Computer underground Digest Wed Feb 19, 1997 Volume 9 : Issue 10 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #9.10 (Wed, Feb 19, 1997) File 1--Moldova Internet Scam File 2--Clipper is dead, as we knew all along... File 3--Re: Cu Digest, #9.09, Sun 16 Jan 97 File 4--Re: The Guardian Angels' The Face Project File 5--Cyberpatrol now blocks my site File 6--Internic DNS glitches File 7--TIIAP Announces Availability of 1997 Funds File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. Date: Thu, 20 Feb 1997 10:15:29 -0500 (EST) From: Audrey Helou <audrey@angus.mystery.com> Subject: File 1--Moldova Internet Scam The Detroit Free Press ran an article that may be of interest to CuD subscibers. It appears in the February 20, 1997 edition of the Detroit News and is entitled "Feds expose Internet ring that cost thousands in phone bills." According to the article, the federal government busted an Internet scam offering "free" erotic photos that came with software that secretly took over users' computers and ran up huge international long-distance phone bills. It seems that some sites, such as www.beavisbutthead.com and www.sexygirls.com had advertizements for "all nude all free" pictures. However, getting the pictures required down a Windows 95 software program that once installed, took control of the modem, cut off the local Internet service provider, and dialed a number in the former Soviet republic of Moldova, in Eastern Europe. The user, unaware of a change, would continue to surf the web while racking up foreign line toll charges of $2 to $3 a minute. According to the article, the modem kept the connection, even after the user had logged off, until the computer was itself turned off. Profits were shared between the Moldovan phone company and the scam artists. The scheme was discovered by AT&T Corp. through its consumer watch bureau, which monitors clients' phone bills for irregularities. Consumers, whom the FTC says were defrauded of perhaps $1 million, may get some money back, since the FTC won a U.S. District Court order in New York seizing assets of the defendants: Audiotex Connect Inc., Promo Line Inc., Electronics Form Management and the people associated with them, Anna Grella, William Gannon and David Zeng. ------------------------------ Date: 19 Feb 97 11:09:19 EST From: "K. N. Cukier" <100736.3602@CompuServe.COM> Subject: File 2--Clipper is dead, as we knew all along... From -- Fight Censorship <FIGHT-CENSORSHIP@vorlon.mit.edu> Here's an article that ran on the death of the Clipper Chip (as if anyone really thought the idea was still afloat...). I'm unsure of the significance of the news -- my first impression is that we sort of knew this. On the other hand, there are a few whacky things in the article, it seems to me. First, they say that Clipper will now be marketed to civilians -- yeah right; sellers and users are smarter than that, and have much better crypto options, obviously. Secondly, the article states that key recovery doesn't access users' keys without their knowledge -- I'm not sure what systems the writers have in mind, but it's not any system on this planet. Indeed, key recovery systems for the export of strong crypto (where key recovery *matters* to the government), as they have been approved by the US Department of Commerce, aims to do just that: allow for secretive lawful access of keys. -- KNC ------------ FEBRUARY 17, 1997 Federal Computer Week DOD sinks the Clipper BY COLLEEN O'HARA AND HEATHER HARRELD The Defense Department plans to remove the government key escrow software from its Fortezza cards used on the Defense Message System, a move that signals the death of the Clinton administration's controversial Clipper initiative and one that should encourage civilian use of the cryptographic cards. A DOD spokeswoman confirmed the decision to remove the key escrow but would not provide further details. The DOD decision, which will be formalized in a policy expected out shortly, is in response to the administration's decision last October to support key recovery technology instead of the controversial Clipper initiative. Each agency must decide how it will implement the government's policy internally. A technical advisory committee will develop standards for a federal key management infrastructure. The so-called Clipper initiative proposed a nationwide standard for encryption hardware that would have used a classified algorithm with built-in law enforcement access. It is this built-in access - which law enforcement agencies claimed was vital to their jobs - that will be removed from the cards. It most likely will be replaced by emerging commercial key recovery technology that does not have the same built-in access. DOD has for years pressured civilian agencies to use government escrow technology, but the agencies were wary of the law enforcement access. Stephen Walker, president and chief executive officer of Trusted Information Systems Inc. (TIS), said the policy will remove the last remnants of the Clipper and serve as an official endorsement of key recovery technology. "This is the end of Clipper,'' Walker said. "This is a very positive move because it puts the Defense Department in a posture of using commercial products instead of Defense Department products. If the Defense Department is moving away from key escrow, no one else is going to feel obligated to have key escrow either." Civilian Agency Appeal? Removing government key escrow from Fortezza cards, which are designed to provide authentication, integrity and confidentiality to DMS users, could prompt civilian agencies to deploy the cards to secure electronic mail or other communications, said