Computer underground Digest    Wed  Feb 19, 1997   Volume 9 : Issue 10
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Shadow Master: Stanton McCandlish
       Field Agent Extraordinaire:   David Smith
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #9.10 (Wed, Feb 19, 1997)

File 1--Moldova Internet Scam
File 2--Clipper is dead, as we knew all along...
File 3--Re: Cu Digest, #9.09, Sun 16 Jan 97
File 4--Re: The Guardian Angels' The Face Project
File 5--Cyberpatrol  now blocks my site
File 6--Internic DNS glitches
File 7--TIIAP Announces Availability of 1997 Funds
File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

Date: Thu, 20 Feb 1997 10:15:29 -0500 (EST)
From: Audrey Helou <audrey@angus.mystery.com>
Subject: File 1--Moldova Internet Scam

The Detroit Free Press ran an article that may be of interest to CuD
subscibers.  It appears in the February 20, 1997 edition of the Detroit
News and is entitled "Feds expose Internet ring that cost thousands in
phone bills."

According to the article, the federal government busted an Internet scam
offering "free" erotic photos that came with software that secretly took
over users' computers and ran up huge international long-distance phone
bills.

It seems that some sites, such as www.beavisbutthead.com and
www.sexygirls.com had advertizements for "all nude all free" pictures.
However, getting the pictures required down a Windows 95 software
program that once installed, took control of the modem, cut off the
local Internet service provider, and dialed a number in the former
Soviet republic of Moldova, in Eastern Europe.  The user, unaware of a
change, would continue to surf the web while racking up foreign line
toll charges of $2 to $3 a minute.  According to the article, the modem
kept the connection, even after the user had logged off, until the
computer was itself turned off.

Profits were shared between the Moldovan phone company and the scam
artists.

The scheme was discovered by AT&T Corp. through its consumer watch
bureau, which monitors clients' phone bills for irregularities.
Consumers, whom the FTC says were defrauded of perhaps $1 million, may
get some money back, since the FTC won a U.S. District Court order in
New York seizing assets of the defendants: Audiotex Connect Inc., Promo
Line Inc.,  Electronics Form Management and the people associated with
them, Anna Grella, William Gannon and David Zeng.

------------------------------

Date: 19 Feb 97 11:09:19 EST
From: "K. N. Cukier" <100736.3602@CompuServe.COM>
Subject: File 2--Clipper is dead, as we knew all along...

From --  Fight Censorship <FIGHT-CENSORSHIP@vorlon.mit.edu>

Here's an article that ran on the death of the Clipper Chip (as
if anyone really thought the idea was still afloat...). I'm
unsure of the significance of the news -- my first impression is
that we sort of knew this. On the other hand, there are a few
whacky things in the article, it seems to me. First, they say
that Clipper will now be marketed to civilians -- yeah right;
sellers and users are smarter than that, and have much better
crypto options, obviously. Secondly, the article states that key
recovery doesn't access users' keys without their knowledge --
I'm not sure what systems the writers have in mind, but it's not
any system on this planet. Indeed, key recovery systems for the
export of strong crypto (where key recovery *matters* to the
government), as they have been approved by the US Department of
Commerce, aims to do just that: allow for secretive lawful access
of keys.

-- KNC
------------

  FEBRUARY 17, 1997
  Federal Computer Week

  DOD sinks the Clipper
  BY COLLEEN O'HARA AND HEATHER HARRELD

  The Defense Department plans to remove the government key escrow
  software from its Fortezza cards used on the Defense Message System, a
  move that signals the death of the Clinton administration's
  controversial Clipper initiative and one that should encourage
  civilian use of the cryptographic cards.

  A DOD spokeswoman confirmed the decision to remove the key escrow but
  would not provide further details.

  The DOD decision, which will be formalized in a policy expected out
  shortly, is in response to the administration's decision last October
  to support key recovery technology instead of the controversial
  Clipper initiative. Each agency must decide how it will implement the
  government's policy internally. A technical advisory committee will
  develop standards for a federal key management infrastructure.

