Computer underground Digest    Wed  Aug 14, 1996   Volume 8 : Issue 59
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Shadow Master: Stanton McCandlish
       Field Agent Extraordinaire:   David Smith
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #8.59 (Wed, Aug 14, 1996)

File 1--Paranoia and Brit hackers fuel infowar craze in spy agencies
File 2--Nat'l Law Journal and The Independent on CWD and net-filters
File 3--ACLU warns of G-7 international net-censorship efforts
File 4--DiFi/Barr: Terrorist Handbook on Net
File 5--Internet Domain Survey, July 1996 (fwd)
File 6--Hackers Find Cheap Scotland Yard Phone Connection
File 7--Re: - SPECIAL ISSUE: Anti Terrorism
File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------

Date: Tue, 6 Aug 1996 20:12:06 -0500 (CDT)
From: Crypt Newsletter <crypt@sun.soci.niu.edu>
To: Jim Thomas <jthomas@sun.soci.niu.edu>
Subject: File 1--Paranoia and Brit hackers fuel infowar craze in spy agencies


Electronic doom will soon be visited on U.S. computer networks by
information warriors, hackers, pannational groups of computer-wielding
religious extremists, possible agents of Libya and Iran, international
thugs and money-mad Internet savvy thieves.

John Deutch, director of Central Intelligence, testified to the
truth of the matter, so it must be graven in stone. In a long statement
composed in the august tone of the Cold Warrior, Deutch said to the
Senate Permanent Subcommittee on Investigations on June 25, "My greatest
concern is that hackers, terrorist organizations, or other nations might
use information warfare techniques" to disrupt the national
infrastructure.

"Virtually any 'bad actor' can acquire the hardware and software
needed to attack some of our critical information-based infrastructures.
Hacker tools are readily available on the Internet, and hackers
themselves are a source of expertise for any nation or foreign
terrorist organization that is interested in developing an information
warfare capability. In fact, hackers, with or without their full
knowledge, may be supplying advice and expertise to rogue states such
as Iran and Libya."

In one sentence, the head of the CIA cast hackers -- from those more
expert than Kevin Mitnick to AOLHell-wielding idiots calling an America
On-Line overseas account -- as pawns of perennial international bogeymen,
Libya and Iran.

Scrutiny of the evidence that led to this conclusion was not possible
since it was classified, according to Deutch.

" . . . we have [classified] evidence that a number of countries
around the world are developing the doctrine, strategies, and tools
to conduct information attacks," said Deutch.

Catching glimpses of shadowy enemies at every turn, Deutch
characterized them as operating from the deep cover of classified
programs in pariah states.  Truck bombs aimed at the telephone
company, electronic assaults by "paid hackers" are likely to
be part of the arsenal of anyone from the Lebanese Hezbollah
to "nameless . . . cells of international terrorists such as those
who attacked the World Trade Center."

Quite interestingly, a Minority Staff Report entitled "Security and
Cyberspace" and presented to the subcommittee around the same time as
Deutch's statement, presented a different picture.  In its attempt to
raise the alarm over hacker assaults on the U.S., it inadvertently
portrayed the intelligence community responsible for appraising the
threat as hidebound stumblebums, Cold Warriors resistant to change and
ignorant or indifferent to the technology of computer networks and their
misuse.

Written by Congressional staff investigators Dan Gelber and Jim Christy,
the report quotes an unnamed member of the intelligence  community likening
threat assessment in the area to "a toddler soccer game, where everyone
just runs around trying to kick the ball somewhere."  Further, assessment
of the threat posed by information warriors was "not presently a priority
of our nation's intelligence and enforcement communities."

The report becomes more comical with briefings from intelligence
agencies said to be claiming that the threat of hackers and information
warfare is "substantial" but completely unable to provide a concrete
assessment of the threat because few or no personnel were working on
the subject under investigation. "One agency assembled [ten] individuals
for the Staff briefing, but ultimately admitted that only one person was
actually working 'full time' on intelligence collection and threat
analysis," write Gelber and Christy.

The CIA is one example.

"Central Intelligence Agency . . . staffs an 'Information Warfare
Center'; however, at the time of [the] briefing, barely a handful
of persons were dedicated to collection and on [sic] defensive
information warfare," comment the authors.

