TK0JUT2%NIU.BITNET@UICVM.uic.edu (09/14/90)
**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 2, Issue #2.03 (Sepember 14, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet) ARCHIVISTS: Bob Krause / Alex Smith USENET readers can currently receive CuD as alt.society.cu-digest. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. It is assumed that non-personal mail to the moderators may be reprinted, unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTENTS: File 1: Moderators' Corner File 2: Len Rose's experience with the Secret Service File 3: Tim Wolfson's address, cite list File 4: A comment on Zod's case ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------------------------------------------------------------------- ******************************************************************** *** CuD #2.03, File 1 of 4: Moderator's corner *** ******************************************************************** Date: Sepember 14, 1990 From: Moderators Subject: Moderators' Corner ++++++++++ In this file: 1. BBS AND THE LAW PAPER ADDED TO ARCHIVES 2. GATEWAY TO USENET ++++++++++++++++++ BBS and the Law Paper added to Archives ++++++++++++++++++ We have added a paper by Mike Riddle, a law student, to the CuD archives. It's entitled: "The Electronic Pamphlet--Computer Bulletin Boards and the Law." It provides a nice overview of privacy and other issues and is worth reading. ++++++++++++++++ Gateway to Usenet Newsgroup ++++++++++++++++ A Gateway service is available for people who cannot read or post to the Usenet newsgroup comp.org.eff.talk. To subscribe send mail to EFF-REQUEST@NETSYS.COM. You will receive a copy of every article appearing in the newsgroup. To post to comp.org.eff.talk send your article to EFFTALK@NETSYS.COM. It will be gatewayed automatically without modification. This service has no connection with the Electronic Frontier Foundation. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: Tue, 11 Sep 90 01:34:49 -0400 From: len@NETSYS.NETSYS.COM Subject: Len Rose's experience with the Secret Service ******************************************************************** *** CuD #2.03: File 2 of 4: Len Rose's Experience with the S.S. *** ******************************************************************** [Jim Thomas suggested I write something for the digest and I have been casting around for ideas.. All I really can think about nowadays is my own situation. I have become quite a bore to my friends I am sure.] Please excuse any vestiges of self-pity you may detect. The Day It Happened: I left my home around eleven am to drive down to Washington DC to meet with a potential client. After several hours with them , I started the drive back through the rush hour traffic. It was just a few minutes after five pm that I pulled into my driveway in Middletown Md. I remember getting out of the car and noticing that someone was in the back yard. He was wearing a blue wind breaker and was neatly dressed. We had been trying to sell a Jeep , and I assumed he was interested in buying the car. "What can I do for you" I asked.. I remember being slightly pissed that this person had just been hanging around the back of my home. He flipped his jacket aside and I saw a badge on his belt and a gun in a shoulder holster. "Please go into the house" he replied. I was pretty shaken and asked "What have I done wrong?" .. without answering the question, he took my arm and sort of marched me into the front door of my home. Upon entering, two agents pulled me up from the foyer, and put me against the wall while searching me. Then I remember being shown the front of a search warrant and then taken into my master bedroom. The door was shut and I didn't leave the room for more than five hours. They introduced themselves, and I asked them what this was about. Foley replied "We will ask the questions" .. "Do you know any of these hackers?" I was asked about 10 or 15 names, and out of them I said I recognized one or two from seeing articles here and there but hadn't had any contact with them. I remember Foley getting angry. "You had better cooperate, let's try again". I reiterated that I knew none of them. He said "You are not telling us the truth" ... I told him I had little contact with hackers and had been away from that scene for quite some time. He then scoffed and said "You have a hacker handle don't you... What is It?" I paused, and then replied "Terminus, but I haven't used it or gone by that in a very long time" He said "Right, like last month..." I thought about that and then I started to feel sick inside.. I knew that I had sent Craig Neidorf a copy of login.c which had been modified to perform certain functions that basically made it a trojan horse. I used that handle since I didn't want the world to know that Len Rose was sending someone proprietary source code through mail.. He shoved a photocopy of a printout under my nose and asked me if I recognized it.. I looked at it and said, "Yes.. " .. He asked me If I had made the modifications and placed certain comments within the source. "Yes" again. "But I never used it" I blurted out. "We are