------------------------------ From: Assorted Subject: From the Mailbag Date: April 15, 1991 ******************************************************************** *** CuD #3.12: File 2 of 4: From the Mailbag *** ******************************************************************** Subject: Len Rose, licenses, and piracy From: peter@TARONGA.HACKERCORP.COM(Peter da Silva) Date: Sun, 7 Apr 91 13:44:05 CDT We have some odd numbers here: could someone explain them? > The UNIX operating system, which is > licensed by AT&T at $77,000 per license, Last time I checked the UNIX source code was considerably more than this. The version of UNIX that was licenced for $77,000 for source is no longer offered. > The login program is licensed by AT&T at $27,000 per license. Is this true, that "login" is licensed separately? If so, it's unlikely that it was licensed separately back in V7 days. So what's the story? Is AT&T actually lowering the estimated value of UNIX here, or inventing a separate license for the login program, or is there actually some boilerplate license for portions of the UNIX source? In any case, the people claiming that the 77,000 figure is "obviously" just another exaggerated pricing are mistaken: that figure is an extreme understatement of the value of teh UNIX source. The price on the login.c program, $27,000, does seem out of line though. Finally, I would like to note that unlike many of the posters here I'm not going to try to excuse Rose's adding trapdoors to login.c as either educational or providing support to AT&T customers. His posession of this code was definitely illegal. His use of it was, while perhaps protected under the first amendment, hardly wise. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Subject: Len Rose From: jrbd@CRAYCOS.COM(James Davies) Date: Mon, 8 Apr 91 14:15:51 MDT Keith Hansen and Arel Lucas in CuD #3.11 shared with us their letter to AT&T expressing their anger at the arrest and conviction of Len Rose (among other things). Well, I have to disagree with their conclusions in this case -- Len Rose is not an innocent martyr, crucified by an evil corporation for benevolently giving unpaid support to AT&T software users, as Hansen and Lucas attempted to portray him. The press release published earlier in the same CuD issue makes it clear that Rose's intent was to steal passwords and invade systems. While the possession of AT&T source code was the charge of which Rose was convicted, his actual crime (in a moral sense) was the equivalent of manufacturing burglar's tools, or perhaps of breaking and entering (although there isn't any evidence that he actually did any of this, his intent was clearly to help others do so). Nothing makes this more obvious than Rose's own words, as quoted from the comments in his modified login.c by the Secret Service press release: Hacked by Terminus to enable stealing passwords. This is obviously not a tool to be used for initial system penetration, but instead will allow you to collect passwords and accounts once it's been installed. (I)deal for situations where you have a one-shot opportunity for super user privileges.. This source code is not public domain..(so don't get caught with it). I'm sorry, but these aren't the words of an innocent man. Personally, I think that Rose is guilty of the exact same sort of behaviour that gives hackers a bad name in the press, and I think that you're crazy to be supporting him in this. Save your indignation for true misjustices, ok? +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= Subject: Re: Computers and Freedom of Speech From: elroy!grian!alex@AMES.ARC.NASA.GOV(Alex Pournelle) Date: Tue, 9 Apr 1991 09:02:53 GMT In CuD 3.11, works!LC1%das@HARVUNXW.BITNET wrote: >In response to an article in CuD 3.09 on computer publications... >What gives people the right to censor and deem something illegal in >the electronic media when paper, TV, radio, and the spoken word is >perfectly legal and protected by the first amendment. Why am I having to answer this? Wasn't this mentioned ten times in the past? I'll repeat: TV and radio are federally-minded resources "of the people", which have guidelines set up by the FCC, nominally in the interest by/for/of the people. (The rationale for the government minding the spectrum is that it's a scarce resource and one prone to huge abuse if not minded. That argument cuts both ways, doesn't it?) Telephones are covered by "common-carrier" laws, which prevent Pac*Bell from being confiscated because someone plans a murder over the wires. Ditto for cellular, Tymnet, telegraph and everything like them. This is a two-edged sword: the telcos have to give access to anyone who carries money, whether they "like" them or not. And they can have