home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Phoenix Rising BBS
/
phoenixrising.zip
/
phoenixrising
/
vir-docs
/
crptlt19.arj
/
CRPTLT.R19
< prev
next >
Wrap
Text File
|
1993-10-18
|
63KB
|
1,402 lines
CRYPT NEWSLETTER 19
-=Sept-Oct 1993=-
Editor & Publisher: Urnst Kouch
Tech Editor: Kohntark; Bureau Chief/Media Critic: Mr. Badger
CRYPT INFOSYSTEMS BBS: 818-683-0854
INTERNET: ukouch@delphi.com
------------------------------------
IN THIS ISSUE: The guv'mint's not-so-secret war on
citizen encryption . . . Mr. Badger on pansy futurists
. . . Alvin & Heidi Toffler's "War & Anti-War" . . .
The Secret Service bugged by virus . . . Mail theft
at The WELL . . . Black Wolf's Ulti_Mute variable
encryption engine for copy protection plus experimental
anti-virus file-protection utilities . . . Kohntark
builds on Sterculius virus . . . much more.
US GOVERNMENT STEPS UP ACTION ON CONTROLLING ENCRYPTION
AND THOSE WHO WOULD USE PRETTY GOOD PRIVACY TO SAP AND
IMPURIFY OUR PRECIOUS BODILY FLUIDS
In mid-September, the US government stepped up efforts to
control powerful citizen-held cryptographic software
by convening a Grand Jury to investigate Phil Zimmerman,
principal author of Pretty Good Privacy, for possible
violation of munitions export controls. Simultaneously,
Austin CodeWorks and ViaCrypt, two companies involved
in producing packages containing source code for the
ciphering algorithms employed by PGP, were also brought
into the investigation and served with requests by the
State Department to register as international arms
traffickers, even though neither company had plans to
distribute its products overseas.
These actions are regarded by most familiar with the issue
as part of the National Security Agency's decades
long campaign to restrict the availability of strong
encryption for American citizens. The agency's argument
that the PGP encryption technology must be protected from
foreign misuse is without much realistic merit, since the
software and its source code has been available for some
time from Internet sites from Finland to the University of
California at Berkeley as well as uncountable private and
public bulletin board systems in the United States and
abroad.
On October 3 and 4, The L.A. Times, devoted a two-part series,
to some of these privacy/cryptography issues. But by and
large, the controversy has been overlooked by the rest of
the mainstream media.
"Demanding the Ability to Snoop: Afraid new technology may foil
eavesdropping efforts, U.S. officials want phone and computer
users to adopt the same privacy code. The government would
hold the only key" was the title and subhead of Robert Lee
Hotz's L.A. Times piece.
Hotz focused on Clipper/Skipjack - the Clinton administration's
candidate for an transmission-scrambling telecommunications
chip equipped with a back door - in part, because Mykotronx,
Inc., the manufacturer of the device for the National
Security Agency, is based in Torrance, Los Angeles County.
The newspiece did not delve into any of the recent events
surrounding Pretty Good Privacy and Phil Zimmerman. Pretty
Good Privacy _was_ refered to as "one of the best codes . . .
free and [it] can be downloaded from computer network
libraries around the world"; the people who make up the
citizen-supported cryptography movement as "ragtag
computerzoids."
The L.A. Times series also included statistics documenting the
steady rise in court-ordered wiretapping from 1985 to 1992 and
the almost 100% increase in phones monitored by pen registers -
which record outgoing numbers - from 1,682 (1987) to 3,145 in 1992.
These numbers do not include monitoring by such as the NSA and
said so.
The October 3 installment wrapped up with this succinct bit from
Whitford Diffie, one of the gurus of modern encryption:
"Cryptography is perhaps alone in its promise to give us
more privacy rather than less."
Moving on from The L.A. Times, readers could find interesting
the following hodgepodge of facts, which taken together, lend
some historical perspective to the continuing conflict between
privately developed cryptography and the government.
For example, in reference to the Clipper chip, take the old
story of Carl Nicolai and the Phasorphone.
In 1977 Nicolai had applied for a patent for the Phasorphone
telephone scrambler, which he figured he could sell for $100 -
easily within the reach of John Q. Public. For that, the NSA
slapped a secrecy order on him in 1978. Nicolai subsequently
popped a nut, took his plight to the media, and charged in
Science magazine that "it appears part of a general
plan by the NSA to limit the freedom of the American people . . .
They've been bugging people's telephones for years and now
someone comes along with a device that makes this a little
harder to do and they oppose this under the guise of national
security."
The media went berserk on the issue and the NSA's Bobby Ray
Inman revoked the Phasorphone secrecy order. If the
cypherpunks have a spiritual Godfather, or need a likeness to
put on a T-shirt, Carl Nicolai and his Phasorphone could
certainly be candidates.
About the same time, Dr. George Davida of the University of
Wisconsin was also served with a NSA secrecy order, in response
to a patent application on a ciphering device which
incorporated some advanced mathematical techniques.
Werner Raum, chancellor of the University of Wisconsin's
Milwaukee campus, promptly denounced the NSA for messing with
faculty academic freedom. The Agency backed off.
Both setbacks only made the NSA more determined to exert
ultimate control over cryptography. In an interview in
Science magazine the same year, Bobby Inman stated that he
would like to see the NSA receive the same authority over
cryptology that the Department of Energy reserved for research
which could be applied to atomic weapons, according to James
Bamford's "The Puzzle Palace." "Such authority would grant
to NSA absolute 'born classified' control over all research
in any way related to cryptology," reads his book.
Davida and Nicolai were recipients of what are vulgarly
known as "John Does" - secrecy orders designed to gag
private individuals or businesses. Both were overturned
by the democratic process. However, it is worth noting
that in the last decade the number of newly issued secrecy
orders skyrocketed from 43 in 1980 to 506 in 1991, a
shocking increase.
The restriction and classification of modern encryption
is intimately wrapped up in how classification is applied
and how the United States determines what technology
can be used as arms.
In connection with this, readers see the acronym ITAR - for
International Traffic in Arms Regulation - a lot.
ITAR springs from the Arms Export Control Act of 1976, in
which "The President is authorized to designate those items
which shall be considered as defense articles and defense
services." ITAR contains the U.S. Munitions List, the
Commodity Control List and the Nuclear Referral List which
cover, respectively, munitions, industrial and nuclear-
related items.
