TELECOM Moderator <telecom@eecs.nwu.edu> (06/15/91)
The Len Rose saga came to an end this past week when a federal judge considered the circumstances involved and chose to impose punishment by placing Len in the custody of the Attorney General of the United States, or his authorized representative for a period of one year. As in all such cases where the court finds the defendant poses no immediate danger to the community, Len was given a one month period from the imposition of punishment to get his personal affairs in order before beginning his sentence. At some point in time between now and July 10 mutually convenient to Len, his attorney and the government, Len will surrender to the United States Marshall, and be escorted to the penitentiary. As the first order of business at the penitentiary receiving room, he'll be required to submit to a complete strip-search accompanied by a rather indelicate probing to insure that he does not have in his possession any drugs; weapons with which he might harm himself, the staff or other inmates; or other contraband. He'll surrender his identity completely: driver's license, credit cards, social security card -- anything which identifies Len Rose as Len Rose will be taken from him and returned when he is released. For the time he is incarcerated, he will be a number stamped on the uniform he is given to wear. Or, he may be in a minimum security institution and be permitted to wear his 'street clothes', but without a shred of ID in his wallet. His ID will be his prison serial number. But there will still be the initial and occassional thereafter strip search and urine test on demand. Len's wife, who barely speaks English will be left alone to fend for herself for several months. She'll raise the two children the best she can, on whatever money she has available to her. It won't be easy, but then, it wasn't easy when Len was locked up before for a week in the Dupage Jail in Wheaton, IL while the state charges were pending here. Speaking of the kids, I wonder if Len has explained all this to them yet. I wonder if they know, or are old enough to understand their dad is going to prison, and why ... When Len is released, he'll be 'allowed to' carry the tag "ex-con" with him when he applies for work and tries to make new friends. One part of his punishment is that in the future he must reveal his status to prospective employers. Needless to say, the Internal Revenue Service and the Justice Department trade files all the time ... so Len will want to be super-honest on his federal taxes in the future, since he can probably expect to be audited once or twice in the first five years or so following his release. I wonder if it was all worth it ... if Len had it to do over again if he would do the same things he did before, or if he might consider the consequences more carefully. Despite the intensive crackdown we have seen by the federal government in the past few years against 'white collar' and computer crime, there are still those folks around who either (a) don't think it applies to them, or (b) don't think they will get caught, or (c) don't understand what the big fuss is all about in the first place. If you don't think (c) is still possible, consider the recent thread in comp.org.eff.talk -- yes, I know, *where else* !! -- on the student who got suspended from school for two quarters after downloading and distributing the system password file on the machine he had been entrusted to use. The fact that the debate could go on endlessly for message after message actually questioning what, if anything the chap did wrong tells us plenty about the mentality and 'social respsonsi- bility' of EFF devotees, but that is a whole new topic in itself. The point is, some of us are simply getting very tired of the break-ins, the fraudulent messages, the fact that in order to telnet to a different site we can no longer do so direct from dialup servers without a lot of rig-a-ma-role because computer (ab)users have stolen all the trust which used to exist between sites, and the increasing scarcity of 'guest' accounts on various sites because the sysadmins are tired of being eaten alive with fraudulent and destructive usage. Users had better wise up to one fact: the federal government is going to continue to crack down on abusers of the net and this media. And please, none of your hysterical freedom of speech arguments in my mail, thank you. No one gives an iota what you write about, but when you get your hands in the password file, rip off root or wheel accounts, run programs deceptive to other users designed to rip off their accounts also and generally behave like a two-bit burglar or con-artist, expect to get treated like one when you get caught. And you *will* get caught. Then you can go sit and commiserate with Len Rose. If Len Rose has half the brain I think he has, he will come out of the penitentiary a better person than when he went in. The penitentiary can be, and frequently is a therapeutic experience, at least for the people who think about what it was that caused them to get there in the first place. I feel very sorry about what has happened to Len Rose. I feel worse about the circumstances his wife and children are in. But the socially irresponsible behavior (which some people who call themselves 'socially responsible' seem to condone or wink at) has to stop. Now. A US Attorney involved in prosecuting computer crime once said, "users need an example when they log in of what to expect when they screw up while on line ..." Indeed we do ... and Len Rose will serve as such. And a knowledgeable sysadmin who is quietly cooperating with the government tells me a federal grand jury is <thisclose> to returning another cycle of indictments. Need I say more? So Len, *was* it all worth it? Patrick Townson
John_Richard_Bruni@cup.portal.com (06/15/91)
Pat, I grant you all of what you said in your preface to the Len Rose topics, yet I still wonder. As a journalist I keep coming across references to computer fraud totalling somewhere between $2 BILLION to $20 billion a year. There must be some fire to all this smoke. Yes, the hackers make life more problematical for those who like (as I do) open exchange of information on the computer nets. The security requirements are a hassle. But in the course of researching a novel that has hackers in it, it slowly came to me that the real troublemakers are much more deeply buried in the system. I know of 'Phone Phreaks' who have written themselves into the system since ESS-4 came out. These guys are not just hacking the phone company, they are so far into to it that for all intents and purposes they *ARE* the phone company. Darksiders like these make hackers look like small fry ... which for the most part they are. I still think Cal Tech and MIT oughta get the good hackers and make them into useful members of society. Universities do a much better job of that on smart people than jails do. Put the moles in jail, if you can find 'em. Most of them probably have Swiss bank accounts by now and have retired to the Riviera. That's my two cents worth, and I know it's controversial. But I was forced to decide what I thought of all this when, in the course of researching my book, I made friends with both hackers and 'trackers.' That's all, folks!
