1356 lines
63 KiB
Plaintext
1356 lines
63 KiB
Plaintext
---[ Phrack Magazine Volume 8, Issue 52 January 26, 1998, article 19 of 20
|
|
|
|
|
|
-------------------------[ P H R A C K W O R L D N E W S
|
|
|
|
Phrack World News - 52
|
|
|
|
New categorization:
|
|
-[ Stories
|
|
-[ Book Releases
|
|
-[ Conventions
|
|
-[ Other Headlines of Interest
|
|
|
|
--------[ Issue 52
|
|
|
|
|
|
0x1: Hacker Acquitted & Iraq Computerises
|
|
0x2: The Impact of Encryption on Public Safety
|
|
0x3: Urban Ka0s -- 26 Indonesian Servers Haxed
|
|
0x4: Hacker accused of sabotaging Forbes computers
|
|
0x5: Privacy, Inc. Unveils its Internet Background Check
|
|
0x6: Commerce Dept encryption rules declared unconstitutional
|
|
0x7: The Million Dollar Challenge
|
|
0x8: High Profile Detainee Seeks Legal Help
|
|
0x9: Kevin Mitnick Press Release
|
|
0xa: SAFE crypto bill cracked again
|
|
0xb: RC5 Cracked - The unknown message is...
|
|
0xc: Kashpureff in custody.
|
|
0xd: XS4ALL refuses Internet tap
|
|
0xe: The FCC Wants V-Chip in PCs too
|
|
|
|
1x1: Book Title: Underground (review)
|
|
1x2: Book Title: The Electronic Privacy Papers
|
|
1x3: Book Title: "Computer Security and Privacy: An Information Sourcebook..
|
|
|
|
2x0: Convention: <none>
|
|
|
|
3x1: Misc: Civil Liberties Groups ask FCC to Block FBI Proposal
|
|
3x2: Misc: Anti-Spam Bills in Congress
|
|
3x3: Misc: Justice Dept Charges Microsoft..
|
|
3x4: Misc: Small Minds Think Alike
|
|
3x5: Misc: Cyber Promotions tossed offline
|
|
|
|
0x1>-------------------------------------------------------------------------
|
|
|
|
[submitted by: the wizard of id]
|
|
|
|
Phrack,
|
|
|
|
I thought that you guys may be able to make use of these articles which I
|
|
found in my newspaper's IT section. Perhaps you should pass them on to the
|
|
editors of Phrack World News.
|
|
|
|
<start article 1>
|
|
|
|
Hacker Acquitted
|
|
================
|
|
Extract from The Age, Victoria, Australia. -Tuesday
|
|
11/25/97
|
|
|
|
The US Air Force failed last Friday to convince Woolwich Crown Court in
|
|
the UK that Matthew Bevan, 23, hacked into its secret files with his home
|
|
computer. Computer guru Bevan was cleared of all accusations, which led to
|
|
fears of US national security risk. He was charged with three offences of
|
|
"unauthorised access and modification" into sensitive research and
|
|
development files at New York's Griffiss Air Force Base and Lockheed Space
|
|
and Missle Company in California via the Internet.
|
|
|
|
|
|
<end article 1>
|
|
|
|
The article is accompanied by a very cool picture of Bevan in a black
|
|
suit, wearing mirrored sunglasses. :)
|
|
|
|
<start article 2>
|
|
|
|
Iraq Computerises
|
|
=================
|
|
Extract from The Age, Victoria, Australia. -Tuesday
|
|
11/25/97
|
|
|
|
To conceal its deadliest arms from U.N. weapons inspectors, Iraq increasingly
|
|
has turned to computers, including American brands sold to Baghdad since
|
|
the end of the 1991 Persian Gulf War in violation of international sanctions,
|
|
according to US officials and U.N. diplomats.
|
|
|
|
Iraq is using mostly Western-made computers for two cirtical functions: To
|
|
transfer data from bulky paper to small disks that they can easilly
|
|
disperse, making the information difficult for U.N. weapons inspection
|
|
teams to track.
|
|
|
|
For research and development in all four categories of weapons Iraq has
|
|
been forbidden from keeping under terms of the U.N. resolution ending the
|
|
war - nuclear, chemical and biological weapons and long-rnge missiles.
|
|
|
|
Because of shifting tactics, computer specialists have become an ever more
|
|
important component of the weapons inspections teams, US and U.N. sources
|
|
say.
|
|
|
|
Their work often involves digging into hard drives and unearthing material
|
|
that was erased after being transferred to disks.
|
|
|
|
<end article 2>
|
|
|
|
0x2>-------------------------------------------------------------------------
|
|
|
|
[submitted by: Mike Kretsch]
|
|
|
|
Statement of Louis J. Freeh, Director
|
|
Federal Bureau of Investigation
|
|
|
|
Before the Permanent Select Committee on
|
|
Intelligence, United States House of Representatives
|
|
Washington, D. C.
|
|
September 9, 1997
|
|
|
|
This man must be stopped. For other fun reading,
|
|
check out his statements about the FBI's International
|
|
Crime fighting efforts. Errrr. Wasnt international
|
|
supposed to be CIA and domestic FBI?
|
|
|
|
|
|
The Impact of Encryption
|
|
on Public Safety
|
|
|
|
|
|
Statement of Louis J. Freeh, Director
|
|
Federal Bureau of Investigation
|
|
|
|
Before the Permanent Select Committee on Intelligence
|
|
United States House of Representatives
|
|
|
|
Washington, D. C.
|
|
September 9, 1997
|
|
|
|
Mr. Chairman and members of the committee, I appreciate the opportunity to
|
|
discuss the issue of encryption and I applaud your willingness to deal with
|
|
this vital public safety issue.
|
|
|
|
The looming spectre of the widespread use of robust, virtually unbreakable
|
|
encryption is one of the most difficult problems confronting law enforcement
|
|
as the next century approaches. At stake are some of our most valuable and
|
|
reliable investigative techniques, and the public safety of our citizens.
|
|
We believe that unless a balanced approach to encryption is adopted that
|
|
includes a viable key management infrastructure that supports immediate
|
|
decryption capabilities for lawful purposes, our ability to investigate
|
|
and sometimes prevent the most serious crimes and terrorism will be severely
|
|
impaired. Our national security will also be jeopardized.
|
|
|
|
For law enforcement, framing the issue is simple. In this time of dazzling
|
|
telecommunications and computer technology where information can have
|
|
extraordinary value, the ready availability of robust encryption is
|
|
essential. No one in law enforcement disputes that. Clearly, in today's
|
|
world and more so in the future, the ability to encrypt both contemporaneous
|
|
communications and stored data is a vital component of information security.
|
|
|
|
As is so often the case, however, there is another aspect to the encryption
|
|
issue that if left unaddressed will have severe public safety and national
|
|
security ramifications. Law enforcement is in unanimous agreement that the
|
|
widespread use of robust unbreakable encryption ultimately will devastate
|
|
our ability to fight crime and prevent terrorism. Unbreakable encryption
|
|
will allow drug lords, spies, terrorists and even violent gangs to
|
|
communicate about their crimes and their conspiracies with impunity. We wll
|
|
lose one of the few remaining vulnerabilities of the worst criminals and
|
|
terrorists upon which law enforcement depends to successfully investigate
|
|
and often prevent the worst crimes.
|
|
|
|
For this reason, the law enforcement community is unanimous in calling for
|
|
a balanced solution to this problem. Such a solution must satisfy both the
|
|
commercial needs of industry for strong encryption and law enforcement's
|
|
public safety decryption needs. In our view, any legislative approach that
|
|
does not achieve such a balanced approach seriously jeopardizes the
|
|
long-term viability and usefulness of court-authorized access to transmitted
|
|
as well as stored evidence and information. Electronic surveillance and
|
|
search and seizure are techniques upon which law enforcement depends to
|
|
ensure public safety and maintain national security.
|
|
|
|
One such balanced solution to this problem is key recovery encryption.
