Computer underground Digest Sun Nov 5, 1996 Volume 6 : Issue 96 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Retiring Shadow Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Mini-biscuit editor: Guy Demau Passant CONTENTS, #6.96 (Sun, Nov 5, 1996) File 1--Other People's E-mail: TO Read or not to Read? File 2--Denning suggests banning non-escrowed crypto File 3--Redux: "Does Emiliy really need to read and write?" File 4--Book Reviews for FREE SPEECH YEARBOOK File 5--DEF CON II Post-Update Announcement File 6--Web version of Cu Digest, #6.93, File 1 File 7--Cu Digest Header Information (unchanged since 23 Oct 1994) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. ---------------------------------------------------------------------- Date: Thu, 3 Nov 1994 18:54:51 -0600 (CST) From: pkennedy Subject: File 1--Other People's E-mail: TO Read or not to Read? OTHER PEOPLE'S E-MAIL: TO READ OR NOT TO READ? There still seems to be a lot of confusion remaining about if and when you can properly and legally read another person's electronic mail. As the number of people going on-line increases, and the situations where e-mail is used proliferate, the landscape gets more complicated. Yet, the same basic rule we've always had for Postal Service mail applies to electronic mail: if the message isn't addressed to you, don't read it unless you have permission. If in doubt, don't read other people's mail. Simple enough. Predictably, the exceptions complicate this simple rule. All e-mail users should learn the important ones, and systems administrators should commit them to heart. THE ECPA. The principal law protecting the privacy of e-mail is the Electronic Communications Privacy Act of 1986 (the "ECPA" for short). ECPA is a 1986 federal law that expanded to e-mail the protections long afforded telephones conversations. The ECPA makes it a serious crime to read, use or disclose another person's electronic communications without justification. The ECPA sets the basic "don't read without permission" rule, along with some exceptions. Not only does the ECPA criminalize reading mail without permission, it also provides a civil remedy for those whose mail has been read or disclosed. So, even if you can't get law enforcement interested in prosecuting the person who snooped through your e-mail, you can sue the snooper in court. If you win, the snooper pays you damages and pays your attorney's fees. (It was this civil provision that allowed Steve Jackson Games and its BBSs users to sue the Secret Service for reading and deleting their e-mail, and allowed them to collect money from the Service and force the Service to pay their legal expenses.) THE ECPA EXCEPTIONS -- DISCLOSURE TO LAW ENFORCEMENT. The ECPA's restrictions have some exceptions. First, systems administrators may disclose that mail to law enforcement officials in response to a subpoena, search warrant or court order without penalty, *if* the administrator has a good faith belief that the legal papers are valid. A proper subpoena or search warrant should particularly identify the electronic files to be seized, and should identify at least the recipient or sender of the messages sought. It should not be a broad request for "all electronic mail messages" on a particular computer, or simply "all computers," especially when the system to be searched or seized runs a BBS. THE ECPA EXCEPTIONS -- BUSINESSES. The ECPA does *not* protect the privacy of a business' internal e-mail. A common misunderstanding among employees is that law protects the privacy of internal e-mail. The ECPA does not prevent an employer from monitoring its employees' electronic mail, just as it does not prevent an employer from listening in on telephone conversations to check up on the employee's work. On the other hand, each state has laws that protect a person's privacy from unwarranted snooping. Generally, a person's "private" sphere at work is fairly limited, but an employer who for years provides private, secure electronic communications among its employees may have allowed a sphere of privacy to develop. A sudden, unannounced change to a policy of reading employee e-mail might then violate state law. The safer practice for an employer would be to have a clear, written policy stating that company electronic mail is not private, and that the company retains (or is reclaiming) the right to review employee mail. Companies with gateways to outside mail services should be especially clear