Cryptographic technology falls into the Munitions List
which is administered by the Department of State, in
consultation with the Department of Defense. In this case,
the NSA controls most of the decision making, and the
State Department or subordinate organizations become cutouts
in serving the agency's policy.
The Arms Export Control Act (AECA) exists _primarily_ to
restrict the acquisition of biological organisms, missile
technology, chemical weapons and any items of use in production
of nuclear bombs to embargoed nations or countries thought
inimical to the interests of the United States. (Examples:
South Africa, North Korea, Libya, Iran, Iraq, etc.)
That the AECA is used as a tool to control the development
of private cryptography in the US is secondary to its original
aim, but is a logical consequence of four considerations which
the ITAR lists as determinants of whether a technological
development is a defense item. These are:
1. Whether the item is "inherently military in nature."
2. Whether the item "has a predominantly military application."
3. Whether an item has military and civil uses "does not in
and of itself determine" whether it is a defense item.
4. "Intended use . . . is also not relevant," for the item's
classification.
If you're brain hasn't seized yet - often, this is what
the government counts on - you may have the gut feeling that
the determinants are sufficiently strong and vague to allow
for the inclusion of just about anything in the U.S. Munitions
List or related lists of lists.
That would be about right.
---Yes, you too can be an armchair expert on the topic using
acronyms, insider terms, secret handshakes and obscure facts
and references to go toe-to-toe with the best in this
controversy.
Just use these references as Cliff Notes:
1. Bamford, James. 1982. "The Puzzle Palace: Inside The
National Security Agency, America's Most Secret Intelligence
Organization" Penguin Books.
Nota Bene: The NSA really hated James Bamford, so much so that
it attempted to classify _him_, all 150,000 published copies of
"The Puzzle Palace," his notes and all materials he had gained
under the Freedom of Information Act. Of this, NSA director
Lincoln D. Faurer said, "Just because information has been
published doesn't mean it shouldn't be classified."
2. Foerstal, Herbert N. 1993. "Secret Science: Federal
Control of American Science and Technology" Praeger
Publishers. [See underbar review, next.]
3. "Encyclopedia of the US Military", edited by William M.
Arkin, Joshua M. Handler, Julia A. Morrissey and Jacquelyn
M. Walsh. 1990. Harper & Row/Ballinger.
4. "The US and Multilateral Export Control Regimes," in
"Finding Common Ground" 1991. National Academy of Sciences,
National Academy Press.
----------------------------------------------------------
BOOK REVEALS GOVERNMENT PLAN TO WREST CONTROL OF SCIENCE
AND PUBLIC LIBRARIES FROM THOSE WHO WOULD USE THEM TO
SAP AND IMPURIFY OUR PRECIOUS BODILY FLUIDS
"In 1989 the Pentagon classified as secret a set of
rocks -- Russian rocks gathered by Americans, with Moscow's
approval -- from below the surface of Soviet territory.
[According to the classification memorandum] '. . .Those
who want them must be government-certified to handle
secret rocks.' Soviet officials said they were ordinary
rocks . . ."
--from Herbert N. Foerstel's "Secret Science:
Federal Control of American Science and Technology"
Those following the National Security Agency's attack on
Phil Zimmerman and the cryptography algorithms involved in Pretty
Good Privacy might also want to stroll over to their favorite
library and browse Herbert N. Foerstel's "Secret Science," an
interesting book which reviews the increasingly smothering and
anti-democratic government control over technology and science
in the US. Foerstel is the head of the University of Maryland's
Engineering & Physical Sciences Library and his book expends
quite a bit of effort documenting the National Security Agency's
efforts to control and classify any technology - usually
cryptography - which falls within its sphere of interest.
Completely beyond public oversight, the NSA operates almost
entirely behind the curtain of "deep black" classification,
despite, in recent years, a cynical facade of public relations
efforts and "friendly" review of cryptography research.
Foerstal's book recounts the relentless campaign by the NSA to
control cryptographic research funding through the National
Science Foundation and efforts to wrest all independence from
the scientific community through the idea of voluntary prior
restraint. What this translates to, according to "Secret
Science," is that all scientists engaged in cryptographic
research should be gentlemen and funnel all findings to the
NSA for oversight or the agency will use executive mandates to
intimidate and quash those in non-compliance.
Foerstal does not candy-coat the story, pointing out when he
thinks it appropriate, the self-serving agendas and illogic of
government leaders.
For example, Foerstal writes:
"Many in business and government point out the impossibility of
controlling cryptographic software. Indeed, the U.S. has
agreed to let its allies decontrol mass market software
with encryption features, and foreign companies, unencumbered
by munitions-type restrictions are bringing encrypted software
and related services to the international market. The British
have stated publicly that they are permitting the uncontrolled
export of such software, but US software manufacturers are
prevented from selling their products abroad."
Foerstal also compares the price of a brute force solution to
the current dumbed down NSA compliant DES key: $5,000 as
opposed to _$200 septillion_ using the original IBM 128-bit
key.
The conclusion he draws is simple and ugly: Our government
is determined to impede the development and dissemination of
sophisticated cryptographic tools in the private sector, mainly
because it wants to reserve the right to break the privacy of
American citizens when deemed necessary. The rationalization
that national sensitive technology must be kept from foreign
hands is a sham.
It's hard to emphasize how good a read "Secret Science" is!
In addition to amusing stuff on the above passage dealing
with "secret rocks," the book covers the explosion of
classification during the Reagan administration, the drive to
lock up general scientific material in libraries thought to
be sensitive even _after_ widespread international publication
and the FBI's continuing campaign to comb public libraries
for imagined revolutionaries, troublemakers, foreigners or
anyone with foreign-sounding names who accesses
the technical literature.
MR. BADGER SPEAKS: NON-LETHAL WEAPONS, POSSI-PULLITY AND
OTHER CRUEL MENTAL TRICKS DESIGNED TO SOFTEN THE MIND,
WEAKEN THE WILL AND EMPTY THE WALLET OF THE HIGH PROLE
Fortune magazine has seen fit to put out a special issue
on "Making High Tech Work For You: 1994 Information
Technology Guide" (Vol. 128, No. 7). Issues like this
are advertising bonanzas for magazines, so let's note for the
record that over fifty percent of the 170-odd pages are ads
for computer related merchandise and services. [Mr. Badger
knows. He counted. The big winner was UNISYS, with eleven
full pages of ads. IBM wins a consolation prize for advertising
under different headings (Pennant--2 pages; OS/2--2 pages;
PS/2E--2 pages; IBM networks--2 pages)] The articles vary
in quality, so here's a breakdown:
"How to Bolster the Bottom Line"
Mr. Badger gives an initial Ebert/Siskel "Thumbs Up" to any
article starting with this quote:
"Though barely out of its infancy, information technology is
already one of the most effective ways ever devised to squander
corporate assets."