|
|
Under this approach, a decryption "key" for a given encryption product is
|
|
deposited with a trustworthy key recovery agent for safe keeping. The key
|
|
recovery agent could be a private company, a bank, or other commercial or
|
|
government entity that meets established trustworthiness criteria. Should
|
|
encryption users need access to their encrypted information, they could
|
|
obtain the decryption key from the key recovery agent. Additionally, when
|
|
law enforcement needs to decrypt criminal-related communications or computer
|
|
files lawfully seized under established legal authorities, they too, under
|
|
conditions prescribed by law and with the presentation of proper legal
|
|
process, could obtain the decryption key from the key recovery agent. This
|
|
is the only viable way to permit the timely decryption of lawfully seized
|
|
communications or computer files that are in furtherance of criminal
|
|
activity.
|
|
|
|
The decryption key or information would be provided to the law enforcement
|
|
agency under very strict controls and would be used only for its intended
|
|
public safety purpose. Under this approach, the law-abiding would gain the
|
|
benefits of strong, robust encryption products and services with emergency
|
|
decryption capabilities and public safety and national security would be
|
|
maintained--as manufacturers produce and sell encryption products that
|
|
include features that allow for the immediate decryption of criminal-related
|
|
encrypted communications or electronic information.
|
|
|
|
This solution meets industry's information security and communications
|
|
privacy needs for strong encryption while addressing law enforcement's
|
|
public safety needs for immediate decryption when such products are used
|
|
to conceal crimes or impending acts of terrorism or espionage.
|
|
|
|
Some have argued that government policy makers should step aside and let
|
|
market forces solely determine the direction of key recovery encryption,
|
|
letting market forces determine the type of technologies that will be used
|
|
and under what circumstances. They argue that most corporations that see
|
|
the need for encryption will also recognize the need for, and even insist
|
|
on, key recovery encryption products to secure their electronically stored
|
|
information and to protect their corporate interests should an encryption
|
|
key be lost, stolen or used by a rogue employee for extortion purposes.
|
|
|
|
We agree that rational thinking corporations will act in a prudent manner
|
|
and will insist on using key recovery encryption for electronically stored
|
|
information. However, law enforcement has a unique public safety requirement
|
|
in the area of perishable communications which are in transit (telephone
|
|
calls, e-mail, etc.). It is law enforcement, not corporations, that
|
|
has a need for the immediate decryption of communications in transit. There
|
|
is extraordinary risk in trusting public safety and national security to
|
|
market forces that rightfully are protecting important but unrelated
|
|
interests. Law enforcement's needs will not be adequately addressed by
|
|
this type of an approach.
|
|
|
|
It is for this reason that government policy makers and Congress should
|
|
play a direct role in shaping our national encryption policy and adopt a
|
|
balanced approach that addresses both the commercial and the public safety
|
|
needs. The adverse impact to public safety and national security associated
|
|
with any type of "wait and see" or voluntary market force approach would
|
|
be far too great of a price for the American public to pay.
|
|
|
|
Several bills have recently been introduced which address encryption.
|
|
Language in some of the proposed bills makes it unlawful to use encryption
|
|
in the furtherance of criminal activity and set out procedures for law
|
|
enforcement access to stored decryption keys in those instances where
|
|
key recovery encryption was voluntarily used. Only one of these bills,
|
|
S. 909, comes close to meeting our core public safety, effective law
|
|
enforcement, and national security needs. S. 909 takes significant strides
|
|
in the direction of protecting public safety by encouraging the use of key
|
|
recovery encryption through market based incentives and other inducements.
|
|
All of the other bills currently under consideration by the Congress, to
|
|
include S. 376, S. 377 , and H.R. 695, would have a significant negative
|
|
impact on public safety and national security and would risk great harm
|
|
to our ability to enforce the laws and protect our citizens if enacted.
|
|
|
|
Unfortunately, S. 909 still does not contain sufficient assurances that
|
|
the impact on public safety and effective law enforcement caused by the
|
|
widespread availability of encryption will be adequately addressed. We look
|
|
forward to working with you to develop legislative accommodations that
|
|
adequately address the public safety needs of law enforcement and a balanced
|
|
encryption policy.
|
|
|
|
Further, some argue the encryption "Genie is out of the bottle," and that
|
|
attempts to influence the future use of encryption are futile. I do not
|
|
believe that to be the case. Strong encryption products that include
|
|
decryption features for lawful purposes can, with government and industry
|
|
support, become the standard for use in the global information
|
|
infrastructure.
|
|
|
|
No one contends that the adoption of a balanced encryption policy will
|
|
prevent all criminals, spies and terrorists from gaining access to and
|
|
using unbreakable encryption. But if we, as a nation, act responsibly
|
|
and only build systems and encryption products that support and include
|
|
appropriate decryption features, all facets of the public's interest can
|
|
be served.
|
|
|
|
And as this committee knows, export controls on encryption products exist
|
|
primarily to protect national security and foreign policy interests.
|
|
However, law enforcement is more concerned about the significant and
|
|
growing threat to public safety and effective law enforcement that would
|
|
be caused by the proliferation and use within the United States of a
|
|
communications infrastructure that supports the use of strong encryption
|
|
products but that does not support law enforcement's immediate decryption
|
|
needs. Without question, such an infrastructure will be used by dangerous
|
|
criminals and terrorists to conceal their illegal plans and activities
|
|
from law enforcement, thus inhibiting our ability to enforce the laws
|
|
and prevent terrorism.
|
|
|
|
Congress has on many occasions accepted the premise that the use of
|
|
electronic surveillance is a tool of utmost importance in terrorism cases
|
|
and in many criminal investigations, especially those involving serious
|
|
and violent crime, terrorism, espionage, organized crime, drug-trafficking,
|
|
corruption and fraud. There have been numerous cases where law enforcement,
|
|
through the use of electronic surveillance, has not only solved and
|
|
successfully prosecuted serious crimes and dangerous criminals, but has
|
|
also been able to prevent serious and life-threatening criminal acts. For
|
|
example, terrorists in New York were plotting to bomb the United Nations
|
|
building, the Lincoln and Holland tunnels, and 26 Federal Plaza as well as
|
|
conduct assassinations of political figures. Court-authorized electronic
|
|
surveillance enabled the FBI to disrupt the plot as explosives were being
|
|
mixed. Ultimately, the evidence obtained was used to convict the
|
|
conspirators. In another example, electronic surveillance was used to
|
|
prevent and then convict two men who intended to kidnap, molest and then
|
|
kill a male child.
|
|
|
|
Most encryption products manufactured today do not contain features that
|
|
provide for immediate law enforcement decryption. Widespread use of
|
|
unbreakable encryption or communications infrastructure that supports the
|
|
use of unbreakable encryption clearly will undermine law enforcement's
|
|
ability to effectively carry out its public safety mission and to combat
|
|
dangerous criminals and terrorists.
|
|
|
|
This is not a problem that will begin sometime in the future. Law
|
|
enforcement is already encountering the harmful effects of encryption
|
|
in many important investigations today. For example:
|
|
|
|
convicted spy Aldrich Ames was told by the Russian Intelligence
|
|
Service to encrypt computer file information that was to be passed
|
|
to them. an international terrorist was plotting to blow up 11
|
|
U.S.-owned commercial airliners in the Far East. His laptop computer
|
|
which was seized during his arrest in Manilla contained encrypted
|
|
files concerning this terrorist plot. a subject in a child pornography
|
|
case used encryption in transmitting obscene and pornographic images
|
|
of children over the Internet. a major international drug trafficking
|
|
subject recently used a telephone encryption device to frustrate
|
|
court-approved electronic surveillance.
|
|
|
|
Requests for cryptographic support pertaining to electronic surveillance
|
|
interceptions from FBI field offices and other law enforcement agencies
|
|
have steadily risen over the past several years. For example, from 1995
|
|
to 1996, there was a two-fold increase (from 5 to 12) in the number of
|
|
instances where the FBI's court-authorized electronic efforts were frustrated
|
|
by the use of encryption products that did not allow for lawful law
|
|
enforcement decryption.
|
|
|
|
Over the last three (3) years, the FBI has also seen the number of
|
|
computer-related cases utilizing encryption and/or password protection
|
|
increase from 20 or two (2) percent of the cases involving electronically
|
|
stored information to 140 or seven (7) percent. These included the use of
|
|
56-bit data encryption standard (DES) and 128-bit "pretty good privacy"
|
|
(PGP) encryption.