Santish Chok-hani, CEO of Cygnacom Solutions, a security consulting company. "If you take out the key escrow from Fortezza, that would mean a broader set of civilian agencies and commercial folks could use the technology without worrying that someone is copying their keys," he said. The main difference in government key escrow - now in place in Fortezza cards - and key recovery technologies is the ability of law enforcement agencies to secretly decrypt encrypted files after obtaining a warrant. There is a private key (needed to decrypt data) embedded in each Fortezza card chip. When the Fortezza chip is manufactured, the private key is split; one half goes to the National Institute of Standards and Technology and the other to the Treasury Department. If a law enforcement agent obtains permission from a court to decrypt information of a Fortezza card user, he can obtain both parts of the private key from the two federal agencies and decrypt the data without the knowledge of the user. Key recovery is a technology that allows for the recovery of a private encryption key if it is lost or damaged. This private key, however, is kept by the user or user's organization, not by government agencies. Law enforcement agencies still can obtain a warrant for a user's private key, but they could not secretly decrypt the information without the user's knowledge. Sources said DOD's move was targeted to increase the appeal of the Fortezza card to users outside DOD. Bruce McConnell, chief of information policy at the Office of Management and Budget, said the move would make Fortezza cards more attractive, but he cited different reasons. "It does encourage people to use it because it moves toward the commercial approach that's being taken," he said. ------------------------------ Subject: File 3--Re: Cu Digest, #9.09, Sun 16 Jan 97 From: shadow@KRYPTON.RAIN.COM(Leonard Erickson) Date: Tue, 18 Feb 1997 13:09:02 PST Re - File 1--Cyber Angels FACES Project > > ------- Excerpt Begins ------- > <snip> > what our FACE UNIT is all about. Our volunteers spend time each week > finding child pornography posts on the Usenet, and cropping the picture so > that just the child's face is left. These faces - the faces of innocent > children who are the victims of abuse crimes by adults - are then passed > with the full header reference to our FACE UNIT Leader. <snip> > > ---- Excerpt Ends ---- > > I feel such a database would be a case of "double victimization" -- > that someone who was the victim of child pornography would not want > pictures of their faces openly distributed. No one I've spoken to > thinks this is a good idea. Agreed! > In an exchange of e-mail, Gabriel Hatcher (gabriel@cyberangels.org) politely > disagreed, suggesting that their project would identify children > who are currently being abused and thus rescue/save them from > suffering. He's heard nothing but positive feedback, and is working > with various law enforcement officials to make sure the project is > done properly. They are also ignoring the fact that with any decent morphing program you can transform a picture of an adult into an apparent "child". And while some people are pushing laws that make this illegal, it is *not currently illegal, *and* there is no way to determine whether a picture is "real" or morphed. Since some states make failure to co-operate in prosecuting even "old" cases of child abuse a crime, the potential exists for some adult model to be prosecuted for failure to co-operate in tracking down the *non-existent* people who "abused" him or her. Face it, the same software that lets us "age" photos of missing children, and "un-age" bodies to match against old bodies *will* let you turn photos of adults into *apparent* "child pornography". And with a bit more effort, such photos can be produced without involving *any* children. Given this, I say that the emphasis needs to be changed from "child pornography" to "child abuse". Of course, the main reason for going after "kiddie porn" in the first place is that it is *easier* than actually catching abusers. And entrapment is common. So I hold out little hope for any *real* improvement. ------------------------------ Date: Tue, 18 Feb 1997 04:19:20 -0500 (EST) From: Charles Platt <cp@panix.com> Subject: File 4--Re: The Guardian Angels' The Face Project On Tue, 18 Feb 1997, Cu Digest wrote: > To help on this unit you need to have cropping ability - in other words the > ability to take a jpg image and cut out the child's face and make a new jpg > out of it. > > NB For legal reasons the FACE UNIT accepts only volunteers 18 years old and > above. You may like to know that this work follows guidelines given to us > by Federal Authorities. Indeed. Please tell me more about these so-reassuring "guidelines." I am also interested in any legal protection that may be offered to the volunteers who assist in this supposedly worthy cause. If I go digging around for child porn online, with the pure intention of cropping out the sexy parts (after I spend a few minutes looking at them of course), how am I protected from triggering a typical sting operation? Bear in mind, federal agents are a leading source of child pornography as they go about their happy business of entrapmemt. Who calls off the FBI (or pays for my legal defense) when I become known as someone looking for illegal pictures? Possession of three pieces of child pornography is sufficient to earn substantial jail time. Will there be a list of "do-gooder" volunteers who are granted automatic immunity from prosecution? If so, how will genuine pedophiles be prevented from joining this fine crusade and getting their