**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.27 (Aug 9, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet) ARCHIVISTS: Bob Krause / Alex Smith USENET readers can currently receive CuD as alt.society.cu-digest. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. It is assumed that non-personal mail to the moderators may be reprinted, unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTENTS: File 1: Moderators' Corner File 2: From the Mailbag (Response to Neidorf article) File 3: Dr. Ripco Speaks Out File 4: SJG Gurps Cyberpunk ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------------------------------------------------------------------- ******************************************************************** *** CuD #1.27, File 1 of 4: Moderators' Comments *** ******************************************************************** Date: 9 August, 1990 From: Moderators Subject: Moderators' Corner ++++++++++ In this file: 1) TAP Address 2) Berserker BBS update 3) Len Rose Update +++++++++++++++++++++++++++++ TAP ADDRESS +++++++++++++++++++++++++++++ The TAP article in CuD 1.26 did not include an address. For those wishing to subscribe, the address is: TAP PO Box 20264 Louisville, KY 40250 +++++++++++++++++++++ Berserker BBS Update +++++++++++++++++++++ In a recent issue of CuD, we inquired about the status of Berserker BBS. We are informed that Berserker still operates, but the number was changed. Good news for Berserker fans. +++++++++++++++++ Len Rose Update +++++++++++++++++ We talked with Len Rose last night, and he indicates that his trial, scheduled for this month, will most likely be delayed until February, 1991. The counts against him resemble those of Craig Neidorf and the "Atlanta 3." We will provide a detailed summary of our conversation as well as a copy of the indictment in CuD 1.28 on Monday. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: 9 August, 1990 From: Moderators Subject: From the Mailbag (Response to Neidorf article) ******************************************************************** *** CuD #1.27: File 2 of 4: From the Mailbag *** ******************************************************************** Date: Thu, 9 Aug 90 10:01:01 -0500 From: Michael J. Hennebry Subject: Re: NEIDORF TRIAL OVER! GOVERNMENT DROPS ALL CHARGES! In article <10181@accuvax.nwu.edu> TK0JUT2%NIU.BITNET@uicvm.uic.edu writes: >Neidorf. Defense Attorney Sheldon Zenner said that Prosecutor Bill >Cook's decision was "in line with the highest standards of good >government and ethical conduct." .. The highest standard of good government and ethical conduct would not have allowed prosecution in the first place. If ethics had anything to do with the dismissal the other defendants would have had their "convictions" reversed. >.. Zenner said that the government could >have continued to the last and let the jury decide, but did the >honorable thing. Dropping charges is not the same as acquittal. Perhaps Cook is going to try again and will keep prosecuting and dropping charges until Neidorf runs out of money to defend himself. >Craig Neidorf was ecstatic about the decision, and feels vindicated. >He can now resume his studies, complete his degree, and seriously >consider law school. He *WILL NOT* resume publication of PHRACK! No doubt killing PHRACK was one of the prosecution's goals. >Zenner praised Bill Cook's decision to drop all charges, and added he >is not angry, but appreciative. Zenner also felt that the the efforts Zenner isn't Neidorf. Zenner isn't suffering from the effect of the prosecution. >There are those who have taken the Ed Meese line .. I'm one of them. >..and assumed that >Craig must have done *something* or the government wouldn't be >prosecuting him. .. I'm not one of them. What Meese said was that one who is not guilty is not a suspect. This is true. Neidorf is not guilty, therefore Neidorf was not a suspect, therefore Cook had no right to prosecute him, therefore Cook should be in prison for kidnapping. At the sentencing Neidorf should get to remind the judge that to commit his crime Cook used a deadly weapon, the federal criminal "justice" system. >it was claimed, couldn't respond because it had to protect Craig's >privacy and was required to sit in silence. One prosecutor even said Has government refusal to respond to defense supporters' questions about a prosecution *ever* been to the advantage of a defendant? >There is little cause for Craig's supporters to gloat, because the >emotional and financial toll on Craig and his family were substantial. That was part of the purpose of the prosecution. >Now, however, it is time to move on and address the lessons learned >from the experience. Some of the issues include how computerists can >be protected from overzealousness, .. They can't be protected. Nobody has any protection from overzealous or evil prosecutors. It's called prosecutorial immunity. Until we get rid of it we are at the mercy of folks like Cook, but prosecutorial immunity is forever. Neidorf won't get paid for what Cook has cost him. The only people involved in a persecution who get paid anything significant are those who participate voluntarily, and not all of them. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: 7 August, 1990 From: . Ripco (Bruce ?) Subject: Dr. Ripco Speaks Out ******************************************************************** *** CuD #1.27: File 3 of 4: Dr. Ripco Speaks out *** ******************************************************************** This document is being written to state my involvement with Operation Sundevil and the events that passed on May 8th of 1990. My name is Bruce Esquibel but most people in the modem world would know me better as Dr. Ripco, the sysop of the Ripco Bulletin Board in Chicago. Ripco operated since the winter of 1983 and preformed what I believe to be a good public service to the telecommunications world. Its label as a 'phreak and hacker' board was an incorrect statement which I lived with most of the time. Some content of the system was in fact dealing with that subject but I have always felt most of the information especially in the form of general files was nothing more than second hand news, traveling board to board. Neither the board or myself ever supported or was associated with formed hacker groups like the LOD or TKOS. In the years Ripco operated there were members from these groups at one time or another but only to establish accounts and rarely touched base or communicated with other users. The system was quite popular with it peaking at 701 users and averaging around 600 active at any one time. Daily it took in about 50 calls with this figure waxing and waning with the social seasonal changes of school schedules and holidays. The majority enjoyed the freedom of expression the system provided, not to figure out how to make a free phone call. Most of the activity was on the main message board which could be accessed by anyone, even those without validated accounts. The rest of the message bases Ripco had were more specialized in their subject matter but not too much more than what is found on other boards. Ripco's greatest claim to fame in my opinion was the general files. It seemed to attract new users like flies to honey. I don't think the reason for this was quality but in fact quantity. There was over 2500 of them, divided into 23 sections. Like the message bases only a minority of the files could be put into the hack/phreak class. Ripco operated with a bit of mystery to it. My personal involvement on the board was next to nill. Unlike other operators who rule their boards like a god, I decided long ago to let the people do what they wanted without getting in the way and give them the freedom to stand on their own two feet. This didn't mean the system was total anarchy, in fact many complimented on how well the system was structured. This unusual concept let some to believe the whole system was a setup and I was accused on several occasions of being a FBI sting board or associated with some kind of law enforcement. Adding to this was some argument over where the bbs was actually located. A few adventurous individuals attempted to track it down through the CNA bureau and ended up at a vacant storefront. The real explanation is a long story but it comes down to multiple screw-ups by Illinois Bell more than any deceptive practices on my part. This of course doesn't happen in real life thus the only people that can get a phone number for a fictitious address are 'feds'. At least now I can put that rumor to rest. On May 8th I was awakened at my home at 6:30a m by several Secret Service agents with a warrant for computers and telecommunications equipment. They also had a second warrant issued to the address where Ripco operated out of. Although there are better ways to start the day, this did not come as a real surprise to me. Since 1987 when Shadow Hawk made the papers with his $2.3 million software theft charges it occured to me that as more and more people are caught, if they even were remotly connected to Ripco, eventually something would turn up on my end. This could be considered the reasoning of a mad man but I have always felt that there was no illegal activity going on within the system and could defend it no matter how petty it was taken apart. To put it another way, Ripco's bark had a hell of a reputation but no bite. This was probably and still is true depending how you look at it. The warrants issued were only (!?!) seizure warrants issued to the addresses. There were no names on them and I was not arrested or charged by the Secret Service. This provided me some relief but since I didn't get to sleep till 4am that morning it was probably a lack of reasoning on my part. There were at least 5 agents that came to the house, but I think they had a few more around back in case of an escape attempt. Three of them stayed while two others drove me to the other location. The only question they asked before I left was it would be easier if I gave the location of any computers I had there to which the reply was 'none.' This later proved true since no items were taken, but they did spend about an hour looking through everything. I wish to point out that this was not a scene that would make good television. They didn't break down any doors, no one I observed had a gun drawn and overall they were pleasant in their mannerisms. This is not being said in defense of them but I always have been curious about the stories passed around where swat teams come down on a 16 year old for running a few MCI numbers. One interesting side note to you electronic phreaks out there is their radios, which probably use Motorolas digital voice protection circuitry trip every car alarm in