**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.29 (Aug 19, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet) ARCHIVISTS: Bob Krause / Alex Smith USENET readers can currently receive CuD as alt.society.cu-digest. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. It is assumed that non-personal mail to the moderators may be reprinted, unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTENTS: File 1:: Moderators' Corner File 2:: From the Mailbag File 3:: Direction of CuD File 4:: Password checking programs and trojan horses File 5:: What is "CYBERSPACE?" File 6:: The CU in the News ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------------------------------------------------------------------- ******************************************************************** *** CuD #1.29, File 1 of 6: Moderators' Comments *** ******************************************************************** Date: August 19, 1990 From: Moderators Subject: Moderators' Corner ++++++++++ In this file: 1) CRAIG NEIDORF DEFENSE FUND 2) COMPUSERVE AND CuD BACK ISSUES 3) BLOCKING OF LONG DISTANCE NUMBERS 4) PAT TOWNSON AND TELECOM DIGEST +++++++++++++++++++++++++++++ CRAIG NEIDORF DEFENSE FUND +++++++++++++++++++++++++++++ Those interested in contributing the Craig Neidorf's defense fund to help reduce his legal costs, which exceeded $100,000, should do so soon. Checks should be made out to the law firm of KATTEN, MUCHIN AND ZAVIS, and sent directly to his defense attorney: Sheldon Zenner c/o Katten, Muchin and Zavis 525 W. Monroe, Suite 1600 Chicago, IL 60606 ++++++++++++++++++++++++++++ COMPUSERVE AND CuD BACK ISSUES ++++++++++++++++++++++++++++ A limited number of CuD back issues are available for downloading in the Legal Forum of CompuServe. (GO LAWSIG) The files, called CUD1NN.ARC, are found in Library 1 (computers and law). Also available is Gordon Meyer's thesis, "The Social Organization of the Computer Underground" as CUTHESIS.ARC. Eventually we hope to have all CuD back issues available in this Forum, but the limited number of daily uploads the Forum will accept is an obstacle to accomplishing this goal in a timely fashion. We are also in the process of uploading CuD material to GEnie (General Electric Network for Information Exchange). The files will be available in the Legal SIG of that network as well. CIS and GEnie specific questions, concerning CuD availability, can be directed to Gordon at 72307,1502 (Compuserve) and GRMEYER (GEnie). Volunteers to help upload files are most welcome. +++++++++++++++++++++ LONG DISTANCE BLOCKING +++++++++++++++++++++ Last year, both PHRACK and PIRATE printed stories about the blocking of long distance numbers by Teleconnect, and included information about at least one law suit in Iowa. Since then, we have heard little about blocking long distance numbers by carriers. If anybody has information on current blocking practices or can provide evidence of continued blocking, please pass it along. Does the current dearth of information on blocking reflect a reduction of the practice? +++++++++++++++++++++++ PAT TOWNSON AND TELECOM DIGEST +++++++++++++++++++++++ Pat Townson, moderator of TELECOM Digest, has been largely responsible for the initial e-mail discussions of the CU. CuD began by publishing articles Pat was unable to include in TCD, and he was always willing to answer technical and other questions and offer advice. Whatever his own views on the the CU, Pat has been willing to air articles from all perspectives. Some of us have disagreed with his views and responded to his comments with vigor. He occasionally devoted special issues to attacks on his comments, and has never hesitated to provide others a forum for their views. Pat, we just want to say "Thanks!" ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: August 19, 1990 From: Various Subject: From the Mailbag ******************************************************************** *** CuD #1.29: File 2 of 6: From the Mailbag *** ******************************************************************** Date: Wed, 15 Aug 90 07:13 EDT From: lsicom2!len@cdscom.cds.com(Len Rose) Subject: Request for INTERNET site by Len Rose I would like to request an internet account on any system (east coast preferable) since it seems ames can no longer provide such a favor. Most important is ftp access without quotas. Peter Yee can be contacted at (yee@ames.arc.nasa.gov) to vouch whether or not I was a considerate guest. I haven't asked him to vouch for me beforehand,and won't so as to make sure whoever contacts him gets his real opinion. Having an Internet account is crucial to my defense at this time. Voice phone information will be provided upon request. Thanks. Len Rose ------------------------------ Date: Thu, 16 Aug 90 17:50:00 -0500 From: Anonymous Subject: BBS virus alert (PC) This message was found on a WWIV bulletin board in Lawrence, KS alerting BBS users to avoid a file WWIVGA.ZIP which contains the Vienna Virus and was aimed at discrediting a local programmer. The "General" WWIV-Sub 100/100: ************** WARNING ****************** Name: Gary Martin #1 @9354 Date: Wed Aug 15 20:32:40 1990 ***************** WARNING *************************** Someone has created a .ZIP called WWIVGA.ZIP It claims to be a useful utility to put your computer in 43 or 50 line mode for running the BBS. THIS .ZIP CONTAINS THE VIENNA VIRUS!!!!!!!!!!!!!!!!!! The .DOC file that goes with it says that it was written by Carceris Dominus #1@9354 Castle RavenLoft. That is total bullshit. Carceris Dominus was my old handle. I've changed it since all this ^%$$@^% happened. BEWARE OF THIS FILE! DO NOT RUN IT!!! A user on my board uploaded this file and asked my why it doesn't work right. That user turned out to be a fake account. However I also got a call from a Sysop back east who found the virus using SCAN 66. After I read the docs I knew that some jerk had doctored up this thing to try and discredit me. (I am the author of Trade Wars 2002) I have since been working hard to tell everyone to avoid this file. ++++++++ Please pass this message along to others in the WWIV community The "General" WWIV-Sub ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: August 19, 1990 From: Moderators Subject: Direction of CuD ******************************************************************** *** CuD #1.29: File 3 of 6: The Direction of CuD *** ******************************************************************** "Never trust anyone over thirty" leapt to my mind as soon as Jim pointed out that this would be our 30th issue of C-u-D. I brought this up to a friend (and C-u-D reader) on the way to work one morning. "Hey, great", he replied. "You know Jesus Christ didn't begin his evangelism until he was thirty, think of all the great things that could lie ahead for you!" Hmmm...I was just starting to agree with him when he added that three years later He was crucified. The digest was begun as an experiment, the long and heated discussion about CU issues had worn out its welcome on Telecom Digest so Pat Townsen suggested we form our own discussion forum. Jim took up the challenge and drafted (literally) me to help. Neither of us actually believed that it would last longer than three or four issues but we hoped it would. Now the digest has grown into a huge job and has a direct mailing list of over 400 readers (which doesn't begin to count those who get it from secondary sources and news echos). Our intent was to provide a free exchange of ideas and research into the Computer Underground. At the time the view (which has since been categorized as "hack symp") that the illegalization of "hacking" should be approached with caution was, well, not very well represented in the press, courts, law enforcement, and elsewhere. But with the efforts of the readers of C-u-D and 2600, the mainstream press and computer industry has picked up the cause and there is some hope that the "problem" of the Computer Underground will be addressed with accuracy and fairness. There are many issues and angles to be discussed and debated. The "Phrack Inc" case, which was our initial rallying point, has been settled. The other "LoD" busts are either in stasis or are being addressed by the professionals. It's time for the town criers, C-u-D, to take a breather and return to our academic research into the CU and other areas of personal interest. The C-u-D experience has given us much to work on. Many thanks to our readers, our friends, and even our critics. This, our 30th issue, will close volume one. The first issue of volume two will appear sometime in the future. Illegitimis Non Carborundum! GRM ******************************************************************** We are not sure if CuD has outlived its purpose. If so, it will be appearing less frequently, serving primarily update functions. If not, we must now reflect on goals and future direction. As Gordon observed, we began as an "overflow conduit" for TELECOM Digest for articles relating to the Phrack situation, and the goal was to stimulate discussion of issues and provide an alternative view to the one presented by the media and law enforcement. We believe we have had several major successes, especially in making visible the questionable tactics of law enforcement in some of the alleged computer abuse cases. We focused only on those in which the targets of federal agents seemed to exceed the alleged "crime" and in which, from the knowledge we obtained, the charges (or lack of them) seemed far beyond what evidence would show. We did not claim any to be innocent. Rather, we suggested that the "official picture" was out of focus, and something was not quite right. We have not, nor will we, condone predatory behavior, and our concern has been for the broader issue of civil liberties rather than for a "right to hack." We have been accused of being "mean-spirited," "non-objective," and poor journalists. Perhaps all are true. But, we never pretended to be journalists: We are gadflies attempting to raise issues, and we feel our facts were generally accurate. We have learned from both critics and advocates, and we have come to appreciate