|
|
|
|
Just as when the Congress so boldly addressed the digital telephony issue
|
|
in 1994, the government and the nation are again at an historic crossroad
|
|
on this issue. The Attorney General and the heads of federal law enforcement
|
|
agencies as well as the presidents of several state and local law enforcement
|
|
associations recently sent letters to every member of Congress urging the
|
|
adoption of a balanced encryption policy. In addition, the International
|
|
Association of Chiefs of Police, the National Sheriff's Association and
|
|
the National District Attorneys Association have all enacted resolutions
|
|
supporting a balanced encryption policy and opposing any legislation that
|
|
undercuts or falls short such a balanced policy.
|
|
|
|
If public policy makers act wisely, the safety of all Americans will be
|
|
enhanced for decades to come. But if narrow interests prevail, then law
|
|
enforcement will be unable to provide the level of protection that people
|
|
in a democracy properly expect and deserve.
|
|
|
|
Conclusion
|
|
|
|
We are not asking that the magnificent advances in encryption technology
|
|
be abandoned. We are the strongest proponents of robust, reliable encryption
|
|
manufactured and sold by American companies all over the world. Our position
|
|
is simple and, we believe, vital. Encryption is certainly a commercial
|
|
interest of great importance to this great nation. But it's not merely a
|
|
commercial or business issue. To those of us charged with the protection of
|
|
public safety and national security, encryption technology and its
|
|
application in the information age--here at the dawn of the 21st century
|
|
and thereafter--will become a matter of life and death in many instances
|
|
which will directly impact on our safety and freedoms. Good and sound
|
|
public policy decisions about encryption must be made now by the Congress
|
|
and not be left to private enterprise. Legislation which carefully balances
|
|
public safety and private enterprise must be established with respect to
|
|
encryption.
|
|
|
|
Would we allow a car to be driven with features which would evade and outrun
|
|
police cars? Would we build houses or buildings which firefighters could not
|
|
enter to save people?
|
|
|
|
Most importantly, we are not advocating that the privacy rights or personal
|
|
security of any person or enterprise be compromised or threatened. You can't
|
|
yell "fire" in a crowded theater. You can't with impunity commit libel or
|
|
slander. You can't use common law honored privileges to commit crimes.
|
|
|
|
In support of our position for a rational encryption policy which balances
|
|
public safety with the right to secure communications, we rely on the Fourth
|
|
Amendment to the Constitution. There the framers established a delicate
|
|
balance between "the right of the people to be secure in their persons,
|
|
houses, papers, and effects (today we might add personal computers, modems,
|
|
data streams, discs, etc.) against unreasonable searches and seizures."
|
|
Those precious rights, however, were balanced against the legitimate right
|
|
and necessity of the police, acting through strict legal process, to gain
|
|
access by lawful search and seizure to the conversations and stored evidence
|
|
of criminals, spies and terrorists.
|
|
|
|
The precepts and balance of the Fourth Amendment have not changed or altered.
|
|
What has changed from the late eighteenth to the late twentieth century is
|
|
technology and telecommunications well beyond the contemplation of the
|
|
framers.
|
|
|
|
The unchecked proliferation of unbreakable encryption will drastically
|
|
change the balance of the Fourth Amendment in a way which would shock its
|
|
original proponents. Police soon may be unable through legal process and
|
|
with sufficient probable cause to conduct a reasonable and lawful search
|
|
or seizure, because they cannot gain access to evidence being channeled or
|
|
stored by criminals, terrorists and spies. Significantly, their lack of
|
|
future access may be in part due to policy decisions about encryption made
|
|
or not made by the United States. This would be a terrible upset of the
|
|
balance so wisely set forth in the Fourth Amendment on December 15, 1791.
|
|
I urge you to maintain that balance and allow your police departments,
|
|
district attorneys, sheriffs and federal law enforcement authorities to
|
|
continue to use their most effective techniques to fight crime and
|
|
terrorism--techniques well understood and authorized by the framers and
|
|
Congress for over two hundred years.
|
|
|
|
I look forward to working with you on this matter and at this time would
|
|
be pleased to answer any questions.
|
|
|
|
|
|
0x3>-------------------------------------------------------------------------
|
|
|
|
Subject: Urban Ka0s -- 26 Indonesian Servers Haxed
|
|
|
|
|
|
Greetings Phrack,
|
|
|
|
Today, our group (Urban Ka0s) and several portuguese Hackers attacked
|
|
several Indonesian servers, in order to defend East Timor rights!
|
|
|
|
We are Portuguese Hackers Agaisnt Indonesian Tirany.
|
|
|
|
"Thix Site Was Haxed & Deleted by PHAiT. This attack is not
|
|
against indonesian people but against its government and their
|
|
opression towards the republic of timor. These actions were
|
|
made to honour and remember all the 250 people killed in Dili
|
|
on the 12 november 1991.
|
|
|
|
As a result all sites belonging to indonesia's goverment were
|
|
erased, the rest only had their webpages changed."
|
|
|
|
East Timor, One People, One Nation
|
|
|
|
"Whether it is in Tibet or Poland, the Baltics or the
|
|
South Pacific, Africa or the Caribbean, it has been shown
|
|
that force and repression can never totally suffocate the
|
|
reasons underlying the existence of a people: pride in its
|
|
own identity, capacity to preserve, without restriction,
|
|
everything that identifies it as such, freedom to pass all
|
|
this on to future generations, in brief, the right to manage
|
|
its own destiny."
|
|
|
|
Xanana Gusmo
|
|
October 5, 1989
|
|
|
|
Please inform all ciber citizens of this action.
|
|
|
|
Our contact is at:
|
|
-- Urban Ka0s --
|
|
http://urbankaos.org
|
|
irc: PT-Net irc.urbankaos.org
|
|
|
|
0x4>-------------------------------------------------------------------------
|
|
|
|
Title: Hacker accused of sabotaging Forbes computers
|
|
Source: Infobeat News
|
|
Author: unknown
|
|
Date: unknown
|
|
|
|
A former temporary computer technician at business publisher Forbes
|
|
Inc has been charged with sabotage and causing a massive crash of the
|
|
firm's computer network, prosecutors said. According to the complaint
|
|
filed in Manhattan Federal Court and unsealed Monday, George Mario
|
|
Parente, 30, of Howard Beach in the borough of Queens was accused of
|
|
hacking his way into the Forbes' network in April from his home,
|
|
using an unauthorized password. Prosecutors alleged he erased vital
|
|
information including budgets and salary from Forbes' computers
|
|
because he was angry with the company after he was fired.
|
|
|
|
0x5>-------------------------------------------------------------------------
|
|
|
|
Title: Privacy, Inc. Unveils its Internet Background Check
|
|
Source:
|
|
Author: unknown
|
|
Date: August 1, 1997
|
|
|
|
Aurora, Colorado
|
|
|
|
Privacy, Inc. (www.privacyinc.com) today released its Internet Background
|
|
Check, a utility that empowers users to determine if they are at risk from
|
|
the plethora of databases that are being placed on the Internet. Searches
|
|
quickly scan through hundreds of databases beng placed on-line by state and
|
|
local governments and law enforcement angencies in categories such as:
|
|
|
|
* Registered Sex Offenders and Predators
|
|
* Deadbeat Parents
|
|
* Wanted Persons
|
|
* Missing Persons
|
|
* Arrest/Prison
|
|
|
|
'The Computer Is Never Wrong'
|
|
|
|
"Errors and risks of mistaken identity in this data are a key concern," says
|
|
Edward Allburn, founder and president of Privacy, Inc. The recent flurry of
|
|
activity by government and law enforcement agencies to distribute such
|
|
volatile information on the Internet creates an environment that potentially
|
|
places innocent people at risk, especially for mistaken identity.
|
|
|
|
Advanced technology was incorporated into the development of the Internet
|
|
Background Check with this risk in mind. This technology allows users to
|
|
also search for names that look and/or sound similar to their own while still
|
|
delivering highly focused results that standard Internet search engines
|
|
(such as Yahoo! and Lycos) are incapable of producing.
|
|
|
|
One More Tool
|
|
|
|
The release provides one more tool for consumers to protect themselves in the
|
|
Information Age. Additional resources provided by Privacy, Inc. include:
|
|
* Consumer Privacy Guide
|
|
* Government Database Guide
|
|
* Government Dossier Service
|
|
* David Sobel's Legal FAQ
|
|
* Privacy News Archive, updated weekly
|
|
|
|
Guido, the Cyber-Bodyguard is another utility planned to be released in the
|
|
coming months. Guido will interface with the Internet Background Check to
|
|
automatically alert users via e-mail if/when their name appears in a new or
|
|
updated database, in effect monitoring the Internet so users don't have to.
