Computer underground Digest Thu Jan 28, 1993 Volume 5 : Issue 08 ISSN 1004-042X Editors: J
Computer underground Digest Thu Jan 28, 1993 Volume 5 : Issue 08
Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
Archivist: Brendan Kehoe
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Copy Editor: Etaion Shrdlu, Junoir
CONTENTS, #5.08 (Jan 28, 1993)
File 1--Response to "Resistance at Shopping Mall" (CuD 5.07)
File 2--Offworld BBS Raided (StLPD
File 3--Colonel Guilty of Sending Computer Porn
File 4--ISPTS Organizing Information
File 5--New case for EFF, ACLU, and CPSR
File 6--Public Service for Cornell Hackers
File 7--CFP Special Issue on Security [Change in Due Date]
File 8--Talking with the Underground
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost from firstname.lastname@example.org. The editors may be
contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at:
Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL0 and DL12 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;" on the PC-EXEC BBS
at (414) 789-4210; in Europe from the ComNet in Luxembourg BBS (++352)
466893; and using anonymous FTP on the Internet from ftp.eff.org
(22.214.171.124) in /pub/cud, red.css.itd.umich.edu (126.96.36.199) in
/cud, halcyon.com (188.8.131.52) in /pub/mirror/cud, and
ftp.ee.mu.oz.au (184.108.40.206) in /pub/text/CuD.
European readers can access the ftp site at: nic.funet.fi pub/doc/cud.
Back issues also may be obtained from the mail server at
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Some authors do copyright their material, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
Date: Wed, 27 Jan 93 16:59:26 EST
Subject: File 1--Response to "Resistance at Shopping Mall" (CuD 5.07)
Overall, this was a well-written and accurate article. As Ron stated,
his article gives suggestions on how to deal with private individuals;
my stance will be on how to deal with gov't agents. I promise to keep
the quoting to a minimum.
>You may be able to fight city hall and win, but fighting with people
>in uniforms (even on a verbal level) is almost always a disaster.
This is 100% true. Gov't cannot break the law, by definition, for in
Brookfield Co. v Stuart, 234 F. Supp. 94, it was recognized that
"an...officer who acts in violation of the Constitution ceases to
represent the government." However, individual representatives of
gov't can and do break the laws pertaining to them, which is nothing
less than treason, being a violation of their oath of office.
Remember, though, as Mr. Carolina has stated, that this applies to
gov't, and not to anyone else. If at all possible, you should always
avoid confrontations with officers low on the totem pole.
>...guards, cops, and other "uniforms" get really nervous around
>organized groups. The more inexperienced the uniform, the more
>nervous they get. Second, when a uniformed person starts a
>confrontation with anyone, he or she is trained to assert control
>over the situation as quickly as possible. Any perceived challenge
>to his authority, including "mouthing off", will produce a harmonic
>disturbance at least double in intensity to the perceived
That's why we have the three rules for dealing with gov't officials:
Don't say anything, be quiet, and SHUT UP! There's plenty of time to
talk later in court, where it counts.
>Money awarded by a court is a poor substitute for missing teeth.
Perhaps, but it may be the only substitute possible in some cases.
Ideally, we would never be assaulted by gov't. But when we are, it is
our right and duty to extract compensation for damages.
>Third, recognize that a mall IS private property and the mall
>operators can throw you out for little or no reason.
To be totally accurate, they can throw you out for NO REASON AT ALL.
It may sound cruel and unfair, but without the concept of private
property, we'd still be scratching in the dirt just worrying about
bare survival. If you really want to have a secure meeting, order
takeout and meet at someone's house -- which is also private property,
and cannot be lawfully entered without a valid 4th Amendment warrant.
Now when a gov't agent violates your rights, he loses his immunity
from prosecution -- IF IT'S HANDLED CORRECTLY. Of course, you have to
know what those rights are, or you'll never know if they're being
When a gov't agent is stepping outside the bounds wherein he would be
protected by "sovereign immunity", and he is violating your right, you
ARE REQUIRED to tell him, to give him "constructive notice" of his
violation of law, just as he would inform YOU of some of your rights
if he were to arrest YOU. If you don't do that, the courts will not
entertain your lawsuit for damages later. You have to tell him what
rights he is violating, what laws he is breaking, what the penalties
are that he is risking, and what action is open to him so that he
doesn't break the law. If on giving him notice, he corrects his
error, then there is no need to take him to court over any damages.