only interested in the 911 software and Rich Andrews" they said. [I never had anything to do with 911 software and after an extensive search of my systems that night by a certain AT&T employee they seemed to agree.] "Did Rich Andrews send you a copy of the 911 software?" Foley asked me. I told them no, no one had sent me anything of the sort. I told them that Rich had found some portion of 911 software on his system and sent it to Charley Boykin at killer to see if it was serious. Rich had told me before, and I sort of approved of the idea. I remember Rich saying that he'd had no response whatsoever.. [I wish he had told me the truth, but that is for him to explain why] "We want dirt on Rich Andrews.." Special Agent Timothy Foley said. "We feel he has been less then cooperative.." and "Do you know he is a convicted felon" I replied "Yes" but he is a good friend and I know he hasn't done anything wrong. He is not involved with hackers. Foley asked me about any dealings I had with Rich. I realized then that lying wouldn't do me any good, so I told them everything I could remember. What I had to say must not have been good enough, as Foley kept saying I wasn't going to get anywhere unless I told them all the truth. It took me a long time to convince them that was all I knew. During the interrogation, my legal problems in Virginia were brought up, and I mentioned that I might be acquitted. Jack Lewis said "If you get off in Virginia, I'll make sure we burn you for this" .. I felt then that I was completely shut off from reality. Foley then asked me to tell them anything illegal I had done. Jack Lewis said "It would be better if you tell us now, because if we discover anything else later it will be very serious". By this time, I was scared and I remember telling them that I had copies of AT&T System V v3.1, System V v3.2 and various other pieces of software which had been given to me by certain employees of AT&T (without the benefit of a license agreement). "Where is it" they asked.. I told them that I had a couple 9 track tapes with prominent labels on a tape rack. I remember asking several times to see my wife, and to go to the bathroom. Each time I was told I couldn't. If I hadn't been so scared I would have asked for an attorney, but my mind had shutdown completely. About 6 hours later I was finally led out of my bedroom and told to sit at the kitchen table and not to move. Foley and Lewis sat with me and put a sheet of paper in front of me and told me to write a statement. "What do you want me to write about" I asked. Foley said "Everything you told us about Rich Andrews and also everything about the Trojan horse login program." "Make sure you mention the System V source code".. So, as they were finishing loading up the moving truck, I sat there and wrote about two pages of information. It was about midnight, when they left, but not before handing me a subpoena to appear before the Grand Jury. They told me to tell Rich Andrews my main Unix system had crashed, and not to let him know that the SS had been there. I felt pretty bad about this because I kept thinking they were going to get him. He must have called siz or seven times the day after the "raid". I couldn't tell him anything, since I assumed my line was tapped. I remember going outside as they were starting to leave and looking into the back of the moving truck. The way some of the equipment was packed, I knew it wouldn't survive the trip into Baltimore. I asked for permission to re-pack several items (CPUs,Hard Disks, and a 9 track drive) and received it. As I watched my belongings pull away , I remember feeling so helpless, and confused. It was only then did it sink in that every material possession that really mattered to me (other than my home), was gone. All I had to show for it was a sketchy 20 page inventory.. Later, my wife told me what had gone on until I came home. The SS arrived around 3 pm, and had knocked on the door. She opened the door, and 5 or 6 agents pushed her back into the foyer. They took her by the arms and moved her over to a sofa in the living room. They had a female agent with them, and this person was detailed to stay with her. She was not allowed to make phone calls, or answer them (until much later in the evening.) My children were also placed there. My son, who was 4 at the time refused to submit to their authority (guns didn't scare him) would get up often and follow agents around. From what my wife recalls, they were amused at first , then later became less enthusiastic about that. She wasn't allowed to feed the kids until after I had been released from the interrogation session. She remembers getting up several times, to go to the bathroom or to retrieve diapers,etc. and being told to get back onto the sofa. The female agent even followed her into the bathroom. The massive search of every nook and cranny of our home encompassed much more than computer equipment. To this day, I feel there is a direct link between my previous legal problem in Virginia, and the extent of the search that day. In fact, the SS had obtained items seized from me by Virginia and had