Computer underground Digest Wed Oct 29, 1997 Volume 9 : Issue 78 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #9.78 (Wed, Oct 29, 1997) File 1--Sen. Lott's comments on Encryption (Cong. Record) File 2--NPR Reporter Indicted For Trading Porn on the Net File 3--Hack into Yale File 4--Mitnick Might Get Computer Use File 5--IRISS'98 Internet Research and Information for Social (fwd) File 6--Re: In "Web things to do when you're dead" (CuD 9.73) File 7--Electronic Frontier Canada opposes Internet content control File 8--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Sat, 25 Oct 1997 09:19:53 -0700 (PDT) From: Mike Godwin Subject: File 1--Sen. Lott's comments on Encryption (Cong. Record) ((MODERATORS' COMMENT: The following is taken from The Well's EFF conference. Information about The Well can be obtained at: http://www.well.com)) From the Congressional Record ---------------------------------------------------------- ENCRYPTION (Senate - October 21, 1997) ---------------------------------------------------------- [Page: S10879] Mr. LOTT. Mr. President, I would like to report to my colleagues on the activities in the House to establish a new export policy on encryption. This is an issue that is still at the top of my list of legislation I hope this Congress can resolve within the next 2 months. The House's actions last month turned a spotlight on how this issue should ultimately be resolved. Let me briefly review the issue. Encryption is a mathematical way to scramble and unscramble digital computer information during transmission and storage. The strength of encryption is a function of its size, as measured in computer bits. The more bits an encryption system has, the more difficult it is for someone else to illegally unscramble or hack into that information. Today's computer encryption systems commonly used by businesses range from 40 bits in key length to 128 bits. A good hacker, let's say a criminal or a business competitor, can readily break into a computer system safeguarded by a lower-technology 40-bit encryption system. On the other hand, the 128-bit encryption systems are much more complex and pose a significant challenge to any would-be hacker. Obviously, all of us would prefer to have the 128-bit systems. And equally as important, we would like to buy such systems from American companies. Firms we can routinely and safely do business with. Foreign companies and individuals also want to buy such systems from American companies. They admire and respect our technological expertise, and trust our business practices. The United States remains the envy of the world in terms of producing top-notch encryption and information security products. However, current regulations prohibit U.S. companies from exporting encryption systems stronger than the low-end, 40-bit systems. A few exceptions have been made for 56-bit systems. Until recently, it has been the administration's view that stronger encryption products are so inherently dangerous they should be classified at a level equal to munitions, and that the export of strong encryption must be heavily restricted. While we are restricting our own international commerce, foreign companies are now manufacturing and selling stronger, more desirable encryption systems, including the top-end 128-bit systems, anywhere in the world they want. Clearly, our policy doesn't make sense. Just as clearly, our export policies on encryption have not kept up to speed with either the ongoing changes in encryption technology or the needs and desires of foreign markets for U.S. encryption products. My intention is neither to jeopardize our national security nor harm law enforcement efforts. I believe we must give due and proper regard to the national security and law enforcement implications of any changes in our policy regarding export of encryption technology. But it is painfully obvious we must modernize our export policies on encryption technology, so that U.S. companies can participate in the world's encryption marketplace. The legislative initiative on this issue has always been about exports, but this summer that changed. During the past month, the FBI has attempted to change the debate by proposing a series of new mandatory controls on the domestic sale and use of encryption products. Let me be clear. There are currently no restrictions on the rights of Americans to use encryption to protect their personal financial or medical records or their private e-mail messages. There have never been domestic limitations, and similarly, American businesses have always been free to buy and use the strongest possible encryption to protect sensitive information from being stolen or changed. But now, the FBI proposes to change all that. The FBI wants to require that any company that produces or offers encryption security products or services guarantee immediate access to plain text information without the knowledge of the user. Their proposal would subject software companies and telecommunications providers to prison sentences for failure to guarantee immediate