TK0JUT1@mvs.cso.niu.edu (06/15/91)
The Moderator's comments in TELECOM Digest #453 giving his view of the
Len Rose sentencing are disingenuous. After some moralizing about Len,
the Moderator leaps to examples of hackers and other intruders, then
adduces these examples as justification for Len's sentencing. Len
*WAS NOT* busted for hacking, but for possession of AT&T source code
and for sending it across state lines. Check the evidence and charges.
He did not send this stuff to a "hacker" in Illinois. Rich Andrews,
the Illinois recipient, was not accused of hacking. Two programs,
including login.c were sent to {Phrack}, but the {Phrack} editor was
never accused of being, nor is there any evidence that he ever was, a
hacker. And, contrary to another post in the same issue of TCD, there
is no evidence that the programs Len possessed or sent were ever used
in criminal activity.
Both public and non-public court records and documents indicate that
the issue was explicitly one of unauthorized possession of proprietary
software. Counter-assertions by Len's critics will not change this.
There is little disagreement that Len may have acted unwisely. The
question is whether his actions justify a prison sentence, and to my
mind the answer is an emphatic *NO!*.
It is absurd to imply that somehow Len failed to learn from a
"crackdown." The case was the beginning of the so-called "crackdowns,"
and his actions are no more a message to "hackers" and "phreaks" than
double-parking tickets are to auto thieves.
There are six levels of prisons in the federal system, with level-1
being the most minimum of the bunch. Len will most likely be sentenced
to one of these as a first-time, minor, non-violent offender. But,
despite the term "country club prison," there is no such thing as an
easy-time prison. Contrary to the Moderator's comment, prisons are
rarely "therapeutic" places. I've been in and around them since 1980,
and the number of offenders coming out the better because of their
prison experience are few.
Len's ten month stay and subsequent probation period will cost the
tax-payers upwards of $30,000. There are alternatives to incarceration
that are less costly while simultaneously serving the ends of the need
for sanctions. Even if we assume that Len is guilty of all the charges
invented by his critics, his incarceration is simply not worth it for
society.
To answer the Moderator's question about whether "it was worth it:"
No, an unjust sentence never is. Nor is anything served by
exaggeration and hyperbole that, in this case, attempts to claim
otherwise.
Jim Thomas Sociology / Criminal Justice Northern Illinois University
[Moderator's Note: Jim Thomas is one of the Moderators of Computer
Underground Digest, a mailing list on the internet with roots going
back to 'hacker' discussions in TELECOM Digest in the past. PAT]Mark Brown <mbrown@testsys.austin.ibm.com> (06/15/91)
Patrick: Yes, Len Rose deserves jail, based upon what I know. > The fact that the debate could go on endlessly for > message after message actually questioning what, if anything the chap > did wrong tells us plenty about the mentality and 'social respsonsi- > bility' of EFF devotees, but that is a whole new topic in itself. There is no cause so right that one cannot find a fool who believes in it. I respectfully submit that you are way off base here. Cheers, DISCLAIMER: My views may be, and often are, independent of IBM official policy. Mark Brown IBM PSP Austin, TX. (512) 823-3741 VNET: MBROWN@AUSVMQ MAIL: mbrown@testsys.austin.ibm.com
Mike Godwin <mnemonic@eff.org> (06/15/91)
I have to say that in all the postings I have ever seen Pat Townson write, his posting about Len Rose is the most shameful and morally indefensible. I find it incredibly ironic that Townson, after all this time, seems to have so little sense of what Len Rose actually *did* and of what he didn't do. Let's detail some of Pat's many, many factual and moral errors: In article <telecom11.453.1@eecs.nwu.edu> telecom@eecs.nwu.edu (TELECOM Moderator) writes: > The Len Rose saga came to an end this past week when a federal judge > considered the circumstances involved and chose to impose punishment > by placing Len in the custody of the Attorney General of the United > States, or his authorized representative for a period of one year. The judge didn't decide to give Rose a year in prison. That was a product of the plea agreement between the government and Rose's attorney. > Speaking of the kids, I wonder if Len has explained all this to them > yet. I wonder if they know, or are old enough to understand their dad > is going to prison, and why ... "Dear children, "Your father is going to prison because he possessed and transmitted unlicensed source code. Hundreds of other Unix consultants have done the same thing, but I was targeted because I wrote an article for {Phrack Magazine} about how to modify login.c for hacking purposes, and that article, while never published, was found in a search of Craig Neidorf's room. The prosecutor and the phone company tried to put Neidorf into prison, but when their distortions came to light they dropped the case. They searched my system for the same E911 document, but when they didn't find it, they decided to find something else to prosecute me for -- namely, the unlicensed Unix source code. "Children, lots of people, including Patrick Townson, will call me a hacker and say I got convicted because of breakins into other people's computers. Patrick Townson lies if he says this. I never broke in to anyone's computer. I was always given access to systems by sysadmins who were authorized to give me that access. "My children, as I spend that time in prison, be aware that some people will, without shame, distort the facts of my case in order to use me as a cheap moral lesson. If you must hate them, don't hate them because of what they say, but because they have chosen to be hypocritical. Hate them because they have friends who possess unlicensed source code, but they've never reported those friends