  The so-called Clipper initiative proposed a nationwide standard for
  encryption hardware that would have used a classified algorithm with
  built-in law enforcement access. It is this built-in access - which
  law enforcement agencies claimed was vital to their jobs - that will
  be removed from the cards. It most likely will be replaced by emerging
  commercial key recovery technology that does not have the same
  built-in access.

  DOD has for years pressured civilian agencies to use government escrow
  technology, but the agencies were wary of the law enforcement access.
  Stephen Walker, president and chief executive officer of Trusted
  Information Systems Inc. (TIS), said the policy will remove the last
  remnants of the Clipper and serve as an official endorsement of key
  recovery technology.

  "This is the end of Clipper,'' Walker said. "This is a very positive
  move because it puts the Defense Department in a posture of using
  commercial products instead of Defense Department products. If the
  Defense Department is moving away from key escrow, no one else is
  going to feel obligated to have key escrow either."

  Civilian Agency Appeal? Removing government key escrow from Fortezza
  cards, which are designed to provide authentication, integrity and
  confidentiality to DMS users, could prompt civilian agencies to deploy
  the cards to secure electronic mail or other communications, said
  Santish Chok-hani, CEO of Cygnacom Solutions, a security consulting
  company.

  "If you take out the key escrow from Fortezza, that would mean a
  broader set of civilian agencies and commercial folks could use the
  technology without worrying that someone is copying their keys," he
  said.

  The main difference in government key escrow - now in place in
  Fortezza cards - and key recovery technologies is the ability of law
  enforcement agencies to secretly decrypt encrypted files after
  obtaining a warrant.

  There is a private key (needed to decrypt data) embedded in each
  Fortezza card chip. When the Fortezza chip is manufactured, the
  private key is split; one half goes to the National Institute of
  Standards and Technology and the other to the Treasury Department.

  If a law enforcement agent obtains permission from a court to decrypt
  information of a Fortezza card user, he can obtain both parts of the
  private key from the two federal agencies and decrypt the data without
  the knowledge of the user.

  Key recovery is a technology that allows for the recovery of a private
  encryption key if it is lost or damaged. This private key, however, is
  kept by the user or user's organization, not by government agencies.
  Law enforcement agencies still can obtain a warrant for a user's
  private key, but they could not secretly decrypt the information
  without the user's knowledge.

  Sources said DOD's move was targeted to increase the appeal of the
  Fortezza card to users outside DOD.

  Bruce McConnell, chief of information policy at the Office of
  Management and Budget, said the move would make Fortezza cards more
  attractive, but he cited different reasons. "It does encourage people
  to use it because it moves toward the commercial approach that's being
  taken," he said.

------------------------------

Subject: File 3--Re: Cu Digest, #9.09, Sun 16 Jan 97
From: shadow@KRYPTON.RAIN.COM(Leonard Erickson)
Date: Tue, 18 Feb 1997 13:09:02 PST

Re -  File 1--Cyber Angels FACES Project
>
> ------- Excerpt Begins  -------
>
<snip>
> what our FACE UNIT is all about.  Our volunteers spend time each week
> finding child pornography posts on the Usenet, and cropping the picture so
> that just the child's face is left.  These faces - the faces of innocent
> children who are the victims of abuse crimes by adults - are then passed
> with the full header reference to our FACE UNIT Leader.
<snip>
>
> ---- Excerpt Ends ----
>
> I feel such a database would be a case of "double victimization" --
> that someone who was the victim of child pornography would not want
> pictures of their faces openly distributed. No one I've spoken to
> thinks this is a good idea.

Agreed!

> In an exchange of e-mail, Gabriel Hatcher (gabriel@cyberangels.org) politely
> disagreed,  suggesting that their project would identify children
> who are currently being abused and thus rescue/save them from
> suffering. He's heard nothing but positive feedback, and is working
> with various law enforcement officials to make sure the project is
> done properly.

They are also ignoring the fact that with any decent morphing program
you can transform a picture of an adult into an apparent "child". And
while some people are pushing laws that make this illegal, it is *not
currently illegal, *and* there is no way to determine whether a picture
is "real" or morphed.

Since some states make failure to co-operate in prosecuting even "old"
cases of child abuse a crime, the potential exists for some adult model
to be prosecuted for failure to co-operate in tracking down the
*non-existent* people who "abused" him or her.

