Computer underground Digest Sun Nov 19, 1995 Volume 7 : Issue 90 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@MVS.CSO.NIU.EDU Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #7.90 (Sun, Nov 19, 1995) File 1--Masses resist the Internet, study shows File 2--Espionage Charges against Kevin Poulsen Dropped File 3--5.8 Million Are Said to Be Linked to Internet the in U.S File 4--Re: Attention Spammer: The War Has Started File 5--Internet Hacking isn't just for Unix kiddiez anymore File 6--The Great Decency Fake-out File 7--"Computer Crime: A Crimefighter's Handbook" File 8--Tyranny & mutation: "Giant Black Book of Computer Viruses" File 9-- (VTW) BillWatch #25 File 10--FBI Targets Expected Growth In Computer Crime File 11--Cu Digest Header Info (unchanged since 5 Nov, 1995) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Sun, 12 Nov 95 15:40 CST From: jthomas@sun.soci.niu.edu Subject: File 1--Masses resist the Internet, study shows Masses resist the Internet, study shows By James Coates Chicago Tribune Computer Writer Copyright Chicago Tribune (c) 1995 Computer sales are booming and the whole country is abuzz with talk of information superhighways, but only a relative handful of Americans have ever gotten their modems to take them on-line. Just 14 percent of the country's households have successfully used modems to get on-line even once, according to a major study of national computing habits by the Times Mirror Center for the People and the Press. And most of those, the study found, go on-line only to use e-mail and not to take advantage of the many other wonders of the Internet. .................... ------------------------------ Date: Sun, 12 Nov 95 15:40 CST From: jthomas@sun.soci.niu.edu Subject: File 2--Espionage Charges against Kevin Poulsen Dropped U.S. Drops Case of Spying by Computer Source: New York Times, Nov. 12, 1995 (p. 26) SAN JOSE, Calif, Nov 11 (AP)--Federal prosecutors have dropped an espionage charge against a coputer hacker, saying the military document found in his possession was obsolete. The charge was dropped on Thursday in exchange for a guilty plea to unrelated offenses involving unauthorized intrusions into the files of the Pacific Bell Telephone Company. The hacker, Kevin L. poulsen, 30, is already serving a four-year prison term for rigging radio station contests in Los Angeles, where he was arrested in 1991. Prosecutors in the San Jose case agreed that Mr. Poulsen would be eligible for release in May, after spending five years in custody. .............. ------------------------------ Date: Sun, 12 Nov 1995 03:24:27 -0600 From: jthomas@SUN.SOCI.NIU.EDU(Jim Thomas) Subject: File 3--5.8 Million Are Said to Be Linked to Internet the in U.S Source: The New York Times Sept. 27, 1995 Who Uses the Internet? 5.8 Million Are Said to Be Linked in U.S. By STEVE LOHR Measuring the Internet population is a daunting challenge given the amorphous nature of cyberspace, with its lack of borders and its culture of anonymity. The latest attempt comes from O'Reilly & Associates, a publisher of computer books and Internet software, in a report to be published Wednesday. And the results look conservative: 5.8 million American adults are connected directly to the Internet. Another 3.9 million American adults use only commercial on-line services, like America Online, Compuserve and Prodigy. Estimates of Internet use worldwide have often ranged to more than 30 million, with the United States representing perhaps half of the total. ..................... The O'Reilly research found that 67 percent of those with direct Internet access are male and over half are between the ages of 18 and 34. Their median household income was between $50,000 and $75,000, and nearly half work in organizations with more than 1,000 employees. ..................... Copyright 1995 The New York Times ------------------------------ Date: Mon, 6 Nov 95 18:13 PST From: Michael Gersten <michael@STB.INFO.COM> Subject: File 4--Re: Attention Spammer: The War Has Started Well, I'd say that you've got one major bad assumption, and one questionable assumption. The first major bad assumption is that you can open a connection to the mail port (25) on any real system. I'm running a system where you can't. Lots of people have systems like this. You can, if you knew the "real" name of my system, open a connection to port 25. It's just that the name of my system changes every time I connect to my ISP. This is called dynamic addressing. The name "stb.info.com" actually uses an MX record to a friend's site, and a uucp connection (over the net, of course) for final delivery. Other sites I'm told use POP or some other remote fetch protocol. I've seen plenty of real systems that can be pinged, that do not run smail at all -- they rely on the MX records to send mail elsewhere. The point is, just parsing the headers from mail will only tell you what system to try to mail back to, not necessarily what the real IP location is. So, if you actually implemented what you said