them in their posession before the raid ever took place. I remember going down to the SS office a couple days later to voluntarily answer the subpoena. I set up my equipment for them. Although they had labled most cables and connectors, there was some confusion. I remember showing them how to use my systems, and in particular how to do a recursive directory listing of every file contained within. After a while, once they made sure they had backups , I was allowed to type a few commands at a terminal in order to retrieve an ascii text file (a resume). Later, while being escorted back out to the front of their offices, I saw a large room filled with stacks of boxes and equipment cases which had constituted the entire sum of my office and all equipment,software,and documentation. I was feeling pretty numb, and remember asking the agents there to please take care of everything, since I hoped to get it back. In reflection, it seems pretty pitiful. It was this day that they told me I would be prosecuted, and I remember driving back from Baltimore feeling betrayed. Even though I had completely cooperated with them, and had been told I would not be prosecuted. When I got home, I was crying .. I couldn't handle this anymore. My sister was there and I remember she gave me three vallium.. I calmed down and in fact got pretty high from it. [The following is something the SS allege I did] Allegedly from a phone booth that night I called Rich Andrews and warned him to get rid of any source code or software he shouldn't have.. At this time I was also alleged to have told Rich that I was leaving the country, and would go to Korea with my wife and kids. [If I did do this, I never said anything about leaving] .. They apparently had either tapped his line, or he told them about my call. [I would have been stupid to say this, since Korea has extradition treaties with the US] My Arrest: Several days later, I received a sudden call from Special Agent John Lewis and he told me to come down and pick up my fax machine. (I had been pestering them about it so I could fax my resume out to headhunters so I could find a job).. [ Ironically, I had been hired a week before by Global Computer Systems, in New Jersey to work as a contractor at AT&T's 3B2 Hotline in South Plainfield New Jersey .. I knew that after this AT&T wouldn't have anything to do with me and in fact was informed so the night of the raid ] Upon entering the SS office (Feb. 6) around 5 pm, I waited outside in the waiting room.. I had been doing some house painting and wasn't dressed very well. Jack Lewis came out and brought me back to one of their offices He held out his hand (as if to shake it) and instead put hand cuffs on my hand. He then locked the other to an eyebolt on the desk. He sat down across from me and told me to empty my pockets.. I complied, and then he started writing an inventory of my posessions. Jack Lewis looked up from his writing and said "You fucked us,Len!" "What do you mean?" I said. "You called Rich Andrews, and warned him to get rid of anything he shouldn't have,you fucked us!" .. I didn't reply. He then told me to pull my shoestrings out of my sneakers, and I did.. He called another agent in to witness the contents of his inventory,sealed the envelope and then told me I was going to jail.. About 15 minutes later he released the handcuffs from the desk, and put my arms behind my back and handcuffed them. I was led into the hallway, while he finished some last minute details.. He was nice enough to let me make a phone call, when I asked him..I promptly called a friend in Philadelphia. I knew he would know what to do.. Because my wife didn't speak English well, and would also have been hysterical I couldn't count on her to be much help. They drove me over to the Baltimore City Jail,told the bored looking turnkey at the desk to hold me for the night. I was pretty hungry but I had missed the evening meal , and despite repeated pleas to make my "phone call" the jailers ignored me. The people in the cells next to mine were an interesting lot. One was in for killing someone, and the other was in for a crack bust.. Someone in the cell block was drugged out, and kept screaming most of the night.. I didn't sleep much that night, and the with the cold steel slab they call a bed it wouldn't have been possible anyway. Sometime around 9 am a jailer appeared and let me out. I was then turned back over to the SS and they drove me back to the Federal Building... They put me in another holding cell and I was there for about 2 hours. A Federal Marshal came and took me to a court room, where I was charged with a criminal complaint of transporting stolen property over interstate lines with a value of $5000 or more. The conditions for my release were fairly simple.. Sign a signature bond placing my home as collateral, and surrender my passport. Fortunately my wife had come down earlier and Agent Lewis had told her to get my passport or I wouldn't be released .. She drove the 120 mile round trip and found it.. She returned, I was brought down to the courtroom and the magistrate released me. We retained an