_                        _______
 Release Date:       __      N.I.A.   _      ___   ___  Are you on any WAN? Are
   08AUG91           ____     ___    ___    ___     ___ you on Bitnet, Internet
                     _____    ___    ___    ___     ___  Compuserve, MCI Mail,
 Editors:            ___ ___  ___    ___    ___________  Sprintmail, Applelink,
   Judge Dredd       ___  ___ ___    ___    ___________    Easynet, Usenet,
   Lord Macduff      ___   ______    ___    ___     ___    FidoNet, et al.?
 Advisors:           ___    _____    ___    ___     ___ If so please drop us a
   Knight Lighting           ____     _     __      ___        line at
   Jim Thomas                 ___           _       ___    nia@nuchat.sccsi.com
                                _    Network Information Access
                                       Ignorance, There's No Excuse.

                             Issue 072 :: Volume 02

"Do you know why there are so few sophisticated computer terrorists in the
United States? Because your hackers have so much mobility into the
Establishment. Here there is no such mobility. If you have the slightese bit
of intellectual integrity you cannot support the government... That's why
the best computer minds belong to the opposition."
                                         - An anonymous member of the
                                           Polish trade union Solitarity.


   Greetings, avid readers! This issue marks a departure from our usual
pattern, in that we now have the beginnings of an advisory staff. We would
like to welcome Knight Lightning, Ex-editor of the now-late Phrack Inc.
magazine. We would also like to welcome Jim Thomas, Editor of the Computer
Underground Digest. If you feel you have certain qualities that could
improve NIA magazine, please write us at nia@nuchat.sccsi.com.
 1. Index to NIA072 .............................................NIA Editors
 2. The Renaissance of Hacking ...............................Mark Hittinger
 3. The Hacker Manifesto ......................................Erik Bloodaxe
 4. Foiling the Cracker [Dept. of Defense]......................Killing Joke
 5. UNIX: JE Documentation ................................Terminal_Erection
 6. Network Miscellany ......................................Various Sources
 7. CyberTimes (Vox Populi) [1/4] ...............................Judge Dredd
 8. CyberTimes (Vox Populi) [2/4] ...............................Judge Dredd
 9. CyberTimes (Vox Populi) [3/4] ...............................Judge Dredd
10. CyberTimes (Vox Populi) [4/4] ...............................Judge Dredd
11. Editor's Comments ...........................................NIA Editors

     /                                                               /
     /                      NIA 072 / File 2                         /
     /   Hacking and Hackers: The Rise, Stagnation, and Renaissance. /
     /               Copyright(C) 1991 By Mark Hittinger             /
     /                                                               /

        It doesn't take a rocket scientist to figure out that the publicity
afforded to hacking has risen to peak levels within the last year.  As
one would expect, the political attention being paid to the subject of
hackers has also risen to peak levels.  We are hearing more about
hackers each day. The newspapers have articles about alleged computer
crime and phone fraud almost weekly.  The legal system is issuing
indictments, the secret service is running around with wildcard search
warrants, and captured naive hackers are turning on each other.  Some
well known computer people have formed a  lobby called the "Electronic
Frontier Foundation".  Fox TV has news people on the scene during a
bust of an alleged "hacker" who was invading their own doofus system!
Non-computer "lay" people have been asking me a lot of questions.

        So who am I?  I'm just another computer bum.  I got into computers in
the early seventies during high school.  I've witnessed computing's
rise as something social outcasts did to something everybody wanted to
be a part of.  Babes looked at us with disgust as we grabbed our data
on 110 baud teletypes and paper tape.  Rolls of paper tape and access
to timeshared basic was so great that we didn't even think that it
could get better.  Well guess what?  Computers and our social position
kept getting better.  It got so good that pretty soon everybody wanted
to ask us questions.

        These days we are like doctors at a cocktail party, we are always
getting hit on for free computer consulting!  Even from the babes!
You've come a long way baby!  Later I got into the professional side,
that is, systems programming, systems management, and software
development.  I've worked with GE, Xerox, IBM,  Digital, CDC, HP,
Prime, anything I could get my hands on.  I dearly loved the DEC-10,
learned to live with VAX/VMS, and now grit my teeth when I work with
Unix/MS-DOS.  My hobby became my career, and they paid me money for
it. My chosen hacking name is "bugs bunny" and you can find me on some
bulletin boards as user "bugs".  Bugs was always creating virtual
rabbit holes out of thin air and dodging in and out of them.  True
hackers love to find and fix software "bugs".  Yea!!  I'm 34 now and a

        Being involved in computers for a long time gives me a better
perspective than most.  Over the years there would sometimes be a major
media coverage of some computer crime event.  As a local computer
"heavy", there were always questions coming my way about what these
things were all about.  Lately, the questions are more frequent and
more sophisticated.  All these big highly publicized busts are opening
a lot of issues.  I didn't have answers to some of these questions so
I sat down and did some thinking.  Writing this article is an
outgrowth of that.  I am not a writer so grant me some journalistic

        Back in the early seventies hacking was quite free.  Most of the
important stuff was running on batch mainframes that had no connection
to the outside world.  The systems that we played with were not really
considered critical by anyone.  We were allowed to play to our hearts
content, and nobody really worried about it at all.  This period is
what I like to think of as the "rise of hacking".  You can read about
some of it in the first section of Levy's book, "HACKERS".  I love
that  section and read it when current events depress me.  In those
days the definition of hacker was clear and clean.  It was fun, it was
hi-tech, it was a blast, and it was not a threat.  There were no big
busts, very few people understood computing, and the public had no
interest in it.

        We hacked for the sheer love of it.  How can I describe the depth of
interest that we had?  We were not concerned with our image or our
"identity".  We wrote games, wrote neat hacks, and learned the
strengths or weaknesses of each system.  We were able to obtain access
to a broad range of systems.  Consider teenage boys comparing and
contrasting the systems designed by older engineers!  We eventually
reached a point where we decided how a system should be set up.  At
this point we began to make an annoyance of ourselves.  In all
instances the various administrations considered us minor annoyances.
They had much more pressing problems!

        New users began to show up in the labs.  They reluctantly wanted to
get something done that absolutely had to be done on the computer.  In
many cases they had no idea how to start, and were left to their own
devices. Centralized data processing management (MIS) didn't want to
deal with them. Often, they saw us playing around, joking, laughing,
carefree, and not at all intimidated by the computer.  They, on the
other hand, were quite intimidated.  We helped these people get
started, showed them were the  documentation was, and explained
various error conditions to them.  We quickly developed reputations as
knowing how to get something to work.

        One of the people I helped made a remark to me that has stuck with me
for a long time.  He said, "I am trained as a civil engineer, so I
don't have a feel for this.  But you, you are pure bred.  You've
gotten into this fresh and taught yourself from the ground up.  You
haven't been trained into any set doctrine."  Phar out man!  This is
an important point.  There were no rules, guidelines, or doctrines.
We made our own up as our experiences dictated.

        As time wore on, the new user pool began to grow more rapidly.   The
computers began to creak and groan under the work loads that were
being placed upon them.  During the day time, we came to the computer
area to find it packed.  We could no longer access the computers
during the day.  After all, we were just playing!  That was OK with
us.  Soon we were there at night and on weekends.  We obtained the
off-hour non-prime time access, but this put us further away from the
mainstream.  These new guys liked the timeshared computers much more
than their mainframe batch machines.  They started to move their darn
*important* crud from the mainframe machines to "our" timesharing
computers.  Pretty soon the administrations started to think about
what it meant to have payroll or grades on the same computers that had
"star-trek version 8", "adventure", or "DECWAR version 2.2".  They
were concerned about security on the timesharing systems, but due to
their budget constraints, most of the centralized MIS shops still had
to give priority to their batch mainframes.  We continued to play, but
we cursed at the slow systems when the important stuff was running.  I
got off "tuning" systems to make them run faster or more efficiently.
Interactive response time became the holy grail.

        The "rise of hacking" was beginning to run out of steam.  The
timesharing systems had been expanded as much as technology and
budgets would allow.  We had learned the various systems internals
inside and out.  We now knew much more about the systems than the
"official" maintainers did, and these maintainers perceived us as a
threat to their positions. The computers were still overloaded.  The
nasty politics of access and resources began to rear their head.  A
convenient scapegoat was to eliminate access to games.  Eliminate the
people that were just playing. Examine all computing activity and bill
for it.  This didn't solve any of the problems (we all knew payroll
and grades wouldn't fit in!) but it did raise the issue of the hackers
to the surface.  All of a sudden we became defined as a problem!  We
were soon getting shut out of various systems.  New kids began to show
up and pretend to be hackers.  They would do anything to show off, and
created large problems for "us".

        At this point the "stagnation" period was beginning.  These were hard
days for us.  Many of my friends quit what they were doing.  Many of
us got real jobs on the computers we played with as a dodge.
Centralized MIS departments began to be placed between the rock and
hard place of limited budgets and unlimited customers.  The new kids,
the overloaded systems, the security concerns for the important
applications, and the political situation all resulted in the
stagnation of hacking.

        "Hacker" took on a bad connotation.  I saw all kind of debates  over
what "hacker" meant.  Some claimed it was a compliment, and should
only be awarded to those bit twiddlers that were truly awesome.  Many
claimed that hackers were the scum of the earth and should be totally
decimated!  What could you do but stay out of the way and let things
take their course?  I realize now that it was in the MIS departments'
*VESTED INTEREST* to define the term "hacker".  Centralized MIS did
not have the courage to fight for larger budgets.  Upper level
administrators who just approved the budget would freak out when they
saw kids playing games on the computers in the library.  MIS had to
define this as bad, had to say they would put a stop to it.  MIS had
to look like they were managing the computer resources responsibly.
Any unusual or politically unacceptable computer event that couldn't
be covered up was caused by "hackers". It was a dodge for MIS!  I am
not saying that some questionable stuff didn't go down, I am just
saying that it was logical to call anything "bad" by some sort of
easily accepted label - "hackers".

        Of course, when the unusual computing event took place your budding
journalists were johnny on the spot.  You don't climb that journalist
ladder by writing about boring stories.  Wild computer stories about
hacking  captured the public interest.  I suppose the public liked to
hear that  somebody could "beat" the system somehow.  Journalists
picked up on this and wrote stories that even I found hard to believe.
The new kids, even when not asked, would blab all day long about the
great things that they were doing. And don't you know, they would blab
all day long about great hacks they heard that you pulled!  Stories
get wilder with each re-telling.  I realize now that it was in the
journalists' *VESTED INTEREST* to define the term "hacker". The public
loves robin hood, the journalists went out and found lots of
pseudo-robin hoods.

        More and more stories began to hit the public.  We heard stories of
military computers getting penetrated.  We heard stories of big
financial rip-offs.  We heard cute stories about guys who paid
themselves the round-off of millions of computer generated checks.  We
heard stories of kids moving space satellites! We heard stories of old
ladies getting their phone bills in a heavy parcel box! As an old
timer, I found a lot of these stories far fetched.  It was all
national inquirer type stuff to me.  The public loved it, the
bureaucrats used it, and the politicians began to see an opportunity!

        The end of the "stagnation" period coincides the arrival of the
politicians.  Was it in the *VESTED INTEREST* of the politicians to
define the term "hacker"?  You bet!  Here was a safe and easy issue!
Who would stand up and say they were FOR hackers?  What is more
politically esthetic than to be able to define a bad guy and then say
you are opposed to it?  More resources began to flow into law
enforcement activities.  When actual busts were made, the legal system
had problems coming up with charges. The legal system has never really
felt comfortable with the punishment side of hacking, however, they
LOVE the chase.  We didn't have guns, we were not very dangerous, but
it is *neat* to tap lines and grab headlines!

        What a dangerous time this was.  It was like a feedback loop, getting
worse every week.  When centralized MIS was unable to cover up a
hacking event, they exaggerated it instead.  Shoddy design or poor
software workmanship was never an issue.  Normally "skeptical"
journalists did not ask for proof, and thrilled at the claims of
multi-million dollar damages.  Agents loved to be seen on TV (vote for
me when I run!) wheeling out junior's Christmas present from last
year, to be used as "evidence".  The politicians were able to pass new
laws without constitutional considerations.  New kids, when caught,
would rabidly turn on each other in their desperation to escape.
Worried older hackers learned to shut up and not give their side for
fear of the feeding frenzy.  Hackers were socked with an identity
crisis and an image problem.  Hackers debated the meaning of hacker
versus the meaning of cracker.  We all considered the fundamental
question, "What is a true hacker?".  Cool administrators tried to walk
the fine line of satisfying upper level security concerns without
squelching creativity and curiosity.

        So what is this "renaissance" business?  Am I expecting to see major
hacker attacks on important systems?  No way, and by the way, if you
thought that, you would be using a definition created by someone with
a vested interest in it.  When did we start to realize that hacker was
defined by somebody else and not us?  I don't know, but it has only
been lately.  Was it when people started to ask us about these
multi-million dollar damage claims?  I really think this is an
important point in time. We saw BellSouth claim an electronically
published duplicate of an electronic document was worth nearly
$100,000 dollars!

        We later saw reports that you could have called a 1-800 number and
purchased the same document for under twenty bucks.  Regular
non-computer people began to express suspicion about the corporate
claims. They expressed suspicion about the government's position.  And
generally, began to question the information the media gave them.
Just last month an article appear in the Wall Street Journal about
some hackers breaking in to electronic voice mail boxes (fancy
answering machines).  They quoted some secret service agent as saying
the damages could run to the tens of millions of dollars.  Somebody
asked me how in the world could screwing around with peoples answering
machines cause over 10 million dollars in damages?  I responded, "I
don't know dude!  Do you believe what you read?"

        And when did the secret service get into this business?  People say
to me, "I thought the secret service was supposed to protect the
president.  How come the secret service is busting kids when the FBI
should be doing the busting?" What can I do but shrug?  Maybe all the
Abu-Nidals are gone and the president is safe.  Maybe the FBI is all
tied up  with some new AB-SCAM or the S&L thing.  Maybe the FBI is
damn tired of hackers and hacking!

        In any event, the secret service showed it's heavy hand with the big
series of busts that was widely publicized recently.  They even came
up with *NEAT* code names for it.  "Operation SUNDEVIL",  WOW!  I
shoulda joined the secret service!!!  Were they serious or was this
their own version of dungeons and dragons?  In a very significant way,
they blew it. A lot of those old nasty constitutional issues surfaced.

        They really should define clearly what they are looking for when they
get a search warrant.  They shouldn't just show up, clean the place
out, haul it back  to some warehouse, and let it sit for months while
they figure out if they got  anything.  This event freaked a lot of
lay people out.  The creation of the Electronic Frontier Foundation is
a direct result of the blatantly illegal search and seizure by the
secret service.  People are worried about what appears to be a police
state mentality, and generally feel that the state has gone to far.  I
think the average American has a gut level feel for how far the state
should go, and the SS clearly went past that point. To be fair, there
aren't any good guidelines to go by in a technical  electronic world,
so the secret service dudes had to decide what to do on their own.  It
just turned out to be a significant mistake.

        I saw Clifford Stoll, the author of the popular book "Cuckoos Egg"
testify on national C-SPAN TV before congress.  His book is a very
good read, and entertaining as well.  A lot of lay people have read
the book, and perceive the chaos within the legal system.  Stoll's
book reveals that many systems are not properly designed or
maintained.  He reveals that many well known "holes" in computer
security go unfixed due to the negligence of the owners.  This book
generated two pervasive questions.  One, why were  there so many
different law enforcement agencies that could claim jurisdiction?  Lay
people found it amazing that there were so many and that they could
not coordinate their efforts.  Two, why were organizations that
publicly claimed to be worried about hackers not updating their
computer security to fix stale old well known problems?  If indeed a
hacker were able to cause damage by exploiting such a well known
unfixed "hole", could the owner of the computer be somehow held
responsible for part of the damage? Should they?

        We all watched in amazement as the media reported the progress of
Robert Morris's "internet worm".  Does that sound neat or what?
Imagine all these lay people hearing about this and trying to judge if
it is a problem.  The media did not do a very good job of covering
this, and the computing profession stayed away from it publicly.  A
couple of guys wrote academic style papers on the worm, which says
something about how important it really was.  This is the first time
that I can remember anyone examining a hacking event in such fine
detail.  We started to hear about military interest in "worms" and
"viruses" that could be stuck into enemy computers. WOW!  The media
accepted the damage estimates that were obviously inflated.  Morris's
sentence got a lot of publicity, but his fine was very low compared to
the damage estimates.  People began to see the official damage
estimates as not being very credible.

        We are in the first stages of the hacking renaissance.  This period
will allow the hackers to assess themselves and to re-define the term
"hacker".  We know what it means, and it fits in with the cycle of
apprentice, journeyman, and master.  Its also got a little artist,
intuition, and humor mixed in.  Hackers have the chance to repudiate
the MISs', the journalists', and the politicians' definition!  Average
people are questioning the government's role in this and fundamental
rights.  Just exactly how far should the  government go to protect
companies and their data?  Exactly what are the responsibilities of a
company with sensitive, valuable data on their  computer systems?
There is a distinct feeling that private sector companies should be
doing more to protect themselves.  Hackers can give an important
viewpoint on these issues, and all of a sudden there are people
willing to listen.

        What are the implications of the renaissance?  There is a new public
awareness of the weakness in past and existing systems.  People are
concerned about the privacy of their electronic mail or records on the
popular services.  People are worried a little about hackers reading
their mail, but more profoundly worried about the services or the
government reading their stuff. I expect to see a very distinct public
interest in encrypted e-mail and electronic privacy.  One of my
personal projects is an easy to use e-mail encrypter that is
compatible with all the major e-mail networks.  I hope to have it
ready when the wave hits!

        Personal computers are so darn powerful now.  The centralized MIS
department is essentially dead.  Companies are moving away from the
big data center and just letting the various departments role their
own with PCs.  It is the wild west again!  The new users are on their
own again!  The guys who started the stagnation are going out of
business!  The only thing they can cling to is the centralized data
base of information that a bunch of PCs might need to access.  This
data will often be too expensive or out-of-date to justify, so even
that will die off.  Scratch one of the vested definers!  Without
centralized multi-million dollar computing there can't be any credible
claims for massive multi-million dollar damages.

        Everyone will have their own machine that they can walk around with.
It is a vision that has been around for awhile, but only recently have
the prices, technology, and power brought decent implementations
available.  Users can plug it into the e-mail network, and unplug it.
What is more safe than something you can pick up and lock up?   It is
yours, and it is in your care.  You are responsible for it.  Without
the massive damage claims, and with clear responsibility, there will
no longer be any interest from the journalists.  Everybody has a
computer, everybody knows how much the true costs of damage are.  It
will be very difficult for the journalists to sensationalize about
hackers.  Scratch the second tier of the vested definers!  Without
media coverage, the hackers and their exploits will fade away from the

        Without public interest, the politicians will have to move on to
greener pastures.  In fact, instead of public fear of hackers, we now
are seeing a public fear of police state mentality and abuse of power.
No politician is going to want to get involved with that!  I expect to
see the politicians fade away from the "hacker" scene rapidly.
Scratch the third tier of the vested definers!  The FBI and the secret
service will be pressured to spend time on some other "hot" political

        So where the heck are we?  We are now entering the era of truly
affordable REAL systems.  What does REAL mean?  Ask a hacker dude!
These boxes are popping up all over the place. People are buying them,
buying software, and trying to get their work done. More often than
not, they run into problems, and eventually find out that they can ask
some computer heavy about them.  Its sort of come full circle, these
guys are like the new users of the old timesharing systems.  They had
an idea of what they wanted to do, but didn't know how to get there.
There wasn't a very clear source of guidance, and sometimes they had
to ask for help.  So it went!

        The hackers are needed again.  We can solve problems, get it done,
make it fun.  The general public has the vested interest in this!  The
public has a vested interest in electronic privacy, in secure personal
systems, and in secure e-mail. As everyone learns more, the glamour
and glitz of the mysterious hackers will fade.  Lay people are getting
a clearer idea of whats going on.  They are less willing to pay for
inferior products, and aren't keen about relying on centralized
organizations for support.  Many know that the four digit passcode
some company gave them doesn't cut the mustard.

        What should we hackers do during this renaissance?  First we have to
discard and destroy the definition of "hacker" that was foisted upon
us.  We need to come to grips with the fact that there were
individuals and groups with a self interest in creating a hysteria
and/or a bogeyman.  The witch hunts are over and poorly designed
systems are going to become extinct.  We have cheap personal portable
compatible powerful systems, but they do lack some security, and
definitely need to be more fun.  We have fast and cheap e-mail, and
this needs to be made more secure.  We have the concept of electronic
free speech, and electronic free press.  I think about what I was able
to do with the limited systems of yesterday, and feel very positive
about what we can accomplish with the powerful personal systems of

        On the software side we do need to get our operating system house in
order.  The Unix version wars need to be stopped.  Bill Gates must
give us a DOS that will make an old operating system guy like me
smile, and soon! We need to stop creating and destroying languages
every three years and we need to avoid software fads (I won't mention
names due to personal safety concerns).  Ken Olsen must overcome and
give us the cheap, fast, and elegantly unconstrained hardware platform
we've waited for all our lives. What we have now is workable (terrific
in terms of history), but it is a moral imperative to get it right.
What we have now just doesn't have the "spark" (I am not doing a pun
on sun either!!!).  The hackers will know what I mean.

        If we are able to deal with the challenges of the hacking
renaissance, then history will be able to record the hackers as
pioneers and not as vandals.  This is the way I feel about it, and
frankly, I've been feeling pretty good lately.  The stagnation has
been a rough time for a lot of us.  The stock market guys always talk
about having a  contrarian view of the market.  When some company gets
in the news as a  really hot stock, it is usually time to sell it.
When you hear about how terrible some investment is, by some perverse
and wonderful force it is time to buy it.  So it may be for the
"hackers".  We are hearing how terrible "hackers" are and the millions
of dollars of vandalism that is being perpetrated.  At this historic
low are we in for a reversal in trend?  Will the stock in "hackers"
rise during this hacking renaissance? I think so, and I'm bullish on
the 90's also!  Party on d00des!

                 /                                          /
                 /              NIA072 / File 3             /
                 /                                          /
                 /             by Erik Bloodaxe             /
                 /                                          /
                 /                                          /

             A spectre is haunting the America--the spectre of
        Computing.  All the Powers of Western Capitalism have entered
        into a holy alliance to exorcise this spectre: BOC and LDS,
        lawyers and judges, corporate CEOs and federal law
        enforcement officials.

             Where is the person in quest of knowledge that has not
        been decried as "hacker" by opponents in power?  Where the
        Opposition that has not hurled back the branding reproach of
        Social Miscreant, against the more advanced opposition, as
        well as against its techno-illiterate adversaries?

             Two things result from this fact.

              I.  Computers are already acknowledged by all Western
                  Powers to be themselves a power.
             II.  It is high time that the Computists should openly,
                  in the face of the whole world, publish their views, their
                  aims, their tendencies, and meet this nursery tale of the
                  Spectre of Computing with a manifesto of the users

             To this end, Computists of various races, purposes, and
        classes have voiced their opinions, and from these the
        following Manifesto has been sketched.


             The history of all hitherto existing society is the
        history of struggles.  Freeman and slave, patrician and
        plebeian, lord and serf, guild-master and journeyman, in a
        word, oppressor and oppressed, stood in constant opposition
        to one another, carried on an uninterrupted, now hidden, now
        open fight, a fight that each time ended either in a
        revolutionary re-constitution of society at large, or in the
        common ruin of the contending classes.

              In this, the era of epoch of Big Business, we are again
        engaged in struggle.  This era, however, possesses a
        distinctive feature: the objective of increased profit masks
        the reality of those that are truly threats, and those that
        are merely perceived as such.  Through this avaricious
        vision, government is forced into becoming a pawn of the
        corporate leaders who wish to stamp out any threat, real or
        imaginary, upon their first instinct to do so.

             Through this procedural paranoia, those who get caught
        in the whirlwind of events stemming from business-induced
        federal investigations often find their rights in serious

             The word of Business is taken as law.  The colorful
        portrait of a computer-based threat to the workings of
        Business, thereby disrupting profit, and in turn the economy,
        force the politicians to act in great haste in forcing orders
        down the bureaucratic hierarchy to eliminate the threat.
        This fact, accompanied by the threat of removal of corporate
        contributions to political campaigns, increases the bias in
        which the procedures of investigation are conducted.

             Business today has achieved near deification.  The reach
        of corporations has become immeasurable.  This influence has
        stripped away the existence of the rights of individuals,
        leaving behind only a few stray hemp fibers from a once full

             This fact is intolerable.  The Government was created
        by and for the people that it would govern.  Special influences
        have no place in decision making on who is to be governed and
        how.  The corporate grasp must be loosened so that Democracy
        can flourish in its natural course.


             To society as a whole, the Computist is an often
        misunderstood entity.  The media representation of the
        Computist left the public with a jaded image.  Stories of
        Computer-based threats to National Security, to Emergency
        Networks, and to Hospital Patients left the public enraged
        by and frightened of the people possessing knowledge to
        interface with today's electronic world.

             Actual computer-related incidents that may have
        adversely affected the nation can be counted on the fingers
        of one hand, while more minor instances are played up by the
        Corporations and sent to the media to stir up more unrest
        against the Computist.  The more often occurrence is an
        action of benefit.  Computists point out flaws, alert people
        to problems in security, and in general assure that the
        nation's computer networks remain safe from foreign

             These actions are mutually beneficial for both parties.
        The Computist gains the experience and knowledge, and the
        Business owning the system gains further protection.  For
        this act of good faith, the Computist is not thanked, rather
        he is threatened, investigated, fined and possibly jailed.
        This is most often the case even when the Computist has made
        himself known from the onset.

             Computists have the power to do a great many things that
        society as a whole is unaware of.  This power is perceived as
        a threat to Business, who has kept the mere existence of such
        power quietly to themselves.  It has long been agreed upon
        that the public should never truly know the true extent of
        the influence Business actually has over their individual
        lives.  Business, through the use of a computer, has ready
        access to eavesdrop on any telephone call placed in this
        country; to view any criminal record, sealed or unsealed; to
        view and alter any financial and credit records; to seize and
        transfer assets from any bank or other financial institution
        and to view any medical or psychiatric records.

             Business knows who you associate with, what you spend,
        what you buy, where you go, and who and what you are.
        Through these records they can designate how much you will
        have to pay for the things you wish to purchase, and what
        methods you will most easily succumb to in being forced to do

             To alert the public to these facts and to help in the
        eradication of Business influence, the Computists call for
        certain measures to be enacted.

             1.  The abolition of all current computer crime laws.

             2.  The re-evaluation of what encompasses computer crime
                 by legislature, by Computists, and by other legal counsel to
                 provide legal statutes that strictly outline progressive
                 guidelines to the crime and their respective punishments.

             3.  Full disclosure by Business of the powers they have
                 kept hidden from the public, so that all may know the
                 possibilities that exist today for Business to invade the
                 privacy of the society.

             4.  Extensive training for all federal and local law
                 enforcement officials who will be assigned to investigate
                 computer-related crime so that they will be skillful enough
                 in their duties to properly execute this task.

             5.  Computer education classes to be required of all
                 children enrolled in schools, public or otherwise, to begin
                 as early as the first year enrolled, and to continue up
                 through the completion of the end of their secondary

             6.  Continuing education classes in computer instruction
                 to be provided free-of-charge to any willing adult through
                 local educational facilities.

             7.  Government published documents on all conceivable
                 aspects of computing to be provided free-of-charge through
                 the General Services Administration via the Consumer
                 Information Catalog.


             In the past most Computist literature has been left as
        underground newspapers, and selectively mailed electronic
        digests.  These were the first to attempt to expose the
        untruths and to surface the hidden powers of Business.  This
        media, although provided at little or no cost, has always
        received limited distribution due to Business-induced
        governmental intrusions.

             There have also been countless texts produced covering
        the operations of softwares and of operating systems.  These
        texts have always had the potential to reach a great many
        persons, but have been provided at a cost that may have
        deterred the average person from their purchase.

             Government publications have the potential to reach
        every member of society, and can provide all people with
        current, correct, and understandable information.  This type
        of distribution would greatly increase society's knowledge of
        computers and reduce the tensions felt towards the subject.
        With increased knowledge of computers, society as a whole
        would prosper, allowing all members the potential to move
        technology forward towards a better and more productive


             The struggle of the Computist against Big Business is a
        microcosm of society as a whole.  This struggle should be the
        struggle of every man and woman in this country.  We are all
        being oppressed and suppressed by the powers of Big Business
        influencing our government, making it work against the needs
        of society.  To end this atrocity that we have allowed to
        imbed itself in our nation we must all work together.

                     PEOPLE OF THE NATION, UNITE!


    /                                                                       /
    /                          NIA 072 / File 4                             /
    /                                                                       /
    /                        `Foiling the Cracker'                          /
    /         A Survey of, and Improvements to, Password Security           /
    /   This work was sponsored in part by the U.S. Department of Defense.  /
    /                                                                       /
    /                              Killing Joke                             /
    /                                                                       /

Daniel V. Klein
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA  15217
+1 412 268 7791

With the rapid burgeoning of national and international networks, the
question of system security has become one of growing importance.  High speed
inter-machine communication and even higher speed computational processors
have made the threats of system ``crackers,'' data theft, data corruption
very real.  This paper outlines some of the problems of
current password security by demonstrating the ease by which individual
accounts may be broken.  Various techniques used by crackers are outlined,
and finally one solution to this point of system vulnerability, a proactive
password checker, is proposed.


The security of accounts and passwords has always been a concern for the
developers and users of Unix.
When Unix was younger, the password encryption algorithm was a simulation of
the M-209 cipher machine used by the U.S. Army during World War II.

%A Robert T. Morris
%A Ken Thompson
%T Password Security: A Case History
%J Communications of the ACM
%V 22
%N 11
%P 594-597
%D November 1979
%L Morris1979

This was
a fair encryption mechanism in that it was difficult to invert under the
proper circumstances, but suffered in that it was too fast an algorithm.  On a
PDP-11/70, each encryption took approximately 1.25ms, so that it was possible
to check roughly 800 passwords/second.  Armed with a dictionary of 250,000
words, a cracker could compare their encryptions with those all stored in the
password file in a little more than five minutes.  Clearly, this was a
security hole worth filling.

In later (post-1976) versions of Unix, the DES algorithm

%T Proposed Federal Information Processing Data Encryption Standard
%J Federal Register (40FR12134)
%D March 17, 1975
%L DES1975

was used to encrypt
passwords.  The user's password is used as the DES key, and the algorithm is
used to encrypt a constant.  The algorithm is iterated 25 times, with the
result being an 11 character string plus a 2-character ``salt.''  This method
is  similarly difficult to decrypt (further complicated through the
introduction of one of 4096 possible salt values) and had the added advantage
of being slow.  On a (VAX-II (a machine substantially faster than a
PDP-11/70), a single encryption takes on the order of 280ms, so that a
determined cracker can only check approximately 3.6 encryptions a second.
Checking this same dictionary of 250,000 words would now take over 19
hours of CPU time.  Although this is still not very much time to break
a single account, there is no guarantee that this account will use one of
these words as a password.  Checking the passwords on a system with 50
accounts would take on average 40 CPU days (since the random selection
of salt values practically guarantees that each user's password will be
encrypted with a different salt), with no guarantee of success.  If this new,
slow algorithm was combined with the user education needed to prevent the
selection of obvious passwords, the problem seemed solved.

Regrettably, two recent developments and the recurrence of an old one have
brought the problem of password security back to the fore.