the neighborhood when keyed. Several of the agents said this was normal and wished they didn't have this side effect. As I traveled with the agents to the other location I started to think what they were about to see and if anything was there that needed a fast explanation. The only thing that occured to me was three handguns I kept for personal protection. I informed the driver of this fact and he radioed ahead to let them know. He said matters like that isn't their concern but added they have to check with local law enforcement to see if I was in violation of city or state laws. When we arrived there was a sizable crowd waiting. Besides 5 or 6 more SS agents, there were a few others in suit and tie (the SS dresses casual) and at least one Chicago police car with a couple officers. The agents that escorted me there led me to a woman probably in her mid or late 20's. She apparently was the one in charge and gave me instructions on how we were going to enter the building. Before unlocking the front door she asked several times if any boobytraps were set either for them or the computers. I found this questioning amusing but was the only one smiling of the group. Unlocking the front door led to questions about where the guns were located and instructions on how to find them. I brought up the fact the alarm system had to be turned off and after a few attempts she managed to deactivate it. A different agent was sent in and recovered the weapons. As we entered the main room I was told not to touch anything but to point out the computer the board was run off of, which I did. The woman then introduced herself as Barbara and informed me of what I already knew, they were there to carry out a warrant and that it would probably take a while. She handed me a piece of paper which was the actual warrant and as I looked it over, a paragraph stated it was issued based on an attached affidavit, specifically pages 26-39 by a special agent Lawson. Asking where the attached affidavit was brought the reply "it was a closed document, I didn't have any rights to see it" and added 'its an on-going investigation'. I was then informed by her that I was not under arrest nor charged but they had to read the Miranda rights to me since any questions I answered could be used against me. Another agent said they did have questions but I did not have to answer them, could answer them with a lawyer present or even have a lawyer present and not answer them. He also pointed out that I could stop answering the questions at any time so I figured I'd agree to answer them since there wasn't all that much to hide anyway. Although an attempt was made to get comfortable within the building, the main area is full of junk collected over the years and the limited seating made things a bit crowded. We eventually ended up out back outside where the questioning took place. From this point on Barbara made few other comments and the bulk of the questions were handled by another young agent named Tim. The questions started with an apology by Tim saying there was someone who requested specific questions to be asked for a case study or something along those lines. He said they were fairly simple but was required to ask them. These questions were general in nature and read off a xerox sheet, mostly a list of phrases that were looking for definitions. What is a phreaker, hacker, know what a virus is, have you ever written or distributed one, etc. After this opening round of Q & A, he announced we were going on to more specific questions involving myself and the bulletin board. I don't really remember most of the questions but the subject dealt with my awareness that both credit card and long distance access codes were being passed through the system and what was on the hidden boards that normally wasn't part of standard access, and who had access to them. My answer to these led into the system maintenance and how I handled it. As far as the question about the codes went, I replied no I was not aware of that and he point out they had printouts proving they were. Of course it crossed my mind that if they already had soild proof, why bother to ask the questions. I wish to publicly state that this type of information was posted from time to time but I did not lie to the question. Regular users of the board were aware that long ago I made clear the system policy on this matter. Long distance codes along with credit card information was not allowed to exist on the system. I felt that any specific information left that could lead to direct fraud was not welcome and would be removed and persons who repeated violating this themselves would be removed from the system also. To clarify the phrase 'specific information' to the readers of this file I wish to explain my position on how I considered board policy on messages. It is no secret that many of the posts of board 5 (fone phun) either solicited for the need of or said they had and would share such information. I never considered this wrongful for a number of reasons. The primary one would be most people on there were blowing smoke as far as really knowing anything either fraudulent or important. Few people outside the bbs community realize that in many areas both status and ego are wrongfully important factors to others within the modem society. Many people who wish to raise their status will often come up with