access to all information on the desktop computers of all Americans. That would move us into an entirely new world of surveillance, a very intrusive surveillance, where every communication by every individual can be accessed by the FBI. Where is probable cause? Why has the FBI assumed that all Americans are going to be involved in criminal activities? Where is the Constitution? And how would this proposal possibly help the FBI? According to a forthcoming book by the M.I.T. Press, of the tens of thousands of cases handled annually by the FBI, only a handful have involved encryption of any type, and even fewer involved encryption of computer data. Let's face it--despite the movies, the FBI solves its cases with good old-fashioned police work, questioning potential witnesses, gathering material evidence, and using electronic bugging or putting microphones on informants. Restricting encryption technology in the U.S. would not be very helpful to the FBI. The FBI proposal won't work. I have talked with experts in the world of software and cryptography, who have explained that the technology which would provide compliance with the FBI standard simply does not exist. The FBI proposal would force a large unfunded mandate on our high technology firms, at a time when there is no practical way to accomplish that mandate. Rather than solve problems in our export policy, this FBI proposal would create a whole new body of law and regulations restricting our domestic market. This and similar proposals would also have a serious impact on our foreign market. Overseas businesses and governments believe that the U.S. might use its keys to computer encryption systems to spy on their businesses and politicians. Most U.S. software and hardware manufacturers believe this is bad for business and that nobody will trust the security of U.S. encryption products if this current policy continues. In fact, this proposal appears to violate the European Union's data-privacy laws, and the European Commission is expected to reject it this week. So, the FBI proposal would: Invade our privacy; be of minimal use to the FBI; would require nonexistent technology; would create new administrative burdens; and would seriously damage our foreign markets. This is quite a list. Mr. President, the FBI proposal is simply wrong. I have learned that even the administration does not support this new FBI proposal. So why does the FBI believe it must now subject all Americans to more and more surveillance? This independent action by the FBI has created confusion and mixed signals which are troublesome for the Senate as it works on this legislation. Perhaps the FBI and the Justice Department need to focus immediately on a coordinated encryption position. Mr. President, I congratulate the members of the House Commerce Committee for rejecting this FBI approach by a vote margin of more than 2 to 1. I am sure all of my colleagues are sympathetic to the fact that emerging technologies create new problems for the FBI. But we must acknowledge several truths as Congress goes forward to find this new policy solution. People increasingly need strong information security through encryption and other means to protect their personal and business information. This demand will grow, and somebody will meet it. In the long term, it is clearly in our national interest that U.S. companies meet the market demand. Individuals and businesses will either obtain that protection from U.S. firms or from foreign firms. I firmly believe that all of our colleagues want American firms to successfully compete for this business. Today there are hundreds of suppliers of strong encryption in the world marketplace. Strong encryption can be easily downloaded off the Internet. Even if Congress wanted to police or eliminate encryption altogether, I am not sure that is doable. So, let's deal with reality. Clamping down on the constitutional rights of American citizens, in an attempt to limit the use of a technology, is the wrong solution. The wrong solution. This is especially true with encryption technology because it has so many beneficial purposes. It prevents hackers and espionage agents from stealing valuable information, or worse, from breaking into our own computer networks. It prevents them from disrupting our power supply, our financial markets, and our air traffic control system. This is scary--and precisely why we want this technology to be more available. Only a balanced solution is acceptable. Ultimately, Congress must empower Americans to protect their own information. Americans should not be forced to only communicate in ways that simply make it more convenient for law enforcement officials. This is not our national tradition. It is not consistent with our heritage. It should not become a new trend. Mr. President, I would like to establish a framework to resolve this difficult issue. I hope to discuss it with the chairmen and ranking members of the key committees. I especially look forward to working with the chairman of the Commerce, Science and Transportation