**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.00 (March 28, 1990) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer REPLY TO: TK0JUT2@NIU.bitnet COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. -------------------------------------------------------------------- DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. -------------------------------------------------------------------- COMPUTER UNDERGROUND DIGEST was begun with the encouragement of Pat Townson, moderator of TELECOM DIGEST. Pat received far to many responses to the recent Legion of Doom indictments to print, and many of the issues raised were, for reasons beyond Pat's control, unable to be printed. This, the initial issue of CuD (as in "stuff to ruminate over") will reprint some of the initial responses to provide the background for those who missed the earlier discussions. Preliminary interest in this forum has been relatively good. We received about 50 inquiries in the first 12 hours. We anticipate initial problems in linking bitnet with usenet and other outlets. Doug Davis (in Texas) has thoughtfully volunteered to serve as a go between between Usenet and other links, so, by trial and error, we'll try to contact everybody who has expressed interest. We will set line length at 78 characters. If there are problems in reading this, let us know and we will shorten it. STATEMENT OF INTENT CuD encourages opinions on all topics from all perspective. Other than providing a context for an article if necessary, the moderators *will not* add commentary of agreement or disagreement. We see our role as one of facilitating debate, although we will undoubtedly take part in discussions in separate articles. From the inquiries, interest seems to gravitate around a number of issues related to the "computer underground," by which we mean the social world of phreaks, hackers, and pirates. Judging from the comments, we encourage contributions of the following nature: 1. Reasoned and thoughtful debates about economic, ethical, legal, and other issues related to the computer underground. 2. Verbatim printed newspaper or magazine articles containing relevant stories. If you send a transcription of an article, be sure it contains the source *and* the page numbers so references can be checked. Also be sure that no copyright violations are infringed. 3. Public domain legal documents (affidavits, indictments, court records) that pertain to relevant topics. In the next issue we will present documents from the Alcor (California) E-mail law suit. 4. General discussion of news, problems, or other issues that contributors feel should be aired. 5. Unpublished academic papers, "think pieces," or research results are strongly encouraged. These would presumably be long, and we would limit the size to about 1,500 lines. Those appropriate for distribution would be sent as a single file and so-marked in the header. Although we encourage debate, we stress that ad hominem attacks or personal vituperations will not be printed. Although we encourage opinion, we suggest that these be well-reasoned and substantiated with facts, citations, or other "evidence" that would bolster claims. CuD *is not* a preak/hacker forum, and it is not a replacement for PHRACK magazine. However, our initial model for this forum is a combination of PHRACK WORLD NEWS and CNN's Cross-Fire if moderated by Emo Phillips. The first few issues are exploratory. If there is continued interest, we will continue. If not, so it goes. We *strongly* encourage suggestions and criticisms. -------------- In this issue: -------------- 1. Moderator's Introduction 2. Background of the LoD debates 3. Use of Aliases in the BBS world 4. LoD Indictment 5. Press Release Accompanying LoD indictment =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest - File 1 of 5 === =================================================== Welcome to the first "issue" of Computer Underground Digest. Jim and I thought it would appropriate if we both wrote a few words as a sort of "hello" and introduction. I'll keep this brief for now as I believe the "good stuff" will be found in the other inclusions. However since this is the first of what could be several (or perhaps few) issues it is appropriate at this time to offer some thoughts, more or less off the cuff, on the so-called "computer underground" (CU). Over the past few years I've often been asked to justify the use of "computer underground" when referring to the realm of hackers, phreakers, and pirates. Certainly the "computer" part is easy to justify, or at least accept as valid. No, it's the "underground" that has been criticized. Now I certainly don't claim to have invented the term, in fact it is taken from the vocabulary of the p/hackers themselves. However "underground" does imply, at least in common usage, some characteristics that are not necessarily accurate. Some of these are organization, criminality (or at lest marginality), unity, and purposiveness. Does the CU display these characteristics? Discussing each would take much more room than I intend to use today. My M.A. thesis of August 1989 addressed the issues of organization and unity, from a sociological viewpoint. The articles included in this issue of the Digest address all of the a fore mentioned issues from another viewpoint, one formed largely by cultural outsiders. The issue that faces us now is who gets to define what the CU is all about? Do we rely on the Federal Justice department to identify and label the intent, organization, and purpose of the CU as conspirical? Do we rely on the media to define the CU as reckless and unlawful? Do we, as citizens, trust those in power to make decisions that will forever impact the way our societal institutions of control approach those whose application of technology has out paced our conceptions of private property and crime? Am I an advocate _for_ the computer underground? No, I'm not "one of them" and I don't speak for "them". However I do think it is in the best interest of all if the "problem" of the CU is approached from the new perspective it deserves. If our society is to