the grey area in high tech crimes between legitimate enforcement and over-zealousness. We have apologized for some excesses, modified our views on others. That seems to be the primary difference between CU types and the "other side." We have no wish to polarize, but "sides" were thrust upon us. That "other side" does not have "apology" in its vocabulary, nor, judging by continued public statements, has it benefited from the dialogues occuring in and among CuD, the EFF, The Well, 2600 Magazine, TELECOM Digest, or the many other forums. Their hyperbole remains strident, and then others are faulted for responding. It is not CU supporters who have confiscated some equipment without strong justification, hidden behind "privacy protections," misled the public, foamed to the media, engaged in initial ad hominem attacks, engaged in disinformation, or nearly ruined a young man's life. As long as "I'm sorry," or "we were wrong" isn't in the vocabulary of some, as long as there seems to be no reflection on legitimate Constitutional issues, and as long as the view that "professional image" supercedes "doing the right thing," there is probably a role for CuD. We will be rethinking our direction, and we hope to continue combining general-interest information with more structured analyses of the relationship between computer technology and the social, legal, and ethical issues that arise. We hope readers will provide us with some feedback to guide us. We begin a new series of CuD with Volume II beginning next issue to symbolize the closing of one set of issues and the beginning a new set. Jim Thomas ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: Tue, 14 Aug 90 00:11:38 EDT From: tmsoft!moore!gompa!rca@gpu.utcs.toronto.edu(Robert Ames) Subject: Password checking programs and trojan horses ******************************************************************** *** CuD #1.29: File 4 of 6: Password Checkers and Public Domain *** ******************************************************************** To the CUD people: Again, I find I must write as a result of an article in CUD. Last time, I had read the indictment of C. Neidorf, alleging, for example, that the software documentation in question was worth thousands of dollars, and that it was closely held and proprietary. My research, which is done for technical reasons only, indicated the truth to be entirely different - thus I had to speak up. So it is in the Len Rose indictment. There are two points I'd like to address: firstly, Ken Thomson, Bell Labs employee and author of UNIX, publicly admitted that he had installed a trojan horse in both the LOGIN.C program and in the C compiler. His paper to the ACM, presented while accepting a programming award, describes this trojan horse. The paper is, "Reflections on Trusting Trust", published in Communications of the ACM. Secondly, there are several password checking programs in circulation of the type described in CUD #128. The one I have here was obtained from ROGUE.LLNL.GOV by ftp. This is a U.S. government VAX computer. Here is an excerpt: =================================================================== From CHECKPASS documentation: =================================================================== This program checks users passwords against some common words and names that are often used as passwords and against an on-line dictionary. The "idea" for this is based on the Arpa Internet Worm that made the news this past year. A report on the INFO-VAX Mailing list (see WORM.MES) talked about how the worm broke into accounts. The idea of checking passwords, for security reasons, came from that report. To run the programs you need to have enough privilige to read the information on the users to be checked from the UAF file using SYS$GETUAF functions. Both primary and secondary passwords are checked if they exist. The users to be checked are listed in the file USERS.DAT. The first line in USERS.DAT is the minimum password length for a password (read from the various source files) to be tested. The program allows up to 500 users to be listed. All the usernames are read in at th start of the program and the appropriate data read from the UAF. If a password is found it is stored in a data array and written out in a report after all the words in the dictionary and passwords files have been tested for all users. PLEASE NOTE that the LEXIC files are not supplied here. These files are part of the VASSAR Spelling checker program and make up the dictionary for that program. Those files need to obtained or that part of the program commented out before using this program. =============================================================== I encourage you to retrieve the entire package, to see for yourselves how similar this program is to Rose's. Robert Ames rca@gompa.UUCP P.O. Box 724, Station 'A', Toronto, CANADA ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: August 19, 1990 From: Reprint Subject: What is "CYBERSPACE?" ******************************************************************** *** CuD #1.29: File 5 of 6: What