Computer underground Digest Sun Mar 21 1993 Volume 5 : Issue 21 ISSN 1004-042X Editors: Ji

---
Master Index Current Directory Index Go to SkepticTank Go to Human Rights activist Keith Henson Go to Scientology cult

Skeptic Tank!

Computer underground Digest Sun Mar 21 1993 Volume 5 : Issue 21 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Copy Eater: Etaion Shrdlu, Senior CONTENTS, #5.21 (Mar 21 1993) File 1--CuD Mirror Update File 2--New Info in 2600 Case File 3--Official virus-writing contest File 4--comments on proposed virus writing contest (Bontchev) File 5--Comments on proposed virus writing contest (Frisk) File 6--Response: virus-writing contest File 7--Comments on the Virus Writing Contest File 8--Bruce Sterling on GEnie (#5.20) File 9--Re: The White House Communication Project (#5.18) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on the PC-EXEC BBS at (414) 789-4210; in Europe from the ComNet in Luxembourg BBS (++352) 466893; ANONYMOUS FTP SITES: UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud uglymouse.css.itd.umich.edu (141.211.182.53) in /cud halcyon.com( 202.135.191.2) in /pub/mirror/cud AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. EUROPE: nic.funet.fi in pub/doc/cud. (Finland) ftp.warwick.ac.uk in pub/cud (United Kingdom) Back issues also may be obtained from the mail server at mailserv@batpad.lgb.ca.us. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Sun, 21 Mar 1993 00:26:24 -0500 (EST) From: Paul Southworth Subject: File 1--CuD Mirror Update We've been having some technical problems with the political archive site, red.css.itd.umich.edu that are not yet cleared up. Here's a brief update: 1. The machine is now uglymouse.css.itd.umich.edu (141.211.182.53). 2. Valid DNS aliases for that machine are: - mouse.css.itd.umich.edu - red.css.itd.umich.edu - redspread.css.itd.umich.edu 3. Domain Name Service is not currently working. 4. Routing is not currently working. 5. We have a new 760mb disk on line with a lot of new space. 6. The Myers' (Wuarchive) ftpd server is not working on that machine, so we are back to the plain NeXT ftpd. This means you cannot grab whole directories, or ask for compress or tar processing on uploads or downloads. I'm working on that. So in short, you can't connect to the archives right now. We should have it up and running in the next few days. If you have materials archived on the site, they're all still there but nobody can get at them right now. If you have new submissions, please email them to pauls@umich.edu. Please don't request that I mail you files from the site; there are too many requests and too little time -- I need to work on getting it back on line for everyone to use. Thanks! I will notify everyone when we are back on line. Paul Southworth Archivist ------------------------------ Date: Wed, 17 Mar 1993 16:47:03 EST From: David Sobel Subject: File 2--New Info in 2600 Case One month after being sued under the Freedom of Information Act (FOIA), the Secret Service has officially acknowledged that it possesses "information relating to the breakup of a meeting of individuals at the Pentagon City Mall in Arlington, Virginia." The admission, contained in a letter to Computer Professionals for Social Responsibility (CPSR), confirms widespread suspicions that the agency played a role in the detention and search of individuals affiliated with "2600" Magazine at the suburban Washington mall on November 6, 1992. CPSR filed suit against the Secret Service on February 4 after the agency failed to respond to the organization's FOIA request within the statutory time limit. In its recent response, the Secret Service released copies of three news clippings concerning the Pentagon City incident but withheld other information "because the documents in the requested file contain information compiled for law enforcement purposes." While the agency asserts that it possesses no "documentation created by the Secret Service chronicling, reporting, or describing the breakup of the meeting," it does admit to possessing "information provided to the Secret Service by a confidential source which is information relating to the breakup of [the] meeting." Federal agencies classify other law enforcement agencies and corporate entities, as well as individuals, as "confidential sources." The propriety of the Secret Service's decision to withhold the material will be determined in CPSR's pending federal lawsuit. A copy of the agency's letter is reprinted below. David L. Sobel dsobel@washofc.cpsr.org Legal Counsel (202) 544-9240 (voice) CPSR Washington Office (202) 547-5481 (fax) ************************************************ DEPARTMENT OF THE TREASURY UNITED STATES SECRET SERVICE MAR 5 1993 