Computer underground Digest Wed Mar 4, 1998 Volume 10 : Issue 16 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.16 (Wed, Mar 4, 1998) File 1--Renewed Federal and State attempts to censor Internet File 2--In re CyberSitter (CuD 10.14) File 3--Article by Allen Smith File 4--"Internet Besieged: Countering Cyberspace Scofflaws", Dorothy E. File 5--cj#781> *ALERT* Internet Vulnerability * COUNTERMEASURES * File 6--1998-02-04 Executive Order on Year 2000 Conversion (fwd) File 7--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Fri, 13 Feb 1998 18:19:02 -0500 (EST) From: owner-cyber-liberties@aclu.org Subject: File *&*--Renewed Federal and State attempts to censor Internet Source - ACLU Cyber-Liberties Update February 16, 1998 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Internet Censorship Legislation Takes Center Stage Again in Senate Acting less than a year after the Supreme Court delivered a passionate defense of free speech on the Internet in Reno v. ACLU, a Senate committee held a hearing on Internet indecency this week where Senators John McCain (R-AZ) and Dan Coats (R-IN) called for support for two bills that seek to regulate content and control access to sensitive or controversial information on the Internet. Commerce Committee Chairman McCain formally introduced legislation on Monday that would require schools and libraries to block "indecent" Internet sites or lose federal funds for online programs. In defending his proposal, McCain said that people should give up some of their civil liberties to prevent the dissemination of harmful material on the Net. Senator Coats, who sponsored the ill-fated Communications Decency Act that was held unconstitutional last year, also called for support on a bill he introduced in November that would punish commercial online distributors of material deemed "harmful to minors" with up to six months in jail and a $50,000 fine. The ACLU said that, if adopted, both bills would almost certainly face a court challenge and would likely face the same fate as the Communications Decency Act, which was unanimously overturned by the Supreme Court last June. In a letter to members of the Commerce Committee, ACLU Legislative Counsel Gregory T. Nojeim said that the ACLU recognizes the "deeply felt concerns of many parents about the potential abuse of information on the Internet." But, he said, the ACLU strongly believes that individual Internet users must be given the right to access information and parents should not abdicate responsibility to the government for determining which information their children can see. Under the Coats proposal, which was introduced last November, criminal penalties could be leveled against "distributors," a designation that could include the virtual bookstore amazon.com or a promotional site for a Hollywood movie, as well as Internet Service Providers such as Microsoft and America Online. And unlike the CDA, the Coats statute would apply only to web sites, not to chat rooms, e-mail or news groups. The new McCain legislation threatens speech in a completely different way by cutting off federal funds to schools that do not implement restrictive Internet access policies. Such a plan, the ACLU said, would mean that teachers could not assign Internet research on subjects such as female genital mutilation or the history of the Roe v. Wade abortion rights case -- information that is typically blocked when filters are installed, and that is otherwise available on the shelves of school and public libraries. The ACLU, along with other members of the Internet Free Expression Alliance, (IFEA), which the ACLU co-founded, also submitted letters objecting to online censorship efforts. Letters by Feminists for Free Expression, Electronic Frontier Foundation, Electronic Privacy Information Center (EPIC) and the National Coalition Against Censorship are available online at the IFEA home page, at The ACLU and IFEA plan to fight the passage of both the McCain and Coats bills. The ACLU's letter to the Commerce Committee can be found at: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ New Mexico, Illinois, Rhode Island, Tennessee Consider Broad State Internet Regulations Despite the Supreme Court ruling in Reno v. ACLU, which granted the highest level of First Amendment protection to the Internet, states are busy crafting online censorship laws. At least 13 states have passed laws since 1995, and several others are considering such bills. Some particularly troublesome state legislation include recently introduced bills in Tennessee, Rhode Island, New Mexico, and Illinois. The bills are briefly described below: Tennessee: HB 3353, SB 3329, introduced 2/5/98. Calls on the US Congress to create a domain code for adult oriented sites, to facilitate users, Internet Service Providers and software developers to manage the problem of uncontrolled access to obscenity, child pornography and other adult oriented materials via the Internet. The bill also includes the following: requires the creation of rules governing use of state computers and sanctions for misuses; requires public schools and libraries that operate computers with Internet access to use software to block material, including, pornography, obscentiy and other material harmful to minors; imposes criminal liability on librarians, teachers, or