to the U.S. Attorney. Hate them because they make blanket condemnations without bothering to learn the facts." > I wonder if it was all worth it ... if Len had it to do over again if > he would do the same things he did before, or if he might consider the > consequences more carefully. Have you asked this question of all Unix consultants who possess unlicensed source code, Pat? No, I didn't think so. > If you don't think (c) is still possible, consider the recent thread > in comp.org.eff.talk -- yes, I know, *where else* !! -- on the student > who got suspended from school for two quarters after downloading and > distributing the system password file on the machine he had been > entrusted to use. The fact that the debate could go on endlessly for > message after message actually questioning what, if anything the chap > did wrong tells us plenty about the mentality and 'social respsonsi- > bility' of EFF devotees, but that is a whole new topic in itself. This is a particularly contemptible slam at EFF, which is as concerned with your rights as it is of those who are self-proclaimed hackers. EFF has never approved of unauthorized computer intrusion, and we have never doubted that the Georgia student who distributed the password file was wrong to do so. Pat, up until this point, I regarded you as something of a friend. I've spoken to you on the phone, asked for your help, and been willing to offer mine. But this whole paragraph about "EFF devotees" convinces me that you really have no moral center, and no ability to distinguish between what some people write and what other people believe. I would never dream of attributing every opinion posted in your newsgroup to "comp.dcom.telecom devotees." Of course, that's because I actually consider the moral consequences of labelling people. > The point is, some of us are simply getting very tired of the > break-ins, the fraudulent messages, the fact that in order to telnet > to a different site we can no longer do so direct from dialup servers > without a lot of rig-a-ma-role because computer (ab)users have stolen > all the trust which used to exist between sites, and the increasing > scarcity of 'guest' accounts on various sites because the sysadmins > are tired of being eaten alive with fraudulent and destructive usage. Len Rose never did a breakin, and never took any action that limited the use of telnet or guest accounts. Neither has EFF. > Users had better wise up to one fact: the federal government is going > to continue to crack down on abusers of the net and this media. And > please, none of your hysterical freedom of speech arguments in my > mail, thank you. No one gives an iota what you write about, but when > you get your hands in the password file, rip off root or wheel > accounts, run programs deceptive to other users designed to rip off > their accounts also and generally behave like a two-bit burglar or > con-artist, expect to get treated like one when you get caught. Who is the "you" in this paragraph, Pat? EFF? You were just talking about EFF. Has anyone at EFF *ever* said that "freedom of speech" encompasses breakins? No. It is your contemptible distortion to attribute that view to us. > And you *will* get caught. Then you can go sit and commiserate with > Len Rose. If Len Rose has half the brain I think he has, he will > come out of the penitentiary a better person than when he went in. > The penitentiary can be, and frequently is a therapeutic experience, > at least for the people who think about what it was that caused them > to get there in the first place. What do you think caused Len Rose to get there, Pat? > I feel very sorry about what has happened to Len Rose. This seems two-faced after you've spent a whole posting gloating about it. > I feel worse about the circumstances his wife and children are in. > But the socially irresponsible behavior (which some people who call > themselves 'socially responsible' seem to condone or wink at) has to > stop. Now. First of all, there is no statute outlawing "social irresponsibility." If there were, you would have committed a felony with your distortions in this posting. > A US Attorney involved in prosecuting computer crime once said, "users > need an example when they log in of what to expect when they screw up > while on line ..." Indeed we do ... and Len Rose will serve as such. Is the U.S. Attorney Bill Cook, Pat? The AUSA who cost Craig Neidorf $100,000 because he didn't know that the E911 document was not a program, and that the information in it was publicly available and not a trade secret? Bill Cook has never been held accountable for what he did to Craig Neidorf. > And a knowledgeable sysadmin who is quietly cooperating with the > government tells me a federal grand jury is <thisclose> to returning > another cycle of indictments. Need I say more? Yes, you need to say more. This time around there are forces in the community that, unlike you, will act to keep both the government and the phone companies honest. > So Len, *was* it all worth it? Len no doubt thanks you for the charity you have shown him in kicking him when he is down. Was it worth it, Pat, to take still another slam at Len, and to alienate people who are working to preserve *your* rights in the process? Mike Godwin, mnemonic@eff.org (617) 864-1550 EFF, Cambridge, MA
jyoull@cis.ohio-state.edu> (06/15/91)
