**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 2, Issue #2.03 (Sepember 14, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet) ARCHIVISTS: Bob Krause / Alex Smith USENET readers can currently receive CuD as alt.society.cu-digest. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. It is assumed that non-personal mail to the moderators may be reprinted, unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Date: Tue, 11 Sep 90 01:34:49 -0400 From: len@NETSYS.NETSYS.COM Subject: Len Rose's experience with the Secret Service ******************************************************************** *** CuD #2.03: File 2 of 4: Len Rose's Experience with the S.S. *** ******************************************************************** [Jim Thomas suggested I write something for the digest and I have been casting around for ideas.. All I really can think about nowadays is my own situation. I have become quite a bore to my friends I am sure.] Please excuse any vestiges of self-pity you may detect. The Day It Happened: I left my home around eleven am to drive down to Washington DC to meet with a potential client. After several hours with them , I started the drive back through the rush hour traffic. It was just a few minutes after five pm that I pulled into my driveway in Middletown Md. I remember getting out of the car and noticing that someone was in the back yard. He was wearing a blue wind breaker and was neatly dressed. We had been trying to sell a Jeep , and I assumed he was interested in buying the car. "What can I do for you" I asked.. I remember being slightly pissed that this person had just been hanging around the back of my home. He flipped his jacket aside and I saw a badge on his belt and a gun in a shoulder holster. "Please go into the house" he replied. I was pretty shaken and asked "What have I done wrong?" .. without answering the question, he took my arm and sort of marched me into the front door of my home. Upon entering, two agents pulled me up from the foyer, and put me against the wall while searching me. Then I remember being shown the front of a search warrant and then taken into my master bedroom. The door was shut and I didn't leave the room for more than five hours. They introduced themselves, and I asked them what this was about. Foley replied "We will ask the questions" .. "Do you know any of these hackers?" I was asked about 10 or 15 names, and out of them I said I recognized one or two from seeing articles here and there but hadn't had any contact with them. I remember Foley getting angry. "You had better cooperate, let's try again". I reiterated that I knew none of them. He said "You are not telling us the truth" ... I told him I had little contact with hackers and had been away from that scene for quite some time. He then scoffed and said "You have a hacker handle don't you... What is It?" I paused, and then replied "Terminus, but I haven't used it or gone by that in a very long time" He said "Right, like last month..." I thought about that and then I started to feel sick inside.. I knew that I had sent Craig Neidorf a copy of login.c which had been modified to perform certain functions that basically made it a trojan horse. I used that handle since I didn't want the world to know that Len Rose was sending someone proprietary source code through mail.. He shoved a photocopy of a printout under my nose and asked me if I recognized it.. I looked at it and said, "Yes.. " .. He asked me If I had made the modifications and placed certain comments within the source. "Yes" again. "But I never used it" I blurted out. "We are only interested in the 911 software and Rich Andrews" they said. [I never had anything to do with 911 software and after an extensive search of my systems that night by a certain AT&T employee they seemed to agree.] "Did Rich Andrews send you a copy of the 911 software?" Foley asked me. I told them no, no one had sent me anything of the sort. I told them that Rich had found some portion of 911 software on his system and sent it to Charley Boykin at killer to see if it was serious. Rich had told me before, and I sort of approved of the idea. I remember Rich saying that he'd had no response whatsoever.. [I wish he had told me the truth, but that is for him to explain why] "We want dirt on Rich Andrews.." Special Agent Timothy Foley said. "We feel he has been less then cooperative.." and "Do you know he is a convicted felon" I replied "Yes" but he is a good friend and I know he hasn't done anything wrong. He is not involved with hackers. Foley asked me about any dealings I had with Rich. I realized then that lying wouldn't do me any good, so I told them everything I could remember. What I had to say must not have been good enough, as Foley kept saying I wasn't going to get anywhere unless I told them all the truth. It took me a long time to convince them that was all I knew. During the interrogation, my legal problems in Virginia were brought up, and I mentioned that I might be acquitted. Jack Lewis said "If you get off in Virginia, I'll make sure we burn you for this" .. I felt then that I was completely shut off from reality. Foley then asked me to tell them anything illegal I had done. Jack Lewis said "It would be better if you tell us now, because if we discover anything else later it will be very serious". By