attorney that day, and several weeks later they agreed to drop all charges. I am told this was to give both sides some time to work out a deal. Against the better judgement of my (then) attorney I offered to meet with the Assistant U.S. attorney if they would bring someone down from Bell Labs. My thinking was that surely a Unix hacker would understand the ramifications of my changes to the login.c source and corroborate my explanations for the public domain password scanner. They also wanted me to explain other "sinister" activities , such as why I had an alias for the Phrack editors, and I knew a Unix person from the labs would know what I meant when I said it made it easier for people to get to .BITNET sites. I was a complete fool,and the person from Bell Labs got me in even worse trouble when he told them I had other "trojan" software on the systems. He was referring to a public domain implementation of su.c which David Ihnat (chinet) had written to allow people to share su access without actually knowing the root password. "But it is public domain software," I cried. The Bell Labs person turned and told David King (Asst. US Attorney) that I was lying. He went on to say that there was a considerable amount of R&D source code on my machines. Things that no one should possess outside of AT&T, like Korn shell and AwkCC. My attorney (Mr. Carlos Recio of Deso, and Greenberg - Washington DC) was furious with me. All he could say was that "I told you so.." and I realized I had been stupid. I had hoped if I could explain the situation to the govt. and have someone from AT&T verify what I said was true, then they would realize I was just a typical Unix freak, who hadn't been involved in anything more sinister than possibly having things I shouldn't have. After a few months the best deal Mr. King offered was for me to plead guilty to 2 felony counts (Computer Fraud) and I would receive a sentence of 17 months in prison. I refused to take the deal, [ Perhaps I may live to regret that decision when my trial begins in 91.. ] In May I was formally charged with 5 felony counts.. The rest is history.. Present Day: In better times I never lacked for work, and lived in a world where I spent more on phone bills per month (uucp traffic), than I have earned in the last four months. I am sitting here (rather lying, since I cannot get up) by the laptop computer (on loan to me from a friend) . Lately, I have grown to feel that without this little laptop and it's modem linking me to the network I would have been driven mad a long time ago.Reading Usenet news has been my only solace lately. During the day I spend hours calling around to all the head hunters asking for work.Since I still have a fax machine, I am able to fax my resume around. So far, I haven't had much luck in finding anything at all. Since all this happened , it seems that I have been blacklisted. A few companies expressed interest, but later called back and asked me if I was the "LoD hacker" and I told them yes.. They weren't interested anymore (I cannot blame them). I guess the Unix Today articles have cost me more than any of the others.. I lost a great contract ($500 a day) with a major bank in Manhattan when they saw the first article.. In various articles from various newspapers, I have been called the "Mastermind of the Legion of Doom" and other bizarre things. The lies told by the US Attorney in Baltimore in their press release were printed verbatim by many papers.. The usual propaganda about the Legion's activities in credit card fraud, breakins and the threat to the 911 system were all discussed in that press release and cast a bad light on me. I have had the good fortune to have a friend in Philadelphia who has loaned me office space in his firm's building. Such an arrangement lends an air of credibility to Netsys Inc. Too bad I have no clients or contracts. Since I broke my leg pretty badly (The doctor says I will be in a cast for six months and maybe some surgery) ,I haven't been able to visit the "office" but I have an answering machine there and I check my calls daily. We (my wife and two children) moved to the Philadelphia suburbs in order to put as much distance as possible from the SS Agent John "Jack" Lewis who is based in Baltimore. I realize that the SS have offices in every city, and agents to spare but it made me feel better knowing that he is in Baltimore and I am here. Anyway, at this point I am trying to find a few system admin jobs, and would take any salary they offered me. I am scared about the next few months since I cannot even get a job as a laborer or a 7-11 clerk since my leg is screwed.. My wife (who has a liberal arts degree) is looking for a job in this area.. We hope she can get a job working minimum wage in some department store or as a waitress. We have enough money to last another month I guess. Then I am not sure what we will do, since we haven't any relatives who will take us in. I have never been un-employed since leaving high school, and It's a pretty bad feeling. One day , If I survive this, I will never forget what has happened. I can't help feeling that