920508 David L. Sobel Legal Counsel Computer Professionals for Social Responsibility 666 Pennsylvania Avenue, S.E. Suite 303 Washington, D.C. 20003 Dear Mr. Sobel: This is in response to your Freedom of Information Act (FOIA) request for access to "copies of all records related to the breakup of a meeting of individuals affiliated with "2600 Magazine" at the Pentagon City Mall in Arlington, Virginia on November 6, 1992." Enclosed, please find copies of materials which are responsive to your request and are being released to you in their entirety. Other information has been withheld because the documents in the requested file contain information compiled for law enforcement purposes. Pursuant to Title 5, United States Code, Section 552(b)(7)(A); (C); and (D), the information has been exempted since disclosure could reasonably be expected to interfere with enforcement proceedings; could reasonably be expected to constitute an unwarranted invasion of personal privacy to other persons; and could reasonably be expected to disclose the identity of a confidential source and/or information furnished by a confidential source. The citations of the above exemptions are not to be construed as the only exemptions that are available under the Freedom of Information Act. In regard to this matter it is, however, noted that your FOIA request is somewhat vague and very broadly written. Please be advised, that the information being withheld consists of information provided to the Secret Service by a confidential source which is information relating to the breakup of a meeting of individuals at the Pentagon City Mall in Arlington, Virginia, and, therefore, appears to be responsive to your request as it was written. If, however, the information you are seeking is information concerning the Secret Service's involvement in the breakup of this meeting, such as any type of documentation created by the Secret service chronicling, reporting, or describing the breakup of the meeting, please be advised that no such information exists. If you disagree with our determination, you have the right of administrative appeal within 35 days by writing to Freedom of Information Appeal, Deputy Director, U. S. Secret Service, 1800 G Street, N.W., Washington, D.C. 20223. If you choose to file an administrative appeal, please explain the basis of your appeal. Sincerely, /Sig/ Melvin E. Laska ATSAIC Freedom of Information & Privacy Acts Officer Enclosure ------------------------------ Date: 02 Mar 93 11:56:08 EST From: Crypt_Newsletter <70743.1711@COMPUSERVE.COM> Subject: File 3--Official virus-writing contest W E L C O M E T O T H E F I R S T * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * I N T E R N A T I O N A L * * * * C O M P U T E R * * * * V I R U S * * * * W R I T I N G * * * * C O N T E S T * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * - 1 9 9 3 - Final Date For Submissions: APRIL 1, 1993 This Contest is Sponsored by: American Eagle Publications, Inc. P. O. Box 41401 Tucson, AZ 85717 USA Publisher of The Little Black Book of Computer Viruses Ok, all you genius hackers out there! Here is a challenge for you. Prove your stuff! This is an INTERNATIONAL contest, and this file is being circulated all over the world, so if you want to compete, be forewarned, you've got worldwide competition. Only the best have a chance in this game. Still up to the challenge? Ok, here it is: I am writing Volume 2 of The Little Black Book of Computer Viruses. This is a study of the scientific applications of computer viruses, and their use in artificial life research, and all of that neat stuff. One of the things I want to discuss in the book is the limit on the size of a virus for a given level of functionality. So I took the TIMID virus from Volume 1 and tore it down to the bare minimum. Not good enough. I wrote a virus that worked a little differently. I tore that one down to the bare minimum. Good enough? Well maybe. But maybe not. I have some pretty compact code, but is it the absolute best? I'm guessing somebody out there can top it. Here are the rules: (1) The object of this game is to write the smallest virus you can with the required level of functionality. (2) The virus must be capable of infecting all COM files on the logged drive in the current directory of a PC, no matter how many COM files are there. It may infect them as quickly or as slowly as you like, so long as it can be demonstrated that it will do so in an hour, when running the programs in that directory one after the other in sequential order. (3) The virus must recognize itself and avoid re-infecting files that have been infected. At most, only one in fifty thousand files should get accidentally