there, then any posting from my site would be discarded as a forgery. Not good. The questionable assumption is that everyone is two hops or less. I really doubt that is true for FIDO hosts. Back when I was a UUCP host (3 years ago) it was very untrue -- I saw lots of mail with more than two hops. I don't know how much of a problem this is today. But I'd go with more than two hops. Problem is, I think that defeats the whole point of this proposal. Another questionable assumption: The list of three and two letter top level names is known. This is not a joke. What happens when a new top level domain is introduced? Yes, it's rare, but when a country breaks up and a whole bunch of new countries are created, it happens. It almost happened about a week ago, but we still have just "ca", and not "qb". Another bad assumption: You can even tell if something is a valid name. Many sites run smail/sendmail with the "vrfy" command disabled -- so you can't tell what user id's are at a particular site. ------------------------------ Date: Sun, 12 Nov 1995 09:48:04 +1494730 (PST) From: Christopher Klaus <cklaus@ISS.NET> Subject: File 5--Internet Hacking isn't just for Unix kiddiez anymore |Subject--Internet Hacking isn't just for Unix kiddiez anymore |[To get on mailing list, Alert, send a message to alert-request@iss.net |and within the message, type: subscribe alert ] File Sharing: Dangerous on your network. We have begun looking into Windows NT/95 OS and what it offers in its networking capabilities. What we have found might be of interest to others security-wise. You can quickly scan a network, identify any win95/NT machine, grab a list of the resources available through the machine, and attempt to access those resources. Once we achieve access to a file shared resource, we attempt to see if the ".." bug exists. There is also the users on the machine itself that we send a message to that they have been scanned. Some of the problems with Win95/NT/WfWg is the same problem that exists in almost every configurable device on the network: that the users have not configured it securely. We have found most people who set up sharable directories have left them passwordless. This allows any intruder on the Internet to steal to those files and possible modify them/delete them. The password mechanism on these systems has another flaw no one has talked about before. We have automated a password checking scheme in our scan. Here is the choice of possible passwords we try: - Typical user passwords such as WORKGROUP, WINDOWS, USER, etc... - Passwords derived from the list of resources and users logged in. - Passwords attempted from a dictionary file supplied by the administrator or the standard Internet Scanner dictionary. As you are well aware of, that even when a password is used, the chance of finding a easily guessible password is quite high. With the scans we have done, we are doing the brute force attack at about 200 passwords/second. We do about 18,000 passwords attempts in under 2 minutes. Windows 95 has no control of locking out further access attempts so the intruder can endlessly pound away on your machines. Windows 95 has no logging of any of these attempts. An intruder can not only try quite a large number of passwords in a short period of time, there is no log of these attempts. Knowing someone is attempting to attack is as important as fixing the problems themselves. Once the scan accesses a file shared directory, it attempts to determine if the machine is vulnerable to the ".." bug. This bug allows intruders to access the rest of the hard drive, even though the machine is configured to only allow access to a certian directory. The bug is effective because the OS does not properly check for "..", "...", and "..\" which would give you access to directories above the directory file shared. This same type of bug is found on older NFS implementations on Unix. Microsoft has put out patches for this bug at http://www.microsoft.com/windows The scanner will now also send a message through the popup program to let the users know they were scanned. The problem with this utility is that the popup program lacks any authentication, therefore an intruder could masquarade as the administrator and tell everyone to make their directories sharable because he/she needs access to it. It would not be the first time a user fell prey to this type of attack. Here are some future improvements in security for the resource sharable file system: (Some of these features may be on NT, but were not seen on Win95.) - better logging of bruteforce attempts - put a delay in there after each bad password attempt to slow down brute force attacks - possibly locking out file sharing attempts after X number of tries - allow/deny capabilities based on host addresses - better authentication of popup messages User education needs to take place to ensure proper configuration. Here are some essential procedures to follow to have a more secure network: - users need to password protect all resources - users must pick difficult to guess passwords - users should never give others access or passwords to their systems unless it is through an authenticated process - users should install the security patches provided by vendors Firewalls: The SMB protocol, through which file sharing takes place, is on udp/tcp ports 137, 138, and 139. Make sure your firewalls/routers block these ports. ------------------------------------------------- Copyright This paper is Copyright (c) 1994, 1995 by Christopher Klaus of Internet Security Systems, Inc. Permission is hereby granted to give away free copies electronically. You may distribute, transfer, or spread this paper electronically. You may not pretend that you wrote it. This copyright notice must be maintained in any copy made. If you wish to reprint the whole or any part of this paper in any other medium excluding electronic medium, please ask the author for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. Address of Author Please send suggestions, updates, and comments to: Christopher Klaus <cklaus@iss.net> of Internet Security Systems, Inc. <iss@iss.net> Internet Security Systems, Inc. Internet Security Systems, Inc, located in Atlanta, Ga., specializes in the developement of security scanning software tools. Its flagship product, Internet Scanner, is software that learns an organization's network and probes every device on that network for security holes. It is the most comprehensive "attack simulator" available, checking for over 100 security vulnerabilities. -- Christopher William Klaus Voice: (770)441-2531. Fax: (770)441-2431 Internet Security Systems, Inc. "Internet Scanner lets you find 2000 Miller Court West, Norcross, GA 30071 your network security holes Web: http://iss.net/ Email: cklaus@iss.net before the hackers do." ------------------------------ Date: Tue, 31 Oct 95 22:29:01 PST From: jblumen@interramp.com Subject: File 6--The Great Decency Fake-out The Great Decency Fake-out Congressmen and senators are meeting with each other right now to decide which of two competing versions of the Telcom Reform Act should be adopted as law. Whichever they choose, they will be able to send you to prison for saying "Fuck" on the Internet. We got to this serious and dangerous pass by way of a five act comedy. Act I: June. Senator Exon waved his blue book of pornography on the Senate floor, frothing at the mouth about "pornographers, pedophiles and predators." The Senate passed the Communications Decency Act (CDA) by a vote of 84-16, banning unspecified "indecent" speech online. Numerous commentators point out that the CDA is ridiculously vague and would certainly ban speech that is perfectly legal offline. Act II: June. White knight and futurist Newt Gingrich goes on TV and announces that the CDA is unconstitutional. Everyone breathes a sigh of relief because it is well known that this man runs the House with an iron hand--the CDA will not get through. Act III: August. The House passes its version of the Reform Act. True to Gingrich's word, the CDA never even comes up for consideration. Instead, the unusual Cox-Wyden act is adopted, vaguely but gloriously praising the Internet as a method of communication, education and community building but not actually implementing any legal measures. Spectators declare victory--Gingrich has killed the CDA. Act IV: August. The discovery is made that a last minute "manager's mark amendment" added to the Reform Act would ban the depiction or description of sexual or excretory organs or functions online. Most of the Congressmen voting in favor of the final version of the bill don't even know its there. No-one's name is on it, no-one knows how it got there. Fewer still understand that this is the exact language Congress passed into law some years ago to define indecency on television. Act V is happening now. The conference committee is looking to create a compromise version of the Act. Whether it adopts the CDA (unlikely) or the manager's mark version, it will become illegal to say anything on the Net you couldn't say on the radio or TV. The phrase "Fuck the Telcom Reform Act" would get me sent to prison. Question: If Gingrich runs the House as tightly as they say, could this have possibly happened without his knowing? Or have we just witnessed the Great Decency Fake-out, the ceremonial death of the CDA and its quiet replacement with something equally lethal? Why, if the Cox-Wyden bill opposes the F.C.C.'s intervention in the Internet, did the House adopt a television-style decency standard? The only reason the Supreme Court has permitted greater regulation of broadcast media than print is because of scarcity: the government is already involved in allocating bandwidth, so its not a big step to regulating content. THIS IS THE WRONG METAPHOR FOR THE INTERNET. The net is a constellation of printing presses and bookshops and should be regulated like print media. The indecency standard adopted by the manager's mark amendment would be clearly unconstitutional if applied