Computer underground Digest    Sun  Jun 9, 1996   Volume 8 : Issue 43
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Shadow Master: Stanton McCandlish
       Field Agent Extraordinaire:   David Smith
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #8.43 (Sun, Jun 9, 1996)

File 1--Re: CoS Jamming a.r.s. and A.R. v. Reno (CuD 8.42)
File 2--Update on CDA, copyright, crypto (5/29/96)
File 3--Discuss crypto with Sen. Burns online the night before hearings!
File 4--Re: Virtual Magistrate Decision
File 5--Re: Gore "against censorship"???
File 6--FW: NSA Monitoring Internet?
File 7--Cu Digest Header Info (unchanged since 7 Apr, 1996)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------

Date: Fri, 07 Jun 1996 04:48:30 -0600
From: darryl.davidson@UVM.EDU(Darryl Davidson)
Subject: File 1--Re: CoS Jamming a.r.s. and A.R. v. Reno (CuD 8.42)

From June 5th's CuD, Mark Mangan's article:
>Cherry
>wanted to set the record straight and said he was going way back,
>back to an early message posted by another that was titled, "What
>Size Is Christ". He then lauched into a story about Christ,
...
>... with the Lord and Orel Roberts.  Some
>were shaking with laughter; one lawyer at the plantiff's table
>turned his chair and removed his glasses, wiping tears from his
>eyes.  Fred Cherry, the "connoi-ssewer of porn", summed up his
>evidence and thanked the judges for the time to speak.
>
>It was not clear whether Cherry intended to shock or offend. All at
>once, it seemed all too apparent that it didn't matter--such speech
>would be found indecent under the CDA, even though it does have
>serious literary, artistic, or comedic value.

Uh, CDA notwithstanding, can someone point toward this story online?
That was a stock teaser, describing the effect it had on those in
attendance and then not including the content or a reference for
getting to it.  In an offshore data haven or not, the story needs
to be available online, considering the legal context it now holds.

I am concerned also by the long article from J. Noring:

Jamming, which is the most apt term I've heard for this 'vertical spam'
tactic, is a familiar enough thing...  it has been done to e-mail
boxes, newsgroups during various raider wars, to mailing lists,
although not on this impressive/nefarious level.  Heck, I
was nearly booted out of UofIdaho my freshman year for _two lines_ of
REXX code that did this very sort of thing.  Any time the words are
free, there's gonna be a lot of noise.

As far as Usenet's usability being hampered by this, long after my
decade mark online, Usenet Signal-to-Noise ratios are for me like
my grandma's arthritis is to her: something unpleasant, unavoidable,
and another reason to miss the good-old-days.  I bitch, I teach
a newbie when the mood hits me, and I find ways around it.  Sadly,
it's what weaned me off of Usenet after too long as a serious junkie.
I hate to say it, but Usenet-at-large has become so cluttered that it
is literally one of my last-resort internet tools any more.  WinDoze
interfaces, as Mr. Noring pointed out, bite the waxed tadpole, and
out-of-place spam has become ubiquitous/inescapable.  The one hope
I have for Usenet is in the development of intranets or some other
gonzo recapturing of the old spirit of Usenet the way it used to
run (via 2-am phone calls between Linux boxes, hope hope hope!?)
I honestly wouldn't be surprised to see an intranet mechanism
spring up that allows a subset of the full newsgroup feed with
an intensely strangled intake mechanism, with 'elitist' members of the
intranet setting the S/N ratio back up where they want it.

I do hope Mr. Noring's collection of signatures helps get CoS to
stop this tactic, but it can't possibly be any faster a solution
than generating a workaround within currently-available means.  Ideally,
both publicizing CoS's involvement AND working around this via
other means should be pursued:
  - automoderation: a.r.s.moderated with a remailer address that limits
all postings to one per day per author.  Admittedly, it'll only slow down
the flow, if CoS is dedicated enough.
  - live moderation... even if anonymously moderated.
  - splitting a.r.s into three subgroups:  a.r.s.thetan, a.r.s.reformed
and a.r.s.enthetan (if the gods will forgive me this horrid pun of
an acronym)-- this permits CoS creation of a warm comfey space for
their thetan vibes, another space that is safe haven for those eager
to question their thetan teachings in a like-minded forum, and one
for the rest of us evil types that sincerely *hope* the CoS is an
alien race just so we can distance ourselves that much further from
them.
  - and so on.  Heck, several online providers will manage a mailing
list for an unlimited audience for $50 a year, web-pages can't be
jammed this way (although the web-server can be sucked dry via replicated
requests for the page), and software melding IRC or newsgroup features
into web-page mechanisms is springing up in beta form.  All are valid
weapons in the war for rational discourse.