The story does go on to present five companies with a decent
return on their investment. However, this is mind-rotting
boring stuff for folks in the know [which makes up fifty
percent of the this readership]. It's also pretty dreadful
for sociopaths with meager job skills [which makes up the
other fifty percent].
Next, we have:
"Making It All Worker-Friendly"
"When to Be a Beta Site"
"The Future of Travel"
"Me and My Modem"
Four hand-holding articles for managers still perplexed by
infrared TV remotes. What's said: It's better to design
software to work with employees than force employees to
master arcane software packages; beta sites waste a lot of
time and effort getting things to work right; video
conferencing won't eliminate business travel; there's lots
of databases out there with lots and lots of neat-o stuff that
you can call into! No shit, Sherlock. It may not be total
fluff, but it's close.
[Half of us would fall into a glassy-eyed coma over any of
these pieces. The other fifty percent are already in a
default state of stupor to start . . .]
"The Payoff From 3-D Computing"
Mr. Badger gives an automatic Siskel/Ebert "Thumbs Down" to
any article beginning with a two paragraph description of a
scene from "Jurassic Park." Yes, computers can make
pretty, pretty pictures that represent organizational charts,
securities trading, and databases. Yes, computer simulations
are cheaper than actually wrecking cars or practicing surgery
on cadavers. And, yes, it's inexcusable for the author to
ignore the inherent risks of floating large manufacturing and
financial decisions on theoretical models. Crypt readers
[at least, oh say, fifty percent of them] are already aware
that small errors in computer simulations lead to hidden
defects in real products and services; the typical reader of
Fortune magazine is not. With no mention given to the cost
of equipment or the need for programmers capable of
integrating two or three fields reliably, this article ranks
as a nutrient deficient, saccharin-loaded, junk news piece.
While again wandering through the local newsstand I chanced
upon the September-October (1993) issue of "The Futurist."
For the curious, "The Futurist" specializes in articles on
just how wonderful the future will be. [Wink, wink.] This issue
had these gems:
"Non-Lethal Weapons: Alternatives to Deadly Force
Guns that zap,trap, trip, or stun--but not kill--
could be the ideal weapons of the future."
"Conscious Evolution: Examining Humanity's Next Step"
A quick flip through yields strength-through-joy prattle
swaddled in a veneer of self-generated techno-babble. And if
that's not enough, here are more priceless relics from an
article on overcoming "neuroses" that get in the way of
creating the future:
"Future Phobia
Definition: Fear of the future
Disability: Leads to avoidance
Cure: Future Euphoria
Future Skill: 'Possi-pullity'"
"Paradigm Paralysis
Definition: Inability to shift view
Disability: Restricts flexibility
Cure: Ongoing open-mindedness
Future Skill: 'Flexpertise'"
What really caught my eye, though, was an article on "Computer
Monitoring: Pros and Cons." Figuring that the intrusion of
computer monitoring into private and public life would be of
interest (and always willing to write another rubber check for
the sake of a review), Mr. Badger left with a copy. We'll
get to a review of that, but this same magazine had another
piece that sidetracked even the determined Mr. Badger.
"The Plug-In School: A Learning Environment for the 21st
Century" only proves that Mr. Badger is always right. No matter
how captious and peevish he may appear, some newly found source
of treacle proves he was overly kind and optimistic.
Readers recall that in issue #16 of the newsletter, I ridiculed
and criticized a Professor Seymour Papert, an institution at
MIT, for basing his educational philosophy on a non-existent
"Knowledge Machine." Now it appears that David Pesanelli,
"an advanced planner and conceptual designer who develops
communications, environments, and products," has created a whole
new schooling system!
It's long been Mr. Badger's contention that people who watch
more than one episode of Star Trek a week should be branded
with the Mark of the Beast: A clear, indelible stamp that
would relegate the bearer to the back of all bank and postal
waiting lines, reduce pay scale, and allow emergency room
teams to forgo any resuscitation techniques. I am sure Mr.
Pesanelli watches at least 5 episodes of Trek a week!
You think this is some inane non-sequitur on Mr. Badger's part?
Just what do the following sound like:
-Educational Physical Plants
-Mobile Learning Modules in the Core Staging Area
-AIG (Artificial Intelligence Grounder)
-"Transporters" delivering "Containerized Modules"
-Self-guided Mobile Unit
What did you think of? That's right! Pesanelli could be
an ex-screenwriter of Trek! Read the following:
"As the session on robotics careers begins, a section of the
classroom wall slides aside, and the students grow quiet. The
teacher and a robotics expert enter the environment just ahead
of a self-guided mobile unit . . .
"A teaching assistant slides back the cover of the mobile learning
module. Inside are a laboratory's products--microbots. The
module's video camera scans the array of electronic and
mechanical marvels, and enlarged images appear on a suspended
video screen . . ."
Star Trek: TNG or The Plug-In School? Who knows? And who cares?
It's all the worst kind of utopian self-abuse. We won't
quibble with the view that all school children will one day
have portable computers. With economies of scale it could
happen -- after all, our parents couldn't envision the day when
every teenager would have a Walkman. What we ridicule, deride,
and hold in scorn is:
-Presenting a future when every class room has a teacher, a
teaching assistant, and guest speakers who are experts in their
field.
-Presenting a future when architectural firms, crafts companies,
and industrial labs would have the time, money, and inclination
to prepare "stimulating, career-oriented modules" for schools.
This is nothing but taking viable approaches to dealing with
today's educational problems and relegating them to a painless,
cost-free future that may never exist. What's stopping schools
from placing three adults in every classroom, now? What's
stopping schools from seeking the assistance of businesses and
museums, now? All of this can be done _in_the_present_. Of all
the abuses in analyzing the future uses of technology, this is
the most heinous: delaying for the future what can be done
today because in the future it will all work painlessly . . .
But back to article on computer monitoring, much needed relief
after wading through various "consultant's" wet-dreams: "Big
Brother or Friendly Coach?" - written by Kristen Bell DeTienne -
an assistant professor at Brigham Young University. I can't
give a better summary of the article than the author's own
forecasts for computer monitoring:
"1. Monitoring systems will become 'evasion-proof'.
2. Monitoring systems will provide suggestions to
employees for performance improvement.