" . . . at no time was any agency able to present a national threat
assessment of the risk posed to our information infrastructure," they
continue. Briefings on the subject, if any and at any level of
classification, "consisted of extremely limited anecdotal information."

Oh no, John, say it ain't so!

The minority report continues to paint a picture of intelligence agencies
that have glommed onto the magic words "information warfare" and
"hackers" as mystical totems, grafting the subjects onto "pre-existing"
offices or new "working groups." However, the operations are based only
on labels. "Very little prioritization" has been done, there are
few analysts working on the subjects in question.

Another "very senior intelligence officer for science and technology"
is quoted claiming "it will probably take the intelligence community
years to break the traditional paradigms, and re-focus resources"
in the area.

Restated, intelligence director Deutch pronounced in June there was
classified evidence that hackers are in league with Libya and Iran and
that countries around the world are plotting plots to attack the U.S.
through information warfare.  But the classified data is and was, at best,
anecdotal gossip -- hearsay, bullshit -- assembled by perhaps a handful of
individuals working haphazardly inside the labyrinth of the intelligence
community. There is no real threat assessment to back up the Deutch
claims.  Can anyone say _bomber gap_?

The lack of solid evidence for any of the claims made by the intelligence
community has created an unusual stage on which two British hackers,
Datastream Cowboy and Kuji, were made the dog and pony in a ridiculous
show to demonstrate the threat of information warfare to members of
Congress.  Because of a break-in at an Air Force facility in Rome, NY,
in 1994, booth hackers were made the stars of two Government Accounting
Office reports on network intrusions in the Department of Defense earlier
this year.  The comings and goings of Datastream Cowboy also constitute the
meat of Gelber and Christy's minority staff report from the Subcommittee on
Investigations.

Before delving into it in detail, it's interesting to read what a
British newspaper published about Datastream Cowboy, a sixteen year-old,
about a year before he was made the poster boy for information
warfare and international hacking conspiracies in front of Congress.

In a brief article, blessedly so in contrast to the reams of propaganda
published on the incident for Congress, the July 5 1995 edition of The
Independent wrote, "[Datastream Cowboy] appeared before Bow Street
magistrates yesterday charged with unlawfully gaining access to a series
of American defense computers. Richard Pryce, who was 16 at the time of
the alleged offences, is accused of accessing key US Air Force systems
and a network owned by Lockheed, the missile and aircraft manufacturers."

Pryce, a resident of a northwest suburb of London did not enter a plea
on any of 12 charges levied against him under the British
Computer Misuse Act.  He was arrested on May 12, 1994, by New Scotland
Yard as a result of work by the U.S. Air Force Office of Special
Investigations.  The Times of London reported when police came for
Pryce, they found him at his PC on the third floor of his family's house.
Knowing he was about to be arrested, he "curled up on the floor and cried."

In Gelber and Christy's staff report, the tracking of Pryce, and to a
lesser extent a collaborator called Kuji -- real name Mathew Bevan, is
retold as an eight page appendix entitled "The Case Study: Rome
Laboratory, Griffiss Air Force Base, NY Intrusion."

Pryce's entry into Air Force computers was noticed on March 28, 1994,
when personnel discovered a sniffer program he had installed on one
of the Air Force systems in Rome.  The Defense Information System
Agency (DISA) was notified.  DISA subsequently called the Air
Force Office of Special Investigations (AFOSI) at the Air Force
Information Warfare Center in San Antonio, Texas. AFOSI then
sent a team to Rome to appraise the break-in, secure the system and
trace those responsible.  During the process, the AFOSI team discovered
Datastream Cowboy had entered the Rome Air Force computers for the
first time on March 25, according to the report.  Passwords had been
compromised, electronic mail read and deleted and unclassified
"battlefield simulation" data copied off the facility. The
Rome network was also used as a staging area for penetration of other
systems on the Internet.

AFOSI investigators initially traced the break-in back one step to
the New York City provider, Mindvox. According to the Congressional
report, this put the NYC provider under suspicion because "newspaper
articles" said Mindvox's computer security was furnished by two "former
Legion of Doom members." "The Legion of Doom is a loose-knit computer
hacker group which had several members convicted for intrusions into
corporate telephone switches in 1990 and 1991," wrote Gelber and Christy.

AFOSI then got permission to begin monitoring -- the equivalent of
wiretapping -- all communications on the Air Force network.  Limited
observation of other Internet providers being used during the break-in
was conducted from the Rome facilities.  Monitoring told the investigators
the handles of hackers involved in the Rome break-in were Datastream
Cowboy and Kuji.