In article <telecom11.453.1@eecs.nwu.edu> telecom@eecs.nwu.edu (TELECOM Moderator) writes: > The Len Rose saga came to an end this past week when a federal judge [etc...]> [... discussion of impoverished wife, kids] > Users had better wise up to one fact: the federal government is going Oh, thank God. I feel much better knowing that the feds are going to continue their wholly uninformed pursuit of people committing crimes the feds don't even understand. Maybe you have forgotten Steve Jackson Games. I haven't. > to continue to crack down on abusers of the net and this media. And > please, none of your hysterical freedom of speech arguments in my > mail, thank you. None here. > And you *will* get caught. Then you can go sit and commiserate with > Len Rose. If Len Rose has half the brain I think he has, he will come > out of the penitentiary a better person than when he went in. The > penitentiary can be, and frequently is a therapeutic experience, at ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Bull!!!!!!!!!! Male-male gang rape can *LEAD* to therapy, is maybe what you mean here... > least for the people who think about what it was that caused them to > get there in the first place. > I feel very sorry about what has happened to Len Rose. I feel worse > about the circumstances his wife and children are in. But the > socially irresponsible behavior (which some people who call themselves > 'socially responsible' seem to condone or wink at) has to stop. Now. > And a knowledgeable sysadmin who is quietly cooperating with the > government tells me a federal grand jury is <thisclose> to returning > another cycle of indictments. Need I say more? Yeah, you might mention that the grand juries generally haven't the slightest idea what a computer is, let alone a computer-oriented crime. I'm not invoking any of the free-speech or other arguments and don't intend to, but when law enforcement makes a mockery of justice as it has in many, many computer-crime cases, and when we see corporations inflate their alleged losses by factors of a hundred or a thousand, then something is terribly wrong, and simply focusing on the vicious pursuit of real or alleged criminals just serves to draw attention away from the very real problems caused by runaway egos of prosecutors. If I had to analyze the nerds who come up with the loss figures, I'd say they're trying for a big number to please their superiors and to gain fame . A two million dollar crime that you stopped looks a hell of a lot better than a $200 crime. People who are not computer- literate will generally believe what they're told by "experts". (Well, true of any field). > So Len, *was* it all worth it? Your compassion for your fellow man overwhelms me. Sure, Higdon goes after an outfit that makes its *entire profit* entrapping and prosecuting people who may not have committed a crime at all (anyone who has access to a telephone and incorrect information can dial a 950- number, for cryin' out loud). Shows that they are rude, incompetent. I see a direct parallel in the prosecution and entrapment of people in the current "crackdown" on computer crime. It's a government fad and in its wake are going to be a lot of innocent victims, and I'm not just talking about wives and children. Disclaimer: Messages originating from this address are mechanically generated. Management assumes no responsibility for the contents thereof. Jim Youll, aka jyoull@andy.bgsu.edu, 419/354-2110
Clint Fleckenstein <fleckens@plains.nodak.edu> (06/16/91)
Sorry to ask a stupid question, but what did he do? :) It's been a while. I got in a lot of trouble on the net myself back in 1987, and got bounced out of school. Clint Fleckenstein DoD #5150 fleckens@plains.nodak.edu [Moderator's Note: What Len Rose was *convicted* of doing was being in possession of AT&T computer source code illegally, and transporting the code across state lines. And Al Capone was sent to prison for failure to pay his income tax. Would you care to discuss your case with us here? Thanks to all who wrote me on this issue; I've got more articles in the queue to continue this thread tomorrow, and will summarize a rebuttal of my own, also probably tomorrow space permitting. PAT]
peterson@ti-csl.csc.ti.com> (06/16/91)
telecom@eecs.nwu.edu (TELECOM Moderator) writes: > The fact that the debate could go on endlessly for > message after message actually questioning what, if anything the chap > did wrong tells us plenty about the mentality and 'social respsonsi- > bility' of EFF devotees, but that is a whole new topic in itself. I find your sweeping generalization and condemnation of those who support the EFF's goals unfortunate and inappropriate. Participantion in comp.org.eff.talk newsgroup discussion does not in any way imply those individuals are "EFF devotees." Using such postings to infer "... the mentality and 'social responsibility'" of EFF supports seems irresponsible and, basically, a cheap shot. Bob Peterson Waffle BBS: peterson@zgbbs.csc.ti.com P.O. Box 861686 Internet: peterson@csc.ti.com TelCo: 214/995-6080 days Plano, Tx USA 75086 24 hour BBS: 214/596-3720 @ 1200, 2400, 9600 (HST & V.32)
"Owen M. Hartnett" <omh@cs.brown.edu> (06/16/91)
In article <telecom11.453.1@eecs.nwu.edu> telecom@eecs.nwu.edu (TELECOM Moderator) writes: (in a very fine article) > When Len is released, he'll be 'allowed to' carry the tag "ex-con" > with him when he applies for work and tries to make new friends. One > part of his punishment is that in the future he must reveal his status > to prospective employers. Something about the above bothers me, from a legal standpoint. Wasn't there a movement quite a few years ago that said, in effect, that since ex-cons have little chance of employment once they've told their prospective bosses that they're ex-cons, that requirements to do so were being mitigated, so that they would stand a better chance of rehabilitating once they got out? This seems probably the most harsh of the requirements. Does a bank robber have to inform a prospective employer of his past history, even if said employer doesn't ask? This sounds almost unconstitutional, if not cruel and unusual punishment. Owen Hartnett omh@cs.brown.edu [Moderator's Note: In your example, it probably would be unreasonable to force a garage mechanic to tell a prospective employer he had robbed a bank. It would not be as unreasonable to force the same person to reveal this if he applied for employment as a bank teller. In the case at hand, I quoted the court's decision without really agreeing with it. If Len goes into non-computer employment, it should not have to be discussed. If he goes into computer-related employment, well ... I'd be reluctant to make him wear that ball and chain his whole life. PAT]