is CYBERSPACE? *** ******************************************************************** ++++++++++++++++++++++++++ Three "cyber-articles" appeared in the last few issues of CuD, prompting some to ask what it all means. The following article is old, but remains a nice overview, so we reprint it here. +++++++++++++++++++++++++++ "Viewpoint", by Paul Saffo _Communications of the ACM_, June 1989, volume 32 number 6, page 664-665 Copyright 1989 by the Association for Computing Machinery. Posted with permission. "Consensual Realities in Cyberspace" More often than we realize, reality conspires to imitate art. In the case of the computer virus reality, the art is "cyberpunk," a strangely compelling genre of science fiction that has gained a cult following among hackers operating on both sides of the law. Books with titles like _True Names_, _Shockwave Rider_, _Neuromancer_, _Hard-wired_, _Wetware_, and _Mona Lisa Overdrive_ are shaping the realities of many would-be viral adepts. Anyone trying to make sense of the social culture surrounding viruses should add the books to their reading list as well. Cyberpunk got its name only a few years ago, but the genre can be traced back to publication of John Brunner's _Shockwave Rider_ in 1975. Inspired by Alvin Toffler's 1970 best-seller _Future Shock_, Brunner paints a dystopian world of the early 21st Century in which Toffler's most pessimistic visions have come to pass. Crime, pollution and poverty are rampant in overpopulated urban arcologies. An inconclusive nuclear exchange at the turn of the century has turned the arms race into a brain race. The novel's hero, Nickie Haflinger, is rescued from a poor and parentless childhood and enrolled in a top secret government think tank charged with training geniuses to work for a military-industrial Big Brother locked in a struggle for global political dominance. It is also a world certain to fulfill the wildest fantasies of a 1970s phone "phreak." A massive computerized data-net blankets North America, an electronic super highway leading to every computer and every last bit of data on every citizen and corporation in the country. Privacy is a thing of the past, and one's power and status is determined by his or her level of identity code. Haflinger turns out to be the ultimate phone phreak: he discovers the immorality of his governmental employers and escapes into society, relying on virtuoso computer skills (and a stolen transcendental access code) to rewrite his identity at will. After six years on the run and on the verge of a breakdown from input overload, he discovers a lost band of academic techno-libertarians who shelter him in their ecologically sound California commune and... well, you can guess the rest. Brunner's book became a best-seller and remains in print. It inspired a whole generation of hackers including, apparently, Robert Morris, Jr. of Cornell virus fame. The _Los Angeles Times_ reported that Morris' mother identified _Shockwave Rider_ as "her teen-age son's primer on computer viruses and one of the most tattered books in young Morris' room." Though _Shockwave Rider_ does not use the term "virus," Haflinger's key skill was the ability to write "tapeworms" - autonomous programs capable of infiltrating systems and surviving eradication attempts by reassembling themselves from viral bits of code hidden about in larger programs. Parallels between Morris' reality and Brunner's art is not lost on fans of cyberpunk: one junior high student I spoke with has both a dog-eared copy of the book, and a picture of Morris taped next to his computer. For him, Morris is at once something of a folk hero and a role model. In _Shockwave Rider_, computer/human interactions occurred much as they do today: one logged in and relied on some combination of keyboard and screen to interact with the machines. In contrast, second generation cyberpunk offers more exotic and direct forms of interaction. Vernor Vinge's _True Names_ was the first novel to hint at something deeper. In his story, and small band of hackers manage to transcend the limitations of keyboard and screen, and actually meet as presences in the network system. Vinge's work found an enthusiastic audience (including Marvin Minsky who wrote the afterword), but never achieved the sort of circulation enjoyed by Brunner. It would be another author, a virtual computer illiterate, who would put cyberpunk on the map. The author was William Gibson, who wrote _Neuromancer_ in 1984 on a 1937 Hermes portable typewriter. Gone are keyboards; Gibson's characters jack directly into Cyberspace, "a consensual hallucination experienced daily by billions of legitimate operators ... a graphic representation of data abstracted from the banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the nonspace of the mind, clusters and constellations of data..." Just as Brunner offered us a future of the 1970s run riot, Gibson's _Neuromancer_ serves up the 1980s taken to their cultural and technological extreme. World power is in the hands of multinational "zaibatsu", battling for power