Since the monitoring was of limited value in determining the whereabouts
of Datastream Cowboy and Kuji, AFOSI resorted to "their human intelligence
network of informants, i.e., stool pigeons, that 'surf the Internet.'
Gossip from one AFOSI 'Net stoolie uncovered that Datastream Cowboy was from
Britain. The anonymous source said he had e-mail correspondence with Datastream
Cowboy in which the hacker said he was a 16-year old living in
England who enjoyed penetrating ".MIL" systems. Datastream Cowboy also
apparently ran a bulletin board system and gave the telephone number to the
AFOSI source.

The Air Force team contacted New Scotland Yard and the British law
enforcement agency identified the residence, the home of Richard
Pryce, which corresponded to Datastream Cowboy's system phone number.
English authorities began observing Pryce's phone calls and noticed
he was making fraudulent use of British Telecom.  In addition,
whenever intrusions at the Air Force network in Rome occurred, Pryce's
number was seen to be making illegal calls out of Britain.

Pryce travelled everywhere on the Internet, going through South America,
multiple countries in Europe and Mexico, occasionally entering the Rome
network.  From Air Force computers, he would enter systems at Jet
Propulsion Laboratory in Pasadena, California, and the Goddard Space
Flight Center in Greenbelt, Maryland. Since Pryce was capturing the logins
and passwords of the Air Force networks in Rome, he was then able to
get into the home systems of Rome network users, defense contractors
like Lockheed.

By mid-April of 1994 the Air Force was monitoring other systems being
used by the British hackers. On the 14th of the month, Kuji logged on
to the Goddard Space Center from a system in Latvia and copied data
from it to the Baltic country.  According to Gelber's report, the
AFOSI investigators assumed the worst, that it was a sign that someone
in an eastern European country was making a grab for sensitive
information.  They broke the connection but not before Kuji had
copied files off the Goddard system.  As it turned out, the Latvian
computer was just another system the British hackers were using as
a stepping stone; Pryce had also used it to cover his tracks when
penetrating networks at Wright-Patterson Air Force Base in Ohio, via
an intermediate system in Seattle, cyberspace.com.

The next day, Kuji was again observed trying to probe various
systems at NATO in Brussels and The Hague as well as Wright-Patterson.
On the 19th, Pryce successfully returned to NATO systems in The
Hague through Mindvox.  The point Gelber and Christy seem to be trying
to make is that Kuji, a 21-year old, was coaching Pryce during some
of his attacks on various systems.

By this point, New Scotland Yard had a search warrant for Pryce
with the plan being to swoop down on him the next time he accessed
the Air Force network in Rome.

In April, Pryce penetrated a system on the Korean peninsula and copied
material off a facility called the Korean Atomic Research Institute
to an Air Force computer in Rome. At the time, the investigators had
no idea whether the system was in North or South Korea.  The impression
created is one of hysteria and confusion at Rome. There was fear that the
system, if in North Korea, would trigger an international incident, with
the hack interpreted as an "aggressive act of war." The system turned
out to be in South Korea.

During the Korean break-in, New Scotland Yard could have intervened and
arrested Pryce.  However, for unknown reasons, the agency did not.  Those
with good memories may recall mainstream news reports concerning Pryce's
hack, which was cast as an entry into sensitive North Korean networks.

It's worth noting that while the story was portrayed as the work of
an anonymous hacker, both the U.S. government and New Scotland Yard knew
who the perpetrator was.  Further, according to Gelber's report English
authorities already had a search warrant for Pryce's house.

Finally, on May 12 British authorities pounced.  Pryce was arrested
and his residence searched.  He crumbled, according to the Times of
London, and began to cry.  Gelber and Christy write that Pryce promptly
admitted to the Air Force break-ins as well as others.  Pryce
confessed he had copied a large program that used artificial intelligence
to construct theoretical Air Orders of Battle from an Air Force computer
to Mindvox and left it there because of its great size, 3-4 megabytes.
Pryce paid for his Internet service with a fraudulent credit card number.
At the time, the investigators were unable to find out the name and
whereabouts of Kuji. A lead to an Australian underground bulletin board
system failed to pan out.

