------------------------------ From: Various Subject: CU News Date: April 20, 1991 ******************************************************************** *** CuD #3.13: File 4 of 4: The CU in the News *** ******************************************************************** From: Anonymous Subject: Newsweek article--Cyberpunks and Constitution Date: Wed, 9 Apr 91 16:22:18 EST Cyberpunks and the Constitution The fast-changing technologies of the late 20th century pose a challenge to American laws and principles of ages past By PHILLIP ELMER-DEWITT SAN FRANCISCO Armed with guns and search warrants, 150 Secret Service agents staged surprise raids in 14 American cities one morning last May, seizing 42 computers and tens of thousands of floppy disks. Their target: a loose-knit group of youthful computer enthusiasts suspected of trafficking in stolen credit-card numbers, telephone access codes and other contraband of the information age. The authorities intended to send a sharp message to would-be digital desperadoes that computer crime does not pay. But in their zeal, they sent a very different message - one that chilled civil libertarians. By attempting to crack down on telephone fraud, they shut down dozens of computer bulletin boards that may be as fully protected by the U.S. Constitution as the words on this page. Do electronic bulletin boards that may list stolen access codes enjoy protection under the First Amendment? That was one of the thorny questions raised last week at an unusual gathering of computer hackers, law-enforcement officials and legal scholars sponsored by Computer Professionals for Social Responsibility. For four days in California's Silicon Valley, 400 experts struggled to sort out the implications of applying late-18th century laws and legal principles to the fast-changing technologies of the late 20th century. While the gathering was short on answers, it was long on tantalizing questions. How can privacy be ensured when computers record every phone call, cash withdrawal and credit-card transaction? What "property rights" can be protected in digital electronic systems that can create copies that are indistinguishable from the real thing? What is a "place" in cyberspace, the universe occupied by audio and video signals traveling across state and national borders at nearly the speed of light? Or as Harvard law professor Laurence Tribe aptly summarized, "When the lines along which our Constitution is drawn warp or vanish, what happens to the Constitution itself?" Tribe suggested that the Supreme Court may be incapable of keeping up with the pace of technological change. He proposed what many will consider a radical solution: a 27th Amendment that would make the information-related freedoms guaranteed in the Bill of Rights fully applicable "no matter what the technological method or medium" by which that information is generated, stored or transmitted. While such a proposal is unlikely to pass into law, the fact that one of the country's leading constitutional scholars put it forward may persuade the judiciary to focus on the issues it raises. In recent months, several conflicts involving computer-related privacy and free speech have surfaced: -- When subscribers to Prodigy, a 700,000-member information system owned by Sears and IBM, began posting messages protesting a rate hike, Prodigy officials banned discussion of the topic in public forums on the system. After protesters began sending private mail messages to other members - and to advertisers - they were summarily kicked off the network. -- When Lotus Development Corp. of Cambridge, Mass., announced a joint venture with Equifax, one of the country's largest credit-rating bureaus, to sell a personal-computer product that would contain information on the shopping habits of 120 million U.S. households, it received 30,000 calls and letters from individuals asking that their names be removed from the data base. The project was quietly canceled in January. -- When regional telephone companies began offering Caller ID, a device that displays the phone numbers - including unlisted ones - of incoming calls, many people viewed it as an invasion of privacy. Several states have since passed laws requiring phone companies to offer callers a "blocking" option so that they can choose whether or not to disclose their numbers. Pennsylvania has banned the service. But the hacker dragnets generated the most heat. Ten months after the Secret Service shut down the bulletin boards, the government still has not produced any indictments. And several similar cases that have come before courts have been badly flawed. One Austin-based game publisher whose bulletin-board system was seized last March is expected soon to sue the government for violating his civil liberties. There is certainly plenty of computer crime around. The