ultimately decide that CU activity is every bit as terrible as puppy-whipping then that decision should be made, not forced upon us by lawmakers (and others) who are assuming, from the very beginning, that CU activity is threatening and criminal. To this end I hope that the CU Digest can provide information and discussion from a variety of perspectives. The assumptions and changes in definitions are subtle but hopefully we can begin to get a handle on many aspects of the CU. Gordon Meyer Internet: 72307.1502@compuserve.com 3/27/90 ============================================================================== Recent media depictions of phreaks, hackers, and pirates have created an image of evil lads (is it *really* a male bastion?) out to wreak havoc on society (the studies of Erdwin Pfuhl and Ray Michalowski, Dick Hollinger and Lonn Lanza-Kaduce, and Meyer and Thomas). Hollinger and Lanza-Kaduce have argued that one reason that Draconian anti-computer abuse laws were passed in the past few years is because of distorted images, lack of understanding of the computer world, and a lack of a strong constintuency to point out the potential abuses of restrictive legislation. We see CuD as an antidote to the current--yes, I will call them WITCH-HUNTS--of law enforcement agents and media hysteria. There is also a perceived need of commentators with some sympathy toward the computer underground to preface their comments with "I don't agree with their behaviors, but. . ."! I see no need to adopt a defensive posture. All predatory behavior is wrong, and that type of disclaimer should be sufficient. However, it remains to be seen whether *all* computer underground activity is as predatory as the media and law enforcement agents would have us believe. Yes, crimes are committed with computers. But, crimes are also committed with typewriters, cars, fountain pens and--badges. Computer Underground digest will attempt to provide an antidote to current beliefs by creating an open forum where they can be debated by all sides. Our intent, as Gordon indicates, is not to serve as apologists, but rather as gadflies. Technology is changing society faster than existing norms, values, beliefs, or laws, can match, and by airing issues we hope to at least provide insights into the new definitions of control, authority, privacy, and even resistance. Data from our own studies indicate that sysops of some BBSs have been exceedingly cautious in putting up documents that are quite legal. The sysop of one of the world's largest legitimate BBSs has told us of the chilling effect on freedom of speech that even a casual visit from the FBI can produce. Our hope is to present facts, stimulate debate, and above all, to create an awareness of the relationship between the computer underground, which is currently a stigmatized passtime, and the rest of society. We are not concerned with changing opinions, but we do hope to sharpen and clarify what, to us, are highly complex issues for which there is no simple solution. Jim Thomas Sociology/Criminal Justice Northern Illinois University DeKalb, IL 60115 (TK0JUT1@NIU.bitnet) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest - File 2 of 5 === =================================================== ----------------------------- The following articles are reprinted from an issue of TELECOM DIGEST that appeared a few days ago. Because further responses could not be reprinted, we present them again to provide the background that spawned CuD. We have not added Professor Spafford's original comment because Mike Godwin cites the bulk of it. If we err in not doing so, we apoligize in advance, but are guided here by space constraints and not malice. ----------------------------- Inside This Issue: Moderator: Patrick A. Townson Preface to Special Issue [TELECOM Moderator] Re: Legion of Doom Rebuttal to Moderator [Mike Godwin] Re: Legion of Doom Rebuttal to Moderator [Douglas Mason] Re: Legion of Doom Rebuttal to Moderator [Scott Edward Conrad] Re: Legion of Doom Rebuttal to Moderator [Gordon Burditt] ---------------------------------------------------------------------- Date: Sun, 25 Mar 90 11:45:32 CST >From: TELECOM ModeratorSubject: Preface to Special Issue This issue is devoted to replies to Gene Spafford about the activities of the Legion of Doom. Like many controversial topics (Caller*ID for one), the LoD has the potential to use great amounts of network resources as the arguments go on. Because Mr. Spafford is a highly respected member of the net community, the people who responded to his article here certainly deserve the courtesy of being heard, but with this selection of responses, we will discontinue further pros-and-cons messages on LoD, at least until the criminal proceedings are finished. Obviously, *new* information about LoD, government investigative activities, etc is welcome, but let's not rehash old stuff again and again. Patrick Townson ------------------------------ >From: Mike Godwin Subject: Re: Legion of Doom Rebuttal to Moderator Date: 22 Mar 90 20:16:43 GMT Reply-To: Mike Godwin Organization: The University of Texas at Austin, Austin, Texas In article <5462@accuvax.nwu.edu> Gene Spafford writes: >The information I have available from various sources indicates that the >investigation is continuing, others are likely to be charged, and there >MAY be some national security aspects to parts of the investigation that >have yet to be disclosed. The information that I have is that many innocent third parties are being trampled by the federal agents in their investigatory zeal. The unnecessary seizure of equipment at Steve Jackson Games in Austin, Texas, is a notable example. In that case, the Secret Service assumed that, since SJ Games employed a reformed computer hacker, it was likely that their company BBS (used for feedback from role-playing game testers nationwide) contained relevant evidence. So, the SS seized all the company's computer equipment, including its laser printer, all available copies of the company's new Cyberpunk game (set in a William Gibson future involving penetration of repressive corporate