any other administrator who knowingly fails to comply with restrictions; makes Internet Service Providers (ISPs) that provide services to Tennessee residents criminally liable for any distribution, including by third parties, of any harmful material. Rhode Island: GA Bill 11-9-21, introduced 1/98. Criminalizes the use of computers for immoral and illegal purposes involving children. Every person who, by means of computer, knowingly compiles, enters, transmits, makes, prints, publishes, reproduces, causes, allows, buys, sells, receives, exchanges, or disseminates any notice, statement, advertisement, or minors name... for the purposes engaging, facilitating, encouraging, offering, or soliciting unlawful, sexual conduct and/or any felony or misdemeanor shall be guilty of a felony.... (emphasis added) New Mexico: Senate Bill to amend 30-37-1, introduced 1/98. Criminalizes the transmission of indecent material to minors and requires the use of a mechanism such as labeling, segregation or other means that enables the indecent material to be automatically blocked or screened by software or other capability reasonably available... Illinois: HB 2558, introduced 1/27/98. Criminalizes the transmission of harmful material to minors. For more information about other state measures to regulate the Internet, read the ACLU guide to online censorship in the states, Speech in America, ACLU in Brief, available by calling 1-800-775-ACLU. ============== About Cyber-Liberties Update: ACLU Cyber-Liberties Update Editor: A. Cassidy Sehgal (csehgal@aclu.org) American Civil Liberties Union National Office 125 Broad Street, New York, New York 10004 The Update is a bi-weekly e-zine on cyber-liberties cases and controversies at the state and federal level. Questions or comments about the Update should be sent to Cassidy Sehgal at csehgal@aclu.org. Past issues are archived at To subscribe to the ACLU Cyber-Liberties Update, send a message to majordomo@aclu.org with "subscribe Cyber-Liberties" in the body of your message. To terminate your subscription, send a message to majordomo@aclu.org with "unsubscribe Cyber-Liberties" in the body. ------------------------------ Date: Fri, 27 Feb 1998 20:15:00 -0700 From: Doc Holiday Subject: File *&*--In re CyberSitter (CuD 10.14) >From--"Robert J. Woodhead (AnimEigo)" >Subject--File 3--Hacking Cybersitter (Cu Digest, #10.12, Wed 18 Feb 98) > >>Date--Tue, 17 Feb 98 15:04 EST >>From-- Michael Gersten >>Subject--File 5--Re--Cu Digest, #10.11, More on CyberSitter >> >>Programs like cybersitter, however, do not work that way. You cannot >>tell ahead of time what they will block; often there is no way to >>tell that your site is blocked. Although they claim to do it to >>protect children from "unsuitable" material, that definition is >>arbitrary, and often includes web pages that oppose such software, >>or in some cases, any page hosted on the same site as one "unsuitable" >>page. > >I've never played with cybersitter or similar programs, but it should be >relatively trivial to write a program that emulates a browser and sends, >say, every URL on Yahoo (it is trivial to write a spider to collect these) >through the censorware, to determine what they are blocking. The question is, why should we have to work to get around Brian Milburn's censorship, (or should I say Focus on the Family, to think I used to be intimately involved with them?)? You and I may be able to create an application that could send CyberSitter every URL listed on Yahoo, but the average parent can't and doesn't want to. The average parent should be able to pick and choose what is blocked -- if they choose to block anything. As usual, in this type of debate, the fact that a child who is supervised while using the Internet by their parent has the best "filter" of all installed is never mentioned. No offense to anyone else out there, but it is beginning to seem -- with this filterware debate -- that I spend more time supervising my dog, Lady Joyous of Shasta, CD (Golden Retriever, the 'CD' means 'companion dog' and is a result of winning obedience trials), than they do supervising their kids. > >Similarly, it would be trivial to build a site that returns pages with >subsets of every word in a large dictionary, so one could binary-chop and >determine what words are red-flagged. > >The beauty of such a hack, of course, would be that one would not be >cracking their encryption or hacking their program, but merely asking it to >do what it was designed to do, and noting the responses. This all seems like too much work. The persons who are able to do this, won't want to take the time to do it, because they won't buy into Milburn's tripe and the others, well, unfortunately, they will probably buy his tripe and be none the wiser. By the way, I am still not convinced that breaking the weak encryption on CyberSitter's software for your own information would be illegal, either criminally or tortiously. ------------------------------ Date: Wed, 25 Feb 1998 14:19:00 -0700 From: "Moore, Mike W" Subject: File *&*--Article by Allen Smith I have been a reader of CuD for a few years now and have occaisionally felt an urge to respond but never stronger than when I read this article: Date--Thu, 19 Feb 1998 23:07:31 -0500 From--Allen Smith >Regarding the various censorware