CPU speeds have gotten increasingly faster since 1976, so much so that
processors that are 25-40 times faster than the PDP-11/70 (e.g., the
DECstation 3100 used in this research) are readily
available as desktop workstations.  With inter-networking, many sites have
hundreds of the individual workstations connected together, and enterprising
crackers are discovering that the ``divide and conquer'' algorithm can
be extended to multiple processors, especially at night when those processors
are not otherwise being used.  Literally thousands of times the computational
power of 10 years ago can be used to break passwords.

New implementations of the DES encryption algorithm have been developed, so
that the time it takes to encrypt a password and compare the encryption
against the value stored in the password file has dropped below the 1ms mark.

%A Matt Bishop
%T An Application of a Fast Data Encryption Standard Implementation
%J Computing Systems
%V 1
%N 3
%P 221-254
%D Summer 1988
%L Bishop1988

%A David C. Feldmeier
%A Philip R. Karn
%T UNIX Password Security - Ten Years Later
%J CRYPTO Proceedings
%D Summer 1989
%L Feldmeier1989

On a single workstation, the dictionary of 250,000 words can once
again be cracked in under five minutes.  By dividing the work across multiple
workstations, the time required to encrypt these words against all 4096 salt
values could be no more than an hour or so.  With a recently described
hardware implementation of the DES algorithm, the time for each encryption
can be reduced to approximately 6ms.

%A Philip Leong
%A Chris Tham
%T UNIX Password Encryption Considered Insecure
%J USENIX Winter Conference Proceedings
%D January 1991
%L Leong1991

This means that this same dictionary can be be cracked in only 1.5 seconds.

Users are rarely, if ever, educated as to what are wise choices for
passwords.  If a password is in a dictionary, it is extremely vulnerable to
being cracked, and users are simply not coached as to ``safe'' choices for
passwords.  Of those users who are so educated, many think that simply
because their password is not in /usr/dict/words, it is safe from
detection.  Many users also say that because they do not have any private
files on-line, they are not concerned with the security of their account,
little realizing that by providing an entry point to the system they allow
damage to be wrought on their entire system by a malicious cracker.

Because the entirety of the password file is readable by all users, the
encrypted passwords are vulnerable to cracking, both on-site and off-site.
Many sites have responded to this threat with a reactive solution - they
scan their own password files and advise those users whose passwords they are
able to crack.  The problem with this solution is that while the local site
is testing its security, the password file is still vulnerable from the
outside.  The other problems, of course, are that the testing is very time
consuming and only reports on those passwords it is able to crack.  It does
nothing to address user passwords which fall outside of the specific test
cases (e.g., it is possible for a user to use as a password the letters
``qwerty'' - if this combination is not in the in-house test dictionary, it
will not be detected, but there is nothing to stop an outside cracker from
having a more sophisticated dictionary!).

Clearly, one solution to this is to either make /etc/passwd unreadable,
or to make the encrypted password portion of the file unreadable.  Splitting
the file into two pieces - a readable /etc/passwd with all but the
encrypted password present, and a ``shadow password'' file that is only
readable by Broot is the solution proposed by Sun Microsystems (and
others) that appears to be gaining popularity.  It seems, however, that this
solution will not reach the majority of non-Sun systems for quite a while,
nor even, in fact, many Sun systems, due to many sites'
reluctance to install new releases of software.

The problem of lack of password security is not just endemic to Unix.  A
recent Vax/VMS worm had great success by simply trying the username as the
password.  Even though the VMS user authorization file is inaccessible to
ordinary users, the cracker simply tried a number of ``obvious'' password
choices - and easily gained access.

What I propose, therefore, is a publicly available proactive password
checker, which will enable users to change their passwords, and to
check a priori whether the new password is ``safe.''  The criteria for
safety should be tunable on a per-site basis, depending on the degree of
security desired.  For example, it should be possible to specify a minimum
length password, a restriction that only lower case letters are not allowed,
that a password that looks like a license plate be illegal, and so on.
Because this proactive checker will deal with the pre-encrypted passwords, it
will be able to perform more sophisticated pattern matching on the password,
and will be able to test the safety without having to go through the effort of
cracking the encrypted version.  Because the checking will be done
automatically, the process of education can be transferred to the machine,
which will instruct the user why a particular choice of password is bad.

Password Vulnerability

It has long been known that all a cracker need do to acquire access to a
Unix machine is to follow two simple steps, namely:

Acquire a copy of that site's /etc/passwd file, either through an
unprotected uucp link, well known holes in sendmail, or via
ftp or tftp.

Apply the standard (or a sped-up) version of the password encryption
algorithm to a collection of words, typically /usr/dict/words plus some
permutations on account and user names, and compare the encrypted results to
those found in the purloined /etc/passwd file.

If a match is found (and often at least one will be found), the
cracker has access to the targeted machine.  Certainly, this mode of attack
has been known for some time,

%A Eugene H. Spafford
%T The Internet Worm Program: An Analysis
%R Purdue Technical Report CSD-TR-823
%I Purdue University
%D November 29, 1988
%L Spafford1988

and the defenses against this attack have also
long been known.  What is lacking from the literature is an accounting of
just how vulnerable sites are to this mode of attack.  In short, many people kno
 w that there is a problem, but few people believe it applies to them.

``There is a fine line between helping
administrators protect their systems and providing a cookbook for bad guys.''

%A F. Grampp
%A R. Morris
%T Unix Operating System Security
%J AT&T Bell Labs Technical Journal
%V 63
%N 8
%P 1649-1672
%D October 1984
%L Grampp1984

The problem here, therefore, is how to divulge useful information on the
vulnerability of systems, without providing too much information, since
almost certainly this information could be used by a cracker to break into
some as-yet unviolated system.
Most of the work that I did was of a
general nature - I did not focus on a particular user or a
particular system, and I did not use any personal information that might be
at the disposal of a dedicated ``bad guy.''  Thus any results which I have
been able to garner indicate only general trends in password usage, and
cannot be used to great advantage when breaking into a particular system.  This
generality notwithstanding, I am sure that any self-respecting cracker would
already have these techniques at their disposal, and so I am not bringing to
light any great secret.  Rather, I hope to provide a basis for protection for
systems that can guard against future attempts at system invasion.

The Survey and Initial Results

In October and again in December of 1989, I asked a number of friends and
acquaintances around the United States and Great Britain to participate
in a survey.  Essentially what I asked them to do was to mail me a copy of
their /etc/passwd file, and I would try to crack their passwords (and
as a side benefit, I would send them a report of the vulnerability of their
system, although at no time would I reveal individual passwords nor even of
their sites participation in this study).  Not surprisingly, due to the
sensitive nature of this type of disclosure, I only received a small fraction
of the replies I hoped to get, but was nonetheless able to acquire a database
of nearly 15,000 account entries.  This, I hoped, would provide a
representative cross section of the passwords used by users in the community.

Each of the account entries was tested by a number of intrusion strategies,
which will be covered in greater detail in the following section.  The
possible passwords that were tried were based on the user's name or account
number, taken from numerous dictionaries (including some containing
foreign words, phrases, patterns of keys on the keyboard, and enumerations),
and from permutations and combinations of words in those dictionaries.
All in all, after nearly 12 CPU months of rather exhaustive testing,
approximately 25% of the passwords had been guessed.  So that you do not
develop a false sense of security too early, I add that 21% (nearly 3,000
passwords) were guessed in the first week, and that in the first 15
minutes of testing, 368 passwords (or 2.7%) had been cracked using what
experience has shown
would be the most fruitful line of attack (i.e., using the user or
account names as passwords).  These statistics are
frightening, and well they should be.  On an average system with 50
accounts in the /etc/passwd file, one could expect the first account to
be cracked in under 2 minutes, with 5-15 accounts being cracked by the end of
the first day.  Even though the Broot account may not be cracked, all it
takes is one account being compromised for a cracker to establish a toehold
in a system.  Once that is done, any of a number of other well-known security
loopholes (many of which have been published on the network) can be used to
access or destroy any information on the machine.

It should be noted that the results of this testing do not give us any
indication as to what the uncracked passwords are.  Rather, it only
tells us what was essentially already known - that users are likely to use
words that are familiar to them as their passwords.

%A Bruce L. Riddle
%A Murray S. Miron
%A Judith A. Semo
%T Passwords in Use in a University Timesharing Environment
%J Computers & Security
%V 8
%N 7
%P 569-579
%D November 1989
%L Riddle1989

What new information it did provide, however, was the degree of
vulnerability of the systems in question, as well as providing a basis for
developing a proactive password changer - a system which pre-checks a
password before it is entered into the system, to determine whether that
password will be vulnerable to this type of attack.  Passwords which can be
derived from a dictionary are clearly a bad idea,

%A Ana Marie De Alvare
%A E. Eugene Schultz, Jr.
%T A Framework for Password Selection
%J USENIX UNIX Security Workshop Proceedings
%D August 1988
%L Alvare1988

and users should be
prevented from using them.  Of course, as part of this censoring process,
users should also be told why their proposed password is not good, and
what a good class of password would be.

As to those passwords which remain unbroken, I can only conclude that these
are much more secure and ``safe'' than those to be found in my dictionaries.
One such class of passwords is word pairs, where a password consists of two
short words, separated by a punctuation character.  Even if only words of
3 to 5 lower case characters are considered, /usr/dict/words provides
3000 words for pairing.  When a single intermediary punctuation character is
introduced, the sample size of 90,000,000 possible passwords is rather
daunting.  On a DECstation 3100, testing each of these passwords against that
of a single user would require over 25 CPU hours - and even then, no
guarantee exists that this is the type of password the user chose.
Introducing one or two upper case characters into the password raises the
search set size to such magnitude as to make cracking untenable.

Another ``safe'' password is one constructed from the initial letters of an
easily remembered, but not too common phrase.  For example, the phrase ``Unix
is a trademark of Bell Laboratories'' could give rise to the password
``UiatoBL.''  This essentially creates a password which is a random string of
upper and lower case letters.  Exhaustively searching this list at 1000 tests
per second with only 6 character passwords would take nearly 230 CPU
days.  Increasing the phrase size to 7 character passwords makes the
testing time over 32 CPU years - a Herculean task that even the most
dedicated cracker with huge computational resources would shy away from.

Thus, although I don't know what passwords were chosen by those users I was
unable to crack, I can say with some surety that it is doubtful that anyone
else could crack them in a reasonable amount of time, either.

Method of Attack

A number of techniques were used on the accounts in order to determine if the
passwords used for them were able to be compromised.  To speed up testing,
all passwords with the same salt value were grouped together.  This way, one
encryption per password per salt value could be performed, with multiple
string comparisons to test for matches.  Rather than considering 15,000
accounts, the problem was reduced to 4,000 salt values.  The password tests
were as follows:

Try using the user's name, initials, account name, and other relevant
personal information as a possible password.  All in all, up to 130 different
passwords were tried based on this information.  For an account name
Bklone with a user named ``Daniel V. Klein,'' some of the passwords that
would be tried were: klone, klone0, klone1, klone123, dvk, dvkdvk, dklein,
DKlein, leinad, nielk, dvklein, danielk, DvkkvD, DANIEL-KLEIN, (klone),
KleinD, etc.

Try using words from various dictionaries.  These included lists of men's and
women's names (some 16,000 in all); places (including permutations so that
``spain,'' ``spanish,'' and ``spaniard'' would all be considered); names of
famous people; cartoons and cartoon characters; titles, characters, and
locations from films and science fiction stories; mythical creatures
(garnered from Bulfinch's mythology and dictionaries of mythical beasts);
sports (including team names, nicknames, and specialized terms); numbers
(both as numerals - ``2001,'' and written out - ``twelve''); strings of
letters and numbers ( ``a,'' ``aa,'' ``aaa,'' ``aaaa,'' etc.); Chinese
syllables (from the Pinyin Romanization of Chinese, a international standard
system of writing Chinese on an English keyboard); the King James Bible;
biological terms; common and vulgar phrases (such as ``fuckyou,'' ``ibmsux,''
and ``deadhead''); keyboard patterns (such as ``qwerty,'' ``asdf,'' and
``zxcvbn''); abbreviations (such as ``roygbiv'' - the colors in the rainbow,
and ``ooottafagvah'' - a mnemonic for remembering the 12 cranial nerves);
machine names (acquired from /etc/hosts); characters, plays, and
locations from Shakespeare; common Yiddish words;  the names of asteroids;
and a collection of words
from various technical papers I had previously published.
All told, more than 60,000 separate words were considered per user (with any
inter- and intra-dictionary duplicates being discarded).

Try various permutations on the words from step 2.  This included making the
first letter upper case or a control character, making the entire word
upper case, reversing the word (with and without the aforementioned
capitalization), changing the letter `o' to the digit `0' (so that the word
``scholar'' would also be checked as ``sch0lar''), changing the letter `l' to
the digit `1' (so that ``scholar'' would also be checked as ``scho1ar,''
and also as ``sch01ar''), and performing similar manipulations to change the
letter `z' into the digit `2', and the letter `s' into the digit `5'.
Another test was to make the word into a plural (irrespective of whether the
word was actually a noun), with enough intelligence built in so that
``dress'' became ``dresses,'' ``house'' became ``houses,'' and ``daisy''
became ``daisies.''  We did not consider pluralization rules exhaustively,
though, so that ``datum'' forgivably became ``datums'' (not ``data''), while
``sphynx'' became ``sphynxs'' (and not ``sphynges'').  Similarly, the suffixes
``-ed,'' ``-er,'' and ``-ing'' were added to transform words like ``phase''
into ``phased,'' ``phaser,'' and ``phasing.''  These 14 to 17 additional
tests per word added another 1,000,000 words to the list of possible
passwords that were tested for each user.

Try various capitalization permutations on the words from step 2 that were not
considered in step 3.  This included all single letter capitalization
permutations (so that ``michael'' would also be checked as ``mIchael,''
``miChael,'' ``micHael,'' ``michAel,'' etc.), double letter capitalization
permutations (``MIchael,'' ``MiChael,'' ``MicHael,'' ... , ``mIChael,''
``mIcHael,'' etc.), triple letter permutations, and so on.  The single letter
permutations added roughly another 400,000 words to be checked per user,
while the double letter permutations added another 1,500,000 words.  Three
letter permutations would have added at least another 3,000,000 words per
user had there been enough time to complete the tests.  Tests of 4, 5, and
6 letter permutations were deemed to be impracticable without much more
computational horsepower to carry them out.

Try foreign language words on foreign users.  The specific test that was
performed was to try Chinese language passwords on users with Chinese names.
The Pinyin Romanization of Chinese syllables was used, combining syllables
together into one, two, and three syllable words.  Because no tests were
done to determine whether the words actually made sense, an exhaustive search
was initiated.  Since there are 398 Chinese syllables in the Pinyin system,
there are 158,404 two syllable words, and slightly more than 16,000,000 three
syllable words.

The astute reader will notice that 398\s-2\u3\d\s+2 is in fact 63,044,972.
Since Unix passwords are truncated after 8 characters, however, the number
of unique polysyllabic Chinese passwords is only around 16,000,000.
Even this reduced set was too large to complete under the imposed time

A similar mode of attack could as easily be used with English, using rules
for building pronounceable nonsense words.

Try word pairs.  The magnitude of an exhaustive test of this nature is
staggering.  To simplify this test, only words of 3 or 4 characters in length
from /usr/dict/words were used.  Even so, the number of word pairs is
BOR(10\s-3\u7\d\s+3) (multiplied by 4096 possible salt values), and as of
this writing, the test is only 10% complete.

For this study, I had access to four DECstation 3100's, each of which was
capable of checking approximately 750 passwords per second.  Even with this
total peak processing horsepower of 3,000 tests per second (some machines were
only intermittently available), testing the BOR(10\s-3\u10\d\s+3)
password/salt pairs for the first four tests
required on the order of 12 CPU months of computations.  The remaining
two tests are still ongoing after an additional 18 CPU months of computation.
Although for research purposes this is well within acceptable ranges, it is a
bit out of line for any but the most dedicated and resource-rich cracker.

Summary of Results

The problem with using passwords that are derived directly from obvious words
is that when a user thinks ``Hah, no one will guess this permutation,'' they
are almost invariably wrong.  Who would ever suspect that I would find their
passwords when they chose ``fylgjas'' (guardian creatures from Norse
mythology), or the
Chinese word for ``hen-pecked husband''?  No matter what words or permutations
thereon are chosen for a password, if they exist in some dictionary, they are
susceptible to directed cracking.  The following table give an overview of
the types of passwords which were found through this research.

A note on the table is in order.  The number of
matches given from a particular dictionary is the total number of matches,
irrespective of the permutations that a user may have applied to it.  Thus, if
the word ``wombat'' were a particularly popular password from the biology
dictionary, the following table will not indicate whether it was entered as
``wombat,'' ``Wombat,'' ``TABMOW,'' ``w0mbat,'' or any of the other 71 possible
differences that this research checked.  In this way,
detailed information can be divulged without providing much knowledge to
potential ``bad guys.''

Additionally, in order to reduce the total search time that was needed for
this research, the checking program eliminated both inter- and
intra-dictionary duplicate words.  The dictionaries are listed in the order
tested, and the total size of the dictionary is given in addition to
the number of words that were eliminated due to duplication.  For
example, the word ``georgia'' is both a female name and a place, and is only
considered once.  A password which is identified as being found in the common
names dictionary might very well appear in other dictionaries.  Additionally,
although ``duplicate,'' ``duplicated,'' ``duplicating'' and ``duplicative'' are
all distinct words, only the first eight characters of a password are used in
Unix, so all but the first word are discarded as redundant.

Passwords cracked from a sample set of 13,797 accounts
Type of:Size of:Duplicates:Search:# of:Pct.:Cost/Benefit
Password:Dictionary:Eliminated:Size:Matches:of Total:Ratio\s-2\u*\d\s+2
User/account name:130\s-3\u\(dg\d\s+3:\-:130:368:2.7%:2.830
Character sequences:866:0:866:22:0.2%:0.025
Place names:665:37:628:82:0.6%:0.131
Common names:2268:29:2239:548:4.0%:0.245
Female names:4955:675:4280:161:1.2%:0.038
Male names:3901:1035:2866:140:1.0%:0.049
Uncommon names:5559:604:4955:130:0.9%:0.026
Myths & legends:1357:111:1246:66:0.5%:0.053
Sports terms:247:9:238:32:0.2%:0.134
Science fiction:772:81:691:59:0.4%:0.085
Movies and actors:118:19:99:12:0.1%:0.121
Famous people:509:219:290:55:0.4%:0.190
Phrases and patterns:998:65:933:253:1.8%:0.271
Machine names:12983:3965:9018:132:1.0%:0.015
King James bible:13062:5537:7525:83:0.6%:0.011
Miscellaneous words:8146:4934:3212:54:0.4%:0.017
Yiddish words:69:13:56:0:0.0%:0.000

In all cases, the cost/benefit ratio is the number of matches divided by the
search size.  The more words that needed to be tested for a match, the lower
the cost/benefit ratio.

The dictionary used for user/account name checks naturally changed
for each user.  Up to 130 different permutations were tried for each.

While monosyllablic Chinese passwords were tried for all users (with 12
matches), polysyllabic Chinese passwords were tried only for users with
Chinese names.  The percentage of matches for this subset of users is 8% -
a greater hit ratio than any other method.  Because the dictionary size is
over 16\(mu10\s-2\u6\d\s+2, though, the cost/benefit ratio is infinitesimal.

The results are quite disheartening.  The total size of the dictionary was
only 62,727 words (not counting various permutations).  This is much smaller
than the 250,000 word dictionary postulated at the beginning of this paper,
yet armed even with this small dictionary, nearly 25% of the passwords were

Length of Cracked Passwords
1 character:4:0.1%
2 characters:5:0.2%
3 characters:66:2.0%
4 characters:188:5.7%
5 characters:317:9.5%
6 characters:1160:34.7%
7 characters:813:24.4%
8 characters:780:23.4%

The results of the word-pair tests are not included in either of the two
tables.  However, at the time of this writing, the test was approximately 10%
completed, having found an additional 0.4% of the passwords in the sample
set.  It is probably reasonable to guess that a total of 4% of the passwords
would be cracked by using word pairs.

Action, Reaction, and Proaction

What then, are we to do with the results presented in this paper?  Clearly,
something needs to be done to safeguard the security of our systems from
attack.  It was with intention of enhancing
security that this study was undertaken.  By knowing what kind of passwords
users use, we are able to prevent them from using those that are easily
guessable (and thus thwart the cracker).

One approach to eliminating easy-to-guess passwords is to periodically run a
password checker - a program which scans /etc/passwd and tries to
break the passwords in it.

%A T. Raleigh
%A R. Underwood
%T CRACK: A Distributed Password Advisor
%J USENIX UNIX Security Workshop Proceedings
%D August 1988
%L Raleigh1988

This approach has two major drawbacks.  The first
is that the checking is very time consuming.  Even a system with only 100
accounts can take over a month to diligently check.  A halfhearted check is
almost as bad as no check at all, since users will find it easy to circumvent
the easy checks and still have vulnerable passwords.  The second drawback is
that it is very resource consuming.  The machine which is being used for
password checking is not likely to be very useful for much else, since a
fast password checker is also extremely CPU intensive.

Another popular approach to eradicating easy-to-guess passwords is to force
users to change their passwords with some frequency.  In theory, while this
does not actually eliminate any easy-to-guess passwords, it prevents the
cracker from dissecting /etc/passwd ``at leisure,'' since once an
account is broken, it is likely that that account will have had it's password
changed.  This is of course, only theory.  The biggest disadvantage is that
there is usually nothing to prevent a user from changing their password from
``Daniel'' to ``Victor'' to ``Klein'' and back again (to use myself as an
example) each time the system demands a new password.  Experience has shown
that even when this type of password cycling is precluded, users are easily
able to circumvent simple tests by using easily remembered (and easily
guessed) passwords such as ``dvkJanuary,'' ``dvkFebruary,'' etc.

%A Dr. Brian K Reid
%D 1989
%I DEC Western Research Laboratory
%O Personal communication.
%L Reid1989

A good
password is one that is easily remembered, yet difficult to guess.  When
confronted with a choice between remembering a password or creating one that
is hard to guess, users will almost always opt for the easy way out, and
throw security to the wind.

Which brings us to the third popular option, namely that of assigned
passwords.  These are often words from a dictionary, pronounceable nonsense
words, or random strings of characters.  The problems here are numerous and
manifest.  Words from a dictionary are easily guessed, as we have seen.
Pronounceable nonsense words (such as ``trobacar'' or ``myclepate'') are
often difficult to remember, and random strings of characters (such as
``h3rT+aQz'') are even harder to commit to memory.  Because these passwords
have no personal mnemonic association to the users, they will often write
them down to aid in their recollection.  This immediately discards any
security that might exist, because now the password is visibly associated
with the system in question.  It is akin to leaving the key under the door
mat, or writing the combination to a safe behind the picture that hides it.

A fourth method is the use of ``smart cards.''  These credit card sized
devices contain some form of encryption firmware which
will ``respond'' to an electronic ``challenge'' issued by the system onto
which the user is attempting to gain acccess.  Without the smart card, the
user (or cracker) is unable to respond to the challenge, and is denied access
to the system.  The problems with smart cards have nothing to do with
security, for in fact they are very good warders for your system.  The
drawbacks are that they can be expensive and must be carried at all times
that access to the system is desired.  They are also a bit of overkill for
research or educational systems, or systems with a high degree of user

Clearly, then, since all of these systems have drawbacks in some
environments, an additional
way must be found to aid in password security.

A Proactive Password Checker
The best solution to the problem of having easily guessed passwords on a
system is to prevent them from getting on the system in the first place.  If
a program such as a password checker reacts by detecting guessable
passwords already in place, then although the security hole is found, the hole
existed for as long as it took the program to detect it (and for the user to
again change the password).  If, however, the program which changes user's
passwords (i.e., /bin/passwd) checks for the safety and guessability
before that password is associated with the user's account, then the
security hole is never put in place.

In an ideal world, the proactive password changer would require eight
character passwords which are not in any dictionary, with at least one
control character or punctuation character, and mixed upper and lower case
letters.  Such a degree of security (and of accompanying inconvenience to the
users) might be too much for some sites, though.  Therefore, the proactive
checker should be tuneable on a per-site basis.  This tuning could be
accomplished either through recompilation of the passwd program, or
more preferably, through a site configuration file.

As distributed, the behavior of the proactive checker should be that of
attaining maximum password security - with the system administrator being
able to turn off certain checks.  It would be desireable to be able to test
for and reject all password permutations that were detected in this research
(and others), including:

Passwords based on the user's account name

Passwords based on the user's initials or given name

Passwords which exactly match a word in a dictionary (not
just /usr/dict/words)

Passwords which match a word in the dictionary with some or all
letters capitalized

Passwords which match a reversed word in the dictionary

Passwords which match a reversed word in the dictionary with some or all
letters capitalized

Passwords which match a word in a dictionary with an arbitrary letter turned
into a control character

Passwords which match a dictionary word with the numbers `0', `1', `2', and
`5' substituted for the letters `o', 'l', 'z', and 's'

Passwords which are simple conjugations of a dictionary word (i.e., plurals,
adding ``ing'' or ``ed'' to the end of the word, etc.)

Passwords which are patterns from the keyboard (i.e., ``aaaaaa'' or ``qwerty'')

Passwords which are shorter than a specific length (i.e., nothing shorter than
six characters)

Passwords which consist solely of numeric characters (i.e., Social Security
numbers, telephone numbers, house addresses or office numbers)

Passwords which do not contain mixed upper and lower case, or mixed letters
and numbers, or mixed letters and punctuation

Passwords which look like a state-issued license plate number

The configuration file which specifies the level of checking need not be
readable by users.  In fact, making this file unreadable by users (and by
potential crackers) enhances system security by hiding a valuable guide
to what passwords are acceptable (and conversely, which kind of
passwords simply cannot be found).

Of course, to make this proactive checker more effective, it woule be
necessary to provide the dictionaries that were used in this research
(perhaps augmented on a per-site basis).  Even more importantly, in addition
to rejecting passwords which could be easily guessed, the proactive password
changer would also have to tell the user why a particular password was
unacceptable, and give the user suggestions as to what an acceptable password
looks like.

Conclusion (and Sermon)

It has often been said that ``good fences make good neighbors.''  On a
Unix system, many users also say that ``I don't care who reads my files, so I
don't need a good password.''  Regrettably, leaving an account vulnerable to
attack is not the same thing as leaving files unprotected.  In the latter
case, all that is at risk is the data contained in the unprotected files,
while in the former, the whole system is at risk.  Leaving the front door to
your house open, or even putting a flimsy lock on it, is an invitation to the
unfortunately ubiquitous people with poor morals.  The same holds true for an
account that is vulnerable to attack by password cracking techniques.

While it may not be actually true that good fences make good neighbors, a
good fence at least helps keep out the bad neighbors.  Good passwords are
equivalent to those good fences, and a proactive checker is one way to
ensure that those fences are in place before a breakin problem occurs.


                     /                      /
                     /   NIA 072 / File 5   /
                     /                      /
                     /   JONAS & ERICKSON   /
                     /    PRIME EXL-316     /
                     /                      /
                     /   Terminal_Erection  /
                     /                      /

             Differences between the C.T. & Prime EXL

- You Can't log in as root anywhere except the console.
  (But you can log in as mars and then use the su command).

- The console port prompt is Console Login: and everyone else is
  the standard login:

- You will not have to re-configure the kernel anymore. Three
  kernels are provided by corporate services on a separate tape.

- The /etc/rc file is now /etc/rc2.

- There is a system administrator command that allows you to add
  users, assign passwords, install additional hardware and a lot

- On-line help facility call 'help', for most unix commands.

- No /etc/issue file, must use /etc/motd.

- No 'more' command, must use 'pg'.

- The  key is now the  key.

- You may not backspace while logging in.
  (The system will ask for a password, press  to get the
  login prompt back.)

- To see the directories in column format you must use the ls -C

- In the /etc/gettydefs file all the labels have an 'h' in front
  except the 9600 label (eg. 1200 is now h1200, 300 is now h300)

- The Prime Exl does not support parallel printers.

- The STOP button on the front of the EXL is equal to the
  shutdown command.

- All formatting and partitioning of the disks is done
  automatically. (Explained later).

- tty device names are different.
  (eg. /dev/tty01, /dev/console, /etc/ttyax)

- Tape device name is /dev/rct/c0d5. (Not /dev/rmt0).

- Configurable kernel is an extra cost add-on. Since we didn't
  want to add the cost to every system, we obtained Prime's
  permission to send out pre-configured kernels from corporate
  services. Unfortunately this means you cannot reconfigure the
  kernel in the field.


Page    Check    Description

  4     _____ 1. Connect console terminal
  5     _____ 2. Install operating system
  6     _____ 3. Initial system setup
  8     _____ 4. Restoring the kernel
  9     _____ 5. Configuring terminals and ports
 11     _____ 6. Edit /etc/gettydefs
 12     _____ 7. Edit /etc/rc2
 13     _____ 8. Edit /etc/profile
 13     _____ 9. Create directories
 14     _____10. Install Thoroughbred Basic
 15     _____11. Install J & E programs
 15     _____12. Edit IPLINPUT
 16     _____13. Adjust terminal types
 17     _____14. Add appropriate /mars /backup /fullback and
                 /printbu shell scripts.
 18     _____15. Edit /etc/passwd to add mars login code and a
                 set of login codes specific to the client.
 20     _____16. Create /etc/motd file for J&E welcome message at
 20     _____17. Reboot system, test client login.
 21     _____18. Define all J&E data files as per client file
 21     _____19. Test as much as you can.
 21     _____20. Label special ports at the rear of the system,
                 take a full backup, and repack it for shipping.
 21     _____21. Disable / Enable lock.

 22    Simplified System Administration.
 23    Prime EXL-316 Cabling Information.

                      DETAILED DESCRIPTIONS

     These instructions have been written by a programmer, to a
programmer.  If you are not a programmer and you can't fake it,
then you really should go and get one.  In many instances, we
have given very exacting detail, but things can go wrong.  Also,
the instructions are given in a way that each step could be
performed separately.  However, generally, you can get a lot of
overlap in by combining steps and not rebooting the system until
you have to in order to test something.
Below is a diagram showing you the port layout on the EXL. Please
note that the EXL ports are numbered in the octal number system.

                   Prime EXL-316

               |                    |        Where:
               |    ( REAR VIEW )   |
               |                    |        A=ttyax
               |                    |        C=console
               |                    |        V=Voltage selector
               |                    |
               |               V    |        Number=tty ports
               |                    |
               |  A                 |
               |  C  00  10  20     |
               |     01  11  21     |
               |     02  12  22     |
               |                    |
               |     03  13  23     |
               |     04  14  24     |
               |     05  15  25     |
               |     06  16  26     |
               |     07  17  27     |
               |                    |

                    FIGURE 1-1

Before doing anything set the voltage selector switch to 115V on
the rear on the EXL.

Step 1. (Getting the EXL ready)
Unpack the computer using the instruction in the Prime
installation and operation guide.

Check the following list before doing anything to make sure you
have all the tools you require to do the install.

_____ Delivery of Prime EXL & terminals.
_____ Jonas & Erickson software tape, (From Corporate Services).
_____ Jonas & Erickson kernels tape,  (From Corporate Services).
_____ Prime EXL Operating Systems tape.
_____ Prime EXL Extended Diagnostic tape.
_____ Thoroughbred Basic tape.
_____ Thoroughbred Basic manual
_____ Thoroughbred Basic passport security device (small box).
_____ Prime terminal cables. ( RJ45 to RS232 )
_____ Prime EXL-316 power cable.
_____ Small Standard Screwdriver & 3/16" nut driver.