much as mafia and yakuza gangs struggle for turf today. It is a world of organ transplants, biological computers and artificial intelligences. Like Brunner, it is a dystopian vision of the future, but while Brunner evoked the hardness of technology, Gibson calls up the gritty decadence evoked in the movie _Bladerunner_, or of the William Burroughs novel, _Naked Lunch_ (alleged similarities between that novel and _Neuromancer_ have triggered rumors that Gibson plagiarized Burroughs). Gibson's hero, Case, is a "deck cowboy," a freelance corporate thief-for-hire who projects his disembodied consciousness into the cyberspace matrix, penetrating corporate systems to steal data for his employers. It is a world that Ivan Boesky would understand: corporate espionage and double-dealing has become so much the norm that Cases's acts seem less illegal than profoundly ambiguous. This ambiguity offers an interesting counterpoint to current events. Much of the controversy over the Cornell virus swirls around the legal and ethical ambiguity of Morris' act. For every computer professional calling for Morris' head, another can be found praising him. It is an ambiguity that makes the very meaning of the word "hacker" a subject of frequent debate. Morris' apparently innocent error in no way matches the actions of Gibson's characters, but a whole new generation of aspiring hackers may be learning their code of ethics from Gibson's novels. _Neuromancer_ won three of science fiction's most prestigious awards - the Hugo, the Nebula and the Philip K. Dick Memorial Award - and continues to be a best-seller today. Unambiguously illegal and harmful acts of computer piracy such as those alleged against David Mitnick (arrested after a long and aggressive penetration of DEC's computers) would fit right into the _Neuromancer_ story line. _Neuromancer_ is the first book in a trilogy. In the second volume, _Count Zero_ - so-called after the code name of a character - the cyberspace matrix becomes sentient. Typical of Gibson's literary elegance, this becomes apparent through an artist's version of the Turing test. Instead of holding an intelligent conversation with a human, a node of the matrix on an abandoned orbital factory begins making achingly beautiful and mysterious boxes - a 21st Century version of the work of the late artist, Joseph Cornell. These works of art begin appearing in the terrestrial marketplace, and a young woman art dealer is hired by an unknown patron to track down the source. Her search intertwines with the fates of other characters, building to a conclusion equal to the vividness and suspense of _Neuromancer_. The third book, _Mona Lisa Overdrive_ answers many of the questions left hanging in the first book and further completes the details of the world created by Gibson including an adoption by the network of the personae of the pantheon of voodoo gods and goddesses, worshipped by 21st Century Rastafarian hackers. Hard core science fiction fans are notorious for identifying with the worlds portrayed in their favorite books. Visit any science fiction convention and you can encounter amidst the majority of quite normal participants, small minority of individuals who seem just a bit, well, strange. The stereotypes of individuals living out science fiction fantasies in introverted solitude has more than a slight basis in fact. Closet Dr. Whos or Warrior Monks from _Star Wars_ are not uncommon in Silicon Valley; I was once startled to discover over lunch that a programmer holding a significant position in a prominent company considered herself to be a Wizardess in the literal sense of the term. Identification with cyberpunk at this sort of level seems to be becoming more and more common. Warrior Monks may have trouble conjuring up Imperial Stormtroopers to do battle with, but aspiring deck jockeys can log into a variety of computer systems as invited or (if they are good enough) uninvited guests. One individual I spoke with explained that viruses held a special appeal to him because it offered a means of "leaving an active alter ego presence on the system even when I wasn't logged in." In short, it was the first step toward experiencing cyberspace. Gibson apparently is leaving cyberpunk behind, but the number of books in the genre continues to grow. Not mentioned here are a number of other authors such as Rudy Rucker (considered by many to be the father of cyberpunk) and Walter John Williams who offer similar visions of a future networked world inhabited by human/computer symbionts. In addition, at least one magazine, "Reality Hackers" (formerly "High Frontiers Magazine" of drug fame) is exploring the same general territory with a Chinese menu offering of tongue-in-cheek paranoia, ambient music reviews, cyberdelia (contributor Timothy Leary's term) and new age philosophy. The growing body of material is by no means inspiration for every aspiring digital alchemist. I am particularly struck by the "generation gap" in the computer community when it comes to _Neuromancer_: virtually every teenage hacker I spoke with has the book, but almost none of my friends over 30 have picked it up. Similarly, not every cyberpunk fan is a potential network criminal; plenty of people read detective thrillers without indulging in the desire to rob banks. But there is little doubt that a small minority of computer artists are finding cyberpunk an important inspiration in their efforts to create an exceedingly strange computer reality. Anyone seeking to understand how that reality is likely to come to pass would do well to pick up a cyberpunk novel or two. Paul Saffo is a research fellow at Institute for the Future in Menlo Park, California, and a columnist for Personal Computing magazine. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: August 19, 1990 From: Various Subject: The CU in the News ******************************************************************** *** CuD #1.29: File 6 of 6: The CU in the News *** ******************************************************************** ------------------------------ Date: Fri, 17 Aug 90 18:05:08 EDT From: Michael Rosen Subject: Airforce airman pleads guilty to computer fraud Computerworld, August 6, 1990, pg. 8: TOO MUCH ACCESS Pensacola, Fla. - A former U.S. Air Force airman, alleged to be a member of the Legion of Doom, pleaded guilty last week in U.S. District Court to possession of at least 15 access codes with intent to defraud. Peter J. Salzman, 19, an airman at Elgin Air Force Base, used an Apple Computer, Inc. IIE to enter telephone systems operated by Bellsouth Corp., Bell Atlantic Corp. and other carriers, said Stephen Preisser, assistant U.S. attorney for the Northern District of Florida. A device that logs outgoing calls indicated that Salzman was "burning the wires" without paying for the telephone calls, Preisser said. The airman is alleged to be a member of the Legion of Doom, a group of hackers under investigation by federal and state authorities. Authorities searching Salzman's home uncovered correspondence that indicated Salzman was a member of the group, Preisser said. Salzman will be sentenced on Oct. 5 and could receive a maximum of 10 years imprisonment and a $250,000 fine. MICHAEL ALEXANDER ------------------------------ Date: Fri, 17 Aug 90 17:04:44 MDT From: siegel@spot.Colorado.EDU Subject: New York youths charged with "hacking" BOY, 14, ONE OF 13 HELD IN HACKER BUST From: The New York Times NEW YORK - Thirteen people, including a 14-year-old boy who is a suspect in a computer break-in at the office of the Air Force secretary, were arrested Thursday and charged with breaking into and stealing information from a variety of computers. Eight are juveniles, New York State Police said. Police spokesmen said warrants had been issued for two other people and as many as 40 people may have been involved in the computer hacker ring. The name of the 14-year-old who was arrested - he went by the computer handle of "Zod" - was not released because of his age. The boy was specifically charged with breaking into and stealing software from the mainframe computer at City University in Bellevue, Wash. School officials said Zod had either stolen or used about $15,000 worth of computer time and software. State police Maj. Peter J. Brennan said Zod is also a suspect in the November break-in of the secretary of the Air Force computer in the Pentagon. At the houses of those arrested, police seized computers and other electronic equipment reportedly used in the break-ins. The police identified the adults arrested as Bruce Monroe, 32, of Astoria, N.Y.; Jeff Miller, 21, of Franklin Square, N.Y.; Chai Hung Ling, 17, of Bayside, N.Y.; Anhtu Nguyen, 21, of Brooklyn, N.Y.; and Teerawee Unchalipongse, 19, of Staten Island, N.Y. They were charged with computer tampering, computer trespassing and theft of services. ------------------------------ Date: Fri, 17 Aug 90 18:05:08 EDT From: Michael Rosen Subject: Robert Morris and Craig Neidorf blurbs (Computerworld) Computerworld, August 6, 1990, pg. 114, Inside Lines: Convalescent time Robert T. Morris, convicted earlier this year for creating a worm program that shut down thousands of computers on the Internet network in November 1988, is "at a local hospital pushing a broom" to fulfill his court-ordered 400 hours of community services, according to his lawyer, Thomas Guidoboni. Morris also has a programming job at an unnamed Cambridge, Mass.