As for the growing lack of kill-file wisdom, this is the sort of crap that
might finally get non-nix programmers to add the feature back in, user-
friendly and spit-polished, to boot.(another unintentional pun, b.t.w.)

Most importantly, my libertarian urges make me just as unwilling to see
anyone regulate right and wrong when it is against the CoS as I am
when they do it against Mr. Cherry and his CDA-questionable
literature.  As I see it, jamming a newsgroup is just more of the
nice patina of CoS's polished public front being rubbed off to
reveal the base metal underneath.

We pride ourselves on ably exposing less organized gutter-snipes
like NeoNazi revisionists and the Spammer-and-Seagull law firm, so it
seems we should be just as insistent that we can solve this problem
with software and existing laws.

------------------------------

Date: Wed, 29 May 1996 20:31:51 -0700 (PDT)
From: Declan McCullagh <declan@well.com>
Subject: File 2--Update on CDA, copyright, crypto (5/29/96)

ON THE CDA:

Folks involved in the case expect a decision within the next week from the
Philadelphia three-judge panel hearing our challenge to the CDA. The DoJ
has a few weeks to appeal to the Supreme Court if they lose.

--------------------------------------------------------------------------

ON COPYRIGHT:

Regarding the online copyright legislation, there's plenty of action on
the Hill -- and contrary to what I thought a week ago, there's even a
fighting chance that this bill will happen this year.

So far, full Senate judiciary and the House judiciary intellectual
property subcommittee have held hearings.

The House has taken the lead here, and the tentative date for the
subcommittee markup of HR2441 is June 5. (It was to have been last week,
but was cancelled at the last minute when no agreement was reached.)

The Senate seems to be waiting to see what the House does before making
any sudden moves. General feeling is that the legislation was on a fast
schedule but has been slowed down considerably because of ongoing
controvery over OSP liability and (especially) section 1201.

The big snarl is over 1201, and some alliances of convenience are breaking
down. More to the point, libraries are finally mobilizing grassroots
opposition.

Brock has a piece about this in last week's Muckraker on HotWired.

--------------------------------------------------------------------------

ON CRYPTO:

The National Research Council's report on crypto policy will be unveiled
tomorrow at the National Press Club at 1 pm in Washington, DC. I'm going
to try my best to be there.

From their web page at <http://www2.nas.edu/cstbweb/>:

   The Computer Science and Telecommunications Board (CSTB) of the
   National Research Council (NRC) has completed a congressionally
   mandated study of national cryptography policy. The final report,
   Cryptography's Role in Securing the Information Society, will be
   released to the public on May 30, 1996 at a public briefing. A large
   number of the authoring committee members will attend.

Thanks to John Young for this pointer to the original September 1994
announcement of the NRC National Cryptography Project at:

   http://www.wpi.edu/~ryant/ncp.html

------------------------------

Date: Fri, 7 Jun 1996 09:12:09 -0400 (EDT)
From: Voters Telecommunications Watch <shabbir@vtw.org>
Subject: File 3--Discuss crypto with Sen. Burns online the night before hearings!


           CRYPTO HEARINGS (S.1726) SET FOR 6/12/96 IN WASHINGTON D.C.
          MEET AND SPEAK TO SENATOR BURNS ON HOTWIRED THE NIGHT BEFORE!
      SEN. CONRAD BURNS (R-MT) SCHEDULED FOR HOTWIRED CHAT 6/11/96 10-11PM EST

                              Date: June 7, 1996

         URL:http://www.crypto.com/            crypto-news@panix.com
           If you redistribute this, please do so in its entirety,
                         with the banner intact.
  ---------------------------------------------------------------
Table of Contents
        News
	Press Release on Hearings
        How to receive crypto-news
        Press contacts

   ---------------------------------------------------------------
NEWS

In what is becoming the newest way for Congress to read the net.community's
opinion on issues, Senator Conrad Burns will be on HotWired on June
11th @ 10pm EST to discuss the encryption issue with all attendees.
The next day, Senator Burns will be coordinating a day of hearings on the
encryption issues with industry luminaries.

Never before has the public had this much access to legislators without
geographical proximity.  Cheaper than teleconferencing, and more direct
and unfiltered than the traditional press, online chats allow the public
to directly question and hear the answers of Congress.

Have a question about encryption policy that you've never been able to find
out from the government?  Come to the HotWired chat and ask Senator Burns
to be your advocate, to press the witnesses and the White House on these
issues.

