Computer underground Digest Sun May 28, 1996 Volume 8 : Issue 39 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #8.39 (Sun, May 28, 1996) File 1--The Civil Liberies On-line Circus File 2--Article #12 of France's proposed telecoms law File 3--University of Wisconsin/Madison hires cyber-police File 4--19 year old arrested for making terrorist threats File 5--Nat'l Jrnl article sez net-activism is just political hicks File 6--Cyber Sit-in File 7--(fwd fyi) Internet a Broadcast Media? File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: 23 May 96 04:00:19 EDT From: Lance Rose <72230.2044@CompuServe.COM> Subject: File 1--The Civil Liberies On-line Circus The Civil Liberties Online Circus: Why Bother with Real Life When We Can Yell About Heaven and Hell? Civil liberties groups are rallying the troops of good netizens against one absurd, banal evil after another. What are today's greatest hits? (1) The CDA, (2) the crypto software battles, and (3) the proposed NII copyright legislation. It's understandable that civil liberties groups have to yell louder. They need to combat the moves of powerful, well-connected industry and political groups. There's a sinking feeling, however, that they might be losing a little perspective amidst all their exhorting. Let's look at the 3 big battles mentioned above. 1. The CDA has been labeled some sort of showdown on the future of free speech on the Internet. Hey, check your calendar -- we're still in the prehistory of the digital era. It's a little early for showdowns when we're only learning how to crawl. The current CDA fight is just the latest battleground in a moral/legal debate that in the past half century has stretched from books, to comic books, to television, to telephone, to computer games, and now to online transmissions. This infinitely rewinding moral play may make for good drama for some, but the real action on online free speech -- where there is some prospect for defining rights, rather than the routine compromise between moralists and free speech advocates we will inevitably see play out in the CDA -- will be elsewhere. How deeply are CDA opponents getting lost in the hype? Check this out: One of their arguments against the CDA is that it wrongly seeks to impose the "indecency" standard from television -- a "pervasive" medium -- on the supposedly non-"pervasive" Internet. This is a creditable legal argument (though it begs the question on "pervasiveness" until the Su. Ct. gets its hands on the issue). Another of their arguments is that if an indecency standard is indeed applied to the Internet, it would be impossible to enforce meaningfully, and would shut down practically all speech. Whoa -- let's circle back to the top now. Isn't an indecency standard of some sort very much in place for television today? And isn't television a hugely popular mass medium, at the very center of U.S. and other societies? Seems these two arguments don't hang together, unless we all share some very damning assessments of the current TV system, which is not very likely. In other words, the anti-CDA position is not logically consistent -- it's just an all-out opposition to the CDA. That's fine, but let's at least recognize it for what it is, rather than a position derived axiomatically from bedrock-strong First Amendment first principles. Some litigators among us, round about now, might contend that good adversaries legitimately plead alternative theories, but that's my point. They're alternative theories, and fairly mutually exclusive, to boot. 2. On to the crypto battles. Will common netizens have the right to encrypt their messages without handing their encryption keys over to the government? Who knows, but there's lots of fighting going on, and more doomsaying predictions that we're battling over the deepest privacy questions ever. The feds want our crypto keys, and they've rolled out Clipper 3 now, just to show how belligerent they are about it. The civil liberties groups are running test cases, grass roots campaigns, cultivating politician champions and pursuing various other agendas in a truly all-out effort to save crypto for all of us. But what is crypto, really, but just an awkward way of hiding things? We're not talking about the underlying math, of course, designed by guys next to whose intellects most of us are just chimps in lab cages. Rather, what is crypto used for? It is used to hide a message right in someone else's face. It is like sticking a self-incriminating note in a physical capsule that is uncrackably hard and strong, then lobbing the capsule through the window of a police station to sit in the middle of the floor among a bunch of cops, powerless to open it up and figure out how to get the perp. Gee, is that really the best way to hide a message (given that the cops" first move will be to look outside for those responsible)? Or is it better to leave the cops blissfully unaware of the message's existence, or its true nature, so they never even get close to the point of having an encrypted message they're trying to crack? You probably get the point by now. Encryption rights are the brute force, crude wood cudgel approach to achieving message secrecy. Far more elegant and effective means of attaining secrecy exist today, and will be devised in the future. That's where the action will be after the dust has cleared on today's crypto rights battles, no matter who "wins" them. 3. The proposed "National Information Infrastructure" copyright legislation. There's a lot of fire and brimstone being spewed over this one, but who has really looked at the proposed law? There ain't much there. One part of the proposed law gives a copyright owner control over "transmissions" of works online. The opposing civil liberties people say this will make browsing on the Net illegal. What? If the online copyright proposal would make browsing on the Net illegal, then it's already illegal today. That's right. Copyright owners today control rights to make "copies" of their works. If you copy my text on your computer, even in RAM, you've made a copy of my work, and theoretically violated my copyright. Then why aren't copyright owners already suing everyone on the Internet? Because, first, the very way the Net works is by people putting up materials for others to browse. Second, enforcement against individual browsing users is nearly impossible. Third, browsing users have a very, very good argument that anyone who voluntarily places their materials into an online environment where it will be routinely and customarily browsed implicitly licenses such use of their materials. If the new proposal turns the current "copying" right into a so-called "transmission" right when it happens across a network, this is no more than a change in terminology. The same factors described above apply as much to "transmissions" involving browsing users as to "copying" involving browsing users. The other major