there is a thin veneer of freedom and democracy in this country, and agencies like the Secret Service are really far more powerful than anyone had realized. I know that my friends within AT&T (E. Krell for one) feel I have "stolen" from their company. I can only laugh at this attitude since I have probably done more for AT&T than he has. Those of you who knew me before can attest to this. While it was "wrong" to possess source code without a license,I never tried to make money from it. I wrote a Trojan Horse program, which in all honesty was done to help defend my own systems from attack (it is currently installed as /bin/login on my equipment). Any allegations that I installed it on other systems are completely false. [ in fact, most of the source code was given to me by AT&T employees ] As far as the public domain password scanner program, well.. I realize that most of you know this, but items far more powerful can be obtained from any site that archives comp.sources.unix,and comp.sources.misc .. I used it as a legitimate security tool when doing security audits on my own systems and clients. It wasn't very good really, and considering it was obsolete (System V 3.2 /etc/shadow) anyway, it's usefulness was limited. Since the SS will be reading this article with interest, I want to point out that I will fight you to the end. Someday I hope you will realize you made an honest mistake and will rectify it. Perhaps there was some justification I am not aware of, but I doubt it. If I have to go to prison for this, perhaps it will benefit society. Who knows what what Len Rose would have done if left to continue his criminal pursuits. I hope to get my equipment, and software back and then re-start my life. There have been repeated motions to get my equipment back , but the judge has summarily denied them saying I will commit crimes If I get it back. I have offered to assist the SS in saving evidence,and to sign any agreement they choose regarding validity of that evidence. I may take up begging soon , and ask for help from someone who is rich. It's going to be winter soon and I don't look forward to being on the street. Len ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: Mon, 10 Sep 90 22:24:24 -0400 From: Timothy C Wolfson TTUNIX.BITNET Subject: Tim Wolfson's address, cite list ******************************************************************** *** CuD #2.03: File 3 of 4: Bibliography of Law Articles *** ******************************************************************** Below is a list of articles published in legal periodicals that may be of interest to your readers. This list is in no way meant to be all inclusive, I'm sure I've left out (or not yet discovered) many pertinent pieces. 24 Am. Crim. L. Rev. 623 MAIL AND WIRE FRAUD Winter, 1987 Kimi N. NuraKami 24 AMCRLR 623 PLI Order No. C4-4175 Civil RICO 1986 PREDICATE ACTS OF MAIL FRAUD AND WIRE FRAUD June 1, 1986 Brad D. Brian 141 PLI/Lit 79 63 U. Det. L. Rev. 843 COPYRIGHT--Bootleg Records--Copyright infringement in the form of unauthorized phonograph recordings, when such records are shipped interstate, does not fall within the reach of the National Stolen Property Act. Dowling v. United States, 105 S. Ct. 3127 (1985). Summer, 1986 Kenneth Adamczyk 13 Legal Econ. 44 ELECTRONIC BULLETIN BOARD SYSTEM PROVER BBS November/December, 1987 Rees W. Morrison 13 LEGEC 44 39 Fed.Com.L.J. 217 An Electronic Soapbox: Computer Bulletin Boards and the First Amendment October, 1987 Eric C. Jensen 39 FCLJ 217 Public Utilities Fortnightly The March of Events November 9, 1989 NEW MEXICO ELECTRONIC BULLETIN BOARD AVAILABLE AT COMMISSION 124 No. 10 Fortnight 50 PLI Order No. G4-3847 How to Handle Basic Copyright and Trademark Problems A Satellite Program PATENT AND TRADEMARK OFFICE: PROSECUTING APPLICATIONS FOR TRADEMARK REGISTRATION, AND INTER PARTES PRACTICE BEFORE THE TRADEMARK TRIAL AND APPEAL BOARD February 13, 1990 Roberta S. Bren 288 PLI/Pat 135 PLI Order No.G4-3844 Patents, Copyrights, Trademarks, and Literary Property Course Handbook Series THE LICENSING OF COMPUTER SOFTWARE PROGRAMS January 1, 1990 Gerald E. Lester 287 PLI/Pat 293 PLI Order No. 64-3839 Communications Law 1989 THE MEDIA AND THE COMMUNICATIONS REVOLUTION: AN OVERVIEW OF THE REGULATORY FRAMEWORK AND DEVELOPING TRENDS November 9,1989 Richard E. Wiley 283 PLI/Pat 327 57 Geo. Wash. L. Rev. 1459 THE FIRST AMENDMENT AND TECHNOLOGICAL CHANGE: THE NEW MEDIA HAVE A MESSAGE August 1, 1989 M. Ethan Katsh 57 GWLR 1459 75 A.B.A.J. 82 THE FUTURE OF TECHNOLOGY IN LAW FIRMS July, 1989 Jon E. Klemens 75 ABAJ 82 44 Bus. Law. 1081 ELECTRONIC FUND TRANSFERS May, 1989 David B. Goldstein, Edward L. Rubin, Dewey B. Morris, Charles P. Seibold, Richard P. Kessler, Jr., Richard S. Wyde. PLI Order No. G4-3831 Protecting Trade Secrets 1989 PROTECTING TRADE SECRETS: LEGAL THEORIES April 1, 1989 Michael J. Hutter 269 PLI/Pat 9 PLI Order No. A4-4255 Law Practice Management for the Solo and Small Office Practitioners Conquer the Computer It's your ticket to tomorrow and the key to a more effective and competitive practice April 1, 1989 JAMES A. EIDELMAN 492 PLI/Comm 