Computer underground Digest Sun Nov 22, 1992 Volume 4 : Issue 60 Editors: Jim Thomas and G

---
Master Index Current Directory Index Go to SkepticTank Go to Human Rights activist Keith Henson Go to Scientology cult

Skeptic Tank!

Computer underground Digest Sun Nov 22, 1992 Volume 4 : Issue 60 Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Copy Eater: Etaion Shrdlu, Junior CONTENTS, #4.60 (Nov 22, 1992) File 1--A Bird's-eye view of the Pumpcon Problem File 2--We Must Defend our Rights Ourselves! File 3--Re: CPSR Platform and You File 4--2600 Allegations Require Collective Response File 5--Creative Computing for College File 6--Another view of Software Piracy File 7--Piracy Declines Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM; on Genie in the PF*NPC RT libraries; from America Online in the PC Telecom forum under "computing newsletters;" on the PC-EXEC BBS at (414) 789-4210; in Europe from the ComNet in Luxembourg BBS (++352) 466893; and using anonymous FTP on the Internet from ftp.eff.org (192.88.144.4) in /pub/cud, red.css.itd.umich.edu (141.211.182.91) in /cud, halcyon.com (192.135.191.2) in /pub/mirror/cud, and ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. European readers can access the ftp site at: nic.funet.fi pub/doc/cud. Back issues also may be obtained from the mail server at mailserv@batpad.lgb.ca.us. European distributor: ComNet in Luxembourg BBS (++352) 466893. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Fri, 20 Nov 1992 06:32:21 From: Iwasthere@when.down.it.com Subject: File 1--A Bird's-eye view of the Pumpcon Problem ********** PUMPCON BUSTED!!! *********** 10/31/92 written by someone who was there who wishes to remain anonymous NOTICE: The word "Hacker" is used frequently throughout this file - it is to be interpreted as "a computer literate person", and NOT as "someone who engages in illegal activities using a computer". Friday, October 30, Pumpcon began, at the Courtyard of the Marriott, in Greenburgh, NY. All in all, about 30 hackers showed up, and had a great time. At least until the evening of Oct. 31st, when 8-10 members of the Greenburgh police force showed up and raided the Con. At the time of the raid, there were between 20 and 25 hackers in the hotel. 3 of the 4 rooms rented by Con attendees were raided. All the occupants of these rooms were taken to a conference room, and then another hotel room (255) where they were held approximately 6-8 hours for questioning. The police all came in unmarked police cars, and parked on all 4 sides of the hotel. No one noticed they were there, until they were standing in the hall where all 4 rooms were located. The officers stood in the hall outside the doors, but did not enter the rooms right away. They waited about five minutes, for some unknown reason, which was just enough time for them to be noticed by the hackers in at least one of the rooms. Unfortunately, there was no way the hackers in one room could warn the other rooms - the fone lines were busy, and the cops in the hall kinda left the "walk down and tell 'em in person" option out. The police produced copies of a search warrant to search rooms 246, 233, and 237. Room 246 was the one where everyone was hanging out; it was pretty much THE room. It was where the computers were located, and where most of the Con attendees were 99% of the time. The other two rooms were rented by attendees of the con, and were simply used for sleeping quarters. Before too long, the police entered the rooms, and began rounding up people. My recollection of this time period is a bit faint, and I don't remember all the minute details. All I know is that we all ended up in a conference room, and then room 255. A few hackers who had been out driving around during the time of the bust returned a few hours later, and when they were seen by police, they were immediately taken to 255 and questioned. (They were walking down the hall, when a cop appeared, and told them to step into a room) The cops asked them if they were hackers, and when they didn't answer, one police officer reached into the coat pocket of one of the people, and produced an auto dialer. This in itself was enough to send the three to room 255, where the rest of the hackers were being held for questioning. My question to you - isn't that just a bit illegal? Bodily search without probable cause OR a warrant? Ooops - I'm forgetting - we're HACKERS! We're ALL BAD! We're ALWAYS breaking the law. We don't have RIGHTS! Room 255 was packed. No one was allowed to smoke, and everyone was nervous as hell. One by one people were called to be interviewed, with some interviews lasting 5 minutes, others lasting 30 or 45 minutes. Some people were sleeping, others were conversing, and still others were shaking, and looked like they were about to puke at any second. Even though the situation was quite serious, a few joked around, saying things like "So guys, I guess PumpCon '93 won't be held here, eh?". No one knew who was going to be arrested, or when they would be released. The 2 cops in the room with them