Computer underground Digest Sun Oct 8, 1995 Volume 7 : Issue 79 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@MVS.CSO.NIU.EDU Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #7.79 (Sun, Oct 8, 1995) File 1--What Me Worry? "The Real Cyberpunk Fakebook" reviewed File 2--Re: Minesota laws... File 3--Re Randal Schwartz (#7.78) File 4-- Datasphere Cliche Alert / Jargon Patrol #1, Oct. 2, 1995 File 5-- ACLU Cyber-Liberties Update 10/4 (long) File 6--EYENET: The Loonie's Egg File 7--Cu Digest Header Info (unchanged since 19 Apr, 1995) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Thu, 5 Oct 1995 23:17:20 -0500 (CDT) From: Crypt Newsletter <crypt@sun.soci.niu.edu> Subject: 1--What Me Worry? "The Real Cyberpunk Fakebook" reviewed While browsing the local bookstore yesterday, Crypt ran across "Cyberpunk Handbook: The Real Cyberpunk Fakebook" by R.U. Sirius, St. Jude and Bart Nagel (Random House), writers for MONDO 2000 and other publications that Crypt Newsletter does not understand. It's a humorous - I'm pretty sure - trade paperback for the unwashed masses. It's mission: tell the proles if they're cyberpunks, how to be one, or <wink-wink> how to fake being one. Bruce Sterling wrote the intro and somewhere in there, much to the humor desk's surprise, CuD and the Crypt Newsletter's Web sites are mentioned as a k3wel places to hang. In honor of this grand event and for a short time only, Crypt Newsletter will be conducting cyberpunk lessons on how to smoke clove cigarettes, drink Japanese beer, write in _elyte_ script, wear leather jackets, be sarcastic even while asleep, send the AT command to your modem, use hacked Celerity BBS software, get arrested for red-boxing, visit a "sting" board, read alt.2600, ask the password for Nowhere Man's Virus Creation Lab, get banned from Internet Relay Chat, watch "Johnny Mnemonic" and pretend to know what's going on, surf the Web and pretend to know what's going on, choose the correct hair pomade or coloring, recognize the best places to shop for rubber bondage wear or ritual scarification paraphernalia and - last - but most important, leave your credulity in the toilet. Unusual for this type of book, the authors have written it so that it's occasionally mean and cutting right around the time you begin to consider brandishing a virtual bludgeon in their direction. Did I mention it was a very amusing read for 10 bucks (cheap)?? "The Real Cyberpunk Fakebook" features a photo of Eric Hughes in cyberpunk raiment on its cover, too. Right down to the duds, he's a dead ringer for Greg Strzempka, the singer for an obscure metal band named Raging Slab. It's true, by golly! The book is also loaded with photos of menacing-looking GenX'ers, cans of Jolt cola, one stuffed cat, an odd-looking leather device - perhaps used during sado-masochistic floggings, and someone with a chrome bolt through their tongue. If you are still bored, there's also a crossword puzzle or two. ------------------------------ Date: Thu, 28 Sep 95 10:15 PDT From: Michael Gersten <michael@STB.INFO.COM> Subject: 2--Re: Minesota laws... This is really interesting. Quote: Minnesota's general criminal jurisdiction statute provides as follows: A person may be convicted and sentenced under the law of this State if the person: (1) Commits an offense in whole or in part within this state; or (2) Being without the state, causes, aids or abets another to commit a crime within the state; or (3) Being without the state, intentionally causes a result within the state prohibited by the criminal laws of this state. It is not a defense that the defendant's conduct is also a criminal offense under the laws of another state or of the United States or of another country. Minnesota Statute Section 609.025 (1994). --- Note that number 2 makes no distinction for common carrier status -- if a common carrier aids or abets another to commit a crime within the state, then that's a violation of state law. If we go after AT&T and the US P.S., then maybe the Minnesota judges will recognize limits to this law. As to the web, if I'm outside of minnesota, and someone inside of minnesota gets my page and reads it, then isn't the crime caused when they pull my page to them? This would just about kill usenet though -- that is distributed and stored within minnesota. Hmm. Maybe we should just put a header on our web pages that say "Only approved in <home_state>; if you get this in another state, you are responsible for following your local laws". But then that might make us responsible for odd local laws in our state somewhere else. <SIGH>. Whatever happened to the concept of individual responsibility in the law? Why am I responsible for every one else? (no, that's not a serious question :-) Michael p.s. Just realized that there is no distinction of country either. So someone in another country who posts something on