part of the proposed law makes various efforts to hack copy protection schemes illegal. Why are some people concerned about this? Have you seen the Web lately? We're not exactly suffering an information shortage. Copy protection will take some stuff out of the public flow, but probably not a whole lot. What we do have right now are some very wary publishers, unwilling to make certain investments in online information unless they know they can protect it heavily if they feel a need to do so. We also have a bunch of hackers who are indeed ready to grab anything they can get their hands on, the more protected the better. So this part of the law calms the publishers down, tells them it's safe to go in the water. Does it really consign the Net to hell, as some civil liberties groups seem to think, merely to give some legal protection to copy protection devices? No. Here comes the part that you may find hard to believe: in all the battles mentioned above, I personally side with the civil liberties groups every single time. Then why the criticisms? It looks like these groups, with their admirable principles and agendas, are increasingly getting lost in hyperbole and losing important perspective. Frankly, the shrillness is beginning to hurt my ears. ------------------------------ Date: Thu, 23 May 1996 12:17:03 +0100 From: Jean-Bernard Condat Subject: File 2--Article #12 of France's proposed telecoms law Paris, May 23, 1996: There is an EC regulation called which applies to all EC countries. This restricts the use of cryptography in the context of weapons of mass destruction, but not for any other purpose. The UK also has an export licensing requirement which is similar in scope. France, on the other hand, has much wider restrictions. The EC regulation is "Dual-Use and Related Goods (Export Control) Regulations" and the UK is "Export of Goods (Control) Order". Attached is a message containing the pending French legislation, followed by some comments. I hope this is helpful to readers on both sides of the pond. [Tuesday, 07 May 96 08:30:54 EST, "jean-bernard condat" writte:] --------------- Art. 12 Article 28 of the Law No. 90-1170 dated December 29, 1990, on telecommunications regulation is hereby amended as follows: I - Section I is hereby amended as follows: 1) The first paragraph shall be completed by the following phrase: "Secret coding method denotes all materials or programs conceived or modified for the same purpose." 2) The second and third paragraphs are hereby replaced by the following provisions: "To preserve the interests of national defense and the internal or external security of the State, while permitting the protection of information and the development of secure communications and transactions, 1) the use of a secret coding method or service shall be: a) allowed freely: - if the secret coding method or service does not allow the assurance of confidentiality, particularly when it can only be used to authenticate a communication or ensure the integrity of the transmitted message; - or if the method or the service assures confidentiality and uses only coding conventions managed according to the procedures and by an organization approved under the conditions defined in Section II; b) subject to the authorization of the Prime Minister in other cases. 2) the supply, importation from countries not belonging to the European Community, and exportation of secret coding methods as well as services: a) shall require the prior authorization of the Prime Minister when they assure confidentiality; the authorization may require the supplier to reveal the identity of the purchaser; b) shall require declaration in other cases." 3) A decree sets the conditions under which the declarations are signed and the authorizations approved. This decree provides for: a) a simplified system of declaration or authorization for certain types of methods or services or for certain categories of users; b) the substitution of the declaration for the authorization, for transactions concerning secret coding methods or services whose technical characteristics or conditions of use, while justifying a certain attention being paid with regard to the aforementioned interests, do not require the prior authorization of these transactions; c) the waiver of all prior formalities for transactions concerning secret coding methods or services whose technical characteristics or conditions of use are such that the transactions are not capable of damaging the interests mentioned at the beginning of this paragraph. II - Section II is hereby replaced by the following provisions: "II - Organizations responsible for managing, on behalf of others, the coding conventions for secret coding methods or services that allow the assurance of confidentiality must be approved in advance by the Prime Minister. They are obligated to maintain professional confidentiality in the exercise of their approved activities. The approval shall specify the methods and services that they may use or supply. They shall be responsible to preserve the coding conventions that they manage. Within the framework of application of the Law No. 91-646 dated July 10, 1991, concerning the confidentiality of correspondence sent via telecommunications, and within the framework of investigations made under the rubric of Articles 53 et seq. and 75 et seq. of the Code of Criminal Procedure, they must release them to judicial authorities or to qualified authorities, or implement them according to their request. They must exercise their activities on domestic soil. A decree in the Council of State sets the conditions under which these organizations shall be approved, as well as the guarantees which the approval shall require; it specifies the procedures and the technical provisions allowing the enforcement of the obligations indicated above. III - a) Without prejudice to the application of the Customs Code, the fact of supplying, importing from a country not belonging to the European Community, or exporting, a secret coding method or service, without having obtained the prior authorization mentioned in I or in violation of the conditions of the granted approval, shall be punishable by six months imprisonment and a fine of FF 200,000. The fact of managing, on behalf of others, the coding conventions for secret coding methods or services that allow the assurance of confidentiality, without having obtained the approval mentioned in II or in violation of the conditions of this approval, shall be punishable by two years imprisonment and a fine of FF 300,000. The fact of supplying, importing from a country not belonging to the European Community, or exporting, a secret coding method or service, in order to facilitate the preparation or commission of a felony or misdemeanor, shall be punishable by three years imprisonment and a fine of FF 500,000. The attempt to commit the infractions mentioned in the preceding