on their policy, because, rightly or wrongly, employees will have a greater expectation of privacy for personal mail they receive from outside the company, similar to personal letters sent to a work address. THE ECPA EXCEPTIONS -- SYSTEM ADMINISTRATORS. The final important set of exceptions to the ECPA's "don't read without permission" rule is for the system administrators. System administrators may "intercept, disclose or use" an electronic communication when engaged in any activity which is a "necessary incident" (1) "to the rendition of his service" or (2) "to the protection of the rights or property of the provider of that service." There is some debate on the breadth of these exceptions. No court case has discussed how they apply to BBSs. I read these exceptions narrowly, and believe the prudent systems administrator should too. The ECPA says that these exceptions are *not* a license to read users' mail at will, or even to spot-check to see if users are up to no good. The law says that the systems administrator "shall not utilize service observing or random monitoring except for mechanical or service quality control checks." Any spot-checking must be to monitor the system's *functioning,* not the users' *activities.* What if a system administrator has specific information that a certain user might be using e-mail to discuss or even facilitate a crime? Does that justify nosing through the user's e-mail? Again, I believe only very narrow circumstances could justify it. The systems administrator is no more responsible for criminal plots in e-mail than Ma Bell is for telephone conspiracies. For that reason, the law need not give the administrator a private-cop badge to rifle through e-mail and monitor for any signs of crime. While the ECPA does permit a system administrator to disclose to the police the contents of an e-mail message that was *inadvertently* obtained and which appears to pertain to the commission of a crime, this strongly implies that *intentional* sleuthing by systems administrators is forbidden. *If* a systems administrator has specific information that a user is about to damage the system or crash the service, say with a virus, the system administrator could justify reviewing that user's e-mail as a protection to the system. The harder case is if the administrator suspects that a user's actions might be criminal, but the only threat to the system is that it might get seized by law enforcement on account of the user. (Most BBS crime poses no other threat to the system, as it usually depends on the systems' continued functioning). Here, the administrator might argue that the threat of a seizure of the system (and the resulting loss of property) justifies reading the suspected user's e-mail. At minimum, however, the ECPA's specific prohibition of random monitoring would require the system administrator to have good, solid evidence against the user, not just a vague suspicion or anonymous claims that something bad is going on. A good point of reference: Remember that the same law applies to BBSs and telephone companies. Most people want to limit Ma Bell's right to monitor phone calls as much as possible. The same goes for e-mail. TRYING TO AVOID THESE RULES? The ECPA severely restricts a systems administrator's access to electronic messages flowing through his or her system. Some systems administrators try to avoid this limitation on their nosiness by posting disclaimers saying "NOTICE: This system does not provide private electronic communications" or "WARNING: We read your mail. It is not private." With these warnings, some systems administrators think they can freely read everyone's e-mail. These warnings are a bad idea. First, they probably won't do the job. While the facts of the particular case will matter, such disclaimers probably will not stand up in court. Judges and juries don't like these "take it or leave it" ultimatums when it comes to privacy. The disclaimer also probably isn't true: the system *does* provide mail that is private from all prying eyes except the systems administrator, and on any busy system, the administrator *can't* read all the mail, which may re-create in practice the very expectation of privacy the administrator is trying to deny. Second, the disclaimers may make things worse. While trying to decrease the chance of a user suing the administrator under the ECPA, the disclaimer will increase the systems administrator's risks in other areas. An administrator