gambling can be sued in minnesota court even if minnesota has no jurisdiction over them. Minnesota is claiming jurisdiction over the whole world with this -- can we challenge the law on those grounds? ------------------------------ Date: 05 Oct 1995 21:10:48 -0700 From: merlyn@STONEHENGE.COM(Randal L. Schwartz) Subject: 3--Re Randal Schwartz (#7.78) >>>>> "John" == jsq@mids.org writes: John> System Administration as a Criminal Activity John> or, the Strange Case of Randal Schwartz [...] [Quoting my fund@stonehenge.com response...] John> I regret that I cannot accept credit-card payments. If you cannot John> send a check, please buy a copy of the Llama book for a friend or the John> library (or for yourself)! There's now another way to help me with my continuing-to-mount legal bills. Here's the paragraph from the latest message: I also accept payments using the First Virtual Internet Payment System. Send email to info@fv.com for details. (You can get an account with a credit card and a $2 one-time fee.) If you'd like to donate that way, send me your FV buyer identifier and amount in US dollars, or visit http://www.teleport.com/cgi-bin/merlyn/donate for an on-line form. Details about the case, including a fairly comprehensive FAQ are available at http://www.usa1.com/fors. -- Name: Randal L. Schwartz / Stonehenge Consulting Services (503)777-0095 Keywords: Perl training, UNIX[tm] consulting, video production, skiing, flying Email: <merlyn@stonehenge.com> Snail: (Call) PGP-Key: (finger merlyn@ora.com) Web: <A HREF="http://www.teleport.com/~merlyn/">My Home Page!</A> Quote: "I'm telling you, if I could have five lines in my .sig, I would!" -- me ------------------------------ From: Eugene Volokh <VOLOKH@LAW.UCLA.EDU> Date: Mon, 2 Oct 1995 21:23:34 PST Subject: 4-- Datasphere Cliche Alert / Jargon Patrol #1, Oct. 2, 1995 To: list AMEND1-L <AMEND1-L@UAFSYSB.UARK.EDU> All reference counts from NEXIS database, CURNWS file, which reflects most of the major U.S. newspapers, a number of major foreign English-language ones, and many minor U.S. ones. CURNWS articles start in late 1993. Numbers may include a few false positives, plus duplications from articles published in more than one newspaper. [E. Volokh, UCLA.] CLICHE: DO NOT USE! "On the Internet, no-one knows you're a dog." 62 references. CLICHE, but still cute. "Road-kill on the information superhighway." 232 references, plus a really silly ad for Joop Jeans. CLICHE. Enough already. CLICHE IF YOU THINK YOU'RE BEING COOL, OK IF YOU'RE USING DESCRIPTIVELY "Cybersmut." 56 references. "Cyberporn." 339 references. SURPRISINGLY UNDERUSED "They don't call it the Net of a Million Lies for Nothing." No references in NEXIS media, though one reference in a law review article. From Vernor Vinge's SF book "Fire Upon the Deep," used by the characters as something of a proverb in referring to an Internet-like network of the future. "Datasphere." 35 references. Means the data flow that surrounds us, by analogy to "atmosphere". From Dan Simmons's SF book "Hyperion." LESS CLICHE than "cyberspace", but therefore LESS ACCESSIBLE. THE INFOBAHN / INFORMATION SUPERHIGHWAY WARS "Infobahn" still LESS CLICHE (though it's getting there): 53 references in September 1995 alone. "Information Superhighway": 839 references in September 1995. ------------------------------ Date: Wed, 4 Oct 1995 10:37:44 -0500 From: Stephen Smith <libertas@COMP.UARK.EDU> Subject: 5-- ACLU Cyber-Liberties Update 10/4 (long) October 4, 1995 ACLU CYBER-LIBERTIES UPDATE **Premiere Issue** A bi-weekly online e91zine on cyber-liberties cases and controversies at the state and federal level. ------------------------------------------- FEDERAL PAGE (Congress/Agency/Court Cases) ----------------------------------------------------------= "Virtual" Child Pornography Bill is Overbroad and Fails to Protect Real Children Despite the FBI's apparent success in raiding alleged child pornographers on America Online, Senator Orrin ctions of what "appears to be . . . a minor engaging in sexually explicit conduct;" and -visual depictions "advertised, promoted, presented, described, or distributed in such a manner that conveys the impression that the material is or contains a visual depiction of a minor engaging in sexually explicit conduct." In its effort to outlaw "virtual" child pornography, the bill would criminalize a wide range of constitutionally protected expression. Hatch attempts to justify the new bill by reference to a widely-publicized Canadian case in which a pornographer copied pictures of clothed children from catalogs and morphed them into child pornography. Senator Hatch claims that the case would not be covered under the existing federal child porn statute, but that issue has never been decided by a United States court. While the application of the existing statute to these facts is far from clear, the