phrack/phrack23/10.txt

138 lines
8.0 KiB
Plaintext

==Phrack Inc.==
Volume Two, Issue 23, File 10 of 12
In The Spirit Of The Vicious Circle Trilogy...
Phrack Inc. Presents
*****************************************
*** ***
*** Big Brother Online ***
*** ***
*** by Thumpr Of ChicagoLand ***
*** ***
*** June 6, 1988 ***
*** ***
*** Special Thanks To Hatchet Molly ***
*** ***
*****************************************
The United States Government is monitoring the message activity on several
bulletin boards across the country. This is the claim put forth by Glen L.
Roberts, author of "The FBI and Your BBS." The manuscript, published by The
FBI Project, covers a wide ground of FBI/BBS related topics, but unfortunately
it discusses none of them in depth.
It begins with a general history of the information gathering activities of the
FBI. It seems that that the FBI began collecting massive amounts of
information on citizens that were involved with "radical political" movements.
This not begin during the 1960's as one might expect, but rather during the
1920's! Since then the FBI has amassed a HUGE amount of information on
everyday citizens... citizens convicted of no crime other than being active in
some regard that the FBI considers potentially dangerous.
After discussing the activities of the FBI Roberts jumps into a discussion of
why FBI snooping on BBS systems is illegal. He indicates that such snooping
violates the First, Fourth, and Fifth amendments to the Constitution. But he
makes his strongest case when discussing the Electronic Communications Privacy
Act of 1987. This act was amended to the Federal Wiretapping Law of 1968 and
was intended to protect business computer systems from invasion by "hackers."
But as with all good laws, it was written in such broad language that it can,
and does, apply to privately owned systems such as Bulletin Boards. Roberts
(briefly) discusses how this act can be applied in protecting *your* bulletin
board from snooping by the Feds.
How to protect your BBS: Do NOT keep messages for more than 180 days. Because
the way the law is written, messages less then 180 days old are afforded more
protection then older messages. Therefore, to best protect your system purge,
archive, or reload your message base about every 150 days or so. This seems
silly but will make it harder (more red tape) for the government to issue a
search warrant and inform the operator/subscriber of the service that a search
will take place. Roberts is not clear on this issue, but his message is stated
emphatically... you will be better protected if you roll over your message base
sooner.
Perhaps the best way to protect your BBS is to make it a private system. This
means that you can not give "instant access" to callers (I know of very few
underground boards that do this anyway) and you can not allow just anyone to be
a member of your system. In other words, even if you make callers wait 24
hours to be validated before having access you need to make some distinctions
about who you validate and who you do not. Your BBS needs to be a PRIVATE
system and you need to take steps to enforce and proclaim this EXPECTED
PRIVACY. One of the ways Roberts suggests doing so is placing a message like
this in your welcome screen:
"This BBS is a private system. Only private citizens who are not
involved in government or law enforcement activities are authorized
to use it. The users are not authorized to divulge any information
gained from this system to any government agency or employee."
Using this message, or one like it, will make it a criminal offense (under the
ECPA) for an FBI Agent or other government snoop to use your BBS.
The manuscript concludes with a discussion of how to verify users and what to
do when you find an FBI agent using your board. Overall, I found Roberts book
to be moderately useful. It really just whetted my appetite for more
information instead of answering all my questions. If you would like a copy of
the book it sells for $5.00 (including postage etc). Contact;
THE FBI PROJECT
Box 8275
Ann Arbor, MI 48107
Visa/MC orders at (313) 747-7027. Personally I would use a pseudonym when
dealing with this organization. Ask for a catalog with your order and you will
see the plethora of anti-FBI books this organization publishes. Undoubtedly
the FBI would be interested in knowing who is doing business with this place.
The manuscript, by the way, is about 20 pages long and offers references to
other FBI expose' information. The full citation of the EPCA, if you want to
look it up, is 18 USC 2701.
Additional Comments: The biggest weakness, and it's very apparent, is that
Roberts offers no evidence of the FBI monitoring BBS systems. He claims that
they do, but he does not give any known examples. His claims do make sense
however. As he states, BBS's offer a type of "publication" that is not read by
any editors before it is "published." It offers an instant form of news and
one that may make the FBI very nervous. Roberts would do well to include some
supportive evidence in his book. To help him out, I will offer some here.
* One of the Ten Commandments of Phreaking (as published in the
famous TAP Magazine) is that every third phreaker is an FBI agent.
This type of folklore knowledge does not arise without some kind of
justification. The FBI is interested in the activities of phreakers
and is going to be looking for the BBS systems that cater to them. If
your system does not, but it looks like it may, the FBI may monitor it
just to be sure.
* On April 26, 1988 the United States Attorney's Office arrested 19
people for using MCI and Sprint credit card numbers illegally. These
numbers were, of course, "stolen" by phreakers using computers to hack
them out. The Secret Service was able to arrest this people by posing
as phone phreaks! In this case the government has admitted to placing
agents in the field who pretend to be one of us. Watch yourself out
there, the success of this "sting" will only mean that they will try
it again. Be wary of people offering you codes.
* In the famous bust of the Inner Circle and the 414s, the FBI monitored
electronic mail for several months before moving in for the kill.
While it is true that the owners of the systems being hacked (Western
Union for one) invited the FBI to snoop through their files, it does
establish that the FBI is no stranger to the use of electronic
snooping in investigating crimes.
Conclusion: There is no reason to believe that the government is *not*
monitoring your bulletin board system. There are many good reasons to believe
that they are! Learn how to protect yourself. There are laws and regulations
in place that can protect your freedom of speech if you use them. You should
take every step to protect your rights whether or not you run an underground
system or not. There is no justification for the government to violate your
rights, and you should take every step you can to protect yourself.
I have no connections with Roberts, his book, or The FBI Project other then
being a mostly-satisfied customer. I'm not a lawyer and neither is Roberts.
No warranty is offered with this text file. Read and use it for what you think
it is worth. You suffer the consequences or reap the benefits. The choice is
yours, but above all stay free.
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*///////////////////////////////////////