programs... everyone seems to be >making the assumption that parents _do_ have the right to censor >what their children see. But is this truly the case, in ethics if >not in law? If I don't have the right to control and monitor the information my children receive, than who does? The guvmint? No one? >We do not allow parents to keep their children from getting an >education. We do not allow this even though that education can lead >to those children learning things that will cause them to disagree >with their parents. Parents do not have the right to keep their children from an education but with things like the PTA and school board meetings we do have some control on the content of that education. > We do not allow this even though that education >can lead to those children learning things that will shock them - >such as about war. War is a fact and cannot be hidden, however are you going to show photos of Aushwitz to a 3rd grade class or pictures of liberated villages whose people are glad that some one stood up to fight when it was necessary. Showing a little child pictures of horror will not end wars in the future but it will frighted, shock, and disturb him. Is this the way we want our small children to feel? I don't and will do everything I can to block such sights from them until I think they're ready. >The same is true of other controversial topics, such as ones >regarding violence. While there is some evidence (and much evidence >against it) that viewing violence results in increased aggression, >whether this is a problem depends on in what situations and against >whom that aggression emerges. Violence is a fact of life but it is my job as a parent to protect my children from violence as long as I can. I fail to see how teaching self-defence to an eight year old can protect them from violence from an adult. I must and do teach my kids what they can do in a bad situation, but I also try to teach them that in many instances violence is not as ubiquitious as the media portrays. I don't hide the fact of violence and hate from them but if I left it up to them to learn on their own, would they not learn that it is unavoidable, everyone is evil, and they can do nothing to escape it? Wouldn't it be more traumatic for my kids to live paranoid and afraid? Because of the sensational nature of the really heinous crimes, might they not think they are more prevelant then they actually are? Of course I'm going to keep some of this from my kids until I, no one else, decide that they are ready to handle it. >Yes, as a previous poster said, a 10-year-old searching for >information under "American Girl" may see things that will remain >with that child for the rest of his or her life. But there is no >evidence that this harms the child; there are a _lot_ of things that >remain with people throughout their lives. Parents have the >opportunity to do a lot of things that have this characteristic; >should they be able to shut children off from others doing the same, >if no harm is done to the child? Maybe this stuff will do no permanent harm but they can be confusing to a child without the maturity to handle it. The little folks have enough problems living in the big folks world as it is. So I will keep things from my kids that I don't think they are ready for. It boils down to a matter of values, not the PC "Family Values" that are being touted but the values that I've learned over the years and have put into my own life. I will try to instill those values in my children until such time as they are ready to develop their own. And I will do it by "censorship" if I think that is the way it should be done. ------------------------------ Date: Fri, 20 Feb 1998 08:28:41 -0800 From: To: slade@victoria.tc.ca Subject: File *&*--"Internet Besieged: Countering Cyberspace Scofflaws", Dorothy E. BKINBSGD.RVW 971120 "Internet Besieged: Countering Cyberspace Scofflaws", Dorothy E. Denning/Peter J. Denning, 1998, 0-201-30820-7 %A Dorothy E. Denning denning@cs.georgetown.edu %A Peter J. Denning %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 1998 %G 0-201-30820-7 %I Addison-Wesley Publishing Co. %O 416-447-5101 fax: 416-443-0948 800-822-6339 617-944-3700 %O Fax: (617) 944-7273 bkexpress@aw.com %P 547 p. %T "Internet Besieged: Countering Cyberspace Scofflaws" As with the earlier "Computers Under Attack" (cf. BKDENING.RVW), this book is a collection of papers related to the titular topic. This text is not just an updating of the earlier work, although some of the same papers appear, having been revised and updated. It is also more narrowly focussed, with sections discussing the worldwide network, Internet security, cryptography, secure electronic commerce, and finally dealing with law, policy, and education. The anthology style is well suited to a constantly changing and still emergent field. Under the scope of the worldwide network, there is an initial review of the history of the net by Peter Denning. Dorothy Denning follows up with an overview of system security breaking methods over networks. (While it is a fine and readable piece of work, the essay is not quite as riveting as the interview with a system cracker in "Computer Under Attack.") As usual, the most interesting papers deal with real case studies, such as the attack on Rome Labs. Peter Neumann's brief