telecom@eecs.nwu.edu (TELECOM Moderator) (06/08/90)
TELECOM Digest Thu, 7 Jun 90 22:00:00 CDT Special: LOD - Part II
Inside This Issue: Moderator: Ayatollah Townson
Cracker/Phreaker Crackdown [Frank Earl]
Kapor and Crackers [Steve Elias]
Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor [Steven King]
Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor [Stuart Lynne]
Kapor's Remarks, Moderator's Message, and My Reply [Chris Johnson]
Law 101 (was Hackers,...) [Frank E. Carey]
Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor [Kee Hinckley]
Legion of Doom Summary Article Available [Billy Barron]
Last Word! Who I am Preaching To [Ayatollah Moderator]
----------------------------------------------------------------------
Date: 3 Jun 90 09:38:00 CST
From: FRANK EARL <f_earl@etsuv2>
Subject: Cracker/Phreaker Crackdown
I have an intelligent question about this discussion-
Isn't the bust outside of the Secret Service's jurisdiction to begin
with? I thought that this kind of crime was solely the FBI's
jurisdiction ... If that is the case, we had better watch out for
everyone's rights because the "police" organizations aren't doing the
jobs that they are supposed to and doing things they *AREN'T* supposed
to...
Frank C. Earl
BitNET: F_earl@etsuvax2
Internet: F_earl@etsuv2.etsu.edu
------------------------------
Reply-To: eli@pws.bull.com
Subject: Kapor and Crackers
Date: Mon, 04 Jun 90 13:17:18 -0400
From: Steve Elias <eli@pws.bull.com>
Check my posting in the gdead group if you like, but the article in
the Boston paper said that Kapor and Barlow (gdead lyricist) are
setting up a legal defense fund for these "crackers".
I don't see anything wrong with this, Patrick. A bit of due process
would sure be a change in all this McCarthyism crapola about "Just Say
No to X, Y, Z, and hacking."
/eli
------------------------------
From: Steven King <motcid!king@uunet.uu.net>
Subject: Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor
Date: 4 Jun 90 22:47:28 GMT
Organization: Motorola Inc. - Cellular Infrastructure Div., Arlington Hgts, IL
In article <8611@accuvax.nwu.edu> telecom@eecs.nwu.edu (TELECOM
Moderator) writes:
>>Is the administrator/operator of some carrier of electronic
>>information completely responsible for every bit of data contained or
>>passing through his system? The present legal answer is "No, well
>>maybe, we don't know yet."
>That's right, he is. Either you have control over your computer(s) and
>your telephone lines or you do not. Which is it? I thought blaming
>the computer for what went wrong went out of favor twenty years ago.
>Do you remember when clerks in all big business places used to say the
>computer had 'made an error' in something? If you are not in a
>position to run a big site responsibly, then don't do it. And where I
>might have some sympathy for really huge sites, I don't buy the excuse
>of some two-bit BBS sysop that he "can't possibly read everything on
>his board ..." No one is asking him to read it all ... just to
>cultivate a responsible class of users and respond to problem postings.
Back up a moment, Pat. I'm currently sysop of a two-bit BBS (not even
networked to anything!) and I can say that this is a tough one. For
one, how do I "cultivate a responsible class of user"? Is there some
way I can tell who is "responsible" and who isn't? Is there some test
I can give to determine whether Joe Newuser is a phreak? None that
*I* can think of, certainly! Yes, I respond to problem postings. I
have quashed budding discussions of piracy; I do *NOT* run a cracker
or phreak board on any level that I'm aware of! But I don't read
email sent privately between users. It would be possible for me to,
of course. It would probably only take 15 minutes a day, given the
low amount of traffic I see there. However, I feel that unless I
suspect something, I have no right to go through users' private mail.
So, let's say that Joe and Jane are model users. They're lively in
discussions, and have never made me suspect they're anything but
moral, upstanding, law-abiding folks. Suddenly the Secret Service
busts in to my apartment and confiscates my system. They show me that
Joe sent the dreaded E911 documents to Jane via private email. Why
should I be responsible for that? Would you shut down the post office
if he had mailed hardcopy to her?
For the sake of discussion, let's say that I *am* liable for users'
private mail. Should I also scan for crimes other than computer or
telecom related? What if Joe tells Jane where she buy some drugs? Am
I a dealer if I let that one slide? What if Jane agrees to meet Joe
in some hotel in exchange for twenty bucks? Am I now a pimp?
I thoroughly disagree with the proposition that a system operator is
or should be responsible for the entire content of his system. It
seems utterly unreasonable that I should be any more responsible for
the content of messages than either the post office is for written
mail, or the phone company is for voice. When it comes to that, why
should I be more responsible for illegal information on my board than
Illinois Bell is? After all, THEY allowed it to be transmitted to me
in the first place!