Face it, the same software that lets us "age" photos of missing
children, and "un-age" bodies to match against old bodies *will* let
you turn photos of adults into *apparent* "child pornography".

And with a bit more effort, such photos can be produced without
involving *any* children. Given this, I say that the emphasis needs to
be changed from "child pornography" to "child abuse".

Of course, the main reason for going after "kiddie porn" in the first
place is that it is *easier* than actually catching abusers. And
entrapment is common. So I hold out little hope for any *real*
improvement.

------------------------------

Date: Tue, 18 Feb 1997 04:19:20 -0500 (EST)
From: Charles Platt <cp@panix.com>
Subject: File 4--Re: The Guardian Angels' The Face Project

On Tue, 18 Feb 1997, Cu Digest wrote:

> To help on this unit you need to have cropping ability - in other words the
> ability to take a jpg image and cut out the child's face and make a new jpg
> out of it.
>
> NB For legal reasons the FACE UNIT accepts only volunteers 18 years old and
> above.  You may like to know that this work follows guidelines given to us
> by Federal Authorities.

Indeed. Please tell me more about these so-reassuring "guidelines." I am
also interested in any legal protection that may be offered to the
volunteers who assist in this supposedly worthy cause. If I go digging
around for child porn online, with the pure intention of cropping out the
sexy parts (after I spend a few minutes looking at them of course), how am
I protected from triggering a typical sting operation? Bear in mind,
federal agents are a leading source of child pornography as they go about
their happy business of entrapmemt. Who calls off the FBI (or pays for my
legal defense) when I become known as someone looking for illegal
pictures? Possession of three pieces of child pornography is sufficient to
earn substantial jail time. Will there be a list of "do-gooder" volunteers
who are granted automatic immunity from prosecution? If so, how will
genuine pedophiles be prevented from joining this fine crusade and getting
their names added to the list so they can go trolling for kiddieporn
without fear of retribution?

And assuming a list of volunteers IS maintained somehow, how can the feds
guarantee that the list will be known and respected by all state
authorities? They have their anti-child-porn laws, too.

Lastly, if I should have a playful attitude, what's to stop me from
sending to Uncle Colin several pictures of perfectly normal, unmolested,
innocent children, which he will unwittingly add to his collection when I
assure him that I just cropped out some unspeakable sex acts? How will
Uncle Colin protect himself when the families of these innocent children
discover their little cuties in the Gallery of Abused and sue him for
very substantial damages?

Like most Guardian Angels schemes, this seems fundamentally dim-witted
and riddled with potential legal problems.

------------------------------

Date: Mon, 17 Feb 1997 20:24:57 -0800
From: Jonathan Wallace <jw@bway.net>
Subject: File 5--Cyberpatrol  now blocks my site

Source - fight-censorship@vorlon.mit.edu

I was informed tonight by a friend that Cyberpatrol now blocks my
web pages pertaining to the book, Sex, Laws and Cyberspace, which
I co-authored with Mark Mangan (Henry Holt, 1996).

I couldn't be more surprised. The pages contain serious
discussion of Internet censorship issues and ought not to be
blocked under any conceivable theory. While the duel with Solid
Oak has been an enjoyable sideshow, Microsystems, publishers of
Cyberpatrol, is supposed to be a more mainstream company. Their
product is used by Compuserve and has just been purchased by the
Boston library system.

Here is the letter I just sent them at cyberinf@microsys.com.
>
> I was just really shocked to learn that Cyberpatrol blocks
> my web pages pertaining to my book, Sex, Laws and Cyberspace,
> http://www.spectacle.org/freespch/.
>
> Published by Henry Holt, the book is a history of
> Internet censorship. It has received excellent reviews
> in the New York Times, Washington Post, Chicago Tribune
> and other publications. The Times called it "required reading"
> for anyone interested in freedom of speech.
>
> I cannot imagine anything on my web pages which would
> cause you to block them. Have we now reached the
> point where we must censor speech about censorship?
>  The pages are a serious and
> scholarly effort to cover the evolving law and ethics of
> free speech on the Net--as is the book itself.
>
> I am writing in the hope that you will immediately respond
> that this is a serious error on your part, and will
> correct it.