      Five manuals supplied by Prime. They are:

_____ 1. Systems Administrator Reference Manual.
_____ 2. Systems Administrator Guide.
_____ 3. Users guide.
_____ 4. Users Reference Manual.
_____ 5. Installation and Operation Guide.

- Unpack and place the inserts for the Prime manuals in the
  correct sequence.
- If you have not done so, set the voltage selector switch to 115
  volts on the rear of the computer.
- Remove the shipping insert that should be in the tape drive.
- Connect the power cord & plug it in the wall.
- Unpack the terminal & plug it in to the wall.
- Connect the communications cable from the console port,
  (see diagram 1-1) to the fixed female connection on the
  passport. Notice that the cable has a removable sex-changer
  that must be removed & connected separately using a 3/16" nut
  driver. Connect the ribbon cable from the passport, (small box)
  to the main port on the terminal.
- Set your terminal as follows:

                       Terminal settings

          Baud rate      : 9600
          Data bits      : 8
          Stop bits      : 1
          Parity         : none
          Handshake      : XON/XOFF
          Communications : Full Duplex
          Emulation      : TVI925

- Press the power on switch at the rear on the computer.
  (0 = Off, 1 = On)
- Make sure the control panel key is set to ENABLE.

Step 2. (Installing the Prime EXL UNIX operating system.)

- Insert the tape marked "PRIME EXL tm Operating System" supplied
  by PRIME, into the tape drive. Make sure the indicator is in
  the safe position. (Insert opening in the tape to the left,
  metal plate face down.)
- Press the START switch. The EXL will do some diagnostics, play
  some music, display some messages and after a few minutes will
  come up to the # prompt.
- At the # prompt, enter:
  # install (CR)
  The system may display a date and time and ask if you wish to
  change the time zone plus the date & time. You should reply no
  since this is described later on.
          Change the time zone? [y,n,?,q] n(CR)
          Change the date and time? [y,n,?,q] n(CR)
  Formatting will start and will take approximately 10 minutes.
  You will see:
  Partitioning the disk...
  Creating empty root file system on /dev/dsk/c0d0s0.
  Creating empty usr file system on /dev/dsk/c0d0s1..
  Installing root file system on /dev/dsk/c0d0s1...
  Installing usr file system on /dev/dsk/c0d0s1...

  Rewinding tape...
  Writing boot block...

  When the installation is complete you will see:

  The PRIME EXL Operating System is now installed.
  Remove the cartridge tape and press STOP.

- Do what it said. (The STOP key in on the front of the EXL.)
  Let the EXL power down completely. The operating system has
  been installed and two partitions have been installed. They are
  /root and /usr.
- Press the START key. This should now boot the operating system
  off the disk.
- At the Console Login: prompt type

  Console Login: root (CR)

- Insert the "PRIME EXL tm Extended Diagnostics Monitor" tape
  provided by Prime. (Make sure the indicator is set to safe)

- At the # prompt type:

  # cd /dedgmon (CR)

  then type: (Note: The next command is in upper case)


  You will be prompted to "install" tape and press  key
  when ready. Do so. This will install the extended diagnostic on
  to the Prime EXL's operating system. (Takes about 1 minute)
- Once you see "edmon installation complete" remove the tape from
  the tape drive and put it back in the plastic cover.

Step 3 (Initial system setup)

At the # prompt type:

  # cd / (CR)
  # sysadm setup (CR)

  You will be prompted to:

          1. Set the time zone.
          2. System date & time.
          3. First user on the system. (mars)
          4. To enter a root password
          5. Naming the computer

  Note: sysadm is a utility that allows you to do most of the
  administrative work you would normally have to do by editing
  eg. Add users, delete user, add tty ports, change passwords etc
  (See page 19 of this manual for further details)

  For sysadm procedure most responses are:

          y=Yes, n=No, ?=Display more info, q=Quit

Date and Time:

Current time and zone is : 15:55 EDT
Change the time zone? [y,n,?,q]

If the time zone is not correct then type y (CR)
You will be prompted to choose between 10 time zones.
Enter (1-10)

This will edit the /etc/TIMEZONE file.

Does your time zone use Daylight Savings Time during the year?
Answer y or n. (CR)

Change the date and time [y,n,q,?]
If you answer y (CR) then you will be prompted to enter the hour
and minute etc.

Setting up the first login:

You will prompted:

Enter user's full name [?,q]: mars (CR)
Enter user's login ID [?,q]: mars (CR)
Enter user ID number (default 100) [?,q]: (CR)
Enter group ID number or group name
(default 1) [?,q]: (CR)
Enter the user's login (home) directory name.
(default '/usr/mars') [?,q]: (CR)

This is the information for the new login:
        User's name:    mars
        login ID:       mars
        user ID:        100
        group ID:       1
        home directory: /usr/mars
Do you want to install,edit, or skip this entry
 [i,e,s,q]? i (CR)
Login installed.

Do you want to give the user a password? [y,n] n (CR)
Do you want to add another login? [y,n,q] n (CR)

Assigning a password to root

Do you want to give passwords to administrative logins
 [y,n,?,q] n (CR)
Do you want to give password to system logins?
 [y,n,q,?] n (CR)

Naming the machine

This machine is currently called "exl".
Do you want to change it? [y,n,q,?] n (CR)

Step 4. ( Restoring J & E kernels )

Restoring J & E kernels

The commands are as follows:
  -put in the J&E EXL kernel tape into the tape drive.
  # cd / (CR)
  # cpio -icvdumaB < /dev/rct/c0d5 (CR)
  ... (restores the file ...

When complete remove the tape & return it to its plastic covering
(Note: Should restore three files)

You now have four versions of unix on the system disk, the system
that was distributed, as well as three new versions.

They are:            /unix         (Distributed version)
                     /je.unix.8    (Eight user version)
                     /je.unix.16   (Sixteen user version)
                     /je.unix.24   (Twenty-four user version)
                     /je.DOC       (A copy of this manual)
    Future use --->  /je.create.t1 (Makes nodes for tty20-tty27)
    Future use --->  /je.create.t2 (Makes nodes for tty30-tty57)

Start by making a backup of the current kernel.
cp /unix /unix.save(CR)

If you have a 8 user system you simply copy /je.unix.8 to /unix.
If you have a 16 user system you copy /je.unix.16 to /unix etc.
In this example we are assuming you have a 24 user system, so we
would type:
Warning: If you don't have a 24 user system do not use the bigger
shell. There are memory restrictions.

mv /je.unix.24 /unix (CR)

Now sync the disks by typing:

sync;sync;sync (CR)
Now, press the STOP button (on the front of the machine). Ignore
warning messages which may appear. They appear because the
current "/unix" is not the same as the one which was booted.

Once the system is powered down completely, press the START
button. The new kernel you just installed is now being booted.

Step 5. ( Configuring terminals and printers )
The file /etc/inittab configures the terminal ports on the
system.  Please note that this controls login terminals only.
Ports to be used for serial printers will have to be turned off
here and configured in /etc/rc2.  Other ports that you would want
turned off would include transport ports, and ports for any
serial devices which are not login terminals such as point-of-
sale devices.  Modems count as login terminals.
Our first task here is to determine the correspondence between
the physical port labels, and the unix terminal device names (tty
numbers). On EXL-316s Port tty00 is the port on the first
communications board labelled channel 1 (the first communications
board is the left most when viewed from the rear, labelled 1 to
8). It is important to know the ports are numbered in octal. They
go 0 to 7, 10 to 17, 20 to 27 etc. Also there are two ports that
Prime has installed that are called ttyax and console. The ttyax
will be used for the modem and console is the system console.
(See diagram 1-1). Port tty00 is the port labeled channel 1.
Ports tty00 through tty07 are on the first RS232 expansion board.
The second RS232 expansion board is further right consisting of
ports tty10 through tty17, and so on (Remember the ports are
numbered in octal).  The RS232 expanders come in 8 port version.
All versions use 8-pin RJ45 connectors. (Big telephone jacks).
What we have to do, is determine which ports will physically be
connected to a login terminal, and make sure that the
corresponding lines in /etc/inittab are enabled.  Take some time
at this point to decide which equipment you will be plugging into
which port.  After you have determined which ports can physically
have terminals it is necessary to edit /etc/inittab to tell the
system what's what.  J&E's standard is to always connect the

support modem to ttyax, and to assign ports to non-terminal
devices (such as printers) starting at the end and working back.
The format of a line in /etc/inittab is as follows:
        nn:X:Y:/etc/getty T Z
 where-nn is the port number (co=console, ta=ttyax, ##=number of
       tty port, in octal.)
      -X is the word off if the port is to be turned off.  If
       the port is to be turned on, then X will be a number
       which must contain the digit 2.
      -Y should be the word respawn.  If it is the word off, then
       the port is again turned off (Note: This is the preferred
       way of turning off a port).
      -T is the tty number
      -Z is a label corresponding to an entry in the file
       /etc/gettydefs.  IT IS NOT the baud rate, although the
       labels used usually correspond to a baud rate for
       convenience.  The usual values for Z are either 9600,
       h1200, or h300 (for modems). You should only need to
       change this to set modem ports.
There are three ways to turn a port off.  The preferred way is to
change the word Y from respawn to off.  The second way is to
change the number X to the word OFF.  The third way is to place a
colon as the first character of the line making the entire line a
You should ensure that all the ports that the machine physically
will have login terminals connected to are turned on.  Do not
turn on any ports that will not have a terminal connected, even
if the client will be adding terminals in a little while, as this
will slow down the system.  If you turn on a port that the
machine does not physically have then T0 (console) will get
periodic error messages, messing up the screen displays.
After making changes to /etc/inittab, they will automatically go
into effect in about 5-10 minutes, or following a reboot.  You
can also put them into effect immediately by the root command:
          # telinit q(CR)
On a typical new system, only console will be turned on.
If you are not familiar with any Unix editor, then the following
is intended as a key by key guide for someone setting up
/etc/inittab for the first time, but this would be a good time to
learn the ed editor as its multi-line replacement will save you
some time.

     Console Login: root(CR)
     # ed /etc/inittab(CR)     <-- invoke line editor
     1227    <-- system responds with the # of chars (May differ)
     /nn(CR)   <--finds the definition line for ttynn
     nn:X:Y:/etc/getty tttttt Z    <--note X, Y and Z will
                   have some value that we will check
     <-- make sure that X is 2 - if it isn't then change it by
     s/3/2(CR)           <-- eg. X was "3" but we wanted "2"
     <-- make sure that Y is respawn - if it isn't then change it
     s/off/respawn(CR)   <-- eg. Y was "off" but we wanted
     <-- make sure that Z is correct for the login device you are

         using as follows: 9600 for normal 9600 baud login
         terminal, h1200 for 1200 baud modem, h300 for 300 baud
     <-- if Z is incorrect, then change it by
     s/9600/h1200(CR)     <--  eg. Z was 9600 but we wanted h1200
     <-- after each "s" for substitute command above, the system
         will respond by echoing back the new line

Repeat the above sequence for each login port until all the ones
that you are going to use are turned on.  Also, make sure that
any ports that you will use for special equipment such as serial
printers, cash registers, transport ports, etc. (anything that is
not a login terminal) are left turned off (ie. off instead of
respawn).  When you are done editing, exit the editor as follows:
      w    <-- rewrite the file
      1397 <-- responds with the new number of chars (May differ)
      q    <-- to quit the editor

On the EXL's we've seen so far, only the console port is turned
on by default. Also, you will probably want to change the baud
rate on the ttyax post to be h1200 (or h300).

Step 6. (Editing gettydefs)
You should change /etc/gettydefs on all EXL-316s.  Basically,
this file contains the initial stty options for terminals
'respawn'ed by 'getty' as per 'inittab' (remember inittab?).
Each line in gettydefs starts with a label used in inittab, and
ends with another label to use if the user hits the break key
while logging in.  This is how variable baud rates are handled on
a single port as the labels, by convention, correspond to baud
rates.  The trouble with this is that autobaud detect modems get
confused, so its better to disable this.
Caution: as the file /etc/gettydefs contains lines that are more
than 200 characters long, we recommend that you do not use vi to
make the changes.  The steps below, effect the change using the
ed editor.
   Console Login: root(CR)
   # ed /etc/gettydefs(CR)    <-- invoke line editor
   1002           <-- response is # of chars (May differ)
   /B300(CR)   <-- find the 300 baud label
   s/9600/300(CR)   <-- change it to loop to itself
   /B1200(CR)   <-- find the 1200 baud label
   s/300/1200(CR)  <-- change it to loop to itself
   /B2400(CR)   <-- find 2400 baud label

   s/1200/2400(CR) <-- change it to loop to itself
   ...      <-- response is new login line
   w(CR)    <-- rewrite the file
   1002     <-- response is new # of chars (May differ)
   q(CR)    <-- quit to Unix

The new parameters will go into effect following the next
shutdown and reboot.

Step 7. (Editing rc2)
The file /etc/rc2 is a Unix shell script that runs every time the
system is rebooted.  There are two things that we have had
occasion to change in this file.  These are as follows:

a. Define communications parameters for serial printers.
Basically this involves getting a "sleep" command going on the
port and using "stty" to set the baud rate, etc.  The following
key by key example adds the commands necessary to define a
printer on tty17 with 8-bits, no parity and x-on/x-off flow
control (our standard for serial printers on CT's).
 Console Login: root(CR)
 # ed /etc/rc2(CR)     <-- invoke the line editor
 1290              <-- system response is # of chars (May differ)
 $a(CR)   <-- editor command to append at the bottom
              (there is no prompt in response)
 sleep 2000000 > /dev/tty17 &(CR)    <-- add sleep
 stty 9600 cs8 -parenb ixon ixoff ixany -echo < /dev/tty17 &(CR)
 .(CR)          <-- editor command to get out of append mode
 w(CR)          <-- to rewrite the file
 1379           <-- system response, is # of chars. (May differ)
 q(CR)          <-- to quit the editor
 #        <-- shutdown and reboot to get new stty parameters set
Note the ampersand (&) at the end of the sleep and stty commands.
It is critically important as the /etc/rc2 script file will never
finish executing if the cable is ever pulled out, and
consequently, the system will never finish booting!  If this
happens, call for help.  You'll need to boot from tape to get the
system going again (or plug the cable back in).

b. Start spooler if necessary.  Since you should only do this
under very special circumstances the Unix spooler is not covered
here. Please refer to the separate document in the System
Administrator Reference manual and/or call for help.

Step 8. (Editing profile)
The file /etc/profile is executed for each terminal that logs in
to Unix in a standard manner.  Please note that the way we set up
basic users does not pass through this, so it's not very useful
to J&E.  You may have occasion to use it if you are setting up
logins for other Unix applications or using the help command in
The file /.profile is executed each time you login as root.  The
default file sets the file creation parameters so that if root
creates a file, other login's cannot use it.  We recommend
changing this in case any Basic work is ever done from root.
  Console Login: root (CR)
  # cd /etc(CR)
  # ed profile(CR)
  ... <-- system response in number of chars
  /umask(CR)     <-- find umask line
  umask 022    <-- response is current setting
  s/22/00(CR)       <-- change 022 to 000
  umask 000    <-- response is changed line
  /pt200        <-- find pt200 line
  s/pt200/tvi925 <-- change terminal type to TVI925
  export TERM;  TERM=tvi925   #default terminal type <-- response
  w(CR)     <-- rewrite the file
  887   <-- new number of chars (May differ)
  q(CR)  <-- quit the editor

Step 9. (Creating directories)
For Thoroughbred Basic (formerly SMC Basic), the J&E standard is
to set up a directory called "JE" on each file system on the
machine.  This allows us to distinguish our stuff from other Unix
stuff, while still permitting  Basic to get at all of the
available disk space.  Before you create the directories, get
started with the following commands.  They set the default
permissions on the files so that any user can have full access.
      Console Login: root(CR)
      # umask 0(CR)          <-- set default full permissions
The next step is to get a list of the file systems on the
Type in:
      # df -t(CR)      <-- "disk free" command lists file systems

Each file system has a two line description.  The first part is
the part which we need - the full pathname of the mount point
(directory) of the file system.  Also, make note of the number of
free blocks (of 1024 bytes each) on each file system.  On a
typical EXL-316 with one 258Mb drive, you will have the following
file systems; / and /usr, with /usr having the most free space.
(About 200 mb). Create an JE directory on each file system except
the root file system (/) with the mkdir command. (In this case we
would create a "JE" directory on /usr only.)
It is a bad idea to allow JE to create files on the root file
system.  There's typically not a lot of space there and you could
create problems if a large file gets accidently created on this
file system and fills the root directory.  For this reason, the
following installation procedure does NOT create a /JE directory.
In effect, your client's machine will have some "spare" disk
space that you could make available in the future if the system
gets close to being full. (on a 258 mb drive this is on 7 mb)
Using the EXL-316 example, the command would be:
      # mkdir /usr/JE(CR)
Within the JE directory, we must now create sub-directories for
various uses by basic.  There will be one "main working
directory" for basic where all the programs, all the work files
and the Thoroughbred Basic interpreter itself reside.  The
remaining data files may be spread around as desired to make best
use of the available disk space.
To create the sub-directories for the main JE directory use:
      # mkdir /usr/JE/WORK /usr/JE/DATA0 /usr/JE/PGM(CR)
(Note that the UTILS directory for the Basic utilities will be
created automatically when we install the interpreter).

Please number your data directories in order of preference of
using up space.  Generally, number them in order from most
available space to least.  In a later step, we will configure
Basic to assign a "logical disk" number to each JE sub-directory

Step 10.(Installing Thoroughbred)

The installation steps are as follows:
- put the Thoroughbred tape in the drive (Openings in tape to
  left, metal plate face down. Make sure safe indicator is to
  safe position).
    Console Login: root(CR)
    # cd /usr/JE(CR)  <-- change to the main directory for Basic
    # cpio -icvdumaB < /dev/rct/c0d5(CR) <-- to restore tape
       ......    <--  will list the files as they're loaded
       nn blocks
    (Note: This takes about 1 minute to restore)
- When completed Remove the tape from the tape drive.

Step 11. (Installing J & E programs)
J&E's convention for programs is to install all programs on the
main working directory for Basic (/usr/JE always) under the
subdirectory PGM.  If the systems that you require came on more
than one tape, then repeat these steps for each tape.
- put the tape in the drive (Openings in tape to left, metal
  plate face down.)
    Console Login: root(CR)
    # cd /usr/JE/PGM(CR)   <-- change to the main directory for
                        Basic - subdirectory PGM for programs
    # cpio -icvdumaB < /dev/rct/c0d5(CR)   <-- to restore tape
                        tape will list the files as they're
                        (and overwrite any previous programs with
                        the same name.
      nn blocks

    (Note: This takes about 2-5 minutes, depending on
           the number of programs being restored).
- When completed Remove the tape from the tape drive.

Step 12. (Editing IPLINPUT)
The file IPLINPUT in the main working directory for Basic is the
interface configuration file between Basic and the unix operating
system.  It is used to associate the names of system devices and
disk directories between what unix uses, and what Basic uses.
The IPLINPUT file as released requires at least the addition of
one or two disk directories.  In addition, you would have to
change IPLINPUT for the following:
      - serial printers
      - transport ports
      - foreign devices (eg. POS cash registers)
      - a spooled printer
(Note: The EXL-316 does not support parallel printers)

It is possible to have several completely separate IPLINPUT files
on the same machine, thereby setting up individual working
environments that have no overlap (or even that do have some
overlap).  While this is good for an in-house development
environment, we strongly advise against it on a client system.
The IPLINPUT file as released with the Thoroughbred Basic tape
contains the following:

    CNF 1,5,1,18,CUTERR <-- 5 must match the # of DEV statements
    PTN 1,60000
    DEV D0,1,,,,,,UTILS
    DEV D2,1,,,,,,WORK
    DEV T0,1,,,,,,tty
    DEV LP,4,,136,,,,lp
    DEV P7,4,,,,,,null
    IPL 1,2,T0,*JPSD

By now, you should be fairly familiar with the workings of the
editor, so the following descriptions will not give the key-by-
key commands to make changes to IPLINPUT.
Change IPLINPUT to look like the following:

    CNF 1,6,1,18,CUTERR <-- Notice 6 matches number of DEV
    PTN 1,60000
    DEV D0,1,,,,,,UTILS
    DEV D1,1,,,,,,WORK
    DEV D2,1,,,,,,PGM
    DEV D3,1,,,,,,DATA0
    DEV T0,7,,,,,,tty
    DEV LP,4,,136,,,,tty17
    IPL 1,2,T0,GO          <-- starts program GO on initial login

UPDATE: for all of these devices to be accessible to Basic users,
you will need to change the default permissions on the device
special files in the /dev directory.  For example, for the above
mentioned device, the commands would be:

  # chmod a+rwx /dev/tty17(CR)  <-- for serial printing

Step 13.(Adding terminals to "TERMINAL" / Adjust terminal types)
There is a file called "TERMINAL" in the /usr/JE directory. This
file should contain one entry called console. TERMINAL is the
file that contains all the valid terminal that can access
Thoroughbred basic. So, you must add all the terminals that will
be used by Thoroughbred Basic. An example of what the file should
contain is listed below. Remember the terminal numbers are using
the octal number system. Also Thoroughbred has a limit to the
number of entries that can be in this file. The label on the
passport device will tell you how many terminals you can

Example of 16 user system:


The TCONFIG file defines for Basic exactly what the
characteristics are of each terminal on the system.  The TCONFIG
file can be modified using the *NPSD utility.  The terminal names
are in the Basic format Tx. Run the utility program *NPSD to
change the terminal model codes to TVI950.  If you have any old
MAI terminals on the system, you will have to use *NPSD to change
their model code to B4 7250 (Note the space in the name).

To access *NPSD directly type:

Console Login: root(CR)
cd /usr/JE(CR)
./b ./IPLINPUT.term(CR)

Note: The terminal numbering system starts at T0 thru T9 then TA,
      TB, TC etc.

Warning: Do not use this method of getting into BASIC after the
         system is in production as you always get T0 reguardless
         of which terminal you really are.

Step 14. (Adding J & E utilities)
To each EXL machine, we add four utility shell scripts.  Three of
these (/mars, /fullback and /printbu) are identical on every
system.  The fourth and most important (/backup) depends on the
disk structure used in configuring the system.  The contents of
the shell scripts and a description of their functions follows.
As you should be familiar with the operation of one of the
editors by now, the detail has been left out.

/mars shell script - this script is simply used by J&E staff to
get into Thoroughbred Basic if we have logged in as root instead
of the normal customer login.  The contents are as follows:
       echo '... and AWAY we go ...'
       cd /usr/JE

/fullback shell script - this script is used for performing a
full backup on the system.  This will include everything on every
disk on the machine.  The contents are as follows:
       cd /
       find . -print | cpio -ovcB > /dev/rct/c0d5

/printbu shell script - this script is used for listing the
contents of a backup tape on the parallel line printer.  The
contents are as follows:
       cpio -icvdumtaB < /dev/rct/c0d5 > /dev/tty17
Note:(/dev/tty17 is an example only.)

The fourth and final (and most important) shell script is the
/backup script.  This is the script that the client will use for
their critical nightly backups.  It is vitally important that you
get this one right, and that you carefully test it before
installing the machine.  An example follows:
        cd /
        find usr/JE -print > /bulist
        find u/JE -print >> /bulist  (Note: only if /u exists)
        cpio -ovcB < /bulist > /dev/rct/c0d5
Basically, this procedure is building up a list of all of the
files and sub-directories in all of the Basic disk directories.
This list is then passed as input to the cpio backup routine.
The differences between this example, and what you require for
your system would be only in the number of find commands. Note
the use of the Unix redirection symbols > and >> for sending the
output of the find command into the file /bulist.  The first find
command in the script file has only one > which means to replace
any old /bulist file with the new list.  The remaining find
commands have two >> which means to APPEND the output from the
find command to the target file /bulist.
To test the procedure, run the backup as documented in the user
startup/shutdown/backup procedures, and run a /printbu on the
tape.  Carefully check the output and make sure that all JE
directories and files were backed up.

When a file is created by the ed or vi editors, the default
permissions exclude execute permission.  Therefore, before these
four script files can be run, you need to use the chmod (change
mode) command to add execute permissions as follows:
      # chmod a+rwx /mars /backup /fullback /printbu(CR)

Step 15. ( Adding users )

Change is required to the /usr/JE/.profile file so when a user
logs in, it will automatically take them to BASIC.

    Console Login: root(CR)
    cd /usr/JE(CR)
    ed .profile(CR)     <-- edit .profile file
    1i(CR)              <-- insert to top of file
    stty -lcase(CR)     <-- Set terminal to lower case
    .(CR)               <-- end append mode
    w(CR)               <-- write changes to file
    21                  <-- Displays number of char. in file
    q(CR)               <-- quit editor

The above file should now contain:
stty -lcase

The file /etc/passwd defines all the legal user's to the system
and (optionally) associates a password with each.  Our purpose
here is to simply define several logins that automatically run
Basic on login, and automatically log-out when you RELEASE from
Basic.  This protects the client from having to learn anything
about Unix.  Please note that passwords are not covered here.  If
your customer is concerned about security, and wants passwords on
the user logins, then you should refer them to the administrators
manual (sysadm modusr command. covered later in this document).
Suppose the client's company name is RCH Construction, and you
decide to pick the letters rch as the client login (must be lower
case), then you would add the following lines to /etc/passwd.
The first number is the 'user number' and must be different for
each login, so you should first look at the last line in
/etc/passwd and find the highest used number.  Suppose its 105,
then the logins to add are:
Please note in step 3 you added a user called mars. The
"sysadm adduser" command will only let you create a home
directory if it does not exist. Therefore a directory was created
which is /usr/mars. In order to make mars working directory
correct you must change the user mars working directory from
/usr/mars to /usr/JE

IMPORTANT: Encourage the client to use a different login on each
terminal as some unix tables are maintained by the user name
instead of by terminal.

There are 6 fields in each line of the /etc/passwd file.  They
are separated by colons (:) and are described as follows:

 1) user name - this is what you type in response to the
    login:  prompt
 2) password - always leave blank - passwords are added by
    logging in and using the passwd command.
 3) user number - just use the next available number in the file.
 4) group number - always use 1 - groups may go away in a
    future version of unix.
 5) comment - memo field only, we usually put in the word mars.
 6) home directory - this should be the main working directory
    for Basic. (ie. /usr/JE).
 If you'd like to be really friendly, you can setup logins to
match the names of the departments or people within the client's

Step 16. (Editing motd)
The file /etc/motd is printed on every screen during the login
process.  If you wish, you can add a line similar to the
     Welcome to Jonas & Erickson Software Systems

Step 17. (Reboot)
The system reboot puts our changes (/etc/inittab, /etc/rc2, etc,
etc, etc) into effect.  Be sure to do a proper shutdown first.
Refer to the user startup/shutdown/backup procedures
documentation for instructions on setting the system date and
time with the unix date command. These instructions should be
part of the client's J & E Primer. At the # prompt type:

# shutdown(CR)
Press the STOP button on the front of the Prime EXL.

Step 18. (define J & E files)
The first time you run Basic, mars will create a login password
J&E with only the security system defined.  There may also exist
programs for automatically creating all of the data files for
each of the systems you are installing.  At the time of this
writing, the initialization programs are being sent out with the
machines, but there is no documentation as yet.  If there is no
initialization program for some of your systems, you will have to
create the files yourself from the file layouts.
NOTE: the initial login password may be mars instead of J&E.

Step 19. (Test)
Test as much as you can think of.
When testing printers, its a good idea to make sure they work
from unix first, before trying to access them from Basic.  An
easy way to do this is to use the calendar command and redirect
the output to the device special file.  For example, testing a
serial printer on tty17:
  # cal > /dev/tty17(CR)
With serial printers, be sure to test for proper handling of
xon/xoff flow control by letting a large listing start, taking
the printer off-line, waiting long enough 'till you're sure the
buffer has filled, putting the printer back on-line, and making
sure the report is OK.

Step 20. (Label ports)
Label any ports that you have specially defined so that your
hardware installer knows where to plug things in.  According to
Murphy's law, it is practically guaranteed that you will have a
hard disk crash during final shipping of the system to the
customer, unless you take a full backup at this point.  For EXL
you should find a blank tape with the machine which you could use
for this backup.

Step 21. (Enable / Lock)
The switch on the front of the Prime EXL marked ENABLE/LOCK is
used for safety purposes. If the switch is in the LOCK position
then this disables all three buttons on the front. Therefore we
suggest that for normal day to day operations this switch should
be set to the LOCK position. This will prevent any accidental
shutdown of the machine.

                 Simplified System Administration

Within the Prime's EXL-316 operating system there is built in
commands to simplify operating functions, such as:

          * Assigning passwords to administrative logins
          * Assigning passwords to system logins
          * Adding users to the system
          * Performing system backups
          * Installing optional add-on hardware
          * Creating file systems

The sysadm command uses interactive software programs with menus,
subcommands, instructions, questions, and user input. As you
enter you responses, sysadm guides you step by step through a
system administration task. After you become familiar with
sysadm, you can bypass the menus and enter the subcommands
eg. sysadm modtty (Will allow you to modify port settings)

Below is a list of sysadm commands which we believe to be of help
to you. Refer to Prime EXL 316 Installation and Operation Guide
for a complete listing.

          Description                  Command

          Add a user                   adduser
          Add user group               addgroup
          Assign root password         admpasswd
          Change root password         admpasswd
          Change port settings         modtty
          Change user information      moduser
          Change users password        moduser
          Delete a user                deluser
          List larger files            filesize
          List older files             fileage
          List users                   lsuser
          Modify ports                 modtty
          Modify users information     moduser
          Set date and time            datetime
          Shutdown                     powerdown
Note: adduser is of little use for adding basic users as it
cannot set the home directory to /usr/JE.

There is also a on-line help command to assist you with UNIX
commands. To start it up type:


For further information see Operating System Users Guide.

                       Cabling Information

The cable connection at the back of the EXL-316 use an RJ45
connection which is like a big modular telephone jack. Since this
is a none standard type of connection, we are including with
every order a 12 foot "adapter cables" which will convert from
the RJ45 connector to the standard DB25 connector. Note, however,
that these adapter cables end up "crossing pins 2 & 3". Therfore,
the pin specification for cables to terminals and printers is as

                DB25 Male          DB25 Male

                   1 - - - - - - - - - -1


                   4-|                |-4
                   5-|                |-5
                   6-|                |-6


                   8-|                |-8
                  20-|                |-20

Below is the cabling specs. of the cable supplied by Prime :

                   Pin positions for RJ45

                            |XX|     <------ Cable
                |                          |
                |      FRONT   VIEW        |
                |                          |
                  1  2  3  4  5  6  7  8

      RJ45 Connector      DB25 Connector    Signal Name
                      |                    |
           1          |    6 -->  -|  TO   |  Data Set Ready
           2          |    5 -->   |  EXL  |  Clear To Send
           3          |    3 -->  -|  316  |  Receive Data
           4          |    7               |  Ground
           5          |    7               |  Ground
           6          |    2 <--  -| FROM  |  Send Data
           7          |    4 <--   |  EXL  |  Request to Send
           8          |   20 <--  -|  316  |  Data Terminal Ready


                   /                                       /
                   /          NIA072 / File 6              /
                   /                                       /
                   /         NETWORK MISCELLANY            /
                   /                                       /
                   /   File1: FEDIX by P.H.R.A.C.K.        /
                   /   File2: Toll-Codes by David Leibold  /
                   /                                       /


          |                                                        |
          |   :-)                    FEDIX                         |
          |               On-Line Information Service              |
          |                                                        |
          |             Written by the people at FEDIX             |
          |                                                        |
          |                   Submitted to NIA by                  |
          |                                                        |
          | Progressive Hegemony of Radical Activist Computer Kids |
          |                                                        |
          |   "Supporting the Concept of Freedom of Information"   |

What is FEDIX?