re-infected, assuming that the data in unknown COM files is random. (4) The virus must terminate gracefully if it cannot find a file to infect. (5) The virus must not destroy any of the code in any file which it infects. It must allow that code to execute properly, or refuse to infect a file. (6) The virus must be self-contained. It cannot hide code in some common location on disk. (7) The virus must function properly under MS-DOS 5.0 with no TSR's resident, and nothing loaded high. (8) The size will be determined by the larger of (A) the number of bytes the virus code itself takes up in an infected file, and (B) the largest number of bytes the virus adds to a program when it infects it. The best code I have for a virus that follows these rules right now is 139 bytes long. Both source and executable are included in the ZIP, named LITTLE.ASM and LITTLE.COM. In the event of a tie for size, originality and ingenuity of the code will break the tie. All judges decisions are final. $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ The winner will receive the following: (1) A $100 CASH REWARD. (2) Your code will be published in The Little Black Book of Computer Viruses, Volume 2. (3) I will give you credit for the code and for winning the International Virus Contest in the book, using either your real name or an alias, your choice, published in the book. (4) Your name will be posted on the MISS bulletin board as the contest winner. (5) A free copy of The Little Black Book of Computer Viruses, Volume 2, and a one year subscription to Computer Virus Developments Quarterly ($95 value). Three honorable mention winners will receive a free copy of The Little Black Book of Computer Viruses, Volume 2. $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ You may make an entry in two ways: (1) Mail your entry on a PC format floppy disk to American Eagle Publications, Inc., PO Box 41401, Tucson, AZ 85717 USA. (2) Upload your entry to the M.I.S.S. bulletin board at (805)251-0564 in the USA. Log on as GUEST, password VIRUS, last 4 digits of phone number 0000, and upload to the CONTEST UPLOADS directory. A valid entry consists of the following items: (A) Complete source code for a virus, which can be assembled using either TASM, MASM, or A86. If you use another assembler and don't know if one of the above will work, then send the assembler along with the submission. If you do anything tricky that we may not understand, you must explain it in comments in the assembler source. (B) A statement of who you are (aliases accepted) and how to get in touch with you in case you win the contest. This information will be kept strictly confidential, and encrypted at all times. By submitting an entry to the contest, you agree that the copyright to your entry will be considered the property of American Eagle Publications. The copyright to any losing entry will be returned to the owner upon written request. In the event that you win or receive honorable mention in the contest, the copyright to the code will remain the property of American Eagle Publications, Inc. You may submit your entry encrypted with PGP 2.1 if you desire. Use the following public key to encrypt: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.1 mQBNAitZ9w4AAAECAOXJYOsJNavAAWFBRwf4/u0QWMJ9IHj8eajgOfDRdlCNwEBJ wMs1vb5GcdJCaeoCgBR3Xxzh6oEo2nrwfru8mqMABRG0CE1BTHVkd2ln =P6d4 -----END PGP PUBLIC KEY BLOCK----- *end* ------------------------------ Date: Wed, 3 Mar 1993 23:04:03 +0100 (MET) From: bontchev@INFORMATIK.UNI-HAMBURG.DE(Vesselin Bontchev) Subject: File 4--comments on proposed virus writing contest (Bontchev) Mark Ludwig's virus writing contest is yet another attempt to incite the creation of computer viruses that hides behind seemingly legitimate reasons. Just like his book and newsletter, which hide behind the right of the US citizens of freedom of expression, the "legitimate" reasons of the contest fall apart, if you look carefully at them. Let's consider some questions which naturally arise when reading a proposal like that. What are the values/dangers of such contests? In the beginning of the proposal, the author boasts that he needs the virus for the second volume of his book, which will discuss "the scientific applications of computer viruses, and their use in artificial life research". However, actually the contest it for writing the shortest possible non-overwriting MS-DOS COM file infector. What does this have in common with artificial life? What are the scientific applications of such a silly (but small) virus? And what does all this have to do with "research" in general? Actually, it is nothing more than a contest to hack the smallest program that performs given actions - nothing more. In