The online chat is on June 11 at 10pm EST, the night before the hearings
HotWired's WiredSide chat is at (http://www.hotwired.com/wiredside).

Information on Senator Burns' legislation is available at
http://www.crypto.com

  ------------------------------------------------------------------
PRESS RELEASE ON HEARINGS

  Senator Conrad Burns (R-Mont.)
  WEB SITE   http://www.senate.gov/~burns/

  For immediate release:          Contact:                  Matt Raymond
  Thursday, June 6, 1996                                  (202) 224-8150
                                                         Randall Popelka
                                                          (202) 224-6137

  First Pro-CODE Hearing Slated
  Burns' Subcommittee to Hear High-Profile Executives, Witnesses

          WASHINGTON, D.C. _ Montana Senator Conrad Burns today announced
  the first of two Senate hearings on S. 1726, the Promotion of Commerce
  Online in the Digital Era Act of 1996, or "Pro-CODE."  The hearing will
  take place in the Commerce Subcommittee on Science, Technology and Space,
  of which Burns is chairman.

          The hearing is scheduled Wednesday, June 12, at 9:30 a.m. in room
  253 of the Russell Senate Office Building.

          Scheduled to testify are: Michael Zisman, president and CEO of
  Lotus; Jim Barksdale, president and CEO of Netscape Communications; Jim
  Bidzos, president and CEO of RSA Data Security; Tim Krauskopf, V.P. and
  co-founder of Spyglass Inc.; Kenneth Dam, chairman of the National
  Research Council; Douglas J. McGowan, director of the SmartCard Alliance
  for Hewlett-Packard; Computer Systems Policy Project representative
  (invited); Joe Holmes, chief technology officer for EDS; Joel S. Lisker,
  senior V.P. for security and risk management at MasterCard; Danne
  Buchanan, president of Zion's Data Services Company; Jack Valenti,
  executive director of the Motion Picture Association of America; Aharon
  Friedman, chairman, founder and chief technical officer of Digital
  Secured Networks Technology Inc.; Steve Case, president and CEO of
  America Online (invited); and Robert Bigomy, senior V.P. and director of
  strategic marketing, government and space technology group, for Motorola.

          Burns said the focus of the hearing is on commerce and business
  issues.  He said a second hearing, which will focus on privacy, law
  enforcement and national security issues, is scheduled in his
  subcommittee on June 26.

          The bipartisan Pro-CODE bill would ease export restrictions on
  computer security, or "encryption," for software and hardware.  It would
  also prohibit mandatory systems in which users or companies would have to
  place a code-breaking "key" in the hands of a third party.

                                        # # #

  --------------------------------------------------------------
HOW TO RECEIVE CRYPTO-NEWS

To subscribe to crypto-news, sign up from our WWW page (http://www.crypto.com)
or send mail to majordomo@panix.com with "subscribe crypto-news" in the body
of the message.
     ----------------------------------------------------------------
PRESS CONTACT INFORMATION

Press inquiries on Crypto-News should be directed to
	Shabbir J. Safdar (VTW) at +1.718.596.2851 or shabbir@vtw.org
	Jonah Seiger (CDT) at +1.202.637.9800 or jseiger@cdt.org

------------------------------

Date: Fri, 24 May 1996 13:32:58 -0700
From: Alan Lewine <alewine@dcez.com>
Subject: File 4--Re: Virtual Magistrate Decision

I attended the National Association for Automated Information
Research conference on Online Disp[ute Resolution at which the
Virtual Magistrate decision was announced. I have posted the Virtual
Magistrate decision in full text to Declan for posting to this list.
Here is a brief summary of the decision as I see it. (Incl. relevant
portions of the America Online Terms of Service (TOS) and Rules of
the Road (RoR) - part of the contract between AOL and its members.
full text of the decision is available at
http://vmag/law.vill.edu:8080/ .

AOL voluntarily participated in the first arbitration proceding on
the Internet through the Virtual Magistrate (VM), which involved a
challenge against a spammer, E_mail America, distributing junk mail
on the AOL network. Although the VM does not have any legal
enforcement power, the establishment of an Internet protocol
prohibiting spammingmay provide persuasive authority to cite in
future legal procedings. VM released its decision 21 May. The
decision along with the complaint and all associated materials are
available thru the VM web site. the decision involved three parties:
an actor - E-mail America (who never responded to invitations to
participate), a complainant - Jim Tierney, a former state Attorney
General and AOL subscriber, and a sysop - AOL. It took the form of
an "in rem" (involving a thing, rather than person(s)) proceding
against a screenname and an associated e-mail advertisement. Perhaps
a proceding against such cyberspacial entities would be better
termed "in meme" than "in rem."