|
|
|
|
0x6>-------------------------------------------------------------------------
|
|
|
|
Title: Commerce Dept encryption rules declared unconstitutional
|
|
Source: fight-censorship@vorlon.mit.edu
|
|
Author: unknown
|
|
Date: unknown
|
|
|
|
A Federal judge in San Francisco ruled today that the Commerce
|
|
Department's export controls on encryption products violate the
|
|
First Amendment's guarantees of freedom of speech.
|
|
|
|
In a 35-page decision, U.S. District Judge Marilyn Patel said the
|
|
Clinton administration's rules violate "the First Amendment on the
|
|
grounds of prior restraint and are, therefore, unconstitutional."
|
|
Patel reaffirmed her December 1996 decision against the State
|
|
Department regulations, saying that the newer Commerce Department
|
|
rules suffer from similar constitutional infirmities.
|
|
|
|
Patel barred the government from "threatening, detaining,
|
|
prosecuting, discouraging, or otherwise interfering with" anyone
|
|
"who uses, discusses, or publishes or seeks to use, discuss or
|
|
publish plaintiff's encryption programs and related materials."
|
|
Daniel Bernstein, now a math professor at the University of
|
|
Illinois, filed the lawsuit with the help of the Electronic
|
|
Frontier Foundation.
|
|
|
|
Patel dismissed the State, Energy, and Justice departments and
|
|
CIA as defendants. President Clinton transferred jurisdiction over
|
|
encryption exports from the State to the Commerce department on
|
|
December 30, 1996.
|
|
|
|
The Justice Department seems likely to appeal the ruling to the
|
|
Ninth Circuit, which could rule on the case in the near future.
|
|
|
|
0x7>-------------------------------------------------------------------------
|
|
|
|
Title: The Million Dollar Challenge
|
|
Source: unknown mail list
|
|
|
|
Ultimate Privacy, the e-mail encryption program combining ease
|
|
of use with unbreakability.
|
|
|
|
Ultimate Privacy is serious cryptography. On the Links page we
|
|
have links to other Internet sites that discuss One-Time Pad
|
|
cryptography and why it is unbreakable when properly
|
|
implemented.
|
|
|
|
Nevertheless, should you wish to try, the first person to be able
|
|
to discern the original message within a year (following the
|
|
simple requirements of the Challenge) will actually receive the
|
|
million dollar prize as specified in the Rules page. The prize
|
|
is backed by the full faith and credit of Crypto-Logic
|
|
Corporation and its insurors.
|
|
|
|
You might be interested in to know how the Challenge was done. We
|
|
used a clean, non-network-connected computer. After installing
|
|
Ultimate Privacy, one person alone entered the Challenge message
|
|
and encrypted it. After making a copy of the encrypted message,
|
|
we removed the hard disk from the computer and it was
|
|
immediately transported to a vault for a year.
|
|
|
|
Therefore, the original message is not known by Crypto-Logic
|
|
Corporation staff (other than the first few characters for
|
|
screening purposes), nor are there any clues to the original
|
|
message on any media in our offices.
|
|
|
|
0x8>-------------------------------------------------------------------------
|
|
|
|
Title: High Profile Detainee Seeks Legal Help
|
|
Source: fight-censorship@vorlon.mit.edu
|
|
Author: unknown
|
|
Date: September 3, 1997
|
|
|
|
|
|
Mr. Kevin Mitnick has been detained in Federal custody without
|
|
bail on computer "hacking" allegations for over thirty months.
|
|
Having no financial resources, Mr. Mitnick has been appointed
|
|
counsel from the Federal Indigent Defense Panel. As such, Mr.
|
|
Mitnick's representation is limited; his attorney is not permitted
|
|
to assist with civil actions, such as filing a Writ of Habeas
|
|
Corpus.
|
|
|
|
For the past two years, Mr. Mitnick has attempted to assist in his
|
|
own defense by conducting legal research in the inmate law library
|
|
at the Metropolitan Detention Center (hereinafter "MDC") in Los
|
|
Angeles, California. Mr. Mitnick's research includes reviewing
|
|
court decisions for similar factual circumstances which have
|
|
occurred in his case. MDC prison officials have been consistently
|
|
hampering Mr. Mitnick's efforts by denying him reasonable access
|
|
to law library materials. Earlier this year, Mr. Mitnick's lawyer
|
|
submitted a formal request to Mr. Wayne Siefert, MDC Warden,
|
|
seeking permission to allow his client access to the law library
|
|
on the days set aside for inmates needing extra law library time.
|
|
The Warden refused.
|
|
|
|
In August 1995, Mr. Mitnick filed an administrative remedy request
|
|
with the Bureau of Prisons complaining that MDC policy in
|
|
connection with inmate access to law library materials does not
|
|
comply with Federal rules and regulations. Specifically, the
|
|
Warden established a policy for MDC inmates that detracts from
|
|
Bureau of Prison's policy codified in the Code of Federal
|
|
Regulations.
|
|
|
|
Briefly, Federal law requires the Warden to grant additional law
|
|
library time to an inmate who has an "imminent court deadline".
|
|
The MDC's policy circumvents this law by erroneously interpreting
|
|
the phrase "imminent court deadline" to include other factors,
|
|
such as, whether an inmate exercises his right to assistance of
|
|
counsel, or the type of imminent court deadline.
|
|
For example, MDC policy does not consider detention (bail),
|
|
motion, status conference, or sentencing hearings as imminent
|
|
court deadlines for represented inmates. MDC officials use this
|
|
policy as a tool to subject inmates to arbitrary and capricious
|
|
treatment. It appears MDC policy in connection with inmate legal
|
|
activities is inconsistent with Federal law and thereby affects
|
|
the substantial rights of detainees which involve substantial
|
|
liberty interests.
|
|
|
|
In June 1997, Mr. Mitnick finally exhausted administrative
|
|
remedies with the Bureau of Prisons. Mr. Mitnick's only avenue of
|
|
vindication is to seek judicial review in a Court of Law. Mr.
|
|
Mitnick wishes to file a Writ of Habeas Corpus challenging his
|
|
conditions of detention, and a motion to compel Federal
|
|
authorities to follow their own rules and regulations.
|
|
|
|
Mr. Mitnick is hoping to find someone with legal experience, such
|
|
as an attorney or a law student willing to donate some time to
|
|
this cause to insure fair treatment for everyone, and to allow
|
|
detainees to effectively assist in their own defense without
|
|
"Government" interference. Mr. Mitnick needs help drafting a
|
|
Habeas Corpus petition with points and authorities to be submitted
|
|
by him pro-se. His objective is to be granted reasonable access
|
|
to law library materials to assist in his own defense.
|
|
|
|
If you would like to help Kevin, please contact him at the
|
|
following address:
|
|
|
|
Mr. Kevin Mitnick
|
|
Reg. No. 89950-012
|
|
P.O. Box 1500
|
|
Los Angeles, CA 90053-1500
|
|
|
|
0x9>-------------------------------------------------------------------------
|
|
|
|
Title: Kevin Mitnick Press Release
|
|
Source: Press Release
|
|
Author: Donald C. Randolph
|
|
Date: August 7, 1997
|
|
|
|
THE UNITED STATES V. KEVIN DAVID MITNICK
|
|
|
|
I. Proceedings to Date
|
|
|
|
With 25 counts of alleged federal computer and wire fraud violations still
|
|
pending against him, the criminal prosecution of Kevin Mitnick is
|
|
approaching its most crucial hour. The trial is anticipated to begin in
|
|
January, 1998. In reaching this point, however, Kevin has already
|
|
experienced years of legal battles over alleged violations of the
|
|
conditions of his supervised release and for possession of unauthorized
|
|
cellular access codes.