names added to the list so they can go trolling for kiddieporn without fear of retribution? And assuming a list of volunteers IS maintained somehow, how can the feds guarantee that the list will be known and respected by all state authorities? They have their anti-child-porn laws, too. Lastly, if I should have a playful attitude, what's to stop me from sending to Uncle Colin several pictures of perfectly normal, unmolested, innocent children, which he will unwittingly add to his collection when I assure him that I just cropped out some unspeakable sex acts? How will Uncle Colin protect himself when the families of these innocent children discover their little cuties in the Gallery of Abused and sue him for very substantial damages? Like most Guardian Angels schemes, this seems fundamentally dim-witted and riddled with potential legal problems. ------------------------------ Date: Mon, 17 Feb 1997 20:24:57 -0800 From: Jonathan Wallace <jw@bway.net> Subject: File 5--Cyberpatrol now blocks my site Source - fight-censorship@vorlon.mit.edu I was informed tonight by a friend that Cyberpatrol now blocks my web pages pertaining to the book, Sex, Laws and Cyberspace, which I co-authored with Mark Mangan (Henry Holt, 1996). I couldn't be more surprised. The pages contain serious discussion of Internet censorship issues and ought not to be blocked under any conceivable theory. While the duel with Solid Oak has been an enjoyable sideshow, Microsystems, publishers of Cyberpatrol, is supposed to be a more mainstream company. Their product is used by Compuserve and has just been purchased by the Boston library system. Here is the letter I just sent them at cyberinf@microsys.com. > > I was just really shocked to learn that Cyberpatrol blocks > my web pages pertaining to my book, Sex, Laws and Cyberspace, > http://www.spectacle.org/freespch/. > > Published by Henry Holt, the book is a history of > Internet censorship. It has received excellent reviews > in the New York Times, Washington Post, Chicago Tribune > and other publications. The Times called it "required reading" > for anyone interested in freedom of speech. > > I cannot imagine anything on my web pages which would > cause you to block them. Have we now reached the > point where we must censor speech about censorship? > The pages are a serious and > scholarly effort to cover the evolving law and ethics of > free speech on the Net--as is the book itself. > > I am writing in the hope that you will immediately respond > that this is a serious error on your part, and will > correct it. ------------------------------ Date: Tue, 18 Feb 1997 17:57:24 -0500 From: "W. K. (Bill) Gorman" <nitehawk@NETHAWK.COM> Subject: File 6--Internic DNS glitches You may find this of interest if it isn't old news by now. >----- Begin Included Message ----- >Date--Mon Feb 17 23:41:27 1997 >Subject--listowners-d--ANNOUNCEMENTS--name service problems explained > >For the last week or so there have been many complaints from people >who have received an unusual amount or bounced mail. Mail that bounced >with "unknown host" errors, particularly. I responded to a number of >these messages explaining that it was not IC Group's fault. I said >that it was the fault of either the providers whose namer server >records appeared to be missing or the fault of the internic run root >name servers. > >It turns out that it is the fault of the internic-run root name >servers. > >When any machine on the Net wants to find any other machine on the Net >it checks first with its cache - its short term memory - to see if it >knows where the other machine is. If it can't find the information in >its memory it asks the root servers. The root servers then point it at >the servers for the particular top level domain (.com, .edu, etc). The >server for that TLD then sends the machine to the appropriate >authoritative name-server run by the provider. > >The root name-servers have been very unreliable recently. Last week, on >Thursday and Friday, several of the root name-server broke down >completely. They started giving out bad information. Several of them >lost the entire .com top level domain and returns "host unknown" >errors to any query ending in .com. > >The people at the internic are working to resolve the fundamental >problems in the way the root name servers work. The problems won't be >fixed soon. The problems last week were far worse than usual, but >there could be problems with those servers again. > >A number of people on the net are advocating 'TRUE' root server >strategies. Right now the root servers don't always send people off to >the TLD (top level domain) server but answer a number of requests >themselves. This contributes to their unreliability. > >One alternate strategy that some people like is eDNS >(http://www.edns.net). Many people report that eDNS works very well >and has far fewer problems than the internic run root servers. I've >switched majordomo.pobox.com to the eDNS strategy to see how well that >works for us. If you have problems please send mail to >pobox@pobox.com complaining and quoting your bounce messages. > >Hopefully this will help. I understand your frustrations when you see >bounce message for providers that seem to be up a few minutes >later. The eDNS solution is temporary. Being able to use InterNIC run >nameservers is preferable because the InterNIC can be held responsible >- to some extent - for problems while eDNS is a completely independent >project not recognized by the National Science Foundation. Hopefully >the InterNIC will gets its act together and their root servers will be >come more reliable sometime soon. ------------------------------ Date: Tue, 4 Feb 1997 09:10:55 -0600 From: Norman Stahl <Stahl@niu.edu Subject: File 7--TIIAP Announces Availability of 1997 Funds Date--Mon, 3 Feb 1997 07:51:50 -0500 From--Kirk_Winters@ed.gov (Kirk Winters) THE FOURTH ANNUAL ROUND of the Telecommunications & Information Infrastructure Assistance Program (TIIAP) was announced on January 27. About $18.5 million in grants will be awarded this year under the program, which is administered by the Commerce Department's National Telecommunications & Information Administration (NTIA). Applications must be received by March 27, 1997. The 1997 TIIAP will support projects in 5 areas: * Community-Wide Networking * Education & Lifelong Learning * Government & Community Services * Health * Public Safety You'll find the press release & official *notice* announcing the program, "Guidelines for Preparing Applications," information on outreach workshops, & more at the TIIAP web site: http://www.ntia.doc.gov/otiahome/tiiap/current.htm A few excerpts from the TIIAP web site are below. For complete information, please visit the TIIAP web site or contact NTIA at: U.S. Department of Commerce National Telecommunications & Information Administration Office of Telecommunications & Information Applications TIIAP, Room 4092 1401 Constitution Avenue, NW Washington, DC 20230 Telephone: (202) 482-2048 Fax: (202) 501-5136 E-mail: tiiap@ntia.doc.gov ************************************** A Few Excerpts from the TIIAP Web Site ************************************** Background on TIIAP -- TIIAP is a highly-competitive, merit- based grant program that was conceived as part of the President's National Information Infrastructure (NII) initiative. It provides seed money for innovative, practical projects that extend the benefits of advanced telecommunications and information technology to rural and urban underserved Americans. Since its inception in 1994, it has awarded more than $79 million in matching grant funds to non-profit organizations, such as schools, libraries, hospitals, public safety entities, and state and local governments. has leveraged more than $133 million in local matching funds. TIIAP projects funded in previous years are providing innovations in education; helping create more responsive public institutions; enhancing economic development in rural and disadvantaged areas; and increasing access to health care. Eligible Organizations -- State, local, and Indian tribal governments, colleges and universities, and non-profit entities are eligible to apply. However, individuals and for-profit organizations are not eligible. Matching Funds Requirements -- Grant recipients under this program will be required to provide matching funds toward the total project cost. Applicants must document the capacity to supply matching funds. Matching funds may be in the form of cash or in-kind contributions. Grant funds under this program will be released in direct proportion to local matching funds utilized and documented as having been expended. NTIA will supply up to 50% of the total project cost, unless the applicant can document extraordinary circumstances warranting a grant of up to 75%. Federal funds (such as grants) generally may not be used as matching funds, except as provided by federal statute. For information about whether particular federal funds may be used as matching funds, the applicant should contact the federal agency that administers the funds in question. Outreach Workshops -- Workshops designed to assist applicants & potential applicants will be held on February 14, in Alexandria, Virginia; February 19, in Nashua, New Hampshire; February 26, in Chicago, Illinois; March 4, in New Orleans, Louisiana; and March 6, in Phoenix, Arizona. Evaluation Criteria -- Criteria for evaluating TIIAP applications change from year to year. This year's applications will be evaluated on criteria in this year's Notice (http://www.ntia.doc.gov/otiahome/tiiap/ffinal.htm). Last Year's Awards -- In fiscal year 1996, NTIA received 809 applications, collectively requesting $260 million in grant funds. From these 809 applications, the Department of Commerce announced 67 TIIAP awards totaling $18.6 million in federal funds (for descriptions of the 67 projects, please see http://www.ntia.doc.gov/otiahome/tiiap/frames.htm). Based on past grant rounds, the average size of each grant award will be approximately $300,000, although an applicant may request up to $750,000 in federal support. Project Length -- Successful applicants will have between 12 and 36 months to complete their projects. While the completion time will vary depending on the complexity of the project, applicants should take special care to justify a project lasting longer than 24 months. Five Application Areas -- This year's TIIAP will support projects in five application areas: Community-Wide Networking; Education, Culture, and Lifelong Learning; Health; Public and Community Services; and Public Safety. Each application in a particular application area will be compared against other applications in that same area: Community-Wide Networking -- This area focuses on multi-purpose projects that help a broad range of community residents and organizations to communicate, share information, and participate in civic activities, and that promote economic development. Community-Wide Networking projects typically link services or provide information across multiple application areas. Examples may include, but would not be limited to: community- wide information and communication services available to residents of a local community; projects enabling a diverse array of organizations to share information infrastructure