piece on the RISKS-FORUM archives indicates the value that the net can be in protecting itself, since RISKS acts as a kind of repository memory of attacks and weaknesses. The even briefer article on securing the information infrastructure is a kind of call to arms to pay attention to security in important control systems. Part one is finished off with Eugene Spafford's computer virus paper; by now the classic short work in the field. Part two, specifically looking at Internet security, starts with another case study; that of the Berferd attack on Bell Labs. This is followed by an overview of network security threats and protective tools. Two articles look at specific types of assaults: "sniffing", which works because of the broadcast nature of many means of media access, and "spoofing", which works because of the automatic configuration and repair protocols intended to provide reliability. An overview of password use looks primarily at technologies to make password cracking more difficult. Four security tools are introduced, a GPS (Global Positioning System) based authentication scheme, Tripwire, DIDS (Distributed Intrusion Detection System), and SATAN (Security Administrator Tool for Analyzing Networks). Java security also gets a thorough examination. The section on cryptography starts with the development of the Data Encryption Standard. (It is indicative of the rate of change in this field that the following article, looking at the breaking of two recent cryptographic systems, doesn't cover the cracking of DES. The book was published just before that happened.) There is a detailed essay on the Internet Privacy Enhanced Mail (PEM) protocol, and a more conceptual paper on authentication for distributed networks. There is also a taxonomy, or method of classifying, for key recovery encryption systems. Security of electronic commerce covers electronic commerce itself, atomicity in electronic commerce (which determines the general usefulness of a system), another overview of Internet security vulnerabilities, digital forms of money and cash, ad identify misuse and fraud. The final part looks at social issues. The law enforcement in cyberspace address, coming as it does from a US federal agency, is unsurprising in its call for key escrow. Dorothy Denning follows up with a more reasoned review of the market forces. Bruce Sterling gets two cracks at computers and privacy. Eugene Spafford gets the hardest job--looking at computer ethics--and does a decent and practical job. There are two examples of use policies from universities, and a final, very interesting, article on the inclusion of data security topics and activities in the teaching of computer science concepts (rather than the other way around). Even within this limited frame of reference, the book cannot be exhaustive. When you start to consider the gaps that are missing, like the international nature of many activities that make them essentially immune to legal remedies, you also find that whole fronts of the Internet siege are unmentioned, or only tangentially referred to. Spam, fraudulent scams, and chain letters claim many more victims than do system crackers. Still, this work is both interesting and valuable. It should be of particular use to the student or teacher of data security, although there is much to hold the attention of any interested individual. copyright Robert M. Slade, 1997 BKINBSGD.RVW 971120 ------------------------------ Date: Mon, 23 Feb 1998 21:22:15 GMT From: "Richard K. Moore" Subject: File *&*--cj#781> *ALERT* Internet Vulnerability * COUNTERMEASURES * Dear netizens, Are you fully aware of how extremely fragile and vulnerable are Internet infrastructures such as this list? Did you know that any Internet server (eg, "@sun.soci.niu.edu" or "@cpsr.org" or "@weber.ucsd.edu") can be taken off the air at any time with no warning by a "mailbomb" attack? ...that your personal email address and web site can be incapacitated in the same way? ...and that there is no effective way to prevent such an attack nor to defend against it? Did you know such an attack can be conveniently mounted by any sizable group of people who have an ideological axe to grind, or by a smaller group with only minimal software support (to automatically generate thousands of pseudo messages)? ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~ ~-=-=-=-=-=-=~THE DANGER IS REAL~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=-=-=~ A successful attack of this kind was carried out last Summer against IGC (Insitute for Global Communications), and IGC was promptly forced to close down a Basque-related web site that a Spanish citizens' group had deemed to be objectionable. Phil Agre (RRE news service) published the first announcemnt of the event that came to my attention: ~=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=~ | Date--Thu, 17 Jul 1997 15:34:17 -0700 (PDT) | From--Maureen Mason | Subject--IGC censored by mailbombers | | Hi Phil, | | [...] | | We host a site (http://www.igc.org/ehj) for a US group supporting Basque | independence in Spain and France, and have gotten protest letters over the | past 4 months saying that the site "suppports terrorism" because a section | of it contains material on ETA, an armed group somewhat like the IRA in | Northern Ireland, at