We all are required to behave so as to minimize damages to ANYONE,
>Fourth, mall cops are not gov't agents, and as such, their
>conduct is (mostly) not governed by the Constitution.
Their conduct is not governed AT ALL by the Constitution, since it only
applies to the gov't and its agents.
>If you are confronted by a group of threatening looking mall cops and
>they hassle you, ask if you are being ejected from the mall.
When dealing with gov't agents, NEVER ask, "Am I under arrest?".
Rather, ask, "Am I free to go?".
>If the mall cop tries to detain you, ask if you are under arrest.
See above. This is a preferable strategy no matter who you are dealing
>If you are physically blocked from leaving (no scuffles please), OR if
>they have the guts to claim that you are under arrest, then YOU ask for
>the police on the grounds that you wish to file a criminal complaint
>for wrongful imprisonment. The strategy here is to escalate by
>demanding the presence of lawful authority.
Again, this is the preferable method of handling gov't officials as
well. The lower an officer is in the hierarchy, the more likely he is
to violate the laws which restrain him from rights violations, usually
because he is more likely to be ignorant of them. It's always a good
idea to politely request that he call for a superior officer, and not
bother trying to explain yourself until the superior arrives.
>if the real cops actually do show up, you are once again fully
>protected by the Constitution. For this reason, real cops tend to be
>a little more cautious in these encounters and can often defuse
>problems like this.
Even "real cops" are usually ignorant of the laws which govern their
conduct. You may be "protected by the Constitution", but that won't do
you any good if you're not willing to fight to the last to defend those
rights. You are the only one who can protect your rights, in the end.
See my comments below regarding lawyers.
>If the mall cops look like they might get physical, tell them that
>anything silly on their part will draw a complaint of criminal assault,
>and will force your father, the lawyer, to sue everyone in sight.
The minute you rely on a lawyer, you've pissed away your rights. You
lose your powers as a sovereign over government. You can't claim all
rights at all times. For example, a lawyer cannot claim your right to
"The right of a person under the 5th Amendment to refuse to incriminate
himself is purely a personal privilege of the witness. It was never
intended to permit him to plead the fact that some third person might
be incriminated by his tesimony, even though he were the agent of
such person." Hale v. Henkel, 201 U.S. 43.
Not only that, but if you allow anyone to "represent you", instead of
being "the belligerent claimant in person" (Hale v Henkel, i.s.c.), you
become a "ward of the court". Why? Because obviously, if someone else
has to defend your rights for you, you must be incompetent! Clients are
called "wards" of the court in regard to their relationship with their
attorneys. See a copy of "Regarding Lawyer Discipline & Other Rules",
as well as Canons 1 through 9.
Also, see Corpus Juris Secundum (CJS), Volume 7, Section 4, Attorney
& client: "The attorney's first duty is to the courts and the public,
NOT TO THE CLIENT, and wherever the duties to his client conflict with
those he owes as an officer of the court in the administration of
justice, THE FORMER MUST YIELD TO THE LATTER." (emphasis mine) I trust
this needs no further explanation.
Corpus Juris Secundum assumes courts will operate in a lawful manner. If
you make this assumption, you may learn, to your detriment, through
experience, that certain questions of law, including the question of
personal jurisdiction, may never be raised and addressed, especially if
you are represented by the bar. (Sometimes "licensed counsel" appears to
take on the characteristics of a fox guarding the hen house. Send me
e-mail if you would like more info regarding "licenses to practice
Lawyers will NEVER do the necessary things before arraignment to get a
case dismissed. They will guarantee that you are locked into a criminal
proceeding from the start by entering a "not-guilty" plea for you, and
will give the government all the time it needs to win the case by
waiving the speedy-trial time limits. With a lawyer as a friend, you
don't need any enemies!