paragraphs shall be punishable by the same penalties. b) The natural persons guilty of the infractions mentioned under a) shall incur the complementary penalties provided for in Articles 131-19, 131-21, and 131-27, as well as, either indefinitely or for a period of five years or longer, the penalties provided for in Articles 131-33 and 131-34 of the Criminal Code. c) Judicial persons may be declared criminally responsible for the infractions defined in the first paragraph under the conditions provided for in Article 121-2 of the Criminal Code. The penalties incurred by judicial persons are: 1) the fine according to the modalities provided for by Article 131-38 of the Criminal Code; 2) the penalties mentioned in the Article L. 131-39 of the same code. The prohibition mentioned in 2) of this article L. 131-39 concerns activities, during the exercise of which, or on the occasion of the exercise of which, the infraction was committed." III - Section III becomes IV. Its last paragraph is hereby replaced by the following provisions: "The fact of refusing to supply information or documents, or of obstructing the progress of the investigations mentioned in this section IV, shall be punishable by six months imprisonment and a fine of FF 200,000." IV - Section IV becomes V. After the word "authorizations," the words "and declarations" are hereby inserted. V - A section VI is hereby added, formulated as follows: "VI - The provisions of this article shall not hinder the application of the Decree dated April 18, 1939, establishing the regulation of war materials, arms, and munitions, to those secret coding methods which are specially conceived or modified to allow or facilitate the use or manufacture of arms." VI - This article is applicable to overseas territories and to the territorial commonwealth of Mayotte. Copyright 1996 Steptoe & Johnson LLP Steptoe & Johnson LLP grants permission for the contents of this publication to be reproduced and distributed in full free of charge, provided that: (i) such reproduction and distribution is limited to educational and professional non-profit use only (and not for advertising or other use); (ii) the reproductions or distributions make no edits or changes in this publication; and (iii) all reproductions and distributions include the name of the author(s) and the copyright notice(s) included in the original publication. --------------- In trying to analyze the impact of the proposed law, I would note the following: Section I: Paragraph 1 (a), first bullet, seems to explicitly allow digital signatures, and does not require that the secret keys used for such purposes be escrowed. Paragraph 1 (a), second bullet, in combination with Section II, strongly hints at a requirement for key escrow. Conceivably, depending on the details of Law No 91-646 dated July 10, 1991 concerning the confidentiality of correspondence sent via telecommunications, the use of short keys that might expose information to unauthorized individuals (a la the IBM masked DES and Lotus Notes solution) might even be prohibited! Paragraph 1 (b) provides an escape clause for certain favored activities (and/or organizations?). Presumably international standards such as Visa/MasterCard's SET, which apply strong confidentiality to only certain data fields, notably the cardholders account number, would be permitted under this kind of an exception. Banking transactions and other sensitive information may also be excluded from the key escrow requirement, especially if (since) the Government could subpoena the bank's records directly. This is further borne out by paragraph 3, (a, b, and c). Paragraph 1 seems to apply to the use of encryption, as opposed to the supply, import, or export. However, unless such use is covered by Law No. 91-646, the proposed amendment does not seem to apply criminal or civil penalties to such use. Paragraph 2 is interesting, in that it differentiates between "supply" and "importing from countries not belonging to the European community". This may be a techni-cality of the European Community import/export laws -- perhaps importation from countries within the European Community no longer has any meaning, since such customs barriers were supposed to have been removed. I would interpret "supply" to include the offering for sale, or even distributing for free, such code, even by a French citizen. This would therefore appear to apply to the (re-)distribution of PGP and/or any home-grown French products, as well as any encryption products originating within the EC. If so, this would seem to be more even-handed with respect to imports from the US and elsewhere than might otherwise appear, and may obviate any claim that the law would violate the World Trade Organization's Most Favored Nation agreements. The apparent import preference for EC products simply reflect's France's obligation to allow the free flow of goods within the EC. Paragraph 3 seems to provide for some simplified administrative mechanisms that may be less onerous than a case by case review. IN US terms, this may be similar to requesting a commodity jurisdiction from Commerce, rather than having encryption being construed as following under the ITARs. If so, we should certainly investigate these options. Subparagraphs b and c may apply to the use of relatively short keys, or for transactions of limited scope, e.g., for SET. Section II defines conditions for establishing and approving escrow agencies. Given the requirement for "professional confidentiality", I would not be at all surprised if the civil law "notaires" didn't jump at the chance to get into this business. The requirement that they exercise their activities on French soil is rather obscure. The prior language doesn't explicitly say that anything about escrow, nor where the escrowed keys must be maintained -- it only talks about the management of coding conventions, and the requirement to comply with the requirements of the Code of Civil Procedure, which presumably requires that they divulge the keys and/or the text of any confidential messages upon demand by a proper authority. But a literal reading of the text would suggest that a standards organization that manages and preserves the coding conventions would have to carry out their activities on French soil, while the escrow repository might be elsewhere. Section III certainly makes it clear that they are serious about all this. The natural persons who have committed, or even attempted to commit acts in violation of the Act are subject to fines and imprisonment, and I would hazard a guess that the Articles 131-33 and 131-34 would debar them from participating in any future importing or exporting. Corporations (judicial persons) may be held criminally responsible for any infractions caused by their employees, and I would assume that Article 131-39 would also lead to a debarment for future import or export, in exactly the same manner