Mike Godwin <mnemonic@eff.org> (06/16/91)
Our Moderator demonstrates his moral sensibility with the following comment: > [Moderator's Note: What Len Rose was *convicted* of doing was being in > possession of AT&T computer source code illegally, and transporting > the code across state lines. And Al Capone was sent to prison for > failure to pay his income tax. This is a contemptible comparison. Len Rose is Al Capone? Capone committed thousands of crimes. All Rose did was write an article showing how to hack login.c to enable the capturing of passwords. Did Rose ever use this program to gain unauthorized entry? No. Did anyone else ever use it? No. Is it ever allowable to show how code can be modified to break system security? Yes. Does Pat Townson have any moral perspective at all? Read his comparison of Len Rose to Al Capone and draw your own conclusions. I think you should be ashamed, Pat. But the kind of people who make such comments typically know no shame. > Thanks to all who wrote me on this issue; I've got more articles in > the queue to continue this thread tomorrow, and will summarize a > rebuttal of my own, also probably tomorrow space permitting. PAT] The "rebuttal" should include apologies: to Len Rose, whose worst sin was bragging in an article about his ability to modify login.c, and to "EFF supporters," who do not approve of system breakins and who have a little more regard for the First Amendment than Townson does. Mike Godwin, mnemonic@eff.org (617) 864-1550 EFF, Cambridge, MA
Karl Denninger <karl@ddsw1.mcs.com> (06/16/91)
In article <telecom11.453.1@eecs.nwu.edu> telecom@eecs.nwu.edu (TELECOM Moderator) writes: > The Len Rose saga came to an end this past week when a federal judge > considered the circumstances involved and chose to impose punishment > by placing Len in the custody of the Attorney General of the United > States, or his authorized representative for a period of one year. Of course, the court did NOT find Len guilty. He pled guilty after being browbeat and otherwise harassed to the point where he likely decided that there was no way to win -- even if he was to defend himself successfully against the current charge(s), the government would have found more. That is, he had object examples that they weren't going to leave him alone until and unless they managed to make an example out of him. Note too that his violation (copyright violations primarially as I understand it) is normally a CIVIL matter, not a criminal one. Corporations who do this kind of thing (software piracy) are sued and forced to pay damages -- NOT jailed! > Speaking of the kids, I wonder if Len has explained all this to them > yet. I wonder if they know, or are old enough to understand their dad > is going to prison, and why ... Yeah, I'd explain it to my kids all right. The fact that "my" government decided for reasons unknown to turn a civil matter into a criminal one, that they hounded me from state to state until they finally wore me out, and the insanity of the "Crime" which I was accused of in the first place. The fact that they couldn't manage to find a shread of evidence of the violation they wanted to pin on me, so they kept looking -- and confiscating equipment in an unconsti- tutionally-broad search procedure until they managed to find something they could "use". I'd explain to them the reasonableness of being held essentially at gunpoint in our own home during these search proceedings when I was (and am) no danger to the officers doing the search. And I'd explain to them the insanity of a corporate presence which has gotten so large that it commands the powers of the government of the USA itself. Yes, I would have a lot to explain. I wonder if my kids would decide to be revolutionaries when I was done. Anyone want to take bets? Shall we talk of Steve Jackson Games? A company that was (and is) persecuted for no valid reason at all? A search warrant that was unconstitutionally vague? A company (a RBOC again) that perjured itself in front of more than one court, yet has not been charged with that perjury or punished? Perjury is a CRIME! Not a petty little crime, but a real one with real penalties! I would like to see justice for all -- and those penalties imposed. It'll never happen -- as long as the guilty party works for a quasi-governmental organization like the almighty "phone company". Thank the Gods that Steve Jackson Games has finally decided to file a nice fat lawsuit against the government and all individuals involved. This time, the government and all who were participants in that fiasco deserve to get nailed to the wall. > The point is, some of us are simply getting very tired of the > break-ins, the fraudulent messages, the fact that in order to telnet > to a different site we can no longer do so direct from dialup servers > without a lot of rig-a-ma-role because computer (ab)users have stolen > all the trust which used to exist between sites, and the increasing > scarcity of 'guest' accounts on various sites because the sysadmins > are tired of being eaten alive with fraudulent and destructive usage. Well, I'm glad of that. Now let's apply the law with some consistency. Let's take the case of Bill Vajk, who allegedly CAUGHT a person snooping around on his system not long ago. He's reported it on the net and to the people he believed responsible for that person's behavior. They weren't interested in persuing the matter, although he believed that it was one of their EMPLOYEES who was doing the snooping. Yes, there was a REAL LIVE hacker -- which is, as we all know, ok as long as the hacker is a government ... oops, I meant corporate stooge! Or shall we discuss the case on ddsw1 about three years ago -- I caught an AT&T employee (so he said) on another user's account -- a person who had obviously STOLEN a valid user password. I caught him red-handed I might add. I called the user in question and kicked the phony person off the system -- and changed the real user's