nothing (well, little--see "The Cuckoo's Egg" for one exception) to do with the content of what they carry. BBSes and for-pay services are NOT covered by common-carrier: THEY ARE PRIVATE SERVICES. The reason that CompuServe and BIX aren't confiscated every month is because H&R Block and McGraw-Hill have more lawyers than the Dept. of Justice--and they'd sue like crazy, and the government knows it. But since they're private, Prodigy can take off whatever messages it wants to. Whether it's violating privacy laws by reading people's mail is a matter I am not qualified to discuss. {I have, in fits of anger, wanted to take this "too big to confiscate" argument another step--say, building the computer into the foundation of a house, or better yet, into the foundation of an apartment building whose owner I didn't like. Or running it on an H-P 3000, the old kind that takes up an entire garage. And videotaping the attempts to remove the thing. But I digress.} >Q: Shouldn't electronic publications be protected under the same >article of the constitution that allows free presses? If they can be shown to be the same thing. Can you make this stand in a court of law? I can't; the EFF is trying to. It's incredibly important, no doubt. >A: Most definitly. [sic] Why? Stand right there and tell the judge why your PC and a modem should be accorded the same shield laws as the L.A. Times. Then explain that to the same L.A. Times, in short words, and get it printed. >The question now is why aren't they? No, that's only one question. Ignorance is probably the main reason for this state of affairs; ignorance that spawns "YOUR KIDS COULD BE TARGETS OF WHITE-SUPREMACIST PEDERASTS WHO NUKE DOLPHINS WHILE EATING HIGH-CHOLESTERAL FATS!!!! SCENES OF THEIR ILLICIT IMMORAL COMPUTER NETWORK LIVE FROM THE SCENE!!! FILM AT ELEVEN, RIGHT AFTER THE MISS NUDE BIKINI CONTEST WINNER INTERVIEW!!!!" so-called journalism on television. But that same ignorance, I'm afraid, pervades this very conference. If the Sixties, that period of unbounded and unfocussed optimism, taught me anything by hindsight, it's this: Know Reality. Wishful thinking won't change a thing. If you're concerned about the issues of electronic freedom--and we all should--Know Reality. That means understanding RCCs, RFCs, PSTNs, POTS, CLASS, CLIDs and FOIAs. For that scary future we can't stop _will_ be based on the past. It is up to us to make sure it is based on the right parts. Sincerely, Alex Pournelle +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= From: chron!magic322!edtjda@UUNET.UU.NET(Joe Abernathy) Subject: Defining Hackers for the Media Date: Wed, 10 Apr 91 19:31:01 CDT >From the you asked for it, you got it department: We've decided to do a brief sidebar treatment of the controversy over the use of words such as hacker, cracker, phreaker, codez kids, etc. Your brief, to-the-point comments are hereby invited for publication. Please fully identify yourself and your organization (or whatever job description best qualifies you to have an opinion on the subject). Please respond via electronic mail to: edtjda@chron.com or {nearbybighost}!uunet!chron!edtjda If there is an overwhelming volume of responses, I will not make individual acknowledgements. The resulting story will in any case be submitted for possible distribution in cud; and will be available electronically to those submitting their thoughts on the subject. Thanks in advance. Joe Abernathy Houston Chronicle (800) 735-3820 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= From: kadie@EFF.ORG(Carl Kadie) Subject: Computers and Academic Freedom - a new mailing list Date: Wed, 10 Apr 91 12:05:43 EDT Announcing a new mailing list: comp-academic-freedom-talk Purpose: To discuss questions such as: How should general principles of academic freedom (such as freedom of expression, freedom to read, due process, and privacy) be applied to university computers and networks? How are these principles actually being applied? How can the principles of academic freedom as applied to computers and networks be defended? To join: send email to listserv@eff.org. The body of the note should contain the line add comp-academic-freedom-talk To leave the list, send email with the line delete comp-academic-freedom-talk For more information about listserv, sent email with the line help After you join the list, to send a note to everyone on the list, send email to comp-academic-freedom-talk@eff.org (or caf-talk@org). The long version: When my grandmother attended the University of Illinois fifty-five years ago, academic freedom meant the right to speak up in class, to created student organizations, to listen to controversial speakers, to read "dangerous" books in the library, and to be protected