------------------------------

Date: Tue, 18 Feb 1997 17:57:24 -0500
From: "W. K. (Bill) Gorman" <nitehawk@NETHAWK.COM>
Subject: File 6--Internic DNS glitches

You may find this of interest if it isn't old news by now.

>----- Begin Included Message -----
>Date--Mon Feb 17 23:41:27 1997
>Subject--listowners-d--ANNOUNCEMENTS--name service problems explained
>
>For the last week or so there have been many complaints from people
>who have received an unusual amount or bounced mail. Mail that bounced
>with "unknown host" errors, particularly. I responded to a number of
>these messages explaining that it was not IC Group's fault. I said
>that it was the fault of either the providers whose namer server
>records appeared to be missing or the fault of the internic run root
>name servers.
>
>It turns out that it is the fault of the internic-run root name
>servers.
>
>When any machine on the Net wants to find any other machine on the Net
>it checks first with its cache - its short term memory - to see if it
>knows where the other machine is. If it can't find the information in
>its memory it asks the root servers. The root servers then point it at
>the servers for the particular top level domain (.com, .edu, etc). The
>server for that TLD then sends the machine to the appropriate
>authoritative name-server run by the provider.
>
>The root name-servers have been very unreliable recently. Last week, on
>Thursday and Friday, several of the root name-server broke down
>completely. They started giving out bad information. Several of them
>lost the entire .com top level domain and returns "host unknown"
>errors to any query ending in .com.
>
>The people at the internic are working to resolve the fundamental
>problems in the way the root name servers work. The problems won't be
>fixed soon. The problems last week were far worse than usual, but
>there could be problems with those servers again.
>
>A number of people on the net are advocating 'TRUE' root server
>strategies. Right now the root servers don't always send people off to
>the TLD (top level domain) server but answer a number of requests
>themselves. This contributes to their unreliability.
>
>One alternate strategy that some people like is eDNS
>(http://www.edns.net). Many people report that eDNS works very well
>and has far fewer problems than the internic run root servers. I've
>switched majordomo.pobox.com to the eDNS strategy to see how well that
>works for us. If you have problems please send mail to
>pobox@pobox.com complaining and quoting your bounce messages.
>
>Hopefully this will help. I understand your frustrations when you see
>bounce message for providers that seem to be up a few minutes
>later. The eDNS solution is temporary. Being able to use InterNIC run
>nameservers is preferable because the InterNIC can be held responsible
>- to some extent - for problems while eDNS is a completely independent
>project not recognized by the National Science Foundation. Hopefully
>the InterNIC will gets its act together and their root servers will be
>come more reliable sometime soon.

------------------------------

Date: Tue, 4 Feb 1997 09:10:55 -0600
From: Norman Stahl <Stahl@niu.edu
Subject: File 7--TIIAP Announces Availability of 1997 Funds

Date--Mon, 3 Feb 1997 07:51:50 -0500
From--Kirk_Winters@ed.gov (Kirk Winters)


     THE FOURTH ANNUAL ROUND of the Telecommunications &
     Information Infrastructure Assistance Program (TIIAP) was
     announced on January 27.  About $18.5 million in grants will
     be awarded this year under the program, which is administered
     by the Commerce Department's National Telecommunications &
     Information Administration (NTIA).  Applications must be
     received by March 27, 1997.

     The 1997 TIIAP will support projects in 5 areas:
        *  Community-Wide Networking
        *  Education & Lifelong Learning
        *  Government & Community Services
        *  Health
        *  Public Safety

     You'll find the press release & official *notice* announcing
     the program, "Guidelines for Preparing Applications,"
     information on outreach workshops, & more at the TIIAP web
     site:
           http://www.ntia.doc.gov/otiahome/tiiap/current.htm

     A few excerpts from the TIIAP web site are below.  For
     complete information, please visit the TIIAP web site or
     contact NTIA at:

       U.S. Department of Commerce
       National Telecommunications & Information Administration
       Office of Telecommunications & Information Applications
       TIIAP, Room 4092
       1401 Constitution Avenue, NW
       Washington, DC 20230

       Telephone: (202) 482-2048
       Fax: (202) 501-5136
       E-mail: tiiap@ntia.doc.gov

