------------------------------ From: Various Subject: From the Mailbag Date: 22 January, 1991 ******************************************************************** *** CuD #3.03: File 2 of 4: From the Mailbag *** ******************************************************************** From: UK05744@UKPR.UKY.EDU Subject: tap news Date: Sun, 06 Jan 91 23:45:04 EST In a recent issue of CuD, the moderators wrote: >TAP is alive and well. In addition to a newsletter, they also have a BBS for >exchange of information and news. TAP is available for the price of a >postage stamp for each issue by writing: > > TAP > PO Box 20264 > Louisville, KY 40250 Greetings! I wanted to help clear up any misconceptions some people might have regarding TAP Magazine. The first point is that I am no longer editor. After Craig Neidorf got molested, I decided do let go of TAP and concentrate on more important things. Therefore, I handed editorship to Predat0r. Since then, I have had NOTHING to do with TAP Magazine. The second point is the details of the subscription. I am not totally sure of this but it is what I hear. TAP is not free anymore (I don't know why. I put it out for free), it is now $2 for a SAMPLE issue. The yearly rates are $10 for ten issues. If anyone has any questions regarding TAP, don't mail me. Mail them to Predat0r at the above address. If anyone wants to correspond with ME, you can mail me at UK05744@UKPR.UKY.EDU. OR UK05744@UKPR.BITNET. ++++++++++++++++++++++++++++++++++++++++++++++++++ From: eric@EGSNER.CIRR.COM(Eric Schnoebelen) Subject: Re: CU Digest #3.00 Date: Sun, 6 Jan 91 14:44:05 CST In a recent issue of CuD, works!cud@UUNET.UU.NET writes: - How can it be legal to make BBS' operators shell out extra money for a - hobby, answering machines aren't something people have to pay extra for, - and in some cases thats what BBS's are used for. If its a public BBS, it is - receiving no true income from its users, unless they pay a standard, - billable time, (ie. A commercial BBS) What gives them the right to charge - us now? - Do they have a right to charge us? are they providing any type of special - service because we have a modem on the line, instead of an answering - machine, FAX, phone, or other? we are private citizens, it should be up to - us how we use the phones. TelCo's still a monopoly The "monopolies" have only the powers to charge for the services that are tariffed by the local and state public utilities commissions for intrastate services, and the Federal Communication Commission on the interstate services. The charges for local service come under the jurisdiction of the PUC's, and not the FCC. If the operating company can convince the local PUC that a BBS is business, then they will be able to "legally" charge business rates for connections that are used for BBS's. Keep in mind that telephone service is not a guaranteed right. The low residential service rates are due to a state and federal government policy dating from early in the century, which was aimed at providing universal telephone service, much in the same way that the government have provided roads to encourage the mobility of the automobile. A case could easily be made that more than one line to a residence/household is a luxury, and all additional lines should be billed at a higher rate. Fortunately, generally the telephone companies have not tried for this, but instead have limited the attempts to charge business rates to BBS's solely to BBS's that could be viewed as businesses, such as ones that charge for access. Businesses are charged more for their service because they are expected to make more use of the telephone system, and thus cause greater wear on the system. BBS's, like teenagers, blow that equation all out of the water. - There are a lot of rumours about this type of thing, only I've never seen - it actually put into action. Southwestern Bell, in Houston, Tx, attempted to define all BBS's with more than one phone line as businesses, for the purposes of billing, whether they charged a fee for not. As part of this, they also claimed that BBS's that had a mandatory upload's for access were also businesses, since the user was required to provide something in order to gain access. [I may not have all of the above 100% correct, but that seems to be the gist of it] I have also heard that GTE in Indiana has tariffed that all BBS's that charge for access get business rates. At least GTE went through the PUC in getting that one through, unlike SWBT. And in response, at least in the case of the SWBT action, a group of BBS operators in Texas (and Oklahoma) fought the action. For the most part, I gather that they have succeeded, but not completely. I doubt that I have made anyone happy by reading the above, but hopefully, I have made people more informed. *********************** In CuD 3.00, file 4, Liz E. Borden Writes: - Why, you ask, do I think the CU is sexist? I will agree that there is a very strong male bias in the entire computing industry, and probably even more so in the underground. Why? I