Secret Service claims that U.S. phone companies are losing $1.2 billion a year anc credit-card providers another $1 billion, largely through fraudulent use of stolen passwords and access codes. It is not clear, however, that the cyberpunks rounded up in dragnets like last May's are the ones committing the worst offenses. Those arrested were mostly teenagers more intent on showing off their computer skills than padding their bank accounts. One 14-year-old from New York City, for instance, apparently specialized in taking over the operation of remote computer systems and turning them into bulletin boards - for his friends to play on. Among his targets, say police, was a Pentagon computer belonging to the Secretary of the Air Force. "I regard unauthorized entry into computer systems as wrong and deserving of punishment," says Mitch Kapor, the former president of Lotus. And yet Kapor has emerged as a leading watchdog for freedom in the information age. He views the tiny bulletin-board systems as the forerunners of a public computer network that will eventually connect households across the country. Kapor is worried that legal precedents set today may haunt all Americans in the 21st century. Thus he is providing funds to fight for civil liberties in cyberspace the best way he knows how - one case at a time. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: Cyber City Public Access BBS * Toronto, Canada * 416/593-6000 Subject: Canada is Accused of using Stolen Software Date: Wed, 10 Apr 91 11:19:48 EDT (Reprinted with permission: 1. The article must be reproduced in full 2. The Financial Post must be credited somewhere in the article. The article's date was Friday, April 5th, 1991.) CANADA IS ACCUSED OF USING STOLEN SOFTWARE By Eric Reguly and Alan Friedman Financial Post and Financial Times of London NEW YORK -- Government agencies in Canada and other countries are using computer software that was stolen from a Washington-based company by the U.S. Department of Justice, according to affidavits filed in a U.S. court case. In a complex case, several nations, as well as some well-known Washington insiders - including the national security advisor to former President Ronald Reagan, Robert McFarlane - are named as allegedly playing a role. The affidavits were filed in recent weeks in support of a Washington-based computer company called Inslaw Inc., which claims that its case-tracking software, known as Promis, was stolen by the U.S. Department of Justice and eventually ended up in the hands of the governments of Israel, Canada and Iraq. NEW MOTION Yesterday, lawyers for Inslaw filed a new motion in federal bankruptcy court in Washington demanding the power to subpoena information from the Canadian government on how Ottawa came to acquire Promis software. The motion states, "The evidence continues to mount that Inslaw's proprietary software is in Canada." The affidavits allege that Promis - designed to keep track of cases and criminals by government agencies - is in use by the RCMP and the Canadian Security Intelligence Service. The Canadian Department of Communications is referring calls on the subject to the department's lawyer, John Lovell in Ottawa, while a CSIS spokesman will not confirm or deny whether the agency uses the software. "No one is aware of the program's existence here," Corporal DEnis Deveau, Ottawa-based spokesman for the RCMP, said yesterday. The case of Inslaw, which won a court victory against the Justice Department in 1987, at first glance appears to be an obscure lawsuit by a small business that was forced into bankruptcy because of the loss of its proprietary software. But several members of the Washington establishment are suggesting Inslaw may have implications for U.S. foreign policy in the Middle East. The Case already has some unusual aspects. At least one judge has refused to handle it because of potential conflicts of interest, and a key lawyer representing Inslaw is Elliot Richardson, a former U.S. attorney general and ambassador to Britain who is remembered for his role in standing up to Richard Nixon during the Watergate scandal. Richardson yesterday told the Financial Times of London and The Financial Post that: "Evidence of the widespread ramifications of the Inslaw case comes from many sources and keeps accumulating." A curious development in the Inslaw case is that the Department of Justice has refused to provide documents relating to Inslaw to Jack Brook, chairman of the Judiciary Committee of the House of Representatives. Richardson said, "It remains inexplicable why the Justice Department consistently refuses to pursue this evidence and resists co-operation with the Judiciary Committee of the House of Representatives." The Inslaw case began in 1982 when the company accepted a US $10-million contract to install its Promis case management