to print media. Let's not let the Congress put one across on us by applying a more restrictive standard to the Internet. Where are the petitions, the mobilization, the concern? The manager's mark amendment is more dangerous than the CDA, which had two strikes against it: it was unconstitutionally vague, and it attempted to apply broadcast standards to the Net. The manager's mark amendment avoids the vagueness problem. WRITE YOUR CONGRESSPERSON NOW, especially if he or she is on the conference committee (CuD has printed the list in a recent issue). Or write to Mr. Gingrich at georgia6@hr.house.gov. ------------------------------ Date: Wed, 01 Nov 1995 17:15:30 EST Message-ID: <00998C06.1C7432C0.24275@mukluk.hq.decus.ca> Subject: File 7--"Computer Crime: A Crimefighter's Handbook" BKCMPCRM.RVW 951004 "Computer Crime: a Crimefighter's Handbook", David Icove/Karl Seger/William VonStorch, 1995, 1-56592-086-4, U$24.95 %A David Icove %A Karl Seger %A William VonStorch %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 1995 %G 1-56592-086-4 %I O'Reilly & Associates, Inc. %O U$24.95 519-283-6332 800-528-9994 rick.brown@onlinesys.com 800-998-9938 %O 707-829-0515 fax: 707-829-0104 nuts@ora.com %P 464 %S Computer Security %T "Computer Crime: a Crimefighter's Handbook" As a guide for law enforcement personnel and systems managers, this provides a good overview and introduction to computer crime and the actions to take against it. Touching on crime, prevention and prosecution, the book is practical and helpful to those needing to get a quick handle on the problem. It is, however, easily evident that the authors are law enforcement, rather than systems, professionals. Those expecting a technical discussion, from the O'Reilly imprimatur, will be disappointed. The book started life as an official FBI training manual. The explanations and concepts are elementary--and are intended to be so. Thus, while it might be possible to argue (rather weakly) for the definitions of viruses, worms and other malware as described in the book, security experts will likely feel a bit uncomfortable with them. The abdication of discussion on encryption is not going to help those who want to help protect their systems. (On the other hand, there is nothing to indicate any political bias in regard to encyption.) The bibliography, though, is of good quality, and should make up for the technical shortcomings in this work. I am delighted to see, for once, not only mention but actual listings of computer laws from outside of the US. The coverage is still a bit lopsided, with 130 of US federal and state statues and less than twenty devoted to the rest of the world, but it's a start. copyright Robert M. Slade, 1995 BKCMPCRM.RVW 951004 ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters roberts@decus.ca slade@freenet.victoria.bc.ca Rob_Slade@mindlink.bc.ca Author "Robert Slade's Guide to Computer Viruses" 0-387-94311-0/3-540-94311-0 ------------------------------ Date: Fri, 10 Nov 1995 00:48:01 -0600 (CST) From: Crypt Newsletter <crypt@sun.soci.niu.edu> Subject: File 8--Tyranny & mutation: "Giant Black Book of Computer Viruses" In 1990 Mark Ludwig published "The Little Black Book of Computer Viruses." It contained the source code for four computer viruses, one of which - Stealth Boot - has become one of the more common computer viruses infecting business and home PC's worldwide. [The virus, known as Stealth Boot C, is the same as the copy published in the second printing of "The Little Black Book of Computer Viruses."] As a result, by 1992 Ludwig (also my publisher, incidentally) was a pariah in conservative computing circles, fit predominantly for freak-flag-fly-type stories on viruses as artificial life in WIRED magazine or bad craziness and hate parties at assorted computer security conferences. In 1990 Ludwig wrote, rather accurately in retrospect, "[Stealth Boot] is _highly contagious_ . . . once it's infected several disks, it is easy to forget where it's gone. At this point, you can kiss it good-bye." Even the printing business Ludwig uses for his books was infected with Stealth Boot during production runs, according to the author. The introductory parts of Ludwig's new "Giant Black Book of Computer Viruses" (American Eagle trade paperback, 664 pages) feature a tone more baldly revolutionary than his previous books. It's a pitch that resonates with many outsiders - the militias, tax resisters, Internet anarchists, true believers of New World Order conspiracy orthodoxy - convinced a big takeover by the military-industrial complex is imminent. In a segment on "military applications" of computer viruses Ludwig writes, "Putting military grade weapons in the hands of ordinary citizens is the surest way to keep tyranny at bay." We are moving toward an "Orwellian god-state" he says, and "the Orwellian state is vulnerable to attack -- and it should be attacked . . . Perhaps we have crossed the line [of this state] or perhaps we will sometime between when I [write] this and when