outlandish claims in an attempt to convince others he or she is an expert on one matter or another. Any attempt to suppress this act I felt would of damaged Ripco's open door policy since people do have to start somewhere and eventually learn their peers will catch on fast if someone is pulling a bluff. Thus this type of activity was tolerated but the line was crossed if anyone attempted to really do it. For example if a message contained something like 'just dial 1-800-555-1212 and punch in 123456 at the tone', the entire message was removed or in more cases re-edited especially if other parts were about non-related matters. Returning to the questioning, the above was explained as such but not as a whole. If in fact they did have printouts of such activity, I suggested an explanation which covered the maintenance aspect of the board. Basically Ripco operated itself with my chores limited to validating new users and updating the general files. Once every morning the messages left since my last check-in were read. The removal/re-edit if needed was applied at this time. Considering this occured daily around noon, a message posted let's say at 3:00pm the preceding day was in existence for nearly 21 hours before it got my approval or disapproval. Thus I pointed out that in theory they could have a printout of something but if checked the following day, it should have been removed. This was not second questioned by them and they seemed content with it. As far as the hidden boards went, there were two as most of the system users knew but were not really active. Board 9 to the best memory serves me was completely non-existant. Although it was used in the past for various things, after one of many hard drives crashes it bit the big one and was not in service. The message file required to use it was not there and I believe there was even a line in the program that reset the security bit of people that did have access in the past so they couldn't accidently enter causing a 'file not found' error. Board 10 was active but fewer than 6 people could claim to access it. Originally it was set up when an attempt was made on my part to collect a few bucks to keep the system running back in 1985. It contained few messages and would only gain 5 or 6 more a year. Questioning from this point on was more broad in nature, jumping from subject to subject. Items like the anarchy files which were made up in part of bomb construction articles were deemed 'wrong' by them and I defended by saying such information could be gathered from numerous public sources. They still insisted it was 'wrong' and shouldn't have been made available. One fact that arose well into our chat is that it became obvious that besides Tim who seemed to know little besides a few buzzwords, none of those here really had an understanding of computers or much else as far as a technical background went. Another agent even admitted later that they were only here to serve the warrant, as far as what was really going on with the investigation and who or what was involved, they didn't know. Any questions I attempted to ask them were generally not answered and the ultimate question of 'why me?' was given the reply 'catch the evening news, this is happening right now all over the country, should make some good headlines.' Even the simple question of what's next, where does the stuff end up needed a short conference among them and they decided on the following: after its boxed up downtown, it's shipped to Washington to a department called 'diagnostics'. Tim appeared to be the only one with knowledge of this because one of the other agents asked him 'who runs that?'. Tim explained to him that it was part of the SS and was started a couple years ago. The other agent just shrugged his shoulders. To put some people fears to rest, there wasn't much else going on. I expected they were going to ask me about certain individuals or if I knew anything else going on, but they didn't. Even subjects like PHRACK and the LOD were only touched upon, no specific questions were asked or answered. They seemed pleased to find a catalog printout of the general file section with the PHRACK issues but considering anyone with a valid account had access to the actual files, this didn't seem to make sense to me. After a couple hours of this with many lulls in the questioning they asked if I would sign a statement saying basically everything I said was true and I did because it was. The only other thing they wanted in the statement was that I was in fact the operator and did make an attempt to keep the board clean on a daily basis. Makes me wonder now what that could be twisted into later down the line. In all they were here for about 6 hours. In that time I learned little on what was going on. One of the agents said there were 2 representatives from AT&T present but didn't know why, saying they just had instructions to pick them up this morning before they came and got me. My gut feeling was the code/credit card numbers that much of the conversation was based on. Drawing to the end they informed me the warrant was completed, led me back inside after taking a few snapshots of your truly and handed me a receipt of what they took. Annoying in the first place them being there, the first thing that caught my eye was both my personal Macintoshes were on the list along with the related