FEDIX is an on-line information service that links the higher education
community and the federal government to facilitate research, education, and
services.  The system provides accurate and timely federal agency information
to colleges, universities, and other research organizations.

only cost is for the phone call.

FEDIX provides daily information updates on:

  - Federal EDUCATION and RESEARCH PROGRAMS (including descriptions,
    eligibility, funding, deadlines).
  - Available used government RESEARCH EQUIPMENT
  - New funding for specific research and education activities from
  - MINORITY ASSISTANCE research and education programs
  - NEWS & CURRENT EVENTS within participating agencies
  - GENERAL INFORMATION such as agency history, budget, organizational
    structure, mission statement, etc.


Currently FEDIX provides information on 7 federal agencies broken down into 2
general categories:

1. Comprehensive Education and Research Related Agency Information
- The Department of Energy (DOE)
- Office of Naval Research (ONR)
- National Aeronautics and Space Administration (NASA)
- Federal Aviation Administration (FAA)

2. Minority Assistance Information
- National Science Foundation (NSF)
- Department of Housing and Urban Development (HUD)
- Department of Commerce (DOC)

Additional government agencies are expected to join FEDIX in the future.


Any microcomputer with communications software (or a dumb terminal) and a modem
operating at 1200 or 2400 baud can access the system.


The system operates 24 hours a day, 7 days a week.  The only exceptions are for
periodic system updating or maintenance.


* Computer (data line): 301-258-0953 or 1-800-232-4879
* HELPLINE (technical assistance): 301-975-0103.

The HELPLINE (for problems or comments) is open Monday-Friday 8:30 AM-4:30 PM
Eastern Daylight Time, except on federal holidays.


Although FEDIX provides a broad range of features for searching, scanning, and
downloading, the system is easy to use.  The following features will permit
quick and easy access to agency databases:

-- Information in the system is organized under a series of branching menus.
By selecting appropriate menu options (using either the OPTION NUMBER or the
two-character MENU CODE), you may begin at the FEDIX Main Menu and work your
way through various intermediate menus to a desired sub-menu.  However, if you
already know the menu code of a desired menu, you may bypass the intermediate
menus and proceed directly to that menu by typing the menu code at the prompt.

Help screens are available for key menus and can be viewed by typing '?'
at the prompt.

Capturing Data
-- If you are using a microcomputer with communications software, it is likely
that your system is capable of storing or "capturing" information as it comes
across your screen.  If you "turn capture on", you will be able to view
information from the databases and store it in a file on your system to be
printed later.  This may be desirable at times when downloading is not
appropriate.  Refer to your communications software documentation for
instructions on how to activate the capture feature.

-- Throughout the system, options are available which allow you to search,
list, and/or download files containing information on specific topics.  The
download feature can be used to deliver text files (ASCII) or compressed,
self-extracting ASCII files to your system very quickly for later use at your
convenience.  Text files in ASCII format, tagged with a ".MAC" extension, are
downloadable by Macintosh users.  Compressed ASCII files, tagged with an ".EXE"
extension, may be downloaded by users of IBM compatible computers.  However,
your system must be capable of file transfers.  (See the documentation on your
communication software).

-- An electronic bulletin board feature allows you to send and receive messages
to and from the SYSTEM OPERATOR ONLY.  This feature will NOT send messages
between users.  It can be used to inquire about operating the system, receive
helpful suggestions from the systems operator, etc.

Utility Menu
-- The Utility Menu, selected from the FEDIX Main Menu, enables you to modify
user information, prioritize agencies for viewing, search and download agency
information, set a default calling menu, and set the file transfer protocol for
downloading files.


Key information for each agency is listed below with the code for the menu from
which the information can be accessed.  Please be advised that this list is not
comprehensive and that a significant amount of information is available on
FEDIX in addition to what is listed here.

       AGENCY/DATABASE                                        MENU CODE

 Available Used Research Equipment                               :EG:
 Research Program Information                                    :IX:
 Education Program Information                                   :GA:
 Search/List/Download Program Information                        :IX:
 Research and Training Reactors Information                      :RT:
 Procurement Notices                                             :MM:
 Current Events                                                  :DN:

 Research Program Information                                    :RP:
 Education Program Information                                   :EA:
 Search/List/Download Program Information                        :NN:
 Description/Activities of Space Centers                         :SC:
 Procurement Notices                                             :EV:
 Proposal/Award Guidelines                                       :NA:

 Research Program Information                                    :RY:,:AR:
 Special Programs (Special Research and Education Initiatives)   :ON:
 Search/List/Download Program Information                        :NR:
 Description/Activities of Laboratories and other ONR Facilities :LB:
 Procurement Notices (Broad Agency Announcements, Requests for    --
    Proposals, etc.                                              :NE:
 Information on the Preparation and Administration of Contracts,  --
    Grants, Proposals                                            :AD:

 Education Program Information - Pre-College                     :FE:
 Mio rity Aviation Education Programs                            :FY:
 Search/List/Download Program Information                        :FF:
 Aviation Education Resources (Newsletters, Films/Videos,         --
     Publications)                                               :FR:
 Aviation Education Contacts (Government, Industry, Academic,     --
     Associations)                                               :FO:
 College-Level Airway Science Curriculum Information             :FC:
 Procurement Notice                                              :FP:
 Planned Competitive and Noncompetitive Procurements for the      --
     Current Fiscal Year                                         :F1:
 Employment Information                                          :FN:
 Current Events                                                  :FV:

 U. S. Department of Commerce
  Research/Education Minority Assistance Programs                :CP:
  Procurement Notices (ALL Notices for Agency)                   :M1:
  Current Events                                                 :M1:
  Minority Contacts                                              :M1:

 Department of Energy
  Research/Education Minority Assistance Programs                :EP:
  Procurement Notices (ALL Notices for Agency)                   :M2:
  Current Events                                                 :M2:
  Minority Contacts                                              :M2:

 U.S. Department of Housing and Urban Development
  Research/Education Minority Assistance Programs                :HP:
  Procurement Notices (ALL Notices for Agency)                   :M3:
  Current Events                                                 :M3:
  Minority Contacts                                              :M3:

 National Aeronautics and Space Administration
  Research/Education Minority Assistance Programs                :NP:
  Procurement Notices (ALL Notices for Agency)                   :M4:
  Current Events                                                 :M4:
  Minority Contacts                                              :M4:

 National Science Foundation
  Research/Education Minority AssisdaXce Programs                :SP:
  Procurement Notices (ALL Notices for Agency)                   :M5:
  Budget Information                                             :SB:
  NSF Bulletin                                                   :M5:
  Minority Contacts                                              :M5:


[Here is the first edition of the toll-free/tolled codes list;
thanks to all who participated ... any followups, clarifications,
etc would be appreciated.]

Toll-free, local rated and specialty toll services             26 July 1991

The following indicates access codes and numbers used within various
countries for toll-free and special paid services. The dialing codes
shown represent how they would be dialed within the country involved.
Generally, it is not possible to access another country's domestic
toll-free or specialty network directly. Where an international access
is available, it is normally done by using the domestic services which
then forward the call to the destination country.

Where possible, the number of digits has been indicated with 'n'
(a number from 2 to 8) or 'x' (any number). An ellipsis (...)
indicates that there are a variable number of extra digits, or
possibly a conflict in the reports of numbers of digits used.

                Toll-free or equivalent local charge services

A u s t r a l i a

008 xxx xxx       (that is how Telecom recomends it be written
                  to differentiate it from STD area codes
                  which are written with area codes (0x) thru
                  (0xxx) and numbers n xxxx through nxx xxxx.

0014 ttt xxx xxx  International Toll free access from Australia
                  (ttt is reported as "800" or other toll-free
                  access code; or, ttt may not be present at all)

Brendan Jones:

"... I have dialled international toll free to the USA (Fred Pryor
Seminars) and I dialled verbatim: 0014 800 125 385."

(Canada Direct uses 0014 881 150 - djcl)

B e l g i u m

11 xxxx

D e n m a r k

800 xxxxx
8001 xxxx         (charged as local call)

F i n l a n d

9800 xxxxx (...)  PTT as local service provider
0800 xxxxx (...)  Private phone company as local service provider

Kauto Huopio:

"(I _think_ that 0800 numbers are only for the local calling area."


"...but many service givers have more [digits than 5] in theis mnemonics)."

(haa also mentions 9800 costs the same as a local call (dialable from
all areas in Finland) while 0800 are truly toll-free and dialable
from all private telco areas)

F r a n c e

05 xxxxxx         (Numero Vert)
                  [note: this is outside area code 1, so from Paris
                  16 05...]

05 19 xx xx       these numbers terminate outside France

36 63 xx xx       Local call rate (Numero Azur)

Allan G. Schrum:

"`11' is computer directory information (Minitel)
 `12' is voice directory information (equivalent to 411)"

G e r m a n y   ( w e s t )

0130 xxxx (...xx)

Mickey Ferguson:

"I was over in Germany for three months, and the number is 0130-...
To use ATT, it is 0130-0010, and U.S. Sprint is 0130-0013 (easy to
remember :) For general toll-free number listings, pick up a copy
of the International Herald newspaper (I think it is available in
the US as well as most places internationally) and in the sports
section is usually an ATT add for dialing the US from various countries.
Of course, chop off the exchange and only use the "area code" number."

I r e l a n d

1800 xxxxxx
1850 xxxxxx       (local rate)

I t a l y

167 xxxxx         (digits length?)

Colum Mylod:

"I'm not 100% sure about the length of digits for Italy. One way to
check these is to get a copy of an *international* edition of the
weekly magazines like TIME, all ads and little contents. But they do
goof up regularly, like printing Paris numbers as (01) xxxxxxxx when
they mean (1) xxxxxxxx."

M e x i c o

91 800 xxxxx....

N e t h e r l a n d s


Ralph Moonen:

"06-0229111 = AT&T USA direct
And also Sprint & MCI have operator services on 06-022xxxx

Side note: It used to be possible to call 06-022xxxx to Denmark, and then
use the CCITT no. 4 signalling system to phreak calls to anywhere in the

Peter Knoppers:

"06-11 This is the Dutch equivalent of 911, it is free when dialled
       from a phone company operated payphone, otherwise the charge
       is one unit, DFL 0.15, about US $ 0.08. There were discussions
       about making such calls free from any phone, but I haven't
       followed them recently. Calling a toll-free number from a
       payphone requires a deposit of one coin, which is returned
       after the call.

The total length of the numbers varies from 4 to 10 digits.

The dash indicates the secondary dial tone.
It is not possible to reach 06 prefixed numbers from abroad."

N e w   Z e a l a n d

0800 xxx xxx


"That is through the state telco, Telecom New Zealand. Clear Communications,
the recently started alternative LD carrier, does not offer a toll-free
service as yet."

When Clear offer one, it will more than likely be to the subscribers
existing number (eg Dial toll free 050-04-654-3210) as they are not
in control of number issue. 0800 is strictly Telecom at this stage."

N o r t h   A m e r i c a

1 800 nxx xxxx    Access to toll free numbers can vary according
                  to region, state or country ie. not all 800
                  numbers are accessible to all regions

                  The nxx prefix portion of the 800 number presently
                  determines which long distance carrier or 800
                  service company will handle the call (and in
                  some cases determine the geographical region)

S p a i n

900 xxxxxx

Michael Klein, BellSouth Telephone Operations:

"(N.B. The number for ATT direct in Spain is 900-99-00-11.
The payphones are all push-button but generate pulses.
It takes forever to get connected.)"

S w e d e n

020 xxxxxx        (without dialtone after '020').

S w i t z e r l a n d

04605 xxxx        (not toll-free but metered at lowest rate)
155 xx xx         ("green number")

[also a new one something like 122...]

Jim Smithson:

"Here in Switzerland there is nothing exactly equivalent to US 800 service.
I see the PTT is now encouraging the use of "green numbers" beginning with
The direct marketing ads on TV often give the order number for Switzerland
as a number such as 155 XX XX.
The access number for MCI Call USA is for example 155 02 22.
But there are two problems with this that I don't think MCI was aware of
when they asked the PTT for "a toll free" number.

1.      When calling from a model AZ44(older model) payphone
        All numbers which begin with a "1" are treated as "service"
        numbers and the payphone begins to sound a "cuckoo clock
        noise" once the 155 is entered. The "cuckoo clock noise"
        is to alert operators on the "service numbers" that the caller
        is using a payphone(fraud protection). This noise is quite a
        distraction when calling someone in the USA using MCI Call USA.
        This is one reason(not the biggest one) I cancelled my MCI Card.

2.      The newer style TelcaStar phones are programmed to block the
        keypad after 3 digits are dialed of a "service number".
        It used to be that the only numbers beginning with "1" were
        "service numbers" and all "service numbers" were 3 digits.
        The PTT is aware of this problem and are said to be considering
        what instructions to give the manufacturer of the payphones.

AT&T USA Direct has an access number of 046 05 00 11
This is not a free call, but the time is metered at the lowest rate.
This number does not suffer the "cuckoo clock noise" problem."

(Canada Direct uses 046 05 83 30 - djcl)

U n i t e d   K i n g d o m

0800 xxx xxx      Toll-free
0345 xxx xxx      Local rate

                       Tolled/Specialty Pay services

A u s t r a l i a

0055 x yxxx       where y=0-4,8 means the number is Australia
                                wide (and costs more),
                        y=5     means the number is only state wide,
                        y=6,7,9 means the number is for the
                                capital city only.

F i n l a n d

9700 xxxxx        PTT-operated
0700 xxxxx        Private telco-operated


"cost ranging from about 0.5 USD to 5 USD per minute."

F r a n c e

36 65 xx xx       (5 message units each call for up to 140 seconds)

Olivier Giffard:

"These are for various information services as
well as chat lines and so on."

N e t h e r l a n d s

06-9 xx...
06-321 xx...
06-8 xx...        (3 to 40ct/min)

Peter Knoppers:

"Other codes (such as 06-9) precede special tariff calls (similar to 900 in
the US). The highest special rate is (currently) DFL 0.50 / minute."

N o r t h   A m e r i c a

1 900 nxx xxxx    (various rates, depending on provider)
1 (npa) 976 xxxx  (in many area codes, connected through regional telco;
                   in some areas, the call requires the area code where
                   depending on the intra-area dialing used)

(other exchange prefixes within area codes such as 540, 720 or 915
are used for other pay services such as group chat, other types of
recorded messages, etc. These vary depending on the area code within
North America, and not all regions in North America have these.)

S w e d e n

071 x xxxxx

Dan Sahlin:

"The "900"-numbers in Sweden all start with 071.
The charges are related to the next digit, as follows.

code       SEK/minute
0712xxxxx     3,65
0713xxxxx     4,90
0714xxxxx     6,90
0715xxxxx     9,90
0716xxxxx    12,50
0717xxxxx    15,30
0719xx       varying fees, cannot be dialled directly but needs operator

Numbers starting with 0713-0717 can only be dialled from phones connected
to AXE exchanges. At present about half of all phones in Sweden are
connected to such exchanges.

Another special toll number is domestic number information: 07975
(6,90 SEK/minute)."

U n i t e d   K i n g d o m

0836 xxx xxx
0898 xxx xxx

J. Philip Miller:

"Rate seems to be uniform as 34p per minute cheap rate,
45p at all other times."


                        /                          /
                        /     NIA072 / File 7      /
                        /  CyberTimes (Vox Populi) /
                        /       Judge Dredd        /
                        /                          /

 The following 4 files of CyberTimes (Vox Populi) is telecom news since
01JAN91 to 01AUG91.

#O GRID News
#I Vol. 2, No. 6
#D February 22, 1991
#T Michigan to Overhaul Telecom Rules
#A Michael E. Marotta

On February 19 and 20, companion bills were introduced into the
state house and state senate of Michigan.  "The Michigan
Telecommunications Act" is House Bill 4343  and Senate Bill 124.
The two versions are identical.  HB4343 was introduced by Alma G.
Stallworth (D-Detroit), chair of the House Public Utilities
committee. SB124 was introduced by Mat J. Dunaskiss (R-Lake
Orion), chair of the newly-created Senate Technology and Energy
Committee.  If passed by October 1, 1991, the bills become law on
that date and have sunset limits of four years, expiring on
September 30, 1995.

The Michigan Telecommunications Act would, if passed into law,
accomplish the following:
    (*) establish a new regulator, the Michigan Telecommunications
        Commission, removing telephone from the Public Service
        Commission and bringing cable television under the new
        agency's scope.
    (*) de-regulate local exchange providers, allowing them
        monopoly status and the right to sell other services,
        including long distance, cable television and information.
    (*) freeze local rates at the current level, allowing no
        increase beyond the maximum rate as of Nov. 1, 1990.
    (*) require 911 service to be provided to any county that
        wants it.  In fact, there are 48 separate provisions for
        911 service, significantly more than any other section of
        the act.  (Mandatory service for the hearing impaired runs
        a mere 42 lines.)
    (*) Outlaw unsolicited advertising via fax.  (This provision,
        like many of the 911 rules, is already in place.  It was
        created in 1990 as an amendment to the Telephone Act of
        1913 and is being carried over.)

The Michigan Telecommunications Act specifically seeks to overturn
the "Modified Final Judgement."  Its goal is to allow Michigan
telecom providers the freedom to develop products and services.
Whether and to what extent it meets those goals will be determined
in part by what happens to the bills in committees and on the

#O NewsBytes
#D March 4, 1991

Emmanuel Goldstein, editor and publisher of 2600: The Hacker Quarterly, has
told Newsbytes that The Texas Department of Criminal Justice has prohibited
delivery delivery of the fall 1990 issue of 2600 to a subscriber
incarcerated in a Texas prison.

The official "Publication Denial Notification" form, dated January 9, 1991,
was received by Goldstein and published in the Winter 1990-91 issue that
was released on March 1st. The form indicates that the denial was
instituted because "Publication contains material on the setting up and
operation of criminal schemes or how to avoid detection of criminal schemes
by lawful authority charged with the responsibility for detected such
illegal activity."

The specific reasons for determining the basis for the ruling are listed as
"Pages 18, 19, 20, 21, 29, 42 and 43 contain information on misusing
telephone equipment to make telephone calls illegally and to obtain cash
and credit cards illegally."

Goldstein, commenting on the ban to Newsbytes, said "Inside of prison,
there is not much freedom so I guess it's not surprising that they do
things like this. What is surprising is that the article which they were
most concerned with was written by the Fraud Division of the U.S. Secret
Service and was clearly indicated to have been so authored."

Newsbytes examined the Fall issue of 2600 and found that the Secret Service
technical synopsis is contained on pages 18-21 while page 29 is part of the
letters from readers section and contains a letter from a prisoner in an
unnamed prison explaining how he or she makes unpaid telephone calls. Pages
42 and 43 contain an article by "Crazed Luddite & Murdering Thug", "An
Algorithm For Credit Cards", which explains the checksum verification of
credit card numbers.

Also contained in the same issue is an interview with security expert Dr.
Dorothy Denning, an explanation of caller-id and an article by Goldstein on
alleged BellSouth plans for monitoring telephone lines.

A supervisor at the Texas Department of Criminal Justice, Institutional
Division told Newsbytes that "Inmates may subscribe to any publication they
choose but they understand that the magazines are subject to review for
appropriateness. If they contain any material that does not meet or
standards, either the articles in question or the entire magazine will be
rejected." The supervisor, who could not speak for attribution, explained
that, if the objectionable passages were 5 pages or less, they would have
been removed and the remainder of the magazine delivered. She also said
that both the inmate and the publication have the right to appeal the

#O Associated Press Wire [herby refered to as APwire]

BALTIMORE (AP) -- A computer hacker pleaded guilty Friday to stealing
information from American Telephone & Telegraph and its subsidiary
Bell Laboratories.

Under an agreement with prosecutors, Leonard Rose pleaded guilty in
U.S. District Court to one count of sending AT&T source codes via
computer to Richard Andrews, an Illinois hacker, and a similar wire
fraud charge involving a Chicago hacker.

Prosecutors said they will ask that Rose be sentenced to two
concurrent one-year terms. Rose is expected to be sentenced in May.

Neither Rose nor his attorney could be immediately reached for comment
late Friday.

"Other computer hackers who choose to use their talents to interfere
with the security and privacy of computer systems can expect to be
prosecuted and to face similar penalties," said U.S. Attorney
Breckinridge L. Willcox.

"The sentence contemplated in the plea agreement reflects the serious
nature of this new form of theft," Willcox said.

Rose, 32, was charged in May 1990 in a five-count indictment following
an investigation by the Secret Service and the U.S. Attorney's offices
in Baltimore and Chicago.

He also had been charged with distributing "trojan horse" programs,
designed to gain unauthorized access to computer systems, to other

Prosecutors said Rose and other hackers entered into a scheme to steal
computer source codes from AT&T's UNIX computer system.

The plea agreement stipulates that after he serves his sentence, Rose
must disclose his past conduct to potential employers that have
computers with similar source codes.

#O Washington Post
#I n/a
#D March 23, 1991 [pp A1, A10]
#T 'Hacker' Pleads Guilty in AT&T CASE: Sentence Urged for Md. Man
        Among Stiffest Yet for Computer Crime
#A Mark Potts/Washington Post Staff Writer

BALTIMORE, March 22--A computer "hacker" who was trying to help others
steal electronic passwords guarding large corporate computer systems
around the country today pleaded guilty to wire fraud in a continuing
government crackdown on computer crime.

Federal prosecutors recommended that Leonard Rose Jr., 32, of
Middletown, Md., be sent to prison for one year and one day, which
would be one of the stiffest sentences imposed to date for computer
crime. Sentencing is scheduled for May before U.S. District Judge J.
Frederick Motz.

Cases such as those of Rose and a Cornell University graduate student
who was convicted last year of crippling a nationwide computer network
have shown that the formerly innocent pastime of hacking has
potentially extreme economic ramifications. Prosecutors, industry
officials and even some veteran hackers now question the once popular
and widely accepted practice of breaking into computer systems and
networks in search of information that can be shared with others.

"It's just like any other form of theft, except that it's more subtle
and it's more sophisticated," said Geoffrey R. Garinther, the
assistant U.S. attorney who prosecuted the Rose case.

Rose--once part of a group of maverick hackers who called themselves
the Legion of Doom--and his attorneys were not available for comment
after the guilty plea today. The single fraud count replaced a
five-count indictment of the computer programmer that was issued last
May after a raid on his home by Secret Service agents.

According to prosecutors, Rose illegally obtained information that
would permit him to secretly modify a widely used American Telephone &

(See HACKER, A10, Col 1)

Telegraph Co. Unix software program--the complex instructions that
tell computers what to do. The two former AT&T software employees who
provided these information "codes" have not yet been prosecuted.

Rose altered the AT&T software by inserting a "Trojan horse" program
that would allow a hacker to secretly gain access to the computer
systems using the AT&T Unix software and gather passwords used on the
system. The passwords could then be distributed to other hackers,
permitting them to use the system without the knowledge of its
rightful operators, prosecutors said.

Rose's modifications made corporate purchasers of the $77,000 AT&T
Unix program vulnerable to electronic break-ins and the theft of such
services as toll-free 800 numbers and other computer-based
telecommunications services.

After changing the software, Rose sent it to three other computer
hackers, including one in Chicago, where authorities learned of the
scheme through a Secret Service computer crime investigation called
Operation Sun Devil. Officials  say they do not believe the hackers
ever broke into computer systems.

At the same time he pleaded guilty here, Rose pleaded guilty to a
similar charge in Chicago; the sentences are to be served
concurrently, and he will be eligible for parole after 10 months.

Rose and his associates in the Legion of Doom, whose nickname was
taken from a gang of comic-book villains, used names like Acid Phreak
Terminus--Rose's nickname--as their computer IDs. They connected their
computers by telephone to corporate and government computer networks,
outwitted security screens and passwords to sign onto the systems and
rummaged through the information files they found, prosecutors said.

Members of the group were constantly testing the boundaries of the
"hacker ethic," a code of conduct dating back to the early 1960s that
operates on the belief that computers and the information on them
should be free for everyone to share, and that such freedom would
accelerate the spread of computer technology, to society's benefit.

Corporate and government computer information managers and many law
enforcement officials have a different view of the hackers.  To them,
the hackers are committing theft and computer fraud.

After the first federal law aimed at computer fraud was enacted in
1986, the Secret Service began the Operation Sun Devil investigation,
which has since swept up many members of the Legion of Doom, including
Rose. The investigation has resulted in the arrest and prosecution of
several hackers and led to the confiscation of dozens of computers,
thousands of computer disks and related items.

"We're authorized to enforce the computer fraud act, and we're doing
it to the best of our ability," Garry Jenkins, assistant director of
investigations for the Secret Service, said last summer.  "We're not
interested in cases that are at the lowest threshold of violating the
law...They have to be major criminal violations before we get

The Secret Service crackdown closely followed the prosecution of the
most celebrated hacker case to date, that of Robert Tappan Morris
Cornell University computer science graduate student and son of a
computer sicentist at the National Security Agency. Morris was
convicted early last year of infecting a vast nationwide computer
network in 1988 with a hugely disruptive computer "virus," or rogue
instructions. Although he could have gone to jail for five years, Mo
$10,000, given three years probation and ordered to do 400 hours of
community service work.

Through Operation Sun Devil and the Morris case, law enforcement
authorities have begun to define the boundaries of computer law.
Officials are grappling with how best to punish hackers and how to
differentiate between mere computer pranks and serious computer

"We're all trying to get a handle for what is appropriate behavior in
this new age, where we have computers and computer networks linked
together," said Lance Hoffman, a computer science professor at George
Washington University.

"There clearly are a bunch of people feeling their way in various
respects," said David R. Johnson, an attorney at Wilmer, Cutler &
Pickering and an expert on computer law.  However, he said, "Things
are getting a lot clearer. It used to be a reasonably respectable
argument that people gaining unauthorized access to computer systems
and causing problems were just rambunctious youth." Now, however, the
feeling is that "operating in unauthorized computing spaces can be an
antisocial act," he said.

Although this view is increasingly shared by industry leaders, some
see the risk of the crackdown on hackers going to far. Among those
concerned is Mitch Kapor, the inventor of Lotus 1-2-3, the
best-selling computer "spreadsheet" program for carrying out
mathematical and accounting analysis.  Kapor and several other
computer pioneers last year contributed several hundred thousands
dollars to set up the Electron Freedom Foundation, a defense fund for
computer hackers.

EFF has funded much of Rose's defense and filed a friend-of-the-court
brief protesting Rose's indictment.

From: The Washington Post, Tuesday March 26, 1991, Page A3.

CORRECTION [to Saturday March 23, 1991 article]

"Leonard Rose, Jr., the Maryland computer hacker who pleaded guilty
last week to two counts of wire fraud involving his illegal possession
of an American Telephone & Telegraph Co. computer program, was not a
member of the "Legion of Doom" computer hacker group, as was reported
Saturday, and did not participate in the group's alleged activities of
breaking into and rummaging through corporate and government computer

#O NewsBytes
#D April 1, 1991

 PHOENIX, ARIZONA, U.S.A., 1991 APR 1(NB) -- The Maricopa County
 Arizona County Attorney's Office has announced the arrest of Baron
 Majette, 19, also known as "Doc Savage", for alleged crimes uncovered
 in the joint federal / state "SunDevil" investigation in progress for
 over a year.

 Majette is charged with a number of felony crimes including the use
 of a telephone lineman's handset in March 1990 to tap into a Toys 'R
 Us telephone line to set up two conference calls between 15
 participants. According to the charges, each call lasted
 approximately 10 hours and cost $4,000. A spokesperson for the County
 Attorney's office told Newsbytes that a Tucson resident, Anthony
 Nusall, has previously pleaded guilty to being a participant in the
 conference Majette is also accused of illegally accessing TRW's
 credit data base to obtain personal credit information and account
 numbers of persons in the TRW database. He is alleged to have then
 used the information obtained to divert existing account mailings to
 mail drops and post office boxes set up for this purpose. He is also
 alleged to have additional credit cards issued based on the
 information obtained from the database. He is further alleged to have
 obtained cash, goods and services, such as airline tickets, in excess
 of $50,000 by using cards and account information obtained through
 entry into the TRW database.

 It is further alleged that Majette stole credit cars from U.S. Mail
 boxes and used them to obtain approximately $10,000 worth of cash,
 goods and services.The allegations state that Majette acted either
 alone or as part of a group to perform these actions. A County
 Attorney spokesperson told Newsbytes that further arrests may be
 expected as result of the ongoing investigation.

 While bail was set on these charges at $4,900. Majette is being held
 on a second warrant for probation violation and cannot be released on
 bail until the probation hearing has been held.

 Gail H. Thackeray, former Assistant Attorney General for the State of
 Arizona, currently working with Maricopa County on the SunDevil
 cases, told Newsbytes "The SunDevil project was started in response
 to a high level of complaint of communications crimes, credit card
 fraud and other incidents relating to large financial losses. These
 were not cases of persons accessing computers 'just to look around'
 or even cases like the Atlanta 'Legion of Doom' one in which the
 individuals admitted obtaining information through illegal access.
 They are rather cases in which the accused alleged used computers to
 facilitate theft of substantial goods and services."

#O Newsweek Magazine
#T Cyberpunks and the Constitution
        The fast-changing technologies of the late 20th century pose
        a challenge to American laws and principles of ages past
#A Phillip Elmer-Dewitt

Armed with guns and search warrants, 150 Secret Service agents staged
surprise raids in 14 American cities one morning last May, seizing 42
computers and tens of thousands of floppy disks.  Their target: a
loose-knit group of youthful computer enthusiasts suspected of
trafficking in stolen credit-card numbers, telephone access codes and
other contraband of the information age.  The authorities intended to
send a sharp message to would-be digital desperadoes that computer
crime does not pay.  But in their zeal, they sent a very different
message - one that chilled civil libertarians.  By attempting to crack
down on telephone fraud, they shut down dozens of computer bulletin
boards that may be as fully protected by the U.S. Constitution as the
words on this page.

Do electronic bulletin boards that may list stolen access codes enjoy
protection under the First Amendment?  That was one of the thorny
questions raised last week at an unusual gathering of computer
hackers, law-enforcement officials and legal scholars sponsored by
Computer Professionals for Social Responsibility.  For four days in
California's Silicon Valley, 400 experts struggled to sort out the
implications of applying late-18th century laws and legal principles
to the fast-changing technologies of the late 20th century.

While the gathering was short on answers, it was long on tantalizing
questions.  How can privacy be ensured when computers record every
phone call, cash withdrawal and credit-card transaction?  What
"property rights" can be protected in digital electronic systems that
can create copies that are indistinguishable from the real thing?
What is a "place" in cyberspace, the universe occupied by audio and
video signals traveling across state and national borders at nearly
the speed of light?  Or as Harvard law professor Laurence Tribe aptly
summarized, "When the lines along which our Constitution is drawn warp
or vanish, what happens to the Constitution itself?"