you are reading. In such a situation, I will certainly sleep better at night knowing that I've done what I could to put the tools to fight in people's hands." Ironically, even extremist Soldier of Fortune magazine has dropped Ludwig's advertising with nary a word of explanation. For it, computer viruses are now apparently more feared than serrated truncheons, pepper spray, assault weapons and advertising for military adventurers and hit-men. Dire stuff this is, and the remainder of the "Giant Black Book" is no exception, with segments devoted to boot sector-infecting computer viruses, writing "droppers" for them - for example, the complete source code for Stoned and a diskette-infecting launcher for it; file-infecting viruses for a multiplicity of operating systems, virus stealthing; complicated, exotic encryption schemes aimed at defying anti-virus scanning; and anti-security measures designed to make clumsy or incomplete disinfection of Ludwig's viruses a task fraught with the possibility that the replicating programs will destroy the data structures on the infected machine in retribution. Portions of the book are reprints or clean-ups of articles which have appeared over the past couple of years in Ludwig's Computer Virus Developments Quarterly and its successor, Underground Technology Review, which have ceased publication. The only other books in the arena even remotely reminiscent of Ludwig's newest - beside his own stuff - is Ralf Burger's "Computer Viruses -- A High-Tech Disease," published in 1988 by a company, Abacus, also in the business of marketing Burger's anti-virus software. However, Burger's chapters on simple overwriting viruses and the mutilation of computer data coupled to simulation of horrible hardware problems with software - besides being simplistic and dated - lacks the weird joie de vivre Ludwig's "Giant Black Book" flashes in assembly language-illustrated tracts on choosing between formulations of sudden, unexpected data incineration or creeping file corruption - routines perhaps perfected while Ludwig was writing destructive code for a US Army group attached to NATO a couple of years ago. Those who worry about presumed virus-writing churls from the Internet getting a copy should stop right now. Real life probably won't be quite as predictable. Even though the "Giant Black Book" is genuinely menacing-looking (the cover's straight outta DOOM), for the truth to be told experience suggests most would-be and practicing virus-writers are either too penniless to purchase it, too oblivious to everything but their own transient concerns to read it carefully enough so it really hurts, or too bitterly envious of Ludwig for making a living selling viruses which they've been unable to trade for even a bag of chipped wampum, to make much of the virus code and tutorials which constitute the backbone of the book. History also indicates that it's not a big jump to see that as with "The Little Black Book," one or two of the "Giant Black Book's" Ludwig viruses could wind up in circulation on national computers within two to three years, resulting in an indeterminate amount of garment rending, trashed data and lost money, blood on the floors of information systems departments, insane shouting, and kill crazy editorializing in computer security publications, none of which will have any impact on the perverse reality of the world of computer viruses. There's a part near the end of the "Giant Black Book," written with an X-file-ish sci-fi whiff of looming future techno-anarchy. Those comfortable with the reading material found in comic books devoted to the current fascination with cyberpunk, computer network dystopia, mysterious helicopter flights over the hinterlands, and rental vans packed with bags of fuel oil-soaked ammonium nitrate will be interested. As for the bottom line on "The Giant Black Book of Computer Viruses": Like all Ludwig's books, it's a distinctly unusual acquired taste requiring a small but significant amount of technical acumen to crack. But it's also as interesting a read as you'll find if you're one with the stones for it. "The Giant Black Book of Technological Booby Traps, er, Computer Viruses" -- $39.95 cash money from American Eagle, Show Low, Arizona. (ISBN 0-929408-10-1) ----Crypt Newsletter http://www.soci.niu.edu/~crypt ------------------------------ Date: Mon, 20 Nov 1995 13:39:09 -0500 (EST) From: Voters Telecommunications Watch <shabbir@VTW.ORG> Subject: File 9-- (VTW) BillWatch #25 VTW BillWatch #25 VTW BillWatch: A weekly newsletter tracking US Federal legislation affecting civil liberties. BillWatch is published at the end of every week as long as Congress is in session. (Congress is in session) BillWatch is produced and published by the Voters Telecommunications Watch (vtw@vtw.org) (We're not the EFF :-) Issue #25, Date: Mon Nov 20 13:35:16 EST 1995 Do not remove this banner. See distribution instructions at the end. _________________________________________________________________ TABLE OF CONTENTS