>first make it clear that you protest the action, and then let them
>take it from you. The trick here is to make sure that you have not
>"consented" to the search -- however, you must give in to a claim of
>authority from a police officer.
An officer has no authority until he proves it. If you let this strange
person do whatever they want without having determined their lawful
authority and their true identity, you have "consented", no matter how
much you may verbally protest.
>(And no, you do not get to argue the Fourth Amendment search and
>seizure issue right there on the spot. Your lawyer will do that later
>at your criminal trial...
No lawyers, unless you want to lose.
>A really smart cop might say to the guard, "I will not make the search,
>but I won't stop you if you search." Stand your ground at this point.
>Tell the real cop that you REFUSE to allow the search unless the real
>cop orders the search to take place.
Excellent suggestion, but be sure to take the above precautions
regarding true identity and lawful authority before you think about
>The only words you should utter after being arrested are "I want to
>speak with a lawyer."
Change this to, "I demand counsel of my choice." The 6th Amendment
is your authority. If the court tries to force you to use a "licensed
lawyer" or a "public defender", it is not counsel of your choice.
>ROBERT A. CAROLINA
>Member, Illinois State Bar Association
Your advice is surprisingly good, for a member of the bar. :-) Not all
lawyers are ignorant and lawless, but the 99% that are give the other
1% a bad name. I'm glad to see we have a few of the good ones reading
Finally, let me leave you with one of the most eloquent statements
ever by the Supreme Court:
"Decency, security and liberty alike demand that government officials
shall be subjected to the same rules of conduct that are commands to
the citizen. In a government of laws, existence of the government will
be imperiled if it fails to observe the law scrupulously. Our
government is the potent, the omnipresent teacher. For good or for ill,
it teaches the whole people by its example. If the government becomes a
lawbreaker, it breeds contempt for the law; it invites every man to
become a law unto himself; it invites anarchy. To declare that in the
administration of the criminal law the end justifies the means...would
bring terrible retribution...[and] against that pernicious doctrine,
this court should resolutely set its face."
Olmstead v U.S., 277 U.S. 348 (1928)
Justice Brandeis, dissenting
Date: 20 Jan 93 16:31:22 GMT
Subject: File 2--Offworld BBS Raided (StLPD
St. Louis Post-Dispatch
Tuesday, January 19, 1993
Pages 1A, 10A
COMPUTER OPERATOR DENIES PORN MENU
By Christine Bertelson
Of the Post-Dispatch Staff
The owner of a St. Louis computer bulletin board that was shut down
by the FBI last week denied Monday that he is responsible for the
pornographic images seen by some users.
On Friday night, the FBI confiscated more than $40,000 worth of
computer equipment at Offworld, a computer company owned and operated
by Joey Jay. Jay, 28, ran the business from his residence in the
basement of his father's house on Tecumseh Drive in Chesterfield.
Jay was not arrested, and no charges have been filed against him.
Jay said his father threw him out of the house after the raid.
"Everyone assumes we are some kiddie porn ring," Jay said. "We are
not. We are a nonprofit community service."
A spokesman for the FBI said that someone had reported that Offworld
had images available showing bestiality, as well as child pornography.
It is a federal offense to have child pornography, and any property
used to promote it is subject to being seized and forfeited to law
enforcement authorities, an FBI spokesman said.
"We get all kinds of files across the system, and one or two at most
showed up in terms of a private conversation," Jay said. "When I
found them, I deleted them immediately."
Offworld began operating in St. Louis last June, and is free to its
4,300 users. Jay said it cost him $1,800 a month to operate the
system, using money from family inheritance.
About 100 people showed up Monday morning in Chesterfield at a rally
in support of Offworld, Jay said. He said he was soliciting
contributions of computer hardware, or cash, to get his system up and
Computer bulletin board systems, or BBSs, as they are known, allow
users to chat electronically, and share information on a variety of
subjects. Offworld has bulletin boards that feature job listings,
book and movie reviews, restaurants and clubs, and discussion groups
for people with "diverse lifestyles."