hardware including a 940 meg worm drive and laser printer. Laser printer? Maybe if you could pick it up and throw it at someone it could be considered a lethal weapon but what else? Ripco operated on an Apple //e and had no connections to the macs besides being near them which apparently is the way they determined what stayed and what went. My guess is that after examining the rats nest of wiring that existed around the 3 computers, they figured anything plugged into the power strip must have been tied in with each other somehow. An IBM 386 clone and an Apple //gs sat on the floor only a couple feet away but were untouched. Other items taken included a 1955 Western Electric model D500 phone, any personal phone books including a copy of the Chicago White Pages and several pictures and cartoons I had hanging on the wall. This also included a picture of a hooker spread eagle from a bachelor party and a picture of Charles Manson clipped from some tabloid because it bore a resemblance to me. All disks if not in a sealed box (probably around 3000) were also taken along with paperwork found in various areas. These items were only listed as 'misc.' and not broken down on the receipt. I was cut loose only momentarily since an officer from the Chicago Police Department replaced the many people running in and out during the morning hours. He asked if the guns turned over to him were registered with the city, which they weren't because you can't, so I was charged with a misdemeanor, failure to register a firearm. A slight explanation about this: back when Jane Byrne was mayor, she wanted to outlaw handguns altogether. Some suburbs of Chicago tried this and met with resistance from the NRA and feared long court battles. So they offered an a grace period to get people who already had them to register them, but at a cut off date, handguns could no longer be registered. Thus anyone getting caught with a handgun after this did not face an illegal weapons charge, only the failure to register even though someone who registered prior is safe. It ends up going to court, having the weapons destroyed and getting 6 months supervision with no conviction on the books. This was the outcome of that situation. At least that story had an ending. As far as what is going between me and the Secret Service, I don't really know or have a clue. At this writing it has been nearly 3 months and I haven't heard a word from them. Everything is just speculation on my part since it seems the matter is being kept under wraps. Even the names of the others involved on that day were not released. I don't know if those other people were system operators or users. One agent said you'll probably hear from us in 6-8 months while another was not so optimistic and said it would probably take years adding later that it's a good chance I'll be in my 50's, married with children before I knew what happened. In the time shortly after the seizure I talked to several lawyers to at least get some opinions on what to do next. Without being charged it seems very little can be done. My only options are 1) sit back and relax, wait till they do something or 2) file a lawsuit to get the stuff back. All the attorneys brought up the suit idea but only one suggested it wasn't really a good way to go. Based on what they took as far as value goes, the preliminary costs would be about half with it approaching double if it has to go to court and heard in front of a jury. It appears the best outcome is to get the stuff back, you can't claim damages or get your court fees back when it comes to the federal government. One point I want to make clear is under a seizure warrant, all material taken is forfeited to the government. It doesn't seem like a situation where they have to give it back after examination. They have according to what little I could find on the subject, 5 years from the date of the warrant to set up an indictment. Even if no indictment is made, they don't necessarily have to return it. It can either be used for internal use or put up at auction. There was an article in Unix Today where an agent seemed to indicate the material is returned but I haven't found any support of this policy. My opinion on all of this is basic. The government came in, took my personal property to determine if there was any wrong doing somewhere. It seems like a case of being guilty and proving yourself innocent. Or in another light, them thinking there was wrong doing and getting the stuff to make sure. Either way its just not right. Although I have no desire to battle this in court on my own, it seems to be there should have been a charge for something, even if it was minor, with other stuff being added later if needed. At least it would beat this nazi/gestapo tactic of secrecy. Is Ripco's involvement with credit cards and access codes the real basis? Does the distribution of PHRACK play a part in it? What if they were investigating someone on the board and felt there was information that would help them? Did they ever think of knocking on the door first? If it was someone else they were after, should I be the one getting penalized? Does the first amendment come into play at all? Even though I am free to open another board at this time if I choose, why isn't a newspapers printing press taken when a reporter refuses to name his sources about a sensitive story? I don't have the