3. Monitoring systems will give employees access to
information about their own performance.
4. Monitoring will be used as part of a results-oriented
focus.
5. Monitoring will primarily be used as a coaching device.
6. Monitoring systems will facilitate group work
and team-oriented approaches to work.
7. Pay will be more closely connected with employee
performance.
8. The number of electronically monitored employees who
work at home will increase.
9. There will be increased attempts to pass legislation
that regulates monitoring."
There's not much to quibble with: The author draws a good
picture of the present use of employee monitoring and supports
her views well.
While forecast #1 may seem naive, DeTienne is careful to say
that computer systems will become more complex and eliminate
much of the evasion and game-playing that goes on now, not that
such systems will be infallible.
Neither is she shy in pointing out that continual computerized
harassment may cause negative results.
In the end, DeTienne presents a good case for a future where
computers will be used to measure results, leaving the workers
more free to make personal choices. In her view, future systems
will present employees with the benefits of less subjective
methods of evaluation, but at the price of tying their pay
to the new evaluation methods.
Now, Mr. Badger normally refrains from intellectual analysis,
largely because God, having gifted badgers with the attitude
and claws needed for an information society, left them rather
more deficient in cranial capacity. However, I feel compelled
to ask the following question:
"If a computer is capable of consistently and accurately
evaluating an employee's performance, why not have the
computer do the job for the employee?"
Ten years ago, for instance, the local textile plant in Columbia,
South Carolina employed many people. The employees operated the
machinery and evaluated the results. Five years ago, computerized
monitoring started to replace human evaluation of the quality of
the textiles produced. Now the company is introducing
computerized production. People were making the jump from being
the means of production to supervising the means of production.
Computers were making the jump from being able to recognize good
output to being able to produce it.
So, in Mr. Badger's myopic little view, this presentation of
computer monitoring does a good job of reporting the present and
theorizing the near future. He has the feeling, however, that the
near future will be even more of a transitionary state than the
present. In any case, an article that causes even a badger to
think earns Crypt approval.
EDITORIAL CAVEAT:
Some readers have expressed concern over Mr. Badger's apparent
lack of mental equilibrium. Initially, the management of
Crypt Newsletter discounted them.
However, signs of erratic behavior continued to appear this
month.
We laughed when Badger arrived at a local biker bar in Pacoima
on a Honda. We were red-faced with embarrassment when he tried
to sell T-shirts, embossed with "Kinder, Kirche, Küche," at a
NOW convention. But when we saw him heading off with several
current articles on the Internet under his arm, we knew the
price for intellectual hubris was about to be paid.
Shortly thereafter we received, wrapped in plain brown paper, a
diskette which carried several files encrypted with
Pretty Good Privacy. A plain manila envelope came the next day.
Inside, torturously printed in lemonade "invisible" ink, was a PGP
public key. Although Badger possessed a Crypt editorial public
key, it appeared he had little knowledge in the use of it,
as some of the files were encrypted with the public key for
another person, someone named "aeneuman." The key written in
invisible ink did not correspond to "aeneuman"'s public key,
or any other key in the Crypt Newsletter keyring.
What follows is a brief extract we _were_ able to decrypt:
"What self-destructive bent could cause a man - or badger - to
read all the tripe being published about the Internet? It's
foul, dark, and rank as only journalism can be. I cannot
remove these horrible and purple-cutesy quotes from my
my mind:
"I Want My Internet: Twentysomethings addicted to funky
on-line service" (J.C. Herz, Knight-Ridder Newspapers)
I sigh and remember; remember the Wall Street Journal
(September 16, 1993) article on commercial users of Internet, The
New Republic (September 13, 1993) article on: Internet. The
Fortune (Special Issue) article on . . . Internet. The
Knight-Ridder news service by-line on . . . Internet.
"Businesses have flocked to the Internet as excitedly as
sea gulls to a clambake." (Fortune magazine, special issue)
We would rant, rave, curse, and rend our garments -- but it does
no good! No use to worry about the city gates once the barbarians
have crawled in through the sewers. The Philistines are among us.
Can death and pestilence be far behind? The brave, new, cyberworld
has publicity and spokesmen, proponents and theorizers, in short,
everything. Everything but a prophet to cry against the heathen
come to destroy the promised land and carry its people
into slavery. There is knocking at the door even as I type.
They have come to gut me like a fish, crack the marrow from
my bones and spread the remains on the wallpaper over the mantel.
Please remember to say Kaddish for me."
Those readers who have knowledge of Mr. Badger's whereabouts
should send crash electronic mail to the Crypt Newsletter at:
ukouch@delphi.com.
DIAL-A-VIRUS REVISITED: THE CREEPING EVIL OF PRIVATE BULLETIN
BOARDS CONTINUES TO SAP AND IMPURIFY OUR PRECIOUS BODILY FLUIDS
[Portions of this article originally appeared in the Summer
1993 edition of Computer Virus Developments Quarterly
(American Eagle Publishing, Tucson, AZ). Reprinted
with permission.]
They're in your state, they're a phone call away, they seem
to be everywhere: electronic bulletin board systems which
warehouse assembled viruses, logic bombs, booby-trapped software
and commented source code.
Commonly thought in the microcomputer security field to have
been inspired by a system in Sofia, Bulgaria, favored by
the urban myth/virus programmer known as Dark Avenger, North
American virus exchange BBS's have one thing which the eastern
European system lacked: successful client bases. And most of
them are frequented by large numbers of local and long distance
callers who transfer news, viruses, gossip and source code.
According to the May 1993 issue of the British computer security
trade tabloid, Virus News International, the operator of
the Bulgarian system, a student known as Todor Todorov,
classified his BBS in Sofia as "an experiment which failed."
The system, he claimed in VNI, was never particularly active.
This is no big surprise if you've ever tried to make a long
distance phone call into any of the former Iron Curtain
republics. It's a maddening experience you never want to
repeat, reminiscent of extended bouts of listening to old
Cheech and Chong records through a PC speaker. In any
case, rapid long distance phone access is easy in the USA.
In addition, Todor Todorov and the reputed Bulgarian virus-
dispensing system can be regarded as part of the same urban
myth as the Dark Avenger virus programmer due to the fact
that the current generation of American BBS'ers involved in
electronic virus storage have had no direct contact with
"Todor Todorov" other than through poorly substantiated,
cursory reports in corporate security publications and
transient, possibly fabricated, network electronic mail.