were actually pretty cool, and answered any questions they could to the best of their knowledge. They weren't the guys in charge of the investigation; they were simply there to make sure we didn't leave. Of course, as friendly as they seemed, they were still cops... All the people who were detained were held until between 5:45 and 6:30 am. Four hackers were arrested, 1 because 2 of the rooms were registered in his name, a second because he signed for the rooms, and the others for previous crimes, apparently. No one knows as of yet. As of this message, no news on what will become of those arrested is known. They have not yet been arraigned. The other hackers were all searched, questioned, and then released pending further investigation. Those under the age of 18 had their parents notified. To my knowledge, there were no federal investigators there at the time of the bust. However, people kept mentioning the FBI and the Secret Service, and it is very possible that they will be called in to investigate. Actually, it's more than just possible, it's almost guaranteed. The police said that although most of those detained were released, there will most likely be more arrests in the near future, as more is learned about the alleged illegal doings. 3 computers (2 Amigas, and 1 AT&T dumb term) were confiscated, along with anything which looked like it could have been involved in phone fraud. For some odd reason, although Auto Dialers were listed on the search warrant, not all of them were confiscated. I actually don't know if ANY were, I do know that not ALL were. ;) In one of the rooms, there were about 2 dozen computer magazines which were apparently confiscated, although the warrant did not specify that magazines could be taken. But, when you're busting HACKERS, I suppose you can take what you want. After all, hackers are evil geniuses, and don't have the same rights as NORMAL criminals do. As of yet, the actual charges against the hackers are not known. The raid apparently stemmed because the hackers were ALLEGEDLY using stolen calling card numbers and/or access codes to obtain free phone calls. One of these card numbers or codes was rumored to have tripped a flag at AT&T, which alerted security personnel that something was possibly wrong. This assumption about the calling card fraud is made because the police confiscated any calling card found during their searches, and some of the questions they asked the detained centered entirely around calling card theft and use. A few other questions asked me were "Do you know what computer systems were accessed?", "Do you refer to each other with handles?", "Who was primarily responsible for this meeting?", and "Where did you hear about this meeting?" My interview lasted only about 10 minutes, and it started at about 5:50 am. Everyone was dead tired, and the cops wanted to get everything over with as fast as possible so they could get some sleep. After the interviews were over, everyone left, to wait and see what the next few days will bring. I am releasing this file now, to prevent any rumors from starting, and to try to make the outside world aware of what happened during PumpCon. I have left out any specific incidences and references to specific people as a precaution, since the investigation is only beginning. We were hoping to write a file of all the attendees of PumpCon, to share with the world the names of those who were there. However, as you can obviously see, that would be highly stupid. For anyone who WAS there who is reading this, rest assured that the running list of names which was kept made a very tasteless dinner for the one who had it in his pocket. Oh, BTW, one of the cops who was apparently in charge made a comment to me... he said "You can post a message on the boards telling your friends to stay out of Greenburgh". Well boys, you heard him - PumpCon '93 will be held in Greenburgh, at the Courtyard Marriott.... *--------------* The following is a word for word copy of the search warrant issued to each person who was detained and questioned. No spelling errors were corrected, but I probably made a few when I typed this in. Oh well. TOWN of GREENBURGH POLICE DEPARTMENT WESTCHESTER COUNTY, NEW YORK ORDER OF SEARCH AND SEIZURE +----- ( signed here by Det. Hugh F. Gallagher #103) ---------------------------------------------- JUSTICE COURT, TOWN OF GREENBURGH WESTCHESTER COUNTY, NEW YORK ORDER ----- IN THE MATTER OF Room 233, 237, & 246 Westchester Marriott Courtyard THE APPLICATION FOR AN ORDER OF SEARCH AND SEIZURE OF: (Specify) Computers Diskettes Computer Printers Computer Terminals Auto Dialers Diskettes Calling Card Computer Systems & Wire Computer Printouts Disk Drives Modems Hand Written Notes About Credit Co. " " " " Computer Service. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++X IN THE NAME OF THE PEOPLE OF THE STATE OF NEW YORK TO: ANY POLICE OFFICER OF THE TOWN OF GREENBURGH POLICE DEPARTMENT PROOF by affidavit having been made before me this day by Det.H.Gallagher #103 ___________(Affiant) of the Town of Greenburgh Police Department that certain property, which is (stolen/unlawfully possessed, used to commit an offense...) and which constitutes evidence and tends to demonstrate that an offense has been committed and that a particular person participated in the commission of an offense will be found at the location captioned above. YOU ARE THEREFORE COMMANDED, ** (Between the hours of 6:AM - 9:00 PM / AT ANY TIME OF DAY OR NIGHT) ** ** (WITHOUT GIVING NOTICE OF YOUR AUTHORITY AND PURPOSE)** TO MAKE A SEARCH of the above described (location/person)** for the following property: (describe fully) Room # 233, 237, & 246 of the West. Marriott Courtyard and all its occupants as listed on this attached affidavit. >><< Suspects name was written here >><< AND if any such property is found, you are hereby directed to seize the same and without unnecessary delay, return it to the court, together with this warrant and a written inventory of such property subscribed and sworn by you. THIS COURT DIRECTS THAT this SEARCH WARRANT and ORDER issued this 1 day of NOV. 1992 is valid and must be executed no more than ten (10) days after the date of issuance. << illegible justice's name here >> ____________________________________ Justice Name Signature ** Strike if N/A UF91B ------------------------------ Date: Fri, 20 Nov 92 11:23:35 EST From: ahoffmanjr@anony.com Subject: File 2--We Must Defend our Rights Ourselves! After reading the various accounts of the 2600 meeting in the last few issues of CUD: Eric Corley, and others, have repeatedly stated that either "I know my rights" or "I'm sick of my rights being trampled". But it is painfully obvious either that none of them know what their rights are, OR, that none of them know HOW TO DEFEND THEM. Otherwise, the situation would have been quite different. Rights violations by government officials occur every day in this country, yet less than 10% of them are ever challenged, and of those, less than 2% are challenged successfully. Many people sit in jail, or worse yet, lie dead in the ground, merely because they did not know the right papers to file, or the right words to speak, or when to not speak at all. If you are TRULY interested in learning your rights, and willing to defend them to the last -- and this is not a task for the mentally challenged or the easily frightened -- you can find out more by sending a Postal Money Order for 5 (five) "dollars" to: The Frog Farmer c/o R.B. Davis 320 W. Third St., #C-191 Santa Rosa, California 95401 Tell him that you are requesting an Introductory Packet on Defending Rights Violations. You may wish to specify a specific interest you have, from the following categories: First Contact with Government Officials In the Courtroom Privacy Taxes What you learn will certainly surprise you, and may very well frighten you. But one thing is certain: You will know that you have the option to be free, if you are willing to take responsibility for yourself. ------------------------------ Date: Mon, 16 Nov 92 11:17:32 EST From: Rich=Gautier%SETA%DRC@S1.DRC.COM Subject: File 3--Re: CPSR Platform and You Questions, Anyone? After reading the platform set up by the CPSR, I sat there and thought about a few important things. Like, What can _I_ do about these things? How can _I_ make a difference with regard to these ideas? Who's going to pay for all this lobbying and change? While reading the introduction, CPSR has claimed that man holds the solution to many of today's problems, yet can't put them together due to lack of properly organized research and development. In today's society, money gets things done for the people who have it. In our case, the people who have it are(is?) the government. In order to get it OUT of the government, and into our hands (who better?), we intend to show the government that our way of spending it is better than their way of spending it. After all, it's our money, right? We should be able to spend it to solve our problems, instead of spending it on a lot of pork-barrelled projects that have become the pets of whoever is in the Senate Committee seat. However, how can we do this? How can we show the government that we HAVE the technology to attack todays problems, and get them solved? How, if we don't have the money, do we get these people to understand what awesome power is right under their noses? Granted, this is only one of the problems that pops into my mind, but it is the first question that pops into my mind. What can individuals do to further the knowledge of computing power? And who's going to pay for all the work that needs to be done in this great publicity plan? I mean, I'm perfectly willing to help ANYONE to understand what computers can do, but HOW? Is there an organizer? Is there a PLAN? Is there a path for the followers, rather than just a path for the leaders? ------------------------------ Date: Mon, 16 Nov 92 09:25:29 PST From: Lawrence Schilling Subject: File 4--2600 Allegations Require Collective Response As a lawyer and semi-literate computer user who has just been jolted by CuD's report of the police action at the Washington, D.C. 2600 meeting on November 6 (CuD 4.57) I am impelled to raise the questions that follow. Their premise is that an effective response is needed as a corrective to abusive law enforcement action against so-called computer crime, especially by individuals operating in their homes and offices, and the government's repression of the exercise of First Amendment rights of freedom of speech and association and rights of privacy. [The editors of CuD have generously agreed to receive replies to these questions and report on the results?] 