have no real idea, although a guess that pops to mind is (Gross Generalizations here!) many women would rather do things more secure and "safe" than play on the edges in the underground. How true that is, I don't know. I would say that is a stereotypical perception that is not well held up by the women I know. - Second, BBSs, especially those catering to adolescents and college - students, are frightening in their mysogeny. I have commonly seen in - general posts on large boards on college towns discussion of women in the - basest of terms (but never comparable discussions of men), use of such - terms as broads, bitches, cunts, and others as synonymous with the term - "woman" in general conversation, and generalized hostile and angry - responses against women as a class. This, unfortunately, does exist, even in what are supposed to be some of our most enlightened environments, the university campus. But keep in mind, this is also how they were taught by the outside society before entering the enlightening halls of the university, and they should be exposed to ideals that indicate that their actions and beliefs may be flawed, or even incorrect. It does nothing to complain about these people, they need to be exposed to a greater, less biased world than the one from which they came. Some will reject it, because it will suddenly devalue their self worth, or the views/beliefs they held upon entering are to strong, but after time (perhaps generations) they will be in the definite minority, and perhaps even extinct. - Third, sexism is rampant on the nets. The alt.sex (bondage, gifs, - what-have-you) appeal to male fantasies of a type that degrades women. No, - I don't believe in censorship, but I do believe we can raise the gender - implications of these news groups just as we would if a controversial - speaker came to a campus. Most posts that refer to a generic category tend - to use male specific pronouns that presume masculinity (the generic "he") - or terms such as "policeman" or "chairman" instead of "chair" or "police - officer." It is my belief that many people consider "chairman" and "policeman" to be generic terms for "chair" and "police officer" I have heard my youngest sister refer to herself as a "policeman" on several occasions, although she does tend to use "police officer" a bit more often. As to rampant sexism on the "nets", I cannot say. I only frequent USENET and internet mailing lists for my net based reading. What it is like on the Fido echo's etc, I do not know. In general, most of the postings I see on USENET are of very open, somewhat liberal, attitude. I suppose that the alt.sex hierarchy could be considered degrading, but I am unsure how. What I see in those groups that I read there are generally open, fairly well reasoned discussions of items of a sexual nature, as well as some discussions attempting to show some users the error of their ways of belief. Those do degenerate in to some impressive flame wars, but there has been little I could see as being viewed as degrading/demeaning. -Why don't we think about and discuss some of - this, and why isn't CuD taking the lead?! Good question. If the computer underground is truly on the cutting edge of future society, then lets take the chance to rework our (and the rest of the nations/worlds) views on sexism, racism, and all the other -ism's out there. These sorts of actions start at home! And in doing so, we shouldn't flame those who hold opposing opinions, rather we should listen to them, and reason with them. Find out why they hold the beliefs they do, and politely attempt to enlighten them. All in all, I would say that Ms. Borden makes some very good points, points we all could do well to consider, and act upon. The computer industry needs to make a more intense effort to draw women into the industry, and we of the computer underground need to draw them into the mainstream of the underground. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: snowgoose!dave@UUNET.UU.NET Subject: No Room for Dinosaurs Date: Mon, 14 Jan 91 08:21:22 -0500 Over the past year, I have been reading about three subjects which have converged in my twisted mind to create an apprehension. AT first realization, I actually felt a little paranoid, but quickly realized that no conspiracy was taking place. That left me with apprehension of something it took me awhile to understand, though dimly still. The three subjects about which I have been reading, actually tracking, are (1) the quickening use of law and enforcement to control certain elements of the computer literate in society, (2) the efforts on the part of telecom companies to charge business rates for BBS phone service, and (3) the mass marketing of computer information services such as GENIE, COMPUSERVE, and (the worst or the best) PRODIGY. In that instant of paranoia, I asked myself whether these three forces were conspiring to squeeze me (and people like me) into conformity or extinction. When the paranoia passed, leaving me with an uncomfortable apprehension, I