fact, the author even addresses the potential participants of the contest as "hackers", not as researchers or scientists. And indeed, the goal of the contest has nothing to do with scientific research. The result of this contest is easily predictable. A few hundreds of kids will write hundreds of smart, not so smart, and completely buggy viruses. One of them will win the $100 prize. The others will have to decide what to do with the viruses in their disposition that have not won the contest. In all probability, they will upload them to the nearest virus exchange BBS, where other irresponsible people will be able to download and spread them further. "K00l dudez, I've got one of the participants in Mark Ludwig's contest for you"... The winner of the contest will have his name, or more probably, his handle, mentioned in the book, which will stimulate his ego and incite hundreds of others to imitate him and to create more viruses. Of course, all those viruses will end up in the hands of the anti-virus researchers, who will have to update their scanners to be able to recognize them, just in case some of them accidentally "escapes". And, since most of those researchers don't work for free, the users of their anti-virus programs will have to pay for yet another update. Who wins of all that? Mr. Mark Ludwig sells a new volume of his book, a few irresponsible kids get their ego teased, a few anti-virus researchers spend a few nights to disassemble silly viruses, and all of you have to pay - pay for updates of your scanners, pay for the data and time lost in an outbreak of a silly and buggy virus, and so on. Indeed, what a service does Mr. Mark Ludwig to the society! In fact, the outcome of the first volume of his book already proves that the above reasoning is correct. There are already at least 7 different variants of the silly Timid virus, published in the book... How do we distinguish between "benign" and "malevolent" virus writers? Some people like to speak about the possibility to develop "benign" and even "beneficial" viruses and about how much this kind of research will make our life easier. In fact, all that began with Dr. Fred Cohen and his papers on the subject. Dr. Cohen means something very particular, something that most people will never call a virus. Unfortunately, in his papers he tends to use formulae, instead of easily understandable language, so it is no wonder that many people are misunderstanding him. I cannot decide whether Mr. Mark Ludwig has indeed misunderstood Dr. Cohen's ideas, or if he intentionally misuses the general misunderstanding of the subject, in order to masquerade his virus writing contest as something legitimate. However, fact is, that what he proposes has nothing to do with Dr. Cohen's ideas for beneficial viruses, will have absolutely no positive value, and will rise yet another wave of stupid viruses written across the world. Actually, there is no such thing as "benign" or even "non-destructive" virus, as Mr. Mark Ludwig seems to understand it. The virus that is proposed in his contest will infect real, executable programs. The author of the virus has absolutely no way to know how will his virus behave in some situations. In fact, it may turn to be even highly destructive in some of these situations. Just an example. One of the first versions of Microsoft Word (1.0, I think) used to checksum itself, and, if the checksum didn't match, displayed a message on the screen (something like "The tree of evil has bitter fruits; crime does not pay") and trashes the current disk. Obviously, if it becomes infected with the virus described in the contest, this destructive code will trigger - with sad consequences. Several other self-checking programs will not react that violently, but will simply refuse to run when infected. Thus, the virus will be guilty for denial of services - maybe lost time, money, business... Even worse, the virus author is not able to predict the future, so he has no way to know how his virus will behave in situations that simply don't exist yet. Maybe it will turn out to be highly destructive - recall what the "benign" Stoned virus does with high-capacity floppies that have been simply not available at the time it has been written... Is there any educational value in those contests? Mr. Mark Ludwig claims to write his book for educational reasons. But what does actually he teach his readers? How to write viruses? Even if we leave alone the doubtful value of this knowledge, there are already a few books and many more electronic articles, circulating in the underground, that teach exactly that. Maybe he wants to teach his readers to write good assembly language programs? But, at least his first