Jay said that any time illegal material appears on a bulletin board
--whether it is child pornography, offers of sex for sale, or drugs
--it is purged and the people who posted such messages are kicked off
"Unfortunately, that doesn't prevent them from coming back and using
another fictitious name," Jay said.
FBI seizures of electronic bulletin board systems are "quite common,"
said Mike Godwin, a lawyer at the Electronic Frontier Foundation. The
foundation is a civil liberties group based in Washington for those in
Godwin said that pornography is widely available on the thousands of
electronic bulletin boards in use across the country. New computer
users often use their scanners to recreate sexy pictures, much the
same as children who delight in using a newly acquired dirty word.
"Usually the novelty wears off," Godwin said.
Child pornography is relatively rare, Godwin said. When it shows up,
the operator of the system is faced with a choice: delete it
immediately, or keep it on the system and report it to the police.
The FBI finds raids effective because they are punitive in and of
themselves, whether or not a computer systems operator is ever charged
with a crime.
But even the most conscientious systems operator cannot keep all
pornography off a bulletin board, Godwin agreed.
Jay had previous conversations with the St. Louis County Police about
his system, he said.
"I told them I would simply try to use responsibility and common
sense and ... keep the system legal," Jay said. "I extend the First
Amendment right to all aspects of the system, unless it violates the
Jay said he was seeking legal advice to help him get his computer
St. Louis Post-Dispatch
Tuesday, January 19, 1993
GIF GETS BULLETIN BOARD IN A JIFF
'We Celebrate Human As Art Forum,' One Manager Says of Nude Issue
By Daniel R. Browning (Of the Post-Dispatch Staff)
Dirty pictures transmitted over the telephone to your home computer?
It had to happen.
Computer bulletin board systems, called BBSs, proliferate not only
locally, but nationally and internationally. The biggest ones call
themselves "information services," and the granddaddy is CompuServe.
It has nearly 1.2 million members from China to Chile.
St. Louis Computing, a free monthly computing newspaper, publishes a
list of local bulletin boards and their phone numbers.
Within these bulletin boards people interested in particular topics
go to chat, share information, and yes, show their favorite slides.
The pictures are transmitted in a special computer code called GIF
(pronounced jif), which is short for Graphics Interchange Format. To
see them, you need the special "viewers" included in some
To capture an image, you have your computer's modem dial the bulletin
board, then search for whatever you find interesting.
In the giant databases, that means logging on to a special-interest
section within the information service or bulletin board. CompuServe
calls these "forums."
A forum exists for just about any professional interest or hobby.
Journalists, lawyers, doctors, aerospace workers, artists,
photographers, beer and wine enthusiasts, automobile buffs -- you'll
find them all in the forums.
Within these, you can find thousands of pictures ranging from NASA
space shots, to great works of art, to travel photos, to The Girl (or
Boy) Next Door in a birthday suit.
A wary technician overseeing the forum warns members that they had to
be older than 18 to get nude images.
But practically speaking, there's no way to prevent a minor from
capturing a nude photo on CompuServe, said Dave Kishler, a company
spokesman. The Federal Communications Commission does not regulate
BBSs, he said. So the BBSs have worked up their own sets of rules and
Dave Shaver, operations manager of CompuServe's Fine Arts Forum, said
all the images are screened for content before they are made available
to the members. That's why you'll find hundreds of nudes under a
category called "Plain Brown Wrapper," but no XXX-rated pictures, he
said. "We celebrate the human as an art form."
Some bulletin boards are free. The big ones charge a flat monthly
fee of $5 to $8. Certain activities within the databases may also
include hourly surcharges, which vary in price to about $15 an hour.
Joining a special interest forum and capturing pictures would fit in
that category on most information services.
That cost -- and the requirement that members have a credit card or a
checking account -- helps limit memberships to adults, Shaver said.
Date: Wed, 27 Jan 1993 00:32:04 -0600 (CST)
From: joe@DOGFACE.AUSTIN.TX.US(Joe Zitt)
Subject: File 3--Colonel Guilty of Sending Computer Porn
Colonel guilty of sending porn over computer
SAN ANGELO -- The former commander of Goodfellow Air Force Base was
convicted in a court martial Monday of sending obscene material via
his home computer.
