OFFHAND RESPONSE:  THE THOUGHT POLICE.

     REAL RESPONSE:  WE WILL.  IT IS WITHIN OUR ABILITY TO IGNORE
MAIL, IGNORE PEOPLE IN CHAT ROOMS, AND IGNORE INSTANT MESSAGES.  AOL
IS NO MORE DANGEROUS THAN SPITTING OFF A BRIDGE.  THE TIME IS NOW TO
SHOW AOL THAT WE DON'T WANT, OR NEED, TO BE PROTECTED FROM OURSELVES.

-KC 16M

------------------------------

Date: Mon, 9 May 1994 23:47:52 -0700
From: jonpugh@NETCOM.COM(Jon Pugh)
Subject: File 8--Re: "Child Abuse in Cyberspace"

>The story continues with the case of Donald Deatherage, 27, of
>Cupertino, Calif. Deatherage, known as "HeadShaver" on America Online,
>was accused by police of using his computer to prey on a 14-year old
>boy with whom he had struck up an on-line conversation. Deatherage was
>accused of eventually meeting the youth, handcuffing, shackling, and
>blindfolding him, and spanking him with a leather belt (among other
>more serious acts).

I'm not really sure what to say here, but I know Matt Deatherage from work.
I used to work for Apple in the same group as Matt (that's his middle name
and the one he goes by).  I haven't spoken with him since his arrest, but I
have talked with his boss who has spoken with him and I know a few more
details than are represented in the above excerpt.

My wife asked me if Matt was "normal".  I can't really say.  So few of us
in the computer business qualify in the strictest sense.  He's a big guy
who kept his hair really short, like some athletes do.  That must be where
he got his login name from.  He's been into computers since the early Apple
II and was doing Macintosh technical support until his 6 week sabbatical
during which he was arrested.  I don't really know him very well, but he
has helped me on a number of complicated technical problems and was always
willing to assist.  I always liked him for that.

Matt has been in jail on a half million dollars bail since his arrest.  He
has pleaded no contest to the charges and is currently awaiting sentencing.
A number of the people that he has helped over the years have gathered an
online petition asking the judge to show leniency.

According to reports I have read and heard, Matt did not abduct the 14 year
old boy he was charged with molesting.  The kid told his parents he was
going to a party in Santa Cruz and then met Matt instead.  The only way
this was even discovered was when the boy's father read through his email
at some later date.

Now, I'm certainly not advocating, endorsing or even justifying Matt's
actions, but I definitely think that there is a difference between
voluntary and involuntary actions.  There is no indication that Matt forced
this boy into anything.  In that regard, I support the request for leniency
for Matt.  I don't really believe that he is dangerous or a threat.  I'm
just afraid that given a beginning as outrageous as $500,000 bail, Matt is
finding out about the harsh side of the law.

Jon

------------------------------

Date: Thu, 12 May 1994 18:00:34 -0400 (ADT)
From: The Advocate <cudigest@mindvox.phantom.com>
Subject: File 9--Re: CuD 6.27 -- Response to E. Weykers (in re 2600 Mag)

Dennis Weyker  here responding to Emmanuel Goldstein:
>CORPORATE RULES
>. . . This puts us at direct odds with many organizations, who believe
>that everything they do is "proprietary" and that the public has no
>right to know how the public networks work. In July of 1992 we were
>threatened with legal action by Bellcore (the research arm of the
>Regional Bell Operating Companies) for revealing security weaknesses
>inherent in Busy Line Verification (BLV) trunks. The information had
>been leaked to us and we did not feel compelled to join Bellcore's
>conspiracy of silence.

!See my earlier comments about publishing security holes or sharing
!them with hackers before letting the sysadmins have adequate warning
!and time to fix the hole. Instant publication of holes is not socially
!responsible.
!

No more "Ir-responsible" then the producer of a commercial product
producing something that is defective.  2600  has no fiduciary duty
to customers,  while the manufacturers do.  The fact is most vendors
take a fiddle while rome burns approach to product quality.

WHy don't you remind them to get their acts together first.

!Also, publishing one company's private data can in some cases create a
!competitive disadvantage relative to that company's competitors with
!real economic effects. If Phrack runs a long series of articles about
!"how to hack the new Fujitsu switches", the communications engineer at
!BellAtlantic deciding what brand of switch to buy may decide to buy
!some other brand of switch besides Fujitsu. And he might be doing this
!solely of the publication of those articles makes him think (rightly
!or wrongly) that the Fujitsu's switch is more likely to get hacked
!into than, say, Northern Telecom's. Phrack has just transferred wealth
!from Fujitsu to Northern Telecom and possibly influenced the telco
!into buying the less competitive switch (which could wind up
!increasing telco operating costs and users' rates) out of fear of
!getting hacked.
!
!Moral: not all arguments about the social and commercial value of
!keeping proprietary information secret are bogus.

Spoken words of wisdom from a man who has obviously never been involved in
a procurement decision.  90% of the product reviews i saw in trade rags
were utter and complete Horse Feces.  I saw one review signed by
a person in my chain of command  that gave glowing remarks to
a development product.  Our internal review had so scathed it, that
it was removed from the system  so we could get real work done.

If 2600 points out the truth for once,  it is the continuation of
Diogenes trek with the lantern looking for one honest man, or in
this case, one honest vendor.

The rest of weykers comments aren't even worth responding to.


Your Friend

The Advocate.

------------------------------

End of Computer Underground Digest #6.41
************************************