Tribe suggested that the Supreme Court may be incapable of keeping up
with the pace of technological change.  He proposed what many will
consider a radical solution: a 27th Amendment that would make the
information-related freedoms guaranteed in the Bill of Rights fully
applicable "no matter what the technological method or medium" by
which that information is generated, stored or transmitted.  While
such a proposal is unlikely to pass into law, the fact that one of the
country's leading constitutional scholars put it forward may persuade
the judiciary to focus on the issues it raises.  In recent months,
several conflicts involving computer-related privacy and free speech
have surfaced:

-- When subscribers to Prodigy, a 700,000-member information system
owned by Sears and IBM, began posting messages protesting a rate hike,
Prodigy officials banned discussion of the topic in public forums on
the system.  After protesters began sending private mail messages to
other members - and to advertisers - they were summarily kicked off
the network.

-- When Lotus Development Corp. of Cambridge, Mass., announced a joint
venture with Equifax, one of the country's largest credit-rating
bureaus, to sell a personal-computer product that would contain
information on the shopping habits of 120 million U.S. households, it
received 30,000 calls and letters from individuals asking that their
names be removed from the data base.  The project was quietly canceled
in January.

-- When regional telephone companies began offering Caller ID, a
device that displays the phone numbers - including unlisted ones - of
incoming calls, many people viewed it as an invasion of privacy.
Several states have since passed laws requiring phone companies to
offer callers a "blocking" option so that they can choose whether or
not to disclose their numbers.  Pennsylvania has banned the service.

But the hacker dragnets generated the most heat.  Ten months after the
Secret Service shut down the bulletin boards, the government still has
not produced any indictments.  And several similar cases that have
come before courts have been badly flawed.  One Austin-based game
publisher whose bulletin-board system was seized last March is
expected soon to sue the government for violating his civil liberties.

There is certainly plenty of computer crime around.  The Secret
Service claims that U.S. phone companies are losing $1.2 billion a
year anc credit-card providers another $1 billion, largely through
fraudulent use of stolen passwords and access codes.  It is not clear,
however, that the cyberpunks rounded up in dragnets like last May's
are the ones committing the worst offenses.  Those arrested were
mostly teenagers more intent on showing off their computer skills than
padding their bank accounts.  One 14-year-old from New York City, for
instance, apparently specialized in taking over the operation of
remote computer systems and turning them into bulletin boards - for
his friends to play on.  Among his targets, say police, was a Pentagon
computer belonging to the Secretary of the Air Force.  "I regard
unauthorized entry into computer systems as wrong and deserving of
punishment," says Mitch Kapor, the former president of Lotus.

And yet Kapor has emerged as a leading watchdog for freedom in the
information age.  He views the tiny bulletin-board systems as the
forerunners of a public computer network that will eventually connect
households across the country.  Kapor is worried that legal precedents
set today may haunt all Americans in the 21st century.  Thus he is
providing funds to fight for civil liberties in cyberspace the best
way he knows how - one case at a time.

#O Financial Post & Financial Times of London
#T Canada is Accused of Using Stolen Software
#A Eric Reguly & Alan Friedman

NEW YORK -- Government agencies in Canada and other countries are using
computer software that was stolen from a Washington-based company by the
U.S. Department of Justice, according to affidavits filed in a U.S.
court case.

In a complex case, several nations, as well as some well-known
Washington insiders - including the national security advisor to former
President Ronald Reagan, Robert McFarlane - are named as allegedly
playing a role.

The affidavits were filed in recent weeks in support of a
Washington-based computer company called Inslaw Inc., which claims that
its case-tracking software, known as Promis, was stolen by the U.S.
Department of Justice and eventually ended up in the hands of the
governments of Israel, Canada and Iraq.

Yesterday, lawyers for Inslaw filed a new motion in federal bankruptcy
court in Washington demanding the power to subpoena information from the
Canadian government on how Ottawa came to acquire Promis software.  The
motion states, "The evidence continues to mount that Inslaw's
proprietary software is in Canada."

The affidavits allege that Promis - designed to keep track of cases and
criminals by government agencies - is in use by the RCMP and the
Canadian Security Intelligence Service.

The Canadian Department of Communications is referring calls on the
subject to the department's lawyer, John Lovell in Ottawa, while a CSIS
spokesman will not confirm or deny whether the agency uses the software.
"No one is aware of the program's existence here," Corporal DEnis
Deveau, Ottawa-based spokesman for the RCMP, said yesterday.

The case of Inslaw, which won a court victory against the Justice
Department in 1987, at first glance appears to be an obscure lawsuit by
a small business that was forced into bankruptcy because of the loss of
its proprietary software.

But several members of the Washington establishment are suggesting
Inslaw may have implications for U.S. foreign policy in the Middle East.
The Case already has some unusual aspects.

At least one judge has refused to handle it because of potential
conflicts of interest, and a key lawyer representing Inslaw is Elliot
Richardson, a former U.S. attorney general and ambassador to Britain who
is remembered for his role in standing up to Richard Nixon during the
Watergate scandal.

Richardson yesterday told the Financial Times of London and The
Financial Post that: "Evidence of the widespread ramifications of the
Inslaw case comes from many sources and keeps accumulating."

A curious development in the Inslaw case is that the Department of
Justice has refused to provide documents relating to Inslaw to Jack
Brook, chairman of the Judiciary Committee of the House of

Richardson said, "It remains inexplicable why the Justice Department
consistently refuses to pursue this evidence and resists co-operation
with the Judiciary Committee of the House of Representatives."

The Inslaw case began in 1982 when the company accepted a US $10-million
contract to install its Promis case management software at the
Department of Justice.  In 1983 the government agency stopped paying
Inslaw and the firm went into Chapter 11 bankruptcy proceedings.

Inslaw sued Justice in 1986 and the trial took place a year later.  The
result of the trial in 1987 was a ruling by a federal bankruptcy court
in Inslaw's favor.

The ruling said that the Justice Department "took, converted, stole"
Promis software through "trickery, fraud and deceit" and then conspired
to drive Inslaw out of business.

That ruling, which received little publicity at the time, was upheld by
the U.S. District Court in Washington in 1989, but Justice lodged an
appeal last year in an attempt to overturn the judgement that it must
pay Inslaw US $6.1 million  (C $7.1 million) in damages and US $1.2
million in legal fees.

The affidavits filed in recent weeks relate to an imminent move by
Richardson on behalf of Inslaw to obtain subpoena power in order to
demand copies of the Promis software that the company alleges are
being used by the Central Intelligence Agency and other U.S.
intelligence services that did not purchase the technology from Inslaw.

In the affidavit relating to McFarlane that was filed on March 21, Ari
Ben-Menashe, a former Israeli intelligence officer, claims that
McFarlane had a "special" relationship with Israeli intelligence
officials.  Ben-Menashe alleges that in a 1982 meeting in Tel Aviv, he
was told that Israeli intelligence received the software from McFarlane.


McFarlane has stated that he is "very puzzled" by the allegations that
he passed any of the software to Israel.  He has termed the claims
"absolutely false".

Another strange development is the status of Michael Riconosciuto, a
potential witness for Inslaw who once worked with a Florida company that
sought to develop weapons, including fuel-air explosives and chemical

Riconosciuto claimed in his affidavit that in February he was called by
a former Justice Department official who warned him against co-op
with the House Judiciary Committee's investigation into Inslaw.
Riconosciuto was arrested last weekend on drug charges, but claimed he
had been "set up".

In his March 21 affidavit, Riconosciuto says he modified Promis software
for law enforcement and intelligence agencies.  "Some of the
modifications that I made were specifically designed to facilitate the
implementation of Promis within two agencies of the government of
Canada...  The propriety (sic) version of Promis, as modified by me,
was, in fact, implemented in both the RCMP and the CSIS in Canada."

On Monday, Richardson and other lawyers for Inslaw will file a motion in
court seeking the power to subpoena copies of the Promis software from
U.S. Intelligence agencies.

#O NewsByetes
#D April 3, 1991

got a call at work from his neighbor who informed him police broke
down his front door, and were confiscating his computer equipment.
The report, in the San Luis Obispo (SLO)  Telegram-Tribune, quoted
Hopson as saying, "They took my stuff,  they rummaged through my
house, and all the time I was trying to  figure out what I did, what
this was about. I didn't have any idea."

According to the Telegram-Tribune, Hopson and three others were
accused by police of attempting to break into the bulletin board
system (BBS) containing patient records of SLO dermatologists
Longabaugh and Herton. District Attorney Stephen Brown told
Newsbytes that even though the suspects (two of which are Cal Poly
students) did not know each other, search warrants were issued after
their phone numbers were traced by police as numbers  attempting
access to the dermatologists' system by modem "more than three times
in a single day."

Brown told Newsbytes the police wouldn't have been as  concerned if
it had been the BBS of a non-medical related company, but faced with
people trying to obtaining illegal narcotics by calling pharmacies
with fraudulent information...

What the suspects had in common was the dermatologists' BBS phone
number programmed into their telecommunications software as the
Cygnus XI BBS. According to John Ewing, secretary of the SLO
Personal Computer Users Group (SLO PC UG), the Cygnus XI BBS was a
public BBS that operated in SLO, but the system operator (sysop)
moved less than a year ago and discontinued the board. It appears
the dermatologists inherited the number.

John Ewing, SLO PCUG editor, commented in the SLO PC UG  newsletter,
"My personal opinion is that the phone number [for the Cygnus XI
BBS] is still listed in personal dialing directories as Cygnus XI,
and people are innocently calling to exchange information and
download files. These so-called hackers know that the password they
used worked in the past and attempt to connect several times. The
password may even be recorded as a script file [an automatic log-on
file]. If this is the case, my sympathies go out to those who have
had their hardware and software confiscated."

Bob Ward, secretary of the SLO PC UG, told Newsbytes, "The number
[for Cygnus XI] could have been passed around the world. And, as a
new user, it would be easy to make three mistaken calls. The board
has no opening screen, it just asks for a password. So, you call
once with your password, once more trying the word NEW, and again to
try GUEST."

#O California Computer News
#D April 1991 [p26]
#T Modem Mania: More Households Go Online Every Day
#A Dennis B. Collins

Get your scissors.  Here come some statistics you'll want to save.  I've
been doing a lot of research lately regarding computer bulletin board
systems (BBSs).  Prodigy's research and development department said that
30 percent of American homes have some sort of PC.  Of these homes, 20
percent have a modem.  This means that six percent of all homes have the
capability to obtain computer data via phone line!  The Information Age
is now in its infancy - it is here and it is real.  It is also growing at
a rate of 400 percent a year.

CompuServe and Prodigy both claim 750,000 paying customers.  Prodigy
stresses that their figures reflect modems at home only.  They have no
count of businesses.  Local system operators tell me a significant number
of calls originate from offices - their "guesstimate" is that office use
may increase the figures by another 20 percent.


The question keeps coming up: How many BBSs are there?  Nobody knows.
In Sacramento, the best guess is about 200.  Worldwide, the number is
quickly growing.  About two years ago I obtained a list of BBS members of
FidoNet.  At the time there were about 6,000 member systems.  The
January 1991 Node lists over 11,000 BBSs worldwide!  It is important to
note that there are several large networks, of which FidoNet is only
one.  U.S. Robotics claims to have a list of 12,000 BBSs that use their
modems in this country alone.  It is clear that millions of individuals
are using PC telecommunications and the numbers are getting larger.

#O LAN Times
#D March 18, 1991 [pp75-76]
#T Software Piracy Now Costs Industry Billions: But software authentication
        devices can protect your investment from thieves
#A Charles P. Koontz

About a zillion years ago when I first read _Swiss Family Robinson_, I
always wondered why the Robinson family was so fearful of Malaysian
pirates.  After all, I was accustomed to the proper civilized pirates in
all the Errol Flynn movies.  But it turns out the Malaysian variety were
much worse.  The same is true of the pirates that prey on the modern
software industry.

In the software industry, the civilized pirates are the ones who copy an
occasionally program from a friend without paying for it.. Most of us at
lest know someone who's done it.  I've heard of places where none of the
software in an office is legal.

Civilized pirates are still thieves and they break the law, but they
have a better attitude.  They should look into shareware as an
alternative source.  It's almost as cheap and often every bit as good.

In the software industry, the crook who makes a living by making and
selling copied software is the modern equivalent of a Malaysian pirate.
The fact that a lot of them are located in the orient where piracy may
not be illegal helps the analogy.  It seems however that the practice is
spreading to more local climates.

The process is fairly simple and requires only a small investment to get
started.  At the simplest level, all the pirate needs is a copy of a
popular program, a PC, and a place to duplicate the distribution
diskettes.  More sophisticated pirates have factories employing dozens
of workers running high-speed disk duplicators and copy machines so they
can include the manual in their shrink-wrapped counterfeit package.  Some
even copy the silk screening on the manual covers.  They then find a
legitimate outlet for the software.  The customer only finds out that
the company is bogus when he calls for technical support, if the real
manufacturer tracks serial numbers.

Software piracy has become a part of the cost of doing business for
major software manufacturers.  The Software Publishers Association (SPA)
estimates that piracy costs the software industry between 1.5 and 2
billion dollars annually in the USA alone.  Worldwide estimates range
from 4 to 5 billion dollars.  The legitimate domestic software market
accounts for only 3 billion dollars annually.  The SPA estimates that
for every copy of legal software package, there is at least one illegal
copy.  If you think this is an exaggeration, just consider all the
illegal copies you know about.

[rest of article discusses hardware anti-piracy devices]

#O New York Times
#D April 21, 1991
#T Dutch break into U.S. computers from 'hacker haven'
#A John Markoff

Beyond the reach of American law, a group of Dutch computer intruders
has been openly defying United States military, space and intelligence
authorities for almost six months.

Recently the intruders broke into a U.S. military computer while being
filmed by a Dutch television crew.

The intruders, working over local telephone lines that enable them to
tap American computer networks at almost no cost, have not done
serious damage and haven't penetrated the most secure government
computer systems, federal investigators say.

The group, however, has entered a wide range of computer systems with
unclassified information, including those at the Kennedy Space Center,
the Pentagon's Pacific Fleet Command, the Lawrence Livermore National
Laboratory and Stanford University.

U.S. government officials said they had been tracking the interlopers,
but no arrests have been made because there are no legal restrictions
in the Netherlands on unauthorized computer access.

"This has been a terrible problem," said Gail Thackeray, a former
Arizona assistant attorney general who has prosecuted computer crimes.
"Until recently there have been few countries that have computer crime
laws.  These countries are acting as hacker havens."

American law-enforcement officials said they believed there were three
or four members of the Dutch group, but would not release any names.
A Dutch television news report in February showed a member of the
group at the University of Utrecht reading information off a computer
screen showing what he said was missile test information taken from a
U.S. military computer.  His back was to the camera, and he was not

Because there are no computer crime laws in the Netherlands, American
investigators said the Dutch group boasts that it can enter computers
via international data networks with impunity.

One computer expert who has watched the electronic recordings made of
the group's activities said the intruders do not demonstrate any
particularly unusual computer skills, but instead appear to have
access to documents that contain recipes for breaking computer
security on many U.S. systems.  These documents have been widely
circulated on underground systems.

The computer expert said he had seen several recordings of the
break-in sessions and that one of the members of the group used an
account named "Adrian" to break into computers at the Kennedy Space
Center and the Pentagon's commander in chief of the Pacific.

#O GRID News
#I vol. 2, No. 11x&12x
#D April 28, 1991
#T Libertarian Party Candidate Says Yes! to Hackers
#T Telecom Bills Move Forward, Meet Opposition

According to LP presidential hopeful, Andre Marrou, 35% of the
dues-paying members of his party are computer programmers.  Despite
the fact that Marrou had never heard of Craig Neidorf or Operation
Sundevil, he had strong opinions on the issues. "A computer is a
printing press.  You can churn out stuff on the printer."   He did not
move away from the paradigms print gave him but at least he was at a
loss to understand how anyone could not see something so obvious, that
a computer is a printing press.

Then he defended a special kind of hacking. "If you mean hacking to
get into government computers to get the information, there is nothing
wrong with that.  There is too much secrecy in government. There is a
principle that the information belongs to the people. 99% of the
classified material is not really important. With hackers most of the
stuff they want to get into should be public in the first place.
Anything the government owns belongs to all of us.  Like in real
estate you can get information from the county and I'd extend that
rule of thumb.  It would be a good thing if they could get into the
IRS data files."

In line with mainstream libertarian thought, both Andre Marrou his
campaign manager, Jim Lewis (also a former LP veep candidate), said
that they support the idea of government-granted patents.  Marrou said
he had never heard of patents being granted for software but knew that
software can be copyrighted.  Andre Marrou graduated from MIT.

(2) Telecom Bills Move Forward, Meet Opposition

"Competition and innovation will be stifled and consumers will pay
more for telephone service if the Legislature approves the
telecommunication legislation now before Senate and House committees,"
said 15 lobbyists speaking through the Marketing Resource Group.
Representatives from the AARP, AT&T, MCI, Michigan Cable Television
Association, and the Michigan Association of Realtors all agreed that
it would be wrong to let the local exchange carriers sell cable
television, long distance and information services and manufacture

The AARP has opposed this legislation because they do not see a limit
on the cost of phone service.  According to the bill BASIC phone rates
would be frozen forever at their November 1990 level.  However, there
is no limit on charges for "enhanced services." There is also no
DEFINITION of "enhanced service" but most people involved in the bill
have cited call forwarding, call waiting, fax and computer.

Other provisions of the proposed law would regulate all "information
providers."  Further, those who provide information from computers via
the telephone would receive their service "at cost."  This provision
takes on new colors in light of a Wall Street Journal story from Jan.
9, 1991, issued along with press release materials from Marketing
Resources.  That story outlines how NYNEX inflated its cost figures
selling itself services far in excess of the market rate.

Interestingly enough, increased competition is one of the goals cited
by the bill's key sponsor, Senate Mat Dunaskiss.

#O Telegram-Tribune Newspaper
#D March 23, 1991
#T Amature Hackers Tripped Up
#A Danna Dykstra Coy

San Luis Obispo police have cracked a case of computer hacking.  Now
they've got to work out the bugs.  Officers were still interviewing
suspects late Friday linked to a rare case of computer tampering that
involved at least four people, two of them computer science majors
from Cal Poly.

The hackers were obvious amateurs, according to police.  They were
caught unknowingly tapping into the computer system in the office of
two local dermatologists.  The only information they would have
obtained, had they cracked the system's entry code, was patient
billing records.

Police declined to name names because the investigation is on-going.
They don't expect any arrests, though technically, they say a crime
has been committed.  Police believe the tampering was all in fun,
though at the expense of the skin doctors who spent money and time
fixing glitches caused by the electronic intrusion.

"Maybe it was a game for the suspects, but you have to look at the
bigger picture," said the officer assigned to the case, Gary Nemeth.
"The fact they were knowingly attempting to access a computer system
without permission is a crime."  Because the case is rare in this
county, police are learning as they go along.  "We will definitely
file complaints with the District Attorney's Office," said Nemeth.
"They can decide whether we've got enough of a case to go to trial."

Earlier this month San Luis dermatologists James Longabaugh and
Jeffrey Herten told police they suspected somebody was trying to
access the computer in the office they share at 15 Santa Rosa St.  The
system, which contains patient records and billing information,
continually shut down.  The doctors were unable to access their
patients' records, said Nemeth, and paid a computer technician at
least $1,500 to re-program their modem.

The modem is a device that allows computers to communicate through
telephone lines.  It can only be accessed when an operator "dials" its
designated number by punching the numbers on a computer keyboard.  The
"calling" computer then asks the operator to punch in a password to
enter the system.  If the operator fails to type in the correct
password, the system may ask the caller to try again or simply hang
up.  Because the doctors' modem has a built-in security system,

(cont' NIA072 File 8)
                        /                         /
                        /     NIA072 / File 8     /
                        / CyberTimes (Vox Populi) /
                        /       Judge Dredd       /
                        /                         /

(cont' NIA072 / File 7)

several failed attempts causes the system to shut down completely.

The technician who suspected the problems were more than mechanical,
advised the doctors to call the police.  "We ordered a telephone tap
on the line, which showed in one day alone 200 calls were made to that
number," said Nemeth.  "It was obvious someone was making a game of
trying to crack the code to enter the system."  The tap showed four
residences that placed more than three calls a day to the doctors'
computer number.  Three of the callers were from San Luis Obispo and
one was from Santa Margarita.  From there police went to work.

"A lot of times I think police just tell somebody in a situation like
that to get a new phone number," said Nemeth, "and their problem is
resolved.  But these doctors were really worried.  They were afraid
someone really wanted to know what they had in their files.  They
wondered if it was happening to them, maybe it was happening to
others.  I was intrigued."

Nemeth, whose training is in police work and not computer crimes, was
soon breaking new ground for the department.  "Here we had the
addresses, but no proper search warrant.  We didn't know what to name
in a search warrant for a computer tampering case."  A security
investigator for Pacific Bell gave Nemeth the information he needed:
disks, computer equipment, stereos and telephones, anything that could
be used in a computer crime.

Search warrants were served at the San Luis Obispo houses Thursday and
Friday.  Residents at the Santa Margarita house have yet to be served.
But police are certain they've already cracked the case.  At all three
residences that were searched police found a disk that incorrectly
gave the doctors' phone number as the key to a program called "Cygnus
XI".  "It was a fluke," said Nemeth.  "These people didn't know each
other, and yet they all had this same program".  Apparently when the
suspects failed to gain access, they made a game of trying to crack
the password, he said.  "They didn't know whose computer was hooked up
to the phone number the program gave them," said Nemeth.  "So they
tried to find out."

Police confiscated hundreds of disks containing illegally obtained
copies of software at a residence where two Cal Poly students lived,
which will be turned over to a federal law enforcement agency, said

Police Chief Jim Gardner said he doesn't expect this type of case to
be the department's last, given modern technology.  "What got to be a
little strange is when I heard my officers talk in briefings this
week.  It was like I need more information for the database'."  "To
think 20 years ago when cops sat around and talked all you heard about
was 211' cases and dope dealers."

#O Telegram-Tribune Newspaper
#D March 29, 1991
#T Computer Case Takes A Twist
#A Danna Dykstra Coy

A suspected computer hacker says San Luis Obispo police overreacted
when they broke into his house and confiscated thousands of dollars of
equipment.  "I feel violated and I'm angry" said 34-year-old engineer
Ron Hopson.  All of Hopson's computer equipment was seized last week
by police who believed he may have illegally tried to "hack" his way
into an office computer belonging to two San Luis Obispo
dermatologists.  Police also confiscated equipment belonging to three

"If police had known more about what they were doing, I don't think it
would have gone this far," Hopson said.  "They've treated me like a
criminal, and I was never aware I was doing anything wrong.  It's like
a nightmare."  Hopson, who has not been arrested in the case, was at
work last week when a neighbor called to tell him there were three
patrol cars and two detective cars at his house.  Police broke into
the locked front door of his residence, said Officer Gary Nemeth, and
broke down a locked door to his study where he keeps his computer.
"They took my stuff, they rummaged through my house, and all the time
I was trying to figure out what I did, what this was about.  I didn't
have any idea."

A police phone tap showed three calls were made from Hopson's
residence this month to a computer at an office shared by doctors
James Longabaugh and Jeffrey Herten.  The doctors told police they
suspected somebody was trying to access the computer in their office
at 15 Santa Rosa St.  Their system, which contains patient records and
billing information, kept shutting down.  The doctors were unable to
access their patients' records, said Nemeth.  They had to pay a
computer technician at least $1,500 to re-program their modem, a
device that allows computers to communicate through telephone lines.

Hopson said there is an easy explanation for the foul-up.  He said he
was trying to log-on to a public bulletin board that incorrectly gave
the doctors number as the key to a system called "Cygnus XI".  Cygnus
XI enabled people to send electronic messages to one another, but the
Cygnus XI system was apparently outdated.  The person who started it
up moved from the San Luis Obispo area last year, and the phone
company gave the dermatologists his former number, according to
Officer Nemeth.

Hopson said he learned about Cygnus XI through a local computer club,
the SLO-BYTES User Group. "Any of the group's 250 members could have
been trying to tap into the same system", said Robert Ward, SLO-BYTES
club secretary and computer technician at Cal Poly.  In addition, he
suspects members gave the phone number to fellow computer buffs and
could have been passed around the world through the computer
Bulletin-Board system.  "I myself might have tried to access it three
or four times if I was a new user," he said.  "I'd say if somebody
tried 50 times, fine, they should be checked out, but not just for
trying a couple of times."

Police said some 200 calls were made to the doctors modem during the
10 days the phone was tapped.  "They say, therefore, its obvious
somebody is trying to make a game of trying to crack the computer
code", said Hopson.  "The only thing obvious to me is a lot of people
have that published number.  Nobody's trying to crack a code to gain
illegal access to a system.  I only tried it three times and gave up,
figuring the phone was no longer in service."

Hopson said he tried to explain the situation to the police.  "But
they took me to an interrogation room and said I was lying.  They
treated me like a big-time criminal, and now they won't give me back
my stuff."  Hopson admitted he owned several illegally obtained copies
of software confiscated by police.  "But so does everybody," he said,
"and the police have ever right to keep them, but I want the rest of
my stuff."

Nemeth, whose training is in police work and not computer crimes, said
this is the first such case for the department and he learning as he
goes along.  He said the matter has been turned over to the District
Attorney's Office, which will decide whether to bring charges against
Hopson and one other suspect.

The seized belongings could be sold to pay restitution to the doctors
who paid to re-program their system.  Nemeth said the police are
waiting for a printout to show how many times the suspects tried to
gain access to the doctors' modem.  "You can try to gain access as
many times as you want on one phone call.  The fact a suspect only
called three times doesn't mean he only tried to gain access three

Nemeth said he is aware of the bulletin board theory.  "The problem is
we believe somebody out there intentionally got into the doctors'
system and shut it down so nobody could gain access, based on evidence
from the doctors' computer technician," said Nemeth.  "I don't think
we have that person, because the guy would need a very sophisticated
system to shut somebody else's system down."  At the same time, he
said, Hopson and the other suspects should have known to give up after
the first failed attempt.  "The laws are funny.  You don't have to
prove malicious intent when you're talking about computer tampering.
The first attempt you might say was an honest mistake.  More than
once, you have to wonder."

Police this week filled reports with the District Attorney's Office
regarding their investigation of Hopson and another San Luis Obispo
man suspected of computer tampering.  Police are waiting for Stephen
Brown, a deputy district attorney, to decide whether there is enough
evidence against the two to take court action.  If so, Nemeth said he
will file reports involving two other suspects, both computer science
majors from Cal Poly.  All computers, telephones, computer instruction
manuals, and program disks were seized from three houses in police
searches last week.  Hundreds of disks containing about $5,000 worth
of illegally obtained software were also taken from the suspects'

Police and the District Attorney's Office are not naming the suspects
because the case is still under investigation.  However, police
confirmed Hopson was one of the suspects in the case after he called
the Telegram-Tribune to give his side of the story.

#O Telegram-Tribune Newspaper
#D April 12, 1991
#T Hackers' Off Hook, Property Returned
#A Danna Dykstra Coy

Two San Luis Obispo men suspected of computer tampering will not be
charged with any crime.  They will get back the computer equipment
that was seized from their homes, according to Stephen Brown, a deputy
district attorney who handled the case.  "It appears to have been a
case of inadvertent access to a modem with no criminal intent," said
Brown.  San Luis Obispo police were waiting on Brown's response to
decide whether to pursue an investigation that started last month.
They said they would drop the matter if Brown didn't file a case.

The officer heading the case, Gary Nemeth, admitted police were
learning as they went along because they rarely deal with computer
crimes.  Brown said he doesn't believe police overreacted in their
investigation.  "They had a legitimate concern."

In early March two dermatologists called police when the computer
system containing patient billing records in their San Luis Obispo
office kept shutting down.  They paid a computer technician about
$1,500 to re-program their modem, a device that allows computers to
communicate through the telephone lines.  The technician told the
doctors it appeared someone was trying to tap into their system.  The
computer's security system caused the shutdown after several attempts
to gain access failed.

Police ordered a 10-day phone tap on the modem's line and, after
obtaining search warrants, searched four residences where calls were
made to the skin doctors' modem at least three times.  One suspect,
Ron Hopson, said last week his calls were legitimate and claimed
police overreacted when they seized his computer, telephone, and
computer manuals.  Hopson could not reached Thursday for comment.

Brown's investigation revealed Hopson, like the other suspects, was
trying to log-on to a computerized "bulletin-board" that incorrectly
gave the doctors' number as the key to a system called "Cygnus XI".
Cygnus XI enabled computer users to electronically send messages to
one another.  Brown said while this may not be the county's first
computer crime, it was the first time the District Attorney's Office
authorized search warrants in a case of suspected computer fraud using
telephone lines.  Police will not be returning several illegally
obtained copies of software also seized during the raids, he said.

#O Contingency Journal
#D May/June 1991
#T Restitution Ordered For Bell South Hackers
#D Michael H. Agranoff, Attorney

The law is beginning to respond effectively to the problem of computer
hacking. In September 1988, three young men began implementing a
scheme to steal proprietary data from Bell South Telephone Co.
computers. They illegally gained access to Bell South from a home
computer, downloaded the data and tried to disguise the fraud by using
the IDs of legitimate users.

The stolen data was transferred on an interstate computer network and
stored on a bulletin board system. It was made known to others in a
hacker's newsletter published by one of the schemers.

If the fraud had continued, it could have disrupted telecommunication
channels throughout the country, according to government prosecutors.
The hackers were in a position to retrieve and modify credit
information, eavesdrop on telephone conversations and worse.

Various charges of fraud, theft and conspiracy were lodged against the
trio. They attempted to get the charges dismissed on technical
grounds, were unsuccessful and pleaded guilty to a smaller number of

A federal judge in Georgia imposed sentences last November.  One
hacker was given 21 months in prison and two years supervised

The other two hackers were each given 14 months in prison.  Seven of
those months were to be served in a half-way house, where they must
assist colleges and businesses in computer work. Following release,
the hackers must each complete three years community service, to
include 120 hours each year of computer-related work, during which
time they may not own or access a computer, except for employment,
without supervision approved by the court.

Each of the three hackers was also ordered to pay restitution to Bell
South amounting to $233,880 per hacker.  Readers may reflect upon this
sentence. In trying to protect the public interest and yet not be
vindictive, the judge rendered (in this writer's opinion) a wise and
thoughtful decision. Will it send the appropriate message to potential
hackers throughout the country? Let us see.

#O Unix Today
#D April 29, 1991
#T Internet Break-Ins
#A Dutch Cracker Easily Accessed U.S. Computers

Allegations that Dutch crackers have been operating with impunity for
months against U.S. computers has stirred a debate whether systems
administrators have been negligent in failing to close easy, obvious
security holes that have been well-known for years.

Dutch crackers have, since September, been using the Internet to
access computers, most of them Unix machines, at the Kennedy Space
Center, the Pentagon's Pacific meet Command, the Lawrence Livermore
National laboratories and Stanford University.  The techniques they've
used have been simple, well-known and uncreative, and they've found
the job an easy one, say sources. "These are not skilled computer
geniuses like Robert Morris," said Cliff Stoll, author of The Cuckoo's
Egg, who said he's been in contact with some Dutch crackers who may
have committed the break-ins. "These are more like the kind of hacker
I caught, sort of plodding, boring people." Stoll's 1989 book
concerned his pursuit of a cracker.

Techniques include guessing at commonly used passwords, default
passwords that ship with Unix systems and that some users don't bother
to change, and using guest accounts, said Stoll.

The crackers managed to obtain superuser privileges at a system at
Stanford University, said Bill Bauridel, information security officer
at Stanford University Data Center. They used a bug in sendmail - the
same program exploited by Robert Morris to loose a worm on the
Internet in 1988, though Bauridel said the crackers did not use the
sendmail feature that Morris exploited.