from random searches of your dorm room. Today these rights are guaranteed by most universities. These days, however, my academic life very different from my grandmother's. Her academic life was centered on the classroom and the student union. Mine centers on the computer and the computer network. In the new academia, my academic freedom is much less secure. It is time for a discussion of computers and academic freedom. I've been in contact with Mitch Kapor. He has given the discussion a home on the eff.org machine. The suppression of academic freedom on computers is common. At least once a month, someone posts on plea on Usenet for help. The most common complaint is that a newsgroup has been banned because of its content (usually alt.sex). In January, a sysadmin at the University of Wisconsin didn't ban any newsgroups directly. Instead, he reduced the newsgroup expiration time so that reading groups such as alt.sex is almost impossible. Last month, a sysadmin at Case Western killed a note that a student had posted to a local newsgroup. The sysadmin said the information in the note could be misused. In other cases, university employees may be reading e-mail or looking through user files. This may happen with or without some prior notice that e-mail and files are fair game. In many of these cases the legality of the suppression is unclear. It may depend on user expectation, prior announcements, and whether the university is public or private. The legality is, however, irrelevant. The duty of the University is not to suppress everything it legally can; rather it is to support the free and open investigation and expression of ideas. This is the ideal of academic freedom. In this role, the University acts a model of how the wider world should be. (In the world of computers, universities are perhaps the most important model of how things should be). If you are interested in discussing this issues, or if you have first-hand experience with academic supression on computers or networks, please join the mailing list. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= From: Anonymous Subject: Fox Broadcasting, Hollywood Hacker, and Evil-doings Date: Sat, 7 Apr 91 19:18:15 MDT Given what Fox Television did to the Hollywood Hacker, I thought this might be of interest if anybody wants to read it. The following story appeared in the New York Times today: "Guns Found at Airport During Visit by Bush" LOS ANGELES, April 6 (AP)--Two television employees were detained but not arrested Friday night after two .22 caliber pistols were found intheir vehicles as they tried to enter an area at Los Angeles Airport that was secured for President Bush's departure. It was the first time that firearms had been found so close to a President, the White House spokesman, Marlin Fitzwater, said. --(stuff omitted) The two men were a cameraman from Fox Television and a courier for Cable News Network. Neither was identified. The article concludes by saying that the gun was carried in violation of company policy. Now, I ask this: If the HH was set up, I wonder if it's possible that Fox was maybe trying to do a sting of its own to see how close they could get The Prez without being caught? Did this story make the same splash on Fox that the HH story did? Did Fox come up with a cute name for these guys? Why didn't it have television cameras present when they got caught? Seems to me that getting caught with weapons so near the President is far more serious than logging on to a computer somewhere. I just wonder if Fox terminated its employee, and applied the same standards of fairness, lose as they may be, to these guys as they did to the HH? It's all gotta make ya wonder about Fox's credibility, doesn't it? +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= FROM: cybrview@EFF.ORG Subject: Looking at CyberSpace from Within Date: Thu, 11 Apr 91 16:20 CDT Looking At CyberSpace From Within On January 18, 1990, Craig Neidorf was visited by the United States Secret Service. Shortly afterwards he became the first victim in a war to preserve the rights guaranteed to all by the United States Constitution. He would not be alone. Steve Jackson Games, though not a target of any criminal investigation, was treated worse than most criminals when his company was inexplicably raided by the Secret Service. A dangerous trend was in evidence throughout the nation when Secret Service agents -- during Operation Sun-Devil and other related cases -- acted as if the interests of corporations like Bellcore are more important than those of individual citizens. Mitch Kapor, John Barlow, and others banded together to meet the challenge. They became the Electronic Frontier Foundation and they set forth to not only defend those