as US export violations would. Section VI makes the Act applicable to overseas territories, which means that some of the more obscure areas and countries would also be covered, such as French Guiana, etc. Disclaimer: I am not a French attorney, nor someone who is at all knowledgeable about EC law. The preceding analysis should not be construed as any kind of an official position. Go get your own hired guns if you need advice! ------------------------------ Date: Thu, 23 May 1996 04:59:21 -0700 (PDT) From: Declan McCullagh Subject: File 3--University of Wisconsin/Madison hires cyber-police [Now _this_ is a disturbing turn of events, though I suppose it was inevitable. "Electronic recidivism rates?" --Declan] // declan@eff.org // I do not represent the EFF // declan@well.com // Chicago Tribune May 20, 1996 Monday, FINAL EDITION NEWS; Pg. 3; ZONE: M; In the Midwest. LENGTH: 317 words BYLINE: Compiled by David Elsner. DATELINE: MADISON, WISCONSIN BODY: The University of Wisconsin -Madison is planning to hire a computer cop to police the electronic traffic of its students and faculty. The "network investigator" would examine pranks, harassment, copyright infringement, software thievery and other computer system misuses and abuses, officials said. .................... UW-Madison is now advertising the full-time post. Officials envision an investigator who will track down, retrieve and restore offending electronic communication. The evidence would be turned over to university officials or police. Five years ago, relatively few students and faculty members had Internet access and electronic mail, or e-mail. Today, university officials handle 50,000 separate computer accounts, and a part-time investigator has not been able to keep up with the volume. During the spring semester, officials received an average of two to three complaints a week about computer abuses, said Susan Puntillo, of UW-Madison's Division of Information Technology. Years ago, warnings and reprimands generally sufficed. Even now, once chastised, few repeat their offense. Puntillo estimated electronic recidivism rates at less than 1 percent. .................... ------------------------------ Date: Sat, 25 May 1996 20:49:53 +0000 From: David Smith Subject: File 4--19 year old arrested for making terrorist threats The first quotation is an AP article excerpt about a college student arrested for making a terrorist threat via a Usenet post. The second excerpt is the text of the actually message in question. --- Excerpt 1 ---- NET THREAT IS TRACED TO STUDENT SACRAMENTO (AP) - An Internet message declaring an "open season" on state Sen. Tim Leslie because of the lawmaker's stance on mountain lions has been traced to a 19-year-old college student in El Paso, Texas, authorities say. Jose Eduardo Saavedra was arrested on a no-bail warrant based on felony charges filed in Sacramento alleging that he had made terrorist threats and threatened a public official, said El Paso County sheriff's Sgt. Don Marshall. The computer message posted March 6 read: "Let's hunt Sen. Tim Leslie for sport. ... I think it would be great" if he "were hunted down and skinned and mounted for our viewing pleasure." Leslie, who pushed for a ballot measure that would have removed special protections for mountain lions in California, expressed relief that an arrest had been made but said the incident raised "big new issues" about the use - and misuse - of the Internet. ............... According to Al Locher of the Sacramento County district attorney's office, Saavedra was tracked down by investigators working on information from his Internet provider, Primenet of Arizona. ---end excerpt--- +++++++++++++++++++ --- Excerpt 2 --- Path--news.primenet.com!zuma From--Zuma Newsgroups: talk.environment,sci.environment,talk.politics.animals,rec.pets,ca.politics,rec .pets.cats,rec.animals.wildlife,rec.food.veg,alt.save-the-earth Subject--Re--Hunting Mountain Lions Followup-To: talk.environment,sci.environment,talk.politics.animals,rec.pets,ca.politics,rec .pets.cats,rec.animals.wildlife,rec.food.veg,alt.save-the-earth Date--6 Mar 1996 16:09:00 -0700 Organization--Primenet (602)395-1010 Lines--19 Sender--root@primenet.com Message-ID--<4hl5uc$6c4@nnrp1.news.primenet.com> References--<4e3573$105e@news.ccit.arizona.edu> <4e79n6$5a6@ixnews5.ix.netcom.com> <4e7lfe$bsg@ixnews7.ix.n <4g3pk3$7m0@cloner4.netcom.com> <4gnh1u$qur@oracle.damerica.net> X-Posted-By--zuma@usr3.primenet.com Xref--news.primenet.com talk.environment:58565 sci.environment:94565 talk.politics.animals:67399 rec.pets:57445 ca.politics:97674 rec.pets.cats:152834 rec.animals.wildlife:11723 rec.food.veg:78925 Instead of huntng Lions in California, let us declare open season on State SEN Tim Leslie, his family, everyone he holds near and dear, the Cattlemen's association and anyone else who feels that LIONS in California should be killed. I think it would be great to see ths slimeball, asshole, conservative moron hunted down and skinned and mounted for our viewing pleasure. I would rather see every right-wing nut like scumface Leslie destroyed in the name of politicl sport, then lose one mountain lion whose only fault is havng to live in a state with a fuck-ed up jerk like this shit-faced republican and his supporters. Pray for his death. Pray for all their deaths. ------------------------------ Date: Thu, 23 May 1996 11:04:50 -0700 From: Jim Warren Subject: File 5--Nat'l Jrnl article sez net-activism is just political hicks Tommorrow, Washington's politically-powerful National Journal reportedly will publish a know-nothing piece of "journalism" saying that net-aided politics is essentially nothing but a batch of ineffective, know-nothing nerds and back-water political hacks. Check it out on Friday or thereafter -- at www.politicsusa.com -- and forward your *informed* comments to the NJ's Editor and Letters Editor. --jim On the other hand, maybe we ought to just continue escalating our political effectiveness using the net, and let it come as a total shock to the Beltway insiders who trust this piece of misinformed blather ... when we provide more and more swing votes in contested elections -- as already occured with DeFoley8 against ex-Speaker Tom Foley, VTW for now-Senator Ron Wyden, me for now-available Calif legislative data, the gun BBS against ex-Calif Senate Prez Pro Tem David Roberti, etc. :-) ------------------------------ Date: Mon, 27 May 96 12:15 EST From: jordanh@iquest.net Subject: File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #8.39 ************************************ From TK0JUT2@MVS.CSO.NIU.EDU Wed May 29 15:14 CDT 1996 Return-Path: Received: from MVS.CSO.NIU.EDU by sun.soci.niu.edu (5.0/SMI-SVR4) id AA13631; Wed, 29 May 1996 15:14:33 -0500 Received: from MVS.CSO.NIU.EDU by MVS.CSO.NIU.EDU (IBM MVS SMTP V2R2.1) with BSMTP id 7881; Wed, 29 May 96 15:14:22 LCL Message-Id: <9605292014.AA13631@sun.soci.niu.edu> Date: Wed, 