password. That person said they were "investigating improper use of a dialout". Oh really? Investigating it by tapping the line, recording the password, and THEN USING IT TO BREAK INTO MY MACHINE? Too bad that wasn't a felony then, as it can be now. I was unable to get the call traced -- and I did try. What I would have given for a valid trace back to someone's desk! Today I would certainly insist on prosecuting the person(s) responsible, and possibly file a civil suit as well. Yes, I think hackers should be punished -- IF they are actually guilty of some crime. My difference of opinion lies in the fact that I think ALL hackers should be punished, including the corporate ones. > Users had better wise up to one fact: the federal government is going > to continue to crack down on abusers of the net and this media. And > please, none of your hysterical freedom of speech arguments in my > mail, thank you. No one gives an iota what you write about, but when > you get your hands in the password file, rip off root or wheel > accounts, run programs deceptive to other users designed to rip off > their accounts also and generally behave like a two-bit burglar or > con-artist, expect to get treated like one when you get caught. See above. I want to see some equity in the law. I've had my equipment abused by those same people, and so have others. I want to see ALL of them prosecuted -- including those hooligans who wear the government's insignia. A thief or assailent does not become less of one due to having on a uniform of some "power and authority". > out of the penitentiary a better person than when he went in. The > penitentiary can be, and frequently is a therapeutic experience, at > least for the people who think about what it was that caused them to > get there in the first place. The penitentiary can be, and frequently is, a place when men get gang-raped (without recourse) and exposed to all kinds of "wonderful" influences. It's rarely a theraputic experience. Look at the recidivism ratios and reconsider your statement. Your "head-in-the-sand" knowledge level is showing, Mr. Townson. > socially irresponsible behavior (which some people who call themselves > 'socially responsible' seem to condone or wink at) has to stop. Now. Yes it does. Including what appears to be libel of a person who is in no position to defend himself right now. > And a knowledgeable sysadmin who is quietly cooperating with the > government tells me a federal grand jury is <thisclose> to returning > another cycle of indictments. Need I say more? Yes, you MUST say more. Since you want to fly this flag, here is what you must do: 1) Name your source. We all ought to know just who this "cooperating" sysadmin is. After all, we all saw just what happened to the last "cooperating" sysadmin, didn't we (Jolnet)? Or what kind of false accusations and pretenses the last "cooperating" company had to do with this (SWBT in this case). There are groups, the EFF being one, which are trying to stop this kind of fraudulent use of the criminal system. How about it, Pat? Name your source! (I could take a likely guess, but that might constitute libel or slander -- so I won't. I could easily be wrong on this one). 2) If you know who is under investigation, name them too. Same reasons here. If the people in question have really done something wrong, the government ought to be able to prove it easily -- it's a historical fact, right? If not, let's get the machinery rolling to protect them against more unwarranted intrusions. Karl Denninger (karl@ddsw1.MCS.COM, <well-connected>!ddsw1!karl) Public Access Data Line: [+1 708 808-7300], Voice: [+1 708 808-7200] Anon. arch. (nuucp) 00:00-06:00 C[SD]T, req: /u/public/sources/DIRECTORY/README
Jeff Sicherman <sichermn@beach.csulb.edu> (06/16/91)
In article <telecom11.453.1@eecs.nwu.edu> telecom@eecs.nwu.edu >(TELECOM Moderator) writes: [ most of the story deleted ] I did find the tone of this 'report' rather preachy and superior but everyone's entitled to his opinion. I would feel more comfortable if PAT would label such things as 'Editorials' rather than imply they are factual reports, but I guess we all can tell. I am not at all familiar with the detailed history of this case or Len Rose, but one thing about it, as reported here, bothered me: If Mr. Rose is being selectively prosecuted for an action which others have committed without this response, either by the RBOC's or the US Government, it would appear that his connection, tenuous as it may have been, to Phone Phreakers was likely a principle motivation to 'go after him', perhaps as an example to those evil people. This smacks of 'guilt by association' or at least prosecution by association. I'm old enough to know that this borders on McCarthyism. There's enough escaping responsibility for who you know in this country without it being the basis for criminal prosecution too. I guess the Justice Department has caught all the Savings and Loan looters and needs something to keep busy. finally, another comment by PAT caught my eye: > And a knowledgeable sysadmin who is quietly cooperating with the > government tells me a federal grand jury is <thisclose> to returning > another cycle of indictments. Need I say more? I'm not sure about your state, but I believe in ours (California) it is a crime (felony?) to reveal or discuss information about the deliberations of a grand jury. I would expect there are similar laws for federal ones also. You 'knowledgeable sysadmin' could be violating some federal statutes himself by talking about them. You might even be in a grey area yourself, PAT, by passing them along, though I doubt it, Maybe you're protected as a 'reporter' though I'm not sure newsgroups and their editors constitute journalism or the press. I guess we should just hope the government is monitoring usenet or the internet too carefully ... Jeff Sicherman
"W.A.Simon" <alain%elevia.UUCP@larry.mcrcim.mcgill.edu> (06/17/91)