Hatch bill covers *much more* than just this case scenario. The statute would cover *any* image of a child engaged in sexual behavior, including non-computer-generated drawings, cartoons, and visual images created without the use of photos of real children or even real adults. In upholding child pornography laws, the Supreme Court has stated that "the nature of the harm to be combated requires that the state offense be limited to works that visually depict sexual conduct by children below a specified age. . . . [T]he distribution of descriptions or depictions of sexual conduct, not otherwise obscene, which do not involve live performance or photographic or other visual reproduction of live performances, retains First Amendment protection." _New York v. Ferber_, 458 U.S. 747, 764-65 (1982). Hatch's "virtual child porn" law is clearly unconstitutional because it would outlaw images produced without any involvement by an actual child. Bruce Taylor of the National Law Center for Families and Children argued at a recent conference at Brooklyn Law School that a "virtual child porn" law was needed because pedophiles use virtual porn to lure children. Under that rationale, if a pedophile used a piece of candy to lure a child into sex we would have to outlaw candy. In a free society, we cannot use censorship laws to try to control "bad thoughts." Outlawing all images that might be stimulating to pedophiles would require a massive amount of censorship and would *not* cure pedophilia. The ACLU reiterates its position on child pornography laws: "The ACLU believes that the First Amendment protects the dissemination of all forms of communication. The ACLU opposes on First Amendment grounds laws that restrict the production and distribution of any printed and visual materials even when some of the producers of those materials are punishable under criminal law." "The ACLU views the use of children in the production of visual depictions of sexually explicit conduct as a violation of childrens' rights when such use is highly likely to cause: a) substantial physical harm or, b) substantial and continuing emotional or psychological harm. Government quite properly has the means to protect the interest of children in these situations by the use of criminal prosecution of those persons who are likely to cause such harm to children." The Hatch proposal only demonstrates the dangers of trying to protect children indirectly through censorship laws. --------------------------- Clipper II? Your electronic privacy rights are at stake . . . again.= In 1993, the ACLU and an overwhelming majority of industry condemned the Clipper Chip -- the Administration's key escrow encryption scheme to equip every telecommunications device with a "chip" that would allow anyone to secure his private communications as long as the U.S. government held the descrambling key. The government insisted that Clipper would be merely a voluntary standard, but government documents requested under the Freedom of Information Act now confirm the suspicions of civil liberties advocates that the government really believes key escrowed encryption will only meet law enforcement standards if it is mandatory. (See URL:http://www.epic.org/crypto/) Now the Administration has returned with another scheme -- commercial key escrow ("Clipper II"). At close range, Clipper II is a lot like Clipper I: Although supposedly "independent" of the government, key escrow agen= ts will have to meet standards set by the U.S. government, and will have to reside in the U.S. or in a country with which the U.S. has entered a bilateral agreement. The proposal provides no privacy safeguards to prevent the compromis= e of the key escrow agent or the key. Offered as a "voluntary" standard, the proposal nevertheless forbids interoperability with non-escrowed encryption in exported products. While the government says it recognizes industry's need for strong encryption, the proposal limits exportable encryption to 64 bits -- a length widely recognized to provide inadequate security. On September 6, 7, and 15, 1995, the ACLU attended meetings held by the National Institute for Standards and Technology (NIST) in Gaithersberg, Maryland. The meetings were called to solicit input from industry on the Clipper II proposal. Draft export criteria were considered on September 6-7, and the general industry response was very lukewarm -- except for a few industries that have been meeting with the Administration and are preparing to announce products that would fit the suggested criteria. The ACLU led one working group to vote 7-7 in favor of condemning the entire proposal. On September 15th, NIST discussed the implementation of a federal key escrow encryption standard. By requiring federal agencies to use commercial key escrow as a FIPS (Federal Information Processing Standard), the Administration