computer systems), and copies of Gordon Meyer's dangerous academic thesis, in which the author proposed that the hacker underground had been "criminalized" in the public mind due to images created by a few destructive individuals and by the fairly ignorant media. In spite of this, they assured Jackson and his lawyer that neither Jackson nor his company was the target of the investigation. (Jackson, who owes his livelihood to the copyright laws, is an adamant opponent of piracy.) Apparently, the federal agents were angered by the Cyberpunk gaming manual, which romanticized 21st-century computer "cowboys" like Case in Gibson's novel NEUROMANCER. They further conjectured that the game is a cookbook for hackers. Jackson's business is losing, at his estimate, thousands of dollars a month thanks to this seizure, which was far more intrusive than necessary (why take the hardware at all?), and which seemed to demonstrate the agents' willingness to find evildoings everywhere. The Federal Tort Claims Act bars tort recovery based on law-enforcement-related seizures of property, I note in passing. >Now maybe there are one or two people on the law enforcement side who >are a little over-zealous (but not the few I talk with on a regular >basis). Yeah, maybe one or two. >For someone to be indicted requires that sufficient evidence >be collected to convince a grand jury -- a group of 23 (24? I forget >exactly) average people -- that the evidence shows a high probability >that the crimes were committed. The notion that grand juries are any kind of screening mechanism for prosecutions, while correct in theory, has long been discredited. In general, not even prosecutors pretend that the theory is accurate anymore. In law school, one of the first things you're taught in criminal-procedure courses is that grand juries are not screening mechanisms at all. (It is so rare for a grand jury to fail to follow a prosecutor's recommendation to indict that when it does happen the grand jury is known as a "rogue grand jury.") The basic function of grand juries at the federal level is INVESTIGATORY -- the grand-jury subpoena power is used to compel suspects' and witnesses' presence and testimony prior to actual prosecution. >Search warrants require probable >cause and the action of judges who will not sign imprecise and poorly >targeted warrants. Ha! Dream on. >Material seized under warrant can be forced to be >returned by legal action if the grounds for the warrant are shown to >be false, so the people who lost things have legal remedy if they are >innocent. Guess who pays for pursuing the legal remedy in most cases. (Hint: it's not the government.) Now guess how long such proceedings can take. >The system has a lot of checks on it, and it requires convincing a lot >of people along the way that there is significant evidence to take the >next step. The system does have checks in it, but they are neither as comprehensive nor as reliable as you seem to think. >If these guys were alleged mafioso instead of electronic >terrorists, would you still be claiming it was a witch hunt? Possibly. There have been periods in this country in which it was not very pleasant to be involved in a criminal investigation if your name ended in a vowel. >Conspiracy, fraud, theft, violations of the computer fraud and abuse >act, maybe the ECPA, possesion of unauthorized access codes, et. al. >are not to be taken lightly, and not to be dismissed as some >"vendetta" by law enforcement. I don't think anyone is proposing that the investigation of genuine statutory violations is necessarily a vendetta. In fact, I don't think this is the case even in the Jolnet sting. But lack of understanding on the part of the federal officials involved, plus the general expansion of federal law-enforcement officials powers in the '70s and '80s, mean that life can be pretty miserable for you if you even KNOW someone who MIGHT be the target of an investigation. There are civil-rights and civil-liberties issues here that have yet to be addressed. And they probably won't even be raised so long as everyone acts on the assumption that all hackers are criminals and vandals and need to be squashed, at whatever cost. Before you jump to conclusions about my motivations in posting this, let me point out the following: 1) I'm against computer crime and believe it should be prosecuted. 2) I'm nor now, nor have I ever been, a "hacker." (The only substantive programming I've ever done was in dBase II, by the way.) 3) Even though (1) and (2) are true, I am disturbed, on principle, at the conduct of at least some of the federal investigations now going on. I know several people who've taken their systems out of public access just because they can't risk the seizure of their equipment (as evidence or for any other reason). If you're a Usenet site, you may receive megabytes of new data every day, but you have no common-carrier protection in the event that someone puts illegal information onto the Net and thence into your system. And (3) is only one of the issues that has yet to be addressed by policymakers. >Realize that the Feds involved are prohibited from disclosing elements >of their evidence and investigation precisely to protect the rights of >the defendants. They're also secretive by nature. Much has been withheld that does not implicate defendants' rights (e.g., the basis for Secret Service jurisdiction in this case). >If you base your perceptions of this whole mess on >just what has been rumored and reported by those close to the >defendants (or from potential defendants), then you are going to get a >very biased, inaccurate picture of the situation. Even if you screen out the self-serving stuff that defendants (and non-defendants) have been saying, you still get a disturbing picture of the unbridled scope of federal law-enforcement power. In addition, we can't fall into the still-fashionable Ed Meese mentality: "If they're innocent they don't have to worry about being indicted." This is simply not true. >Only after the whole mess comes to trial will we all be able to get a >more complete picture, and then some