Virtual Magistrate Decision

Paragraph 4(a) of the TOS addressing content may be read as
addressing content generally, whether or not it originates within
AOL.  Therefore , because AOL is not a public forum or common
carrier, the determinatio n of what is offensive is within the
subjective purview of AOL. AOL may appropriately consider system
limitations internet custom and practice, and especially customer
complaints

While AOL does not pre-screen content, blocking of a repetitive
message that has been post-screened at least once would not violate
the no pre-screening promise in the TOS.

See also relevant passages in TOS and RoR:  TOS 2.5: Prohibits
online conduct by members that inhibit other member use or enjoyment
TOS 4.2 AOL Inc. reserves the right to prohibit conduct . . . harmfu
l to individual members.

RoR 2.C. Online Conduct prohibited or discouraged includes
harassment, impersonation and especially, (viii) unsolicited
advertising.


Fromthe Rules of the Road and Terms of Service, contractual AOL
documents:

<< RULES OF THE ROAD
<<2.C.  Online Conduct.  Please refer to Section 2.5 of the Terms of
Service Agreement for AOL Inc. policy on impermissible types of online
conduct.  Below are some common violations of the Terms of Service.  This
list is not exhaustive.  AOL Inc. reserves the right, but does not assume

the responsibility, to restrict communication which AOL Inc. deems in its
discretion to be harmful to individual Members, damaging to the
communities which make up the AOL Service, or in violation of AOL Inc.
or any third-party rights.  Please be aware, however, that communication
over the AOL Service often occurs in real-time, or is posted on one of
the AOL Service thousands of message boards or libraries, and AOL Inc.

cannot, and does not intend to, screen communication in advance.

(i)  Offensive Communication.  The AOL Service is a
community-oriented service composed of many different communities of
people.  Our goal is to provide an interesting, stimulating and fun place

for all Members.  Using vulgar, abusive or hateful language undermines
this goal and is not allowed.  Please use your best judgment and be
respectful of other Members.  . . .

(ii)  Harassment.  When a Member targets another specifically to
cause him/her distress, embarrassment, unwanted attention, or other
discomfort, this is harassment.  AOL Inc. does not condone harassment in
any form and may suspend or terminate the accounts of any Member who
harasses others.  You may have a disagreement with someone's point of
view -- we encourage lively discussion in our chat rooms and message
boards -- but personal attacks, or attacks based on a person race,
national origin, ethnicity, religion, gender, sexual orientation or other

such affiliation, are prohibited.  If you have a disagreement with
someone's point of view, address the subject, not the person.

(v) Impersonation.  This can involve the portrayal of an account
in an official capacity, such as AOL Inc. staff or an information
provider, authorized Guide or Host, or communication under a false name
or a name that you are not authorized to use.  Members must avoid the
portrayal of AOL personnel or others persons in all forms of online
communication, including, but not limited to, screen names, member
profiles, chat dialogue and message postings.

(viii)  Advertising and Solicitation.  You may not use the AOL
Service to send unsolicited advertising, promotional material, or other
forms of solicitation to other Members except in those specified areas
that are designated for such a purpose (e.g., the classified area).


<<RULES OF THE ROAD

<<D. Third-Party Content and Information.

Because AOL Inc. encourages open and candid communication, it
cannot determine in advance the accuracy of Content transmitted on the
AOL Service.  AOL is not responsible for screening, policing, editing, or

monitoring such Content.  If notified of allegedly infringing,
defamatory, damaging, illegal or offensive Content, AOL Inc. may
investigate the allegation and determine in good faith and in its sole
discretion whether to remove or request the removal of such Content from
the AOL Service.  AOL Inc. shall be held harmless from any performance or

non-performance by AOL Inc. of such activities, as long as it has acted
in good faith.

<<RULES OF THE ROAD

<<4.  Public and Private Communication

The AOL Service offers Members the capability to communicate in
Public Areas generally accessible to other Members or to communicate
privately with another Member.  Public Areas are those features that are
generally accessible to other Members, such as, but not limited to, chat
rooms, online forums, and message boards.  Private Communication is
electronic correspondence sent or received by you to particular
individuals.  AOL Inc. will maintain the AOL Service Public Areas as an
open forum for discussion of a wide range of issues and expression of
diverse viewpoints.  AOL Inc. will administer standards of online conduct

according to its TOS for the enjoyment of all its Members.  While we will

endeavor to monitor the Public Areas to ensure that online standards are
being maintained, AOL Inc. has neither the practical capability, nor does

it intend, to act in the role of Big Brother by screening public
communication in advance.