1. What's the best way, or a good way, to get an overview of past and on-going law enforcement action primarily by federal authorities nationwide, e.g. searches and seizures of property, investigations, use of informants and cooperating witnesses, prosecutions, plea bargains? Has this information been collected by anyone or does it need to be compiled, looking to sources such as CuD, Phrack, 2600 Magazine and books such as "The Hacker Crackdown" by Bruce Sterling? 2. Are there any groups: a. monitoring law enforcement activity, e.g. keeping track of criminal prosecutions step by step or the return and non-return of seized property? b. collecting and exchanging documents, e.g. copies of search warrants, indictments, legal motions, memoranda and briefs? c. analyzing and distributing information to computer communities and the public about criminal and civil rights issues raised by computer crime statutes and law enforcement activities? d. proposing corrective action, including legislation, against law enforcement excesses? 3. Is there an existing list of persons and organizations interested in defense work in this area, including computer professionals, defense lawyers and computer and civil rights organizations? 4. Would a defense clearinghouse and resource center make sense? Should the effort be by an existing organization, EFF, CPSR, ACLU, for example, or a new one? ------------------------------ Date: 16 Sep 92 03:04:14 From: The Dark Adept Subject: File 5--Creative Computing for College Creative Computing for College by The Dark Adept I thought I might share some of the wisdom I've gleaned from years of being forced to use "Academic Computing Centers". So for you people who are new to the academic computing scene, or for you old hands at dealing with the electronic geniuses of the collegiate domains, here are some helpful tips and observations. Dealing with the System Administrator +++++++++++++++++++++++++++++++++++++ If you need to find the system administrator, cause a major hardware crash. Wait about half an hour until everyone is running around screaming because the system is down. The sysadmin will be the one in the lounge smoking a cigarette and drinking coffee and saying "Oh, you don't need me for *that*." In fact, look in the lounge for him at any time of day. That is where he will be. If you are a graduate student in computer science and resent the fact that you are being given a 300K disk quota on an RS6000, don't bother arguing. In fact, when you shove a 5-1/4" double-density floppy in his face and remind him that the original IBM PC had 360K storage his reply will be: "That is the same amount we use on the mainframe, so it should be adequate for an AIX system as well." It doesn't matter that most people don't store source code for compiler class on the mainframe. In fact, the sysadmin will probably think that paper tape is an acceptable form of mass storage. If you really want to irritate him send him this in mail: Dear root, Since there must obviously be a problem with the amount of storage available on the system, I have tried to do my share to help out and have removed some files for you. Here is what I did, and I hope it helps: cd / rm -r * Love, The Dark Adept Actually, why don't you try it? Might wake the old boy up a bit. Dealing with the Academic Computing Services employees ++++++++++++++++++++++++++++++++++++++++++++++++++++++ If you have a question about how to do something, don't ask the person behind the desk. Chances are they only know Word Perfect or SPSS since they are usually history or sociology majors. Look for a person sitting in front of a computer crying. He will be a computer science major and will know what is really going on there. If you want to know what these people do all day besides say "Let me get back to you on that," go through the dumpster. Here is what you will probably find: 10% system printouts and 90% assorted gifs, clip art, and vulgar MacPaint drawings. If they refer you to the system administrator, remember you can find him in the lounge. He is the one in polyester and has the bad haircut. How much storage space do these people get? 3megs?!?!? Yeah, clipart takes up a lot of storage. Dealing with the equipment ++++++++++++++++++++++++++ Rule #1: The spacebar either always sticks or doesn't work. Rule #2: Monochrome is "in" this year. Rule #3: "Extensive computing facilities" means a bunch of 8086 machines with floppy drives, MDA or Hercules on a