|
|
|
|
A. Settling the "Fugitive" Question
|
|
|
|
The seemingly unexceptional charges relating to supervised release
|
|
violations resulted in months of litigation when the government attempted
|
|
to tack on additional allegations for conduct occurring nearly three years
|
|
after the scheduled expiration of Kevin's term of supervised release in
|
|
December, 1992. The government claimed that Kevin had become a fugitive
|
|
prior to the expiration of his term, thereby "tolling" the term and
|
|
allowing for the inclusion of additional charges. After months of
|
|
increasingly bold assertions concerning Kevin's "fugitive" status,
|
|
evidentiary hearings were held in which the government was forced to
|
|
concede that its original position in this matter was unsupported by the
|
|
facts.
|
|
|
|
B. Sentencing
|
|
|
|
In June of this year Kevin was sentenced for certain admitted violations of
|
|
his supervised release and for possession of unauthorized access codes.
|
|
The court imposed a sentence of 22 months instead of the 32 months sought
|
|
by the government. Since Kevin has been in custody since his arrest in
|
|
February 1995, this sentence has been satisfied. We are currently
|
|
preparing a request for release on bail.
|
|
|
|
During this stage of the proceedings, the government sought to impose
|
|
restrictions on Kevin's access to computers which were so severe as to
|
|
virtually prohibit him from functioning altogether in today's society. The
|
|
proposed restrictions sought to completely prohibit Kevin from "using or
|
|
possessing" all computer hardware equipment, software programs, and
|
|
wireless communications equipment. After arguments that such restrictions
|
|
unduly burdened Kevin's freedom to associate with the on-line computer
|
|
community and were not reasonably necessary to ensure the protection of the
|
|
public, the court modified its restrictions by allowing for computer access
|
|
with the consent of the Probation Office. Nonetheless, the defense
|
|
believes that the severe restrictions imposed upon Mr. Mitnick are
|
|
unwarranted in this case and is, therefore, pursuing an appeal to the Ninth
|
|
Circuit.
|
|
|
|
II. The Government Seeks to make an Example of Mr. Mitnick
|
|
|
|
One of the strongest motivating factors for the government in the
|
|
prosecution of Kevin Mitnick is a desire to send a message to other
|
|
would-be "hackers". The government has hyped this prosecution by
|
|
exaggerating the value of loss in the case, seeking unreasonably stiff
|
|
sentences, and by painting a portrait of Kevin which conjures the likeness
|
|
of a cyber-boogie man.
|
|
|
|
There are a number of objectives prompting the government's tactics in this
|
|
respect. First, by dramatically exaggerating the amount of loss at issue
|
|
in the case (the government arbitrarily claims losses exceed some $80
|
|
million) the government can seek a longer sentence and create a
|
|
high-profile image for the prosecution. Second, through a long sentence
|
|
for Kevin, the government hopes to encourage more guilty pleas in future
|
|
cases against other hackers. For example, a prosecutor offering a moderate
|
|
sentence in exchange for a guilty plea would be able to use Kevin Mitnick's
|
|
sentence as an example of what "could happen" if the accused decides to go
|
|
to trial. Third, by striking fear into the hearts of the public over the
|
|
dangers of computer hackers, the government hopes to divert scrutiny away
|
|
from its own game-plan regarding the control and regulation of the Internet
|
|
and other telecommunications systems.
|
|
|
|
III. Crime of Curiosity
|
|
|
|
The greatest injustice in the prosecution of Kevin Mitnick is revealed when
|
|
one examines the actual harm to society (or lack thereof) which resulted
|
|
from Kevin's actions. To the extent that Kevin is a "hacker" he must be
|
|
considered a purist. The simple truth is that Kevin never sought monetary
|
|
gain from his hacking, though it could have proven extremely profitable.
|
|
Nor did he hack with the malicious intent to damage or destroy other
|
|
people's property. Rather, Kevin pursued his hacking as a means of
|
|
satisfying his intellectual curiosity and applying Yankee ingenuity. These
|
|
attributes are more frequently promoted rather than punished by society.
|
|
|
|
The ongoing case of Kevin Mitnick is gaining increased attention as the
|
|
various issues and competing interests are played out in the arena of the
|
|
courtroom. Exactly who Kevin Mitnick is and what he represents, however,
|
|
is ultimately subject to personal interpretation and to the legacy which
|
|
will be left by "The United States v. Kevin David Mitnick".
|
|
|
|
0xa>-------------------------------------------------------------------------
|
|
|
|
Title: SAFE crypto bill cracked again
|
|
Source:
|
|
Author: By Alex Lash and Dan Goodin
|
|
Date: September 12, 1997, 8:40 a.m. PT
|
|
|
|
For the second time in a week, a House committee has made significant
|
|
changes to the Security and Freedom through Encryption (SAFE) Act to
|
|
mandate that domestic encryption products give law enforcement agencies
|
|
access to users' messages.
|
|
|
|
The changes by the Intelligence Committee, which were passed as a
|
|
"substitute" to SAFE, turn the legislation on its head. The amendment
|
|
follows similar changes two days ago in the House National Security
|
|
Committee.
|
|
|
|
Initially drafted as a way to loosen U.S. export controls on encryption,
|
|
legislators have instead "marked up" the bill, or amended it at the
|
|
committee level, to reflect the wishes of the Federal Bureau of
|
|
Investigation and other law enforcement agencies that want "wiretap"
|
|
access to all encrypted email and other digital files.
|
|
|
|
Both the Intelligence and the National Security committees tend to favor
|
|
export controls, because they view encryption as a threat to
|
|
information-gathering activities by U.S. military and law enforcement
|
|
officials.
|
|
|
|
The Intelligence Committee cited those concerns today when announcing
|
|
the substitute legislation. "Terrorist groups...drug cartels...and those
|
|
who proliferate in deadly chemical and biological weapons are all
|
|
formidable opponents of peace and security in the global society," said
|
|
committee chairman Porter Goss (R-Florida) in a statement. "These bad
|
|
actors must know that the U.S. law enforcement and national security
|
|
agencies, working under proper oversight, will have the tools to
|
|
frustrate illegal and deadly activity and bring international criminals
|
|
to justice."
|
|
|
|
Opponents of government attempts to regulate encryption, including a
|
|
leading panel of cryptographers, have argued that built-in access to
|
|
encrypted files would in fact threaten national and individual security
|
|
and be prohibitively expensive to implement.
|
|
|
|
The amended legislation calls for all imported or U.S.-made encryption
|
|
products that are manufactured or distributed after January 31, 2000, to
|
|
provide "immediate access" to the decrypted text if the law officials
|
|
present a court order. "Law enforcement will specifically be required to
|
|
obtain a separate court order to have the data, including
|
|
communications, decrypted."
|
|
|
|
A markup of the same bill in the House Commerce Committee was postponed
|
|
today for two weeks. It will be the fifth such committee vote on the
|
|
bill since its introduction.
|
|
|
|
The Intelligence and National Security amendments this week are by no
|
|
means a defeat of the bill. Instead, they would have to be reconciled
|
|
with versions of the bill already approved by the House Judiciary and
|
|
International Relations committees. That reconciliation most likely
|
|
would have to happen on the House floor. The rapidly fragmenting bill
|
|
still has several layers of procedure to wend through before it reaches
|
|
a potential floor vote, but people on both sides of the encryption
|
|
debate openly question if the bill--in any form--will make it that far
|
|
this year.
|
|
|
|
The legislation has 252 cosponsors, more than half of the House
|
|
membership.
|
|
|
|
0xb>-------------------------------------------------------------------------
|
|
|
|
Title: RC5 Cracked - The unknown message is...
|
|
Source:
|
|
Author: David McNett <nugget@slacker.com>[:]
|
|
Date: Mon, 27 Oct 1997 08:43:38 -0500
|
|
|
|
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA1
|
|
|
|
It is a great privilege and we are excited to announce that at 13:25
|
|
GMT on 19-Oct-1997, we found the correct solution for RSA Labs' RC5-
|
|
32/12/7 56-bit secret-key challenge. Confirmed by RSA Labs, the key
|
|
0x532B744CC20999 presented us with the plaintext message for which we
|
|
have been searching these past 250 days.
|
|
|
|
The unknown message is: It's time to move to a longer key length
|
|
|
|
In undeniably the largest distributed-computing effort ever, the
|
|
Bovine RC5 Cooperative (http://www.distributed.net/), under the
|
|
leadership of distributed.net, managed to evaluate 47% of the
|
|
keyspace, or 34 quadrillion keys, before finding the winning key. At
|
|
the close of this contest our 4000 active teams were processing over
|
|
7 billion keys each second at an aggregate computing power equivalent
|
|
to more than 26 thousand Pentium 200's or over 11 thousand PowerPC
|
|
604e/200's. Over the course of the project, we received block
|
|
submissions from over 500 thousand unique IP addresses.