In the United States, however, virus exchange bulletin board
systems do exist in some quantity. Indeed, they have
multiplied and whether viewed as the living embodiment of
all computing evil, a great information resource, or just
more crap much like the endless number of systems devoted
to mindnumbing amounts of redundant shareware, pornographic
imagery and/or pirated retailware, they are a fact of life
in cyberspace.
You may be curious, having heard of them only vaguely and
through second hand accounts. It is reasonable to assume
than anyone with a healthy sense of curiosity might wish
to establish for themselves what such systems are like,
free of reliance on designated, perhaps dubious, experts.
Accessing systems which store viruses is much like calling
any BBS. You will need a communications program, a modem
connected to your PC, a handful of phone numbers and, to
make the going easy, a roadmap and letter of introduction.
This article supplies a few numbers to play with,
descriptions of the BBS's and the author's name to drop.
This will get you onto the systems. From there, the caller
is on his own. But not to worry! In over a year of
frequenting virus exchange systems, I never received a file
that wasn't clearly labelled a virus. And it doesn't take
much sense to realize that it isn't purely the milk of
human kindness which would make this so. Keep in mind that,
generally, the sysop doesn't want to chase off users in
a cold sweat over some booby-trapped download which might
provoke a punitive civil action or unwanted attention from
local authorities. The sysop is fully aware, in these cases,
of the controversial and hazardous nature of virus files.
Once you have viruses, however, avoiding shooting oneself in
the foot becomes mostly _your_ responsibility.
Bulletin boards which warehouse viruses are not easily
categorized. Some are very restricted, some are wide open
to new users. Some use commercial BBS software, others
employ "elite" customized software thought only to be
in the domain of dedicated software pirates. On some systems,
viruses are mixed with databases of other hacking/phreaking/anarchy
tools. Others exclude such h/p/a files. And on still more
systems, viruses can coexist uneasily with pirated software,
or large collections of CD-ROM mounted shareware.
Curiously, some systems which warehouse viruses are
extremely heirarchical, almost bureaucratic, in structure
and operation. Some might think this odd when contrasted
with the shopworn hacker cliche: "Question authority; All
information must be free!"
Such systems exist with the sysop at the top a small,
"Der Prozess" Kafka-esque heirarchical bureaucracy, of
sorts. The sysop may be assisted by one or two trusted users
who perform day-to-day, shopkeeping tasks. The most
bureaucratic BBS's are often typified by the use of new user
voting systems in which visitors are required to run a
gauntlet of regulars who cast secret yes/no ballots on the
visitor's worthiness.
Voting can be influenced by results of testing imposed on
the visitor. Such tests are heavy on jargon and insider
language, not unlike pre-employment surveys imposed on
job seekers at various corporations in metropolitan
areas of the US.
Other systems require the visitor to fill out lengthy,
sometimes odious personal information forms, just like
many typical bureaucracies. [Note: validation of this kind
of information is often non-existent or dependent upon the
will of the sysop. That it can be easily bypassed or fabricated
is common knowledge.] I note with wry amusement that
the experienced BBS'er may see little difference
between the operation of virus exchange systems and the
"average" ones he/she is already familiar with.
Access to viruses can be mediated by any number of factors,
including:
--no mediation, virus access is immediate and unconditional
--cash payment required to access viruses
--trade: "unique" virus must be supplied to establish
a surplus balance of trade. Continued access is maintained
by an equitable balance of trade, based upon preference of
the sysop. What constitutes a "unique" virus is determined
by the sysop, if at all.
--"professional courtesy": visitor is recognized, rules
of access relaxed because of source or reputation
--a constantly changing mix of the above
What follows are four thumbnail descriptions of sample
systems which have viruses online (phone numbers
included at end of newsletter):
MICRO INFORMATION SYSTEMS SERVICES in Santa Clarita, CA, is
a perfect BBS for the reader who despises "elite" systems.
With its disarmingly straight name, it presents a suitably
institutionalized corporate facade, reassuring to those who
feel naked without a tie. It is efficiently run, frequented
by moon-lighting computer security wannabe's and features a
large selection of viruses and source code in a reasonably
well-documented file base. If you feel the need of some
cracked entertainment while on line, browse the system's
message echo devoted to the wit and wisdom of Rush Limbaugh.
If you're going to access a virus BBS on company time, MISS
will keep you out of trouble and away from the boss-key.
THE HELL PIT in Wheeling, Illinois, a suburb of Chicago, is
perhaps the busiest of the systems mentioned. It also bears
the distinction of being so well known it bore mention in
John Dvorak's "Guide To PC Telecommunications." "It's a
new hobby, folks," wrote Dvorak with some sarcasm. The Hell
Pit's virus file section is enormous, but no longer as active
as file bases devoted to hacking tools and discussions related
to gossip on systems intrusion and the state of US telephony.
Security workers rub elbows with virus programmers like the
Virus Creation Laboratory's author, Nowhere Man, on Hell Pit.
You must upload a virus to gain access to similar files on
this system.
THE VINE/GREATER CHICAGO INSTITUTE OF VIRUS RESEARCH is another
system with a moniker designed to disarm the white-shirt
brigade. The Vine has a large virus file base and many network
connections, including feeds to and from Fido and UseNet news
groups. Virus access is rules-based on the system, but access
to a handful of working samples is usually available to
most callers who can compose a reasonable letter of introduction
to its sysop, Michael Paris. The Vine and The Hell Pit are
worth mentioning in connection with their location in or
near Chicago, an area with a vigorous hacking community.
DARK COFFIN in the Lehigh Valley of Pennsylvania, a community
which once dislodged Flint, Michigan, of "Roger and Me" fame
as one of the most unlivable places in the United States,
resembles a scaled-down version of The Hell Pit. Virus
access is straightforward, usually had by subscription or
some manner of trade. The sysop is an easy-going student
who aspires to a career in politics.
CITY OF ILLUSIONS in Altadena, CA, is the closest of
the above systems to the "elite" subset. Virus access
is negotiable, generally contingent upon how the visitor
does in the system's new user voting gauntlet. The
BBS cultivates users who embrace the MONDO 2000
magazine interpretation of cyberspace.
The profiled BBS's are just examples. Many such
BBS's carry ads for even more like-minded systems; by
paying attention to this it becomes even simpler to
find such a system more convenient to a specific area
code.