people may be surprised at the >scope and nature of what is involved. Ah, just the way the Oliver North trial cleared things up? (I know that's a bit unfair, but it expresses my feeling that we're better off relying on the press, flawed as it is, than waiting for the feds to tell us what it's good for us to know at the time they think it's good for us to know it.) In sum, the *complaint* has been this: "Look at the way the feds are losing their cool over this! Lots of folks are being harmed, and lots of rights are being violated!" The *response* of those whose justifiable opposition to computer crime has blinded them to the rights, due-process, and justice issues involved has been something like this: "They're the government. They wouldn't be doing this stuff if they weren't a good reason for it." I have no trouble with Gene Spafford's scepticism about the complaint; please understand, however, why I insist on being sceptical about the response. Mike Godwin, UT Law School |"Neither am I anyone; I have dreamt the world as mnemonic@ccwf.cc.utexas.edu | you dreamt your work, my Shakespeare, and among mnemonic@walt.cc.utexas.edu | the forms in my dream are you, who like myself (512) 346-4190 | are many and no one." --Borges ------------------------------ >From: Douglas Mason Subject: Re: Legion of Doom Rebuttal to Moderator Reply-To: douglas@ddsw1.MCS.COM (Douglas Mason) Organization: ddsw1.MCS.COM Contributor, Mundelein, IL Date: Thu, 22 Mar 90 12:49:29 GMT I don't think that there is anyone out there saying that what those guys did was right in any way, shape or form. Granted, there are people out there that are probably saying to themselves "These guys were just trying to show what capitalistic pigs the government is and now they are being stomped on for exposing ... " You get the idea. I think (from the 60 or so messages that I received in the last few days) that the general opinion seems to be "Yes, these guys are very much in the wrong, BUT did their case deserve as much media hype as it has received?" Just the other day a group of people murdered a tax collector here. The papers made it out to be a joke and a "get back at the government" type of thing. I personally couldn't see the funny side of a 27 year old getting killed. Anyways, the article was towards the back of the paper (ie: not page one material) and was gone and forgotton immediately after. The infamous "LOD" busts, on the other hand, seem to be springing up again and again. Something else I noticed about the whole affair and LOD in general (before the big ordeal): A large chunk of the respect and whatnot over the group (in the hacker circles) seemed to be because LOD did very little "broadcasting" of the information they came up with collectively. On the other hand, if I had been "wired for sound" by some agency in the past, the LOD affair would have been over with much sooner, as all members seemed to be more than willing to give out information on CBI, Trans Union, SBDN, SCCS, ESACS, LMOS, Cosmos [insert favorite acrynom here] when they were approached individually. Last time I visited one of the infamous LOD people, he showed me how he could monitor phone lines remotely. Sounds like complete BS and it is a worn out subject as to if it can really be done, but he ran some Bell telco software and it allowed him to enter the number of any phone number that was serviced by his local CO (I believe) and then enter a callback number. While I stood there not believing him, the other phone rang, and sure enough, it was "testing for audio quality" on another line. He told me the acronym for the name of this software, but it slips my mind, as I no longer have any interest in that type of stuff. Point is that these guys were pretty trusting. If the feds wanted to get them, they could have done it long ago. My guess is that by this point they have MORE than enough evidence to prosecute these guys. There is absolutely no doubt in my mind about that. Douglas T. Mason | douglas@ddsw1.UUCP or dtmason@m-net | ------------------------------ Date: Thu, 22 Mar 90 13:20:10 CST >From: Scott Edward Conrad Subject: Re: Legion of Doom Rebuttal to Moderator Because I happened to start researching a paper on law applied to computer hacking, I have been following the LoD bust with great interest. Recently, someone mentioned that they didn't think these alleged perpetrators (sp?) deserved 31 years. Where did this number come from? According to the Computer Fraud and Abuse Act of 1984, there seem to be 3 areas covered: (see also Computer/Law Journal, Vol. 6, 1986) 1) It is a felony to access a computer without authorization to obtain classified US military or foreign policy info with the intent or reason to believe that such info will be used to harm the US or to benefit a foreign nation. 2) It is a misdemeanor to access a computer without authorization to obtain financial or credit info that is protected by federal financial privacy laws. 3) It is a misdemeanor to access a federal government computer without authorization and thereby use, modify, destroy, or disclose any information therein. (3) seems the most applicable. Where I am confused is whether or not the 911 code is considered government property. If it is, does this make Bell South, a federal government computer? What exactly are the LoD being tried for? (or has there been charges filed against them, or is the SS still gathering info?) Please send any thoughts to me. Scott Conrad sec0770@cec2.wustl.edu ------------------------------ >From: Gordon Burditt Subject: Re: Legion of Doom Rebuttal to Moderator Date: 24 Mar 90 10:21:24 GMT In article <5462@accuvax.nwu.edu> Gene Spafford writes: >that the crimes were committed. Search warrants require probable >cause and the action of judges who will not sign imprecise and poorly >targeted warrants. Material seized under warrant can be forced to be >returned by legal action if the grounds for the warrant are shown to >be false, so the people who lost things have legal remedy if they are >innocent. I don't believe it. It certainly doesn't work that way for non-computer crimes. Let's suppose