http://www.igc.org/ehj/html/eta.html (the rest of the | site includes material on human rights, politics, other Basque | independence groups and hyperlinks to site with opposing views). | | But now the protest--fueled by ETA's kidnapping and killing of a | Spanish politician this month--has turned into a serious | "mailbombing" campaign against that is threatening to bring our | servers to a halt. We are also getting hundreds of legitimate | protest messages, which we can handle. What is damaging us is | thousands of anonymous hits to our mail servers from hundreds of | different mail relays, with bogus return addresses; there's not | much we can do about these short of blocking access from hundreds | of mail servers as new sources of mailbombings appear. | | Our other email users (we have 13,000 members) are having their | mail tied up or can't reach it, and our support lines are tied | up with people who can't access their mail. | -=-=-=-=-=-=~--~=-=-=-=-=-=- | ~=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=~ Shortly after this posting, IGC (a "progressive" non-profit service-provider) submitted to the demands of the attack and took down the Basque-independence site. The mailbombing then ceased. The attack was not only successful, but it was very selective (a surgical strike on IGC) - there was no general disruption of the net, minimal collateral opposition was generated, and media and officaldom simply ignored the episode (as far as I know). If it had been an attack on some corporate-operated server, and it had disrupted financial transactions, one could well imagine headlines about "net terrorism" and perhaps prompt legislation to "crack down" on "excessive" net freedoms. (Notice how we lose either way if such attacks become more prevelant.) ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~ -=-=-=-=-=-=~WHY YOU SHOULD BE CONCERENED~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=~ Is this something we need to be concerned with? I suggest that it is; I will explain why; and I will recommend some simple counter measures - cheap "fire insurance" if you will - that should be promptly implemented by anyone who wants to retain some ability to "stay in touch" in the event of determined mailbombing campaigns (or net-attacks of any description). Fast forward to "-=~COUNTER MEASURES~=-" if you're already sufficietly "conerned" and want to skip to the chase. The means by which serious, but selective, net disruption could be brought about should be clear at this point... here's a fully plausible scenario: -=-=-=-=-=-=~-~=-=-=-=-=-=- Imagine that a group of the Christian-Coalition genre were to make an issue of the fact that many "liberal" servers and web-sites on the net support discusson of abortion, gay liberation, revolution, pornography, and socialism. We've seen how even murder (of abortion doctors) has been a result of fundamentalist fervor - is there any reason to assume that a mail-bomb attack on "liberal God-denying net servers" would be considered "out of bounds" as a tactic to "stop the anti-christ" and slow the further erosion of "family values"? -=-=-=-=-=-=~-~=-=-=-=-=-=- Substitute your own scenario if you prefer, but I hope it's clear that only _intention_ stands between us and the loss of our networking. If some activist group - on their own or via encouragement and support of "others" - takes it in their head to bring an end to widespread progressive networking, they can do it. And if legal remedies are attempted, it is difficult to imagine anything effective coming out of Washington (or the UK or Germany or etc) that wouldn't do us more harm than good. My first recommendation (:>) is to knock on wood and say "God willing" each time you dial in to the net. So the means and the danger are clear, and have been established by precedent. The remaining question is: Do we have any reason to expect that such an attack will in fact be mounted? Here is one person's view, received this morning over the wsn list: ~=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=~ | Date--Mon, 23 Feb 1998 | From-- | To: WORLD SYSTEMS NETWORK | Subject--The REAL WAR yet to come | | This Iraq/US stand off business is just international snow ball | fights. | | Get this, the US says they want Iraq to honour UN decisions but | says in the same breath "we (the USA) will not honour UN | decisions. The Americans fall for that ? | | The REAL WAR will come when the USA will be attacked by | people of conscience from the ground through the Internet. The | US Govt will subversively attempt to close down or disturb internet | comunications to disrupt ground swells. The only interests the US | has is oil ! Fuelled by the Oil Companies. Think about it. This | GREAT Technologically advanced nation is not a nation of | electronic vehicles in the late 1990's. Amateur futurists like myself | could have predicted this scenario in 1960. I think it is time that | the world citizens of this planet set the record straight. | | Be prepared however for disconnection through the Internet ! | ~=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=~ The Oil Theory re/ Iraq is a bit simplistic, but the Effective Progressive Activism Scenario is one to take very seriously. There hasn't been a "real" protest movement during the Internet era, not one within an order-of-magnitude