29 May 96 15:13 CDT To: CUDIGEST@SUN.soci.niu.edu From: Cu Digest (tk0jut2@mvs.cso.niu.edu) Subject: cud839.go Content-Type: text Content-Length: 37535 Status: RO X-Status: Computer underground Digest Sun May 26, 1996 Volume 8 : Issue 39 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #8.39 (Sun, May 26, 1996) File 1--The Civil Liberies On-line Circus File 2--Article #12 of France's proposed telecoms law File 3--University of Wisconsin/Madison hires cyber-police File 4--19 year old arrested for making terrorist threats File 5--Nat'l Jrnl article sez net-activism is just political hicks File 6--Cyber Sit-in File 7--(fwd fyi) Internet a Broadcast Media? File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: 23 May 96 04:00:19 EDT From: Lance Rose <72230.2044@CompuServe.COM> Subject: File 1--The Civil Liberies On-line Circus The Civil Liberties Online Circus: Why Bother with Real Life When We Can Yell About Heaven and Hell? Civil liberties groups are rallying the troops of good netizens against one absurd, banal evil after another. What are today's greatest hits? (1) The CDA, (2) the crypto software battles, and (3) the proposed NII copyright legislation. It's understandable that civil liberties groups have to yell louder. They need to combat the moves of powerful, well-connected industry and political groups. There's a sinking feeling, however, that they might be losing a little perspective amidst all their exhorting. Let's look at the 3 big battles mentioned above. 1. The CDA has been labeled some sort of showdown on the future of free speech on the Internet. Hey, check your calendar -- we're still in the prehistory of the digital era. It's a little early for showdowns when we're only learning how to crawl. The current CDA fight is just the latest battleground in a moral/legal debate that in the past half century has stretched from books, to comic books, to television, to telephone, to computer games, and now to online transmissions. This infinitely rewinding moral play may make for good drama for some, but the real action on online free speech -- where there is some prospect for defining rights, rather than the routine compromise between moralists and free speech advocates we will inevitably see play out in the CDA -- will be elsewhere. How deeply are CDA opponents getting lost in the hype? Check this out: One of their arguments against the CDA is that it wrongly seeks to impose the "indecency" standard from television -- a "pervasive" medium -- on the supposedly non-"pervasive" Internet. This is a creditable legal argument (though it begs the question on "pervasiveness" until the Su. Ct. gets its hands on the issue). Another of their arguments is that if an indecency standard is indeed applied to the Internet, it would be impossible to enforce meaningfully, and would shut down practically all speech. Whoa -- let's circle back to the top now. Isn't an indecency standard of some sort very much in place for television today? And isn't television a hugely popular mass medium, at the very center of U.S. and other societies? Seems these two arguments don't hang together, unless we all share some very damning assessments of the current TV system, which is not very likely. In other words, the anti-CDA position is not logically consistent -- it's just an all-out opposition to the CDA. That's fine, but let's at least recognize it for what it is, rather than a position derived axiomatically from bedrock-strong First Amendment first principles. Some litigators among us, round about now, might contend that good adversaries legitimately plead alternative theories, but that's my point. They're alternative theories, and fairly mutually exclusive, to boot. 2. On to the crypto battles. Will common netizens have the right to encrypt their messages without handing their encryption keys over to the government? Who knows, but there's lots of fighting going on, and more doomsaying predictions that we're battling over the deepest privacy questions ever. The feds want our crypto keys, and they've rolled out Clipper 3 now, just to show how belligerent they are about it. The civil liberties groups are running test cases, grass roots campaigns, cultivating politician champions and pursuing various other agendas in a truly all-out effort to save crypto for all of us. But what is crypto, really, but just an awkward way of hiding things? We're not talking about the underlying math, of course, designed by guys next to whose intellects most of us are just chimps in lab cages. Rather, what is crypto used for? It is used to hide a message right in someone else's face. It is like sticking a self-incriminating note in a physical capsule that is uncrackably hard and strong, then lobbing the capsule through the window of a police station to sit in the middle of the floor among a bunch of cops, powerless to open it up and figure out how to get the perp. Gee, is that really the best way to hide a message (given that the cops" first move will be to look outside for those responsible)? Or is it better to leave the cops blissfully unaware of the message's existence, or its true nature, so they never even get close to the point of having an encrypted message they're trying to crack? You probably get the point by now. Encryption rights are the brute force, crude wood cudgel approach to achieving message secrecy. Far more elegant and effective means of attaining secrecy exist today, and will be devised in the future. That's where the action will be after the dust has cleared on today's crypto rights battles, no matter who "wins" them. 3. The proposed "National Information Infrastructure" copyright legislation. There's a lot of fire and brimstone being spewed over this one, but who has really looked at the proposed law? There ain't much there. One part of the proposed law gives a copyright owner control over "transmissions" of works online. The opposing civil liberties people say this will make browsing on the Net illegal. What? If the online copyright proposal would make browsing on the Net illegal, then it's already illegal today. That's right. Copyright owners today control rights to make "copies" of their works. If you copy my text on your computer, even in RAM, you've made a copy of my work, and theoretically violated my copyright. Then why aren't copyright owners already suing everyone on the Internet? Because, first, the very way the Net works is by people putting up materials for others to browse. Second, enforcement against individual browsing users is nearly impossible. Third, browsing users have a very, very good argument that anyone who voluntarily places their materials into an online environment where it will be routinely and customarily browsed implicitly licenses such use of their materials. If the new proposal turns the current "copying" right into a so-called "transmission" right when it happens across a network, this is no more than a