software at the Department of Justice. In 1983 the government agency stopped paying Inslaw and the firm went into Chapter 11 bankruptcy proceedings. Inslaw sued Justice in 1986 and the trial took place a year later. The result of the trial in 1987 was a ruling by a federal bankruptcy court in Inslaw's favor. The ruling said that the Justice Department "took, converted, stole" Promis software through "trickery, fraud and deceit" and then conspired to drive Inslaw out of business. That ruling, which received little publicity at the time, was upheld by the U.S. District Court in Washington in 1989, but Justice lodged an appeal last year in an attempt to overturn the judgement that it must pay Inslaw US $6.1 million (C $7.1 million) in damages and US $1.2 million in legal fees. The affidavits filed in recent weeks relate to an imminent move by Richardson on behalf of Inslaw to obtain subpoena power in order to demand copies of the Promis software that the company alleges are being used by the Central Intelligence Agency and other U.S. intelligence services that did not purchase the technology from Inslaw. In the affidavit relating to McFarlane that was filed on March 21, Ari Ben-Menashe, a former Israeli intelligence officer, claims that McFarlane had a "special" relationship with Israeli intelligence officials. Ben-Menashe alleges that in a 1982 meeting in Tel Aviv, he was told that Israeli intelligence received the software from McFarlane. FLORIDA COMPANY McFarlane has stated that he is "very puzzled" by the allegations that he passed any of the software to Israel. He has termed the claims "absolutely false". Another strange development is the status of Michael Riconosciuto, a potential witness for Inslaw who once worked with a Florida company that sought to develop weapons, including fuel-air explosives and chemical agents. Riconosciuto claimed in his affidavit that in February he was called by a former Justice Department official who warned him against co-op with the House Judiciary Committee's investigation into Inslaw. Riconosciuto was arrested last weekend on drug charges, but claimed he had been "set up". In his March 21 affidavit, Riconosciuto says he modified Promis software for law enforcement and intelligence agencies. "Some of the modifications that I made were specifically designed to facilitate the implementation of Promis within two agencies of the government of Canada... The propriety (sic) version of Promis, as modified by me, was, in fact, implemented in both the RCMP and the CSIS in Canada." On Monday, Richardson and other lawyers for Inslaw will file a motion in court seeking the power to subpoena copies of the Promis software from U.S. Intelligence agencies. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From: fitz@WANG.COM(Tom Fitzgerald) Subject: Police confiscate computer equipment dialing wrong number Date: Mon, 15 Apr 91 19:11:51 EDT <><><><><><><> T h e V O G O N N e w s S e r v i c e <><><><><><><><> Edition : 2301 Monday 15-Apr-1991 Circulation : 8526 [Mike Taylor, VNS Correspondent] [Littleton, MA, USA ] Police Confiscate Computer Equipment Dialing Wrong Number SAN LUIS OBISPO, CALIFORNIA, U.S.A., 1991 APR 3 (NB) --Ron Hopson got a call at work from his neighbor who informed him police broke down his front door, and were confiscating his computer equipment. The report, in the San Luis Obispo (SLO) Telegram-Tribune, quoted Hopson as saying, "They took my stuff, they rummaged through my house, and all the time I was trying to figure out what I did, what this was about. I didn't have any idea." According to the Telegram-Tribune, Hopson and three others were accused by police of attempting to break into the bulletin board system (BBS) containing patient records of SLO dermatologists Longabaugh and Herton. District Attorney Stephen Brown told Newsbytes that even though the suspects (two of which are Cal Poly students) did not know each other, search warrants were issued after their phone numbers were traced by police as numbers attempting access to the dermatologists' system by modem "more than three times in a single day." Brown told Newsbytes the police wouldn't have been as concerned if it had been the BBS of a non-medical related company, but faced with people trying to obtaining illegal narcotics by calling pharmacies with fraudulent information... What the suspects had in common was the dermatologists' BBS phone number programmed into their telecommunications software as the Cygnus XI BBS. According to John Ewing, secretary of the SLO Personal Computer Users Group (SLO PC UG), the Cygnus XI BBS was a public BBS that operated in SLO, but the system operator (sysop) moved less than a year ago and discontinued the board. It appears the dermatologists inherited the number. John Ewing, SLO PCUG editor, commented in the SLO PC UG newsletter, "My