clearly hopes to drive industry to accept commercial key escrow as the export standard as well. The ACLU issued the following statement on the current key escrow proposal: The American Civil Liberties Union's Position on the Administration's Current Key Escrow Proposal: Encryption is speech protected by the First Amendment. The Administration's current key escrow proposal, like the Clipper proposal, continues to tread on the First Amendment rights of American individuals and businesses to use encryption technologies to secure their private communications. The current proposal, like Clipper, should be rejected on First Amendment grounds alone. The current proposal will not accomplish its stated objectives becau= se a wide array of encryption is available around the globe and will continue to be employed in place of American government-approved key escrow software.= The only key escrow proposal that could begin to satisfy the government's objectives would be an outright ban on the sale of encryption technologies other than those approved by the government and key escrowed.= The ACLU fears that the current proposal, and similar proposals, are merely the first step towards mandatory key escrow of encryption. Mandatory key escrow is completely unacceptable to both industry and privacy advocates.= The Administration should abandon its fruitless and unconstitutional efforts to control the export of encryption technology. No legislation is needed -- the Administration has the power to lift the regulatory restrictions that it created. --------------------------- Call for Plaintiffs in Suit to Challenge Online Indecency Legislation= Most of you know that the House and Senate have now passed two different versions of the telecommunications bill that would outlaw "indecent" speech over the Internet and other online services. This fall, a conference committee of House and Senate members will work out the differences between the two telco bills and will probably approve some form of online censorship legislation. [For a copy of the legislation, send a message to infoaclu@aclu.org, with "Online Indecency Amendments" in the subject line.] While the ACLU and other advocacy groups continue to lobby Congress to remove the censorship provisions from the telco bill, it is highly likely that some restriction on online indecency will appear in the final bill that emerges from the conference committee. A coalition of civil liberties organizations are preparing a constitutional challenge to this legislation now. The coalition includes the ACLU, Electronic Frontier Foundation, Electronic Privacy Information Center, Media Access Project, and People for the American Way. We plan to be ready to file a lawsuit as soon as the statute is signed into law -- which could be as early as October. An important first step in planning the lawsuit is the selection of plaintiffs. We need to put together a set of plaintiffs that disprove the stereotype created by proponents of the legislation that people opposed to the bill are "pedophiles and pornographers." We believe that the best plaintiffs for this challenge will be persons or entities that provide material that some may deem "indecent" but that has serious artistic, literary, and educational value to our society. We need plaintiffs who use online networks to discuss or distribute works or art, literary classics, sex education, gay and lesbian literature, human rights reporting, abortion information, rape counseling, and controversial political speech.= Please contact Ann Beeson at the ACLU if your organization is interested in being a plaintiff in this ground-breaking litigation that will define First Amendment rights in cyberspace. 212-944-9800 x788, beeson@aclu.org. -------------------------------- STATE PAGE (Legislation/Agency/Court Cases) ----------------------------------------------------------= Overbroad Searches and Seizures Threaten Electronic Privacy The latest threat to your civil liberties results from law enforcement's overzealous attempts to find evidence of crime or wrongdoing in cyberspace. As we move into the information age, traditional search and seizure rules will need to be refined to ensure fairness and respect for electronic privacy rights. Several recent cases illustrate how privacy rights can be violated when law enforcement conducts investigations in cyberspace. The ACLU recently wrote to America Online to inquire about their cooperation in the FBI's recent raid of alleged child pornographers who used the online service. The ACLU asked, among other things, whether AOL revealed any information about individual users that was not sought by subpoena or court order; whether AOL turned over all private e-mail messages of suspects or whether they turned over only messages related to the alleged crime; whether AOL also turned over the names, addresses, and