this time, I was scared and I remember telling them that I had copies of AT&T System V v3.1, System V v3.2 and various other pieces of software which had been given to me by certain employees of AT&T (without the benefit of a license agreement). "Where is it" they asked.. I told them that I had a couple 9 track tapes with prominent labels on a tape rack. I remember asking several times to see my wife, and to go to the bathroom. Each time I was told I couldn't. If I hadn't been so scared I would have asked for an attorney, but my mind had shutdown completely. About 6 hours later I was finally led out of my bedroom and told to sit at the kitchen table and not to move. Foley and Lewis sat with me and put a sheet of paper in front of me and told me to write a statement. "What do you want me to write about" I asked. Foley said "Everything you told us about Rich Andrews and also everything about the Trojan horse login program." "Make sure you mention the System V source code".. So, as they were finishing loading up the moving truck, I sat there and wrote about two pages of information. It was about midnight, when they left, but not before handing me a subpoena to appear before the Grand Jury. They told me to tell Rich Andrews my main Unix system had crashed, and not to let him know that the SS had been there. I felt pretty bad about this because I kept thinking they were going to get him. He must have called siz or seven times the day after the "raid". I couldn't tell him anything, since I assumed my line was tapped. I remember going outside as they were starting to leave and looking into the back of the moving truck. The way some of the equipment was packed, I knew it wouldn't survive the trip into Baltimore. I asked for permission to re-pack several items (CPUs,Hard Disks, and a 9 track drive) and received it. As I watched my belongings pull away , I remember feeling so helpless, and confused. It was only then did it sink in that every material possession that really mattered to me (other than my home), was gone. All I had to show for it was a sketchy 20 page inventory.. Later, my wife told me what had gone on until I came home. The SS arrived around 3 pm, and had knocked on the door. She opened the door, and 5 or 6 agents pushed her back into the foyer. They took her by the arms and moved her over to a sofa in the living room. They had a female agent with them, and this person was detailed to stay with her. She was not allowed to make phone calls, or answer them (until much later in the evening.) My children were also placed there. My son, who was 4 at the time refused to submit to their authority (guns didn't scare him) would get up often and follow agents around. From what my wife recalls, they were amused at first , then later became less enthusiastic about that. She wasn't allowed to feed the kids until after I had been released from the interrogation session. She remembers getting up several times, to go to the bathroom or to retrieve diapers,etc. and being told to get back onto the sofa. The female agent even followed her into the bathroom. The massive search of every nook and cranny of our home encompassed much more than computer equipment. To this day, I feel there is a direct link between my previous legal problem in Virginia, and the extent of the search that day. In fact, the SS had obtained items seized from me by Virginia and had them in their posession before the raid ever took place. I remember going down to the SS office a couple days later to voluntarily answer the subpoena. I set up my equipment for them. Although they had labled most cables and connectors, there was some confusion. I remember showing them how to use my systems, and in particular how to do a recursive directory listing of every file contained within. After a while, once they made sure they had backups , I was allowed to type a few commands at a terminal in order to retrieve an ascii text file (a resume). Later, while being escorted back out to the front of their offices, I saw a large room filled with stacks of boxes and equipment cases which had constituted the entire sum of my office and all equipment,software,and documentation. I was feeling pretty numb, and remember asking the agents there to please take care of everything, since I hoped to get it back. In reflection, it seems pretty pitiful. It was this day that they told me I would be prosecuted, and I remember driving back from Baltimore feeling betrayed. Even though I had completely cooperated with them, and had been told I would not be prosecuted. When I got home, I was crying .. I couldn't handle this anymore. My sister was there and I remember she gave me three vallium.. I calmed down and in fact got pretty high from it. [The following is something the SS allege I did] Allegedly from a phone booth that night I called Rich Andrews and warned him to get rid of any source code or software he shouldn't have.. At this time I was also alleged to have told Rich that I was leaving the country, and would go to Korea with my wife and kids. [If I did do this, I never said anything about leaving] .. They apparently had either tapped his line, or he told them about my call. [I would have been stupid to say this, since Korea has extradition treaties with the US] My Arrest: Several days later, I received a sudden call from Special