|
|
|
|
The winning key was found by Peter Stuer <peter@dinf.vub.ac.be> with
|
|
an Intel Pentium Pro 200 running Windows NT Workstation, working for
|
|
the STARLab Bovine Team coordinated by Jo Hermans
|
|
<Jo.Hermans@vub.ac.be> and centered in the Computer Science
|
|
Department (DINF) of the Vrije Universiteit (VUB) in Brussels,
|
|
Belgium. (http://dinf.vub.ac.be/bovine.html/). Jo's only comments
|
|
were that "$1000 will buy a lot of beer" and that he wished that the
|
|
solution had been found by a Macintosh, the platform that represented
|
|
the largest portion of his team's cracking power. Congratulations
|
|
Peter and Jo!
|
|
|
|
Of the US$10000 prize from RSA Labs, they will receive US$1000 and
|
|
plan to host an unforgettable party in celebration of our collective
|
|
victory. If you're anywhere near Brussels, you might want to find
|
|
out when the party will be held. US$8000, of course, is being
|
|
donated to Project Gutenberg (http://www.promo.net/pg/) to assist
|
|
them in their continuing efforts in converting literature into
|
|
electronic format for the public use. The remaining US$1000 is being
|
|
retained by distributed.net to assist in funding future projects.
|
|
|
|
Equally important are the thanks, accolades, and congratulations due
|
|
to all who participated and contributed to the Bovine RC5-56 Effort!
|
|
The thousands of teams and tens of thousands of individuals who have
|
|
diligently tested key after key are the reason we are so successful.
|
|
|
|
The thrill of finding the key more than compensates for the sleep,
|
|
food, and free time that we've sacrificed!
|
|
|
|
Special thanks go to all the coders and developers, especially Tim
|
|
Charron, who has graciously given his time and expertise since the
|
|
earliest days of the Bovine effort. Thanks to all the coordinators
|
|
and keyserver operators: Chris Chiapusio, Paul Chvostek, Peter
|
|
Denitto, Peter Doubt, Mishari Muqbil, Steve Sether, and Chris
|
|
Yarnell. Thanks to Andrew Meggs, Roderick Mann, and Kevyn Shortell
|
|
for showing us the true power of the Macintosh and the strength of
|
|
its users. We'd also like to thank Dave Avery for attempting to
|
|
bridge the gap between Bovine and the other RC5 efforts.
|
|
|
|
Once again, a heartfelt clap on the back goes out to all of us who
|
|
have run the client. Celebrations are in order. I'd like to invite
|
|
any and all to join us on the EFNet IRC network channel #rc5 for
|
|
celebrations as we regroup and set our sights on the next task. Now
|
|
that we've proven the limitations of a 56-bit key length, let's go
|
|
one further and demonstrate the power of distributed computing! We
|
|
are, all of us, the future of computing. Join the excitement as the
|
|
world is forced to take notice of the power we've harnessed.
|
|
|
|
Moo and a good hearty laugh.
|
|
|
|
Adam L. Beberg - Client design and overall visionary
|
|
Jeff Lawson - keymaster/server network design and morale booster
|
|
David McNett - stats development and general busybody
|
|
|
|
0xc>-------------------------------------------------------------------------
|
|
|
|
Title: Kashpureff in custody.
|
|
Source: Marc Hurst <mhurst@fastlane.ca>
|
|
Author: Marc Hurst <mhurst@fastlane.ca>
|
|
Date: Fri, 31 Oct 1997 10:40:20 -0500 (EST)
|
|
|
|
|
|
Eugene Kashpureff, known for his redirect of the NSI web page,
|
|
was apprehended this morning in Toronto by undercover RCMP
|
|
detectives.
|
|
|
|
Pending a deportation hearing, he will be returned to New York to
|
|
face Felony Wire Fraud charges that were sworn out against him
|
|
after he had settled out of court with NSI in regard to their
|
|
civil suit.
|
|
|
|
Early in the week Eugene relinquished control of the Alternic to
|
|
an adhoc industry group and that group will be making an
|
|
announcement in the next few days.
|
|
|
|
A this time I have no further information to volunteer.
|
|
|
|
Sincerely
|
|
Marc Hurst
|
|
|
|
0xd>-------------------------------------------------------------------------
|
|
|
|
Title: XS4ALL refuses Internet tap
|
|
Source: Press Release
|
|
Author: Maurice Wessling
|
|
Date: November 13th 1997, Amsterdam, Netherlands.
|
|
|
|
|
|
XS4ALL Internet is refusing to comply with an instruction from the
|
|
Dutch Ministry of Justice that it should tap the Internet traffic
|
|
of one of its users as part of an investigation. XS4ALL has
|
|
informed the Ministry that in its view the instruction lacks any
|
|
adequate legal basis. The company's refusal makes it liable for a
|
|
penalty but XS4ALL is hoping for a trial case to be brought in the
|
|
near future so that a court can make a pronouncement.
|
|
|
|
On Friday October 31st, a detective and a computer expert from the
|
|
Forensic Science Laboratory issued the instruction to XS4ALL. The
|
|
Ministry of Justice wants XS4ALL to tap for a month all Internet
|
|
traffic to and from this user and then supply the information to
|
|
the police. This covers e-mail, the World Wide Web, news groups,
|
|
IRC and all Internet services that this person uses. XS4ALL would
|
|
have to make all the technical arrangements itself.
|
|
|
|
As far as we are aware, there is no precedent in the Netherlands
|
|
for the Ministry of Justice issuing such a far-reaching
|
|
instruction to an Internet provider. The detectives involved also
|
|
acknowledge as much. Considering that a national meeting of
|
|
Examining judges convened to discuss the instruction, one may
|
|
appreciate just how unprecedented this situation is. Hitherto,
|
|
instructions have mainly been confined to requests for personal
|
|
information on the basis of an e-mail address.
|
|
|
|
XS4ALL feels obliged in principle to protect its users and their
|
|
privacy. Furthermore, XS4ALL has a commercial interest, since it
|
|
must not run the risk of action being brought by users under Civil
|
|
Law on account of unlawful deeds. This could happen with such an
|
|
intervention by the provider which is not based in law. Finally,
|
|
it is important from the social point of view that means of
|
|
investigation have adequate statutory basis. To comply with the
|
|
instruction could act as an undesirable precedent which could have
|
|
a major impact on the privacy of all Internet users in the
|
|
Netherlands.
|
|
|
|
XS4ALL has no view on the nature of the investigation itself or
|
|
the alleged crimes. It is happy to leave the court to decide that.
|
|
Nor will XS4ALL make any comment on the content of the study or
|
|
the region in which this is occurring for it is not its intention
|
|
that the investigation should founder. XS4ALL has proposed in vain
|
|
to the examining judge that the instruction be recast in terms
|
|
which ensures the legal objections are catered for.
|
|
|
|
The Ministry of Justice based its claim on Article 125i of the
|
|
Penal Code. This article was introduced in 1993 as part of the
|
|
Computer Crime Act. It gives the examining judge the option of
|
|
advising third parties during statutory preliminary investigations
|
|
to provide data stored in computers in the interest of
|
|
establishing the truth. According to legal history, it was never
|
|
the intention to apply this provision to an instruction focused on
|
|
the future. Legislators are still working to fill this gap in the
|
|
arsenal of detection methods, by analogy with the Ministry of
|
|
Justice tapping phone lines (125g of the Penal Code). The Dutch
|
|
Constitution and the European Convention on the Protection of
|
|
Human Rights demand a precise statutory basis for violating basic
|
|
rights such as privacy and confidentiality of correspondence. The
|
|
Ministry clearly does not wish to wait for this and is now
|
|
attempting to use Article 125i of the Penal Code, which is not
|
|
intended for this purpose, to compel providers themselves to start
|
|
tapping suspect users. The Ministry of Justice is taking the risk
|
|
of the prosecution of X, in the context of which the instruction
|
|
was issued to XS4ALL, running aground on account of using illegal
|
|
detection methods. Here, again, XS4ALL does not wish to be liable
|
|
in any respect in this matter.