e-mail messages of persons who had communicated with the suspects; whether AOL set up accounts for the purpose of allowing government investigators to have access to public chat rooms; and what information AOL regularly keeps about its users' online activity and how long the information is kept. In Cincinnati, Ohio, a computer bulletin board operator filed a civi= l rights suit against the Hamilton County Sheriff's Department after the department raided the BBS and seized computer equipment, files, and personal communications. The case argues that the indiscriminate search and seizures violated the BBS operator's free speech and privacy rights. See _Emerson v. Leis_, S.D. Ohio, No. C-1-95-608. The subscribers to the BBS have filed a separate class action suit against the sheriff's department. See _Guest v. Leis_, S.D. Ohio. Law enforcement seized the entire BBS -- all the hardware, software, files, and private communications -- in an effort to obtain 45 files on the BBS that were allegedly obscene.= The case asserts that the 45 files represented only 3% of the total resources on the board. In California, Colorado, and Virginia, the Church of Scientology has brought three copyright infringement actions against anti-scientologists who use online communications to criticize the church. The cases raise important questions about the breadth of computer communications seizures in civil cases. The ACLU of Southern California and the ACLU of Colorado continue to monitor the cases in their states. --------------------------------- Nine States This Year Passed Online Censorship Legislation While online activists have been busy fighting the pending federal attempts to censor online communications, state legislatures have been carelessly crafting online censorship bills at home. And if you think Congress is full of Luddites, just wait until to hear what your state legislators have come up with. At least nine states (CT, GA, IL, KS, MD, MT, NJ, OK, VA) have passed legislation this year to regulate online content, and several others considered such bills, with some still pending. These bills seek to criminalize a wide range of online speech and content, including: speech that "harasses, annoys, or alarms" materials deemed "indecent," "obscene" or "harmful to minors" information related to "terrorist acts" or "explosive materials" The state bills, like the federal bills, raise serious free speech and privacy concerns. None of the bills indicates an understanding of the unique nature of the online medium. Some bills purposefully, and other bills inadvertently, fail to clarify that only the initiators of the illegal images may be held liable -- so service providers can be held liable for the pedophiles and pornographers that use their networks. The laws would, at best, require service providers to snoop in private e-mail in order to avoid criminal liability. At worst, these laws would force providers to shut down their networks altogether. The draconian effect of these state bills doesn't stop at state borders. A message you post to the Internet today in New York City could travel the fifty states and the globe by tomorrow. You'd better be careful that the message isn't "obscene" according to an Oklahoman, "annoying" to a Connecticutter, "solicitous" of a minor in Illinois, or related to "terrorism" as defined by a Georgian. The wave of online censorship at the state level is far from over. The ACLU is considering constitutional challenges to the online censorship laws that passed this year. But given the continuing media hype over "cyber-porn," we are certain to see more censorship bills from the states next year. With the help of affiliate offices in fifty states, the ACLU continues to monitor these state attempts to infringe on your online free speech rights. [For a synopsis of all the online censorship bills passed or considered by the states this year, send a message to infoaclu@aclu.org with "Update of State Bills" in the subject line of the message.] -------------------------------------- Saving the Best for Last: Good News on Cyber-Liberties ARIZONA: Another troubling application of existing obscenity laws to cyberspace was averted when charges were dropped against Arizona Department of Public Safety Officer Lorne Shantz. Shantz, who ran a community bulletin board, lost his job and endured several months of hassle and humiliation when he was arrested for allegedly "obscene" files on the board. Shantz maintains that he was unaware of the existence of the files, which represented only a minuscule fraction of all the information on the board. COLORADO: Federal Judge John Kane ordered the Church of Scientology to return computers and hundreds of files seized by Federal marshals and Scientology officials in a copyright infringement action. The judge ruled that the seizures were overbroad, and said