It is AOL Inc. policy to respect the privacy of personal
electronic communication.  AOL Inc. will not intentionally inspect the
contents of an electronic message (E-Mail or Instant Message) s
ent by
one Member to another individual, monitor discussions in private rooms,
or disclose the contents of any personal electronic communication to an
unauthorized third party, except as required or permitted to do so by
law.  AOL  Inc. reserves the right to cooperate fully with local, state,
or federal officials in any investigation relating to any Content,
including private electronic communication, transmitted on the AOL
Service or the unlawful activities of any Member.

AOL Inc. reserves the right to remove any Content that it deems
in its sole discretion to be a violation of its Terms of Service.  AOL
Inc. may terminate immediately any Member who misuses or fails to abide
by its Terms of Service.

<<TERMS OF SERVICE

<<2.5  Online Conduct.  Any conduct by a Member that in AOL Inc.
discretion restricts or inhibits any other Member from using or enjoying
the AOL Service will not be permitted.  Member agrees to use the AOL
Service only for lawful purposes.  Member is prohibited from posting on
or transmitting through the AOL Service any unlawful, harmful,
threatening, abusive, harassing, defamatory, vulgar, obscene, profane,
hateful, racially, ethnically or otherwise objectionable material of any
kind, including, but not limited to, any material which encourages
conduct that would constitute a criminal offense, give rise to civil
liability or otherwise violate any applicable local, state, national or
international law.

<<4.2  AOL Inc. reserves the right to prohibit conduct, communication, or

Content which it deems in its discretion to be harmful to individual
Members, the communities which make up the AOL Service, AOL Inc. or
other third-party rights, or to violate any applicable law.
Notwithstanding the foregoing, neither AOL Inc. nor its Information
Providers have the practical ability to restrict conduct, communication
or Content which might violate its TOS prior to transmission on the AOL
Service, nor can they ensure prompt editing or removal of questionable
Content after on-line posting.  Accordingly, neither AOL Inc. nor any
Information Provider shall assume liability for any action or inaction
with respect to conduct, communication or Content on the AOL Service.

<<4.3  AOL Inc. will not intentionally monitor or disclose any private
electronic communication unless permitted or required by law.  AOL Inc.
may terminate immediately without notice any Member who misuses or fails
to abide by the TOS, including, without limitation, misuse of the
software libraries, discussion boards, E-Mail, or conference areas.

------------------------------

Date: Sat,  8 Jun 1996 14:33:00 -0400 (EDT)
From: "Declan B. McCullagh" <declan+@CMU.EDU>
Subject: File 5--Re: Gore "against censorship"???

I came across this article earlier this morning and asked some friends
at MIT if they had the text of Gore's speech. I didn't see any coverage
of this on the Boston Globe's web site.

-Declan

---------- Forwarded message begins here ----------
  	  				
	 CAMBRIDGE, Mass (Reuter) - Vice President Al Gore said
Friday society should not resort to ``unwarranted censorship''
on the Internet as an overreaction to protect children from
objectionable material in cyperspace.
	 In a commencement address at the Massachusetts Institute of
Technology, Gore said government had to assist parents in
protecting their children from exposure to such material.
	 ``But let me also state my clear and unequivocal view that a
fear of chaos cannot justify unwarranted censorship of free
speech, whether that speech occurs in newspapers, on the
broadcast airwaves -- or over the Internet.''
	 ``Our best reaction to the speech we loathe is to speak out,
to reject, to respond, even with emotion and fervor, but to
censor -- no. That has not been our way for 200 years, and it
must not become our way now,'' he said.

[...]

	 In his address at the MIT, Gore stressed the gulf separating
society and science, a theme students had suggested in e-mail
messages to the vice president. He said new technologies
initially break down stable patterns and ``then new ones emerge
at a higher degree of complexity.
	 ``Societies are vulnerable to misinterpreting the first
stage as a descent into chaos and then overreacting with the
imposition of a rigid, stagnating order,'' Gore told the 2,000
graduates in an outdoor ceremony.

------------------------------

From: blackbox@BBOX.COM
Subject: File 6--FW: NSA Monitoring Internet?
Date: Thu, 30 May 1996 09:29:22 -0700

<list of headers snipped>

Date--96-05-27 03:14:00 EDT
From--proteios@iuc.org (El Tiburon)

=-=_=-=_=-=_=-=_=-=_=-=_=-=_=-=_=-=_=-=
NorthStar
A Guiding Light on Internet Issues

Newsletter of the Internet Users Consortium
=_=-=_=-=_=-=_=-=_=-=_=-=_=-=_=-=_=-=_=
To heighten the NorthStar experience, subscribe to the HTML Version of
NorthStar.