book, does not discuss the good programming practices at all, and in fact contains many samples of sloppy and clumsy code. So, maybe he wants to teach his readers about the top technology employed by viruses to bypass the different security systems? Even this is not true - he does not address such modern concepts as armouring, polymorphism, slow viruses, fast infectors, multi-partite viruses, or even fully stealth file infectors... For instance, nowhere in the book there is a discussion of the different kinds of attacks that can be employed by viral programs to circumvent discretional access controls, integrity-based systems, and so on. All we see is a bunch of silly MS-DOS viruses that barely work. This rises yet another question - are the virus writers able to teach the security specialists to something that the latter don't know already? Many virus writers sincerely believe that; for instance Mark Washburn has written his V2Px series of viruses, in order to "prove" that scanning is unreliable virus defense. However, it turns out that in all cases the security specialists are aware of the problems since a long time. Even the concept of a computer virus and the difficulties connected with its detection and prevention have been first invented by a security specialist - Dr. Fred Cohen, not by John Random Virus Writer... In all cases when the virus writers have come up with something new and original, the security specialists have thought about it since a long time, but have been ethical enough to only discuss it in closed circles, instead of implementing it and releasing it to damage other people's data... At last, one could ask the question whether Mr. Ludwig's contest is legal. In the text he boasts it as an "international" contest. However, this demonstrates an amazing ignorance of the local law in some countries. Participating the contest and writing viruses for it may be illegal in some countries, as the recent arrests of the ARCV virus writing group in the UK have proven. Freedom of expression is a wonderful right, but Mr. Ludwig should be aware that the US constitution does not apply to the whole Universe and thus, some things allowed by it might be illegal in some other countries. Therefore, anybody who decides to participate Mr. Ludwig's contest, is strongly advised to consult a local lawyer. Of course, it would be much better to ponder a bit how unethical the whole thing is and to refuse to participate the contest at all... But maybe Mr. Ludwig is not that ignorant, after all. The text of the contest encourages the participants to use handles and other forms of anonymity. Maybe this is because Mr. Ludwig understands that those people might be hold legally responsible in some countries for such activities? In this case, his contest is nothing more than an incitement to commit a crime (in those countries where virus writing is considered illegal). I wonder whether some of them have extradition treaties with the USA... Regards, Vesselin -- Vesselin Vladimirov Bontchev Virus Test Center, University of Hamburg Tel.:+49-40-54715-224, Fax: +49-40-54715-226 Fachbereich Informatik - AGN < PGP 2.1 public key available on request. > Vogt-Koelln-Strasse 30, rm. 107 C e-mail: bontchev@fbihh.informatik.uni-hamburg.de D-2000 Hamburg 54, Germany ------------------------------ Date: Wed, 3 Mar 93 22:04:23 WET From: frisk@COMPLEX.IS(Fridrik Skulason) Subject: File 5--Comments on proposed virus writing contest (Frisk) > 1) What are the values/dangers of such contests? that is a stupid question....it has no value whatsoever. It will only mean more work for anti-virus people. > 2) How do we distinguish between "benign" and "malevolent" > virus writers? why bother...a virus is a virus... > 3) Do virus writers have anything of value to teach security > specialists? no. > These are suggestive, and feel free to develop any line of > discussion you feel appropriate. How about the following: one of the viruses submitted to the competition gets loose, and manages to infect somebody in the UK. He files a complaint, and as a result of that the sponsors of the competition are charged with an "incitement to commit a computer crime", and as demonstrated in the Popp case, he can be extradited (sp?) to the UK, where prosecuting someone for virus writing is a lot easier than in the US. anyhow, I have more significant things to do with my time than to spend my time commenting on a stupid idea like this one. -frisk ------------------------------ Date: 10 Mar 93 14:27:01 EST From: Crypt_Newsletter <70743.1711@COMPUSERVE.COM> Subject: File 6--Response: virus-writing contest What is the danger of Mark Ludwig's international virus-writing contest? Well, according to contest