that "The public interest is best served by the free exchange of ideas." ------------------------------ ONLINE RESOURCES FROM THE ACLU ------------------------------------ Stay tuned for news on the ACLU's world wide web site, under construction at http://www.aclu.org. In the meantime, you can retrieve ACLU documents via gopher at gopher://aclu.org:6601 (forgive the less-than-updated state of our gopher -- we've devoted all our resources to WWW construction!). If you're on America Online, check out the live chats, auditorium events, *very* active message boards, and complete news on civil liberties, at keyword ACLU. -------------------------------- ACLU Cyber-Liberties Update Editor: Ann Beeson (beeson@aclu.org) American Civil Liberties Union National Office 132 West 43rd Street New York, New York 10036 To subscribe to the ACLU Cyber-Liberties Update, send a message to infoaclu@aclu.org with "subscribe ACLU" in the subject line of your message. To terminate your subscription, send a message to infoaclu@aclu.org with "unsubscribe ACLU" in the subject line. For general information about the ACLU, write to infoaclu@aclu.org. ------------------------------ Date: Thu, 5 Oct 95 20:12 WET DST From: eye WEEKLY <eye5@interlog.com> Subject: 6--EYENET: The Loonie's Egg ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ eye WEEKLY October 5 1995 Toronto's arts newspaper .....free every Thursday ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ EYENET EYENET THE LOONIE'S EGG How a University of Toronto sysadmin has the power to have one student strip searched in a downtown jail and another investigated by the FBI by K.K . CAMPBELL At 7:30, Jesse Hirsh (jesse@lglobal.com) flopped on the couch in his parents' Bloor and Bathurst house to watch a Simpsons rerun. The 20- year-old was just home from U of T. He studied political science and literature. His parents were out for the evening so he didn't know that someone had called for him around 7. Mom had told the caller her son was still at school. The caller didn't want to leave a name or message. He'd call back. As Homer Simpson flew into action, the phone rang. Hirsh picked up. "Hello?" "Hello, is Jesse there?" a voice intoned. "This is he." And the caller hung up. Two seconds later, the doorbell rang. Hirsh went downstairs and opened the door to find "three tall, slightly overweight white men." They flashed badges. Plainclothes detectives. Can we come in, sir? Hirsh nodded. "We know that you are publishing an anarchist newsletter on the Internet," they began. Hirsh admitted he did. "Do you know what a hacker is?" "Sure," Hirsh replied. They nodded knowingly. A-ha! "Do you have a computer?" He said he did. It was upstairs. A-HA! The cops informed Hirsh he was under arrest for "unauthorized use of a computer system" -- contrary to section 342.1 of the Criminal Code of Canada. A possible 10 years in prison. Hirsh was told to get a jacket. As his hand touched the cloth, the cops grabbed it and searched the pockets, extracting a few nondescript items. But then they found a patch for Hirsh's online anarchist ezine The Anarchives. (Hirsh runs The Anarchist Organization (tao@lglobal.com) at http://www.lglobal.com/TAO .) It has a little pot leaf on it. The ace cybercops exchanged raised eyebrows. First a hacker... then an anarchist newsletter... now this emblem of decadent drug culture. The cops frisked Hirsh -- all the while commenting on how nice the house was. He was handcuffed and marched out to the unmarked car across the street. Paraded in plain view of his neighbors, stuffed into the back seat, they Went Downtown -- where Hirsh was fingerprinted, had his mug photographed... and was strip-searched. SECRET HACKER CODES Hirsh was arrested for using a U of T net account not issued to him. He was given the passwords to two such accounts by the account holders -- one of whom was his stepbrother. The accounts were not hacked. He told the cops this repeatedly. They dumped him in a cell anyway. When Hirsh was ordered from his home, he asked to bring a book along. The detectives said sure. He grabbed the nearest tome -- Plato's Republic. The Officer Friendlies wandered in and out, asking nonchalant questions of an evil dope-emblazoned, anarchist-peddling, Plato-reading, civilization-threatening hacker. "So... who's in this An-ARK-y Organization?" "What's an-ARK-y all about?" "Why are you into this an-ARK-y stuff, anyway?" Soon Officer Unfriendly appeared. He held before him a Soul Damning Talisman: "What are these?!" Hirsh looked. It was a piece of paper. "These codes?! What are these codes for?!" Officer Unfriendly barked. Codes? Then Hirsh realized: it was a piece of paper they had taken from his jacket. It held reference numbers for books at the U of T Robarts library. "Those are library codes," Hirsh replied. "Books for my English class." "Don't give me