A jury of four men and one woman, all Air Force colonels, deliberated
about two hours before returning guilty verdicts on all counts again
Col. James Maxwell.
He was convicted of transmitting obscene material via home computer,
of transmitting child pornography through his computer and using
indecent language with a junior Air Force officer.
Maxwell, a 26-year Air Force veteran, now faces a possible 16-year
prison sentence and loss of his military retirement benefits.
Charges were filed against Maxwell after the FBI found his name among
users of an on-line computer network who accessed computer-generated
pornographic images of children.
Maxwell also was said to have used the computer network to inquire
about the location of homosexual meeting places.
Maxwell's attorney had sought to have the charges dropped on grounds
his transmissions on the computer from the privacy of his home were
protected under the constitution.
But the trial judge, Col. Donald Weir of Randolph Air Force Base,
allowed the charges to stand last week, ruling that freedom of speech
can be limited when it involves conduct unbecoming an officer.
"That the writings were private between consenting adults, that they
may have been welcome doesn't place them under the judicial umbrella
of a constitutional protected condition," Weir had ruled.
Weir dismissed a count alleging Maxwell had disgraced the Air Force by
allegedly using electronic mail to ask about homosexual bars and child
Maxwell, 48, was removed from command at the Goodfellow Air Force Base
training center last summer after the charges were filed.
COMMENT: Looks to me like this thing is full of red flags. Isn't it
coincidental that the story breaks just as there's a flap over gays in
And where it says "the FBI found his name among users of an on-line
computer network who accessed computer-generated pornographic images
of children", one might ask what network? what was the FBI doing
there? how did the images get there? how did the FBI think to track
them? who else is getting snared? civilians? were the images really
"computer-generated" or just scanned?
It's enough to restore one's healthy paranoia...
Date: Wed, 13 Jan 93 21:09:00 -0600
From: email@example.com (Cylinder)
Subject: File 4--ISPTS Organizing Information
The International Society for the Philosophy of Tools & Space
We are an interdisciplinary organization, small but growing, dedicated
to thoughtful discussion about and research into issues concerning
tools and space. Currently, we maintain a membership list and
circulate a short newsletter. Our future plans call for expansion - a
regular journal and a number of conferences are possible in the coming
Our membership list includes philosophers, artists, computer
programmers, scientists, graphic designers, architects, teachers - as
well as those whose professions are still unnamed. We are not a
school or a sect or party because we are not in agreement over
particular doctrines. Our society is bound by an implicit faith in
the silent potency of tools, space, meaning and metaphor, in a wide
range of seemingly unrelated fields. Within the scope of our talks to
date, members have raised diverse and fascinating issues for
- A phenomenology of humor, tools and toys
- Space and the banality of cause and effect
- Rhetoric and metaphor: language as tool/toy
- The iconology of computers
- Speed and annihilation
- Victimless crimes and crimes of trespass
- The mechanics of the dreamwork in psycho-analysis
- Architectural theory and practice
- Political theories of reterritorialization
- Viruses: information systems and genetic engineering
- Media theory
- Virtual Reality: the emergence of simulacra in social space
- Transit technology and urban planning
- Infrastructure catastrophes
The thematic study of tools and space forces us to reconsider and
sharpen the boundaries separating the various specialties of our
members. Many of us are involved in concrete and ongoing projects
which undo customary lines of inquiry and uncover fruitful new
questions in what was formerly considered "obvious" and explained. We
seek to move beyond conventional genres without abandoning meaning and
beauty for the sake of novelty.
For more information about Cylinder, including membership materials,
please write us with your name and address.
c/o Graham Harman, Secretary
Philosophy Dept., DePaul University
Chicago, IL 60614 USA
(If you have already written to Cylinder, please refrain from doing so
a second time. Your name and address have been added to our mailing
list and you should be expecting membership materials in the coming
Date: Fri, 22 Jan 1993 13:52:48 -0500
From: Shari Steele
Subject: File 5--New case for EFF, ACLU, and CPSR
On the evening of November 6, 1992, approximately 30 computer
enthusiasts, who had gathered for a meeting of 2600 magazine readers
at the food court at Pentagon City Mall in Arlington, VA, were
detained and searched and had some of their possessions seized by
about half a dozen mall security guards acting under the direction of
the Secret Service. Somewhere between two and five officers from the
Arlington County Police were there, as well, having responded to a
call about fraud.