To Moderator: I guess you have been roasted over quite a few times by now, by Mike and a few others. I will nevertheless add my five cents worth. I feel you are doing a great job and I am sorry to see you jump to conclusions and accept so easily what our enlightened elites have to say about this case. You realize, I hope,this was a witch hunt all along, and that even if Mr Rose had committed some unspeakable act, justice was not the purpose of the exercise. As a rule, distrust the suits... Alain Home Sweet Office: (514) 934 6320 UUCP: alain@elevia.UUCP
"Owen M. Hartnett" <omh@cs.brown.edu> (06/17/91)
> [Moderator's Note: In your example, it probably would be unreasonable > to force a garage mechanic to tell a prospective employer he had > robbed a bank. It would not be as unreasonable to force the same > person to reveal this if he applied for employment as a bank teller. I guess my point is that currently the bank robber isn't forced to reveal that he was, even if he does apply for the bank teller position. Whether it is reasonable or not, I've heard of no other criminal sentence which required any criminal to reveal past criminal activity before being asked about it. (Of course, if asked, either as part of an employment application or directly, and he lies, this is wrong, but in most employment contracts, it's the employer beware, why is this one different?) It seems kind of funny when convicted murderers do not have reveal the past when not asked and why computer crackers are. Owen Hartnett omh@cs.brown.edu
William Vajk <learn@ddsw1.mcs.com> (06/17/91)
In article <telecom11.460.3@eecs.nwu.edu> Owen M. Hartnett writes: > In article <telecom11.453.1@eecs.nwu.edu> TELECOM Moderator writes: >> When Len is released, he'll be 'allowed to' carry the tag "ex-con" >> with him when he applies for work and tries to make new friends. One >> part of his punishment is that in the future he must reveal his status >> to prospective employers. > Something about the above bothers me, from a legal standpoint. Wasn't > there a movement quite a few years ago that said, in effect, that > since ex-cons have little chance of employment once they've told their > prospective bosses that they're ex-cons, that requirements to do so > were being mitigated, so that they would stand a better chance of > rehabilitating once they got out? > [Moderator's Note: (portion deleted for brevity) > In the case at hand, I quoted the court's decision without really > agreeing with it. If Len goes into non-computer employment, it should > not have to be discussed. If he goes into computer-related employment, > well ... I'd be reluctant to make him wear that ball and chain his > whole life. PAT] One of the discoveries I've made in following the "hacker" discussions on the net in the past couple of years is just how badly misinformed so many people are regarding matters on which they feel it appropriate to comment. It becomes relatively obvious in short order that the press on which we have historically depended for information has, at least in this realm, fallen sadly short of being informative to the level of detail one should be able to expect reliable. It is my understanding that the "reporting bad-boy details" extends past the end of his incarceration only for the duration of probation, a three year period. And if I am not mistaken, the mandate requires Len to divulge this information only to potential employers who have source code on their computers. On the issue of rehabilitation for Len, I don't understand what is being discussed here. Len's case is a direct consequence of his then good friend Rich Andrews being a model citizen and reporting the fact that some troublesome text was on his public access Unix system. I believe something important needs mention here, and that is a review of the cases which stemmed from that incident, and just how it was they were closed out. The only trial in the string of prosecutions was that of Craig Neidorf. That trial ended abruptly when the prosecution folded its tent and went home in the first week. Please take note that in spite of the many issues raised by the cases, none of the important ones has received a proper judicial review. Hardly coincidental, I dare say. Bill Vajk
Henry Mensch <henry@ads.com> (06/17/91)
I find this sort of moralization really objectionable. i thought we were here to talk about telecommunications and not to be sermonized. Henry Mensch / Advanced Decision Systems / <henry@ads.com> [Moderator's Note: Good point, Henry. So with this latest round of messages let's call the thread quits in so far as TELECOM Digest is concerned. Jim Thomas has agreed to take overflow discussion in a future issue of Computer Underground Digest (tk0jut1.niu.bitnet) for interested parties. My thanks to all who wrote me. Even if you did not get included here, I hope your point of view was fairly presented by one or more other writers. If someone will supply a mailing address for Len, his family or his attorney I will publish it for anyone who wishes to provide further financial assistance. PAT]
Steve Forrette <forrette@cory.berkeley.edu> (06/18/91)
In article <telecom11.459.2@eecs.nwu.edu> Jim Thomas writes: > And, contrary to another post in the same issue of TCD, there > is no evidence that the programs Len possessed or sent were ever used > in criminal activity. Isn't transportation of stolen property across state lines "criminal activity?" > The question is whether his actions justify a prison sentence, and to my > mind the answer is an emphatic *NO!*. I agree -- probation would have been more appropriate, IMHO. Steve Forrette, forrette@cory.berkeley.edu
tanner@ki4pv.compu.com (06/18/91)
[Moderator's Note: Even though I wanted to close out this thread here
in the Digest, I had the late arrivals which follow below. PAT]
Mr. Rose is on his way to jail for posessing unlicensed source code.
The world is now safer for humanity.
One stark bad example. Heading off to jail. Now, let us contrast the
damage done by Mr. Rose to the damage done by the SS to Steve Jackson
Games, and scale an appropriate sentence for them.