Steve King, Motorola Cellular (...uunet!motcid!king)
------------------------------
From: sl@van-bc.wimsey.bc.ca (Stuart Lynne)
Subject: Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor
Date: 4 Jun 90 22:36:38 GMT
Organization: Wimsey Associates, Vancouver, B.C., Canada
In article <8473@accuvax.nwu.edu> telecom@eecs.nwu.edu (TELECOM
Moderator) writes:
}According to the {Washington Post}, Mitchell Kapor, inventor of Lotus
}1-2-3, is considering backing a national effort to defend computer
}hackers against prosecution resulting from Operation Sun Devil, a
}two-year investigation of potential computer fraud. The Secret
}Service said the hackers who were the target of the probe are
}individuals who had gained unauthorized access to company computer
Can't we be charitable (at least until more information is available)
and make the assumption that Mr. Kapor is reacting to some of the
reports on *HOW* the Secret Service is conducting this effort.
As a fairly disinterested observer I'm fairly amazed at the reports of
what the Secret Service is doing in the US. If the reports are even
only half true I'd still be pretty amazed at how they have conducted
themselves.
Anyway I don't think we need to jump off the deep end and suggest that
people perform illegal acts. Mr Kapor may have some legitimate
concerns over the free speech issues involved and or the way the
Secret Service is conducting the case which have nothing to do with
hacking and or phreaking.
Stuart.Lynne@wimsey.bc.ca ubc-cs!van-bc!sl 604-937-7532(voice)
------------------------------
From: Chris Johnson <chris@tinkerbell.mr.net>
Subject: Kapor's Remarks, Moderator's Message, and my Reply
Date: Tue, 5 Jun 90 14:40:22 CDT
My initial (shall we say a bit hasty?) reply to the Moderators's
remarks on Kapor's statements were based solely on his article. I had
no other sources of information about Kapor's position, and was
unaware of the {Washington Post} article about them, or containing them.
The additional information I've gained since then doesn't change my
position any, but it does moderate my dismay at and disagreement with
the Moderator. One could say a somewhat cooler head now prevails.
I do agree with the Moderator's suggestion that Kapor's remarks within
a newspaper article could lend credence to the theory that burglary
and theft are ok, and that we ought to be writing indignant letters to
any and all other publications (eg. the Post). In fact, I do so
regularly. And, unfortunately, they never publish them. That is one
advantage the TELECOM Digest has.
...Chris Johnson chris@c2s.mn.org ..bungia!com50!chris
Com Squared Systems, Inc. St. Paul, MN USA +1 612 452 9522
------------------------------
Date: Tue, 5 Jun 90 10:45:58 EDT
From: F E Carey <fec@whuts.att.com>
Subject: Law 101 (was Hackers,...)
Organization: AT&T Bell Laboratories
The signal to noise ratio is becoming intolerable. Let's go back to
FACTS and LOGIC.
Searches and seizures are authorized by warrants. If anybody believes
that the government raids were done without warrants I'm sure we'd all
like to hear about it. Whether warrants were obtained should be a
verifiable fact.
Warrants are issued by judges and are based on evidence. Any
information suggesting that warrants were improperly issued or that
evidence was fictitious, falsified, illegally obtained, etc. would
probably be welcomed in this forum. I think warrants are public
information.
If we can determine that searches were done with properly issued
warrants we would have a situation that would be closer to due process
than "abridging of First Amendment rights".
Indictments are handed down by grand juries - your peers. Indictments
are based on evidence and are customarily (depending on jurisdiction)
judgments that the evidence, if not refuted, is sufficient for a
reasonable presumption of guilt. INDICTMENTS ALSO SERVE TO PROTECT
THE ACCUSED AGAINST FRIVOLOUS PROSECUTIONS. I don't know if all
indictments are public or whether the related evidence is public.
Somebody should be able to find out. Once you have been indicted you
go to trial. The indictment is not a guilty verdict! It's hard for
me to conclude that indictment by grand jury constitutes harassment by
government. If you don't like the grand jury process or you don't
trust your peers to evaluate evidence you've got a more fundamental
problem that probably belongs in net.politics.
Some postings imply that motive or resulting damage should be a factor
in these cases. I think we need to read the law and look at the way
the courts apply the law. It's not helpful to argue a case on the
basis of what you think the law should be.
Perhaps the biggest problem some of you have with the raids, seizures,
is that you don't like the law. If that's the case go see your
congressman and stop flaming the law enforcement people.
The common carrier issue is one of the few lucid topics to surface
recently. Indeed, we don't arrest the UPS guy for delivering a
package of stolen property and we don't sieze the mail truck when it
contains stolen documents being mailed. Is the law weak on this
aspect of computer crime? Should sysops be treated as common
carriers? Would this solve some problems but create others? I'd be
interested in opinions on this.
Frank Carey
AT&T Bell Laboratories
fec@whuts.ATT.COM
Disclaimer: I'm not an attorney and I have no personal connection
with any of the discussed cases. My views may be colored by the
report in UNIX Today 5/28/90 that Leonard Rose was accused of
stealing source code from my employer.