Agent John Lewis and he told me to come down and pick up my fax machine. (I had been pestering them about it so I could fax my resume out to headhunters so I could find a job).. [ Ironically, I had been hired a week before by Global Computer Systems, in New Jersey to work as a contractor at AT&T's 3B2 Hotline in South Plainfield New Jersey .. I knew that after this AT&T wouldn't have anything to do with me and in fact was informed so the night of the raid ] Upon entering the SS office (Feb. 6) around 5 pm, I waited outside in the waiting room.. I had been doing some house painting and wasn't dressed very well. Jack Lewis came out and brought me back to one of their offices He held out his hand (as if to shake it) and instead put hand cuffs on my hand. He then locked the other to an eyebolt on the desk. He sat down across from me and told me to empty my pockets.. I complied, and then he started writing an inventory of my posessions. Jack Lewis looked up from his writing and said "You fucked us,Len!" "What do you mean?" I said. "You called Rich Andrews, and warned him to get rid of anything he shouldn't have,you fucked us!" .. I didn't reply. He then told me to pull my shoestrings out of my sneakers, and I did.. He called another agent in to witness the contents of his inventory,sealed the envelope and then told me I was going to jail.. About 15 minutes later he released the handcuffs from the desk, and put my arms behind my back and handcuffed them. I was led into the hallway, while he finished some last minute details.. He was nice enough to let me make a phone call, when I asked him..I promptly called a friend in Philadelphia. I knew he would know what to do.. Because my wife didn't speak English well, and would also have been hysterical I couldn't count on her to be much help. They drove me over to the Baltimore City Jail,told the bored looking turnkey at the desk to hold me for the night. I was pretty hungry but I had missed the evening meal , and despite repeated pleas to make my "phone call" the jailers ignored me. The people in the cells next to mine were an interesting lot. One was in for killing someone, and the other was in for a crack bust.. Someone in the cell block was drugged out, and kept screaming most of the night.. I didn't sleep much that night, and the with the cold steel slab they call a bed it wouldn't have been possible anyway. Sometime around 9 am a jailer appeared and let me out. I was then turned back over to the SS and they drove me back to the Federal Building... They put me in another holding cell and I was there for about 2 hours. A Federal Marshal came and took me to a court room, where I was charged with a criminal complaint of transporting stolen property over interstate lines with a value of $5000 or more. The conditions for my release were fairly simple.. Sign a signature bond placing my home as collateral, and surrender my passport. Fortunately my wife had come down earlier and Agent Lewis had told her to get my passport or I wouldn't be released .. She drove the 120 mile round trip and found it.. She returned, I was brought down to the courtroom and the magistrate released me. We retained an attorney that day, and several weeks later they agreed to drop all charges. I am told this was to give both sides some time to work out a deal. Against the better judgement of my (then) attorney I offered to meet with the Assistant U.S. attorney if they would bring someone down from Bell Labs. My thinking was that surely a Unix hacker would understand the ramifications of my changes to the login.c source and corroborate my explanations for the public domain password scanner. They also wanted me to explain other "sinister" activities , such as why I had an alias for the Phrack editors, and I knew a Unix person from the labs would know what I meant when I said it made it easier for people to get to .BITNET sites. I was a complete fool,and the person from Bell Labs got me in even worse trouble when he told them I had other "trojan" software on the systems. He was referring to a public domain implementation of su.c which David Ihnat (chinet) had written to allow people to share su access without actually knowing the root password. "But it is public domain software," I cried. The Bell Labs person turned and told David King (Asst. US Attorney) that I was lying. He went on to say that there was a considerable amount of R&D source code on my machines. Things that no one should possess outside of AT&T, like Korn shell and AwkCC. My attorney (Mr. Carlos Recio of Deso, and Greenberg - Washington DC) was furious with me. All he could say was that "I told you so.." and I realized I had been stupid. I had hoped if I could explain the situation to the govt. and have someone from AT&T verify what I said was true, then they would realize I was just a typical Unix freak, who hadn't been involved in anything more sinister than possibly having things I shouldn't have. After a few months the best deal Mr. King offered was for me to plead guilty to 2 felony counts (Computer Fraud) and I would receive a sentence of 17 months in prison. I refused to take the deal, [ Perhaps I may live to regret that decision when my trial begins in 91.. ] In May I was formally charged with 5 felony counts.. The rest is history.. Present Day: In better times I never lacked for