change in terminology. The same factors described above apply as much to "transmissions" involving browsing users as to "copying" involving browsing users. The other major part of the proposed law makes various efforts to hack copy protection schemes illegal. Why are some people concerned about this? Have you seen the Web lately? We're not exactly suffering an information shortage. Copy protection will take some stuff out of the public flow, but probably not a whole lot. What we do have right now are some very wary publishers, unwilling to make certain investments in online information unless they know they can protect it heavily if they feel a need to do so. We also have a bunch of hackers who are indeed ready to grab anything they can get their hands on, the more protected the better. So this part of the law calms the publishers down, tells them it's safe to go in the water. Does it really consign the Net to hell, as some civil liberties groups seem to think, merely to give some legal protection to copy protection devices? No. Here comes the part that you may find hard to believe: in all the battles mentioned above, I personally side with the civil liberties groups every single time. Then why the criticisms? It looks like these groups, with their admirable principles and agendas, are increasingly getting lost in hyperbole and losing important perspective. Frankly, the shrillness is beginning to hurt my ears. ------------------------------ Date: Thu, 23 May 1996 12:17:03 +0100 From: Jean-Bernard Condat Subject: File 2--Article #12 of France's proposed telecoms law Paris, May 23, 1996: There is an EC regulation called which applies to all EC countries. This restricts the use of cryptography in the context of weapons of mass destruction, but not for any other purpose. The UK also has an export licensing requirement which is similar in scope. France, on the other hand, has much wider restrictions. The EC regulation is "Dual-Use and Related Goods (Export Control) Regulations" and the UK is "Export of Goods (Control) Order". Attached is a message containing the pending French legislation, followed by some comments. I hope this is helpful to readers on both sides of the pond. [Tuesday, 07 May 96 08:30:54 EST, "jean-bernard condat" writte:] --------------- Art. 12 Article 28 of the Law No. 90-1170 dated December 29, 1990, on telecommunications regulation is hereby amended as follows: I - Section I is hereby amended as follows: 1) The first paragraph shall be completed by the following phrase: "Secret coding method denotes all materials or programs conceived or modified for the same purpose." 2) The second and third paragraphs are hereby replaced by the following provisions: "To preserve the interests of national defense and the internal or external security of the State, while permitting the protection of information and the development of secure communications and transactions, 1) the use of a secret coding method or service shall be: a) allowed freely: - if the secret coding method or service does not allow the assurance of confidentiality, particularly when it can only be used to authenticate a communication or ensure the integrity of the transmitted message; - or if the method or the service assures confidentiality and uses only coding conventions managed according to the procedures and by an organization approved under the conditions defined in Section II; b) subject to the authorization of the Prime Minister in other cases. 2) the supply, importation from countries not belonging to the European Community, and exportation of secret coding methods as well as services: a) shall require the prior authorization of the Prime Minister when they assure confidentiality; the authorization may require the supplier to reveal the identity of the purchaser; b) shall require declaration in other cases." 3) A decree sets the conditions under which the declarations are signed and the authorizations approved. This decree provides for: a) a simplified system of declaration or authorization for certain types of methods or services or for certain categories of users; b) the substitution of the declaration for the authorization, for transactions concerning secret coding methods or services whose technical characteristics or conditions of use, while justifying a certain attention being paid with regard to the aforementioned interests, do not require the prior authorization of these transactions; c) the waiver of all prior formalities for transactions concerning secret coding methods or services whose technical characteristics or conditions of use are such that the transactions are not capable of damaging the interests mentioned at the beginning of this paragraph. II - Section II is hereby replaced by the following provisions: "II - Organizations responsible for managing, on behalf of others, the coding conventions for secret coding methods or services that allow the assurance of confidentiality must be approved in advance by the Prime Minister. They are obligated to maintain professional confidentiality in the exercise of their approved activities. The approval shall specify the methods and services that they may use or supply. They shall be responsible to preserve the coding conventions that they manage. Within the framework of application of the Law No. 91-646 dated July 10, 1991, concerning the confidentiality of correspondence sent via telecommunications, and within the framework of investigations made under the rubric of Articles 53 et seq. and 75 et seq. of the Code of Criminal Procedure, they must release them to judicial authorities or to qualified authorities, or implement them according to their request. They must exercise their activities on domestic soil. A decree in the Council of State sets the conditions under which these organizations shall be approved, as well as the guarantees which the approval shall require; it specifies the procedures and the technical provisions allowing the enforcement of the obligations indicated above. III - a) Without prejudice to the application of the Customs Code, the fact of supplying, importing from a country not belonging to the European Community, or exporting, a secret coding method or service, without having obtained the prior authorization mentioned in I or in violation of the conditions of the granted approval, shall be punishable by six months imprisonment and a fine of FF 200,000. The fact of managing, on behalf of others, the coding conventions for secret coding methods or services that allow the assurance of confidentiality, without having obtained the approval mentioned in II or in violation of the conditions of this approval, shall be punishable by two years imprisonment and a fine of FF 300,000. The fact of supplying, importing from a country not belonging to the European Community, or exporting, a secret coding method or service, in order to facilitate the preparation or