No claims can be made as to the specific nature of
information gained from any virus exchange system
except that, GENERALLY, it is much less formal, but
similar qualitatively to what can be read weekly
from the UseNet's _virus.comp_ news group. Such systems
also often have file bases essentially identical,
except for more easily accessed viruses, than the
traditional professional and amateur anti-virus bulletin
board systems and Internet sites which exist to service
the on-line world. Recently, this distinction was
blurred even more for a few months by the short-lived
phalcon/SKISM virus-programming group's uuencoded-virus
worldwide fileserver, skism@login.qc.ca, out of Canada.
IN THE READING ROOM: "WAR AND ANTI-WAR: SURVIVAL AT THE
DAWN OF THE 21st CENTURY" by ALVIN & HEIDI TOFFLER
(LITTLE, BROWN & CO., $22.95)
The Tofflers have been invited into the Pentagon's
blackest secret projects. While there they saw
God, and his name was Mars.
"War and Anti-War" is the stuff which makes editors at
glossy light news magazines hard at night - page after page of
super-weapons and dumbfounding technological breakthroughs. If we
just spend enough money now, it will make the US master of all
techno-states in the near future, capable of waging bloodless,
decapitating war on adversaries ranging from street crime kingpins
to Third World leaders and their followers whom the citizenry
can be propagandized into believing deserve a chrome-molybdenum
electrified cautery saber in the crop.
The Tofflers' world is one where nations metamorphose into
super-information fiefdoms led by computer wielding
hunter-gatherer shamans mad at work custom tailoring computer
viruses, launching spy satellites, manufacturing the odd nuclear
explosive in the basement or buying it from the local tagging
gang led by the disgruntled Russian nuclear scientist, or
fashioning just the right ultrasonic projector to disable the
crowd rioting down at the corner 7-11.
Everyone must become an information supersoldier, and the
professional soldier will be the philosopher king, dean
of academics and leader of the intellectual elite.
The word "struggle" comes up a lot.
Anyway, you either love this book or regard it as the Moslems
might a dysenteric pig loose in the temples of Mecca.
Most of the technological might presented in this book
is either grossly stretched out of scale or outright
lies, but "War And Anti-War" is interesting if you
can recognize the science fiction authors and their works
the Toffler's have borrowed from.
Here's a partial guide:
"The Forge of God/Anvil of Stars" (1987/1992) by Greg Bear
--Replicating mechanistic automatons, computers,
mini-viruses, "Von Neumann machines" wage war, destroy Earth.
In "Anvil," survivors use same technology to destroy
destroyers.
"Footfall" (1985) by Larry Niven and Dr. Jerry Pournelle
--Talking interplanetary elephants realize military
value of space between Earth and Moon, exploit it and
bombard planet from technological high ground not
covered by SDI. Americans realize same, rally survivors
and eventually defeat E.T. elephants, who aren't such bad
pets after all.
"Starship Trooper" (1959) by Robert Heinlein
--Soldiers of the future wear advanced, amplifying
body suit/weapons. They employ computerized smart
bombs to put down insurrections of repellent aliens
on planets oddly similar to Third World nations.
"Colossus/The Fall of Colossus/Colossus and the Crab"
(1966/1974/1977) by D. F. Jones
--The supercomputer network Colossus takes over defense
of mankind, then takes over mankind. Colossus is then
defeated by mankind with help of Martians who are really
E.T. supercomputers bent on world domination. They are in turn,
defeated by a secretly resurrected Colossus who we finally
realize was a buddy all along.
"Neuromancer" (1984) by William Gibson
--Computer wielding hunter-gatherer shamans become prime
movers by manipulation of information space.
"Mystery Science Theater 3000" (1991/1992/1993) by
Joel Hodgson
--Young scientist uses experience gained at think-tank
Gizmonic Institute to program artificial intelligence (AI)
into microprocessor-driven robot puppets, Tom Servo and
Crow. The robot puppets are intellectually superior to
average humans and have a better sense of humor, too.
The Tofflers brag they are "the world's most influential
futurists. [Our] books became the bible of democratic
intellectuals in China." Ain't it the truth.
SECRET SERVICE INCOMMODED BY SATAN BUG: AGENCY SUFFERS
FROM SAPPING AND IMPURIFICATION OF PRECIOUS BODILY
FLUIDS
Recently, the Secret Service was treated bruskly
by a PC computer virus known as Satan Bug. The virus
found its way onto networks operated by the agency in
Washington, D.C., knocked them off-line and so severely
flummoxed technical personnel and administration that
outside help was needed to retrieve the situation.
David Stang, an anti-virus researcher who edited and
published the specialty magazine Virus News and Review
before it went out of business in mid 1992, was called in
and eliminated the virus from Secret Service computers.
Satan Bug was written by a 16-year old hacker from
California who aggressively, and often acrimoniously,
advertised it in telecommunications and hacking forums on the
Prodigy on-line network several months ago. Telephone
numbers for on-line private bulletin board systems which
had the source code and assembled virus were widely
posted by the young programmer, who stated that the
virus used advanced variable encryption to disguise its
code so that it would be difficult to detect with standard
signature-matching anti-virus software.
Satan Bug spreads very quickly on infected computers
and cloaks itself in computer memory using ideas seen
in the Whale virus, a complex, sophisticated puzzle of
a program which inspired the young hacker.
The virus was named after a mid-'70s telemovie starring
Richard Basehart. The movie told the tale of a government
biological weapon capable of sterilizing all life on the
planet "to the last albatross winging its way across the
South Pole," stolen from a secret US installation and a
scientist's lone attempts to find it.
There are a number of commonly available anti-virus
programs which now detect Satan Bug.
STEALING PEOPLE'S MAIL: THE WHOLE EARTH 'LECTRONIC
LINK'S MAILBAG IS RIFLED BY VIRTUAL PEEPER
In early September the on-line service The WELL was
hacked by an intruder who gained complete access
to the system and used it to steal the mail of a
number of users. One of those affected was Netta
Gilboa, the editor of Gray Areas
magazine, a highly-regarded Philadelphia-based
publication which covers the work of hackers and
others thought to be on the fringes of society.
"It was just like electronic rape," Gilboa said
in interview. Gilboa maintained records of
contacts and interviews with people who wanted
their identities protected as well as personal
correspondence in her mailbox. The break-in,
she said, has worried her enough to make her
sick.
The break-in was first noticed by U.S. Dept. of
Public Debt security expert Kim Clancy who
maintains contact with hackers throughout the
country as part of her job. Gossip among them made
her realize information was being passed around
that could only have been gained from root -
or top administrative - access on the service.
Clancy notifed WELL supervisors who combed their logs
for evidence and discovered the trail of Gilboa's
hacker.