work, and lived in a world where I spent more on phone bills per month (uucp traffic), than I have earned in the last four months. I am sitting here (rather lying, since I cannot get up) by the laptop computer (on loan to me from a friend) . Lately, I have grown to feel that without this little laptop and it's modem linking me to the network I would have been driven mad a long time ago.Reading Usenet news has been my only solace lately. During the day I spend hours calling around to all the head hunters asking for work.Since I still have a fax machine, I am able to fax my resume around. So far, I haven't had much luck in finding anything at all. Since all this happened , it seems that I have been blacklisted. A few companies expressed interest, but later called back and asked me if I was the "LoD hacker" and I told them yes.. They weren't interested anymore (I cannot blame them). I guess the Unix Today articles have cost me more than any of the others.. I lost a great contract ($500 a day) with a major bank in Manhattan when they saw the first article.. In various articles from various newspapers, I have been called the "Mastermind of the Legion of Doom" and other bizarre things. The lies told by the US Attorney in Baltimore in their press release were printed verbatim by many papers.. The usual propaganda about the Legion's activities in credit card fraud, breakins and the threat to the 911 system were all discussed in that press release and cast a bad light on me. I have had the good fortune to have a friend in Philadelphia who has loaned me office space in his firm's building. Such an arrangement lends an air of credibility to Netsys Inc. Too bad I have no clients or contracts. Since I broke my leg pretty badly (The doctor says I will be in a cast for six months and maybe some surgery) ,I haven't been able to visit the "office" but I have an answering machine there and I check my calls daily. We (my wife and two children) moved to the Philadelphia suburbs in order to put as much distance as possible from the SS Agent John "Jack" Lewis who is based in Baltimore. I realize that the SS have offices in every city, and agents to spare but it made me feel better knowing that he is in Baltimore and I am here. Anyway, at this point I am trying to find a few system admin jobs, and would take any salary they offered me. I am scared about the next few months since I cannot even get a job as a laborer or a 7-11 clerk since my leg is screwed.. My wife (who has a liberal arts degree) is looking for a job in this area.. We hope she can get a job working minimum wage in some department store or as a waitress. We have enough money to last another month I guess. Then I am not sure what we will do, since we haven't any relatives who will take us in. I have never been un-employed since leaving high school, and It's a pretty bad feeling. One day , If I survive this, I will never forget what has happened. I can't help feeling that there is a thin veneer of freedom and democracy in this country, and agencies like the Secret Service are really far more powerful than anyone had realized. I know that my friends within AT&T (E. Krell for one) feel I have "stolen" from their company. I can only laugh at this attitude since I have probably done more for AT&T than he has. Those of you who knew me before can attest to this. While it was "wrong" to possess source code without a license,I never tried to make money from it. I wrote a Trojan Horse program, which in all honesty was done to help defend my own systems from attack (it is currently installed as /bin/login on my equipment). Any allegations that I installed it on other systems are completely false. [ in fact, most of the source code was given to me by AT&T employees ] As far as the public domain password scanner program, well.. I realize that most of you know this, but items far more powerful can be obtained from any site that archives comp.sources.unix,and comp.sources.misc .. I used it as a legitimate security tool when doing security audits on my own systems and clients. It wasn't very good really, and considering it was obsolete (System V 3.2 /etc/shadow) anyway, it's usefulness was limited. Since the SS will be reading this article with interest, I want to point out that I will fight you to the end. Someday I hope you will realize you made an honest mistake and will rectify it. Perhaps there was some justification I am not aware of, but I doubt it. If I have to go to prison for this, perhaps it will benefit society. Who knows what what Len Rose would have done if left to continue his criminal pursuits. I hope to get my equipment, and software back and then re-start my life. There have been repeated motions to get my equipment back , but the judge has summarily denied them saying I will commit crimes If I get it back. I have offered to assist the SS in saving evidence,and to sign any agreement they choose regarding validity of that evidence. I may take up begging soon , and ask for help from someone who is rich. It's going to be winter soon and I don't look forward to being on the street. Len ******************************************************************** >> END OF THIS FILE << ***************************************************************************  Downloaded From P-80 International Information Systems 304-744-2253 12yrs+