-based software company. Guidoboni said he plans to file a brief in the court of appeals but has been waiting for the court reporter in Syracuse federal district court to turn over court transcripts of the trial. ...Craig Neidorf - the electronic newsletter editor whose publication of a "secret" Bellsouth file wasn't such a federal case after all (see page 8) - apparently had at least a partial electronic alibi. U.S. Secret Service agents attended Summercon, a hacker convention held in July 1988, to surreptitiously videotape Neidorf drinking beer and eating a pizza with his alleged co-schemers on the same date that the government alleged he was carrying out the scheme. Before the trial abruptly concluded, prosecutors succeeded in preventing use of the tape as evidence. If you've got facts that shouldn't be quashed, contact News Editor Pete Bartolik at 800-343-6474, fax the incriminating lingo to 508-875-8931, or address concerns to COMPUTERWORLD on MCIMail. ------------------------------ Date: Sat, 18 Aug 90 19:32:08 CDT From: TELECOM Moderator Subject: Phreak Pleads Guilty, Gets Two Years in Prison An interesting case in federal court here in Chicago Friday involved the sentencing of a woman who Judge Milton Shadur referred to as 'the mastermind behind 152 hackers and phreaks nationally ...' Judge Shadur sentenced her on Friday to two years in the custody of the Attorney General, based on her plea of guilty to one count of a seventeen count indictment. Leslie Lynn Douchette, 36, and mother of two small children was referred to by Secret Service investigators as 'the head of the largest ring of hackers and phreaks ever uncovered in the United States'. In TELECOM Digest, notice was made of Ms. Douchette at the time of her indictment and arrest, but unlike other high-profile cases, little more was noted about her in the media over the past few months. Ms. Douchette, of 6748 North Ashland Avenue in Chicago, along with her ring of phreaks and crackers (the term I prefer) allegedly cost various telephone companies in excess of one million dollars. In addition, Ms. Douchette and associates are alleged to have obtained over $600,000 from illicitly obtained Western Union money orders and merchandise acquired with fraudulent credit cards using the computer. Many members of her ring were juveniles, and many were associated with or considered themselves active in the Legion of Doom, although there is no evidence Ms. Douchette was a member of, or associated with the Legion. Six juveniles in four other states have been convicted as part of the ring operated by Ms. Douchette, and investigations of other ring members is continuing. Some of the pending investigations center around phreaks and crackers already under investigation for Legion of Doom activities, according to US Attorney William J. Cook, who prosecuted the case with attorney Colleen Coughlin. As part of her plea-bargained sentence, Ms. Douchette is cooperating fully with the government on pending investigations. She has given *additional names* and details to Secret Service investigators. Although Ms. Douchette said she once worked as a day care employee in Canada, Mr. Cook said she had been unemployed for some time, and appeared to be 'completely unskilled, unable to obtain any gainful and legitimate employment.' He continued, "her only skill seems to be her ability to use the telephone to manipulate people and computers." The sentence (actually two years and three months) is believed to be the stiffest ever given out to a phreak, and Mr. Cook noted this was given to her *despite* her plea of guilty. At the time of her sentencing, Judge Shadur remarked that he thought Ms. Douchette also needed psychiatric help, and his order calls for her to receive therapy while in prison. Ms. Douchette was represented by attorney Robert Seeder of the Federal Defender's Office here. At the time of sentencing, Mr. Seeder noted that Ms. Douchette's activities have now cost her the custody of her two children (both were taken from her and are now cared for elsewhere), and that by her plea, she had recognized and acknowledged responsibility for her actions. He asked Judge Shadur to show mercy upon the defendant and impose probation, with therapy as a condition. Judge Shadur refused, calling her 'the control center for phreaks and hackers everywhere.' Her motive, according to Mr. Cook, was the 'ego boost' she received as leader of the ring. Judge Shadur said 'phreaks and hackers need an example of what to expect when they are caught', and that Ms. Douchette's punishment and loss of custody of her children would serve that purpose. Patrick Townson ------------------------------ Date: 29 Jul 90 19:29:22 EDT From: Anonymous Subject: US Army virus research From: TIME, June 25, 1990, p. 5 "Grapevine" by Paul Gray, reported by David Ellis QUICK, THE RAID. Everyone knows that the computer industry is fighting against viruses, malicious programs that can infect whole networks and crash them. So it stands to perverse reason that hush-hush agencies like the CIA and NSA are trying to create such bugs as offensive weapons. The latest entrant in this quest is the U.S. Army, which is soliciting bids on a half-million dollar contract to develop tactical virus weapons capable of disabling enemy computers on the battlefield. The proposal has raised eyebrows among the military's hackers. Says one Army computer-security officer: "Many of my colleagues are quite surprised that something of this nature would be put o the streets for research rather than using the expertise internally available." ------------------------------ ******************************************************************** **END OF CuD #1.29** ******************************************************************** !