knew it was no conspiracy, just powerful forces moving in a like direction; all three forces a reaction to the permeation of computers throughout all facets of our society. I support law and enforcement, an our responsibility to control the excesses of those who govern us. I support a free market economy in which telecom companies and computer services companies make a buck. I understand the position PRODIGY takes; that they are a publisher who will exercise editorial control (in response to advertisers sensitivities.) Still, though, something uneasy lingers in my soul. The recent contributions to CUD about sexism in the CU sharpened the focus of my apprehension. I earned my first job as a systems programmer by penetrating a security hole in the university's mainframes. I like to refer to my sailboat as "she". I am going to sail around the world someday soon. And, I'm still looking for opportunities to achieve technical feats for the simple pleasure of doing it. Oh yes, I smoke a pipe, too. I'm a dinosaur. When I earned my first systems programmer job, there wasn't a computer underground. We were the elite, and held in awe for our abilities. We were pretty responsible too. I am wondering whether there is much of a computer underground now. When issues of sexism or equal access to computers by the handicapped permeate the computer underground, it won't be an underground anymore. (I bet that one will get a few flames. I'm handicapped, and I have felt discrimination, but CUD isn't the forum for discussing it.) Anyway, to the point, soon, I fear, the hackers, and others on the frontier of computing, who seek to express their individualism, will go the way of the dinosaur. I finally realized my apprehension for what it was; the fear of dying, of being `passed by' by forces too powerful to resist, too conformist to join. Actually, I do join those forces. Life is full of compromise. The joining is a form of dying in itself. Better than dying from starvation, I guess. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: scubed!gnh-igloo.cts.com!penguin%das@HARVUNXW.BITNET(Mark Steiger) Subject: Re: Reward for Hacking Date: Fri Jan 4 91 at 15:59:51 (CST) In CUD 2.19 it was mentioned about "10,000 hackers couldn't break into our system". It is True. Our computer club received a mailer offering $5,000 to anyone who could break in if they told them how they did it. It looked like a interesting offer. They gave a bunch of phone numbers that their computer was on. I don't have the flyer anymore. Got it late spring/early summer 1990. Mark Steiger, Sysop, The Igloo BBS 218/262-3142 300-19.2K Baud ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: worley@COMPASS.COM(Dale Worley) Subject: C.U.D. vol. 2 is. 2.19, Date: Tue, 8 Jan 91 16:37:50 EST In CuD 2.19 (File #3) writes: > Our response is that there is little, if any, added expense to > telecom operations whether a phone is used for 20 minutes or 20 > hours during a given day. Regardless of the other issues at stake here, the surprising fact is that the above statement is completely false -- the costs of a connected line are much higher than those of an unconnected line. The costs associated with a local phone call fall into three categories: the cost of having the line installed the cost of setting up and taking down the call the cost of maintaining the signal path while the call is in progress Since traditional phone lines have been used for only a tiny fraction of the day, the phone companies have spent much money and cleverness at reducing the "fixed cost" of an installed phone line. It is much harder to reduce the cost of maintaining a signal path -- the number of switching elements in the central office must be sufficient to handle the number of calls likely to be in progress at any moment, which is presumed to be far smaller than the number of phone lines. In practice, the total costs of maintaining the signal paths are considerably higher than the fixed costs of the installed lines. The net result is that a line which is connected 24 hours a day costs the phone co. far more than a line which is used very little, because it is the connections which consume the expensive resources. That is why a leased line costs much more than basic message unit service. (If you don't believe me, check any book on the design of telephone systems.) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: wichers@HUSC9.HARVARD.EDU(John Wichers) Subject: Re: Cu Digest, #2.19 Date: Sun, 6 Jan 91 16:56:55 -0500 In article <1770@chinacat.Unicom.COM> Andy Jacobson writes: >Subject: Hackers as a software development tool >"GET DEFENSIVE! >YOU CAN'S SEE THEM BUT YOU KNOW THEY'RE THERE. >Hackers pose an invisible but serious threat to your information system. >Let LeeMah DataCom protect your data with the only data security system >proven impenetrable by over 10,000 hackers in LeeMah Hacker Challenges I >and II. For more information on how to secure your dial-up networks send >this card or call, today!" (Phone number and address deleted.) >So it seems they're claiming that 10,000 hackers (assuming there are that >many!) have hacked their system and failed. Somehow I doubt it. Maybe they >got 10,000 attempts by a team of dedicated hackers, (perhaps employees?) >but has anyone out there heard of the LeeMah Hacker Challenges I and II? If I remember correctly, they market some sort of a callback modem. What they then did was issue an open challenge to all hackers to call a system through their modem and get a text file or something similar in the system. The first time they had the "LeeMah Hacker Challenge", there were 8000+ attempts by hackers, none successful. The second time there were only 2000+ attempts, apparently because many hackers thought it was a new attempt by Big Brother to identify them. Note: although there were more than 10,000 *attempts* to get by their product, LeeMah cannot justify saying that means that 10,000 hackers tried, unless each hacker tried only once. Somehow I doubt that. Disclaimer: I have nothing to do with LeeMah, nor did I take part in either of their "Challenges". I just recall reading about it. --jjw (aka narcoleptic) +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: claris!netcom!onymouse@AMES.ARC.NASA.GOV(John Debert) Subject: Re: Cu Digest, #2.19 (Gail Thakeray's comments, etc.) Date: 7 Jan 91 01:35:15 GMT In CuD 2.19 (File 5), jwarren@well.sf.ca.us writes: > For those who don't know of Ms. Thackeray, she is an Assistant State > Attorney General for the State of Arizona, active in pursuing computer > crime, and controversial for some of her public statements and/or > statements that.some press *allege* she said. In some cases, she may have > been as misleadingly quoted-out-of-context -- or flat-out abusively > misquoted -- as has been the case with some reports about Mitch Kapor, John > Perry Barlow and the Electronic Frontier Foundation. > --Jim Warren [permission herewith granted to circulate this-in-full] Gail Thakeray has in fact made either untrue, half-true or misleading statements to the press and public at large. I heard her discussing the "hacker" problem last year live on-air on radio and she did in make such statements to support her position against certain, not-necessarily-criminal computer experts. She is supposed to know the law and specialize in computer crime but she made herself out to be against anyone who not only may have committed computer crime but also those who may be potentially capable (whatever that means, either possessed of the moral or technological capability, or whatever) to commit a crime. The sum of the position stated was that nothing would be allowed to get in her way to seek out and prosecute alleged computer criminals. She seems inconsistent in her position and her department's policy and I, for one, see no reason therefore to trust anything she may say. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: Maelstrom Subject: Correction - Michigan Bell vs BBS's Date: Mon, 7 Jan 91 19:05 EST A bit out of CuD #2.19 to refresh everyone's memories: >...an administrative hearing will be held before the >Michigan Public Service Commission to discuss a complaint filed against >Michigan Bell Telephone Company. >Early this year, a private bulletin board in Grosse Point, called the >Variety and Spice BBS, was ordered to pay an increased charge for phone >service because it was discovered he was accepting donations for use of his >BBS. >Michigan Bell claims that placing any condition on the use of a BBS >constitutes a business, and that the sysop must pay a business rate for his >phone line, plus pay a $100 deposit for EACH LINE in use. This means the >Variety and Spice sysop would have to pay a $1600 deposit, plus about $50 >additional each month if he wanted to continue his BBS. >Your help is urgently needed!! Please try to attend this hearing. It will >be held at the Public Service Building, 6545 Merchant Way, Lansing, >Michigan. The date is January 15. I do not have the exact time but I >assume this hearing will last most of the day. You do not have to testify, >but it would really be helpful if you can attend as a show of support. The >MPSC does not think the Michigan public even cares about BBS's. But we can >certainly jar their thinking if we can pack the room with sysops and users! >For more information, please contact Jerry Cross at 313-736-4544 (voice) or >313-736-3920 (bbs). You can also contact the sysop of the Variety & Spice >BBS at 313-885-8377. >Please! We need your support. I just got off the phone with Jerry Cross, and it appears there has been a mistake in date and time for the hearing. The correct dates are January 29 and 30, at 9:00am on both days. The hearing should last for most of both days, depending on how many people testify. It is important that as many of us as possible attend as a show of support! There is power in numbers. Subject: The Consequence of a Philosophy: Response to Dark Adept From: polari!tronix@SUMAX.SEATTLEU.EDU(David Daniel) Date: Fri, 11 Jan 91 17:26:25 PST The Consequences of a Philosophy by