commission of a felony or misdemeanor, shall be punishable by three years imprisonment and a fine of FF 500,000. The attempt to commit the infractions mentioned in the preceding paragraphs shall be punishable by the same penalties. b) The natural persons guilty of the infractions mentioned under a) shall incur the complementary penalties provided for in Articles 131-19, 131-21, and 131-27, as well as, either indefinitely or for a period of five years or longer, the penalties provided for in Articles 131-33 and 131-34 of the Criminal Code. c) Judicial persons may be declared criminally responsible for the infractions defined in the first paragraph under the conditions provided for in Article 121-2 of the Criminal Code. The penalties incurred by judicial persons are: 1) the fine according to the modalities provided for by Article 131-38 of the Criminal Code; 2) the penalties mentioned in the Article L. 131-39 of the same code. The prohibition mentioned in 2) of this article L. 131-39 concerns activities, during the exercise of which, or on the occasion of the exercise of which, the infraction was committed." III - Section III becomes IV. Its last paragraph is hereby replaced by the following provisions: "The fact of refusing to supply information or documents, or of obstructing the progress of the investigations mentioned in this section IV, shall be punishable by six months imprisonment and a fine of FF 200,000." IV - Section IV becomes V. After the word "authorizations," the words "and declarations" are hereby inserted. V - A section VI is hereby added, formulated as follows: "VI - The provisions of this article shall not hinder the application of the Decree dated April 18, 1939, establishing the regulation of war materials, arms, and munitions, to those secret coding methods which are specially conceived or modified to allow or facilitate the use or manufacture of arms." VI - This article is applicable to overseas territories and to the territorial commonwealth of Mayotte. Copyright 1996 Steptoe & Johnson LLP Steptoe & Johnson LLP grants permission for the contents of this publication to be reproduced and distributed in full free of charge, provided that: (i) such reproduction and distribution is limited to educational and professional non-profit use only (and not for advertising or other use); (ii) the reproductions or distributions make no edits or changes in this publication; and (iii) all reproductions and distributions include the name of the author(s) and the copyright notice(s) included in the original publication. --------------- In trying to analyze the impact of the proposed law, I would note the following: Section I: Paragraph 1 (a), first bullet, seems to explicitly allow digital signatures, and does not require that the secret keys used for such purposes be escrowed. Paragraph 1 (a), second bullet, in combination with Section II, strongly hints at a requirement for key escrow. Conceivably, depending on the details of Law No 91-646 dated July 10, 1991 concerning the confidentiality of correspondence sent via telecommunications, the use of short keys that might expose information to unauthorized individuals (a la the IBM masked DES and Lotus Notes solution) might even be prohibited! Paragraph 1 (b) provides an escape clause for certain favored activities (and/or organizations?). Presumably international standards such as Visa/MasterCard's SET, which apply strong confidentiality to only certain data fields, notably the cardholders account number, would be permitted under this kind of an exception. Banking transactions and other sensitive information may also be excluded from the key escrow requirement, especially if (since) the Government could subpoena the bank's records directly. This is further borne out by paragraph 3, (a, b, and c). Paragraph 1 seems to apply to the use of encryption, as opposed to the supply, import, or export. However, unless such use is covered by Law No. 91-646, the proposed amendment does not seem to apply criminal or civil penalties to such use. Paragraph 2 is interesting, in that it differentiates between "supply" and "importing from countries not belonging to the European community". This may be a techni- cality of the European Community import/export laws -- perhaps importation from countries within the European Community no longer has any meaning, since such customs barriers were supposed to have been removed. I would interpret "supply" to include the offering for sale, or even distributing for free, such code, even by a French citizen. This would therefore appear to apply to the (re-)distribution of PGP and/or any home-grown French products, as well as any encryption products originating within the EC. If so, this would seem to be more even-handed with respect to imports from the US and elsewhere than might otherwise appear, and may obviate any claim that the law would violate the World Trade Organization's Most Favored Nation agreements. The apparent import preference for EC products simply reflect's France's obligation to allow the free flow of goods within the EC. Paragraph 3 seems to provide for some simplified administrative mechanisms that may be less onerous than a case by case review. IN US terms, this may be similar to requesting a commodity jurisdiction from Commerce, rather than having encryption being construed as following under the ITARs. If so, we should certainly investigate these options. Subparagraphs b and c may apply to the use of relatively short keys, or for transactions of limited scope, e.g., for SET. Section II defines conditions for establishing and approving escrow agencies. Given the requirement for "professional confidentiality", I would not be at all surprised if the civil law "notaires" didn't jump at the chance to get into this business. The requirement that they exercise their activities on French soil is rather obscure. The prior language doesn't explicitly say that anything about escrow, nor where the escrowed keys must be maintained -- it only talks about the management of coding conventions, and the requirement to comply with the requirements of the Code of Civil Procedure, which presumably requires that they divulge the keys and/or the text of any confidential messages upon demand by a proper authority. But a literal reading of the text would suggest that a standards organization that manages and preserves the coding conventions would have to carry out their activities on French soil, while the escrow repository might be elsewhere. Section III certainly makes it clear that they are serious about all this. The natural persons who have committed, or even attempted to commit acts in violation of the Act are subject to fines and imprisonment, and I would hazard a guess that the Articles 131-33 and 131-34 would debar them from participating in any future importing or exporting. Corporations (judicial persons) may be held criminally responsible