Several of the attendees are interested in suing the mall, police and
Secret Service, and EFF and CPSR have done some preliminary research
into the case to determine what, if any, civil liberties violations
were involved. After interviewing about a dozen people who were
there, we have determined that the Secret Service does seem to have
been involved (a county police officer on the scene confirmed that),
and we are ready to proceed with the case.
We contacted the Virginia ACLU, which has found a litigator in
Northern Virginia who wants to litigate the case. EFF, the ACLU and
CPSR are currently doing research on the legal theories we will need
to pursue. EFF is very committed to standing up for the civil
liberties of those who attended this open, publicized and
Shari Steele, Staff Attorney, Electronic Frontier Foundation
Date: 14 Jan 93 22:19:52 PST
Subject: File 6--Public Service for Cornell Hackers
The following should be of interest to CuD readers. It originally
appeared in RISKS Digest ( V. 14 #27).
Date--Wed, 13 Jan 93 09:56:50 -0700
Subject--Public Service for Cornell Hackers
"Public Service for Hackers" by John Marcham
Two former [Cornell] students will develop a computer program to make
it easier for a quadraplegic man in Tennessee to use a computer he
owns, as part of their punishment for launching a computer virus that
damaged programs and caused hard drive crashes last February.
David Blumenthal '96 and Mark A. Pilgrim '94 were sentenced by a
Tompkins County Court judge to pay restitution to users whose
computers were jammed by the men's virus, at and near Stanford
University and in Japan, and to perform ten hours of community service
per week for a year.
A computer buff who knew the quadraplegic and heard of the Cornell
virus case wrote the judge in Ithaca, and asked if the students'
public service could be worked off developing a less expensive and
cumbersome program for the disabled man, who uses a mouthstick and
outdated software to operate his McIntosh computer.
The judge and the former students agreed to the proposal: the students
start work in November. A third former student, found guilty of a
lesser infraction, was asked by not required to do public service, and
Date: Mon, 18 Jan 93 08:04:30 -0500
From: Matt Bishop
Subject: File 7--CFP Special Issue on Security [Change in Due Date]
[NOTE CHANGE IN SUBMISSIONS DUE DATE: IT IS NOW JUNE 1, 1993]
Matt Bishop will be Guest Editor of a special issue of the journal
"Computing Systems" to be published in 1993. The issue will be
devoted to "Security and Integrity of Open Systems." Papers on all
aspects of policy, issues, theory, design, implementation, and
experiences with security and integrity in open systems are solicited
for the issue. The deadline for submissions is June 1, 1993; papers
submitted after this deadline will not be considered. Prospective
authors should send five copies of their papers to:
Professor Matt Bishop
Mathematics and Computer Science
6188 Bradley Hall
Hanover, NH 03755-3551
Submissions should not have appeared in other archival publications
prior to their submission. Papers developed from earlier conference,
symposia and workshop presentations are welcome.
"Computing Systems" is a journal dedicated to the analysis and
understanding of the theory, design, art, engineering and
implementation of advanced computing systems, with an emphasis on
systems inspired or influenced by the UNIX tradition. The journal's
content includes coverage of topics in operating systems,
architecture, networking, interfaces, programming languages, and
"Computing Systems" (ISSN 0895-6340) is a refereed, quarterly journal
published by the University of California Press for the USENIX
Association. Usenix is a professional and technical association of
individuals and institutions concerned with breeding innovation in the
Now in its fifth year of publication, "Computing Systems" is regularly
distributed to 4900 individual subscribers and over 600 institutional
subscribers (libraries, research labs, etc.) around the world. Some
special-topic issues are often distributed more widely.
The editor-in-chief of "Computing Systems" is Mike O'Dell of Bellcore.
Gene Spafford of Purdue University is Associate Editor, and Peter
Salus of the Sun User Group is the Managing Editor.