On June 23 of this year, Reuters reported that Kuji -- 21-year-old Mathew
Bevan -- a computer technician, had been arrested and charged in
connection with the 1994 Air Force break-ins in Rome.

Rocker Tom Petty sang that even the losers get lucky some time.  He
wasn't thinking of British computer hackers but no better words could be
used to describe the two Englishmen and a two year old chain of events that
led to fame as international computer terrorists in front of Congress
at the beginning of the summer of 1996.

Lacking much evidence for the case of conspiratorial computer-waged
campaigns of terror and chaos against the U.S., the makers of Congressional
reports resorted to telling the same story over and over, three
times in the space of the hearings on the subject. One envisions U.S.
Congressmen too stupid or apathetic to complain, "Hey, didn't we get that
yesterday, and the day before?" Pryce and Bevan appeared in "Security in
Cyberspace" and twice in Government Accounting Office reports AIMD-96-84
and T-AIMD96-92. Jim Christy, the co-author of "Security in Cyberspace"
and the Air Force Office of Special Investigations' source for the Pryce
case supplied the same tale for Jack Brock, author of the GAO reports.
Brock writes, ". . . Air Force officials told us that at least one of
the hackers may have been working for a foreign country interested in
obtaining military research data or areas in which the Air Force was
conducting advanced research."  It was, apparently, more wishful
thinking.


Notes:

1. The Federation of American Scientists has made available on its
Web site electronic copies of all the reports mentioned previously.
The URL is http://www.fas.org/ .

The FAS Web site also features an easy to use search engine which can
be used to pull up the Congressional testimony on hackers and
network intrusion.  These example key words are effective: "Jim
Christy," "Datastream Cowboy".

Crypt Newsletter 38
http://www.soci.niu.edu/~crypt

------------------------------

Date: Tue, 30 Jul 1996 16:06:06 -0500
From: Declan McCullagh <declan@well.com>
Subject: File 2--Nat'l Law Journal and The Independent on CWD and net-filters

Attached are portions of two articles from the National Law Journal and
London's The Independent following up on the CyberWire Dispatch that Brock
and I put out earlier this month on the rather unusual behavior of
net-filtering software.

The original CWD is at:
  http://www.eff.org/pub/Publications/Declan_McCullagh/
  http://cyberwerks.com:70/cyberwire/cwd/ (eventually)

-Declan

===========================================================================

The National Law Journal
Monday, August 5, 1996
Page A13
By Ann Davis

...Civil libertarians are demanding to know: since when were the National
Organizaton for Women or the Endangered Species Coalition in the same class
as devil worshippers? How can photos posted by animal rights groups be
categorized as "gross depictions"? Caught in a dragnet of blocking software
are web sites on everything from the safe use of fireworks to safe sex,
according to a report by the Internet-based news service CyberWire
Dispatch.

To blocked groups' disappointment, however, Internet legal experts say any
lawsuit against private computer censors may be a losing proposition...
[Mike Godwin is quoted.]

...A cyber-Deep Throat recently leaked the lists to two Internet
investigative reporters, Brock N. Meeks and Declan B. McCullagh.
Blacklisted sites include a Silicon Valley council of the National Rifle
Association and Cyber High School, whose web address is similar to that of
a gay video site... [Snapshot of CyberHigh's web page included]

As a lawyer for CompuServe, Inc., Mr. Cunard meets potential legal
challenges with skepticism. The free speech angle? Implausible against a
private entity, he said. Discrimination claims? Difficult, unless you can
prove the Internet is a place of public accomodation. Tortious
interferrence? not likely, because most web site operators don't require
subscriptions and therefore don't have a duty to those who access their
sites.

===========================================================================

The Independent (London)
Monday, July 22, 1996
By Charles Arthur

REAL ALE IS TOO STRONG FOR THE AMERICAN MORALISTS

Programs to protect children from Net porn are keeping them out of
a vast range of sites, says Charles Arthur