**************************************
A Few Excerpts from the TIIAP Web Site
**************************************

     Background on TIIAP -- TIIAP is a highly-competitive, merit-
     based grant program that was conceived as part of the
     President's National Information Infrastructure (NII)
     initiative.  It provides seed money for innovative,
     practical projects that extend the benefits of advanced
     telecommunications and information technology to rural and
     urban underserved Americans. Since its inception in 1994, it
     has awarded more than $79 million in matching grant funds to
     non-profit organizations, such as schools, libraries,
     hospitals, public safety entities, and state and local
     governments. has leveraged more than $133 million in local
     matching funds. TIIAP projects funded in previous years are
     providing innovations in education; helping create more
     responsive public institutions; enhancing economic
     development in rural and disadvantaged areas; and increasing
     access to health care.

     Eligible Organizations -- State, local, and Indian tribal
     governments, colleges and universities, and non-profit
     entities are eligible to apply. However, individuals and
     for-profit organizations are not eligible.

     Matching Funds Requirements -- Grant recipients under this
     program will be required to provide matching funds toward
     the total project cost. Applicants must document the
     capacity to supply matching funds. Matching funds may be in
     the form of cash or in-kind contributions. Grant funds under
     this program will be released in direct proportion to local
     matching funds utilized and documented as having been
     expended. NTIA will supply up to 50% of the total project
     cost, unless the applicant can document extraordinary
     circumstances warranting a grant of up to 75%. Federal funds
     (such as grants) generally may not be used as matching
     funds, except as provided by federal statute. For
     information about whether particular federal funds may be
     used as matching funds, the applicant should contact the
     federal agency that administers the funds in question.

     Outreach Workshops -- Workshops designed to assist
     applicants & potential applicants will be held on February
     14, in Alexandria, Virginia; February 19, in Nashua, New
     Hampshire; February 26, in Chicago, Illinois; March 4, in
     New Orleans, Louisiana; and March 6, in Phoenix, Arizona.

     Evaluation Criteria -- Criteria for evaluating TIIAP
     applications change from year to year.  This year's
     applications will be evaluated on criteria in this year's
     Notice (http://www.ntia.doc.gov/otiahome/tiiap/ffinal.htm).

     Last Year's Awards -- In fiscal year 1996, NTIA received 809
     applications, collectively requesting $260 million in grant
     funds. From these 809 applications, the Department of
     Commerce announced 67 TIIAP awards totaling $18.6 million in
     federal funds (for descriptions of the 67 projects, please
     see  http://www.ntia.doc.gov/otiahome/tiiap/frames.htm).
     Based on past grant rounds, the average size of each grant
     award will be approximately $300,000, although an applicant
     may request up to $750,000 in federal support.

     Project Length -- Successful applicants will have between 12
     and 36 months to complete their projects. While the
     completion time will vary depending on the complexity of the
     project, applicants should take special care to justify a
     project lasting longer than 24 months.

     Five Application Areas -- This year's TIIAP will support
     projects in five application areas: Community-Wide
     Networking; Education, Culture, and Lifelong Learning;
     Health; Public and Community Services; and Public Safety.
     Each application in a particular application area will be
     compared against other applications in that same area:

          Community-Wide Networking -- This area focuses on
          multi-purpose projects that help a broad range of
          community residents and organizations to communicate,
          share information, and participate in civic activities,
          and that promote economic development. Community-Wide
          Networking projects typically link services or provide
          information across multiple application areas. Examples
          may include, but would not be limited to: community-
          wide information and communication services available
          to residents of a local community; projects enabling a
          diverse array of organizations to share information
          infrastructure and resources; and networks or
          information services that promote community or regional
          economic development.

          Education, Culture, and Lifelong Learning -- Projects
          in this area seek to improve education and training for
          learners of all ages and provide cultural enrichment
          through the use of information infrastructure in both
          traditional and non-traditional settings. Examples may
          include, but would not be limited to: projects that
          explore creative approaches to integrating computer-
          based learning and network resources in K-12
          classrooms; projects providing children, youth, and
          adult learners with educational and training
          opportunities in community centers and other non-
          traditional settings; projects that forge stronger
          links among educators, students, parents, and others in
          the community; projects linking workplaces and job-
          training sites to educational institutions; distance
          learning networks providing continuing education for
          professionals in remote areas; projects that enrich
          communities by providing broad access to arts, science,
          and cultural resources; delivery of on-line
          informational, educational, and cultural services from
          public libraries, museums, and other cultural centers;
          and projects that support the teaching of literacy to
          adult learners.