I am a homeowner, and a burglar rips off my TV set. I surprise him, and he shoots me with my own gun. Later he is caught with the TV and the gun in his apartment. Can I get my TV set back before the trial? No. How about the gun (assuming it's legal for me to have it)? No. Does anyone seriously think I'm guilty of stealing my own TV or shooting myself with my own gun? (I got lucky and had a priest, two off-duty cops, and the mayor as witnesses). No. Does anyone think the TV and gun aren't mine? (They have my name engraved, and I have receipts.) No, but it doesn't matter. Do you really think that the operator of any BBS seized because it was used by crooks to exchange long-distance access codes is going to get his system back any time soon, even if the Feds are convinced of his innocence and active cooperation? Even if the active cooperation started before there were any access codes on the system, and the crooks were deliberately led to this system as part of a sting operation? No, it's evidence, and it will probably be released long after anyone convicted has served his sentence, and only after the owner has spent more in legal fees than the system is worth at the time of its return. I doubt also that the Feds are going to be helpful to a non-suspect BBS operator, and give him a copy of his own data, (They took all the backups) sanitized to remove anything illegal. Nope, all those disks with his tax records (which had nothing to do with the BBS) on them will have to be manually reconstructed, even if he can borrow a system somewhere. Gordon L. Burditt sneaky.lonestar.org!gordon ------------------------------ End of TELECOM Digest Special: LoD Rebuttals ****************************** =================================================== === Computer Underground Digest - File 3 of 5 === =================================================== There has been some debate about the use of "handles" (or "aliases") in the BBS world. A few commentators have questioned their appropriateness, and there seems to be a tendency for government law enforcement agents to interpret the use of handles as a sign of "conspiracy" or "hiding intents." The use of handles to disguise identity has a long and honorable tradition in the U.S. It was Publius, after all (the "handle" of those notorious subversives and 18th century deviants John Jay, James Madison, and Alexander Hamilton) who wrote THE FEDERALIST PAPERS, the basis of our Constitution. In the BBS world, handles provide not only a sense of anonymity, but serve also as a symbolic identity. In a current research project, we find that for serious BBS hobbyists, handles encapsulate an ethos reflected by a fictional (usually science fiction) hero, a literary genre, music or media characters, or public figures. Handles connote particular cultural meanings, and these meanings can be "read off" as a short hand summary of the character, interests, or political ideology of the user. The anonymity provided by handles serves several purposes. First, it allows the user, for better or worse, a sense of freedom to express ideas that might otherwise subject him/her to ridicule. Second, analysis of BBS message logs suggests that women, especially, feel freer to participate in discussions without fear of gender games that might occur in face-to-face interaction. Third, concealing one's identity provides limited freedom from kooks, merchandise hucksters, and other snoopers. In a society in which making, maintaining, and disseminating lists is common place, protecting one's identity hardly seems unreasonable. There is a fourth reason why handles are increasingly necessary. As Gordon Meyer cogently suggested in his recent comment, prosecutors are not unwilling to confiscate e-mail, BBS message logs, or other "evidence" of identity. These, in turn, are easily used to obtain information on innocent parties. To those who have continually argued, or who actually believe, the federal agents "know what they're doing," or are are too "professional" to abuse their powers, I remind you of the witch hunts against "subversives" who opposed the Viet Nam war, the FBI's COINTEL-PRO, and other gross abuses of power in recent years. Attorney Gerry Spence is currently defending Friends of the Earth against a "set-up" by federal agents that, unfortunately for the agents, was captured on tape. It was, after all, the FBI who attempted to coerce Martin Luther King to commit suicide! There is voluminous literature, including the Church Committee's Report in the 1970s, and other research (including my own) that documents these abuses. In short, despite protections, our enforcement agents have a rather sorry record of following the law to enforce the law (see the corpus of Gary Marx's work for further documentation). Especially at a time when laws related to computer technology are vague, inconsistent, occasionally Draconian, and not yet tested in court, and when one's computer system can be confiscated on mere suspicion, and when a BBS can be threatened by the FBI or Secret Service (as the sysop of the world's largest BBS was) merely for posting LICIT hacker-type text files, a chilling affect occurs that stifles not only free speech, but free revelation of identity. I used my real name in corresponding with the PHRACK folk at the University of Missouri, and my name, documents, and other information--none illicit--is now in the hands of federal prosecutors. Call it paranoia, but from past experiences with federal agents, I have no confidence that they will abide by rules of honor in using this information. There are two ironies associated with the use of handles. First, those who use them are generally sufficiently open to either self-identity when sufficient trust has been built, or to provide enough identifying information that identities can be determined. Second, and more important, in a "free" society built around open and unconstrained information flow, forces operate to restrict openness. Therefore, to be open requires concealment. Rather than grip about the use of handles, doesn't it make more sense to examine the factors that impel