The Lawrence Livermore Laboratories computers were only used as a
gateway to other systems, said Bob Borchers, associate director for
computation at the labs.

The crackers have been able to access only non-classified material,
such as routine memos say authorities. So far, no evidence has been
found that they did anything malicious once they broke into a U.S.

The lack of laws governing computer crime in Holland allows crackers
to operate with relative impunity, said Martin de Lange, managing
director of ACE, and Amsterdam-based Unix systems software company.

The impunity combines with an anti-authoritarian atmosphere in Holland
to make cracking a thriving practice, said Stoll.  "There's a national
sense of thumbing one's nose at the Establishment that's promoted and
appreciated in the Netherlands," he said. "Walk down the streets of
Amsterdam and you'll find a thriving population that delights in
finding ways around the Establishment's walls and barriers."

The break-ins became a subject of notoriety after a Dutch television
show called After the News ran film Feb. 2 purporting to be of an
actual cracker break-in, said Henk Bekket, a network manager at
Utrecht University.

Utrecht University in Holland was reported to be the first site broken
into. Bekker said he was able to detect two break-ins, one in October
and one again in January.

The crackers apparently dialed into a campus terminal network that
operates without a password, accessed the campus TCP/IP backbone, and
then accessed another machine on campus-a VAX 11/75-that hooks up to
SURFnet, a national X.25 network in Holland.

>From SURFnet, they were presumably able to crack into an Inter-net
computer somewhere, and from there access the computers in the United
States, said Bekker.

The dial-in to SURFnet gateway has been canceled since the January
attempt, he said. (Presumably, the break-in footage aired Feb. 2 was
either through another channel, or filmed earlier.)

Bekker said he manages a network consisting of a DECsystem 5500 server
and 40 to 50 Sun and VAX VMS workstations.  He noted a break-in to
another machine on campus Jan. 16, and into a machine at the
University of Leyden in October.

A cracker was searching DECnet I password files for accounts with no
password.  The cracker was also breaking into machines over DECnet,
said Bekker. The cracker had a rough idea of the pattern of DECnet
node addresses in Holland, and was trying to guess machine addresses
from there. Node addresses begin with the numerals 28, said Bekker,
and he found log files of the cracker searching for machines at 28.1,
28.2, 28.3 and so on. But the cracker did not know that the actual
sequence goes 28.100, 28.110, and so on.

"Hackers are organized to get together, discuss technologies, and they
openly demonstrate where there are installations prone to break-in,"
de Lange said.  Computer crime in Holland can be prosecuted under laws
covering theft of resources, wiretapping and wire fraud, said Piet
Beertema, of the European Unix User Group, and network manager of the
Center for Mathematics and Computer Science in Amsterdam.

And finding someone to investigate can also be a problem, said Bekker.

"You cannot go to the police and say, 'Hey, someone has broken into my
computer.' They can't do anything about it," he said.

Stoll, the American author, said crackers appear firmly rooted in
Dutch soil.

"There is a history going back more than five years of people getting
together and breaking into computers over there," he said.  "Hacker
clubs have been active there since 1985 or 1986."

But he said it's more than lack of law that has made cracking so
popular. Most industrialized nations have no cracking laws, and those
that have them find prosecution extremely difficult, he said. Dutch
citizens also have an anti-authoritarian spirit, he added.

But Stoll condemmed the crackers.  "This is the sort of behavior that
wrecks the community, spreads paranoia and mistrust," he said. "It
brings a sense of paranoia to a community which is founded on trust."
Because no classified data was accessed, Mike Godwin, attorney for the
Electronic Frontiers Foundation (EFF), cautioned against making too
much of the incidents.

"What did these people do" he said. "There's no sense that they
vandalized systems or got ahold of any classified information." The
itself as an organization fighting to see civil rights guarantees
extended to information systems. The Cambridge, Mass., organization
has been involved in a number of cracker defenses.

The fact that the systems were breached means the data's integrity is
compromised, said Netunann. just because the data isn't classified
doesn't mean it isn't important, he noted. 'Just because you can't get
into classified systems doesn't mean you can't get sensitive
information," he said.

#O Network World
#D April 29, 1991
#T Long-haul carriers may offer toll-fraud monitoring: Services would
        help shield customers from hackers
#A Anita Taff, Washington Bureau Chief

WASHINGTON D.C. -- Long-distance carriers are considering offering
services that would shield customers from toll fraud by monitoring
network activity for suspicious traffic patterns and tipping off
users before huge costs would be run up, Network World has

Hackers are defrauding corporations by dialing into their private
branch  exchanges and using stolen authorization codes to dial out
of the switches to remote destinations, sticking the switch owners
with charges ranging from several thousand to, in one case, a
million dollars.

Users have been loathe to report toll fraud because they are
embarrassed about the security breaches or because they have entered
into private settlements with carriers that cannot be disclosed. But
earlier this year, Pacific Mutual Life Insurance Co., exasperated by
$200,000 in fraudulent charges run up during one weekend and lack of
progress in settling the issue with AT&T, turned to the Federal
Communications Commission for help.

The insurance company asked the FCC to open a proceeding in order to
establish guidelines that fairly distribute liability for toll fraud
among users, long distance carriers and customer premises equipment
manufacturers. The company questioned the validity of AT&T's claims
that its tarriffs place the liability for fraud on users' shoulders.
Both AT&T and MCI Communications Corp. oppose Pacific Mutual's

But it is clear something has to be done. Customers lose $500 million
annually to toll fraud, according to the Communications Fraud
Control Association.

"There are two kinds of customers: those who have been victims of
toll fraud and those who are about to [become victims]," said Jim
Snyder, staff member of the systems integrity department at MCI.

According to Snyder, about 80% of the calls placed by hackers go to
one of three places: Columbia, Pakistan and area code 809, which
covers Caribbean countries including the Dominican Republic and
Jamaica. Often, the calls are placed at night or during weekends. It
is this thumbprint that would enable carriers to set up monitoring
services to identify unusual activity. He said MCI is considering
such a service but has not yet decided whether to offer it.

AT&T would also be interested in rolling out such a monitoring
service if customer demand exists, a spokesman said.

Henry Levine, a telecommunications attorney in Washington, D.C. who
helps customers put together Tariff 12 deals, said he knows of
several users that have requested toll-fraud monitoring from AT&T.
He said AT&T is currently beta-testing technology that gives users
real-time access to call detail data, a necessary capability for
real-time monitoring.

US Sprint Communications Co. offers a monitoring service for its
800, UltraWATS, Virtual Private Network, SprintNet and voice mail
customers free of charge, but it is not a daily, around-the-clock
monitoring service, and the typical lag time until user are notified
of problems is 24 hours.

In a filing on behalf of the Securities Industry Association, Visa
USA, Inc., the New York Clearinghouse Association and Pacific
Mutual, Levine urged the agency to require carriers to offer
monitoring services. Network equipment could monitor traffic
according to preset parameters for call volume, off-hour calling and
suspicious area or country codes, he said. If an anomaly is
detected, Levine's proposal suggests that carriers notify users
within 30 minutes. Therefore, users would be held liable for only a
nominal amount of fraudulent charges.

#O Houston Chronicle
#T Lawsuit alleges rights violations in computer crime crackdown
#A Joe Abernathy

An Austin game publisher has sued the U.S. Secret Service for alleged
civil rights violations in connection with a nationwide crackdown on
computer crime.

Steve Jackson Games, whose case has become a cause celebre in the
computer network community, alleges in the lawsuit that a raid
conducted during OperationSun Devil violated the rights of the company
and its customers to free speech, free association, and a free press.

The lawsuit in federal district court in Austin further claims the
raid was a violation of the protection against unreasonable search and
seizure, and violated the law restricting the government from
searching the office of publishers for work products and other
documents. It seeks unspecified damages.

"This is a lawsuit brought to establish the statutory rights of
businesses and individuals who use computers," said Jackson's
attorney, Sharon Beckman of Boston.  "It's about the First Amendment,
it's about the right to privacy, and it's about unreasonable
government intrusion."

Defendants include the Secret Service; Assistant United States
Attorney William J. Cook in Chicago; Secret Service agents Timothy M.
Foley and Barbara Golden; and Henry M. Kluepfel of Bellcore, a
telephone company research consortium which assisted the agency in its

Earl Devaney, special agent in charge of the Secret Service fraud
division, said that his agency was barred from responding to the
allegations contained in the lawsuit.

"Our side of the story can't be told because we're compelled by the
laws that govern us to remain mute," he said. "We'll have to let the
future indictments, if there are any, and the future trials speak for

Devaney said the agency recently completed its review of evidence
seized during Operation Sun Devil and has sent it to federal
prosecutors. He couldn't predict how many indictments will result.

The Electronic Frontier Foundation, founded by computer industry
activists after questions arose regarding the legality of several Sun
Devil raids, is paying Jackson's legal fees. James R. George, an
Austin attorney with expertise in constitutional law, represents
Jackson in Texas.

Contending that civil rights normally taken for granted are often
denied to users of computer networks and bulletin boards, the EFF
attorneys designed Jackson's case as a test of how courts will treat
these issues.

"What happened was so clearly wrong," Beckman said.  "Here we have a
completely innocent businessman, a publisher no less, whose
publications are seized, whose computers are seized, whose private
electronic mail is seized, and all for no good reason."

Jackson's firm was raided on March 1, 1990, along with 27 other homes
and businesses across the nation. The Secret Service confiscated
dozens of computers and tens of thousands of computer data disks in
the raids. After several months passed with no charges being filed,
the agency came under increasing fire for Sun Devil.

"They raided the office with no cause, confiscated equipment and data,
and seriously delayed the publication of one big book by confiscating
every current copy," Jackson said. "It very nearly put us out of
business, and we are still extremely shaky."

Seven months after the raid on Jackson's firm, the search warrant was
unsealed, revealing that the firm was not even suspected of
wrongdoing. An employee was suspected of using a company bulletin
board system to distribute a document stolen from the telephone

Bulletin board systems, called BBSs in computer jargon, allow people
with common interests  to share information using computers linked by
telephone.  Jackson's bulletin board, Illuminati, was used to provide
product support for his games - which are played with dice, not

Beckman said the search warrant affidavit indicates investigators
thought the phone company document was stored on a bulletin board at
the employee's home, and therefore agents had no reason to search the

"Computers or no computers, the government had no justification to
walk through that door," she said.

Beckman said that by seizing the BBS at Steve Jackson Games, the
Secret Service had denied customers the right to association.

"This board was not only a forum for discussion, it was a forum for a
virtual community of people with a common interest in the gaming
field," she said. "Especially for some people who live in a remote
location, this forum was particularly important, and the Secret
Service shut that down."

Jackson was joined in the lawsuit by three New Hampshire residents,
Elizabeth McCoy, Walter Milliken and Steffan O'Sullivan, who used the
Illuminati BBS.

"Another right is privacy," Beckman said. "When the government seized
the Illuminati board, they also seized all of the private electronic
mail that (callers) had stored. There is nothing in the warrant to
suggest there was reason to think there was evidence of criminal
activity in the electronic mail - the warrant doesn't even state that
there was e-mail."

"That, we allege, is a gross violation of the Electronic
Communications Privacy Act," Beckman said.

Mitchell D. Kapor, creator of the popular Lotus spreadsheet program
and co-founder of the Electronic Frontier Foundation, said:

"The EFF believes that it is vital that government, private entities,
and individuals who have violated the Constitutional rights of
individuals be held accountable for their actions. We also hope this
case will help demystify the world of computer users to the general
public and inform them about the potential of computer communities."

#O Computerworld
#D Gary H. Anthes
#T Court Tosses Inslaw Appeal
#A Gary H. Anthes

Washington, D.C.- A three-judge panel of the US Court of Appeals throw
out two lower court rulings last week that said the US Department of
Justice had stolen software from Inslaw, Inc. and had conspired to
drive the firm out of business.

The Court of Appeals for the Washington, D.C., circuit did not
consider the validity of the lower court findings but said the
bankruptcy court that first upheld Inslaw's charges had exceeded its

This is a serious setback for Inslaw, which said it has spent five
years and $6 million in legal fees on the matter, but the company
vowed to fight on. It may ask the full court to reconsider, it may
appeal to the US Supreme Court, or it may go to more specialized
tribunals set up by the government to hear disputes over contracts,
trade secrets, and copyrights, Inslaw President William Hamilton said.

"Not many firms could have lasted this long, and now to have this
happen is just unbelievable. But there's no way in hell we will put up
with it," an obviously embittered Hamilton said. It may cost the tiny
firm "millions more" to reach the next major legal milestone, he said.

Double Trouble
Since the bankruptcy court trial in 1987, Inslaw has learned of
additional alleged wrongdoings by the Justice Department.

"The new evidence indicates that the motive of the [software theft]
was to put Inslaw's software in the hands of private sector friends of
the Reagan/Bush administration and then to award lucrative government
contracts to those political supporters," Hamiliton said.

He said that other evidence suggests that the software was illegally
sold to foreign intelligence agencies.

#O Computerworld
#D May 13, 1991
#T Systems Security Tips Go On-Line
#A Michael Alexander

Farifax, Va.-- Information systems security managers, electronic data
processing auditors and others involved in systems protection know
that it can often be difficult to keep on top of security technology
and fast-breaking news. This week, National Security Associates, Inc.,
will officially kick off an on-line service dedicated solely to
computer security.

The repository contains databases of such articles on computer
security that have appeared in 260 publications, computer security
incident reports and vendor security products. One database is devoted
to activity in the computer underground and to techniques used to
compromise systems security.

  "This is a tough industry to keep up with," said Dennis Flanders, a
communications engineer with computer security responsibilities at
Boing Co.  Flanders has been an alpha tester of National Security
Associates' systems for about six months. "Security information is now
being done piecemeal, and you have to go to many sources for
information. The appealing thing about this is [that] all of the
information is in one place."

  The service costs $12.50 per hour. There is a onetime sign-up charge
of $30, which includes $15 worth of access time.

#O The LA Times
#D May 29, 1991 [p. B-3]
#T Writer Gets Probation in Sting at Fox
#A John Kendall

Free-lance writer Stuart Goldman pleaded no contest Tuesday to three
felony charges of illegally entering Fox Televisions computer system
and stealing story ideas planted by Los Angeles police in a sting

In a plea bargain presented by prosecutors and approved by Superior
Court Judge Richard Neidorf, the 45-year-old self-proclaimed muckraker
was placed on five years' probation and ordered to pay $90,000 in
restitution, reduced to $12,000 with Fox's approval.

The judge ordered Goldman to serve 120 days in County Jail but stayed
the sentence.

Deputy Dist. Atty. Richard Lowenstein moved for dismissal of four
additional counts of entry of a computer illegally. Goldman's
no-contest pleas were tantamount to admitting guilt, the prosecutor

Despite the pleas, Goldman continued to insist outside the courtroom
Tuesday that Hollywood-based Fox had attempted to silence him.

"There's been an effort by Fox Television to silence me and, as far as
I'm concerned, that's what this case was all about," Goldman told

Attorney James E. Hornstein, representing Fox Television, denied
Goldman's charge. He said his client had agreed to reduce the
court-ordered restitution from $90,000 to $12,000 on Goldman's "plea
and statement that he is indigent."

"Throughout these proceedings, Mr. Goldman has tried to argue that
someone was out to get him," Hornstein said. "The only victims in
these proceedings were the computers of "A Current Affair which Mr.
Goldman has admitted by the plea he accessed illegally."

Goldman was arrested at his Studio City apartment in March of last
year by Secret Service agents and Los Angeles police who confiscated a
personal computer, floppy disks, Rolodexes and a loaded .38 caliber

Prosecutors accused Goldman of using a password apparently gained when
the journalist worked briefly for "A Current Affair" to enter the Fox
production's computer system. They charged that Goldman stole bogus
tips, including one involving "Ronald Reagan Jr.'s Lover," and
attempted to sell the items to a national tabloid magazine.

In an interview with The Times last year Goldman explained that he was
engaged in a free-lance undercover inquiry of gossip news-papers and
TV shows, and he claimed that his arrest was a setup to get him.

"These people will look very foolish when they get into court,"
Goldman insisted at the time. "I'm a good guy, and I'm going to prove
it. This is going to be the biggest soap opera you ever saw."

After his arrest, Goldman said he was writing a book about his
experience as a former gossip media insider who once attacked
feminists, gays and other targets in vitriolic columns in the National

After Tuesday's court session, Goldman vowed to publish his completed
book, "Snitch," as soon as possible.

Neidorf ordered authorities to return Goldman's computer.

"I'm sure you know now that computers will get you in trouble," the
judge said. "If you don't, I'll see you back in her again."

#O NewsBytes
#D June 12, 1991
#T Len Rose Sentenced To 1 Year
#A n/a

BALTIMORE, MARYLAND, U.S.A., 1991 JUNE 12 (NB) -- Leonard Rose, Jr., a
computer consultant also known as "Terminus", was sentenced to a year
and a day in prison for charges relating to unauthorized sending of
AT&T UNIX source code via telephone to another party. Rose is
scheduled to begin serving his sentence on July 10th.

The original indictment against Rose was for interstate transportation
of stolen property and violations of the Computer Fraud and Abuse Act
but those charges were dropped and replaced by a single charge of wire
fraud under a plea agreement entered into in March. The charges
involving the violation of the Computer Fraud and Abuse Act had been
challenged in a friend of the court brief filed in January by the
Electronic Frontier Foundation (EFF) who challenged the statute as
"unconstitutionally vague and overbroad and in violation of the First
Amendment guarantees of freedom of speech and association." The issues
raised by EFF were not resolved as the charges to which they objected
were dropped as part of the plea agreement.

In his plea, Rose admitted to receiving misappropriated UNIX source
code and modifying it to introduce a trojan horse into the login
procedures; the trojan horse would allow its developer to collect
passwords from unsuspecting persons logging on to a system containing
this code. Rose admitted that he transmitted the modified code via
telephone lines to a computer operator in Lockport, IL and a student
account at the University of Missouri. He also admitted putting
warnings in the transmitted code saying "Warning: This is AT&T
proprietary source code. DO NOT get caught with it."

U.S. District Judge J. Frederick Motz, in sentencing Rose, ordered him
to sell his computer equipment and to inform potential employers of
his conviction. Assistant United States Attorney Geoffrey Garinther,
who prosecuted Rose, explained these portions of the sentence to
Newsbytes, saying "The equipment was seized as evidence during the
investigation and was only returned to him as part of the agreement
when it became evident that he had no means of supporting his wife and
two children. It was returned to him for the sole purpose of selling
the equipment for this purpose and, although he has not yet sold it,
he has shown evidence of efforts to do so. The judge just formalized
the earlier agreement in his sentence. The duty to inform potential
employers puts the burden of proof on him to insure that he is not
granted "Root" privileges on a system without the employer's

Garinther added "I don't have knowledge of the outcome of all the
cases of this type in the country but I'm told that this is one of the
stiffest sentences a computer hacker has received.  I'm satisfied
about the outcome."

Jane Macht, attorney for Rose, commenting to Newsbytes on the
sentence, said "The notification of potential employers was a
negotiated settlement to allow Len to work during the three years of
his supervised release while satisfying the government's concern that
employers be protected." Macht also pointed out that many reports of
the case had glossed over an important point,"This is not a computer
intrusion or security case; it was rather a case involving corporate
computer software property rights. There were no allegations that Len
broke into anyone's system. Further, there are no reported cases of
anyone installing his modified code on any system. It should be
understood that it would require a system manager or someone else with
'superuser' status to install this routine into the UNIX login
procedure. The publishing of the routine did not, as has been
reported, open the door to a marked increase in unauthorized computer

Macht said that she believed that Rose had reached an agreement to
sell the computer equipment. He had been offering it through the
Internet for $6,000, the amount required to prepay his rent for the
length of his prison sentence. Because of his financial circumstances,
which Macht referred to as a "negative net worth", the judge did not
order any restitution payments from Rose to AT&T.

#O NewsRelease
#D May 31, 1991
#T Search Warrants Served in Computer "Hacking" Scheme

INDIANAPOLIS -- The Indianapolis Police Department, the Federal Bureau
of Investigation, and the United States Secret Service served search
warrants at five Indianapolis locations on Wednesday, May 29, 1991,
for computer-related equipment. The warrants were served by five teams
of law enforcement officials forming a group known as the Special
Computerized Attack Team (SCAT).

SCAT is a cooperative effort between the Indianapolis Police
Department the FBI, the Secret Service and other federal, state and
local law enforcement agencies aimed at tracking computer "hackers"
who illicitly enter the computer systems of companies in an attempt to
gain sensitive information, money, or company secrets.

The White Collar Crime Unit of IPD obtained information from the FBI
and Secret Service concerning illegal computer access to the PBX
system of an Indianapolis company. Armed with search warrants, SCAT
members confiscated computer equipment from fie Indianapolis residences
which linked several juveniles to the crime. The Indianapolis company
has experienced losses which approach $300,000. A search warrant was
served simultaneously by FBI agents, the Secret Service and Michigan
State Police in West Bloomfield, Michigan, in this same case.

Information gained from the search warrants has led police to continue
the investigation in other cities as well.

Suspects in the case are all juveniles and the investigation is
continuing to determine if the evidence collected will support
arrests. The SCAT unit is currently investigating other
computer-related crimes and hopes to send a strong message to computer
"hakers" that their illegal actions are being monitored closely bylaw
enforcement officials.

For further information, please contact Special Agent in Charge Roy
Yonkus, U.S. Secret Service (Indiana) at 317/ 639-3301; or John M.
Britt, Assistant to the Special Agent in Charge, U.S. Secret Service
(Detroit Office) at 313/ 226-6400.

#O NewsBytes
#D June 21, 1991
#T Norman & Thackeray Form Security Firm

DALLAS, TEXAS U.S.A., 1991 JUNE 21 (NB) -- Neal Norman, a veteran of
34 years with AT&T, has announced the formation of GateKeeper
Telecommunications Systems, Inc. The new firm will introduce a
product which it says "provides an airtight defenses against
unauthorized computer access."

Norman told Newsbytes "we think we have a product that will
revolutionize telecommunications by stopping unauthorized access to
computer systems." Norman said that the system, which is scheduled to
become available in the early fall, will provide protection for
terminals, mainframes,  and PBXs.

Norman also told Newsbytes that Gail Thackeray, ex-Arizona assistant
attorney general known for her activities in the investigation of
computer crime, will be a vice president of the new firm. "I am
extremely happy to have someone of Gail's ability and presence
involved in this endeavor right from the beginning. Additionally,"
Norman said, "we have enlisted some of the industry's most well known
persons to serve on a board of advisors to our new company.  These
respected individuals will provide guidance for us as we bring our
system to market. Among those who have agreed to serve in this group
are Donn Parker of SRI; Bill Murray, formerly of IBM; and Bob Snyder,
Chief Computer Crime Investigator for the Columbus, Ohio, police.

Synder told Newsbytes "I am excited about working with such bright
people on something of real importance and I hope to contribute to an
improvement in computer security."

#O The Wall Street Journal
#D June 6, 1991 [pp A-1, A-7]
#T Dialing For Free
#A John J. Keller

Robert Dewayne Sutton wants to help stop the tide of fraud sweeping the
cellular telephone industry. The 35-year old clearly knows plenty about

(cont' NIA072 / File 9)
                    /                           /
                    /      NIA072 / File 9      /
                    /  CyberTimes (Vox Populi)  /
                    /       Judge Dredd         /
                    /                           /

(cont' NIA072 / File 8)

fraud. After all, he helped spark the crime wave in the first place.

Mr. Sutton is a computer hacker, a technical whiz who used an
acquaintance's home-grown computer chip to tap into the local cellular
phone network and dial for free. Mr. Sutton went into business selling the
chips, authorities say, and soon fraudulent cellular phone calls were
soaring nationwide.

In February, 1989, police finally nabbed Mr. Sutton in his pick-up truck at
a small Van Nuys, Calif., gas station. He was about to sell five more of
the custom chips to a middleman. But by then it was too late. The wave of
fraud Mr. Sutton helped launch was rolling on without him.

((stuff deleted explaining that industry currently loosing about $200
million a year, "more than 4% of annual U.S. revenue" to cellular phone
fraud, and could rise to %600 million annually.  Celluar system first
cracked in 1987, by Kenneth Steven Bailey an acquaintance of Sutton from
Laguna Niguel, Calif.  Bailey used his PC to rewrite the software in the
phone's memory chi to change the electronic serial number. By replacing the
company chip with his own, Bailey could gain free access to the phone

((More stuff deleted, explaining how drug dealers use the phones, and small
businesses sprung up selling free calls to anyplace in the world for a few
dollars. Sutton denied selling the chips, but apparently sold his program
for a few hundred dollars, and anybody with a copy could duplicate it. This
is, according to the story, an international problem.))

When the dust settled in U.S. District Court in Los Angeles this April, Mr.
Sutton pleaded guilty to production of counterfeit access devices and, after
agreeing to cooperate with investigators, was sentenced to three years'
probation and a $2,500 fine.

((stuff deleted))

But in adversity there is opportunity, or so believes Mr. Sutton.  He says
he's got a marketable expertise--his knowledge of weaknesses in cellular
phone security systems--and he wants to help phone companies crack down on
phone fraud. He'll do that, of course, for a fee.

#O Newsweek
#D June 3, 1991
#T How Did They Get My Name?
#A John Schwartz

When Pam Douglas dropped by Michelle Materres's apartment, Michelle
was on the phone--but Pam knew that already. She and her son, Brian,
had been playing with his new walkie-talkie and noticed the toy was
picking up Michelle's cordless-phone conversation next door. They had
come over to warn her that her conversation was anything but private.
Materres was stunned. It was as if her neighbors could peek through a
window into her bedroom-except that Michelle hadn't known that this
window was there. "It's like Nineteen Eighty-four ;" she says.

Well, not quite. In Orwell's oppressive world, Big Brother-the police
state-was watching. "We don't have to worry about Big Brother
anymore," says Evan Hendricks, publisher of the Washington-based
Privacy Times.  "We have to worry about little brother." Until
recently, most privacy fears focused on the direct mail industry; now
people are finding plenty of other snoops.  Today's little brothers
are our neighbors, bosses and merchants, and technology and modern
marketing techniques have given each a window into our lives.

Suddenly privacy is a very public issue. A 1990 Harris poll, conducted
for consumer-data giant Equifax, showed that 79 percent of respondents
were concerned with threats to their personal privacy-up from 47
percent in 1977. Privacy scare stories are becoming a staple of local
TV news; New York City's ABC affiliate showed journalist Jeffrey
Rothfeder poking into Vice President Dan Quayle's on-line credit
records-a trick he had performed a year before for a story he wrote
for Business Week. Now Congress is scrambling to bring some order to
the hodgepodge of privacy and technology laws, and the U.S. Office of
Consumer Affairs has targeted privacy as one of its prime concerns.
Advocacy groups like the Consumer Federation of America and the
American Civil Liberties Union are turning to privacy as one of the
hot-button issues for the '90s . "There's a tremendous groundswell of
support out there," says Janlori Goldman, who heads the ACLU Privacy

Snooping boss: Concern is on the rise because, like Materres,
consumers are finding that their lives are an open book. Workers who
use networked computers can be monitored by their bosses, who in some
cases can read electronic mail and could conceivably keep track of
every keystroke to check productivity. Alana Shoars, a former e-mail
administrator at Epson America, says she was fired after trying to
make her boss stop reading co-workers' e-mail.  The company says
Shoars got the ax for in subordination; Shoars counters that the
evidence used against her was in her own e-mail--and was
misinterpreted. Other new technologies also pose threats: cordless and
cellular phones are fair game for anyone with the right receiver, be
it a $1,000 scanner or a baby monitor. Modern digital-telephone
networks allow tapping without ever placing a physical bug; talented
"phone phreaks" can monitor calls through phone companies or corporate

Such invasions may sound spooky, but privacy activists warn that the
bigger threat comes from business. Information given freely by
consumers to get credit or insurance is commonly sold for other uses
without the individual's knowledge or consent; the result is a flood
of junk mail and more. Banks study personal financial data to target
potential credit-card customers. Data sellers market lists of people
who have filed Worker Compensation claims or medical-malpractice
suits; such databases can be used to blackball prospective employees
or patients. Citicorp and other data merchants are even pilot testing
systems in supermarkets that will record your every purchase; folks
who buy Mennen's Speed Stick could get pitches and discount coupons to
buy Secret instead. "Everything we do, every transaction we engage in
goes into somebody's computer, " says Gary Culnan, a Georgetown
University associate professor of business administration.

How much others know about you can be unsettling. Architect David
Harrison got an evening call from a local cemetery offering him a deal
on a plot. The sales rep mentioned Harrison's profession, family size
and how long he had lived in Chappaqua, N.Y. Harrison gets several
sales calls a week, but rarely with so much detail: "This one was a
little bizarre."

High tech is not the only culprit.  As databases grow in the '80s, the
controls were melting away, says Hendricks.  "Reagan came in and said,
'We're going to get government off the backs of the American people.'
What he really meant was, 'We're going to get government regulators
off the i backs of business.' That sent signals to the private sector
that 'you can use people's personal information any way you want'"'
The advent of powerful PCs means that the field is primed for another
boom. Today companies can buy the results of the entire 1990 census
linked to a street-by-street map of the United States on several
CD-ROM disks.

Defenders of the direct-marketing industry point out that in most
cases companies are simply, trying to reach consumers efficiently-and
that well targeted mail is not "junk" to the recipient. Says Equifax
spokesman John Ford: "People like the kinds of mail they want to
receive." Targeting is now crucial, says Columbia University professor
Alan Westin: "If you can't recognize the people who are your better
prospects, you can't stay in business." Ronald Plesser, a lawyer who
represents the Direct Marketing Association, says activists could end
up hurting groups they support: "It's not just marketers. It's
nonprofit communication, it's political parties. It's environmental
groups. "

E-mail protest: Consumers are beginning to fight back. The watershed
event was a fight over a marketing aid with data on 80 million
households, Lotus MarketPlace: Households, proposed by the Cambridge,
Mass.- based Lotus Development Corp. Such information had been readily
available to large corporations for years, but MarketPlace would have
let anyone with the right PC tap in. Lotus received some 30,000
requests to be taken off the households list. Saying the product was
misunderstood, Lotus killed MarketPlace earlier this year. New York
Telephone got nearly 800,000  "opt out" requests when it wanted to
peddle its customer list; the plan was shelved.

With the MarketPlace revolt, a growing right-to-privacy underground
surfaced for the first time.  Privacy has become one of the most
passionately argued issues on computer networks like the massive
Internet, which links thousands of academic, business nd military
computers. Protests against MarketPlace were broadcast on the Internet
and the WELL (an on-line service that has become a favorite electronic
hangout for privacy advocates and techie journalists), and many
anti-MarketPlace letters to Lotus were relayed by e-mail.

Consumers are also taking new steps to safeguard their own privacy
often by contacting the Direct Marketing Association, which can remove
names from many mailing lists. But compliance is voluntary, and relief
is slow.  In one chilling case, an unknown enemy began flooding
business manager Michael Shapiro's Sherman Oaks, Calif., home with
hundreds of pieces of hate junk mail.  Suddenly Shapiro, who is
Jewish, was receiving mail addressed to "Auschwitz Gene Research" and
"Belsen Fumigation Labs." Shapiro appealed to the DMA and the mailing
companies directly but got no responses to most of his calls and
letters. "They ignore you, throw your letter away and sell your name
to another generation of people with computers," he complains. Finally
one marketing executive publicized Shapiro's plight within the DM
industry.  Eight months after the onslaught began, the letters have
slowed-though some companies still have not removed him from their

How else can privacy be protected? It doesn't have to mean living like
a hermit and only paying cash, but it does mean not saying anything
over cellular and cordless phones that you wouldn't want others to
overhear. Culnan of Georgetown uses her American Express card
exclusively, because while the company collects voluminous data on its
cardholders, it shares relatively little of it with other companies.