A few days later The WELL announced to users that
the hacker's work had been discovered, mail had
been accessed and that the original hole had been
sealed. The FBI, according to Clancy, declined to
get involved in the case.
In the meantime, the virtual peeper contacted Gilboa and
talked at length of his exploits, claiming to be
part of a community of Internet surfers who enjoy
stealing private electronic mail and swapping it among
themselves.
Clancy commented in interview that the Internet is wide open;
The WELL and other public Unix systems have always
been hot.
"That's why anyone who has anything they don't
want everyone to see encrypts. It's a necessity,"
she said.
Rumors and claims flew hot and insane on Internet Relay
Chat - an electronic gossip zone which operates in
real time and spans the world network - about grandiose
hacks of WELL accounts and stolen shadow password
files.
Computer underground Digest editor Jim Thomas, who was
also affected by the original WELL peeper characterizes
the chatter this way: "If I had the time, I could do a
paper on poseurs based on the wannabes who claim to have
cracked [Billy] Idol's or [Mitch] Kapor's account . . . lots
of smoke, teeny fire, but until I see better evidence I'm
not inclined to take the talk on IRC very seriously."
Contacts:
Gray Areas: grayarea@well.sf.ca.us
CuD: tk0jut2@mvs.cso.niu.edu
NEWS-BITES by Köhntark
MICROSOFT DISTRIBUTES FORM VIRUS
Recently, Microsoft unknowingly distributed a variant of
the FORM virus on demo disks for the new Microsoft Publisher
V2.0.
This demo was shipped to countless unwitting users,
including Computer Pictures magazine contributing editor
Eleanor Strothman, who reported the story in the September /
October issue of the magazine, page 8.
According to Mrs. Strothman, she was alerted to the fact
that she had installed (pun intended) a new variant of the
boot sector virus FORM in her computer, via Microsoft's PR
firm, Waggener-Edstrom. The Microsoft flack was quick to
blame the outside vendor responsible for duplicating the
diskettes and emphasized Microsoft's innocence.
A weird and rather useless explanation of FORM was
given: "...the virus only spreads if you reboot the computer
while it is in" (!!!!!??) and " it does not destroy data,
but it can make it (the computer) run slower or give problems
when rebooting"
It is worth mentioning that the FORM infected Microsoft
Publisher V2.0 demo as reported by Mrs. Strothman failed to
function correctly.
Expect FORM infection reports to pop up everywhere. In 1992,
entirely without the help of software developers, FORM passed
Stoned virus as the most common PC computer virus
infection.
Thank you, Microsoft!
WESTERN DIGITAL UNVEILS AV 'CHIP'
Hard drive and graphic card manufacturer Western Digital
announced with big hoopla the first anti-virus 'chip'.
This 'low cost' microprocessor will be included in
future Western Digital IDE hard drive controllers.
It "analyzes the instructions being executed" and prevents
any potentially harmful damage to the hard drive, says
the company.
All this is accomplished with the help of a SYS driver that
takes 64K of memory.
This driver performs its 'own memory management' and makes
itself and its reserved memory 'invisible' to viruses, apparently
by making the space inaccessible to any program.
It also scans for 875 known viruses, although most software
developers in the security business are claiming
over 2000 of the programs in existence these days.
I must mention that this product was ridiculed in a
cryptic article published in VIRUS-L #132 by Canadian
anti-virus 'person,' Robert Slade.
In the article, Slade mentioned beta-testing a certain hard
drive refurbished with a certain special controller,
discovering the mess created by the SYS driver when used in
conjunction with other software, deactivating the driver and
finding lost clusters in the hard drive that became a ZIP
file (!!) filled with 875 viruses, including favorites such
as AIDS, Anti-pascal, etc. Whatever this really meant is anyone's
guess. We could speculate it is an elliptical attempt to avoid
possible nuisance lawsuits.
Sources:
Computer Pictures magazine, September/October 93, page 8.
Computer Upgrades magazine, October 93
VIRUS-L v06i132 (#132, 1993)
TECHNICAL STUFF IN THIS ISSUE:
This newsletter contains the Sterculius ][ virus, KohnTark's
upgrade build on the virus contained in issue 18.
Sterculius ][ copies itself into the interrupt vector table
slack space like the template virus from 18, but also flexibly
infects .EXEfiles. Like other viruses of this nature, most
viral activity filters set generically to detect memory parasites
will not detect Sterculius ][. Still, it is extremely
straightforward. See the Ster2 source code for additional
comment.
We also feature the Black Wolf File Protection Utilities,
a set of programs which use polymorphic encryption
to make user-selected programs password protected or resistant
to trivial, or sometimes determined, hacking.
The source code for Ulti_Mute is included and provides the
kernel for a simple polymorphic engine which conveys various
levels of software protection to standard DOS programs when
called through the Black Wolf utilities.
To see how this works, dump all the .SCR files into a single
working directory and type
DEBUG < *.scr
where *.scr is substituted with every scriptfile supplied.
This will produce working copies of the utilities in the
directory.
After reading the accompanying documentation carefully, begin
to experiment. [The Crypt Newsletter makes the perhaps
dangerous assumption that you are not a lip-reader, have at
least a feeble desire to understand the basis for these
programs and are not overly dismayed by an absence of sissified,
corporate-looking graphical OOP-generated user interfaces.]
For example, to polymorphically encrypt the MS-DOS program
DEBUG.EXE, type:
ENCREXE
You will be prompted for the name of the program to polymorphically
"ICE." Type DEBUG.EXE and the Black Wolf utility will attach
polymorphic code to DEBUG and rename the old copy of the program
DEBUG.OLD, if you've had the presence of mind to include the
target file in the machine path or the directory containing
the Black Wolf tools. The new copy of DEBUG is now encrypted
and should function perfectly. The program can be treated
consecutively, with each action adding a slightly different
layer of encryption. The extent of protection is only limited
by your common sense.
Take it a step further and use PASSEXE to password protect the
sample you've just worked on.
Type PASSEXE and the Black Wolf utility will prompt you for the
name of DEBUG once again and then the password to use while
protecting it.
After choosing a password, the target will be encrypted once
again, but this time with a password routine. You now have
applied two layers of protection to the program, and it still
functions perfectly!
The Black Wolf utilities are one of the few examples of programs
which use an idea sometimes seen in viruses for limited,
experimental data protection. Not too shabby!
Multiple layers of polymorphically generated protection can
be added to various DOS programs at whim. The utilities employ
harmless, non-replicating viral methods to achieve their ends!