[Moderator's Note: I would like to say however, in defense of the
indicted, that grand juries are *sometimes* nothing more than rubber
stamps for prosecutors; and in fairness, some judges issue warrants in
the same cavalier way. Sad but true. Otherwise I agree with you. PT]
------------------------------
From: Kee Hinckley <nazgul@alphalpha.com>
Subject: Re: Crackers: Innocent and Misunderstood, Says Mr. Kapor
Organization: asi
Date: Tue, 5 Jun 90 14:45:04 GMT
>Maybe if Mr. Kapor had his Lotus 1-2-3 ripped off good he might change
>his tune. Anyone know other projects of his we might steal and start
>handing out freely around the net? After all, we wouldn't want to
>'damage technological innovation or dissemination of information' now
>would we? Please keep his attitude on this serious problem in mind the
>next time you use or consider purchasing his software. If you can't
>find a way to steal it outright, then borrow a pirated copy from
>someone else.
Sometimes I wonder whether I'm in the right country. I could have
sworn this was the United States of America. Does "innocent until
proven guilty" ring a bell? One of the people nabbed in this federal
grabbag was a BBS operator who promptly called the FBI when he
discovered stolen information on his BBS. Another case was a game
designer who was writing a (non-computer) cyberpunk game. They
confiscated all of his equipment because the game instructions were
taken literally and one of his employees had been in the "Legion of
Doom". But who knows, possibily they are all guilty as hell - but
that doesn't make defending them a crime. Why don't we let the courts
decide the guilt?
I'm more than a little sensitive about this. I run a BBS myself, and
given the current legal situation I may have to shut it down. As a
BBS operator it would appear that I have absolutely no protection. If
people start using my BBS to transport stolen materials then the
FBI/SS can break in and confiscate every single piece of computer
equipment/software I own. Sure, maybe I'll win in court (although no
case I know of has made it that far yet), but I have no desire to wait
several years to find out. And just to complete the circle, it would
appear that even if I wanted (or had time) to examine what my users
were doing, I can't - since that would violate the Electronic Privacy
Act.
So yes, some of the people Kapor is helping to protect have probably
committed crimes. But some of them probably haven't, and the last
time I checked this country wasn't supposed to be using the
crusade-style justice of "kill them all, let God sort them out".
-kee
| Alphalpha Software, Inc. | Voice/Fax: 617/646-7703 | Home: 617/641-3805 |
| 148 Scituate St. | Smart fax, dial number. | |
| Arlington, MA 02174 | Dumb fax, dial number, | BBS: 617/641-3722 |
| nazgul@alphalpha.com | wait for ring, press 3. | 300/1200/2400 baud |
------------------------------
From: vaxb.acs.unt.edu!billy@cs.utexas.edu
Subject: Legion of Doom Summary Article Available
Date: 7 Jun 90 14:46:02 GMT
An article summarizing the Legion of Doom incident happenings up to
the present has been written by Kevin Mullet, Data Communications
Analyst here at the University of North Texas. His article is
available for anonymous FTP in the ARTICLES directory. Several
different formats are present (ASCII, WordPrefect and Postscript).
Billy Barron Bitnet : BILLY@UNTVAX
VAX system manager THENET : NTVAX::BILLY
University of North Texas Internet : billy@vaxb.acs.unt.edu
SPAN : UTSPAN::UTADNX::NTVAX::BILLY
------------------------------
Date: Mon, 4 Jun 90 23:04:46 CDT
From: Ayatollah Moderator <telecom@eecs.nwu.edu>
Subject: Last Word! Who I Am Preaching To
First, my thanks to everyone who wrote, and my apologies to the few
additional messages I could not squeeze in here, including two lengthy
items by Chris Johnson and Jerry Leichter. I did however include one
article by each in this two-part special issue. Then there were also
comments by Mike Perka and others sent not-for-publication, and a
couple people who said their item could be dumped if it was
essentially a repeat of others. Then one letter pointed out that the
word 'cracker' was sometimes used in a racially degrogatory way toward
white people. That I had never heard, but thanks for cluing me in.
Some time ago, a supplementary mailing list was run for awhile to
handle overflow messages on a related topic, and this might be a good
time to revive it. If the people who did it want to resume it for this
thread, please let me know.
Second, in a letter from Mike Perka came this little gem, and it seems
as good a way as any to wrap up this string of messages. Some say it
should be my personal philosophy as well:
>"I don't practice what I preach because I'm not the kind of person that
> I'm preaching to" -- J. R. "Bob" Dobbs
Yours faithfully,
Ayatollah Townson / MODERATOR of the Universe (wink!)
------------------------------
End of TELECOM Digest Special: LOD - Part II
******************************amb@cs.columbia.edu (Andrew M. Boardman) (06/09/90)
A piece of information, a waste of bandwidth to be published in more than a moderator's note... In article <8763@accuvax.nwu.edu> you write: >Some time ago, a supplementary mailing list was run for awhile to >handle overflow messages on a related topic, and this might be a good >time to revive it. If the people who did it want to resume it for this >thread, please let me know. Actually, the mailing list is still alive and well. /a [Moderator's Note: Write to TK0JUT2@NIU.BITNET to request a subscription to the Computer Underground Digest. PT]