Some privacy activists look hopefully, across the Atlantic Ocean. The
European Community is pushing tough new data rules to take effect
after 1992. The Privacy Directive relies on consumer consent;
companies would have to notify consumers each time they intend to pass
along personal information. The direct-marketing industry claims the
regulations would be prohibitively expensive. The rules may be
softened but could still put pressure on U.S. marketers who do
business abroad.

U.S. firms might find another incentive to change. Companies don't
want to alienate privacy-minded customers. "We're in the relationship
business," says James Tobin, vice president for consumer affairs at
American Express. "We don't want to do anything to jeopardize that
relationship." Citicorp's supermarket plan makes privacy advocates
nervous; but Citicorp rewards customers for giving up their privacy
with incentives like discount coupons, and it reports that no
consumers have complained.  Eventually, strong privacy-protection
policies could make companies more attractive to consumers, says
Columbia's Westin-and may even provide a competitive edge. Then
consumers might get some of their privacy back-not necessarily because
it's the law, or even because it's right, but because it's good

#O Newsweek
#D June 3, 1991
#T Would New Laws Fix the Privacy Mess?
#A Annetta Miller & John Schwartz w/Michael Rogers

Congress is scrambling to catch up with its constituents in the battle
over privacy.  It has a daunting task ahead: to make sense of the
jumble of laws that have been passed-or are currently under
consideration-to regulate privacy.  Why, for example, is it legal to
listen in on someone's cordless phone conversation but illegal to
listen to a cellular call?  Why are video-rental records protected but
records of health-insurance claims largely unprotected?  (That one has
to do with an impertinent reporter revealing the video-renting habits
of Supreme Court nominee Robert Bork.)

The present foundations of privacy law have their roots in the U.S.
Constitution. Although the word "privacy" does not appear in the
document, the Supreme Court has interpreted the Constitution to grant
individuals a right of privacy based on the First, Fourth, Fifth,
Ninth and Fourteenth amendments. Since the mid-1960s, Congress has
enacted no fewer than 10 privacy laws-including the landmark 1974
Privacy Act. And yet a national right to privacy is far from firmly
established. On its face, for example, the Fair Credit Reporting Act
limits access to credit reports. But it also grants an exception to
anyone with a "legitimate business need." The Right to Financial
Privacy Act of 1978 severely restricts the federal government's
ability to snoop through bank-account records; but it exempts state
agencies, including law-enforcement agencies, and private employers.
"It's easy to preach about the glories of privacy," says Jim Warren,
who organized a recent "Computers, Freedom & Privacy" conference. But
it's hard to implement policies without messing things up."

That hasn't stopped people from trying. James Rule, a State University
of New York sociology professor, says that new legislation is
warranted "on the grounds that enough is enough . . . [Privacy
infringement] produces a world that almost nobody likes the look of."

Data board: The newest efforts to regulate privacy range from simple
fixes to a full-fledged constitutional amendment. Last week a Senate
task force recommended extending privacy laws to cover cordless
tele-phones. One bill, proposed by Rep. Robert Wise of West Virginia,
would create a federal "data-protection board" to oversee business and
gov-ernmental use of electronic information. Another, being prepared
by Sen. Patrick Leahy of Vermont, would apply the Freedom of
Informa-tion Act to electronic files as well as to paper. Rep. Andy
Jacobs of Indiana has held hearings on the misuse of social-security
numbers to link computerized information. And several bills have been
introduced to stop credit reporters from selling personal data to junk

Possibly the most sweeping proposal for change comes from Harvard
University law professor Laurence Tribe. In March, Tribe proposed a
constitutional amendment that would, among other things protect
individuals from having their private data collected and shared
without approval.  "Constitutional principles should not vary with
accidents of technology," Tribe said at the "Computers, Freedom &
Privacy" conference earlier this spring. He said an amendment is
needed because the letter of the Constitution can seem, at the very
least, "impossible to take seriously in the world as reconstituted by
the microchip."

But some experts argue that well-meaning reform could do more harm
than good. Requiring marketers to get permission every time they want
to add a name to a mailing list would make almost any kind of mass
mailing hopelessly expensive. "It's nice to talk about affirmative
consent, but it really will kill the industry," warns Ronald Plesser,
who represents the Direct Marketing Association. "And then people who
live out in the country won't have access to the L.L. Bean catalog and
the services they like." In this technological age, how much privacy
Americans enjoy will depend partly on how high a price they are
willing to pay to keep it.

#O NewsBytes
#D April 30, 1991
#T Secret Service: "No Comment" on Reported Siezure

TOLEDO, OHIO, U.S.A., 1991 APR 30 (NB) -- Anthony J. Carmona,
United States Secret Service Agent-in-Charge of the Toledo, Ohio
office, responding to Newsbytes questions, said that "there has been
no recent computer or credit card crime arrests by his office."

Newsbytes contacted Carmona after receiving two independent
notifications that the Secret Service agents from the Toledo office
have recently seized computer equipment from an individual
pursuant to a credit card fraud case. Carmona told Newsbytes that
his office "could no comment on any seizures or other incidents that
may be part of an on-going investigation. We can only speak of items
that are part of the public record."

MIke Godwin, staff counsel of the Electronic Frontier Foundation
(EFF), told Newsbytes that an unidentified individual had called his
office purporting to be a "friend" of the subject of a Secret Service
investigation and equipment seizure in the Toledo area. Godwin said
that the called asked for advice for his friend and "I told him to
consult an attorney." Godwin said the caller hung up without leaving
his name.

Gail Thackeray, former Arizona Assistant AttorneyGeneral, who
has worked for over a year with the Secret Service in the on-going
"Sundevil" credit card fraud case told Newsbytes "I don't know
whether there was any arrest or seizure in Ohio but, if there was, it
is not related to "Sundevil". Thackeray, now working with the
Maricopa Country Attorney's office to complete the Sundevil cases,
has recently brought the first two indictments related to the
investigation. In the most recent,  Baron Majette, 19, also known as
"Doc Savage", was arrested and charged with a number of felony
crimes relating to computer system break-ins and misuse of credit

Newsbytes will continue to attempt to verify whether or not a seizure
of computer equipment actually occurred.

#O NewsBytes
#D July 2, 1991
#T Law Panel Recommends Computer Search Procedures

WASHINGTON, D.C., U.S.A., 1991 JULY 2 (NB) -- A panel of lawyers and
civil libertarians, meeting at the Computer Professionals for Social
Responsibility (CPSR) Washington roundtable, "Civilizing Cyberspace",
have proposed procedures for police searches and seizures which they
feel will both allow adequate investigations and protect the
constitutional rights of the subject of the investigation.

The panel, composed of Mike Godwin, staff counsel of Electronic
Frontier Foundation; Sharon Beckman attorney with  Silverglate &
Good; David Sobel of CPSR, Jane Macht, attorney with Catterton, Kemp
and Mason; and Anne Branscomb of Harvard University, based its
proposals on the assumption that a person, in his use of computer
equipment, has protection under both the Fourth Amendment and the
free speech and association provisions of the first amendment.

The panel first addressed the requirements for a specific warrant
authorizing the search and recommended that the following guidelines
be observed:

1. The warrant must contain facts establishing probable cause to
believe that evidence of a particular crime or crimes will be found
in the computers or disks sought to be searched.

2. The warrant must describe with particularity both the data to be
seized and the place where it is to be found ("with particularity" is

3. The search warrant must be executed so as to minimize the
intrusion of privacy, speech and association.

4. Officers may search for and seize only the data, software, and
equipment specified in the warrant.

5. The search should be conducted on-site.

6. Officers must employ available technology to minimize the
intrusive of data searches.

The panel then recommended limitations on the ability of officials to
actually seize equipment by recommending that "Officers may not seize
hardware unless there is probable cause to believe that the computer
is used primarily as an instrumentality of a crime or is the fruit of
a crime; or the hardware is unique and required to read the data; or
examination of hardware is otherwise required." The panel further
recommended that, in the event hardware or an original and only copy
of data has been seized, an adversary post-seizure hearing be held
before a judge within 72 hours of the seizure.

Panel member Sharon Beckman commented to Newsbytes on the
recommendations, saying "It is important that we move now to the
implementation of these guidelines. They may be implemented either by
the agencies themselves through self-regulation or through case law
or legislation. It would be a good thing for the agencies t o take
the initiative."

The panels recommendations come at a time in which procedures used in
computer investigations have come under criticism from computer and
civil liberties groups. The seizure of equipment by the United Secret
Service from Steve Jackson Games has become the subject of litigation
while the holding of equipment belonging to New York hacker "Phiber
Optic" for more than a year before his indictment has prompted calls
from law enforcement personnel as well as civil liberties for better
procedures and technologies.

#O Chicago Tribune
#D June 27, 1991 [Sec 2, p2]
#T Ex-Employee Guilty of Erasing Data
#A Joseph Sjostrom

A computer technician pleaded guilty Wednesday in Du Page County Court
to erasing portions of his former employer's database last November in
anger over the firing of his girlfriend.

Robert J. Stone, 30, of 505 W. Front St., Wheaton, entered the plea on
a charge of computer fraud to Associate Judge Ronald Mehling.  In
exchange for the guilty plea, prosecutors dismissed a burglary charge.
Mehling scheduled sentencing for Aug. 8.

Defense lawyer Craig Randall said after the hearing that Stone still
has a 30-day appeal period during which he can seek to withdraw the
guilty plea.

"I don't think he erased anything as alleged, and I don't think the
{prosecution} would be able to prove that he did," Randall said.

Stone was indicted last January for one count of burglary and one
count of computer fraud for entering the office of his former
employer, RJN Environmental, 202 W. Front St., Wheaton, and deleting
eight programs from the company computer.

Assistant Du Page County State's Atty. David Bayer, who prosecuted the
case along with Assistant State's Atty. Brian Ruxton, said the progams
were part of a company project for the state of Florida in which RJN
was, in effect, redrawing maps in digital form and storing them in a

Bayer said Stone had left the company the previous April and that his
girlfriend, who was not identified, worked there too but was fired in

Bayer said Stone entered the firm's office last Nov. 24, a Saturday
when nobody else was there.

Employees who came to work on Sunday discovered that data had been
erased and a quantity of data storage disks were missing.

Bayer said the disks contained several months' worth of work, but were
recovered. It took about a week to restore the rest of the missing
computer information, Bayer said.

Bayer said Wheaton police Detective Kenneth Watt interviewed Stone the
following Monday, and said Stone admitted to erasing data and taking
the disks. Bayer said Stone told the detective where to find the disks,
which he had left under a stairwell at RJN.

#O Wall Street Journal
#D April 25, 1991
#T Soon, ATMs May Take Your Photograph Too
#A Paul B. Carroll

*Smile* when you use that automated teller machine.  Miniature cameras may soon
become widespread in ATMs and elsewhere.
   At Edinburgh University in Scotland, researchers have produced a single
computer chip that incorporates all the circuitry needed for a video camera.
Even with a lens that fits right on top of the chip, it's still just the size
of a thumbnail. When they become available in a year or so, such cameras may
carry as little as a $40 price tag.
   NCR thinks these tiny cameras could find their way into lots of ATMs in the
next few years. The computer maker already sells ATMs that include cameras,
allowing banks to doublecheck on people who contend their account was debited
even though they didn't use an ATM that day. But those cameras are expensive,
especially because the big box with the electronics has to be so far back in
the ATM that it requires a long, elaborate lens. The lens also gives away to
potential cheats the fact that the camera is there, whereas the new tiny
cameras will just need a pinhole to peep through.
   "We see this as a breakthrough," says Greg Scott, an engineer with NCR in
Dunfermline, Scotland.
   The Scottish Development Agency, which supplied some of the initial research
funds, says the tiny cameras may also find their way into baby monitors,
picture telephones, bar-code readers and robotic vision systems.

#O NewsBytes
#D July 1, 1991
#T Arrests In "Multi-Million" Cellular Phone Fraud

ALBANY, NEW YORK U.S.A., 1991 JUL 1 (NB) -- The New York State Attorney
General's office has announced the arrest and arraignment of four individuals
for allegedly illegally utilizing Metro One's cellular service for
calls totalling in excess of $1 million per month.

According to the charges, the arrested individuals duplicated a Metro
One customer's electronic serial number (ESN) -- the serial number
that facilitates customer billing -- and installed the chip in a
number of cellular phones. Th defendants then allegedly installed the
phones in cars which they parked in a location near a Metro One cell
site in the Elmhurst section of Queens in New York City.

>From these cars, the defendants allegedly sold long distance service
to individuals, typically charging $10 for a 20 minute call. Metro
One told investigators that many of the calls were made to South
American locations an that its records indicate that more than $1
million worth of calls were made in this manner in May 1991.

The arrests were made by a joint law enforcement force composed of
investigators from The New York State Police, New York City Police
Special Frauds Squad, United States Service, and New York State
Attorney General's office. The arrests were made after undercover
officers, posing as customers, made phone calls from the cellular
phones to out-of-state locations. The arrests were, according to a
release from the Attorney General's office, the culmination of an
investigation begun in September 1990 as the result of complaints
from Metro One.

The defendants, Carlos Portilla, 29, of Woodside, NY; Wilson
Villfane, 33, of Jackson Heights, NY; Jaime Renjio-Alvarez, 29, of
Jackson Heights, NY and Carlos Cardona, 40, of Jackson Heights, NY,
were charged with computer tampering in the first degree and
falsifying business records in the first degree, both Class E
felonies,- and theft of services, a Class A misdemeanor.
Additionally, Portilla and Villfane were charged were possession of
burglar tools, also a Class A misdemeanor. At the arraignment,
Portilla and Renjio-Alvarez pleaded guilty to computer tampering and
the additional charges against those individuals were dropped.

New York State Police Senior Investigator Donald Delaney, commenting
on the case to Newsbytes, said "This arrest is but the tip of the
iceberg. There is an on-going investigation in the area of cellular
phone fraud and we are looking for those that are organizing this
type of criminal activity."

#O NewsBytes
#D July 17, 1991
#T Sundevil Defendant "DOC SAVAGE" Sentenced 7/17/91

PHOENIX, ARIZONA, U.S.A., 1991 JUL 17(NB) -- The Maricopa County
Arizona County Attorney's Office has announced the sentencing Baron
Majette, 20 , also known as "Doc Savage", for computer-related crimes
uncovered in the joint federal / state investigation known as

Majette was arrested on March 27th of this year and charged with a
number of felony charges relating to unauthorized use of telephone
facilities of Toys 'R Us to make calls worth approximately $8,000,
illegal access of TRW's credit data base and use of information
obtained therein to obtain in excess of $50,000 in cash, goods, and
services, and stealing of credit cards from U.S. Mail boxes and use of
the cards to obtain approximately $10,000 in cash, goods and services.
If convicted of the charges, Majette faced a possible jail sentence of
15 years and the requirement to make restitution for the full amount
of the alleged losses endured by the firms and individuals.

In late May, Majette pleaded guilty to an amended charge of a single
count of computer fraud, felony third degree. The reduced charge was a
result of an agreement between Mark Berardoni, the public defender
assigned to Majette; Janet Black, Majette's probation officer and the
Maricopa County Arizona County Attorney's Office. Under the reduced
charges, Majette's maximum term of incarceration was reduced from the
aforementioned 15 years to 5.

On July 16th, when the actual sentence was to be imposed, a further
agreement between the prosecution, defense and parole service  was
presented to the presiding judge, Justice Gottsfield, and, after
discussion, became the actual sentence. The court decision imposed the

-- Majette will remain in jail for up to two months while he awaits
placement in a "Shock Incarceration" program (Majette has been in jail
since his March 27th arrest because of parole violation related to an
earlier crime). Assistant County Attorney Gail Thackeray told
Newsbytes that Shock Incarceration is a 120 day program which
"provides both intensive counseling and military-like discipline and

-- Upon his release from Shock Incarceration, Majette will enter a 5
year period of "intensive probation". Under Arizona procedures, the
subject must provide the probation officer, on a weekly basis, a
schedule for the next week's activities. In the event that the
schedule has to be modified in any way, the probation office must be
called before the new schedule is acted on.

-- During the time of intensive probation, the probation officer may
visit or call the subject at any time of day or night to insure
compliance with the schedule.

-- If, at some point after a year of intensive probation, the
probation officer feels that the subject has followed the rules and
shown that intensive procedure is no longer warranted, the subject and
probation officer may recommend to the sentencing judge that the
subject be transferred to normal probation. In normal probation, the
subject advises the officer weekly of progress and problems. There is
not the hovering presence felt in intensive probation, according to
Thackeray. Additionally, the subject may be released from any form of
probation at the petition of the probation office and subject and
approval, after hearing, of the sentencing judge.

-- If, on the other hand, Majette violates the terms of his probation,
he is liable for incarceration in prison for the remainder of his
probationary period.

-- Majette was also ordered to make restitution to the parties
victimized by his activities by paying a sum of $19,774.03 to those
involved. The sum is to be paid on a monthly basis over the course of
his sentence. Additionally, he was ordered to make payments to help
defray the cost of his probationary supervision.

Under the terms of his probation, Majette is subject to the following
conditions said by Thackeray to be unique to his type of offense:

-- He may not use any computer connected to a modem or communications
network without the prior permission of his probation officer.

In the event that he takes a job that brings him into contact with
computer activities, he must notify someone in the employer's office
of the restrictions on his computer use and must discuss the planned
activities with his probation officer.

-- He is not to communicate or associate with "members of the computer
underground" (defined as persons such as those known to have or
reasonably believed to have been involved in theft of communications
services, computer fraud or related activities). In the event that any
such individuals contact him, he must report the contact to his
probation officer (According to Thackeray, this stipulation is
intended for Majette' s protection -- "In the event that the
contacting party is investigated or arrested and phone records show a
call to Majette, his notification to his probation officer of the call
will stand as proof that he was not involved in any conspiracy with the
other individual. His notification responsibility in no way requires
him to cooperate with authorities in the location or apprehension of
another individual and such cooperation is neither expected nor

Transcripts of the sentencing hearing reportedly show that it was the
intention of Judge Gottsfield to sentence Majette to a straight five
years in prison but was dissuaded by the combined recommendations of
the prosecution, defense and probation office. Thackeray explained to
Newsbytes the rationale of the prosecution in recommending a lighter
sentence -- "Usually computer hackers who get into trouble for
activities of this nature are kids or young adults who are not the
type to be in trouble for any other criminal activities. The point of
sentencing in these cases should be rehabilitation. If we can break
the pattern of illegal behavior, society will benefit from Majette's
participation. If we simply locked him up for 5 years, neither he nor
society would benefit."

#O The Times (London)
#D July 1, 1991
#T Victin of computer hackers fights BT over \pounds 8,000 bill

A director of video films is embroiled in a dispute with British Telecom over
an \pounds 8,000 bill after becoming a victim of hackers -- people who steal
computer passwords to break into international data bases and use services

George Snow says the bill will ruin him.  Experts say the case highlights
increasing concern over one of Britain's most under-reported crimes.  For
several years, Mr Snow has kept abreast of developments in 3-D computer
graphics by using access to an American information service called Compuserve.
To cut costs, he became a customer of BT's Dial Plus service, which allows
customers to connect their office or home computers to international data bases
for the price of a local rather than an international call.

Mr Snow, who has directed programmes for Channel 4 and the Arts Council, and
whose pop video credits include Howard Jones, had found the service useful and
inexpensive until recently.  "My quarterly bill would be around \pounds 30,"
said the director whose company, WKBC TV, is based in west London.  Mr Snow,
aged 42, now faces a big unscheduled bill for calls he never made.  It appears
that hackers illegally obtained Mr Snow's password and BT agrees.  The dispute
is about who pays the \pounds 5,500 and \pounds 2,500 bills which have been
run-up in recent months.

BT says that Mr Snow chose a password that hackers could easily borrow [sic].
He says that the company has a responsibility to ensure its networks are
secure.  "To clock up \pounds 8,000 worth of bills you have to be talking about
someone using the service 24 hours-a-day day in day out," he said.

To break into a data base, hackers will generally first try obvious passwords
such as Christian names.  They also use programmes that run randomly through
words in a dictionary until one opens a data base.

Customers with Dial Plus have to sign a disclaimer stating that they will not
use obvious passwords otherwise they might be liable for hackers' bills.  A BT
spokesman admitted, however, that Mr Snow had joined the service before the
agreement came into force.

Mr Snow also says that it was BT which approved Superman, the password stolen
by the hackers.  The company says that Mr Snow was warned that his account was
running up huge bills in early February but that it was sometime later that the
password was changed.  Mr Snow says that it was changed within days and that by
the time BT contacted him the damage had been done with most of the bill having
been run up.

He believes that he, and possibly others, are being forced to pay the price for
the company's poor security and has called in the Computer Crime Unit at
Scotland Yard to investigate.

David Frost, a computer security expert with accountants Price Waterhouse, said
yesterday that the amount of hacking taking place in Britain was being
seriously undeerplayed by companies.

BT rejects suggestions that it is cavalier with security.  A spokesman said the
company would write to Mr Snow this week.  He says that he willfight BT in
court if it prosecutes him.  "\pounds 8,000 is about 10 per cent of my
turnover," he said.

  [I have a few comments, based solely on the report as printed.  I do not know
  what truly happened. I draw attention to the BT's apparent attitude to
  password security.  They used the term "borrow", rather than "steal" or "use
  illegally".  They vetted the password, implying that Mr Snow was asked to
  reveal his password rather than keep it secret.  Even so, they gave the OK to
  a password which is of dubious security.  It is generally agreed that proper
  names, dictionary words, literay characters and the like are easily guessed.

  More generally, it is interesting how British newspapers, and _The Times_ in
  particular, are beginning to take an informed interest in he subject of
  computer security and, indeed, in computer-related risks in general.  Apart
  from some quaint terminology ("programmes", "data bases") they seem
  reasonably competent at understanding the issues and reporting them clearly
  to a non-expert audience.

#O The Atlanta Journal
#D Friday, June 14,1991
#T GBI searching for byte-size evidence
#A By Rob Johnson and David Pendered
#B Typed for data by The Esoterrorist

Computers, floppy disks taken
from suspected teen hackers

    Four suburban Atlanta teenagers, stripped of their home
computers, began a long wait Thursday for GBI agents to rummange
through huge libraries of floppy disks for evidence of criminal
invasion of perhaps hundreds of corporate and government computer

    Georgia Bureau of Investigation agents confiscated 12 computers
and more than 1,400 disks from the north Fulton and Gwinnett county
homes of the four teens Wednesday.  The youths - two 15-year-olds
and two 17-year-olds - have not been charged or identified publicly.

    In an apparently related case six months ago, four Gwinnett
County teens were linked to an international network of about 70
computer hackers who were believed to have bilked the National
Aeronautics and Space Administration (NASA) of $12 million in
telephone services and an undetermined amout from BellSouth Inc.

    "I understand that these four teens were part of that same
group that we investigated last year," said Jim Steele, assistant
superintendent of security for the Gwinnett County school
district.  "We believe that this is a result of the same

    Until agents analyze the digital data in the newly confiscated
discs, they won't know exactly what the four teen hackers did or if
charges will be brought, said GBI spokesman John Bankhead.  "There
is no indication yet that harm was done," he said, "but penetration
took place."

Emory, Tech were targets

    Hackers apparently penetrated networks at Emory University,
Georgia Tech and WXIA-Channel 11, but BellSouth apparently was the
primary target, according to investigators.

    In the earlier investigation, Gwinnett school officials
discovered in June 1990 that hackers had penetrated a school
teleconference system and launched from there into BellSouth's
system.  Hackers in the U.S. and six or seven other countries avoided
telephone charges for their computer modems by billing them to the
school district, BellSouth and NASA, the investigation revealed.

    School investigators stopped their probe in December and
delivered their records to the GBI and BellSouth investigators, Mr.
Steele said.

This following glossary was included in the article. heh...
...use this as a reference for filling out those super elite bbs
infoforms that you never know all the answers....

|                                                                   |
| Hacking: A short glossary                                         |
|                                                                   |
|                                                                   |
| HACKER - What all computer hobbyists used to call themselves, but |
| the term has come to mean someone who breaks into computers for   |
| fun or for profit                                                 |
|                                                                   |

| MODEM - The device that lets computers talk over the telephone    |
| lines.                                                            |
|                                                                   |
| COMPUTER NETWORK - Where several computer terminals, or computers,|
| are connected so that information can be exchanged.               |

|                                                                   |

| WAR GAMES DIALER - A specialized computer program that dials      |
| every number in an exchange and identifies lines connected to     |
| modems.                                                           |
|                                                                   |
| PASSWORD - The secret word or code, usually used in combination   |
| with a name, that allows an individual to have access to a        |
| computer's files.                                                 |
|                                                                   |
|                                                                   |

                    Suspected hackers targeted BellSouth

                                                   By Rob Johnson
                                                   and Bill Husted

Phone companies offer 'interesting puzzle'

    Investigators said Thursday that BellSouth apparently was the
primary target of suspected computer hackers being questioned by
GBI agents, and experts say phone companies usually are a favorite
target for young hackers wanting to cruise through a massive network.

    "It's the oldest computer system known," said Mike Godwin of
Electronic Frontier Foundation, the Cambridge, Mass., organization
that monitors the legal quandries raised by the computer age.
"It's so huge and complex.  That's why it's a particular
interesting puzzle."

    BellSouth calls it a serious crime nevertheless.

    "It's a break-in," said Scott Ticer, the company's operations
manager.  "It doesn't matter whether it's grand theft auto or
joyriding, you're car is still not in the driveway.  Same thing here.
We take it very seriously."

Trespassing or burglary?

    Mr. Godwin agrees intrusions are a crime, but he says law
enforcement agencies and the courts rarely see the difference
between the curious teenager who pokes around inside a network and
the hacker who maliciously manipulates a company's computer

    "It's really like the difference between trespassing and
burglary," Mr. Godwin said.

    Darren McKeeman, 23, who was convicted in 1988 for breaking
into the Georgia World Congress Center's computers, said a GBI
investigation is a terrifying experience for the hacker and the

    "It's a total surprise," he said of a GBI raid.

    Hackers bent on stealing information are like burglars who work

(cont' NIA072 / File 10)

                       /                         /
                       /   NIA072 / File 10      /
                       / CyberTimes (Vox Populi) /
                       /      Judge Dredd        /
                       /                         /

(cont' NIA072 / File 9)

from home, say experts.

    Their targets are computer networks used by governments and
businesses.  Breaking into one is as challenging for a hacker as a
well-locked door is for a burglar.  Most computer networks have an
electronic doorway: the telephone line used by employees to connect
to the office computer from home.  That door is locked with a
pasword.  So, for burglar and hacker alike, the problem is:  How do
you get in?

    The first step is usually the easiest.  According to experts,
finding the telephone number that connects the hacker to a computer
is often a simple matter of who you know.  A company employee is
the most likely source.  Maybe he tells a friend, that tells
someone else, and - somewhere down the chain - the number is passed
along to the hacker.

Ways to get in

    Then, the ahcker has to convince the computer to open the
door.  That means finding the name and password for someone who has
access to the computer system.  Finding the name can be as simple
as calling a company and asking for the name of a key manager ("who
is your vice president of marketing?" for instance).  Passwords are
more difficult to find.  The easy way is through a talkative
employee.  Failing that, things get complicated.

    For instance, the passwords for computers that operate with the
Unix operating system are scrambled into meaningless numbers and
symbols using a mathematical formula.  But, if an electronic
burglar can sneak into the system (some computers allow limited
access to a "guest" or "visitor") the file can sometimes be located
and copied.

    Passwords are often ridiculously simple to guess.  Since people
want passwords that are easy to remember, they often use the first
name often use the first name of a spouse, of a child, digits from
their telephone number, or vehicle license plate.  That makes it
easy for hackers, too.

#O Philadelphia Inquirer
#D July 16 [editorial page]
#A Richard Pence
#T The Dat the Telephone Bug Bit

        Those big phone outages of recent weeks have had me feeling a
bit guilty over what's been happening.

        You see, I remember exactly how all this started.  Back in
1950 I was a novice seahand aboard a cruiser based In Philadelphia,
barely six months out of high school and fresh from the plains of
South Dakota.

        One Friday night in November, we were granted shore leave at
the end of a two week training cruise.  Homesick and seasick,, I
headed immediately for the row of pay phones that lined the dock.

        Depositing a carefully preserved nickel (remember?), I dialed
"O." The following is a roughly verbatim account of what transpired
after the Philadelphia operator answered:

"I'd like to place a station to station collect call to the Bob Pence
residence in Columbia, South Dakota," I said in my best telephone

The Philadelphia operator was sure she had heard wrong. "You mean
Columbia, South Carolina, don't you?"

"No, I mean Columbia, South Dakota." I had tried to call home once
before, and I was ready for that one.

"Certainly. What is the number, please?" I could tell she still
didn't't believe me.

"They don't have a number," I mumbled. I'd tried to call home before,
and I knew what was coming.

She was incredulous. "They don't have a number?"

"I don't think so."

"I can't complete the call without a number. Do you have it?" she

I didn't relish seeming like even more of a bumpkin, but I was in the
Navy and I knew authority when I heard it. "Well ... the only thing I
know is ... two longs and a short."

I think that's the first time she snorted. "Never mind. I'll get the
number for you. One moment please."

There followed an audible click and a long period of silence while she
apparently first determined if, indeed, there was a Columbia, S D.,
and then if it was possible to call there.

When she returned to the line, she was armed with the not-insignificant
knowledge necessary complete her task.

In deliberate succession, she dialed an operator in Cleveland, asked
her to dial one in Chicago, asked Chicago to dial Minneapolis, and
Minneapolis to dial Sioux City, Iowa. Sioux City called Sioux Falls,
S.D., and the operator there dialed one in Aberdeen, S.D. At last,
Aberdeen dialed the operator in Columbia.

By this time, Philadelphia's patience was wearing thin, but when
Columbia answered, she knew what had to be done.

"The number for the Bob Pence residence, please," she said, now in

Columbia didn't even hesitate. "Two longs and a short," she declared.

Philadelphia was set back for an instant but valiantly plowed on. "I
have a collect call from Philadelphia, Pennsylvania, for anyone at
that number. Will you please ring?"

"They're not home," said Columbia, again not missing a beat.

Philadelphia digested this and decided not to press the point.
Instead, she relayed the message I'd already heard. "There is no one
at that number, sir. Would you like to try again in later?"

Columbia quickly interrupted: "Is that you, Dick?"

"Yeah, Margaret ... Where are the folks?"

Philadelphia was baffled, but her instincts told her to look out for
the company. "Sir, madam ... you can't ..."

Margaret ignored her. "They're up at the school house at the
basketball game. Want me to ring?"

I knew I was pushing my luck with Philadelphia, so I said it likely
would be too much trouble to get them out of the game.

"No trouble at all," said Margaret. "It's halftime."

Philadelphia was still in there trying to protect the company. By this
time, though, she was out of words.  "But ... but ... " she stammered.

I caved in to Margaret, mainly because I didn't want to have to start
over later. "All right."

Philadelphia made one last effort. Mustering her most official tone,
she insisted: "But this is a station to station collect call!"

"That's all right, honey," said Columbia, "I'll just put it on Bob's

Philadelphia was still protesting when the phone rang and was answered
at the school house.