It's also a lead-pipe cinch some will see how such programs can
be misused. The documentation of Ulti_Mute discusses possible
use in a virus and the layout of the code is similar to
implementations which will be familiar to anyone who has seen
the Mutation Engine and Trident Polymorphic Encryptor. But this
type of polymorphic encryption can also be used in a still
more trivial manner similar to the way data vandals use various
code compression utilities to disguise logic bombs and older
viruses. You should be aware of this.
The source code is included for all utilities and can be
inspected before directly being assembled to working copies
using Borland's Turbo Assembler.
These are flashy, interesting utilities and we thank Black
Wolf for the intriguing work.
Frisk Skulason's current version of F-Prot identifies some
of the Black Wolf utilities as possibly infected with the
"Aurea" virus. This is a false alarm, sometimes common
with Skulason's product.
Although there is little you can do with the Black Wolf
utilities which would inadvertantly cause heartbreak on
your system, the Sterculius ][ virus should be dealt
with cautiously if you have no experience working with
such programs. Read carefully the comment supplied with
the Sterculius ][ virus source file.
It is very infectious once in memory and can easily escape
into a system if handled carelessly. In a pinch, any good
file/disk searching program can be used to locate instances
of the string "STERCULIUS ][" on a machine. Files flagged
in such a manner are infected with the virus.
FICTUAL FACTS/FACTUAL FICTIONS: HOW TO GET CRYPT NEWSLETTER
AND OTHER SUNDRIES
----Mark Ludwig dropped by to tell Crypt Newsletter the
second volume of his "Little Black Book of Computer
Viruses" is finished. Expect to see it in the middle
of November.
Contact: American Eagle Publishing, phone 602-888-4957.
----Crypt Newsletter reader Gregory Youngblood reports:
To access issues of the newsletter from The Complete Solution
BBS users can dial in and enter NEW to become a new user. They
must then request access.
For people with UUCP systems anonymous access is allowed by
dialing the same phone number using a script similar to this
ogin:--ogin: ncryp word: ncryp
To request an issue they need to send a request for file:
(in waffle): uucp tcscs!~/crptlt##.zip crptlt##.zip
where ## is the issue number they want. Current issues range
from 12 to 19 (i.e. crptlt19.zip for the most recent)
Phone number of The Complete Solution: 707-459-9058
----The Crypt Newsletter is also available in a slightly
abridged format from the Compuserve and Delphi on-line
services. On Compuserve, the newsletter is stored in
the journalism forum's "Papers/Magazines" on-line
library (GO JFORUM). On Delphi, the newsletter can be
retrieved from the Writers and Internet General Database
special interest groups.
----A complete set of 19 back issues of The Crypt Newsletter
along with special editor's notes can be obtained on diskette
by sending $30 cash, check or m.o. to:
George Smith
1454 East Orange Grove, 7
Pasadena, CA 91104
Remember to include a good mailing address with any
correspondence.
*CAVEAT EMPTOR*
What is the Crypt Newsletter? The Crypt Newsletter is an electronic
document which delivers deft satire, savage criticism, feature
news, media analyses, book reviews and more on topics of interest
to the editor and the computing public. The Crypt Newsletter
also reviews anti-virus and security software and republishes
digested news of note to users of such. The Crypt Newsletter
ALSO supplies analysis and complete source code to many computer
viruses made expressly for the newsletter. Source codes and DEBUG
scripts of these viruses can corrupt - quickly and irreversibly -
the data on an IBM-compatible microcomputer - particularly when
handled imperfectly. Ownership of The Crypt Newsletter can damage
your reputation, making you unpopular in heavily institutionalized
settings, rigid bureaucracy or environments where unsophisticated,
self-important computer user groups cohabit.
Files included in this issue:
CRPTLT.R19 - this electronic document
STER2.ASM - source code to STERCULIUS ][ virus
STER2.SCR - DEBUG scriptfile for STERCULIUS ][ sample
ULTIMUTE.DOC - Docs for Ulti_Mute variable encryptor
ULTIMUTE.ASM - source code for Ulti_Mute polyencryptor
ULTIMUTE.SCR - scriptfile for Ulti_Mute object file
BWFPU21S.DOC - docs for Black Wolf's File Protection
Utilities
PASSEXE.SCR - scriptfile for PASSEXE file password
protector
PASSCOM.SCR - scriptfile for PASSCOM file password
protector
PW_EXE.SCR - scriptfile for support program to PASSEXE
PW_COM.SCR - scriptfile for support program to PASSCOM
ENCRCOM.SCR - scriptfile for polymorphic file protection
utility
ENCREXE.SCR - scriptfile for polymorphic file protection
utility, EXE version
EN_COM.SCR - scriptfile for support program to ENCRCOM
EN_EXE.SCR - scriptfile for support program to ENCREXE
To assemble programs in the newsletter directly from scriptfiles,
copy the MS-DOS program DEBUG.EXE to your work directory and
type:
DEBUG <*.scr
where *.scr is the scriptfile of interest included in this issue.
-------------------------------------------------------------------
So you like the newsletter? Maybe you want more? Maybe you
want to meet the avuncular Urnst Kouch in person! You can
access him at ukouch@delphi.com, as well as at Crypt InfoSystems:
818-683-0854/14.4.
Other fine BBS's which stock the newsletter are:
MICRO INFORMATION SYSTEMS SERVICES 1-805-251-0564
THE HELL PIT [NUP: BRIMSTONE] 1-708-459-7267
MONDO GORDO! 1-615-791-8050
CITY OF ILLUSIONS 1-818-447-2667
THE VINE/CHICAGO INST. FOR VIRUS RESEARCH 1-708-863-5285
OKLAHOMA INSTITUTE FOR VIRUS RESEARCH 1-405-634-4866
DRAGON'S DEN 1-215-882-1415
RIPCO ][ 1-312-528-5020
AIS 1-304-480-6083
CYBERNETIC VIOLENCE 1-514-426-9194
THE OTHER SIDE 1-512-618-0154
DARK COFFIN 1-215-966-3576
DIGITAL DECAY 1-714-871-2057
THE COMPLETE SOLUTION 1-707-459-9058
Please note, BBS's tend to come and go with some regularity, results
for you may vary.
*********************************************************************
Editorial content within the Crypt Newsletter is (c)opyrighted by
Urnst Kouch and Crypt InfoSystems News Services, Inc. 1993, unless
otherwise noted. Republishing it without prior consent is graceless
and corrupt. Ask first.
*********************************************************************