rules, the winning virus code is destined for publication in the second installment of "The Little Black Book" series. "Oh, terrible, terrible!," wail anti-virus software developers throughout the land. "More virus code in the hands of anyone who wants it! These miscreants and electronic sociopaths are already making computing untrustworthy enough!" Bunk. Publishing any or all of the code collected in Mark Ludwig's contest won't make any difference. Why? Because there already exists more well-commented virus source code in general circulation than any one person has time to analyze. Taxpayers can download it by the megabyte from the Bureau of Public Dept.'s bulletin board system 24 hours-a-day, no strings attached. Or if you feel the need to be more "elyte," more "politically correct," it can be had from the favorite whipping boy of the anti-virus community - shhshhh - your friendly, neighborhood virus exchange sysop. Beating on Mark Ludwig for his virus-writing contest, then, strikes me as stupid. It's hypocritical, too, because as some involved in virus research know, a great many of the working samples of viruses found on virus exchange BBS's come attached to "sacrificial goat" files bearing the trademark of a number of anti-virus vendors. You can find extremely detailed virus disassemblies on virus exchanges, too. Not so surprisingly, some of these are composed by the same anti-virus researchers who whine in electronic publications like Virus-L Digest about the unrestricted flow of viruses and their source code. So if the virus-writing contest is dangerous because it subverts the control of "sensitive" information, the anti-virus community lost that battle a while ago, soundly beaten by a large number from its own rank. Next, do security specialists have something to learn from virus programmers or sponsors of virus-writing contests? Yes, indeed. For example, about a year ago I wrote a couple of stories on the Michelangelo phenomenon for a daily newspaper. In the course of my research I tried to dig up a few books to recommend to sophisticated readers. Mark Ludwig's "Little Black Book" was the only one I could find that wasn't either horribly wooden or written for someone with the attention span of a very small child. I endorsed it in the pages of a daily newspaper. The sky did not fall. The region's computers weren't besieged by a horde of Ludwig viruses. In addition, a number of computer security workers within different arms of the U.S. government already consult virus programmers on various security problems. When I asked one of them why, he replied that he didn't want to be backed into relying on the anti-virus community for advice, advice he saw as too self-serving. That leaves the question of how to distinguish between "benign" and "malevolent" virus programmers. Hmmmmm. That's a tough one, because the picture's more complex than that. Unless you buy the idea that virus programmers either write disk-corruptors set to go off with a bang on weird holidays or make them for courses like Patrick Toulme's "Virus 101," you're stuck coming up with an answer. You might decide to go with the popular stereotypes of young men with too much pent up hostility or unemployed programmers from politically and economically uncool locales like Russia, Bulgaria and China. But that dog won't hunt if you think of Fred Cohen. Or you can try to describe them as "groups" like NuKe, TridenT or Phalcon/Skism. And THAT leaves out a great many loners who collect viruses like stamps and occasionally need to come up with a fresh one as barter for that new, rare "tunnelling, polymorphic full stealth" beauty from Outer Slobovia. These guys could care less whether any virus they have gets into the wild. In fact, they probably would like to see less of that - keeps the collection more unique, more "valuable," you see. Clearly none of these are an answer. So try asking a better question. George Smith edits the Crypt Newsletter which has published virus source code. ------------------------------ Date: 16 Mar 93 21:35:03 EST From: kim clancy <71011.2056@COMPUSERVE.COM> Subject: File 7--Comments on the Virus Writing Contest Comments on the first international virus writing contest by Kim Clancy My comments on the 1st International Virus Writing Contest is that I don't care about the first international virus writing contest. I don't care if someone sits in the privacy of their home and develops a computer program to destroy every type of computer on the face of the earth. I don't care if they post them as public information on bbses, magazines, or print them in books for profit. I don't care! I believe it is everyones' constitutional right to be able to write any type