[...]
        Since last July, programs such as Cyber Patrol, NetNanny and
Cybersitter have sold thousands of copies. Some have distribution
agreements with organisations such as BT and CompuServe. The makers boast
that their products "includes a bad site list of thousands of Wed sites
that are not suitable for children" and "allow parents to censor what their
children access on the Internet."
        So far, so good - except that many of those "banned" sites include
many British sources holding very useful or entirely innocent information.
And the morality underlying many of the bannings is very American, and
quite unlike that which a British parent might be expected to apply.
        Among the British sites on the World Wide Web which your child
would be unable to access when using the programs are the Campaign for Real
Ale (Camra), the Prison Lexicon (which provides information about penal
reform), the computing department of Queen Mary and Westfield College,
Imperial College, the University of Stirling, the Internet connection
companies Demon and Zetnet, and Telephone Information Services - which
offers weather and share reports but not sex lines.
        Between them, the programs prevent access to tens of thousands of
sites on the Internet. But they effectively apply an American system of
morals - on religion, weapons, drugs, alcohol and sex - to the data which
British children might be expected to know about, or could obtain from
newspapers.
        None of the operators of any of the sites mentioned above was aware
that they were "blocked", and all were mystified by it.  "Which
self-selected Mary Whitehouse put us on their list?" asked Iain Lowe,
research manager of Camra.
        In Camra's case, the answer is a team of researchers at
Microsystems Software, based in Farmingham, Massachusetts, which has been
selling Cyber Patrol since July 1995, and now claims 80 per cent of a
fast-growing market. "Camra's site is blocked under our code for beer,
alcohol, wine and tobacco," said Dick Gorgens, the company's chief
executive. "It was added on June 10 when it was advertising a beer
festival."
        Mr Lowe responded, "We don't promote underage drinking. But pubs in
this country are allowed to apply for childrens' certificates: all the
family can go. And we have had inquiries to our site from GCSE students
doing projects on the economics of the brewing industry."
        Mr Gorgens denied that the program was imposing American morals
onto British users. However, the panel which reviews the banning of sites
includes no Britons, although it does include representatives from the
National Rifle Association and the right-wing anti-pornography Morality in
Media group.

[...]

        "A close look at the actual range of sites blocked by these
programs shows they go far beyond just restricting 'pornography'," said
Brock Meeks, an Internet journalist and consultant who, with fellow
journalist Declan McCullough, obtained a decoded list of the sites banned
by the programs earlier this month, July, and revealed their
indiscriminate breadth in an Internet mailing list, Cyberwire Dispatch.
        Steve Robinson-Grindey, who runs the Prison Lexicon site, said "It
is effectively an electronic encyclopaedia of everything concerning prisons
and penal affairs in England and Wales. It is extensively used by schools
and universities for information. Even the People's Republic of China allow
access to the site." He thought it might be banned because "obviously they
rely on search words for filtering - in which case they would discover the
words sex, AIDS, homosexual, and so on. But they failed to realise these
words were being used in serious material."

[...]

------------------------------

Date: Wed, 31 Jul 1996 18:24:14 -0700 (PDT)
From: Declan McCullagh <declan@eff.org>
Subject: File 3--ACLU warns of G-7 international net-censorship efforts

ACLU Warns of Latest Government Efforts to Regulate Cyberspace;
New Global Campaign Will Monitor National, International Threats

FOR IMMEDIATE RELEASE
Wednesday, July 31, 1996

    NEW YORK, NY--Despite a second federal court decision affirming
that censorship in cyberspace is unconstitutional, the ACLU today
warned of  persistent government attempts, in the U.S. and
internationally, to censor electronic communications and regulate
privacy technology.

    At a meeting in Paris yesterday of the major U.S. allies known
as "G-7," government leaders announced plans to strictly regulate
the Internet and other electronic communications in an effort to
combat terrorism.  The meeting came in the wake of the bombing
incident at the Atlanta Olympics and the explosion of TWA Flight
800, which is being investigated as a possible terrorist bombing.
Participants included France, Italy, Japan, Britain, Germany,
Canada, Russia and the United States.

    Although not all details were made public, proposed measures
apparently include investigations of charities and political
organizations with radical political points of view -- threatening
their rights to free speech -- and using the Internet to "monitor"
terrorist communications.  There was also agreement to adopt a U.S.
plan to prohibit non-key-escrowed encryption, which would mean that
individuals and companies would be barred from using encryption
technology to electronically lock up their most private and
sensitive information unless they make the keys available to their
government.

    In response to these and other threats to limit Internet and
electronic privacy, the Global Internet Liberty Campaign was formed
last month at a meeting of the Internet Society in Montreal.    The
group, which announced its formation today, will work in coalition
with organizations from around the world to share information and
protect free speech, privacy, equality of access and liberty on the
global Internet.  GILC members include the ACLU, the Electronic
Privacy Information Center, Human Rights Watch, the Internet
Society, Privacy International, and other civil liberties and human
rights organizations.  The ACLU is a founding member of the group.