Announcements The dangers of the new censors Subscription and Redistribution Information (changed 10/21/95) _________________________________________________________________ ANNOUNCEMENTS We continue to put off the Health Care Records Privacy examination. We're just really occupied with our core issue, the net censorship legislation. You should have an alert in your mailbox about it right now. This issue contains: -an essay from Steven Cherry (VTW Board) about another flavor of censor Remember, take this opportunity to call Congress and ask them to not censor the net. The net is literally fighting for its life right now. There will be no BillWatch this week due to Thanksgiving. Shabbir J. Safdar PS This issue can be found in HTML form at URL:http://www.vtw.org/billwatch/issue.25.html _________________________________________________________________ THE DANGERS OF THE NEW CENSORS BillWatch has recently descried the Christian right as embodying the forces of censorship. Besides being taken to task, quite properly, for there being no real organization represented by the phrase "Christian right," we have been reminded recently that there are other forces of censorship at work. Perhaps the most pernicious is the force of self-censorship. One instance of this is the demand that "responsible" corporations and individuals restrict their own speech, so that the government doesn't have to. We have even heard it asserted that search engines shouldn't show the location of indecent material "because children rely on these search tools." (Note that this is not meant to be an exact quote.) Leaving aside the question of whether children really do rely on search engines (I wish my own child would do more of that instead of surfing!) we have to ask ourselves, once again, whether we really want to child-proof the Net, placing unscrewable caps on seach engines, three-foot high locked fences on every newsgroup, and guard-rails on every Web client. Imagine calling for childproofing the New York City Subway system, or the Smithsonian museum. I don't mean ridding these of their 17th century nude art or their graffiti, I mean, imagine childproofing these public spaces in the way you do your home when you have a baby that's just beginning to walk. Right now, we rely on parents to keep their toddlers off the statuary and the third rail. Why is it not appropriate to ask parents to keep their children out of certain places on the public Internet? Steven Cherry VTW Advisory Board stc@vtw.org _________________________________________________________________ SUBSCRIPTION AND REPRODUCTION INFORMATION You can receive BillWatch via email, fax, gopher or WWW: To subscribe via email, send mail to majordomo@vtw.org with "subscribe vtw-announce emailaddress" in the body of the message. To unsubscribe from BillWatch send mail to majordomo@vtw.org with "unsubscribe vtw-announce" in the body of the message. Send mail to files@vtw.org with "send billwatch" in the SUBJECT LINE to receive the latest issue of BillWatch. To subscribe via fax, call (718) 596-2851 and leave the information requested by the recording. You may unsubscribe by calling the same number. BillWatch can be found on the World Wide Web at http://www.vtw.org/billwatch/ BillWatch can be found in Gopherspace at: gopher -p1/vtw/billwatch/ gopher.panix.com Permission to reproduce BillWatch non-commercially is granted provide the banner and copyright remain intact. Please send a copy of your non-commercial publication to vtw@vtw.org for our scrapbook. For permission to commercially reproduce BillWatch, please contact vtw@vtw.org. ------------------------------ Date: Sun, 15 Nov 1995 03:24:27 -0600 From: jthomas@SUN.SOCI.NIU.EDU(Jim Thomas) Subject: File 10--FBI Targets Expected Growth In Computer Crime The Washington Post November 14, 1995 FBI Targets Expected Growth In Computer Crime New Offices to Focus On Scams on the Internet By Michelle Singletary; Elizabeth Corcoran Washington Post Staff Writers The Federal Bureau of Investigation is beefing up its fight against computer crime. In the next few weeks, the agency said it will open an office in New York dedicated to investigating computer crime. Law enforcement officers opened a similar office in San Francisco last month. A Washington office, which handles international cases, was established in 1993. The San Francisco office will keep a close eye on activities in Silicon Valley, while the New York squad will handle financial-related computer crimes. Each computer crimes squad will have a staff of 14 to 15. ................... ------------------------------ Date: Sun, 5 Nov 1995 22:51:01 CDT From: CuD Moderators <cudigest@sun.soci.niu.edu> Subject: File 11--Cu Digest Header Info (unchanged since 5 Nov, 1995) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@VMD.CSO.UIUC.EDU DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CUDIGEST Send it to LISTSERV@VMD.CSO.UIUC.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #7.90 ************************************