Date: 23 Jan 1993 16:14:31 -0700 (MST)
Subject: File 8--Talking with the Underground
(Previously published in the Computer Security Institute's newsletter
- The Alert - and the French Chaos Computer Club's Chaos Digest)
Talking with the underground
by Ray Kaplan and Joe Kovara
Information about system and network vulnerabilities is sparse, not
readily available and carefully guarded by those segments of the
security community that collect and control it. Given that the
legitimate security community won't share information about
vulnerabilities with us, isn't it logical that we include outsiders
(the computer underground or ex-computer criminals) in these
discussions. Amid criticism, we decided to let the community ask the
advice of experts the crackers who have successfully cracked computer
Exploring the details of vulnerabilities
Over 300 participants at 25 sites in US, Canada, Europe and Mexico
joined law enforcement, members of the security community, and former
members of the computer underground as we explored these questions in
the November 24, 1992, audio teleconference entitled System and
Network Security: How You Will Be Attacked and What to do About It.
Our guests included Kevin Mitnick and Lenny DiCicco, who successfully
penetrated a range of networks and telephone systems. They were both
sentenced in federal court after successfully penetrating Digital
Equipment Corporation's computer network in 1988. They stole the
source code to VMS, Digital's widely used operating system. Their
exploits were profiled in the book Cyberpunk: Outlaws and Hackers on
the Computer Frontier, by Katie Hafner and John Markoff (1991, Simon
Our panelists included Hal Hendershot, head of the FBI Computer Crime
Unit in Washington D.C.; Don Delaney, Senior Investigator with the New
York State Police; Computer security consultant Dave Johnson of Talon
Systems (Los Alto, CA); Robert Clyde, V.P. of the Security Products
Group, RAXCO, Inc.; and Lew, the organizational director of automation
for a medium size company a former cracker.
The panelists shared their considerable experience and discussed
techniques used to break in to computer networks. Among the
penetration techniques discussed were the uses of psychological
subversion, telecommunications monitoring techniques, and the
exploitation of known system and network bugs. Despite the popularity
of these attack techniques, they are little known outside of the
computer underground and the computer security community.
Panelists issue stern warnings about telecommunications security
Don Delaney stated that tremendous loss of money from both toll and
Private Branch eXchange (PBX) fraud is whats happening in the telecom
area. Since the security of a PBX is the responsibility of its owner,
such losses are not being absorbed by the telephone companies
involved. These losses have been known to force the owners of
compromised PBXs into bankruptcy. Delaney joins us in saying that its
not a matter of if you will be hit, but when.
According to DiCicco, compromising the telephone system gave he and
Kevin the ability to attack systems without the fear of discovery -
telco tracebacks were simply ineffective. They could attack networks
at many different points of entry all over the country. This is why
no one could keep them out, even though their victims knew their
systems and networks had been compromised. If all of this does not
scare you, consider Lenny's admission that at one point he and Kevin
had compromised over 50 telco switches in the United States, including
all of California, parts of New Jersey, New York and New Hampshire.
At one point they even controlled all three of the switches that
provided phone service to Manhattan.
Yes, the law is ready to help - but the threat is a tough,
sophisticated, international one.
Threats from abroad? Yes, the threat does exist according to Hal
Hendershot of the FBI. Robert Clyde reports getting many calls from
people trying to solve security problems. In keeping with what we
know of reported computer crimes, most sites see problems from
insiders: employees, consultants and vendors. Robert reports that
two companies publicly spoke of being approached by former East German
agents for hire for as little as $10,000 at a September conference in
Sweden where he spoke in 1992. We appear to be seeing the
criminalization of hacker activity that many have long feared: hackers
and ex-foreign intelligence agents for hire.
James Bond is alive and well, thank you
In late 1992 Don Delaney reported the first case he's seen of James
Bond techniques. Remote surveillance can be done by intercepting,
decoding and displaying the Radio Frequency (RF) emanations of various
computing devices such as terminals and network cabling. Delaney
reports that in late 1992, an antenna was put up on the balcony of a
19th floor room in New York's Helmsley building pointing at Chemical
Bank. He indicated that it was being very carefully adjusted before
being locked into position. By the time they were able to
investigate, the antenna and its manipulator had vanished - presumably
having successfully gathered the intelligence that they were after.