353 54 W.Educ.L.Rep. 761 COMPUTER VIRUSES: LEGAL AND POLICY ISSUES FACING COLLEGES AND UNIVERSITIES 1989 David R. Johnson, J.D. Thomas P. Olson, J.D., David G. Post, Ph.D., J.D. 54 WELR 761 PLI Order No. G4-3821/3 Communications Law 1988 THE MEDIA AND THE COMMUNICATIONS REVOLUTION: AN OVERVIEW OF THE REGULATORY FRAMEWORK AND DEVELOPING TRENDS November 10, 1988 Richard E. Wiley 262 PLI/Pat 681 XXIX B.C.L.Rev. 803 COPYRIGHTED SOFTWARE: SEPARATING THE PROTECTED EXPRESSION FROM UNPROTECTED IDEAS, A STARTING POINT September, 1988 J. Dianne Brinson XXIX BCLR 803 21 J. Marshall L. Rev. 735 COMMUNICATIONS TECHNOLOGY: NEW CHALLENGES TO PRIVACY Summer, 1988 Fred W. Weingarten 21 JMARLR 735 63 N.Y.U.L.Rev. 416 DON'T TOUCH THAT DIAL: RADIO LISTENING UNDER THE ELECTRONIC COMMUNICATIONS PRIVACY ACT OF 1986 May, 1988 Fred Jay Meyer 63 NYULR 416 14 Legal Econ. 30 ELECTRONIC COMMUNICATIONS A LAWYER'S PRIMER April, 1988 Carl G. Roberts Rees W. Morrison Greg H. Schlender 14 LEGEC 30 PLI Order No. G4-3804 Telecommunications 1987: Current Developments In Policy and Regulation AN OVERVIEW OF INTERNATIONAL ISSUES December 10, 1987 P. Michael Nugent 244 PLI/Pat 145 PLI Order No. G4-3804 Telecommunications 1987: Current Developments In Policy and Regulation REALITY RELEARNED December 10, 1987 Lawrence W. DeMuth, Jr. 244 PLI/Pat 133 24 Am. Crim. L. Rev. 623 MAIL AND WIRE FRAUD Winter, 1987 Kimi N. NuraKami 24 AMCRLR 623 13 Legal Econ. 28 LEGAL TECHNOLOGY: PRESENT AND FUTURE TRENDS November/December, 1987 Gordon L. Jacobs 13 LEGEC 28 73 A.B.A.J. 50 HOW COMPUTERS MADE US BETTER LAWYERS May 15, 1987 Joshua Stein 73 ABAJ 50 72 Iowa L.Rev. 1015 The National Security Agency and Its Interference with Private Sector Computer Security May, 1987 Renae Angeroth Franks 72 IALR 1015 27 Va. J. Int'l. L. 575 Statutory Improvements to the Foreign Availability Process for High Technology National Security Export Controls Spring, 1987 Richard T. Horan, Jr. 42 Bus.Law. 614 COMPUTER LAW February, 1987 Bernard G. Helldorfer, Harold J. Daw, William E. Hirschberg, Darrell K. Fennell, and Andrew W. Hoffmann 42 BUSLAW 614 67 B.U.L.Rev. 179 WARRANT REQUIREMENT FOR SEARCHES OF COMPUTERIZED INFORMATION January, 1987 C. Ryan Reetz 40 Vand.L.Rev. 1 Free Speech, Copyright, and Fair Use January, 1987 L. Ray Patterson 10 U.Ark.Little Rock L.J. 55 WHAT IS COMPUTER CRIME, AND WHY SHOULD WE CARE? 1987-88 Michael C. Gemignani 10 UARLRLJ 55 13 Rutgers Computer And Tech.L.J. 451 THE ELECTRUNIC COMMUNICATIONS PRIVACY ACT OF 1986: THE CHALLENGE OF APPLYING AMBIGUOUS STATUTORY LANGUAGE TO INTRICATE TELECOMMUNICATION TECHNOLOGIES 1987 Russell S. Burnside 13 RUCTLJ 451 PLI Order No. G4-3790 Protecting Trade Secrets 1986 LEGAL THEORIES AND RECENT DEVELOPMENTS May 1, 1986 Michael J. Hutter 224 PLI/Pat 11 20 Colum.J.L.Soc.Prob. 89 Teleinformatics, Transborder Data Flows and the Emerging Struggle for Information: An Introduction to the Arrival of the New Information Age 1986 ANTHONY PAUL MILLER Judicature Articles August-September 1989 TECHNOLOGY IN APPELLATE COURTS: THE NINTH CIRCUIT'S EXPERIENCE WITH ELECTRONIC MAIL Stephen L. Wasby 73 JUDICATURE 90 Judicature Focus August-September, 1988 TECHNOLOGY COMES TO THE COURTS Paul Nejelski 72 JUDICATURE 136 38 Cath.U.L.Rev. 401 THE FIRST AMENDMENT INVALIDITY OF FCC OWNERSHIP REGULATIONS Winter, 1989 Jonathan W. Emord 38 CATHULR 401 38 Cath.U.L.Rev. 299 RED LIONS, TIGERS AND BEARS; BROADCAST CONTENT REGULATION AND THE FIRST AMENDMENT Winter, 1989 Charles D. Ferris Terrence J. Leahy 38 CATHULR 299 38 Cath.U.L.Rev. 471 THE DIVERSITY PRINCIPLE AND THE MFJ INFORMATION SERVICES RESTRICTION: APPLYING TIME-WORN FIRST AMENDMENT ASSUMPTIONS TO NEW TECHNOLOGIES Winter, 1989 Richard A. Hindman 38 CATHULR 471 57 Geo. Wash. L. Rev. 1459 THE FIRST AMENDMENT AND TECHNOLOGICAL CHANGE: THE NEW MEDIA HAVE A MESSAGE August 1, 1989 M. Ethan Katsh 57 GWLR 1459 57 Geo. Wash. L. Rev. 1495 ON UNDERSTANDING THE FIRST AMENDMENT STATUS OF CABLE: SOME OBSTACLES IN THE WAY August 1, 1989 Jerome A. Barron 57 GWLR 1495 38 Emory L.J. 715 THE ILLEGITIMACY OF THE PUBLIC INTEREST STANDARD AT THE FCC July 1, 1989 William T. Mayton 38 EMORYLJ 715 PLI Order No. G4-3826/1 Cable Television Law 1989: Dealing with the New Challenges TELEPHONE COMPANY ENTRY INTO VIDEO PROGRAMMING March 1, 1989 Frank W. Lloyd 266 PLI/Pat 9 87 Mich.L.Rev. 499 FREE SPEECH AND THE 'ACID BATH': AN EVALUATION AND CRITIQUE OF JUDGE RICHARD POSNER'S ECONOMIC INTERPRETATION OF THE FIRST AMENDMENT November, 1988 Peter J. Hammer 87 MILR 499 86 Mich.L.Rev. 1269 QUESTIONING BROADCAST REGULATION May, 1988 Jonathan Weinberg 86 MILR 1269 1988 Duke L.J. 329 CABLE TELEVISION AND THE FREEDOM OF EXPRESSION April/June, 1988 Daniel Brenner 1988 DUKELJ 329 VI Yale L. Pol'y Rev. 449 Ad Hoc Access: The Regulation of Editorial Advertising on Television and Radio 1988 Rhonda Brown VI YLLPR 449 39 Hastings L.J. 165 The TRAC to Fairness: Teletext and the Political Broadcasting Regulations November, 1987 GAIL A. FLESHER 39 HSTLJ 165 21 U.Mich.J.L.Ref. 137 THE RIGHT TO SPEAK, THE RIGHT TO HEAR, AND THE RIGHT NOT TO HEAR: THE TECHNOLOGICAL RESOLUTION TO THE