that! What are they?! I know they're for something!" Hirsh tried to project doe-eyed sincerity. "They're for library books! They're codes of library books! From the Robarts library!" "Don't lie to me!" "I swear! They're library codes! Call the library and check!" The officer glowered ominously. "I will." He turned and left. It was the last Hirsh heard about the Secret Hacker Codes. At 11:30 p.m., Hirsh's dad and a friend got him out. A GORRIE STORY Here's the background: in October of 1994, Hirsh's stepbrother, a U of T grad student, said Hirsh could use his school-provided net account. Hirsh used it to read news. He thought the net fascinating so began uploading copies of The Anarchives. Hirsh never tried to hide who he was -- he even included his home phone number, which is how the Super- Sleuth Sysadmins "found" him. Hirsh made similar use of an account belonging to "Ms X" -- a female Ph.D. student and friend of Stepbro's. This would have been a happy and otherwise normal arrangement except that in January, 1995, U of T engineering prof Jack Gorrie (gorrie@ecf.utoronto.ca), bossman of U of T's engineering computing facility computer, received a complaint from someone at the University of British Columbia about The Anarchives being posted to net news. The person wanted it stopped. Gorrie came to notice Ms X wasn't signing these documents, a Jesse Hirsch was. He also noticed Hirsh and another U of T student (the stepbro) exchanged email about the accounts. As Hirsh and his stepbro have different last names, Gorrie concluded a larger hacker conspiracy was afoot. Gorrie launched into his Canadian rendition of Cliff Stoll, author of compu-crime-thriller _The Cuckoo's Egg_ -- in Gorrie's case, _The Loonie's Egg_. He "tracked" Hirsh for two months, recording every keystroke -- even though he had all three students' phone numbers. On March 8, 1995, he asked the cops to intervene. "I checked and found that the account was indeed being used to broadcast information on behalf of The Anarchist Organization," he wrote Detective Hugh Ferguson. Thus it came to be that Jesse Hirsh was forced to model nude for Toronto's finest, with the blessing of U of T. Stepbro got his own taste of U of T six-gun justice. Off in a Washington, D.C., engineering lab, he came under FBI investigation. Naturally, the FBI found nothing wrong because there was nothing wrong -- except for an over-zealous sysadmin using a meat cleaver to scratch an itch. CHARGES DROPPED On Sept. 7, minutes before the case was to go to court, the prosecution dropped all charges. Hirsh agreed to pay a token settlement of $400 for four months of university computer use. U of T first claimed it was owed $1,560. Hirsh places the real cost at $60. Hirsh devoted an issue of The Anarchives to the case. It spread around cyberspace. In it, Hirsh includes Gorrie's email address and asks people to send him their opinions. Quite a few did. They were rather unpleasant. Gorrie, miffed, used the U of T pipeline to have the stepbro make Hirsh shut up. After subjecting Hirsh to complete and devastating public humiliation, U of T was now pleading for discretion. Gorrie blames Ms X, who panicked and denied knowing Hirsh when first confronted. She figured they'd just cut the "hacker" off and Hirsh would find his own account. After all, thousands of U of T students share accounts every year. But her case was different: she was sharing with a left-wing anarchist with an attitude. He could not be ignored. (Ms X is now under "investigation." Stepbro, on the other hand, has graduated.) Hirsh wrote Gorrie privately, saying he was sorry Gorrie was getting nasty mail. Gorrie replied the whole affair was a "big misunderstanding." As they were _both_ misled, they were _both_ victims: Victim Hirsh was dragged down the street in handcuffs, fingerprinted, mugshotted, strip-searched and jailed for hours; Victim Gorrie received email that was mean to him. NOTE: Hirsh has since formed his own Internet Service Provider: Local Global Access at 320 1/2 Bloor St. W. (515-7400). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Retransmit freely in cyberspace Author holds standard copyright http://www.interlog.com/eye Mailing list available eyeNET archive --> http://www.interlog.com/eye/News/Eyenet/Eyenet.html eye@interlog.com "...Break the Gutenberg Lock..." 416-971-8421 ------------------------------ Date: Sun, 19 Apr 1995 22:51:01 CDT From: CuD Moderators <cudigest@sun.soci.niu.edu> Subject: 7--Cu Digest Header Info (unchanged since 19 Apr, 1995) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CUDIGEST Send it to LISTSERV@VMD.CSO.UIUC.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp://www.rcac.tdi.co.jp/pub/mirror/CuD The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu:80/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #7.79 ************************************