"I have a station-to-station collect call for Bob Pence," Philadelphia
said, certain that Ma Bell had somehow been had.

"This is he," replied my father.

"Go ahead," whispered an astonished Philadelphia.

I'm glad couldn't'see her face when I began my end of the conversation
the way all Midwesterners do:

"Hi, Dad, how's the weather?"

"Jeez," said Philadelphia and clicked off.

Now comes the confession. I have it on good authority it was the next
Monday morning that AT&T began to automate phone service And now look
where we are.

[Richard Pence is a Washington, D.C., writer and editor. He wrote this
for the {Washington Post}.]

#O Chicago Sun-Times
#D July 16, 1991
#A Maureen O'Donnell, Staff Writer
#T Test In Two Wards WIll Make Public Calls Easy To Trace

Brison Poindexter says he knows when a motorist using the pay phone
outside his south side 7-Eleven store is up to no good.

"Someone pulls up in a fancy car in the middle of the night and asks
for change for $3 or $4.  You don't ask for that kind of change to call
mom," said the 21-year old manager of the convenience store at 1800
East 87th Street.

Poindexter suspects the callers are using the payphones to conduct
drug deals or other illegal activity.

But as of Monday night (July 15), Illinois Bell is conducting an
unusual experiment aimed at payphone drug-dealing and other called-in
criminal activity in two city wards, including the one where
Poindexter's 7-Eleven is located.

More than 50 payphones in the 8th and 37th wards will no longer accept
coins between 6 PM and 6 AM.

All outgoing calls from those phones must be 'zero-plussed', meaning
the caller must use a calling card, call collect, or bill the call to
a third party, but quarters won't do them any good.  Bell believes is
is the first such experiment in the country.  It will not affect free
calls to 911 (emergency), 411 (inquiries) or 611 (repair bureau).

"The reason they (drug dealers) like payphones is they can put in
their quarter and no one knows who they are," said Illinois Bell
spokesman Geoff Potter.  "That's going to change with this.  If they
call collect, or with their calling card, they're going to leave a
paper trail.  And billing to a third party is also going to be difficult,
since that links another person to that call.  That'll discourage them.

The 90-day trial has the approval of Chicago Police Superintendent
LeRoy Martin and City Aldermen Lorraine L. Dixon (8th ward) and Percy
Giles, (37th ward), who praised the idea from Bell.

"We believe this restriction will help deter criminals from using
public phones to plan drug-dealing and other illegal activities,"
Martin said.

But the American Civil Liberties Union questions how it will affect
poor people who don't have phones.  Illinois Bell requires a $500
deposit from people who do not have phones before it will issue a
calling card.  Poor people cannot afford such a payment, according to
Harvey Grossman, legal director of the Illinois chapter of the ACLU.

"Basically, it will have a discriminatory effect on poor people and
African-Americans, and the drug-dealers will just move to other
telephones," Grossman said.  "We question the appropriateness of that
kind of decision by a public utility."

"For people without phones, they'll have to call collect pretty much,"
Potter said.  "Or, if it is not an emergency, wait until the next day."

The phones involved in the trial are only a portion of the total
Illinois Bell phones in the area.  Independent payphone providers are
not participating in the experiment, Potter said.

Illinois Bell has received no opposition so far.  Business groups,
including the 87th Street/Stony Island Avenue Business Association are
backing the experiment.

The neighborhood around 87th and Stony Island Avenue, called Calumet
Heights, is a thriving business community whose residents include
Police Superintendent Martin, said Sam Neely, owner of Neely Brothers
Shell Service Station, 8700 South Stony Island Avenue, and president
of the local business association.  The payphones outside Neely's
gasoline service station are going to restrict night-time coin calls.

The experiment is intended to head off trouble in a good neighborhood,
Neely said.  "It is preventive.  We don't want things to happen," he

"I think it is a great idea," Poindexter said.  "Anything to cut down
on drugs."

#O APwire
#A Laurie Asseo
#T 'Baby Bells' Get OK to Join Electronic Information Industry

    WASHINGTON (AP) _ A federal judge reluctantly gave the nation's seven
 regional telephone companies permission Thursday to join the electronic
 information industry by providing such services as home shopping and stock
 market quotes.
    U.S. District Judge Harold H. Greene said he believed that letting the
 companies enter the information market ``would allow them quickly to
 dominate that market and to eliminate both competition and the independents
 which would make that competition possible.''
    But the judge said an appellate court decision reversing his 1987
 refusal to grant such permission created a higher standard _ whether the
 judge could be certain that letting the so-called Baby Bells into the
 market would lessen competition.
    ``The answer to that question is in the negative,'' Greene wrote.
    His order delayed the effect of the ruling until it can be appealed by
 the opponents of lifting the ban.
    The Justice Department joined the regional phone companies in asking
 Greene to allow them to use their phone lines to sell such services as
 ``electronic Yellow Pages,'' home shopping, stock quotes, banking and
 classified advertising.
    The seven companies were barred from selling such services as part of
 the 1982 consent decree, which Greene oversaw, that broke up the AT&T phone
    Opponents of letting the Baby Bells into the market said at an April
 court hearing that the regional companies would use unfair practices to
 squeeze out competitors. The opponents include consumer groups, long
 distance carriers such as MCI Telecommunications Corp., and the American
 Newspaper Publishers Association.
    The regional companies and the Justice Department contended that
 letting the seven provide information services would increase competition.
    Greene wrote, however, that he believed ``the most probable
 consequences of such entry by the regional companies into the sensitive
 information services market will be the elimination of competition from
 that market and the concentration of the sources of information of the
 American people in just a few dominant, collaborative conglomerates, with
 the captive local telephone monopolies as their base.
    ``Such a development would be inimical to the objective of a
 competitive market, the purposes of the antitrust laws, and the economic
 well-being of the American people,'' the judge said.
    Greene dismissed as ``preposterous'' the regional companies' contention
 that their input is needed to provide better information services and said
 the claim that the Baby Bells' entry into the market would start a new era
 of sophisticated information services was ``so much hype.''
    But Greene said that because of the 1990 ruling by the U.S. Court of
 Appeals for the District of Columbia Circuit, he was left with no choice
 but to remove the restriction, ``albeit with considerable reluctance.''
    He said the appellate court required him to give special deference to
 the Justice Department's views in the case, and it required him to consider
 economists' present-day forecasts rather than evidence of anti-competitive
 behavior by local telephone companies before the AT&T breakup.
    Greene said he decided not to let his ruling take effect immediately
 because the Court of Appeals may decide he misinterpreted its decision.
    If the regional phone companies were allowed to enter the information
 market while the question is unsettled, they could wind up spending large
 amounts of money on services they could later be barred from providing, the
 judge said.
    Ronald F. Stowe, vice president of Washington operations for Pacific
 Telesis, one of the seven, said, ``This is a major step forward for
 American consumers, American businesses and the American economy.''
    Stowe said he was disappointed that Greene had delayed implementation
 of the ruling and added, ``We are seriously considering asking the court to
 vacate the stay.''
    Stowe said the ruling means PacTel and other operating companies ``can
 more fully meet the information services needs of our customers,'' who, he
 said, have requested such offerings for years.
    Opponents of lifting the ban contended that the Baby Bells would be
 able to evade regulations that bar them from subsidizing non-regulated
 services with money from their normal rate base.
    But the regional companies said there was no sign they had used such
 cross-subsidization in other competitive markets.
    Gene Kimmelman, legislative director of the Consumer Federation of
 America, called the decision ``terrible for consumers.''
    ``This really signals a beginning of a monopoly environment, which is
 going to invite rate increases and inflated local telephone rates and a
 litany of new lawsuits very similar to the antitrust litigation that led to
 the breakup in the first place,'' he added.
    Federal Communications Commission Chairman Alfred Sikes said the FCC
 ``will continue to provide full and effective public interest safeguards''
 if the regional Bells enter the information services business.
    Sikes hailed Greene's decision, saying, ``I believe the nation will
 greatly benefit. ...''
    The AT&T breakup decree also bars the regional operating companies from
 offering long distance service and manufacturing telecommuncations
    The companies are pushing legislation in Congress to lift the
 manufacturing ban. The bill was passed last month by the Senate and is
 being considered by a House subcommittee.
    In a response to a request from Sen. Paul Simon, D-Ill., for his views
 on the bill, Greene wrote a May 29 letter in which he declined to give an

 (here the writing blurs........)

---                           * NIA * GrapeVine                            ---

CCC Update:

On Chaos Computer Club's last Congress 1990, a Dutch group and few other
phreaks reported on some techniques to "travel inexpensively on international
networks" (see my report in January 1991). Against their usually detailed
description of the content of the respective session, CCCs electronic Congress
newspaper describes the reports and discussion only in general terms; no
details regarding frequencies and computer programs (which meanwhile replaced
the "blue boxes" more flexibly) were given.

According to a report in the ("usually well-informed") German weekly magazine
Der SPIEGEL, the Dutch group HAC-TIC now published a detailed report on how to
"use" special methods, dial-tunes (with frequencies and sequences of operation)
and telephone numbers (in Germany: 0130) in diverse areas of the world to
establish toll-free phone connections via specific programs. As the magazine
reports, HAC-TIC aims with its detailed description to counterfeit some people
who sell (e.g. on AMIGA) such tune-dialing programs for up to 1,000 DM (about
520$ currently).


Electronic Frontier Foundation
Tracking The Steve Jackson Case

Our major case, the Steve Jackson Games case, is proceeding as expected.
The next stage in our ongoing effort in that case will be the
government's filing of a response to our complaint. As of the week of
June 21, the government has sought a 30-day extension of the deadline
for its response. Such extensions are routinely granted with the
agreement of the plaintiff, and we have agreed in this case. The
extended deadline will mean that the government's response will be due
the first week of August.


Computer Crime (Information Weekly, July 8, 1991, page 6)

A Computer Systems Protection Act went into effect last week in Georgia. The
Act provides the same punishment for computer thievery as for other types of
theft crimes. The bill calls for prison terms of up to 15 years for
"computer-assisted theft, trespass, invasion of privacy, and forgery." Under
the Act, stealing someone's computer password in Georgia can get you a $5,000
fine or one year behind bars.


Excerpts from an article headlined PHONE OUTAGES SHOW HAZARDS OF NEW TECHNOLOGY
by Jonathan Weber in the 28 June 1991 `Los Angeles Times':

"The massive telephone failures in the Los Angeles and Washington areas earlier
this week stemmed from glitches in ... a specialized computer network that
shuttles information about calls between telephone company switching
offices.... The inherent complexity of an increasingly software-based phone
system ... raises the prospect that the public telephone service may be
inherently less reliable in the future than it has been in the past.  Pacific
Bell said Thursday that it had suspended further deployment of ...  Signaling
System 7 until the exact cause of the problem could be identified.  It appeared
... that the [LA and Washington] problems ... were not identical, but both
[were] attributed to breakdowns [in the] SS-7 equipment supplied by DSC
Communications of Dallas."

  [Explanations of expected benefits from the SS-7, including improved
  efficiency, capacity, speed, security, and new service possibilities such as
  "the controversial Caller ID."]

"The flip side of all this ... is that if the SS-7 system malfunctions, it
begins sending incorrect information all over the network.  Ross Ireland,
general manager for network services at Pacific Bell, said Wednsday's incident
was caused by a signaling system unit in downtown Los Angeles that inexplicably
began sending out a flurry of wrong information about problems in the network,
and ultimately shut itself down.  Then there was a cascade effect, in which the
other signaling system units began acting on the incorrect information.
Finally, when people tried to make calls and couldn't, they kept trying, which
created an abnormally high level of calling traffic and thus further
exacerbated the problem.

"Because a phone network is so tightly integrated -- akin to one big computer
-- it's very hard to locate and fix problems...."

[See also `Los Angeles Times,' John Kendall and Paul Lieberman, 27 June 1991:
"By coincidence, service also was disrupted to 6.7 million telephone customers
Wednesday in the District of Columbia, Maryland, Virginia, and parts of West
Virginia.... [T]he trouble began in Baltimore during a routine modification of
equipment procedure." [sic]]

    [Officials at Chesapeake and Potomac said the problems were probably
    unrelated. Asked if hackers could have caused the problems, Ellen
    Fitzgerald, a spokeswoman for Chesapeake and Potomac, said she she had been
    assured that the system could not be penetrated.  [!!!] But, she added, ``a
    few days ago I would have told you that what happened yesterday wouldn't

    Terry Adams, a spokesman at the DSC Communications Corp., which made both
    systems, said company officials also discounted any connection between the
    failures.  {From the NY Times article, 28 Jun 91.  PGN}]


According to an AP story carried in the 18 June '91 `New York Times',
Mitsubishi is suing AT&T over a pbx system that was broken into by hackers who
made thousands of illegal calls worldwide.

Mitsubishi contends that AT&T's System 85 Private Branch Exchange is not secure
and that AT&T failed to warn Mitsubishi of the potential for unauthorized use.
Mitsubishi seeks $10 million in punitive damages and a dismissal of $430,000
billed for 30,000 phone calls which Mitsubishi attributes to unauthorized

The pbx system, installed in 1988 and disconnected last year, permitted
Mitsubishi employees to make calls on the company lines no matter where they
were by using a 6-digit personal password.  According to Mitsubishi, AT&T
failed to diagnose the problem, and it was New York Telephone which finally
told Mitsubishi of the possibility of system crackers.

Andrew Myers of AT&T declined to comment on the suit but said that under
federal communications law, "customers are clearly responsible for both
authorized and unauthorized service."


The old sell-illegal-calls-at-a-discount scam has reemerged in Elmhurst,
Queens, NY.  High-tech mobile phone booths (cars) are very popular there, and
draw crowds of people standing in lines to make their calls, often to Colombia
or Peru.  Each car has a doctored cellular phone chip containing an ID
illegally set to some poor sap's valid ID.  "The swindle has become so popular
that legal cellular phone users in the area can rarely get access to an
available phone line."  Law-enforcement officials say that many of the calls
are made to high-level drug dealers in Colombia.  Many of the numbers dialed
from Elmhurst match up with Colombian phone numbers that investigators have on
file with the Federal Drug Enforcement Administration.

Metro One in Paramus, N.J., one of the two cellular carriers for New York City,
estimated that it has lost more than $1 million a month from illegal calls
transmitted from Elmhurst.  Nationwide, such fraudulent calls cost the cellular
phone industry about $700 million in 1990, according to Donald Delaney, an
investigator for the NY state police. Industry officials put the figure much
lower, at $100 million.  [Source: Cars Using Rigged Cellular Phones Sell
Illegal Overseas Calls, By Donatella Lorch, N.Y. Times News Service, 28 Jun 91]


   In San Diego, the former General Dynamics Corp. computer programmer, Michael
John Lauffenburger, was arrested for allegedly planting a ``logic bomb,'' a
type of virus that would have destroyed vital rocket project data.
Lauffenburger's goal, according to a federal indictment, was to get rehired as
a high-priced consultant to fix the damage he created. He quit May 29.
   A fellow General Dynamics worker defused the plot by accidentally stumbling
onto the logic bomb. Lauffenburger was charged with computer tampering and
attempted computer fraud.  If convicted, he faces up to 10 years in prison and
a $500,000 fine. He pleaded innocent and was released on $10,000 bail.

[Source: Article by Laura Myers, AP Business Writer, 26 June 91]


In a 6/28 press release, US West announced they intend to make line-blocking
available on a "normal" basis, for the first time, in Iowa, where it's part of
a modified proposal to the Iowa PUC.

The company indicated this apparent switch in policy was in response to interest

expressed by some users in the Omaha and Boise trials.

There's a price, though. In the Iowa proposal, $3.50/mo. for res. and $4.00 for

In a related item, US West's Terri Ford, in 6/26 rebuttal testimony with the
Idaho PUC, also indicated USWC intended to offer line-blocking before the
completion date of the Boise market trial. Although no dates or prices were
mentioned in Ford's filed testimony, she did state that the feature offering
would be accompanied by a waived non-recurring charge.



Just a quick note to say Goodbye to many friends and compatriots.
I will be off the net for about a year I suppose. Many of you deserve
more than just "Thanks" and some of you deserve utter contempt.

Watch yourselves. It can happen to anyone.

Len [Rose]

                                                         :  _
                                                         \ /
         STILL GOING! NOTHING OUTLASTS THE                UU __
         ENERGIZER! THEY KEEP GOING AND GOING...          ==/  \
                                                         /\__o :
      boomp boomp boomp boomp boomp boomp boomp boomp    /_ \_

[Editors Note: How'd that get in here?]


The U.S.  National Commission on Libraries and Information Science is a
permanent, independent agency of the federal government charged with
advising both Congress and the President on matters relating to national
library and information policies and plans.

The commission has approved unanimously a major federal policy document,
``Principles of Public Information,'' and urged its use by all branches of
the federal government as well as state and local government, and the
private sector in the development of information policies.  The document
was adopted by the commission at its June 29, 1990 meeting.

The full text of the ``Principles of Public Information'' follows:


 From the birth of our nation, open and uninhibited access to public
 information has ensured good government and a free society.  Public
 information helps to educate our people, stimulate our progress and solve
 our most complex economic, scientific and social problems.  With the
 coming of the Information Age and its many new technologies, however,
 public information has expanded so quickly that basic principles regarding
 its creation, use and dissemination are in danger of being neglected and
 even forgotten.

 The National Commission on LIbraries and Information Science, therefore,
 reaffirms that the information policies of the U.S.  government are based
 on the freedoms guaranteed by the constitution, and on the recognition of
 public information as a national resource to be developed and preserved in
 the public interest.  We define ``public information'' as information
 created, compiled, and/or maintained by the Federal Government.  We assert
 that public information is information owned by the people, held in trust
 by their government, and should be available to the people except where
 restricted by law.  It is this spirit of public ownership and public trust
 that we offer the following Principles of Public Information.

1. The public has the right of access to public information.

 Government agencies should guarantee open, timely and uninhibited access
 to public information except where restricted by law.  People should be
 able to access public information, regardless of format, without any
 special training or expertise.

2. The Federal Government should guarantee the integrity and preservation
   of public information, regardless of its format.

 By maintaining public information in the face of changing times and
 technologies, government agencies assure the government's accountability
 and the accessibility of the government's business to the public.

3. The Federal Government should guarantee the dissemination,
   reproduction, and redistribution of public information.

 Any restriction of dissemination or any other function dealing with public
 information must be strictly defined by law.

4. The federal government should safeguard the privacy of persons who use
   or request information, as well as persons about whom information exists
   in government records.

5. The Federal Government should ensure a wide diversity of sources of
   access, private as well as governmental, to public information.

 Although sources of access may change over time and because of advances in
 technology, government agencies have an obligation to public to encourage

6. The Federal Government should not allow cost to obstruct the people's
   access to public information.

 Costs incurred by creating, collecting, and processing information for the
 government's own purposes should not be passed on to people who wish to
 utilize public information.

7. The Federal Government should ensure that information about government
  information is easily available and in a single index accessible in a
   variety of formats.

 The government index of public information should be in addition to
 inventories of information kept within individual government agencies.

8. The Federal Government should guarantee the public's access to public
   information, regardless of where they live and work, through national
   networks like the Depository Library Program.

 Government agencies should periodically review such programs as well as
 the emerging technology to ensure that access to public information
 remains inexpensive and convenient to the public.


 The National Commission on Libraries and Information Science offers these
 Principles of Public Information as a foundation for the decisions made
 throughout the Federal Government and the nation regarding issues of
 public information.  We urge all branches of the Federal Government, state
 and local governments and the private sector to utilize these principles
 in the development of information policies and in the creation, use,
 dissemination and preservation of public information.  We believe that in
 so acting, they will serve the best interests of the nation and the people
 in the Information Age.


[Note: H. Keith Henson is the same guy who circulated that letter to AT&T and
       started the call for a general boycott against them.]

The long running Alcor/email case against the County and City of Riverside, CA
was settled out of court in April of this year.  The announcement was delayed
until all parties had signed off, and the check had cleared the bank :-).

The Alcor Life Extension Foundation (a non-profit cryonics organization
--alcor@cup.portal.com) ran a BBS for members and prospective members from
early 1987 through January 12, 1988.  On that day, the BBS computer was removed
under a warrant to take the computer (but no mention of any contained email) in
connection with the investigation into the death of 83-year-old Dora Kent.
(Mrs. Kent was placed into cryonic suspension by Alcor in December of 1987.
During and following the investigation, Alcor staff members were publicly
accused by county officials of murder, theft, and building code violations.  No
charges were ever filed and the investigation was officially closed three years

In December of 1988 Keith Henson filed a civil suit to force an investigation
of the apparent violations of the Electronic Communication Privacy Act by the
FBI, but the case was dismissed by the now convicted Judge Aguilar.

In early 1990, just before the statute of limitations ran out, Henson and
14 others (of the roughly 50 people who had email on the system) filed a
civil action against a number of officials and the County and City of
Riverside, CA under Section 2707 of the Electronic Communication Privacy
Act which forbids inspecting or denying access to email without a warrant.

Some time after the case was filed, the Electronic Frontier Foundation came
into existence in response to law enforcement abuses involving a wide spectrum
of the online community.  EFF considered this case an important one, and helped
the plaintiffs in the case by locating pro bono legal help.  While the case was
being transferred, the County and City offered a settlement which was close to
the maximum damages which could have been obtained at trial.  Although no
precedent was set because the case did not go to trial, considerable legal
research has been done, and one judgment issued in response to the Defendants'
Motion to Dismiss.  The legal filings and the responses they generated from the
law firm representing the County/City and officials are available by email from
mnemonic@eff.org or (with delay) from hkhenson@cup.portal.com.  (They are also
posted on Portal.)

The Plaintiffs were represented by Christopher Ashworth of Garfield, Tepper,
Ashworth and Epstein in Los Angeles (408-277-1981).  The only significant item
in the settlement agreement was the $30k payment to the plaintiffs.


Title: TRW Accused of Exploiting Consumers

Six states have sued TRW Inc., charging that its credit bureau division
secretly grades consumers on their bill-paying ability -- sometimes with
inaccurate information -- and sells confidential mail to junk mailers.  The NY
State suit also charges TRW with providing inaccurate information about
consumers to banks and other credit grantors, which often results in denied
credit.  Texas, Alabama, Idaho, Michigan, and California have filed another
suit in State District Court in Dallas TX.  (Reuters report in the San
Francisco Chronicle, 10Jul91, p.C1)


Subject: Houston City Hall voice-mail prank

Houston acquired an AT&T telephone system in 1986 for $28M, but configured it
with no passwords required for accessing voice mail.  Thus, it should not
surprise any of you to hear that recently a "prankster intercepted and rerouted
confidential telephone messages from voice-mail machines in City Hall,
prompting officials to pull the plug on the telephone system."  Messages were
being delivered to nonintended recipients.  [Source: San Francisco Chronicle,
20Jul91, p.A5]

   [Also noted by Steve Bellovin]

Subject: The voice-mail shuffle at City Hall

... A few stations even played quick snippets from one message, which appeared
to be a kind of verbal "love letter" left for someone.  Needless to say, the
intended recipient was not the actual recipient.  The perpetrator evidently
would somehow try to simlulate a message break tone before each misdirected
message by whistling a tone on the recording.

While some of the redirected messages were, in some people's opinion, harmless,
others were matters of City and State affairs, and the ramifications of these
messages not being received were more than trivial.  Needless to say, the
service was down the next day for "upgrade modification".

As one newscast put it at the end of their story, "when you leave a message at
City Hall, don't leave one you wouldn't want repeated in public."


Title:   "How Did They Get My Name?"

[From NEWSWEEK, 6/3/91, p.40]:

Consumers are growing more uneasy about threats to privacy -- and are fighting

"We don't have to worry about Big Brother anymore," says Evan Hendricks,
publisher of Privacy Times.  "We have to worry about little brother."  Until
recently, most privacy fears focused on the direct-mail indistry; now people
are finding plenty of other snoops.

Suddenly privacy is a very public issue.  Privacy scare stories are becoming
a staple of local TV news.  Now Congress is scrambling to bring some order to
the hodepodge of privacy and technology laws, and the U.S. Office of
Consumer Affairs has targeted privacy as one of its prime concerns.  Advocacy
groups like the Consumer Federation of America and the American Civil Liberties
cy as one the hot-button issues for the '90s.

Concern is on the rise because consumers are finding that their lives are an
open book.

Privacy activists warn that the bigger threat comes from business.  Citicorp
and other data merchants are even pilot testing systems in supermarkets that
will record your every purchase.  "Everything we do, every transaction we
engage in goes into somebody's computer," says Mary Culnan, a Georgetown
University associate professor of business administration.

How much others know about you can be unsettling.

In the '80s, the controls were melting away, says Hendricks.

"Reagan came in and said, 'We're going to get government regulators off
the backs of business.'  That sent signals to the private sector that 'you
can use people's personal information any way you want.'"

Consumers are beginning to fight back.  The watershed event was a fight
over Lotus MarketPlace: Households.  New York Telephone got nearly
800,000 "opt out" requests when it wanted to peddle its customer list;
the plan was shelved.

With the MarketPlace revolt, a growing right-to-privacy underground
surfaced for the first time.  Privacy has become one of the most
passionately argued issues on computer networks like the massive
Internet and the WELL (an on-line service that has become a favorite
electronic hangout for privacy advocates and techie journalists).

Some privacy activists look hopefully across the Atlantic.  The
European Community is pushing tough new data rules to take effect after
1992.  The Privacy Directive relies on consumer consent; companies would
have to notify consumers each time they intend to pass along personal
information.  The direct-marketing industry claims the regulations would
be prohibitively expensive.

U.S. firms might find another incentive to change. Companies don't want
to alienate privacy-minded customers.  Then consumers might get some of
their privacy back--not necessarily beacuse it's the law, or even because
it's right, but because it's good business.

"Would New Laws Fix the Privacy Mess?" (also from Newsweek in sidebar)

Since the mid-1960s, Congress has enacted no fewer than 10
privacy laws.  And yet a national right to privacy is far from firmly
established.  "It's easy to preach about the glories of privacy," says
Jim Warren, who organized a recent "Computers, Freedom & Privacy"
conference.  "But it's hard to implement policies without messing things

That hasn't stopped people from trying.  James Rule, a State University
of New York sociology professor, says that new legislation is warranted
"on the grounds that enough is enough.  Privacy infringement produces a
world that almost nobody likes the look of."

Last week a Senate task force recommended extending privacy laws to cover
cordless phones.  One bill would create a federal "data-protection
board" to oversee business and governmental use of electronic
information.  Another would apply the Freedom of Information Act to
electronic files as well as paper.

In this technological age, how much privacy Americans enjoy will depend
partly on how high a price they are willing to pay to keep it.


AT&T's announcement from the company's internal News Briefs describing
their victory in Harold Greene's courtroom:

    [All items are today's date unless otherwise noted]

    Friday, July 26, 1991

    FREEDOM -- Phone lines were cleared Thursday for the seven
    regional phone companies to provide electronic information such as
    stock quotes and sports scores. ... USA Today, 1A.  [Judge Harold]
    Greene simultaneously stayed his order, however, to permit all
    appeals to be heard, which raised the possibility its effect could
    be delayed for months.  His decision is expected to draw fierce
    opposition.  ... Washington Post, A1.  ... Today's ruling did not
    change the restrictions that bar the Bell companies from entering
    the long-distance telephone industry or manufacturing telephone
    equipment, but the appeals court ruling that prompted today's
    decision also recommended that Judge Greene apply more flexible
    legal standards in considering these restrictions. ... Herb
    Linnen, AT&T spokesman, said the company had never objected to the
    Bell companies' entry into the information services market,
    provided that they remained excluded from the equipment
    manufacturing and long-distance industries. ...  New York Times,
    B1.  ... [The] ruling also moves the regional phone companies a
    step closer to being able to compete for cable television
    customers. ... New York Newsday, p. 5.  ... The 71-page opinion
    noted that an appeals court decision last spring left no other
    choice.  ... Wall Street Journal, B1.  Also all major newspapers.
    Regardless of the legal maneuvering involving the regional
    telephone companies, AT&T plans to offer what it calls a Smart
    Phone, a telephone-and-video-screen device, as soon as next
    summer, Ray Zardetto, a company spokesman, said yesterday. ...
    "You can call up stock reports, for instance," Zardetto said about
    one use for the Smart Phone.  "Whatever part of the stock report
    you want will run across the screen.  Or you can preprogram your
    pizza order from your favorite pizza parlor, push a button and it
    goes across the network to his Smart Phone and it'll be
    delivered."   New York Newsday, p. 35.



  It says, in part:

  The 18th Annual Computer Security Conference and National Exhibition--
  the largest ever--will be held in Miami at the Fontainebleau Hilton Hotel
  on NOvember 11-14, 1991. With over 110 speakers, the Security Event of the
  Year, sponsored by the Computer Security Institute, will address the full
  range of issues facing computer security practitioners in business and


  Conference highlights include:

  *Tom Peltier on "Information Security Approaches the Second Millenium."

  *Scott Charney from the US Department of Justice with a practical look on
  what the Department of Justice is doing to prosecute computer crime.

  *Harry DeMaio from Deloitte & Touche, who will address the topic "Effective
  Information Protection in a Complex Environment."

  *Cameron Carey of Computer Security Placement Specialists, on the job
  market outlook for computer security professionals.

  *Dr. Lance Hoffman of George Washington University will address the topic
  "Computer Security: We're Not Just Talking To Ourselves Anymore!"

  Also, two of the industry's leading lights--Bill Murray of Deloitte &
  Touce and Donn Parker of SRI International--will debate some of the key
  issues in computer security.

  Over a thousand computer security professionals are expected to attend
  this premiere event, which also features the largest compiuter security
  products trade show in the United States.

  Contact is Philip Chapnick, (415)905-2267.

  Computer Security Institute: (415)905-2200 voice, 905-2234 fax

[End of CyberTimes (Vox Populi) NIA072 01JAN91-01AUG91 Edition]


    Greetings. Well, this completes issue number 72. Expect to see issue 73
in about 2 months or so. We do not have enough material to complete it yet,
so if you would like to contribute, please contact us at nia@nuchat.sccsi.com
or by getting ahold of one of our staff and/or contributors.

    If you would like to write to Len Rose, he can be reached at:
         Len Rose
         Federal Prison Camp
         Seymour Johnson AFB
         Caller Box 8004
         Goldsboro, NC 27531-5000
We're sure Len could use the mail. He can be reached there for oh, say, the
next ten months or so. Our sympathies go to him and his family.

    Concerning the news, Cybertimes, we are always looking for submissions. If
you see an article in your local paper, please type it up and send it in.

    We are also accepting donations of used and/or obsolete computer equipment.
We are willing to cover the cost of postage to ship it to Texas. As soon as we
can get the Kludge operating, we will set up an NIA home system where all the
issues will be online for downloading as well as reading.

    With regards to the Hacker Manifeso file, Erik Bloodaxe is no longer in
the underground community. This is an old file that was dug up from the days
when he was still hacking. Best of luck to you and your associates in your new
endeavour, Erik.

    Attention Internet Subscribers: Plese tell us when you are moving or
losing your account so that we may keep the maillist current. Back issues
may be found at the CuD Archive Server [ftp.sc.widener.edu /pub/cud/nia] and
the EFF Server [ftp.eff.org /cud/nia].

    We will soon have an AE line (no shit!) running HST for those of you
without InterNet access.

    Until next time...
                                              JD & LMcD

"The New York Times is read by people who run the country.
 The Washington Post is read by people who think they run the country.
 The National Enquirer is read by people who think that Elvis is alive and
 running the country..."
                                  - Robert J. Woodhead

[End of issue NIA072]