|
|
|
|
For information please contact:
|
|
|
|
XS4ALL
|
|
Maurice Wessling
|
|
email: maurice@xs4all.nl
|
|
http://www.xs4all.nl/
|
|
|
|
0xf>-------------------------------------------------------------------------
|
|
|
|
Title: The FCC Wants V-Chip in PCs too
|
|
Source: Cyber-Liberties Update
|
|
Author:
|
|
Date: Monday, November 3, 1997
|
|
|
|
|
|
Mandating that all new televisions have built-in censorship technology
|
|
is not the only thing that the Federal Communications Commission (FCC)
|
|
is seeking, said ACLU Associate Director Barry Steinhardt, it is also
|
|
looking to require that the same technology be added to all new personal
|
|
computers.
|
|
|
|
Last year, culminating a protracted campaign against TV violence,
|
|
Congress passed the Telecommunications Act of 1996, a law requiring that
|
|
new televisions be equipped with the so-called V-chip. The V-chip is a
|
|
computerized chip capable of detecting program ratings and blocking
|
|
adversely rated programs from view.
|
|
|
|
Now, the FCC has announced that it is soliciting public comments through
|
|
November 24, on the idea of placing V-chips inside personal computers
|
|
since some are capable of delivering television programming.
|
|
|
|
^SAt the time the V-chip was being considered we warned that with the
|
|
growing convergence between traditional television (broadcast and cable)
|
|
and the Internet, it was only a matter of time before the government
|
|
would move to require that the V-chip be placed in PC's. Now that has
|
|
happened,^T Steinhardt said.
|
|
|
|
^SHardwiring censorship technology into the PC is part of the headlong
|
|
rush to
|
|
a scheme of rating and blocking Internet content that will turn the
|
|
Internet into a bland homogenized medium in which only large corporate
|
|
interest will have truly free speech,^T Steinhardt said.
|
|
|
|
The ACLU has criticized the mandatory requirement of V-chip arguing that
|
|
it is a form of censorship clearly forbidden by the First Amendment.
|
|
|
|
^SAlthough its supporters claim the V-chip gives parents control over
|
|
their
|
|
children's viewing habits, in fact it will function as a governmental
|
|
usurpation of parental control,^T said Solange Bitol, Legislative Counsel
|
|
for the ACLU^Rs Washington National Office.
|
|
|
|
^SUnder the legislation, it is the government (either directly or by
|
|
coercing private industry), and not the parents, that will determine how
|
|
programs will be rated. If a parent activates the V-chip, all programs
|
|
with a "violent" rating will be blocked. What kind of violence will be
|
|
censored? Football games? War movies? News reports?^T she added.
|
|
|
|
The ACLU is opposed to mandatory addition or use of censoring
|
|
technologies and we will be filing comments with the FCC later this
|
|
month. We believe people are smart enough to turn off their television
|
|
sets or PCs on their own if they don^Rt like what they see.
|
|
|
|
Tell the FCC what you think. Submit comments to them online at
|
|
<http://www.fcc.gov/vchip/>, and send us a copy as well so that we make
|
|
sure your voice is heard. E-mail them to CSehgal@aclu.org.
|
|
|
|
=-=
|
|
|
|
To subscribe to the ACLU Cyber-Liberties Update, send a message to
|
|
majordomo@aclu.org with "subscribe Cyber-Liberties" in the body of your
|
|
message. To terminate your subscription, send a message to
|
|
majordomo@aclu.org with "unsubscribe Cyber-Liberties" in the body.
|
|
|
|
|
|
1x1>-------------------------------------------------------------------------
|
|
|
|
Book Title: Underground
|
|
Poster: George Smith via Crypt Newsletter
|
|
|
|
Date: 27 Aug 97 00:36:12 EDT
|
|
From: "George Smith [CRYPTN]" <70743.1711@CompuServe.COM>
|
|
Subject: File 5--An "Underground" Book on Australian Hackers Burns the Mind
|
|
|
|
Source - CRYPT NEWSLETTER 44
|
|
|
|
AN "UNDERGROUND" BOOK ON AUSTRALIAN HACKERS BURNS THE MIND
|
|
|
|
Crypt News reads so many bad books, reports and news pieces on
|
|
hacking and the computing underground that it's a real pleasure to
|
|
find a writer who brings genuine perception to the subject.
|
|
Suelette Dreyfus is such a writer, and "Underground," published by
|
|
the Australian imprint, Mandarin, is such a book.
|
|
|
|
The hacker stereotypes perpetrated by the mainstream media include
|
|
descriptions which barely even fit any class of real homo sapiens
|
|
Crypt News has met. The constant regurgitation of idiot slogans
|
|
-- "Information wants to be free," "Hackers are just people who
|
|
want to find out how things work" -- insults the intelligence.
|
|
After all, have you ever met anyone who wouldn't want their access
|
|
to information to be free or who didn't admit to some curiosity
|
|
about how the world works? No -- of course not. Dreyfus'
|
|
"Underground" is utterly devoid of this manner of patronizing
|
|
garbage and the reader is the better for it.
|
|
|
|
"Underground" is, however, quite a tale of human frailty. It's
|
|
strength comes not from the feats of hacking it portrays --and
|
|
there are plenty of them -- but in the emotional and physical cost
|
|
to the players. It's painful to read about people like Anthrax, an
|
|
Australian 17-year old trapped in a dysfunctional family.
|
|
Anthrax's father is abusive and racist, so the son --paradoxically
|
|
-- winds up being a little to much like him for comfort,
|
|
delighting in victimizing complete strangers with mean jokes and
|
|
absorbing the anti-Semitic tracts of Louis Farrakhan. For no
|
|
discernible reason, the hacker repetitively baits an old man
|
|
living in the United States with harassing telephone calls.
|
|
Anthrax spends months of his time engaged in completely pointless,
|
|
obsessed hacking of a sensitive U.S. military system. Inevitably,
|
|
Anthrax becomes entangled in the Australian courts and his life
|
|
collapses.
|
|
|
|
Equally harrowing is the story of Electron whose hacking pales in
|
|
comparison to his duel with mental illness. Crypt News challenges
|
|
the readers of "Underground" not to squirm at the image of
|
|
Electron, his face distorted into a fright mask of rolling eyes
|
|
and open mouth due to tardive dyskinesia, a side-effect of being
|
|
put on anti-schizophrenic medication.
|
|
|
|
Dreyfus expends a great deal of effort exploring what happens when
|
|
obsession becomes the only driving force behind her subjects'
|
|
hacking. In some instances, "Underground's" characters degenerate
|
|
into mental illness, others try to find solace in drugs. This is
|
|
not a book in which the hackers declaim at any great length upon
|
|
contorted philosophies in which the hacker positions himself as
|
|
someone whose function is a betterment to society, a lubricant of
|
|
information flow, or a noble scourge of bureaucrats and tyrants.
|
|
Mostly, they hack because they're good at it, it affords a measure
|
|
of recognition and respect -- and it develops a grip upon them
|
|
which goes beyond anything definable by words.
|
|
|
|
Since this is the case, "Underground" won't be popular with the
|
|
goon squad contingent of the police corp and computer security
|
|
industry. Dreyfus' subjects aren't the kind that come neatly
|
|
packaged in the
|
|
"throw-'em-in-jail-for-a-few-years-while-awaiting-trial"
|
|
phenomenon that's associated with America's Kevin Mitnick-types.
|
|
However, the state of these hackers -- sometimes destitute,
|
|
unemployable or in therapy -- at the end of their travails is
|
|
seemingly quite sufficient punishment.
|
|
|
|
Some things, however, never change. Apparently, much of
|
|
Australia's mainstream media is as dreadful at covering this type
|
|
of story as America's. Throughout "Underground," Dreyfus includes
|
|
clippings from Australian newspapers featuring fabrications and
|
|
exaggeration that bare almost no relationship to reality. Indeed,
|
|
in one prosecution conducted within the United Kingdom, the
|
|
tabloid press whipped the populace into a blood frenzy by
|
|
suggesting a hacker under trial could have affected the outcome of
|
|
the Gulf War in his trips through U.S. computers.
|
|
|
|
Those inclined to seek the unvarnished truth will find
|
|
"Underground" an excellent read. Before each chapter, Dreyfus
|
|
presents a snippet of lyric chosen from the music of Midnight Oil.