of, say, the sixties movements. If such a movement were to arise, if it were to create political discomfort for those in power, and if the net were being used effectively for coordination and news distribution (eg, worldwide distribution of videos of 'blacked out' protest events) - then it would not be at all surprising if counter-measures were undertaken. In such an event, various governments might simply close down servers, under some kind of conspiracy or riot-act charges. Or a "spontaneous" attack of the variety described above could be covertly encouraged and supported. The choice would be "theirs", and the tactics could be selected on the basis of PR-effect & political expediency. And the targets wouldn't just be extremist groups, they'd be the whole progressive communications infrastructure. At least that's what would make obvious Machivellian sense in such a scenario: nip problems in the bud, as it were. As the US persists in its determination to deploy new weapons systems against Iraq, and as global opposition grows and generalizes to the sanctions as well, we could be on the very verge of a political movement significant enough to show up on Washington's early-warning radar. If the net is doing its part in such a movement - as many of us are endeavoring to encourage - we should not be surprised by a bud-nipping reactionary response, in some adequately disguised or rhetorically justified form. If not Iraq, then the MAI And National Sovereignty, or Disgust With Corporate Political Domination, or, if we get our act together, All Of The Above. Corporate globalization has had easy sailing for too long, and has made too many enemies - an energetic opposition movement is only a spark-in-dry-grass away, by the estimate of this observer. You may think Internet is Unsinkable, but even the Titanic had _some_ lifeboats; I suggest we don't steam unprepared into uncertain waters. ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~ -=-=-=-=-=-=~COUNTER MEASURES~=-=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=-=-=~ What countermeasures are available to us? The goal of countermeasures, I suggest, should be to facilitate communication-by-other means among people and groups who have come to depend on Internet in their political and educational activity. Obviously alternative communication means would be less effective than the net, but in time of emergency _some_ connectivity will be preferable to total isolation (ie: dependence on mass media for information). My recommendation is to identify who your "key net contacts" are - people whose presence you take for granted in your net communications, people you are collaborating with, people who provide you with important information, people who are likely to be in touch with others in an emergency situation. The next step is to contact those people NOW - while you still can conveniently - and exchange with them your phone numbers, fax numbers, and postal addresses. You might even go so far as to make preliminary arrangements for "phone-tree" or "photocopy-tree" protocols for distributing information, but most of us probably won't get around to that, life being what it is. The important thing is to have the necessary data on hand well in advance of need. If serious net disruption does occur, for whatever reason, it is critically important to observe certain common-sense protocols in the use of phone and fax numbers. Effective anarchic communications require a certain finesse and forethought. For example, if you're a member of somone's email list (eg, cyberjournal) you SHOULD NOT send faxes to the moderator such as: "Please tell me what's going on, I'm curious". That would jam up communications, and would lead people to disconnect their fax machines. Only contact "information source" people if you have important information that needs to be shared, or if you want to volunteer to be an "echo node" - to redistribute information to others. Other than that you should use your fax bandwidth to build up a "peer" network and then try to connect as a group with wider neworking efforts. Much of our technology would continue to serve us: we could still use our email software (Eudora or whatever) to create and manage our messages, but we'd fax them to lists of recipients or we'd print them - for posting on physical bulletin boards and kiosks or for copying and distributing. ~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~ -=-=-=-=-=-=~A REQUEST~=-=- re: NOW -=-=-=-=-=-=~=-=-=-=-=-=-=-=-=-=-=~ I hereby invite those of you with whom I reguarly correspond, or who would like to be on an emergency information-distribution network, to please send me whatever contact details you'd like to make available. Don't expect accompanying comments to b ------------------------------ Date: Thu, 19 Feb 1998 14:19:55 -0600 From: garbled@in.transit.by.net.demons Subject: File *&*--1998-02-04 Executive Order on Year 2000 Conversion (fwd) ((MODERATORS' NOTE: The address of the poster who contributed the following forward was lost in transit. But, thanks for the humor anyway)). (A humor alert for the parody challenged): =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= THE WHITE HOUSE Office of the Press Secretary ________________________________________________________________________ For Immediate Release