    "GILC recognizes that there are no borders in cyberspace and
that decisions made by international bodies like the G-7 nations
affect all Internet users," said Barry Steinhardt, associate
director of the ACLU.  "The U.S. government may not accomplish
through an international end-run what the U.S. Congress and the
U.S. Courts have rejected."

    Steinhardt cited a recent ruling by a panel of federal judges
in New York declaring that censorship in cyberspace is
unconstitutional.  The decision marked another win in the ongoing
battle for free speech in cyberspace, which saw its first major
victory last month in ACLU v. Reno, when a Philadelphia court
granted a motion for preliminary injunction on "indecency"
provisions of the Communications Decency Act.   The ACLU filed its
challenge on February 8 of this year, the day the CDA was signed
into law.

    "We are delighted that the New York judges have joined their
Philadelphia colleagues in protecting the Internet from
governmental intrusion," said Steinhardt, who testified in the
Philadelphia case.  "But we remain concerned about the government's
continuing efforts to censor electronic speech, not only in the
United States but internationally."

    In the U.S., Congress is now attempting to revive a proposal
that would make it a felony to disseminate information on bomb-
making in print, radio, television or in cyberspace.   Violations
would be punishable by up to 20 years in prison, a $250,000 fine,
or both.

    "This unconstitutional bill, rightly rejected by Congress last
year, would criminalize everything from a high school chemistry
teacher explaining basic scientific principles, to a newspaper
carrying an illustration of a bomb's construction, to a U.S.
Department of Agriculture manual describing how to make fertilizer
bombs for removing tree stumps," the ACLU's Steinhardt said.

    In addition, President Clinton this week announced an
initiative to increase the powers of federal investigators,
including an expanded wiretapping authority.  While the ACLU has
commended the Clinton Administration and law enforcement
authorities for their investigation into recent tragic incidents,
it urged President Clinton and Congress in a letter sent to the
White House on Monday to "preserve the American spirit" by
safeguarding constitutional principles.  The ACLU has asked for a
meeting with the President and Congressional leaders to discuss
continuing civil liberties concerns in light of recent events.

[Note to Editors: A temporary web page for the Global Internet
Liberty Campaign has been established at
<<A HREF="http://www.aclu.org/gilc/index1.html"> http://www.aclu.org/gilc/inde
x1.html</A> >.]

                                -- 30 --

Contact: Emily Whitfield, (212) 944-9800 ext. 424

------------------------------

Date: Tue, 30 Jul 1996 10:27:04 -0400
From: Bob Palacios <bobpal@cdt.org>
Subject: File 4--DiFi/Barr: Terrorist Handbook on Net

Excerpt of interview with Sen. Feinstein and Rep. Barr on CNN, 7/28:

[Full transcript at
http://prod.lexis-nexis.com/trackers/html/11000/11032.1693817.1.html]
------------------

Sen. DIANNE FEINSTEIN: .... But I'd like to say something else, and this is
very disturbing. Right now on the Internet, you can take off of the Internet
something called the terrorist handbook, the anarchist's cookbook, both of
which have the recipe-

FRANK SESNO: What you're holding is off the Internet?

Sen. DIANNE FEINSTEIN: This is off the Internet.

FRANK SESNO: I don't know if people can see it, but it says, 'Stuff You Are
Not Supposed To Know About' right across the top there.

Sen. DIANNE FEINSTEIN: Yes. 'Whether you're planning to blow up the World
Trade Center or merely explode a few small devices on the White House Lawn,
the terrorist handbook is an invaluable guide to having a good time.' And
then it goes on and it tells you how to make a pipe bomb here with a design,
with the words 'How to make a book bomb, a light bulb bomb, bombs in baby
food, how to use nails and screws in bombs.'

FRANK SESNO: You can also get this sort of thing in bookstores. Isn't that
right?

Sen. DIANNE FEINSTEIN: That's right.

FRANK SESNO: What do you want to do with this?

Sen. DIANNE FEINSTEIN: Well, what I want to do- and this passed the Senate
again in the terrorism bill; it was taken out by the House. I have put it
back in the defense authorization bill. It passed the Senate unanimously. It
is now in conference, and from what I understand, some are going to try to
take it out. What it would do is say, 'If you know or have reason to believe
that this information will be used for criminal purposes, it is illegal to
put it on.' Let me make one other point.