Subcommittee on Communications, Senator Burns. He was the first to identify this issue and try to solve it legislatively. His approach on this issue has always been fair and equitable, attempting to balance industry wants with law enforcement requirements. I believe there are other possible ideas which could lead to a consensus resolution of the encryption issue. It is my hope that industry and law enforcement can come together to address these issues, not add more complexity and problems. The bill passed by the House Commerce Committee included a provision establishing a National Encryption Technology Center. It would be funded by in-kind contributions of hardware, software, and technological expertise. The National Encryption Technology Center would help the FBI stay on top of encryption and other emerging computer technologies. This is a big step. This is a big step in the right direction. It is time to build on that positive news to resolve encryption policy. Mr. President, there is an op-ed piece which appeared in the Wall Street Journal on Friday, September 26. It is well written and informative, despite the fact that its author is a good friend of mine. Mr. Jim Barksdale is the president and CEO of Netscape Communications and is well-versed in encryption technology. Mr. Barksdale's company does not make encryption products; they license such products from others. They sell Internet and business software and, as Jim has told me many times, his customers require strong encryption features and will buy those products either from us or foreign companies. Again, let's deal with reality. The credit union manager in Massachusetts, the real estate agent in Mississippi, the father writing an e-mail letter to his daughter attending a California university, each want privacy and security when using the computer. They will buy the best systems available to ensure that privacy and security. And, in just the same way, the banker in Brussels, Belgium, the rancher in Argentina, and the mother writing e-mail to her daughter in a university in Calcutta, India, each of these people also want privacy and security. They also will buy the best systems available to ensure that privacy and security. And they want encryption systems they trust--American systems. That's what this debate is about. Mr. President, if Congress does not modernize our export controls, we run the real risk of destroying the American encryption industry. And we risk giving a significant and unfair advantage to our foreign business competitors. [Page: S10881] ------------------------------ Date: Fri, 17 Oct 1997 18:19:13 GMT From: owner-cyber-liberties@aclu.org Subject: File 2--NPR Reporter Indicted For Trading Porn on the Net Cyber-liberties Update NPR Reporter Indicted For Trading Porn on the Net While Researching Story A veteran reporter for National Public Radio, who says he was engaged in lawful newsgathering activities, was indicted in late August by a federal grand jury for allegedly receiving and sending child pornography through the Internet, Jane Kirtley, Executive Director of the Reporters Committee for Freedom of the Press (RCFP) said. Larry Matthews pleaded not guilty to nine felony counts of possession of child pornography and six counts of distribution of such material in federal District Court in Maryland, saying that he was using the material as research for a freelance story on child pornography on the Internet. Matthews had reported three stories on the issue prior to his indictment, Kirtley said. "This is exactly the type of action we predicted would happen when Senator Hatch moved to pass the Child Pornography Prevention Act (CPPA) which amended the Privacy Protection Act of 1980. The new law removes exemptions that protected journalists from federal search and seizures and creates an overbroad definition of pornography," she said. "The amendment was unnecessary since child pornography is already illegal and the amendment leads to the overzealous persecution of journalists engaged in protected newsgathering activities," Kirtley said. The ACLU along with other week free-speech advocates recently filed an appeal before the Court of Appeals in the Ninth Circuit to another decision which upheld the CPPA as constitutional. The suit is a pre-enforcement challenge to the law and claims it is unconstitutional because it criminalizes the publication or transmission of non-obscene images that "appear" to portray children involved in sexual acts. The law applies to computer-generated images, morphed images, films and drawings, and bans any depiction that "is, or appears to be, of a minor engaged in sexually explicit conduct." +++++++++++++++++ About Cyber-Liberties Update: ACLU Cyber-Liberties Update Editor: Cassidy Sehgal (Cassidy_Sehgal@aclu.org) American Civil Liberties Union National Office 125 Broad Street, New York, New York 10004 To subscribe to the ACLU Cyber-Liberties Update, send a message to majordomo@aclu.org with "subscribe Cyber-Liberties" in the body of your message. To terminate your subscription, send a message