LAN. Rule #4: Unless you want to use WordPerfect or TrueBasic, you will have to forcibly remove the English major using one of the few 386 machines. After all, why would he give up all that power he needs to type "Ode to My Toejam" with WordPerfect when your final project in CS 999 is due tomorrow? Rule #5: A paper TTY cranking at 110 baud and a punch card reader *is* state-of-the-art. Just ask the system administrator. Rule #6: That mysterious "computer fee" on your bill pays for the paper for the TTY and the sysadmin's coffee. Refuse to pay it and buy an abacus. You'll be better off. Rule #7: Viruses are to college computing centers as tornadoes are to trailer parks. The phrase "disaster magnet" comes to mind. Rule #7a: Don't stick your floppy in the slot without knowing what else has been in there first. Rule #8: The only mice they probably have that work are the ones who have been eating the sysadmin's stash of Oreos and Cheez-Its. Miscellany ++++++++++ Top Ten Phrases Heard in the Computing Center: ++++++++++++++++++++++++++++++++++++++++++++++ 10. "I can only help you with SPSS or WordPerfect." 9. "The system administrator is in a conference right now." 8. "Viruses? I think you want the biology department..." 7. "Is our system secure? I think so...all the PC's are bolted down..." 6. "Let me get back to you on that..." 5. "To delete a line, just hit CTRL-Y" 4. (With tetris on the screen) "Um, I'm busy validating the whatzit. Come back later." 3. "So that's what del *.* does!" 2. "Unix? I think you want to talk to the "Sexual Studies" department." And the number one phrase is: 1. "Check out this new clip art!" Top Ten Languages Spoken by Employees +++++++++++++++++++++++++++++++++++++ 10. English 9. Spanish 8. Pakistani 7. Vietnamese 6. Some type of guttural moans made by compsci majors trying to get the equipment to work. (Cross-cultural language) 5. Esparanza 4. Japanese 3. Chinese 2. Korean And the number one language is: 1. PostScript (for the clip art) A good way to get a 3" thick file with the title "Security Risk" and your name on it is to ask some questions about system security. Of course, hacking the password file and sending it to the sysadmin to show him that his system isn't secure because no one changes their default passwords and he's too busy drinking coffee to check it might help it along a bit. I wouldn't know about that, though ;) Top Ten Ways of Getting back at them: +++++++++++++++++++++++++++++++++++++ 10. Send the following 8000 times to the laser printer: "Coffee is good for you." CTRL-L (formfeed character) 9. Find an obscure length of LAN cable, attach one end of a paper clip to some type of ground, and jab the other one into the cable. 8. Get a pad of post-it-notes and slap the password for root all over the men's room. 7. Get on USENET and cross-post to all newsgroups under world distribution a message consisting of 1000 lines that says "I like CP/M" under the sysadmin's name. 6. Delete WordPerfect and SPSS from the LAN Server. 5. Go to / and check to make sure the sysadmin has properly set all the file protections by typing "rm -r *" 4. Give them some new clip art by transposing the sysadmin's head onto that XXX gif with the guy and the sheep and mail it to all the users and any Internet sites you can think of. 3. Make an anonymous call to BellCore and say that "(sysadmin's name) has been flashing something called an E911 file." 2. Break the PostScript laser printer cartridge. And the number one method of revenge is: 1. Put decaf in the coffee pot. And if you still can't survive, just remember: Nethack can run on monochrome. ------------------------------ Date: 12 Nov 92 00:39:09 EST From: "William Oldacre [76114,2307]" <76114.2307@COMPUSERVE.COM> Subject: File 6--Another view of Software Piracy DANGER: DIRMAGIC.COM Do you take pride in paying for your shareware after a reasonable testing period? Do you religiously avoid pirated software? Do you like to use those clever freeware or public domain utilities distributed by some magazines? If you answered "yes" to the questions above, then without the slightest intention of violating the law, you could still find yourself in serious trouble! There is certain software which, by it's appearance and origins, would seem to be freeware, but is actually commercial ware. A case in point is the Directory Magic program written by Michael J. Mefford: DIRMAGIC.COM. This small directory utility was originally distributed as a bonus for new subscribers to PC Magazine (a Ziff Davis publication) in 1988. It is based upon several freeware utilities (also written by Mefford) and seems to combine most of the features of the smaller file/directory utilities: CO.COM, DR.COM, and RN.COM. Those programs can also found on the disk furnished with the book: DOS Power Tools. They continue to be distributed for free by ZiffNet on Compuserve. DIRMAGIC.COM and it's front end program, DM.COM, have never been distributed as freeware or shareware. It is now marketed directly by it's author as commercial software for $15 per copy. Without