for any infractions caused by their employees, and I would assume that Article 131-39 would also lead to a debarment for future import or export, in exactly the same manner as US export violations would. Section VI makes the Act applicable to overseas territories, which means that some of the more obscure areas and countries would also be covered, such as French Guiana, etc. Disclaimer: I am not a French attorney, nor someone who is at all knowledgeable about EC law. The preceding analysis should not be construed as any kind of an official position. Go get your own hired guns if you need advice! ------------------------------ Date: Thu, 23 May 1996 04:59:21 -0700 (PDT) From: Declan McCullagh Subject: File 3--University of Wisconsin/Madison hires cyber-police [Now _this_ is a disturbing turn of events, though I suppose it was inevitable. "Electronic recidivism rates?" --Declan] // declan@eff.org // I do not represent the EFF // declan@well.com // Chicago Tribune May 20, 1996 Monday, FINAL EDITION NEWS; Pg. 3; ZONE: M; In the Midwest. LENGTH: 317 words BYLINE: Compiled by David Elsner. DATELINE: MADISON, WISCONSIN BODY: The University of Wisconsin -Madison is planning to hire a computer cop to police the electronic traffic of its students and faculty. The "network investigator" would examine pranks, harassment, copyright infringement, software thievery and other computer system misuses and abuses, officials said. .................... UW-Madison is now advertising the full-time post. Officials envision an investigator who will track down, retrieve and restore offending electronic communication. The evidence would be turned over to university officials or police. Five years ago, relatively few students and faculty members had Internet access and electronic mail, or e-mail. Today, university officials handle 50,000 separate computer accounts, and a part-time investigator has not been able to keep up with the volume. During the spring semester, officials received an average of two to three complaints a week about computer abuses, said Susan Puntillo, of UW-Madison's Division of Information Technology. Years ago, warnings and reprimands generally sufficed. Even now, once chastised, few repeat their offense. Puntillo estimated electronic recidivism rates at less than 1 percent. .................... ------------------------------ Date: Sat, 25 May 1996 20:49:53 +0000 From: David Smith Subject: File 4--19 year old arrested for making terrorist threats The first quotation is an AP article excerpt about a college student arrested for making a terrorist threat via a Usenet post. The second excerpt is the text of the actually message in question. --- Excerpt 1 ---- NET THREAT IS TRACED TO STUDENT SACRAMENTO (AP) - An Internet message declaring an "open season" on state Sen. Tim Leslie because of the lawmaker's stance on mountain lions has been traced to a 19-year-old college student in El Paso, Texas, authorities say. Jose Eduardo Saavedra was arrested on a no-bail warrant based on felony charges filed in Sacramento alleging that he had made terrorist threats and threatened a public official, said El Paso County sheriff's Sgt. Don Marshall. The computer message posted March 6 read: "Let's hunt Sen. Tim Leslie for sport. ... I think it would be great" if he "were hunted down and skinned and mounted for our viewing pleasure." Leslie, who pushed for a ballot measure that would have removed special protections for mountain lions in California, expressed relief that an arrest had been made but said the incident raised "big new issues" about the use - and misuse - of the Internet. The Carnelian Bay Republican said it was a "very serious matter" when someone could "threaten or intimidate or extort others in a public forum like this." According to Al Locher of the Sacramento County district attorney's office, Saavedra was tracked down by investigators working on information from his Internet provider, Primenet of Arizona. ---end excerpt--- +++++++++++++++++++ --- Excerpt 2 --- Path--news.primenet.com!zuma From--Zuma Newsgroups: talk.environment,sci.environment,talk.politics.animals,rec.pets,ca.politics,rec .pets.cats,rec.animals.wildlife,rec.food.veg,alt.save-the-earth Subject--Re--Hunting Mountain Lions Followup-To: talk.environment,sci.environment,talk.politics.animals,rec.pets,ca.politics,rec .pets.cats,rec.animals.wildlife,rec.food.veg,alt.save-the-earth Date--6 Mar 1996 16:09:00 -0700 Organization--Primenet (602)395-1010 Lines--19 Sender--root@primenet.com Message-ID--<4hl5uc$6c4@nnrp1.news.primenet.com> References--<4e3573$105e@news.ccit.arizona.edu> <4e79n6$5a6@ixnews5.ix.netcom.com> <4e7lfe$bsg@ixnews7.ix.n <4g3pk3$7m0@cloner4.netcom.com> <4gnh1u$qur@oracle.damerica.net> X-Posted-By--zuma@usr3.primenet.com Xref--news.primenet.com talk.environment:58565 sci.environment:94565 talk.politics.animals:67399 rec.pets:57445 ca.politics:97674 rec.pets.cats:152834 rec.animals.wildlife:11723 rec.food.veg:78925 Instead of huntng Lions in California, let us declare open season on State SEN TIM LESLIE, his family, everyone he holds near and dear, the Cattlemen's association and anyone else who feels that LIONS in California should be killed. I think it would be great to see ths slimeball, asshole, conservative moron hunted down and skinned and mounted for our viewing pleasure. I would rather see every right-wing nut like scumface Leslie destroyed in the name of politicl sport, then lose one mountain lion whose only fault is havng to live in a state with a fuck-ed up jerk like this shit-faced republican and his supporters. Pray for his death. Pray for all their deaths. ------------------------------ Date: Thu, 23 May 1996 11:04:50 -0700 From: Jim Warren Subject: File 5--Nat'l Jrnl article sez net-activism is just political hicks Tommorrow, Washington's politically-powerful National Journal reportedly will publish a know-nothing piece of "journalism" saying that net-aided politics is essentially nothing but a batch of ineffective, know-nothing nerds and back-water political hacks. Check it out on Friday or thereafter -- at www.politicsusa.com -- and forward your *informed* comments to the NJ's Editor and Letters Editor. --jim On the other hand, maybe we ought to just continue escalating our political effectiveness using the net, and let it come as a total shock to the Beltway insiders who trust this piece of misinformed blather ... when we provide more and more swing votes in contested elections -- as already occured with DeFoley8 against ex-Speaker Tom Foley, VTW for now-Senator Ron Wyden, me for now-available Calif legislative data, the gun BBS against ex-Calif Senate Prez Pro Tem David Roberti, etc. :-) ------------------------------ Date: Mon, 27 May 96 12:15 EST From: jordanh@iquest.net Subject: File 8--Cu Digest Header Info (unchanged since 7 Apr, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #8.39 ************************************