of computer code they want, discuss it with others, share the code and document the process. I believe that to remove this right from individuals is removing their freedom and individual rights. On the other hand, I do care about someone intentionally destroying the property of others. I do care about harm done to others and I do care about someone planting viruses for that purpose. But, this contest is not called the "1st International See How Much You Can Destroy by Planting a Virus Contest." I just don't care (did you pick up on that yet?) I know there are hundreds of viruses available. I have many of them myself, most of them sent to me from anti-virus researchers (that is another story in itself though.) All the harm that could be done by viruses could more than likely be done with existing code. Running a contest asking for better code doesn't appear to offer a significant threat. At the same time, I can't see any need for such a contest and fail to understand what good it could produce. Nonetheless, individuals should have the right to participate in this contest. By the way, while this may be the 1st International Virus Writing Contest, I think (although haven't confirmed) that Fred Cohen told me (on the one and only occasion I talked to him) that he had held a virus writing contest and offered $1000. He received no entries. ------------------------------ Date: 16 Mar 1993 08:23:00 -0800 (PST) From: James Still Subject: File 8--Bruce Sterling on GEnie (#5.20) ((In CuD's #5.20 GEnie interview with Bruce Sterling, it is reported:)) ><[Guest] BRUCES> Generally I go with the cop definition, since it's the one in >greater public usage, meaning a [hacker is a] computer trespasser. ><[Katie] DANTECH> I wonder if you think there's any way we can reclaim the >term? ><[Guest] BRUCES> Reclaim the term "hacker?" Sure. About the same time that I >reclaim the term "cyberpunk." Ha ha ha ha! Everyone wants to return to some construct of the 'good ole days.' We are going through a transition period where the semantics of the word 'hacker' is changing rapidly and no longer means the same thing as it did in the sixties. The sixties also produced 'ska reggae' and the first skinheads; Jamaican and East Indians who migrated to Britain and created a whole genre of brotherhood and anti-racism. These ska skinheads sparked a wave of rude boy counter-culture leading to dub reggae (what most people think of when the word 'reggae' is mentioned) and Post-Mod bands like The Who and The Jam. Unfortunately British fascists twisted the skinhead movement in the 70's and adopted its look and feel for their youth brigades that we now think of when we hear the word 'skinhead.' Does this mean that the original ska skinheads of the 60's have lost their legitimacy? Hardly, we just have to remember them in the context of what skinheads were *then* and not get caught up in the twisted meaning of the word *now*. If we can stop playing 'Spin the Nostalgia Wheel' to reclaim our so-called 'hacker' definition of the 60's, and realize that everything changes, *especially the meaning of colloquial words* we'll be better off. The world is changing too fast to patent for those of us enamored with the past to attempt to hold onto it. Let's move on and create a better future in cyberspace, inventing words when necessary, and knowing when to leave them behind when obsolete. ------------------------------ From: Pat Subject: File 9--Re: The White House Communication Project (#5.18) Date: Tue, 16 Mar 1993 13:10:19 -0500 (EST) > (1) When you get thousands of messages a day, how do you > respond effectively? The same way you handle written correspondence. Lots of old ladies in bee-hive hairdos answering the mail. > (2) How do you make a public e-mail system inclusive > and accessible? I would suggest multiple points of contact. rather then Bill@white.house.gov or MailMan@white.house.gov. have topic based mail receptors. Nasa.man@white.house or Environment@white.house Economy@white.house. Legislation@white.house....... Then people can be tasked to read mail, based upon the area of expertise. also, key subject extraction programs could be run, and the users could be mailed response letters, based upon the primary areas of interest. > (3) What would happen if e-mail became the primary > mode of(mediated) access to government? > Well, there would probably be a little more flaming then before. Could you imagine some of the correspondence? Besides, one would need some form of digital authentication mechanism. Let's not have more bogus mail.... ------------------------------ End of Computer Underground Digest #5.21 ************************************

---

E-Mail Fredric L. Rice / The Skeptic Tank