FRANK SESNO: Quickly, because I want to get back to Congressman Barr.

Sen. DIANNE FEINSTEIN: There is no legal purpose for a pipe bomb, a book
bomb, a light bulb bomb.

FRANK SESNO: Congressman Barr, is it time to ban this kind of document,
documentation, from the Internet, from America's bookstores? Is this
something that the House will now support?

Rep. BOB BARR: Well, Frank, the problem is not the House. The problem is our
courts. We made efforts in the telecommunications bill earlier this year to
restrict certain information over the Internet, and the courts do not allow
it. The problem really is working out language that meets First Amendment
challenges through the courts, and that's something that we do need to work
on. But it's not as simple as simply sending something over to the House and
waiting for those of us in the House to take it out. The problem is with the
courts, really, and that's where we need to devote our attention.

Sen. DIANNE FEINSTEIN: I have worked with constitutional lawyers in the
drafting of it. We believe it will pass a court test. I would challenge the
congressman to let it have a court test. Pass the legislation. It is worth
it. It'll keep kids from blowing themselves and others up. Let's do it.

FRANK SESNO: Congressman?

Rep. BOB BARR: Well, the problem here, again- and I'm not necessarily
disagreeing with the senator. The problem, though, as you sort of alluded
to, Frank, it goes beyond simply taking something off the Internet. It
raises questions about what information can be in our libraries, in our
bookstores, in our schools and so forth.

FRANK SESNO: Well, you don't want pornography across the Internet. I know
you're opposed-

Rep. BOB BARR: Well, and we tried that also and the courts have not allowed
us to place restrictions on it yet.

[...]

-----
Bob Palacios, Online Organizer/Sysop    Center for Democracy and Technology
<bobpal@cdt.org>                            1634 Eye Street, NW  Suite 1100
                                                       Washington, DC 20006
http://www.cdt.org/                                     (v) +1 202 637 9800
http://www.cdt.org/homes/bobpal/                        (f) +1 202 637 0968

------------------------------

Date: Fri, 9 Aug 1996 18:49:13 -0400 (EDT)
From: Noah <noah@enabled.com>
Subject: File 5--Internet Domain Survey, July 1996 (fwd)

From  -Noah

---------- Forwarded message ----------
Date: Thu, 8 Aug 96 17:01:11 PDT
From: Mark Lottor <mkl@nw.com>


Internet Domain Survey            Network Wizards                July 1996

 The Domain Survey attempts to discover every host on the Internet by doing
 a complete search of the Domain Name System.  The latest results were
 gathered during late July 1996 and a summary is listed below.

 For the full report see WWW.NW.COM.
                                                               -- Mark Lottor



   Number of Hosts, Domains, and Nets Advertised in the Domain Name System

                                      Replied      Network Class
     Date  |      Hosts   Domains     ToPing*      A     B      C
     ------+-----------------------------------------------------
     Jul 96| 12,881,000   488,000   2,569,000     95  5892 128378
     Jan 96|  9,472,000   240,000   1,682,000     92  5655  87924

     Jul 95|  6,642,000   120,000   1,149,000     91  5390  56057
     Jan 95|  4,852,000    71,000     970,000     91  4979  34340

     Jul 94|  3,212,000    46,000     707,000     89  4493  20628
     Jan 94|  2,217,000    30,000     576,000     74  4043  16422

     [* estimated by pinging 1% of all hosts]


                Host Distribution by Top-Level Domain Name
         [see ftp.nw.com, zone/iso-country-codes to decode names]