who actually reads his or her user's e-mail can be charged with knowing its content, and this increases the potential for successful civil suits for libel, as well as the danger of criminal prosecution for aiding criminal activity on the BBS. The administrator can always claim "I didn't read *that* message," but the system's own words say the opposite. Worse, if the system is seized by law enforcement, the systems administrator may lose very helpful allies: the users. When innocent users try to sue the police for violating *their* rights under the ECPA, the police will be sure to defend their acts based on what the system itself told them: no private e-mail here! The ECPA should be a great deterrent against the wholesale seizure of BBSs; systems administrators diminish that deterrent by using these disclaimers. Finally, what possible reason, other than plain rude nosiness, justifies reading other people's mail? The law not only imposes no responsibility to read or monitor mail flowing through a system, it prohibits it. System administrators who fear criminal responsibility for what their users are discussing in e-mail are as wrong as if Southwestern Bell was worried about being held responsible for crimes committed over their phone system. A tough question: What about users' personal file directories on BBS's? Many BBSs, Internet providers, and other computer systems provide their users file storage areas. Some systems call and treat these areas as "private." Would it violate the ECPA if the system administrator nosed through the files in a user's area? It's common for users to write e-mail to a file and store it, making them "stored electronic communications" covered by the ECPA. If the ECPA protects the privacy of these files from snooping by system administrators, doesn't the ECPA clash with the developing strict liability for system administrators for copyright infringement -- who are now being held liable for infringing files whether or not they knew they were on the system? (See Legal Bytes, Vol. 2, No. 1, "BBS System Operators' Liability for Copyright Infringement: Let the Sysop Beware"). How does a system administrator avoid unknowingly harboring infringing computer files? The solution *probably* lies in the system administrator gaining proper consent from the user, before the fact, to monitor these files, but the authors honestly haven't worked through this difficult question yet. LEGAL BYTES is a (usually) quarterly publication of George, Donaldson & Ford, L.L.P., Austin, Texas. George, Donaldson & Ford, L.L.P. 114 W. Seventh Street, Suite 1000 Austin, Texas 78701 (512) 495-1400 gdf@well.sf.ca.us David H. Donaldson, Jr., Editor 6017080@mcimail.com Peter D. Kennedy, Associate Editor pkennedy@io.com To subscribe: Send mail to legal-bytes-Request@io.com with the words "subscribe legal-bytes" in the message _body_. Online at: ftp.eff.org, /pub/Publications/E-Journals/Legal_Bytes/ gopher.eff.org, 1/Publications/E-Journals/Legal_Bytes gopher://gopher.eff.org/11/Publications/E-Journals/Legal_Bytes http://www.eff.org/pub/Publications/E-Journals/Legal_Bytes/ ------------------------------ Date: 1 Nov 1994 09:01:50 -0500 From: shabbir@panix.com (Shabbir J. Safdar) Subject: File 2--Denning suggests banning non-escrowed crypto Wiretap Watch - post-bill note November 1, 1994 Distribute Widely - (until November 30, 1994) Dr. Denning sees restrictions on non-escrowed crypto as an obvious possibility if Clipper sinks I attended the NYU Law School symposium on "rights in cyberspace" last Friday (Oct. 27, 1994) here in New York. There were three panels. On the mid afternoon panel, the topic was regulating state access to encrypted communications. Panelists included Oliver Smoot (attribution forgotten), Dr. Dorothy Denning (famous key escrow proponent), Steven Cherry (Voters Telecomm Watch spokesperson), and J Beckwith Burr (who was not a rep of the EFF, but gave a synopsis of their position). Dr. Denning gave a chillingly calm description of key escrow, and then the panelists as a whole answered questions. At one point the subject arose of just how "voluntary" Clipper really could be, seeing as the public and industry had overwhelmingly rejected it. Who will use a voluntary standard that nobody likes? The consensus of the key-escrow opponents on the panel seemed to be "nobody". Dr. Denning, speaking for herself and not as a spokesperson for the Administration, stated that if alternate non-escrowed encryption