and resources; and networks or information services that promote community or regional economic development. Education, Culture, and Lifelong Learning -- Projects in this area seek to improve education and training for learners of all ages and provide cultural enrichment through the use of information infrastructure in both traditional and non-traditional settings. Examples may include, but would not be limited to: projects that explore creative approaches to integrating computer- based learning and network resources in K-12 classrooms; projects providing children, youth, and adult learners with educational and training opportunities in community centers and other non- traditional settings; projects that forge stronger links among educators, students, parents, and others in the community; projects linking workplaces and job- training sites to educational institutions; distance learning networks providing continuing education for professionals in remote areas; projects that enrich communities by providing broad access to arts, science, and cultural resources; delivery of on-line informational, educational, and cultural services from public libraries, museums, and other cultural centers; and projects that support the teaching of literacy to adult learners. Health -- Projects in this area involve the use of information infrastructure in the delivery of health and mental health services, public health, home health care and the provision of health information to the public. Examples of projects may include, but would not be limited to: telemedicine systems that offer new approaches to extending medical expertise to rural or underserved urban areas; community health information networks for sharing clinical, financial, and/or administrative information among hospitals, clinics, public health departments, and other organizations; home health care systems that improve the care and treatment of patients in the home environment; and networks or information services aimed at disease prevention and health promotion. Public and Community Services -- Projects in this area aim to empower individuals and communities and to improve the delivery of services to people with a range of social service needs. This area includes social services such as housing, child welfare, food assistance, employment counseling, and others, typically delivered by state and local governments or by community-based non-profit organizations. Examples of projects may include but would not be limited to: projects that use information technology creatively to promote self-sufficiency among individuals and families; networks that facilitate coordination and collaboration among public and/or community-based agencies; electronic information and referral services that provide information on a variety of community- based or government services; projects that make public agencies more accessible and responsive to community residents; electronic benefits transfer projects; and projects that employ community or geographic information systems to study demographic or environmental trends and target community interventions. Public Safety -- Projects in this area will seek to increase the effectiveness of law enforcement agencies, emergency, rescue, and fire departments, or other entities involved in providing safety services. Examples may include, but would not be limited to, projects that facilitate information exchange among public safety agencies located in a single geographic area to increase efficiency and share resources, or those that provide information in a timely manner to "first-response officials," such as police officers, emergency medical technicians, and firefighters. Other examples could include projects that help public safety agencies provide community outreach services, projects that develop innovative ways to share scarce spectrum resources, and projects that aim to increase the safety and security of children. TIIAP will support projects that promote the accessibility and usability of the NII for persons with disabilities. Such projects are expected to fall under one of the five application areas described above. For descriptions of the kinds of projects TIIAP will *not* fund, see "Scope of Proposed Project" http://www.ntia.doc.gov/otiahome/tiiap/ffinal.htm Program Funding Priorities -- NTIA has significantly changed the structure of the funding categories for TIIAP and applicants who have previously applied to the program should carefully note this change. For the 1997 fiscal year, the TIIAP review process will not distinguish among access, demonstration and planning projects. All applications will be judged according to a single set of evaluation criteria (described in the Notice) and all rules set forth in the Notice will apply to all applications. This change does not imply a change in the scope of projects that will be considered for support; the change only reflects NTIA's decision not to differentiate among different categories of projects. ======================================================== To subscribe to (or unsubscribe from) EDInfo, address an email message to: listproc@inet.ed.gov Then write either SUBSCRIBE EDINFO YOURFIRSTNAME YOURLASTNAME in the message, or write UNSUBSCRIBE EDINFO (if you have a signature block, please turn it off). Then send it! ======================================================== Kirk Winters U.S. Department of Education kirk_winters@ed.gov ------------------------------ Date: Thu, 15 Dec 1996 22:51:01 CST From: CuD Moderators <cudigest@sun.soci.niu.edu> Subject: File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #9.10 ************************************