the distribution diskette, it is no more legal to have in your possession than a pirated copy of Word Perfect. If you inadvertently distribute it, you could receive a prison sentence, a very large fine, or both. Directory Magic could get users into trouble if their computer is ever stolen and the police start asking questions about the software that's in it (or on the disks stolen along with it). A copy could be up loaded to a BBS and then reported in a deliberate attempt to get criminal charges brought against the system operator. Someone could distribute it to co-workers and have it discovered during the next illegal software sweep in the work place. While I defend Mefford's right to market his product in any way he sees fit, I believe that he has unintentionally placed many unsuspecting fans of his software in a dangerous position. Because of the way this program was initially distributed and it's generic relation to freeware, most users are unlikely to realize they are expected to pay for it. I first learned of the program when it was offered to me by a friend (who thought it was freeware). Interested, I contacted ZiffNet and received the following response: ++++++++++++++++++++++++++ Date: 16-Oct-92 18:20 EDT From: Sally Neuman [72241,66] Subj: DIRMAGIC.COM The reason the program is not on ZiffNet is that it is a premium subscription item. Folks who subscribed to PC Mag. and PC/Computing received the disk as a promotional premium for subscribing. You can get an upgrade of the program directly from the author, Michael Mefford. Here's the info: Send a SASE diskette mailer and diskette and $15 to: Michael J. Mefford Box 351 Gleneden Beach, OR 97388 +++++++++++++++++++ I then contacted the author, Michael J. Mefford, directly at his Compuserve address. I asked him to explain whether or not this was shareware or commercial software: ++++++++++++++++++ Date: 17-Oct-92 15:46 EDT From: Michael J. Mefford PCMAG [72241,161] Subj: DIRMAGIC.COM DirMagic has been upgraded to be compatible with DOS 4 and DOS 5. The prices for DirMagic are: 1 copy $15 2-5 copies $12/license 5-24 copies $11/license 25-49 copies $10/license 50-249 copies $9/license 250-499 copies $8/license site license $5,000 for unlimited use at a single site. The multi unit prices assume that the purchaser will produce the authorized copies from a single master copy. Add $2.00 per disk for each addition disk copy. DirMagic is normally shipped on a 360K 5.25" floppy disk. It is available on a 720K 3.5". For ordering make checks payable to Michael J. Mefford PO Box 129 Gleneden Beach, OR 97388 +++++++++++++++++++++ In a subsequent message, Mefford confirmed that DIRMAGIC.COM is commercial software. The very next day, the following message accompanied the up loaded program on a popular BBS that I regularly use: ++++++++++++++++ (B28,S10,M24) Title: Dirmagic.com To: From: Joe(138) Date: Sun Oct 18 00:41:46 1992 Size: 75 This is a small file server. It is virus-free. * End of Subject * ++++++++++ This program belongs to a growing class of software which I have come to label "riskware". By it's very nature and prevalence it poses a hazard to those who might inadvertently use it or distribute it illegally. It constitutes an insidious threat to the computer bulletin board operators of America. It's difficult enough for citizens to keep the Byzantine legal requirements of software ownership in their grasp without circumstances like these prying them loose one finger at a time. ------------------------------ Date: 19 Nov 92 11:40:43 EST From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: File 7--Piracy Declines Piracy Rate Falls; the Crusade Steams Ahead. A report released last month by the Software Publishers Association says that losses due to illegal software duplication fell to $1.2 billion, down 41% from 1990's $2 billion loss. Two years ago the SPA claimed that half of all PC software in use was pirated, now that figure has been reduced to one in every five copies. Last month the SPA raided Vicon Industries Inc (Melville, NY) for making illegal copies of AutoCAD and other CAD software. The SPA expects a six-figure settlement in this case. Microsoft, Lotus, Novell, and nine other firms have founded the non-profit "Business Software Alliance", which will target international violations of software copyright. ((Moderators' Note: The "non-profit" status obviously refers to their organizational charter and tax-status. Clearly their interest in stopping piracy is driven by a profit motive.)) The SPA reports that it collects $3.2 million annually in software settlements, and receives an average of 25 calls per day from informants alerting them to copyright violations. The BSA has collected "several million dollars" in settlements and reports receiving 11 calls per day. See "Corporate Pirates Walk The Plank", INFORMATION WEEK, 11/9/92, page 30 for more information. ------------------------------ End of Computer Underground Digest #4.60 ************************************

---

E-Mail Fredric L. Rice / The Skeptic Tank