NorthStar is a guiding light to help you focus on the primary issues
which threaten our Internet Freedom. In this Newsletter we let Internet
Users know what the necessary issues and actions are to defend the Internet.
We sincerely invite your participation at all levels, from discussion to
action.
Rethink what Activism means - Isn't it just participation?

NorthStar #18   Sunday 5/26/96
Director..........proteios@iuc.org
Editor..............wtj@primenet.com
Author............proteios@iuc.org
Research........peads@nilenet.com

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NEVER SAY NEVER . . . but . . . We at NorthStar
believe so strongly in these principles that we make the
following pledge to you, our reader and fellow Internet Activist:
NorthStar will NEVER sell/rent/trade/share our mailing list
NorthStar will NEVER use Government mandated encryption
NorthStar will NEVER represent any commercial interest
NorthStar will NEVER cooperate with any Government intrusion
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

The National Security Administration is Poised to Control the Internet

The oppressive atmosphere of Orwell's 1984 arises from the omnipresence of
Big Brother, the symbol of the government's concern for the individual. Big
Brother controls the language, outlawing words he dislikes and creating new
words for his favorite concepts. He can see and hear nearly everything -
public or private. Thus he enforces a rigid code of speech and action that
erodes the potential for resistance and reduces the need for force. As Noam
Chomsky says, propaganda is to democracy what violence is to
totalitarianism. Control thoughts, and you can easily control behavior.

U.S. history affords a prime example in the era named after Senator Joseph
McCarthy, though he had many supporters in his attack on freedom of thought
and speech. Perhaps his most powerful friend was J. Edgar Hoover, who fed
him material from FBI files (some of it true) which he used to attack
individuals for their supposed political leanings. By the time of
Watergate, the CIA had become at least as notorious as the FBI, due largely
to its assassinations of foreign leaders and support for military coups
around the world.

Now its the 90's. A computer revolution seems to be happening and with it a
dramatic increase in people using the Internet, as well as people watching
what the people use it for. Ever heard of the NSA? This could very well be
the NSA decade for the Internet. Conspiracy, power struggles and
survellience of the citizenry may be what is remembered about the NSA
during this period of time. I used to think democracy meant people keeping
a watchful eye on its government, not its government keeping a watchful eye
on its people. Today we can now see comparisons being drawn between the FBI
of the 50s and the CIA of the 60s, the obvious government corruption in the
70s, Reagan in the 80s (sorry - that was just incompetence), and the
emerging role of the NSA in the 90s.

Is NSA Sniffing the Internet? Do they have the jurisdiction? Lets take a
look back and see what they are all about and make an educated hypothesis.

Budgetary authority for the National Security Agency (NSA) apparently comes
from the Central Intelligence Act of 1949. This act provides the basis for
the secret spending program known as the black budget by allowing any arm
of the government to transfer money to the CIA "without regard to any
provisions of the law," and allowing the CIA to spend its funds as it sees
fit, with no need to account for them.

Congress passed the C.I.A. Act despite the fact that only the ranking
members of the Senate and House Armed Services Committees knew anything
about its contents; the remaining members of Congress were told that open
discussion, or even clear explanation, of the bill would be
counterproductive. There were complaints about the secrecy; but in the end
the bill passed the House by a vote of 348-4, and the Senate by a majority
voice vote. Hmmmm, it seems several legislative disasters have occurred by
landslides. Anyone remember the Telecommunication Attack of 1996?

The NSA's estimated $10 billion annual allocation (as of 1990) is funded
entirely through the black budget. Thus Congress appropriates funds for the
NSA not only without information on the agency's plans, but without even a
clear idea of the amount it appropriates; and it receives no accounting of
the uses to which the funds were put. This naturally precludes any debate
about the direction or management of such agencies, effectively avoiding
public oversight while spending public funds. Weiner notes the analogy to
"Taxation without representation." In any respect, it seems to be
unconstitutional - a major point that has failed to stop them.

"The NSA has also spent a great deal of time and money spying on American
citizens. For 21 years after its inception it tracked every telegram and
telex in and out of the United States, and monitored the telephone
conversations of the politically suspect." (Weiner, Blank Check)

Due to its unique ability to monitor communications within the U.S. without
a warrant, which the FBI and CIA cannot legally do, NSA becomes the center
of attempts to spy on U.S. citizens. Nominally this involves only
communications in which at least one terminal is outside the U.S., but in
practice target lists have often grown to include communications between
U.S. citizens within the country. And political considerations have
sometimes become important. Oh yeah, I forgot to mention that in the NSA's
Charter they claim to be unable to spy on US citizens. Apparently, the real
charter is as elusive as what they do with taxpayer money.