          Health -- Projects in this area involve the use of
          information infrastructure in the delivery of health and
          mental health services, public health, home health care
          and the provision of health information to the public.
          Examples of projects may include, but would not be
          limited to: telemedicine systems that offer new
          approaches to extending medical expertise to rural or
          underserved urban areas; community health information
          networks for sharing clinical, financial, and/or
          administrative information among hospitals, clinics,
          public health departments, and other organizations; home
          health care systems that improve the care and treatment
          of patients in the home environment; and networks or
          information services aimed at disease prevention and
          health promotion.

          Public and Community Services -- Projects in this area
          aim to empower individuals and communities and to
          improve the delivery of services to people with a range
          of social service needs. This area includes social
          services such as housing, child welfare, food
          assistance, employment counseling, and others,
          typically delivered by state and local governments or
          by community-based non-profit organizations.  Examples
          of projects may include but would not be limited to:
          projects that use information technology creatively to
          promote self-sufficiency among individuals and
          families; networks that facilitate coordination and
          collaboration among public and/or community-based
          agencies; electronic information and referral services
          that provide information on a variety of community-
          based or government services; projects that make public
          agencies more accessible and responsive to community
          residents; electronic benefits transfer projects; and
          projects that employ community or geographic
          information systems to study demographic or
          environmental trends and target community
          interventions.

          Public Safety -- Projects in this area will seek to
          increase the effectiveness of law enforcement agencies,
          emergency, rescue, and fire departments, or other
          entities involved in providing safety services.
          Examples may include, but would not be limited to,
          projects that facilitate information exchange among
          public safety agencies located in a single geographic
          area to increase efficiency and share resources, or
          those that provide information in a timely manner to
          "first-response officials," such as police officers,
          emergency medical technicians, and firefighters. Other
          examples could include projects that help public safety
          agencies provide community outreach services, projects
          that develop innovative ways to share scarce spectrum
          resources, and projects that aim to increase the safety
          and security of children.

                TIIAP will support projects that promote the
                accessibility and usability of the NII for persons
                with disabilities. Such projects are expected to
                fall under one of the five application areas
                described above.

                For descriptions of the kinds of projects TIIAP
                will *not* fund, see "Scope of Proposed Project"
                http://www.ntia.doc.gov/otiahome/tiiap/ffinal.htm

           Program Funding Priorities -- NTIA has significantly
           changed the structure of the funding categories for
           TIIAP and applicants who have previously applied to
           the program should carefully note this change. For
           the 1997 fiscal year, the TIIAP review process will
           not distinguish among access, demonstration and
           planning projects. All applications will be judged
           according to a single set of evaluation criteria
           (described in the Notice) and all rules set forth in
           the Notice will apply to all applications. This
           change does not imply a change in the scope of
           projects that will be considered for support; the
           change only reflects NTIA's decision not to
           differentiate among different categories of projects.


    ========================================================
    To subscribe to (or unsubscribe from) EDInfo, address an
    email message to:  listproc@inet.ed.gov  Then write
    either SUBSCRIBE EDINFO YOURFIRSTNAME YOURLASTNAME in the
    message, or write UNSUBSCRIBE EDINFO (if you have a
    signature block, please turn it off).  Then send it!
    ========================================================

    Kirk Winters
    U.S. Department of Education
    kirk_winters@ed.gov

------------------------------

Date: Thu, 15 Dec 1996 22:51:01 CST
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

     SUBSCRIBE CU-DIGEST
Send the message to:   cu-digest-request@weber.ucsd.edu

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
Send it to  CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:  In BELGIUM: Virtual Access BBS:  +32-69-844-019 (ringdown)
         In ITALY: ZERO! BBS: +39-11-6507540
         In LUXEMBOURG: ComNet BBS:  +352-466893

  UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)


The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #9.10
************************************