to majordomo@aclu.org with "unsubscribe Cyber-Liberties" in the body. ------------------------------ Date: Sun, 19 Oct 1997 21:16:13 -0500 (CDT) From: Avi Bass Subject: File 3--Hack into Yale Hacker breaks into Yale e-mail By Jeff Herzog, The Yale Daily News, Oct. 16, 1997 Although no students realized it, Yale's computers were under attack Tuesday. A computer hacker "attacked" one of Yale's main e-mail account servers under the nose of Information and Technology Service officials. ITS staff detected a breach of the Pantheon login server as the attacker aimed to capture passwords and login names, ITS officials said. "The primary purpose of the attack was to use Yale as an attack point for other sites," Director of Academic Computing Services Philip Long said. As a result of the security breech, ITS required all pantheon users to change their account passwords. "We don't have evidence of damage or tampering with accounts, but we think it's important for students to change their security passwords as a precaution," Long said. ITS administrators said they believe that the hacker used a "sniffer," a rogue program designed to capture undetected all login names and passwords. As to the extent of damage the hacker caused, Long added, "We don't have evidence of small or wide spread compromise of accounts." ------------------------------ Date: Sun, 12 Oct 1997 16:14:45 -0400 From: "Evian S. Sim" Subject: File 4--Mitnick Might Get Computer Use Valley Focus North Hills Alleged Hacker May Get Use of Computer Los Angeles Times (LT) FRIDAY October 10, 1997 By: ASSOCIATED PRESS Edition: Valley Edition Section: Metro Page: 3 Pt. B Story Type: Column; Brief; Wire Word Count: 312 A federal judge may allow Kevin Mitnick use of a computer to help him defend himself against computer and wire fraud charges. U.S. District Judge Mariana Pfaelzer earlier had vowed to keep Mitnick away from computers, but she seemed to back away from that edict after listening to lawyers' arguments Wednesday. Mitnick, who grew up in the Valley and began his electronic obsession by breaking into Los Angeles Unified School District computers while a student at Monroe High School in North Hills, was on parole for other computer-related convictions when he allegedly went on a three-year hacking spree in 1992. He has been in prison since he was arrested in 1995. Pfaelzer set an April 14 trial on 25 counts of computer and wire fraud, possessing unlawful access devices, damaging computers and intercepting electronic messages. Mitnick has pleaded not guilty to those charges. If convicted, he could face another five to 10 years in prison. Assistant U.S. Attorney David Schindler said that if all the documents were printed it would fill up a space larger than the courtroom. Pfaelzer seemed to warm to the notion that Mitnick have access to a laptop computer, and she told both sides to confer on how Mitnick could best view the evidence against him. Mitnick has been in jail since he was arrested in February 1995 in Raleigh, N.C., after an investigation and cross-country manhunt ended in a trap sprung by Tsutomo Shimomura, an expert in computer security. Copyright (c) 1997, Times Mirror Company ------------------------------ Date: 97-10-19 14:59:13 EDT From: John.Kirriemuir@bristol.ac.uk (John Kirriemuir) Subject: File 5--IRISS'98 Internet Research and Information for Social (fwd) 1st call for delegates for IRISS and 2nd call for abstracts for IRISS IRISS'98 Internet Research and Information for Social Scientists 25-27 March 1998 University of Bristol, UK http://www.sosig.ac.uk/iriss/ email: iriss-info@bris.ac.uk A three day conference hosted by the Institute for Learning and Research Technology at the University of Bristol. The first international IRISS conference aims to bring together social scentists who are interested in the Internet, either as a means of supporting and enhancing their work, or as a focus for their research. ***CONFERENCE THEMES*** The themes of this year's conference are Internet skills, sites and social effects. The conference aims to reflect the practical and theoretical questions raised by the increasing role of networked information in the social sciences and society. Topics for debate include: * how can social scientists make effective use of the Internet in their work? * where and how are social scientists using the Internet to enhance their work and what effect is it having on traditional roles and working methods? * what high quality information can the Internet supply to social scientists? * what impact does the Internet have on individuals and society and what visions do we have for the future? ***ATTENDING IRISS AS A DELEGATE*** This is the first call for delegates for IRISS. Confirmed, to date, for the conference are: * several high-profile keynote speakers * a large variety of papers and presentations, covering all of the conference themes, and presented by speakers from a combination of academic, commercial, public and social/voluntary organisations * pre and during conference hands-on workshops, in fully