their use? Jim Thomas Sociology/Criminal Justice Northern Illinois University DeKalb, IL (60115) (815) 753-6438 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest / File 4 of 5 === =================================================== ----------------- We obtained the Chicago indictment of two Legion of Doom members from a contributor. It originally was printed in PIRATE magazine. We have checked this transcription against the original for accuracy. ------------------ UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION ) UNITED STATES OF AMERICA ) ) v. ) No. ______________________ ) Violations: Title 18, United ROBERT J. RIGGS, also known ) States Code, Sections as Robert Johnson, also ) 1030(a)(6)(A) and 2314 known as Prophet, and ) CRAIG NEIDORF, also known ) as Knight Lightning ) COUNT ONE The SPECIAL APRIL 1987 GRAND JURY charges: PROPERTY INVOLVED 1. At all times relevant herein, enhanced 911 (E911) was the national computerized telephone service program for handling emergency calls to the police, fire, ambulance and emergency services in most municipalities in the United States. Dialing 911 provided the public immediate access to a municipality's Public Safety Answering Point (PSAP) through the use of computerized all routing. The E911 system also automatically provided the recipient of an emergency call with the telephone number and location identification of the emergency caller. 2. At all times relevant herein, the Bell South Telephone Company and its subsidiaries ("Bell South") provided telephone services in the nine state area including Alabama, Mississippi, Georgia, Tennessee, Kentucky, Lousiana %sic%, North Carolina, South Carolina and Florida. 3. At all times relevant herein, the E911 system of Bell South was described in the text of a computerized file program known as the Bell South Standard Practice 660-225-104SV Control Office - 1 - Administration of Enhanced 911 Services for Special and Major Account Centers date March, 1988 ("E911 Practice"). The E911 Practice was a highly proprietary and closely held computerized text file belonging to the Bell South Telephone Company and stored on the company's AIMSX computer in Atlanta, Georgia. The E911 Practice described the computerized control and maintainence %sic% of the E911 system and carried warning notices that it was not to be disclosed outside Bell South or any of its subsidiaries except under written agreement. COMPUTER HACKERS 4. At all times relevant herein, computer hackers were individuals involved with the unauthorized access of computer systems by various means. 5. At all times relevant herein, the Legion of Doom (LOD) was a closely knit group of computer hackers involved in: a. Disrupting telecommunications by entering computerized telephone switches and changing the routing on the circuits of the computerized switches. b. Stealing proprietary computer source code and information from companies and individuals that owned the code and information. c. Stealing and modifying credit information on individuals maintained in credit bureau computers. - 2 - d. Fraudulently obtaining money and property from companies by altering the computerized information used by the companies. e. Disseminating information with respect to their methods of attacking computers to other computer hackers in an effort to avoid the focus of law enforcement agencies and telecommunication security experts. 6. At all times relevant herein ROBERT J. RIGGS, defendant herein, was a member of the LOD. 7. At all times relevant herein CRAIG NEIDORF, defendant herein, was a publisher and editor of a computer hacker newletter %sic% known as "PHRACK." 8. At all times relevant herein, a public access computer bulletin board system (BBS) was located in Lockport, Illinois which provided computer storage space and electronic mail services to its users. The Lockport BBS was also used by computer hackers as a location for exchanging and developing software tools for computer intrusion, and for receiving and distributing hacker tutorials and other information. E-MAIL 9. At all times relevant herein electronic mail (e-mail) was a computerized method for sending communications and files between individual computers on various computer networks. Persons who sent or received e-mail were identified by an e-mail address, similar to a postal address. Although a person may have more than - 3 - one e-mail address, each e-mail address identified a person uniquely. The message header of an e-mail message identified both the sender and recipient of the e-mail message and the date the was %sic% message sent. 10. Beginning in or about September, 1988, the exact date begin unknown to the Grand Jury, and continuing until the return date of this indictment, at Lockport, in the Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants herein, together with others known and unknown to the Grand Jury, devised and intended to devise and participated in a scheme and artifice to defraud and to obtain money and other things of value by means of false and fraudulent pretenses and representations, well knowing at the time that such pretenses, representations and promises were false when made. OBJECT OF FRAUD SCHEME 11. The object of the fraud scheme was to steal the E911 Practice text file from the computers of Bell South Telephone Company though %sic% the use of false and fraudulent pretenses and representations and to conceal all indications that the text file had been stolen; and to thereafter publish the information about the E911 Practice text file in a hacker publication for dissemination. - 4 - OPERATION OF FRAUD SCHEME 12. It was part of the fraud scheme that the defendant NEIDORF would and did advise the defendant RIGGS that he had assembled a group of computer hackers for the purpose of distributing computer information. 13. It was further part of the scheme that the defendant RIGGS would and did steal sensitive proprietary Bell South information files including the E911 Practice text file by gaining remote unauthorized access to computers of the Bell South Telephone Company. 