|
|
It's an elegant touch, but I'll suggest a lyric from another
|
|
Australian band, a bit more obscure, to describe the spirit of
|
|
"Underground." From Radio Birdman's second album: "Burned my eye,
|
|
burned my mind, I couldn't believe it . . . "
|
|
+++++++++
|
|
|
|
["Underground: Tales of Hacking, Madness and Obsession on the
|
|
Electronic Frontier" by Suelette Dreyfus with research by Julian
|
|
Assange, Mandarin, 475 pp.]
|
|
|
|
Excerpts and ordering information for "Underground" can be found
|
|
on the Web at http://www.underground-book.com .
|
|
|
|
George Smith, Ph.D., edits the Crypt Newsletter from Pasadena,
|
|
CA.
|
|
|
|
1x2>-------------------------------------------------------------------------
|
|
|
|
Book Title: The Electronic Privacy Papers
|
|
: Documents on the Battle for Privacy in the Age of Surveillance
|
|
by: Bruce Schneier + David Banisar
|
|
publisher: John Wiley 1997
|
|
other: 747 pages, index, US$59.99
|
|
|
|
_The Privacy Papers_ is not about electronic privacy in general: it covers
|
|
only United States Federal politics, and only the areas of wiretapping
|
|
and cryptography. The three topics covered are wiretapping and the
|
|
Digital Telephony proposals, the Clipper Chip, and other controls on
|
|
cryptography (such as export controls and software key escrow proposals).
|
|
|
|
The documents included fall into several categories. There are broad
|
|
overviews of the issues, some of them written just for this volume.
|
|
There are public pronouncements and documents from various government
|
|
bodies: legislation, legal judgements, policy statements, and so forth.
|
|
There are government documents obtained under Freedom of Information
|
|
requests (some of them partially declassified documents complete with
|
|
blacked out sections and scrawled marginal annotations), which tell
|
|
the story of what happened behind the scenes. And there are newspaper
|
|
editorials, opinion pieces, submissions to government enquiries, and
|
|
policy statements from corporations and non-government organisations,
|
|
presenting the response from the public.
|
|
|
|
Some of the material included in _The Privacy Papers_ is available
|
|
online, none of it is breaking news (the cut-off for material appears
|
|
to be mid-to-late 1996), and some of the government documents included
|
|
are rather long-winded (no surprise there). It is not intended to be a
|
|
"current affairs" study, however; nor is it aimed at a popular audience.
|
|
_The Privacy Papers_ will be a valuable reference sourcebook for anyone
|
|
involved with recent government attempts to control the technology
|
|
necessary for privacy -- for historians, activists, journalists,
|
|
lobbyists, researchers, and maybe even politicians.
|
|
|
|
--
|
|
|
|
%T The Electronic Privacy Papers
|
|
%S Documents on the Battle for Privacy in the Age of Surveillance
|
|
%A Bruce Schneier
|
|
%A David Banisar
|
|
%I John Wiley
|
|
%C New York
|
|
%D 1997
|
|
%O hardcover, bibliography, index
|
|
%G ISBN 0-471-12297-1
|
|
%P xvi,747pp
|
|
%K crime, politics, computing
|
|
|
|
|
|
1x3>-------------------------------------------------------------------------
|
|
|
|
Book Title: "Computer Security and Privacy: An Information Sourcebook:
|
|
Topics and Issues for the 21st Century"
|
|
|
|
|
|
by Mark W. Greenia
|
|
List: $29.95
|
|
Publisher: Lexikon Services
|
|
Win/Disk Edition
|
|
Binding: Software
|
|
Expected publication date: 1998
|
|
ISBN: 0944601154
|
|
|
|
|
|
[PWN: I haven't seen this one in stores, and no further information or
|
|
reviews have been found.]
|
|
|
|
3x1>-------------------------------------------------------------------------
|
|
|
|
CDT POLICY POST Volume 3, Number 12 August 11, 1997
|
|
|
|
(1) CIVIL LIBERTIES GROUPS ASK FCC TO BLOCK FBI ELECTRONIC SURVEILLANCE
|
|
PROPOSAL
|
|
|
|
The Center for Democracy and Technology and the Electronic Frontier
|
|
Foundation today filed a petition with the Federal Communications
|
|
Commission to block the FBI from using the 1994 "Digital Telephony" law to
|
|
expand government surveillance powers.
|
|
|
|
The law, officially known as the "Communications Assistance for Law
|
|
Enforcement Act" (CALEA), was intended to preserve law enforcement
|
|
wiretapping ability in the face of changes in communications technologies.
|
|
In their filing, CDT and EFF argue that the FBI has tried to use CALEA to
|
|
expand its surveillance capabilities by forcing telephone companies to
|
|
install intrusive and expensive surveillance features that threaten privacy
|
|
and violate the scope of the law.
|
|
|
|
3x2>-------------------------------------------------------------------------
|
|
|
|
Anti-Spam Bills in Congress
|
|
|
|
Source - ACLU Cyber-Liberties Update, Tuesday, September 2, 1997
|
|
|
|
Unsolicited e-mail advertisement, or "spam," has few fans on the
|
|
net. Court battles have been waged between service providers, such
|
|
as AOL and Compuserve, and spam advertisers, including Cyber
|
|
Promotions, over whether the thousands of messages sent to user
|
|
e-mails can be blocked. Congress and several state legislatures
|
|
have also stepped into the debate and have introduced some bills
|
|
fraught with First Amendment problems because they ban commercial
|
|
speech altogether or are content specific.
|
|
|
|
[Laws against spam.. oh neat. So, how do they plan on enforcing it?]
|
|
|
|
3x3>-------------------------------------------------------------------------
|
|
|
|
JUSTICE DEPARTMENT CHARGES MICROSOFT WITH VIOLATING 1995 COURT ORDER
|
|
|
|
Asks Court to Impose $1 Million a Day Fine if Violation Continues
|
|
|
|
WASHINGTON, D.C. -- The Department of Justice asked a
|
|
federal court today to hold Microsoft Corporation--the world's
|
|
dominant personal computer software company--in civil contempt
|
|
for violating terms of a 1995 court order barring it from
|
|
imposing anticompetitive licensing terms on manufacturers of
|
|
personal computers.
|
|
|
|
[PWN: Hey Bill.. nah nah nah, thptptptptptptp, nanny nanny boo boo]
|
|
|
|
3x4>-------------------------------------------------------------------------
|
|
|
|
Small Minds Think Alike
|
|
Source - : fight-censorship@vorlon.mit.edu
|
|
|
|
CyberWire Dispatch Bulletin
|
|
|
|
Washington --In this boneyard of Washington, DC it doesn't take
|
|
long for big dawgs and small alike to bark. A couple of small
|
|
ones yipped it up today.
|
|
|
|
Rep. Marge (no relation to Homer) Roukema, R-N.J. and Sen. Lauch
|
|
(??) Faircloth, R-N.C. introduced a bill to amend the
|
|
Communications Act that would ban convicted sex offenders from
|
|
using the Internet.
|
|
|
|
[PWN: Oh yeah.. that will be easy to enforce.]
|
|
|
|
3x5>-------------------------------------------------------------------------
|
|
|
|
Cyber Promotions tossed offline
|
|
|
|
Cyber Promotions tossed offline
|
|
By Janet Kornblum
|
|
September 19, 1997, 1:25 p.m. PT
|
|
|
|
Cyber Promotions, antispammers' enemy No. 1 on the Net, has once again
|
|
been dumped by its access provider.
|
|
|
|
Backbone provider AGIS cut off Cyber Promotions Wednesday, and the
|
|
company has been scrambling for another ISP since.
|
|
|
|
[PWN: Hey Samford.. ha ha ha, nanny nanny, thptptptptp.]
|
|
|
|
"Ping-flood attacks observed originating from the West Coast into AGIS
|
|
and directed to the Washington and Philadelphia routers severely
|
|
degraded AGIS network performance to [an] unacceptable level...AGIS
|
|
had no alternative but to shut off services to Cyber Promotions,"
|
|
reads a statement that Wallace put on his page. He alleged that the
|
|
statement came from an AGIS engineer.
|
|
|
|
[PWN: If a ping flood took them down this time...]
|
|
|
|
|
|
|
|
----[ EOF
|
|
|