networked rooms and conducted by experienced Internet for Social Scientist trainers * the main conference dinner, held in the prestigious Harveys Restaurant and Museum - see: http://www.sosig.ac.uk/iriss/harveys.html Bristol is a city in the west of England; it is served by an international airport, located 11 miles south of the city. The city has two major train stations, with frequent train services to London (in under 2 hours) and other cities. South Wales is a few minutes away by train or car, and the scenic areas of the Cotswolds, Cornwall and Devon are all easily accessible, as are attractions such as the city of Bath, Stonehenge and Avebury. Bristol itself is a thriving cosmopolitan city, with a very lively social and cultural scene. The city has many famous sites of interest, such as the Clifton suspension bridge and the S.S. Great Britain, which are within a short distance of the conference location and accomodation. Various on-line guides to Bristol include: http://www.epost.co.uk/standards/bestofbris.html http://www.bristol.digitalcity.org/org/council/about-bristol.html A reduction is available to all delegates registering before 19 December 1997. Further details on booking can be found on the IRISS Web site. ***CALL FOR PAPERS*** We invite papers and participation from: * practitioners in the field who use the Internet to support their day to day work * researchers using Internet information and communication in their research * librarians developing their Internet knowledge and skills to serve a social science user group * educators interested in using the Internet for teaching and learning * information providers who publish on the Internet and wish to reach the social science community In addition to concurrent paper and workshop sessions the conference will feature an ongoing poster session and a dedicated Internet Gallery in a fully networked environment enabling contributors to display high quality Internet resources. ***HOW TO CONTRIBUTE*** If you are interested in submitting a paper, joining the Internet Gallery or ongoing poster session, visit our Web site at: http://www.sosig.ac.uk/iriss/ for conference information together with online booking and submission forms. The Web site will be updated frequently as information becomes available and will include full programme details and abstracts. The deadline for the submission of abstracts is 7 November 1997. ***CONFERENCE FEE*** Delegates presenting papers will pay a reduced conference fee. A reduction will also be available to all delegates registering before 19 December 1997. Full details are available from the Web site. ***HOST A MEETING AT IRISS*** Would your organisation or professional association like to host a meeting at IRISS? We can provide free meeting rooms and refreshments for groups booking to attend the conference. Special discounts are available to groups of 10 or more. For further information contact the Conference Secretary at: iriss-info@bris.ac.uk General conference enquiries should be directed to: IRISS Conference Secretariat Institute for Learning and Research Technology University of Bristol 8 Woodland Road BRISTOL BS8 1TN, UK Tel: +44 (0)117 928 8474 Fax: +44 (0)117 928 8473 Email: iriss-info@bris.ac.uk IRISS Web site: http://www.sosig.ac.uk/iriss/ ------------------------------ Date: Mon, 13 Oct 97 11:01:45 MDT From: Dave++ Ljung Subject: File 6--Re: In "Web things to do when you're dead" (CuD 9.73) I couldn't help but comment on this: |Things to Do on the Web When You're Dead | by David Blatner | | ... But I wonder how many people's sites are simply being "turned off" | when they no longer have a voice (or a checkbook) to sustain them? I like how you sneaked in that bit about the checkbook. That comment seems to imply that a web presence should be free. I fear a society where people not only don't have to work to supply themselves with food and shelter, but they have a 'right' to a home page? Frightening. Who exactly would pay for such a society? -------------------------------------------------- |From--The Old Bear |Subject--Spam Analysis | | 3. the apparent evolution of a subset of standard English | punctuation which might be called 'spammese'. Excellent catch on the exclamation point. I've been filtering my mailbox for spam as well - and I've found that the To, From and Subject fields can often give away spam - part of my filter searches for: From:.*(success|money|mailbot) To:.*(free@|you@|success|nobody@|friend@|money|askme|prices) Subject:.*(18\+|Pix|Hot.*Website|Adult.