The Huston Plan, formally known as "Domestic Intelligence Gathering Plan:
Analysis and Strategy," was submitted in July 1970 to President Nixon. The
goal of the plan was to relax some restrictions on intelligence gathering,
apparently those of NSCID No. 6. Some parts of the intelligence community
felt that these relaxations would assist their efforts.

Like most intelligence agencies, the NSA uses words such as "interrupt" and
"target" in a technical sense with a precise but often classified
definition. This specialized language makes it difficult to legislate or
oversee the activities involved. For instance, in NSA terms a conversation
that is captured, decoded if necessary, and distributed to the requesting
agency is not considered to be the product of eavesdropping unless one of
the parties to the conversation is explicitly targeted. However, the NSA
does not depend on semantic defences; it can also produce some legal
arguments for exempting itself from normal requirements. How convenient.

For those who feel your lives are too flawless to be affected, or for those
of you who actually vote Republican or Democrat thinking the change will
come from within (nice try), and for the lowest common denominator -
dittoheads, this is not a good thing. Complete control over a secret agency
with at least 60,000 direct employees, a $10 billion budget, direct command
of some military units, and the ability to read all communications would be
an enormous weapon with which to maintain tyranny were it to arise. A
President with a Napoleonic or Stalinistic delusion would find the perfect
tool for the constant supervision of the individual by the state in the
NSA; not unlike scenarios depicted in novels such as Orwell's 1984.

====================================
1) NSA Homepage
http://www.nsa.gov:8080/

2) NSA Can Break PGP Encryption
http://www.quadralay.com/www/Crypt/NSA/break-pgp.html

3) Houston Chronicle Interview
http://www.quadralay.com/www/Crypt/NSA/letter.html

4) Original Charter of the National Security Agency
http://www.quadralay.com/www/Crypt/NSA/charter.html

5) CFP'92 - Who Holds the Keys?
http://www.cpsr.org/dox/conferences/cfp92/denning.html

====================================

Americans would not have any privacy left, such is the capability to
monitor everything: telephone conversations, telegrams, or in our case
email, it doesn't matter. There would be no place to hide. If this
government ever became a tyranny, if a dictator ever took charge in this
country, the technological capacity that the intelligence community has
given the government could enable it to impose total tyranny. There would
be no way to fight back because the most careful effort to combine together
in resistance to the government, no matter how privately it was done, is,
and would continue to be, within the reach of the government to know. Such
is the capability of this technology ...

I don't want to see this country ever go across the bridge. I know the
capability that is there to make tyranny total in America, and we must see
to it that this agency and all agencies that possess this technology
operate within the law and under proper supervision, so that we never cross
over that abyss. That is the abyss from which there is no return...

So, is the NSA 'sniffing' on the Internet? Does their reputation seem
worthy of our trust and respect? Lets take a look at some of their recent
plans for Internet communication. Then you can decide for yourself if you
want to watch the magic act....the "now you see it....now you don't" act
starring Freedom, of course.

Puzzle Palace co-author Wayne Madsen, in an article written for the June
1995 issue of Computer Fraud & Security Bulletin (Elsevier Advanced
Technology Publications), wrote that "according to well-placed sources
within the Federal Government and the Internet service provider industry,
the National Security Agency (NSA) is actively sniffing several key
Internet router and gateway hosts."

Madsen says the NSA concentrates its surveillance on destination and
origination hosts, as well as "sniffing" for specific key words and
phrases. He claims his sources have confirmed that the NSA has contracted
with an unnamed private company to develop the software needed to capture
Internet data of interest to the agency.

According to Madsen, the NSA monitors traffic primarily at two Internet
routers controlled by the National Aeronautics and Space Administration
(NASA), one in College Park, MD (dubbed "Fix East") and another at NASA
Ames Research Center in Sunnyvale, CA ("Fix West").

Other NSA Internet sniffers, he said, operate at busy routers known as Mae
East (an East Coast hub), Mae West (a West Coast hub), CIX reportedly based
in San Jose), and SWAB (a northern Virginia router operated by Bell
Atlantic).

Madsen continues on to say the NSA may also be monitoring traffic at
network access points (NAPs), the large Internet gateways operated by
regional and long-distance service providers. The NAPs allegedly under
surveillance are in Pennsauken, NJ (operated by Sprint), Chicago (run by
AmeriTech and Bell Communications Research), and San Francisco (Pacific
Bell).