personal opinion is that the phone number [for the Cygnus XI BBS] is still listed in personal dialing directories as Cygnus XI, and people are innocently calling to exchange information and download files. These so-called hackers know that the password they used worked in the past and attempt to connect several times. The password may even be recorded as a script file [an automatic log-on file]. If this is the case, my sympathies go out to those who have had their hardware and software confiscated." Bob Ward, secretary of the SLO PC UG, told Newsbytes, "The number [for Cygnus XI] could have been passed around the world. And, as a new user, it would be easy to make three mistaken calls. The board has no opening screen, it just asks for a password. So, you call once with your password, once more trying the word NEW, and again to try GUEST." {contributed by Barry Wright to RISKS-FORUM Digest V4.38} {contributed by Wes Plouff} <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> Please send subscription and backissue requests to CASEE::VNS Permission to copy material from this VNS is granted (per DIGITAL PP&P) provided that the message header for the issue and credit lines for the VNS correspondent and original source are retained in the copy. <><><><><><><> VNS Edition : 2301 Monday 15-Apr-1991 <><><><><><><> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++===== From: Gordon Meyer <72307.1502@COMPUSERVE.COM> Subject: The CU in South Africa (Reprint from Mondo) Date: 10 Apr 91 01:24:37 EDT This 'letter to the editor' appeared in the Winter '91 issue of _Mondo 2000_. It provides insight and a first hand account of CU interest in South Africa. ------- Great that you could help us information hackers down here in South Africa. Things are probably a lot more simple in our country than yours - recent events such as a march on the South Africa Broadcasting Corporation SABC, demanding that they free the airwaves will recall similar events in the 60's USA. Our brains have stagnated in a cultural wilderness which has more in common with your local totalitarian bananastate than the subtle manipulations of western 'democracy.' Anyway, I mean 'simple' in the sense that two thirds of our population has no electricity. Solution = give them electricity. Our country produces 60% of Africa's electric output so there is more than enough. But here's where you people are important: tho achieve any of the seemingly simple goals of basic human rights we need to know how to hack information really well. High tech has the capability of processing and transmitting large amounts of info, a characteristic that the security branch and Dept. for Information found really useful in tracking down radicals. Example: in one case someone on the run used his Autobank ATM card - it was promptly swallowed and when he enquired as to the reason at his friendly bank - he was promptly arrested - yes, they actually programmed the ATM to trap those in the underground. Now activists have realized that to counter such a monopoly on tech-know-how and manipulation, they have to become techno-radicals, hackers of the establishments of knowledge, etc. We're working with a group of former teachers who have been given computers by the government in 1985 to appease the local community (a rather pathetic attempt) who then subsequently decided to use those 'gifts' against the very people who had given them - by radicalizing computers and spreading this knowledge. We have made copies of your very relevant mag and distributed to those individuals able to carry out hacking attempts. You're important players in the process of spreading the hacking ethic via the print media - something which should not be under-estimated, especially in a country such as ours where merely being able to read is in itself a revolutionary act. The Kagenna project is one which has attempted to use the ethic - by letting information loose into a stagnant society - anything can happen. The green hue is both important and convenient - in a country of many barriers, it is one of the few topics which cuts across all prejudices of race and class. We probably seem pretty tame to you folks, but in the absence of independent media, we tread a fine line. So if you keep sending us the MONDOs, we will Kagenna plus updates on hacking here and any interesting info we come across - let us know whether this is fine with you. We await the birth of the African Cyberpunk Hacker Movement - a somewhat difficult labour. Yours in solidarity, Ted Head (kagenna techno-peasant) PO Box 4713 Cape Town 8000 New South Africa. SOURCE: MONDO 2000 #3 (Winter 1991) pp 14-15 "Letters/FAX/Email" ******************************************************************** ------------------------------ **END OF CuD #3.13** ********************************************************************