*Video) I only hit normal email (normail? ;) once with these regexps, and only because I screwed up and used 18+ instead of 18\+. I find that false positives aren't a problem because procmail saves off guessed SPAM and sends a reply explaining that the message was recognized as spam and gives contact instructions if this is a mistake. Not once has a spammer used my contact instructions to get spam to me. -------------------------------------------------- |From--Jonathan Wallace |Subject--File 9--THE X-STOP FILES: The Truth Isn't Out There | | So another censorware product has been found to secretly been |blacklisting gay and lesbian material, anti-censorship sites, feminist... I fully agree with your analysis that censorware doesn't work and will probably never work well. I am however concerned that we are pointing out the impracticalities of one of the concepts we used to our defense against censorship of the entire net. So - to play Devil's Advocate for a moment, let's say you have children that you want to use the computer, but you really don't want them to access pornography when you're not looking. Sure - you could tell them to be a better parent, but my parents were great and I would've been up until two in the morning finding out what the female body looks like if we had the net when I was a kid :) Disregarding the discussion over whether or not we should allow our kids to look at such material, let's just assume: 1) Parents have the right to decide their kids shouldn't view such material 2) Kids will try to view such material regardless of what they are taught 3) Just keeping these kids off the net isn't necessarily fair. Whether or not it's true isn't as important, because a huge amount of the population believes that it's true and will fight for it strongly. So what solution do we give these people? Right now they have none, except to watch their children every moment they are on the computer. Can we find a solution? One possibility I came up with was creating a 'safeweb'. Safeweb would be similar to self-rating, but instead of deciding what category a page would fit into (a difficult thing to do), there would only be one 'rating' - that a page was deemed 'safe' - or at least innocuous. What would determine 'safe'? Well - it's not as big of an issue anymore, because it's not really an issue of censorship - you could have a democratic majority decision on an easy to follow set of standards for safe. You wouldn't have to worry about whether or not different levels of nudity or 'language' would be included, you could just not include any of it. I know there can be nitpicking here, i.e., are greek statues considered nudity, and so forth, but I don't think that flaws the idea. So the beauty of it is the end result, not the idea itself. You end up having a web with a small percentage of which is deemed safe (in the Barney sense :). Then parents can set the browser to view safe material only, much like censorware. The beauty is that suddenly the parents see what they are limiting their children to by trying to censor any material that might have nudity or 'dirty words' in it, for golly's sake ;) Then it's up to the parents to decide if they want their children to be limited by their own decisions. One could argue that point #1 above is illegitimate, that we should stop these parents from limiting their children's growth, but then again, I don't think there's much you can do to help children whose parents will only let them on BarneyWeb. But finally we'd have an answer for the fundamentalists. Any thoughts? Dave Ljung ------------------------------ Date: Fri, 17 Oct 1997 13:42:16 -0400 From: Paul Kneisel Subject: File 7--Electronic Frontier Canada opposes Internet content control Electronic Frontier Canada says the Canadian Human Rights Commission should not attempt to control Internet content ELECTRONIC FRONTIER CANADA (EFC) --- PRESS RELEASE (For immediate release --- Thursday, October 16, 1997) Electronic Frontier Canada (EFC), Canada's premier organization devoted to the protection of freedom of expression in cyberspace, is opposed to the Canadian Human Rights Commission's current attempt to control the flow of information on the Internet. In a series of hearings that began in Toronto on October 14th, a Human Rights Tribunal will attempt to decide if a California web site spreading Ernst Zundel's hateful messages is a discriminatory practice that falls under the jurisdiction and within the scope of the Canadian Human Rights Act. EFC's opposition to the Commission's agenda should not be interpreted as support for Zundel. Like the vast majority of Canadians, EFC finds Zundel's anti-Semitic views ludicrous, grotesque, and offensive. However, in the words of Oliver Wendell Holmes, EFC believes that free speech means "freedom for the thought that we hate." EFC believes the expression of controversial opinions, no matter how erroneous or repugnant, should be protected from government censorship by the Charter of Rights and Freedoms. "Of course, this doesn't mean that all speech is protected," says David Jones, EFC's president and a professor of computer science at McMaster University. "The Charter does not, for example, protect fraud, libel, or death threats, whether over the Internet or not." "Expressions of opinion, and even claiming that the Holocaust is a hoax," adds EFC vice-president Jeffrey Shallit, "should be protected." EFC favours the repeal of all Canadian laws restricting hate speech. "Laws intended to restrict 'bad' speech are often too broadly written, and have the potential to restrict genuine