David Daniel I am moved to write this piece primarily by the Dark Adept's essay which appeared in CUD 2.18. He brought up many aspects of the 'hacker mentality' which have served and are serving to produce concern within the business and law enforcement community. Unfortunately, many of his assertions are based on common misconceptions about how businesses operate. Mr. Adept presented a distorted view of the 'capitalist mentality'. I hope to correct these misconceptions based on my experience in both computer and non-computer related businesses. Mr. Adept mentioned the restrictive aspects of patents and copyrights but offered no proof to support his claim. He also misstated the scope of a patent right. A patent only covers the method by with an invention performs its task. For example, I could invent a new form of sewing machine with only three moving parts and a revolutionary means of fixing various materials together. My patent would cover the means by which my devise achieves its purpose. Further, my patent would free me to release my invention to the world and to invite any and all those interested to study it. It's likely that Singer would be quite impressed and I could rest assured that I would receive due compensation if Singer decided to manufacture and/or market it. Mr. Adept expressed his belief that a user interface was generic. I'm sure we could find many hard working programmers who would heartily disagree as well as corporate executives who have overseen the expenditure of many thousands or man-hours and dollars in the developement of a unique software product. Don't they deserve a return on their investment? Mr. Adept denies the existence of license agreements when he asserts that an inefficient company can tie up a good interface by tying it to a bad program. He also denies the idea of a joint marketing venture by two or more companies which combine their strongest products. Mr. Adept wrote about the danger of protecting algorithms since they are merely mathematical models. Should we consider DOS and BIOS in the same category? Should these proprietary packages be freely circulated without compensation? It might be an attractive utopian concept but not workable within our present system. I see the issue ultimately as one of philosophical ethics. It pits the hacker/cracker/phreaker community with their latter-day Robin Hood persona against the free enterprise business community with their 'what's mine is mine' attitude. The struggle has been going on for years and will likely continue. There is a phrase, "putting a head on a pike". It arose from an ancient custom of removing the head of an enemy and placing it on a long pole anchored in the ground for all to see. It served to warn off other would-be attackers and it sometimes worked. I see many of the recent hacker/cracker prosecutions as just such a piking of heads. It is the price that certain members of the computer underground have paid for the exorcise of their philosophy. As to whether or not it's working only time will tell. I'm sure that some have been deterred while others have been moved to act. I'd like to see the two divergent mentalities reach a compromise. I truly believe a compromise possible. Even though it won't be easy it's a valuable goal that should be worked toward. The alternatives are more of what we've been seeing over the last few years: More prosecutions, more paranoia within the business community and more invasive behavior on the part of the federal government. None of us want this regardless of which side of the proverbial fence we reside. Lets all become part of the solution rather than adding to the problem. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: Dan Farmer Subject: re: COPS, Cud 3.00 (file 5) Date: Wed, 09 Jan 91 11:57:18 EST Hello, Gentlemen! I just read your latest CuD, and would like to take exception with your "File 5 of 6: Security on the Net" section. I wrote that, and it is included with, every copy of COPS that gets put out. However, the way you posted it, it is unclear that this is the case; indeed, people are asking me why I would post such a thing anonymously to your journal, apparently unaware that it is included as part of my package (the first person is used, so it would be a poor subterfuge :-)). If you would just mention something to the effect that I didn't send that to you, I'd appreciate that -- I certainly stand by all the words that I wrote, but it just seems a bit odd the way it is presented there, without the full background. If I send something to your fine journal, I'll certainly include my own name. Thanks! -- dan {Moderator's comment: We apologize to Dan for not giving credit to him as the original author. The person who sent us the article assumed we would recognize the original author, which we did not. The error was ours, and we thank all those who wrote. Jim ******************************************************************** >> END OF THIS FILE << ***************************************************************************