wrongly accused of crimes, but to educate the public and law enforcement in general about computers and today's technology. EFF participated in a large public forum in March 1991. It was the first conference on Computers, Freedom, & Privacy, which was in general an opportunity to teach and learn from law enforcement officials, defense attorneys, and others with a more professional interest in the field. Now it is time to change gears a little and focus on a different group of people. Announcing... CyberView '91 St. Louis, Missouri The Weekend of June 21-23, 1991 A face-to-face opportunity to learn views, perspectives, and ideas from the people who live in CyberSpace on a day-to-day basis. CyberView '91 is a conference to discuss civil liberties in CyberSpace with the group of people that have been affected the most -- Hackers. It is not a forum to discuss computer or telecommunications systems in the context of security or accessibility. Instead this is the chance for the people who call themselves hackers to meet the Electronic Frontier Foundation in person and share their feelings with the people who might be able to make a difference and hopefully learn a few things at the same time. This conference is by INVITATION ONLY. If you are interested in attending this noteworthy event please leave electronic mail to "cybrview@EFF.ORG." +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++= From: cosell@BBN.COM(Bernie Cosell) Subject: Re: Is hacking the same as Breaking and Entering? Date: 10 Apr 91 13:15:09 GMT The Works BBS Admin writes: }In response to the question: "Is computer hacking the same as B&E?" }Not by far. Breaking and entering has malicious intent, and usually is }solely to steal things and/or hurt something. Hacking although }portrayed negatively in the press is not like this at all. It is }merely looking around at what is in various systems, and learning from }it. ... While I'm sure this is sincerely felt, it so egregiously distorts the real issues involved it makes one wonder if Mr "root" even UNDERSTANDS what the dispute is all about. Consider: it is the middle of summer and you happen to be climbing in the mountains and see a pack of teenagers roaming around an abandoned-until-snow ski resort. There is no question of physical harm to a person, since there will be no people around for months. They are methodically searching EVERY truck, building, outbuilding, shed, etc,. Trying EVERY window, trying to pick EVERY lock. When they find something they can open, they wander into it, and emerge a while later. From your vantage point, you can see no actual evidence of any theft or vandalism, but then you can't actually see what they're doing while they're inside whatever-it-is. Should you call the cops? What should the charge be? Would the answer be different if you OWNED the ski resort and it was YOUR stuff they were sifting through? I grant you that one should temper the crime with the assessment of the ACTUAL intent and the ACTUAL harm done, but that certainly doesn't argue that the intrusion, itself, shouldn't be a crime. }... the majority of }hackers (in my opinion) are not trying to hurt anything, and only }allow themselves a little room to look at, and possible a small chair What a load of crap.... If you want a room and a chair, ask one of your friends for one, but include me out. } Say you find an unknown account }mysteriously pop up? Why not find out who it is, and what they are }looking for first, because as odds go, if they got in there once, }they can do it again, no matter what you do. For two reasons: 1) just because YOU have such a totally bankrupt sense of ethics and propriety, that shouldn't put a burden on *me* to have to waste my time deailing with it. Life is short enough to not have it gratuitously wasted on self-righteous, immature fools. 2) I'm just as happy having that kind of "finding out" done by the police and the courts --- that's their job and I'd just as soon not get involved in the messy business [even if I could spare the time]. If you can't learn to act like a reasonable member of society for its own sake, perhaps somewhat more painful measures will dissuade you from "doing it again". If you want to 'play' on my system, you can ASK me, try to convince me *a*priori* of the innocence of your intent, and if I say "no" you should just go away. And playing without asking is, and should be, criminal; I have no obligation, nor any interest, in being compelled to provide a playpen for bozos who are so jaded that they cannot amuse themselves in some non-offensive way. ******************************************************************** >> END OF THIS FILE << ***************************************************************************