This is no longer gee, we knew it was possible, but holy shit, it's
happening now. Imagine someone reading your terminal screen from
across the street.
Management's show me attitude
Dave Johnson insists that his biggest problem when he was at Lockheed
was getting corporate management to understand that there is a
problem. One of the areas in which this type of conference can really
help is understanding the enemy. Management simply doesn't understand
the thinking of hackers. Since it makes no sense to them, they tend
to deny its existence until theres proof. Of course, the proof is
usually very expensive: once a system has been compromised the work of
cleaning it up is a long, hard and complicated. A well-connected
system or network makes an excellent platform from which to launch
attacks on other hosts or on other networks.
A major problem for Digital in securing their network against Kevin
Mitnick and Lenny DiCicco was that only one vulnerable system on
Digitals EASYnet was needed. From there, they were able to penetrate
other systems. Even nodes that were known to have been penetrated and
were secured were penetrated repeatedly by using other vulnerable
nodes to monitor either users or network traffic accessing the secured
nodes. While at Lockheed, Dave Johnson implemented policies,
awareness training and widescale authentication for all external
access, including dialup lines and telnet connections using
challenge-response tokens or smart cards. He does not trust the phone
system and assumes that it has been compromised. Kevin Mitnick and
Lenny DiCicco illustrated just how vulnerable the phone system was in
1988 and the MOD bust in July 1992 shows that things have not
improved. Kevin reminds us that you must assume the telephone system
is insecure: even robust challenge-response systems can be compromised.
You simply have to play the telecommunications game for real. Kevin
reminds us that unless you use encryption, all bets are off. As an
example of how deep, long lived and dedicated a serious attack can be,
consider that Kevin and Lenny were in DEC's network for years. They
knew exactly what DEC and telco security were doing in their efforts
to catch them since they were reading the security personnel's email.
They evaded the security forces for over 12 months and they had a
pervasive, all powerful, privileged presence on DEC's internal
network. I've seen the enemy and them is us (this is a quote from
Mitnick insists that people are the weakest link. According to his
considerable experience, you don't even need to penetrate a system if
you can talk someone on the inside into doing it for you. Why bother
breaking in to a computer system if you can talk someone in accounts
payable into cutting you a check? Using the finely tuned tools of
psychological subversion, practiced social manipulators can get most
anything that they want from the ranks of the generally unsuspecting
(uncaring?) employees that inhabit most of our organizations today.
The only cure is a massive and complete educational program that
fosters loyalty, awareness and proper skepticism in every employee.
In the end
Perhaps the strongest message from everyone was that you can't trust
the phone system. Telephone companies have been, and continue to be,
compromised. While Mitnick & DiCicco's penetration of DEC's internal
network happened in 1988, the 1992 MOD bust showed us that the same
techniques are still being used successfully today. Data and voice,
including FAX transmissions, are subject to eavesdropping and
spoofing. Encryption is absolutely required for secure, trustworthy
The coupling of social engineering and technical skills is a potent
threat. Most sites that have addressed technical security are still
wide open to penetration from people who have well-practiced social
engineering skills. However, in all, you don't even need social
engineering skills to get into most systems.
Are your systems and networks secure? Are your systems and networks
at risk? What will you do if you are attacked? Although the
questions seem simple, they are not. Future teleconferences will
explore both the questions and the answers in more detail.
Ray Kaplan and Joe Kovara have been independent computer consultants
for more than a decade. They specialize in operating systems, networks
and solving system and network security problems. Ray Kaplan is also
a well known writer and lecturer. He is a regular contributor to
Digital News and Review and other computer trade publications.
Tapes and handout materials for the System and Network Security
teleconference series are available from Ray Kaplan, P.O. Box 42650,
Tucson, AZ USA 85733 FAX (602) 791-3325 Phone (602) 323-4606.
End of Computer Underground Digest #5.08
E-Mail Fredric L. Rice / The Skeptic Tank