February 4, 1998 EXECUTIVE ORDER - - - - - - - YEAR 2000 CONVERSION The American people expect reliable service from their Government and deserve the confidence that critical government functions dependent on electronic systems will be performed accurately and in a timely manner. Because of a design feature in many electronic systems, a large number of activities in the public and private sectors could be at risk beginning in the year 2000. Some computer systems and other electronic devices will misinterpret the year "00" as 1900, rather than 2000. Unless appropriate action is taken, this flaw, known as the "Y2K problem," can cause systems that support those functions to compute erroneously or simply not run. Minimizing the Y2K problem will require a major technological and managerial effort, and it is critical that the United States Government do its part in addressing this challenge. Accordingly, by the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows: Section 1. Policy. (a) It shall be the policy of the executive branch that agencies shall: (1) assure that no critical Federal program experiences disruption because of the Y2K problem; (2) assist and cooperate with State, local, and tribal governments to address the Y2K problem where those governments depend on Federal information or information technology or the Federal Government is dependent on those governments to perform critical missions; (3) cooperate with the private sector operators of critical national and local systems, including the banking and financial system, the telecommunications system, the public health system, the transportation system, and the electric power generation system, in addressing the Y2K problem; and (4) communicate with their foreign counterparts to raise awareness of and generate cooperative international arrangements to address the Y2K problem. (b) As used in this order, "agency" and "agencies" refer to Federal agencies that are not in the judicial or legislative branches. Sec. 2. Year 2000 Conversion Council. There is hereby established the President's Council on Year 2000 Conversion (the "Council"). (a) The Council shall be led by a Chair who shall be an Assistant to the President, and it shall be composed of one representative from each of the executive departments and from such other Federal agencies as may be determined by the Chair of the Council (the "Chair"). (b) The Chair shall appoint a Vice Chair and assign other responsibilities for operations of the council as he or she deems necessary. (c) The Chair shall oversee the activities of agencies to assure that their systems operate smoothly through the year 2000, act as chief spokesperson on this issue for the executive branch in national and international fora, provide policy coordination of executive branch activities with State, local, and tribal governments on the Y2K problem, and promote appropriate Federal roles with respect to private sector activities in this area. (d) The Chair and the Director of the Office of Management and Budget shall report jointly at least quarterly to me on the progress of agencies in addressing the Y2K problem. (e) The Chair shall identify such resources from agencies as the Chair deems necessary for the implementation of the policies set out in this order, consistent with applicable law. Sec. 3. Responsibilities of Agency Heads. (a) The head of each agency shall: (1) assure that efforts to address the Y2K problem receive the highest priority attention in the agency and that the policies established in this order are carried out; and (2) cooperate to the fullest extent with the Chair by making available such information, support, and assistance, including personnel, as the Chair may request to support the accomplishment of the tasks assigned herein, consistent with applicable law. (b) The heads of executive departments and the agencies designated by the Chair under section 2(a) of this order shall identify a responsible official to represent the head of the executive department or agency on the Council with sufficient authority and experience to commit agency resources to address the Y2K problem. Sec. 4. Responsibilities of Interagency and Executive Office Councils. Interagency councils and councils within the Executive Office of the President, including the President's Management Council, the Chief Information Officers Council, the Chief Financial Officers Council, the President's Council on Integrity and Efficiency, the Executive Council on Integrity and Efficiency, the National Science and Technology Council, the National Performance Review, the National Economic Council, the Domestic Policy Council, and the National Security Council shall provide assistance and support to the Chair upon the Chair's request. Sec. 5. Judicial Review. This Executive order is intended only to improve the internal management of the executive branch and does not create any right or benefit, substantive or procedural, enforceable at law or equity by a party against the United States, its agencies, or instrumentalities, its officers or employees, or any other person. WILLIAM J. CLINTON THE WHITE HOUSE, February 4, 1998. ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File *&*--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.16 ************************************