debate," explains Shallit, who is a computer science professor at the University of Waterloo. "Let's not forget that the Communications Decency Act was recently found to be unconstitutional by the U.S. Supreme Court," he says, "in part because it did not distinguish between 'obscene' speech and speech that was merely 'indecent'." "I'm sure if the Commission thought it could prove that the Zundelsite fell within the legal definition of 'hate propaganda', as defined in sections 319 and 320 of the Criminal Code," says Jones, "then this would be a criminal proceedings." "Instead," continues Jones, "the worst this Tribunal can decide is that publishing the web site is a 'discriminatory practice' under the Canadian Human Rights Act, that 'exposes people to hatred or contempt'." "It's a broader and more flexible legal concept, and the standard of proof is not as rigourous because the penalty that can be imposed is less severe." "But on the other hand," says Jones, "if the Tribunal issues a cease-and-desist order and the web pages do not go away, Zundel might be jailed for contempt." "I question whether it is a distortion of the judicial process, considering the eventual outcome may be the same, to allow the Commission to attempt to do through the back door what they could not possibly hope to achieve through the front door," says Jones. This is not about technology, not about jurisdiction, not about regulating the Internet, and not about setting legal precedents," asserted Bernie Farber of the Canadian Jewish Congress during a recently televised debate on CBC Newsworld. "This is about punishing Ernst Zundel," he said. "I'm sure some people would like to skip the hearing and go straight to the punishment," says Jones, "but the details really do matter in this case. This hearing is all about whether a government department can re-interpret an old law to give itself sweeping new regulatory powers over the Internet." Section 13(1) of the Canadian Human Rights Act was introduced by Parliament to control hateful messages on telephone answering machines. "It is too crude an analogy to suggest that a collection of Internet web pages is the same thing as an answering machine," says Jones. "The whole context and inter-connectedness of the web and the way people interact with and navigate through the medium are different in important and significant ways." "If Canadians want content on the Internet to be controlled by the government, then what we need is a broad national debate to decide where we want to draw the line," suggests Shallit. "Dusting off old pieces of legislation and misapplying them to this new communication medium is not the way for Canadians to step into the 21st century." EFC acknowledges that Canadians need effective strategies for dealing with controversial or hateful speech, but EFC's position is that the proper remedy for racist speech is not less speech, but more speech. EFC gives high praise to hard-working community organizations like Ken McVay's Nizkor Project, which maintains a huge electronic archive of material devoted to preserving the history of the Holocaust and dedicated to the memory of all who died at the hands of the Nazis. "Instead of banishing the hatemongers to the shadows, or making them martyrs by giving them an expensive show trial," says Shallit, "the Nizkor Project shines the intense light of public scrutiny on people like Zundel and exposes their deceptive messages for what they are - warts and all. It is an approach that really works." Another notable web site, run by the McGill Hillel student organization to support the Jewish student community, provides one of the most extensive lists of hyperlinks to hate web sites ever compiled. There purpose, of course, is not to promote hatred, but to educate people about its enduring presence in society. "Electronic Frontier Canada is pleased to announce donations to both the Nizkor Project and McGill Hillel Student Centre," said EFC president David Jones, "to encourage them to continue their efforts in dealing with hateful content on the Internet. In our view, theirs is the only approach that has had any significant success." "At the end of the day," says Jones, "no matter what the Tribunal decides, the Canadian government cannot possibly hope to control the flow of information on the Net." "Sure, they can go ahead and lock Zundel behind bars, if they decide the law allows it," concedes Jones, "but once the information is on the Net, it's not going to disappear." ---------------------------------------------------- EFC Contact Information: Electronic Frontier Canada Dr. David Jones, djones@efc.ca phone: (905) 525-9140 ext. 24689, fax: (905) 546-9995 Dr. Jeffrey Shallit, shallit@efc.ca phone: (519) 888-4804, fax: (519) 885-1208 Dr. Richard Rosenberg, rosen@efc.ca phone: (604) 822-4142, fax: (604) 822-5485 Electronic Frontier Canada's, online archives: URL: http://www.efc.ca ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File 8--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #9.78 ************************************