14. It was further part of the scheme that the defendant RIGGS would and did disguise and conceal the theft of the E911 Practice text file from Bell South Telephone Company by removing all indications of his unauthorized access into Bell South computers and by using account codes of legitimate Bell South users to disguise his authorized use of the Bell South computer. 15. It was further part of the scheme that RIGGS would and did transfer in interstate commerce a stolen E911 Practice text file from Atlanta, Georgia to Lockport, Illinois through the use of an interstate computer data network. 16. It was further part of the scheme that defendant RIGGS would and did store the stolen E911 Practice text file on a computer bulletin board system in Lockport, Illinois. 17. It was further part of the scheme that defendant NEIDORF, utilizing a computer at the University of Missouri in Columbia, Missouri would and did receive a copy of the stolen E911 text file - 5 - from defendant RIGGS through the Lockport computer bulletin board system through the use of an interstate computer data network. 18. It was further part of the scheme that defendant NEIDORF would and did edit and retype the E911 Practice text file at the request of the defendant RIGGS in order to conceal the source of the E911 Practice text file and to prepare it for publication in a computer hacker newsletter. 19. It was further part of the scheme that defendant NEIDORF would and did transfer the stolen E911 Practice text file through the use of an interstate computer bulletin board system used by defendant RIGGS in Lockport, Illinois. 20. It was further part of the scheme that the defendants RIGGS and NEIDORF would publish information to other computer hackers which could be used to gain unauthorized access to emergency 911 computer systems in the United States and thereby disrupt or halt 911 service in portions of the United States. 22. It was further a part of the scheme that the defendants would and did misrepresent, conceal, and hide, and cause to be misrepresented, concealed and hidden the purposes of ane %sic% the acts done in furtherance of the fraud scheme, and would and did use coded language and other means to avoid detection and apprehension - 6 - by law enforcement authorities and to otherwise provide security to the members of the fraud scheme. 23. In or about December, 1988, at Lockport, in the Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, defendant herein, for the purpose of executing the aforesaid scheme, did knowingly transmit and cause to be transmitted by means of a wire communication in interstate commerce certain signs, signals and sounds, namely: a data transfer of a E911 Practice text file from Decatur, Georgia to Lockport, Illinois. In violation of Title 18, United States Code, Section 1343. - 7 - COUNT TWO The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. On or about January 23, 1989, at Lockport, in the Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the defendants herein, for the purposes of executing the aforesaid scheme did knowingly transmit and cause to be transmitted by means of a wire communication in interstate commerce certain signs, signals and sounds, namely: a data transfer of a E911 Practice text file from Decatur, Georgia to Lockport, Illinois, an edited and retyped E911 Practice text file from Columbia, Missouri, to Lockport, Illinois. In violation of Title 18, United States Code, Section 1343. - 8 - COUNT THREE The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count One of this indictment as though fully set forth herein. 2. In or about December, 1988, at Lockport, in the Northern District of Illinois, Easter Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants herein, did transport and cause to be transported in interstate commerce from Decatur, Georgia, to Lockport, Illinois, a computerized text file with a value of $5,000 or more, namely: A Bell South Standard Practice (BSP) 660-225-104SV- Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers dated March, 1988; valued at approximately $79,449.00 the defendants then and there knowing the same to have been stolen, converted, and taken by fraud; In violation of Title 18, United States Code, Section 2314. - 9 - COUNT FOUR The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count one of this Indictment as though fully set forth herein. 2. On or about January 23, 1989, at Lockport, in the Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants herein, did transport and cause to be transported in interstate commerce from Columbia, Missouri, to Lockport, Illinois, a computerized textfile with a value of $5,000 or more, namely: An edited Bell South Standard Practice (BSP) 660-225- 104SV- Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers dated March, 1988; valued at approximately $79,449.00. the defendants, then and there knowing the same to have been stolen, converted, and taken by fraud; In violation of Title 18, United States Code, Section 2314. - 10 - COUNT FIVE The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. On or about December, 1988, at Lockport, in the Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the defendants herein, knowingly and with intent to defraud, trafficked in information through which a computer may be accessed without authorization and by such conduct affected interstate commerce; In violation of Title 18, United States Code, Section 1030(a)(6)(A). - 11 - COUNT SIX The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. In or about January, 1989, at Lockport, in the Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the defendants herein, knowingly and with intend to defraud, trafficked in information through which a computer may be accessed without authorization and by such conduct affected interstate commerce; In violation of Title 18, United States Code, Section 1030(a)(6)(A). - 12 - COUNT SEVEN The SPECIAL APRIL 1987 GRAND JURY further charges: 1. The Grand Jury realleges and incorporates by reference the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. In or about February, 1989, at Lockport, in the Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the