became prevalent, the next step would be to implement "restrictions" on non-escrowed technology. I think its safe to assume that Dr. Denning wasn't speaking of secret plot to ban private crypto; she was just commenting on the obvious: The Administration & Law Enforcement wants access to *all* communications. While they'll play "nice" now, they won't be so nice if you don't go along with them. It's going to get ugly down the road, and HR 5199 could be the panacea. What can you do? -Get to know your legislator. Just as the DT bill was railroaded through, there may not be a big chance of stopping 5199, a bill that could put into legislation the govt's key escrow program, making it a NIST standard. You must convince your legislator that a little privacy is a good thing. Non- escrowed crypto will not bring back all the privacy you've lost in the last 50 years. It will bring back some. Some is better than none, and it maintains the balance between law enforcement interests and privacy concerns. Learn who your legislators are. Put their phone numbers on a scrap of paper and keep them in your wallet or purse. This will encourage you to call next session during one of the crucial moments. -Save your money. There are a lot of organizations around that you can join that will represent your interests in Congress. Consider whether you should instead save your money and give it directly to a legislator with a good record on privacy and cryptography. Several such legislators were recently identified in the VTW (Voters Telecomm Watch) 1993/1994 Report Card. -Join the VTW announcements mailing list. Send mail to vtw@vtw.org and ask to be subscribed to vtw-announce. We will be carefully tracking HR 5199 next session with the same frenetic precision we applied to Rep. Maria Cantwell's Cryptography Exports bill and the FBI's Wiretap/Digital Telephony bill. ------------------------------ Date: Thu, 3 Nov 1994 02:47:59 -0500 From: Brandinius@AOL.COM Subject: File 3--Redux: "Does Emiliy really need to read and write?" I wanted to respond to, and strongly agree with, Scott Straw's comments in CUD 6.92, "Does Emily really need to read and write in 2020?" which were actually a response to an earlier invitation from Seattle Times reporter Kurt Dahl to send in comments on this topic. The level of basic English skills on the Internet, and especially on local BBSs, is appalling. And adding to the problem is the unwritten but sometimes hinted at rule that "flaming someone for his or her grammar/spelling is verbotten." Perhaps flaming isn't the right approach, but errors and poor usage are so prevalent that new net citizens are unlearning what has been taught in school. (It could possibly be argued that it was never taught in the first place). When I see corporate billboards, form letters from companies, and personal correspondence from businesses I deal with that are loaded with spelling errors, serious grammatical mistakes, and other abuses of the language, it's very disturbing to think that children learning to read will see these same items and learn incorrect usage. But when these same children - - or adults, for that matter - - get on the net, the problem becomes much worse. I have read, attempted to read, or passed over countless posts, some of them quite long and pointed, that suffer from so much grammatical misuse and so many spelling/punctuation mistakes that they are absolutely unintelligible. In fact, being curious about the responses I'd receive, I posted a note a year or so ago on a popular local BBS that attempted to clear up the differences between commonly misused English words such as "there, their, and they're," and "your and you're." It wasn't condescending, nor was it flame-style. The responses received ranged from "This is helpful" to "Fuck you and the PC you rode in on," but they mostly consisted of the latter. The headline news servers for AOL, CompuServe, and other online services (they seem to all use the same headline service) push out articles that are laced with mistakes and misusages. A few examples from just one day in January of this year that I saved to disk for some reason: - - - - - - - - - - - - 1/18 Inman withdraws nomination, blasts "New McCarthyism" WASHINGTON (JAN. 18) DPA - Bobby Ray Inman, President Bill Clinton's choice to become the next U.S. Secretary of Defence announced Tuesday that he was withdrawing his nomination rather than become a victim of what he called the "new McCarthyism." ~ ~ ~Defense is spelled with an "s" and not a "c." - - - - - - - - - - - - 1/18 Cold virus to be used to fight disease NEW YORK (JAN. 18) XINHUA - U.S. RESEARCHERS ARE TRYING TO REFORM COLD VIRUS'S EVIL WAYS TO FIGHT DISEASE . . . THE RESEARCHERS SAID THAT THEY HOPE TO USE THE VIRUS TO FERRY HE HUMAN BODY GENERALLY INACCESSIBLE TO MODERN MEDICINES. ~ ~ ~What? This sentence makes no sense whatsoever. - - - - - - - - - - - - 1/18 California Earthquake could cost LLoyd's around $6 billion LONDON (JAN. 18) XINHUA - THE EARTHQUAKE IN LOS ANGELES COULD COST LLOYD'S OF LONDON, THE WORLD LARGEST INSURANCE MARKET, ABOUT SIX BILLION U.S. DOLLARS, A LLOYD'S SPOKESMAN SAID TODAY. . . . ANALYSTS SAID ONLY 15 TO 20 PERCENT OF BUILDINGS IN CALIFORNIA HAD EARTHQUAKE INSURANCE, BECAUSE OF THE HIGH COST OF COVER, AND MANY WERE QUAKE-PROOF. LLOYD'S IS A SPECIALIST IN DISASTER COVER. IT SCATTERS RISK TO INSURERS ELSEWHERE IN A PRECESS KNOWN AS REINSURANCE. ~ ~ ~It's _coverage_ (both paragraphs), and _process_. . . . THE EARTHQUAKE, MEASURED 6.6 ON THE RECHTER SCALE AND KILLED 33, IS THE MOST DEVASTATING SINCE THE 1989 SAN FRANCISCO QUAKE THAT KILLED 64 AND COST INSURERS ALMOST ONE BILLION U.S. DOLLARS. ~ ~ ~Should be "The earthquake, _which_ measured" etc. ~ ~ ~_Richter_, not Rechter_ - - - - - - - - - - - - - - - Granted, the people typing these in are probably minimum wage workers who are being forced to do it so quickly that any checking for mistakes would be impossible. But these kinds of mistakes would NEVER be tolerated in the printed media; why should the online world be any different, especially services that we PAY for? And before the flames start, I am not some anal retentive computer geek looking to harp on people just to be a pain in the collective ass; to understand each other in the online world (or anywhere that some form of intellectual communication is necessary to relate to others), some basic rules must be agreed upon. If those rules are are thrown out the window, the chances for misunderstandings abound and the ability to communicate AT ALL is compromised. When you add the International aspect of the net to the equation, then it gets hairy, and I do not support requiring someone in Iceland to write perfect English; but then, if WE OURSELVES can't write even decent English, then how can we expect to communicate effectively with someone who is just learning the language, or vice versa? Does Emily need to read and write in the year 2020? Undoubtedly, yes. But will she be able to, if the majority of her education in the language comes from the net? Unlikely. Brandon Weber BWEBER@IGC.APC.ORG BRANDINIUS@AOL.COM ------------------------------ Date: Sat, 5 Nov 1994 14:50:20 -0500 From: sross@CRAFT.CAMP.CLARKSON.EDU(SUSAN M. ROSS) Subject: File 4--Book Reviews for FREE SPEECH YEARBOOK As Book Review Editor of FREE SPEECH YEARBOOK, I am writing to request reviews of books concerning free speech issues related to computer-telecommunications networks. FREE SPEECH YEARBOOOK has been sponsored by the Commission on Freedom of Expression of the Speech Communication Association since 1961 and has been published by Southern Illinois University Press since 1987. Our book reviews traditionally have been 4-7 pages, double spaced. Manuscripts should be prepared according to ether the MLA Handbook (Modern Language Association) or A Uniform System of Citation. A review that evaluates the book rather than merely provides a summary of its contents is genrally preferred. Final manuscripts of book reviews are due by January 15, 1995. Please mail them to: S. M. Ross, Department of Technical Communications, Box 5760, Clarkson University, Potsdam, New York 13699-5760 E-mail inquiries are welcome. To suggest a book and/or a reviewer, please post to: sross@heron.tc.clarkson.edu or sross@craft.camp.clarkson.edu ------------------------------ Date: Sun, 25 Sep 1994 18:07:33 -0700 (PDT) From: dtangent Subject: File 5--DEF CON II Post-Update Announcement XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON Mailing List Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON Mailing List Announcement XXXXXXxxxxxxXXXXXX X X DEF CON Mailing List Announcement XXXXXxxxxxxxxXXXXXXX X XXXXxxxxxxxxxxXXXX XXXXXXXXX XXXxxxxxxxxxxxxXXXXXXXXXX X XXxxxxxxxxxxxxxxXXXXXX XX X Freeside Communications is also home of XXXxxxxxxxxxxxxXXXXXXXX XXXXxxxxxxxxxxXXXXXXXX X XX The DEF CON FTP site and WWW Pages XXXXXxxxxxxxxXXXXXXXXXX XX X XXXXXXxxxxxxXXXXXXXXX X