    3323647 com     25109 hu       1335 lt         99 mc         18 az
    2114851 edu     24133 hk       1099 bm         94 mk         14 ky
    1232902 net     21464 ie        919 cy         92 zm         11 vi
     579492 uk      20253 mx        878 uy         89 aw         10 md
     548168 de      17573 pt        817 eg         86 hn          9 mn
     496427 jp      13601 su        609 ec         86 fo          9 bb
     432727 us      13239 cl        545 kz         85 py          8 sb
     431939 mil     12689 gr        476 mt         84 na          8 bz
     424356 ca      11282 cn        469 ae         81 ad          7 vu
     397460 au      10810 is        386 pk         79 jo          7 bj
     361065 gov      9949 si        359 lb         77 al          7 aq
     327148 org      9415 ar        351 ma         74 uz          6 qa
     277207 fi       8541 my        307 ir         71 pr          6 gh
     214704 nl       7743 tr        285 ni         66 tt          6 dj
     189786 fr       6605 ee        277 sm         64 gu          6 cf
     186312 se       6362 th        275 sa         60 ug          5 vn
     120780 no       5498 sk        236 bh         60 np          4 cu
     113776 it       5265 co        234 lk         60 gi          4 ci
     102691 ch       5262 id        207 pa         58 fj          3 va
      83349 za       4499 ua        195 jm         49 sz          3 to
      77886 nz       3117 ph        170 bn         47 mu          3 gy
      76955 dk       2932 lv        163 ag         46 sn          2 sr
      71090 at       2877 lu        159 gt         45 zw          2 ne
      62447 es       2725 ro        158 bs         44 ai          2 gn
      47973 kr       2582 cr        154 bo         43 sv          2 an
      46854 br       2480 hr        140 gl         40 tn          1 ml
      43311 be       2269 pe        140 do         40 gb          1 ck
      39611 il       2254 bg        134 li         27 dm          1 bf
      38432 pl       2176 in        133 ke         26 mz          1 ao
      38376 sg       1963 kw        129 mo         23 mg
      32219 cz       1930 int       119 ge         20 lc
      32022 ru       1679 ve        105 am         19 nc
      30645 tw       1631 yu        103 by         18 dz

------------------------------

Date: Mon, 05 Aug 1996 12:02:55 -0400
From: valgamon@megahits.com
Subject: File 6--Hackers Find Cheap Scotland Yard Phone Connection

Monday August 5 12:01 AM EDT

Hackers Find Cheap Scotland Yard Phone Connection

LONDON (Reuter) - Computer hackers broke into a security system at
Scotland Yard, London's metropolitan police headquarters, to make
international calls at police expense, police said Sunday.

A police spokesman would not confirm a report in the Times newspaper
that the calls totaled one million pounds ($1.5 million). He said
the main computer network remained secure.

"There is no question of any police information being accessed," the
spokesman said. "This was an incident which was investigated by our
fraud squad and by AT&T investigators in the U.S."

AT&T Corp investigators were involved because most of the calls were
to the United States, the Times said.

According to The Times, the hackers made use of a system called PBX
call forwarding that lets employees to make business calls from home
at their employer's expense.

                       ..................

Reuters/Variety

------------------------------

Date: Mon, 5 Aug 1996 16:35:27 +0000
From: e.tan@UCL.AC.UK(Emerson Tan)
Subject: File 7--Re: - SPECIAL ISSUE: Anti Terrorism

It would appear that the US legal system is intent on making another
catastrophic attempt to regulate the net. What they seem to have forgotten
is that due the truly borderless nature of the net, the sprit of the
mesures proposed have been defeated before the leglistaion had been
drafted.

For a long time it has been possible to obatin much material, deemed
illegal in many states (eg sinagapore), on the net. This is likely to
remain so as long as the development of the net and the driving forces and
sprit of the net reamin the same. All outlawing certain things in the
united states will achieve is too drive these materials out of the country,
not stop the materials being distributed. If the loons and terrorists still
want to procure the information  they wil;l still be able to, albeit
somewhat slowers than would be otherwise. What will happen is that
monitoring of the disemination of these materials will pass out of the
accountable cvil juristiction, and into the very secret foreign
intelligence realm (the CIA being the principal agency here). This will
deny the public at large the oppotunity to look at how this effective this
legislation was effectively giving those in power carte blanche to claim
whatever sucesses or new menaces that they feel like.

At the end of the day it has always been true that the best place to keep
an enemy is in plain sight. On the net as in the real world this remains as
true as it ever was.

------------------------------

Date: Thu, 21 Mar 1996 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

     SUBSCRIBE CU-DIGEST
Send the message to:   cu-digest-request@weber.ucsd.edu

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
Send it to  CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:  In BELGIUM: Virtual Access BBS:  +32-69-844-019 (ringdown)
         Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org
         In ITALY: ZERO! BBS: +39-11-6507540
         In LUXEMBOURG: ComNet BBS:  +352-466893

  UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)


The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #8.59
************************************