CABLE/PORNOGRAPHY DEBATE Fall/Winter, 1987-88 Michael I. Meyerson 21 UMIJLR 137 8 Cardozo L.Rev. 317 AN EXCESS OF ACCESS: THE CABLE COMMUNICATIONS POLICY ACT OF 1984 AND FIRST AMENDMENT PROTECTION OF EDITORIAL DISCRETION December, 1986 Adam R. Spilka 8 CDZLR 317 75 Geo.L.J. 361 A Press Privilege for the Worst of Times October, 1986 David Joseph Onorato 35 Emory L.J. 563 CABLE LEASED ACCESS AND THE CONFLICT AMONG FIRST AMENDMENT RIGHTS AND FIRST AMENDMENT VALUES Summer, 1986 William E. Lee XX Suffolk U.L.Rev. 1 FREE SPEECH IN AN ECONOMIC PERSPECTIVE Spring, 1986 Richard A. Posner 33 U. Kan. L. Rev. 305 INDEPENDENT BUT INADEQUATE: STATE CONSTITUTIONS AND PROTECTION OF FREEDOM OF EXPRESSION Winter, 1985 Todd F. Simon 58 S.Cal.L.Rev. 1351 CONTROLLING THE CONTENT OF PRINT AND BROADCAST September, 1985 MATTHEW L. SPITZER 22 Harv.J.Legis. 503 TELEPHONE PORNOGRAPHY: FIRST AMENDMENT CONSTRAINTS ON SHIELDING CHILDREN FROM DIAL-A-PORN Summer, 1985 JOHN C. CLEARY 133 U. Pa. L. Rev. 661 A PROPOSED MODEL OF THE SOVEREIGN/PROPRIETARY DISTINCTION March, 1985 Teresa Gillen 98 Harv.L.Rev. 747 INFORMATION TECHNOLOGY AND THE STRUCTURE OF SECURITIES REGULATION February, 1985 Donald C. Langevoort 98 Harv.L.Rev. 205 Leading Cases of the 1983 Term--Constitutional Law: Freedom of Speech, Press, and Association--Restrictions on Public Broadcasters' Rights to Editorialize November, 1984 98 HVLR 205 38 U.Miami L.Rev. 769 A Common Law for the Ages of Intellectual Property Septemer, 1984 DAN ROSEN 25 Harv. Int'l L.J. 299 The British Telecommunications Decision: Toward a New Telecommunications Policy in the Common Market March, 1984 Slida A. Wall 8 Nova L.J. 631 Communications Revolutions and Legal Revolutions: The New Media and the Future of Law March, 1984 M. Ethan Katsh 82 Mich.L.Rev. 981 FREE SPEECH AND HIGH TECH February, 1984 Francis Dummer Fisher 82 MILR 981 XIII Fordham Urb.L.J. 801 ELECTRONIC PUBLISHING: FIRST AMENDMENT ISSUES IN THE TWENTY-FIRST CENTURY 1984 Lynn Becker 97 Harv.L.Rev. 584 SAFEGUARDING THE FIRST AMENDMENT IN THE TELECOMMUNICATIONS ERA TECHNOLOGIES OF FREEDOM. By Ithiel de Sola Pool. Cambridge, Massachusetts: Belknap Press of Harvard University Press. 1983. Pp. 299. $20. December, 1983 Mario L. Baeza 36 Vand.L.Rev. 985 Global Governance of Global Networks: A Survey of Transborder Data Flow in Transition May, 1983 Anne W. Branscomb 36 VNLR 985 38 Cath.U.L.Rev. 365 INFORMATION AS PROPERTY: DO RUCKELSHAUS AND CARPENTER SIGNAL A CHANGING DIRECTION IN INTELLECTUAL PROPERTY LAW? Winter, 1989 Pamela Samuelson 38 CATHULR 365 47 U.Pitt.L.Rev. 1185 ALLOCATING OWNERSHIP RIGHTS IN COMPUTER-GENERATED WORKS Summer, 1986 Pamela Samuelson 47 U. Pitt. L. Rev. 1131 THE UNCERTAIN CASE FOR SPECIAL LEGISLATION PROTECTING COMPUTER SOFTWARE Summer, 1986 Leo J. Raskind 32 Wayne L.Rev. 1191 PROPOSED JUDICIAL GUIDELINES FOR DECIDING SOFTWARE INFRINGEMENT ACTIONS Spring, 1986 SUSAN L. MASHOUR 16 Rutgers Computer and Tech.L.J. 323 DIGITAL MEDIA AND THE CHANGING FACE OF INTELLECTUAL PROPERTY LAW Winter, 1990 Pamela Samuelson _____________________________________________________________________ | Tim Wolfson | Internet: tcwst@unix.cis.pitt.edu | | Pitt Law | CCNet : tcwst@CISUNX | | PGH, PA 15260 | UUCP : tcwst@cisunx.uucp | | (412) 486-0182 | Bitnet : TCWST@PITTVMS.BITNET | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: September From: Entity Subject: A comment on Zod's case ******************************************************************** *** CuD #2.03: File 4 of 4: A Comment on the Zod Case *** ******************************************************************** I hope to present you with some of the details regarding Zod's bust so that your readers can be more familiar with the case. Sometime around late October 1989 or so, Zod set up a multi user chat system on a US Air Force system. The program he was using was Hans Kornedor's chat program , which many of you may recognize as the chat program used on the ALTOS german hacker chat systems. In any case, Zod modified this program, making superficial changes and labelled it TDON chat. What he did was infiltrate a US Air Force UNIX system at Andrews Air Force Base. Because of the extremely lax security on the system, he was easily able to gain super user privileges and set up an SUID shell in one of the directories. He then changed the password on an unused account (Foster. Password was TDON) and set his TDON chat system up. He then went onto places such as TCHH (Germany), ALTGER (Germany) and QSD (France) and started spreading the news of this great new chat. Thankfully, not many people paid any attention to Zod (who is world reknown to be a class "A" bozo.) Very few people called and of those who did, it was mostly american users on telenet, although there were a few european callers as well. I was actually invited to the system by an up and coming VAX/VMS hacker who used the alias 'Corrupt' (he was part of the group HiJiNx!). I knew him from meetings on the various european chat systems as well as him being on the Corrupt Computing Canada BBS System in Toronto, Canada. Last I heard, he was busted as well, although I am not