...!{bikini.cis.ufl.edu allegra uunet!cdin-1}!ki4pv!tanner"David Burren [Athos]" <david@bacchus.esa.oz.au> (06/18/91)
In <telecom11.460.3@eecs.nwu.edu> TELECOM Moderator wrote: > In the case at hand, I quoted the court's decision without really > agreeing with it. I'm sorry Pat, but that was NOT the impression I got from reading your original note. True, the paragraph in question did not express any opinion, but taken in context with the rest of the posting it blended with the impression of blind and unthinking condonement for what has been done to Len. I started out reading your article as if it was merely a report, but halfway though had to stop and look at it again. In <telecom11.453.1@eecs.nwu.edu> you wrote: > I wonder if it was all worth it ... if Len had it to do over again if > he would do the same things he did before, or if he might consider the > consequences more carefully. Certainly it makes one wonder. The number of people with unlicensed software is staggering. I'll admit I've been guilty of that myself in the past. As someone who "grew up" in an environment of Apple ][s and PCs, the concept of using pirated software was something I was used to, even though it was clearly known amongst all the "high school hackers" that it was illegal. These days I don't tend to use commercial software (beyond the OS itself :-( so the temptation to have or use unlicensed software is reduced for me, but the thought of what's happened to someone who effectively did what I myself did years ago induces reflection, yes. So who can say they've never seen an unlicensed copy of something like Lotus 1-2-3? No, I'm not addressing here the issue of _distributing_ illegal copies of software (eg. the unpublished submission to {Phrack}) but then, people who copy software are (in my experience) likely to give copies to others. I suspect that people who can truthfully say that they've never broken a law are a rare breed. It's the realization of what governments and companies are willing and able to do to offenders that frightens people. And I think that in many cases it should. > are still those folks around who either (a) don't think it applies to > them, or (b) don't think they will get caught, or (c) don't understand > what the big fuss is all about in the first place. > If you don't think (c) is still possible, consider the recent thread > in comp.org.eff.talk -- yes, I know, *where else* !! -- on the student > who got suspended from school for two quarters after downloading and > distributing the system password file on the machine he had been > entrusted to use. The fact that the debate could go on endlessly for > message after message actually questioning what, if anything the chap > did wrong tells us plenty about the mentality and 'social respsonsi- > bility' of EFF devotees, but that is a whole new topic in itself. As others have already pointed out, your assumption that people who post in comp.org.eff.* implicitly represent the position of the EFF is abominable. It was this paragraph that made me take a step back and look at your posting again. Anyway, I think it's worth pointing out that much of the discussion has been about topics such as whether users should be allowed to run programs such as COPS. The interested reader is advised to read the newsgroup for him/herself, and not rely on the summaries of either Pat or myself. > The point is, some of us are simply getting very tired of the > break-ins, the fraudulent messages, the fact that in order to telnet > to a different site we can no longer do so direct from dialup servers > without a lot of rig-a-ma-role because computer (ab)users have stolen > all the trust which used to exist between sites, and the increasing > scarcity of 'guest' accounts on various sites because the sysadmins > are tired of being eaten alive with fraudulent and destructive usage. Excuse me, but what relevance does this have to the case of Len Rose? Your comments smack of uninformed journalism following the bandwagon of "hacker" scare-stories. That is not to say that the emergence of crackers in today's electronic society has not caused the problems that you mention, but why do you associate Len Rose with this? > Users had better wise up to one fact: the federal government is going > to continue to crack down on abusers of the net and this media. Having _responsible_ watchdogs/authorities discouraging abuse is (IMHO) a good thing. Blindly assuming that said bodies will follow the moral/ethical guidelines that we think they should is (IMHO of course) a BAD thing. > penitentiary can be, and frequently is a therapeutic experience, at > least for the people who think about what it was that caused them to > get there in the first place. I have no direct experience with prisons/penitentiaries/etc, but I hestitate to accept your recommendation that it is "a therapeutic experience". Would you care to point the interested reader to some background for your recommendation? > A US Attorney involved in prosecuting computer crime once said, "users > need an example when they log in of what to expect when they screw up > while on line ..." Indeed we do ... and Len Rose will serve as such. I think Mike Godwin's reply to this sum things up. Is the title "a US Attorney" intended to impart some level of respect for said person's opinions? > And a knowledgeable sysadmin who is quietly cooperating with the > government tells me a federal grand jury is <thisclose> to returning > another cycle of indictments. Need I say more? Yes please. These may be legal actions within the U.S., but the precedents and details will affect technology users the world over! In <telecom11.459.5@eecs.nwu.edu>, Pat continues: > [Moderator's Note: What Len Rose was *convicted* of doing was being in > possession of AT&T computer source code illegally, and transporting > the code across state lines. And Al Capone was sent to prison for > failure to pay his income tax. You imply that Len is/was guilty of much more. Rather than throwing unsubstantiated accusations around, why not produce some explanation of why you think such accusations are justified? As the Moderator of a large and active newsgroup, I remember as a newbie regarding your postings as coming from someone who knew what they were talking about. Sadly, your recent postings have led me to rethink my former opinion of the notes sighed with "PAT". David Burren [Athos] Email: david@bacchus.esa.oz.au Software Development Engineer, Expert Solutions Australia, Hawthorn, VIC - I cut code for ESA, I don't speak for them -
phred@uunet.uu.net> (06/22/91)
Townson is entitled to his opinion, but is it really fair to keep tacking it onto the end of everyone else's postings? In my own view, the taunting, condescending tone of his remarks regarding Len Rose's situation is utterly unbecoming the position of *moderator* of a newsgroup. He assures us how "sorry" he is that this happened to Len. Well, I am "sorry" it's apparently a net tradition never to let the facts or a modicum of charity stand in the way of a good rant. Len Rose is going to jail because of some pretty severe "cop trips" in a law enforcement milieu which has just discovered that, by golly, people actually use computers. The prosecution barely understood the issues they tried Rose on; they were basically serving as the muscle for a major corporation which wants to send a message to the rest of us about their notion of property rights. To anyone with an inkling of what this was all about, the entire process and especially the sentencing are totally out of proportion. Let those who live in glass houses not cast the first stones, especially not upon Len Rose.