DEF CON Mailing List Announcement XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON Mailing List Announcement XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX DEF CON Mailing List Announcement GREAT! I've got it done finally. After all the mis setp, etc, the mailing lists are finally up and running. DEF CON II is over and I am back in school and finally getting things in shape. Thanks to everyone who helped out!! A couple of announcements: > The con went well, even though more of you showed up than expected! I'll be ready next year. We had about 370 people, and only $200 in damage I had to pay. Not bad! [> The mailing lists are up! <] [> mail majordomo@fc.net with "subscribe dc-announce" in the body of the [> message to join the announcement list. "subscribe dc-stuff" for the [> chat list. THE FTP SITE IS MOVING to fc.net in /pub/defcon from cyberspace.com. IF YOU HAVE ANY PICTURES FROM THE CON please mail duplicates to me! I can scan them and add them on the ftp and www pages. aleph1 is maintaing the DEF CON www site now. If you can't mail them, please try to scan them and then send me the scans. If you have old DEF CON I pics, send them too, we're tring to rebuild that section too. > I have tapes of the whole convention for sale. They consist of 10(!) 90 minute tapes, $32.90 for a set. There are taken from the DAT recordings, and all by Dead Addicts speech are nice and clear. You'll remember the mess up, we re-dubbed DA's speech from a pocket recorder, so he is in mono.. but you can understand everything. > I have about 20 long sleeve white shirts left, about 1/2 old style 1/2 new style. They are three color front, two color back and $22.90 (that extra 2.90 is for postage) > If enough demand comes in for the other color shirts I will reprint them. We are starting to plan for next year, and if you would like to get involved, please mail dtangent@defcon.org. Mail stuff to: DEF CON 2709 E. Madison #102 Seattle, WA, 98112 Thanks, and see you on the list! There will be no more mailing by this list. If you want to stay up on things, please subscribe to the mailing lists. +----------------[cut 'ere]------------------------------------ metal=- +------------------------------------------------------------+ |Metalhead (612) | EFF Member | Support local musicians! | -=NORML=- | |Alliance Communications, inc. (ACi) | +1 612 251 8596 | USR HST DS 16800| |-=INFORMATION *IS* POWER=-| -=VOTE GRASSROOTS=- | -=QUESTION AUTHORITY=-| |An ancient lunatic reigns in the trees of the night... -=Jim Morrison=-| ------------------------------ Received: (from NIUCS for via BSMTP) Received: (from A01MLRV@NIUCS for MAILER@NIU via NJE) (UCLA/Mail V1.500 M-RSCS9093-9093-33); Thu, 27 Oct 94 20:13:42 CDT Received: from NIUCS by NIUCS (Mailer R2.10 ptf000) with BSMTP id 7760; Thu, 27 Oct 94 20:13:32 CDT Received: from netmgr.cso.niu.edu by vm.cso.niu.edu (IBM VM SMTP V2R2) with TCP; Thu, 27 Oct 94 20:13:26 CDT Received: from cs.utah.edu by netmgr.cso.niu.edu with SMTP id AA06033 (5.67a/IDA-1.5 for ); Thu, 27 Oct 1994 20:13:01 -0500 Received: from peruvian.cs.utah.edu by cs.utah.edu (5.65/utah-2.21-cs) id AA17355; Thu, 27 Oct 94 19:12:56 -0600 Received: by peruvian.cs.utah.edu (5.65/utah-2.15-leaf) id AA22591; Thu, 27 Oct 94 19:12:55 -0600 Message-Id: <9410280112.AA22591@peruvian.cs.utah.edu> To: tk0jut2@MVS.CSO.NIU.EDU Subject: File 6--Web version of Cu Digest, #6.93, File 1 Date: Thu, 27 Oct 94 19:12:54 MDT From: Mark Atwood I made a HTML hypertext page out of CUD 6.93 File 1. You can point your browser at http://www.cs.utah.edu/~matwood/govt-gophers.html for easy access to all the listed gopher servers. Hope this is of use. --- Mark Atwood | My school and employer have too many problems matwood@peruvian.cs.utah.edu | without being blamed for mine. PGP Fingerprint = BD 97 2A F6 74 C2 F2 CB A7 71 40 BB 4C 9D F9 8B ------------------------------ Date: Thu, 23 Oct 1994 22:51:01 CDT From: CuD Moderators Subject: File 7--Cu Digest Header Information (unchanged since 23 Oct 1994) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 In BELGIUM: Virtual Access BBS: +32.69.45.51.77 (ringdown) UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD The most recent issues of CuD can be obtained from the NIU Sociology gopher at: tk0gphr.corn.cso.niu.edu (navigate to the "acad depts;" "liberal arts;" "sociology" menus, and it'll be in CuDs. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #6.96 ************************************