sure of on what charges. The chat itself was up for maybe a week -- a week and a half at best. At this point you are probably wondering who would be suicidal enough to set up a hacker chat system on a US Air Force system, right? Well, there's more to Zod's stupidity than just that. In addition to setting up the chat, Zod decided that he would be smart and in the .login script for the foster account he added in the TEE command to log everything to a file. For those unfamiliar with UNIX, the tee command basically takes the input coming into the user's TTY, and makes a copy of it into a specified file. Zod had this input go into a directory with the filename the same as the user's process ID. I guess Zod's intention was to at a later time peruse these files for useful information, but what he ended up doing was handing us all to the authorities on a silver platter. Now one of the modifications that Zod had made to the chat program was to add in a shell escape. I never did figure out what the escape sequence was (not that I ever looked very hard), but I noticed that if I lifted my phone up, (thereby sending garbage over the modem) and put it back down, I would automatically be plopped into the shell! It was here that I discovered all the craziness that Zod had set up. You can imagine my surprise when I looked at some of the files in my directory and discovered that this chat system had been set up on a military unix machine! It was then that I found all the TEE'd files, the source code to his TDON chat, and the SUID root shell. Again for those unfamiliar with unix, an SUID root shell basically allows a user to run this file and gain superuser privileges by temporarily changing their User ID to that of root (superuser). Those familiar with hacking unix's will agree that it is never a good idea to leave such a file around on a system since it can be easily detected if not hidden properly. Not only was this file NOT hidden, it was put in plain view of the system administrator! If my memory serves correctly, it was put into the /tmp directory under a very obvious filename! Of course, the biggest problem with this particular set up was the TEE'd log files that zod had created. Those files had some very far reaching consequences as I shall describe in just a minute. Because of Zod's generosity in logging all chat sessions, Air Force Security staff had no reason to do any additional logging of information. What the security staff did was first of all change the password on the foster/tdon account and then made backups of all the chat session files. These were then compiled into a huge document (looks to be about 800-900 pages) and was edited to take out overlapping chat processes. I have managed to acquire this document through a friend of mine who was recently charged for infiltrating several systems. Part of the evidence was that document submitted by the Andrews Air Force base. For the benefit of those people who called this chat and who gave out incriminating evidence, I will just briefly list their names. You guys should realize that your particular sessions were logged and are included as part of the evidence. I would not be surprised if a further investigation stemming from Zod's bust were to be carried out. The people who should be watching their tails are: Sam Brown, Hunter, Phreakenstein, Outlaw, Corrupt and Jetscream. These are obviously not the only people who were logged, but they do represent those who passed out accounts and passwords and other incriminating information on the chat, as well as having spent the most amount of time on there. So how does this lead up to Zod's arrest? Well, I'm not positive. On the Air Force machine, zod was dumb enough to leave his name plastered all over the chat including on the logon screen. Of course this cannot be used solely as evidence enough to convict, but it sure as hell points in his direction. Zod was also not a very careful person -- this is of course obvious from him having set up the Air Force Chat, but in addition, he left behind a lot of clues. He wasn't a very competent hacker and never cleaned up after himself. I assume it wasn't very difficult to track him down from his blatant misuse of the City University system in Washington. It is my understanding that Corrupt and others were busted indirectly because of him. Perhaps someone closer to the source can confirm this. In any case, what all this goes to show you is how the stupidity of one individual can lead to the problems of so many others. By setting up a hacker chat system on the Andrews Air Force base system, he committed a great mistake. By then inviting so many hackers from the international hack scene, he committed a greater sin. But for actually logging all this information and never deleting it, he committed the ultimate crime. This kid is a royal pain in the posterior and a serious threat to all hackers. - Entity/CCCAN! (Corrupt Computing Canada) ******************************************************************** ------------------------------ **END OF CuD #2.03** ********************************************************************