defendants herein, knowingly and with intent to defraud, trafficked in information through which a computer may be accessed without authorization and by such conduct affected interstate commerce; In violation of Title 18, United States Code, Section 1030(a)(6)(A). A TRUE BILL: ________________________________ F O R E P E R S O N ________________________________ UNITED STATES ATTORNEY - 13 - =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest - File 5 of 5 === =================================================== ------------ This press release was attacthed to the indictment. We reprint it here to present the federal side of the case. It originally appeared in PIRATE Magazine. We have checked the text against the original for accuracy. ----------------- INFORMATION RELEASE FROM: U.S. Department of Justice DATE: February 6, 1990 IRA H. RAPHAELSON, United States Attorney for the Northern District of Illinois, and PATRICK T. McDONNELL, Special Agent In Charge of the United States Secret Service in Chicago, today announced the indictment of Robert J. Riggs, 20, of %address deleted%, and Craig M. Neidorf, 19 %address deleted%, on charges that between December, 1988 and February, 1989 they entered into a scheme to steal and publish to other hackers highly proprietary and sensitive information about the operation of Bell South's Enhanced 911 emergency communication system. The seven count indictment charges Riggs and Neidorf with Interstate Transportation of Stolen Property, Wire Fraud and Violations of the Computer Fraud and Abuse Act of 1986. Specifically, the indictment charges that Riggs, also known as "Robert Johnson" and "The Prophet", stole a copy of Bell South's highly proprietary and closely held computer program that controlled and maintained the E911 system. Bell South's E911 system controls emergency calls to the police, fire, ambulance and emergency services in municipalities of the nine state region served by Bell South; Alabama, Mississippi, Georgia, Tennessee, Kentucky, Louisiana, North Carolina, South Carolina, and Florida. The indictment alleges that in December 1988 Riggs stole the E911 data valued at $79,449.00 by using a computer outside the telephone company to call into the telephone company computer in which the computer file was stored. The indictment charges that Riggs then transferred the E911 data to a computer bulleting board in Lockport, Illinois from which Neidorf, also known as "Knight Lightning", down loaded it for publication in a computer hacker publication known as "PHRACK." The indictment charges that Riggs was a member of a closely knit group of computer hackers known as the Legion of Doom whose members are involved in numerous illegal activities including: *Disrupting telephone service by entering the telephone companies switches (which are computers) and changing the routing of telephone calls. *Stealing computer data from individuals and companies. *Stealing and modifying individual credit histories. *Fraudulently obtaining money and property from companies by altering information in their computers. *Disseminating information about attacking computers to other computer hackers in an effort to shift the focus of law enforcement agencies to those other hackers and away from the Legion of Doom. The indictment charges that as part of their fraud scheme Riggs and Neidorf disclosed the stolen information %reportedly PHRACK #24-eds.% about the operation of the enhanced 911 system to other computer hackers so that they could unlawfully access the E911 system and potentially disrupt or halt other 911 service in the United States. If convicted on all counts of the indictment Riggs faces a maximum possible prison sentence of 32 years and a maximum possible fine of $222,000.00; and Neidorf faces a maximum possible prison sentence of 31 years and a maximum possible fine $122,000.000. In announcing the return of the indictment, Mr. Raphaelson noted that the allegations of the indictment have far reaching implications for the health and welfare of individuals in the United States who rely on their telephones as a lifeline to the outside world. Mr. Raphaelson stated, "People who invade our telecommunications and related computer systems for profit or personal amusement create immediate and serious consequences for the public at large. No one should be made to suffer loss of life or severe injury as a result of hackers who have compromised emergency networks. The telecommunications industry and law enforcement community have become attentive to these crimes and those who choose to use their intelligence and talent to disrupt these vital networks will find themselves vigorously prosecuted." Raphaelson stated that the indictment in Chicago and a companion indictment in Atlanta are the initial results of a year long investigation by agents of the United States Secret Service in Chicago, Atlanta, Indianapolis, New York, St. Louis and Kansas City. Raphaelson further noted that pursuant to Court Orders, technical and expert assistance was provided to the United States Secret Service by telecommunication companies including Bell South and its subsidiaries, Southwestern Bell, NYNEX (New York), and Bellcore. Raphaelson particularly praised the actions of Bell South for its proactive position in bringing their intrusion problems to the attention of law enforcement officials and for its formation of an Intrusion Task Force to analyze and respond to the intrusions noted in the Chicago and Atlanta indictments. Assistant United States Attorney William J. Cook, who heads the Computer Fraud and Abuse Task Force, and Assistant United States Attorney Colleen D. Coughlin presented the case to the federal grand jury and will be trying the case in the United States District Court in Chicago. Members of the public are reminded that the indictment is only a charge and is not evidence of guilt. The defendants are entitled to a fair trial at which time it will be the government's burden to prove their guilt beyond a reasonable doubt. *** END *** =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= !