answer to any of these questions. Even if I did, they might be the wrong questions in the first place. One opinion put forth by several people is that putting the board out of business could be all they wanted. Its possible if any one piece of information contained within Ripco was used in assisting someone to commit a crime, it could be all they needed. Maybe they looked at Ripco as a pain in the ass since the beginning but couldn't get rid of it any other way. In closing I'd like to point out that this is not a black and white issue reguardless of anyone's opinion. There were many who hated the board, thought it was trash and would of liked to see it removed for good. Well they got their wish but consider the circumstances of what happened. No reason given, none to offer. Think about that next time you sign on to your favorite system and see a message about someone selling a used computer or hard drive. If that item is by chance stolen merchandise, can the operator lose his computer because it aided someone to fence? Based on what happened to me up to this point, its only one step away. I am not a hacker, phreaker, have anything to do with credit cards or manufactured explosives. Until the weapons charge I never had been arrested and even my driving record has been clean since 1978. 1984 arrived a bit late but there is no doubt to me its here. Thanks again to everyone that supported the board and there is always the possibility another Ripco will appear. You just never know. ******************************************************************** >> END OF THIS FILE << *************************************************************************** ------------------------------ Date: Sat, 4 Aug 90 17:08:34 CDT From: "J. Eric Townsend" Subject: SJG Gurps Cyberpunk ******************************************************************** *** CuD #1.27: File 4 of 4: Another Gurps Review *** ******************************************************************** Here is a text file I wrote when SJG Gurps Cyberpunk was first released. Well, I rushed out and bought GURPS Cyberpunk, in the hopes that my money will help SJG with legal fees. (Plus, I collect game stuff.) On the front cover, in the SJG Illuminatus logo, it says: "The book that was seized by the U.S. Secret Service! (see p. 4)" Anyway... (Assuming I know *nothing* about cracking/phreaking. I won't comment on my real knowledge.) The following is a summary of text from the GURPS Cyberpunk supplement, with a few direct quotes. How Much Hacking Can I Do Based on the C-word manual: (From the section entitled "Netrunning".) 0. People use handles to hide their real identity (p62). 1. You can use sensitive devices to listen in on the signals being sent to a computer monitor, and redisplay the image on your own screen (p62). 2. General info on ISDN. (p64-65) 3. Computer accounts can come in various levels, from specialty logins (uucp) to "superuser" who has access to everything. Some programs can give you a higher level of access, equivalent to a "better" account (p68). 4. General info on back doors (p69). 5. General info on chat systems (p69). 6. A list of network names from around the world. No clues as to which are real. For the US, the following are listed: WUT, UDTS 2, Datel I & II, Telenet, Tymnet, ARPAnet, Infomaster, GraphNet, TRT, FTCC, UniNet, Autonet, CompuServe, GENIE, AlaskaNet, JANET, Internet (p 71). 7. Passwords can be really obvious, or hard to remember random text strings (p 72). 8. A program could possibly cause physical damage (p 72). 9. General Phreaking Info: - Diverters: go through a bunch of systems so that tracing takes a long time; - Junction Boxing: Just go down to the local junction box and tie in (p 76). 10. Lots of networks use different protocols that are sometimes incompatible (p 77). 11. Ma Bell stuff: - Existence of CN/A, and that Ma Bell can look you up in any way; - Line Routing: "With access to the main phone switch computer, a hacker can control everything about a specific phone line."; - Monitoring: a person could monitor calls with the right access; - After Billing: A person could change bills; (p 82). 12. Trashing: Go through somebody's trash to find out all sorts of interesting info about their computing equipment (p 86,87). (13 and 14 are from the section "Attack and Defense Programs". The programs are obviously s-f software, but...): 13. Promote: "This program is executed from a normal user account on a system. If successful, the account is 'upgraded' to a superuser account." 14. Webster: "This is the standard icebreaker for use against Password programs (see p 93.). It acts as an extremely fast 'brute-force' hacker." (p 92). 15. Credcard Crime: A false balance could be entered in an account. A device could be used to access somebody else's card without having the correct password to get into the credcard (p 105). [note: a credcard is a self-contained debit card that can have anything from a password to retina scan protection.] And, um, that's about it. Now that you've read that, you know how to break into computer systems and do phone phreaking... 1/2 :-) --J. Eric Townsend -- University of Houston Dept. of Mathematics (713) 749-2120 ******************************************************************** ------------------------------ **END OF CuD #1.27** ********************************************************************