Madsen claims the NSA has deals with Microsoft, Lotus, and Netscape to
prevent anonymous email. "One senior Federal Government source has reported
that NSA has been particularly successful in convincing key members of the
US software industry to cooperate with it in producing software that makes
Internet messages easier for NSA to intercept, and if they are encrypted,
to decode," Madsen wrote. "A knowledgeable government source claims that
the NSA has concluded agreements with Microsoft, Lotus and Netscape to
permit the introduction of the means to prevent the anonymity of Internet
electronic mail, the use of cryptographic key-escrow, as well as software
industry acceptance of the NSA-developed Digital Signature Standard (DSS)."

Similarly, according to reports in several trade magazines, the Defense
Messaging System (DMS) developed by the Pentagon is nearly ready for
implementation, but prospective users are threatening to shun the universal
e-mail platform unless Pentagon officials eliminate cumbersome security
procedures designed by the NSA.

DOD designed DMS a decade ago to replace the aging AUTODIN message system
and to serve as the armed services' global e-mail infrastructure. Officials
familiar with DMS' security features, which rely on the National Security
Agency's Fortezza encryption card, said the system's slowness is likely to
alienate users who send mostly unclassified messages over commercial e-mail
systems. Users of wireless systems are also complaining about the high
overhead.

The DMS adopted the Fortezza card and is expected to implement over 450,000
cards in the next few years. Inside sources note that the NSA is using the
DMS as a justification for paying companies such as Microsoft and Netscape
to adopt the Fortezza card as a standard for their products. NSA has pushed
agencies such as the CIA, NASA, IRS and the Federal Reserve to adopt
Fortezza without success.

Cost is also a major factor. Fortezza's PCMCIA cards cost nearly $100 each
and all computers must be equipped with a card reader that costs an
additional $150. (Would you like to have to buy a modem or pre-assembled
computer system that would make it easier for the NSA to monitor your
communications? Not me!)

Is the NSA really snooping on the Net? If they are, would that violate the
agency's charter, which specifically prohibits it from spying within the
US? "Well, Net traffic is routed from God knows where to God knows where
around the world," says George Washington University Professor Lance
Hoffman, a professor of Communications and Telecommunications Systems
Policy at George Washington University. "So if the NSA is doing this, they
could say they are not violating their charter not to spy in the US. That's
the thing. Intelligent routers send stuff any which way."

What can be done? - you say. There is a solution. Encryption. Next issue
will discuss trap doors and your right to encryption as strong as you can
make it.

====================================
6) The Agency That Came in from the Cold
http://www.ams.org/committee/profession/shaker.html

7) The Codex Surveillance & Privacy Page
http://www.thecodex.com/

8) Profiles of the U.S. Intelligence Community
http://www.kimsoft.com/korea/usintel.txt

9) Intelligence and CounterIntelligence
http://www.kimsoft.com/kim-spy.htm

10) The National Security Administration
http://hops.cs.jhu.edu/~arvi/nsa.html

*** proteios@indirect.com PLEASE send us any other relevant URLs you may
find ***
====================================

----------------------------------------------------------------------------
NorthStar is an Internet Distribution List provided by the Internet Users
Consortium
a fiercely independent Grass Roots organization founded by Martin Thompson
and Kenneth Koldys, Jr, to inform and coordinate Internet Users concerning
political and government actions against the complete self-actualization
of the Internet and our Constitutional Rights in Cyberspace.
----------------------------------------------------------------------------
Past issues of NorthStar are archived at the NorthStar Archive
http://www.iuc.org/www/proteios/northstar.html
on the Internet Users Consortium WWW site
----------------------------------------------------------------------------
***Please feel free to distribute NorthStar to as many people and relevant
forums as possible. That is one way to inform, educate and take action.
All we ask is that you keep NorthStar intact. It is concise for that very
reason.
***If you wish to submit an article to NorthStar, please send your
article to proteios@iuc.org

------------------------------

Date: Thu, 21 Mar 1996 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 7--Cu Digest Header Info (unchanged since 7 Apr, 1996)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

     SUBSCRIBE CU-DIGEST
Send the message to:   cu-digest-request@weber.ucsd.edu

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
Send it to  CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:  In BELGIUM: Virtual Access BBS:  +32-69-844-019 (ringdown)
         Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org
         In ITALY: ZERO! BBS: +39-11-6507540
         In LUXEMBOURG: ComNet BBS:  +352-466893

  UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)


The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #8.43
************************************