home *** CD-ROM | disk | FTP | other *** search
- Computer underground Digest Wed Oct 13 1993 Volume 5 : Issue 80
- ISSN 1004-042X
-
- Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
- Archivist: Brendan Kehoe
- Shadow-Archivists: Dan Carosone / Paul Southworth
- Ralph Sims / Jyrki Kuoppala
- Ian Dickinson
- Copy Eidtor: Etaoin Shrdlu, III
-
- CONTENTS, #5.80 (Oct 13 1993)
- File 1--CALIF AB1624 signed into law - PUBLIC INFO ACCESS!
- File 2--Thanks to The folks who made AB1624 possible
- File 3--Response to Cohen in re ITAR & Export Regs
- File 4--Space computer hacker gets bond.
- File 5--all eff.org machines moving 10/15-10/18
- File 6--IGC Wins Public Interest Aw
- File 7--Response to PGP Encryption Flap (RE:CuD 574)
- File 8--Elansky/Hartford bbs Hearings - Case Continues
-
- Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
- available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The
- editors may be contacted by voice (815-753-0303), fax (815-753-6302)
- or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
- 60115.
-
- Issues of CuD can also be found in the Usenet comp.society.cu-digest
- news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
- LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
- libraries and in the VIRUS/SECURITY library; from America Online in
- the PC Telecom forum under "computing newsletters;"
- On Delphi in the General Discussion database of the Internet SIG;
- on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG
- WHQ) (203) 832-8441 NUP:Conspiracy; RIPCO BBS (312) 528-5020
- CuD is also available via Fidonet File Request from 1:11/70; unlisted
- nodes and points welcome.
- EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893;
- In ITALY: Bits against the Empire BBS: +39-461-980493
-
- ANONYMOUS FTP SITES:
- AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD.
- EUROPE: nic.funet.fi in pub/doc/cud. (Finland)
- UNITED STATES:
- aql.gatech.edu (128.61.10.53) in /pub/eff/cud
- etext.archive.umich.edu (141.211.164.18) in /pub/CuD/cud
- ftp.eff.org (192.88.144.4) in /pub/cud
- halcyon.com( 202.135.191.2) in /pub/mirror/cud
- ftp.warwick.ac.uk in pub/cud (United Kingdom)
-
- COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
- information among computerists and to the presentation and debate of
- diverse views. CuD material may be reprinted for non-profit as long
- as the source is cited. Authors hold a presumptive copyright, and
- they should be contacted for reprint permission. It is assumed that
- non-personal mail to the moderators may be reprinted unless otherwise
- specified. Readers are encouraged to submit reasoned articles
- relating to computer culture and communication. Articles are
- preferred to short responses. Please avoid quoting previous posts
- unless absolutely necessary.
-
- DISCLAIMER: The views represented herein do not necessarily represent
- the views of the moderators. Digest contributors assume all
- responsibility for ensuring that articles submitted do not
- violate copyright protections.
-
- ----------------------------------------------------------------------
-
- From: Jim Warren <jwarren@WELL.SF.CA.US>
- Subject: File 1--CALIF AB1624 signed into law - PUBLIC INFO ACCESS!
- Date: Tue, 12 Oct 1993 14:26:21 -0700
-
- Shortly before 8 a.m. this morning, Assembly Member Debra Bowen's
- legislative aide who has been honchaing AB1624, Mary Winkley, sent the
- following hand-written fax:
-
- "The Governor signed 1624 last night! [Oct 11th, Monday, Columbus
- Day] Yes. You read this correctly. This is not a joke!
- Congratulations & thank you! Mary"
-
- AB1624 will take effect Jan.1, 1994 (as is true of most of the 1,100+
- bills, passed by the Legislature in 1993, that Gov. Pete Wilson signed
- into law).
-
- To my knowledge*, this is the first time that comprehensive
- information about state legislation-in-process and state laws have
- been made available by a state via the nonproprietary public computer
- networks, especially without any fees charged by the state. (Hawaii
- makes such information available, but only via an expensive private
- state network, so far.)
-
- This will permit *timely* access to legislative details -- crucial to
- effective citizen participation in the process of their/our
- governance; participation that is simply not practical via snailmailed
- copies of quickly-obsolete printed legislative information (useful
- only for after-the-fact fury).
-
- It makes the information available in *useful* form. Whereas printed
- legislative information can only be read <sneer>, the same information
- arriving in computerized form can be:
-
- Automatically monitored for *all* words and phrases that are
- "interesting," Quickly searched for *all* specified topics and
- subjects, Indexed, hyperlinked and cross-referenced to other related
- information, Extracted, excerpted and forwarded to others, quickly
- and accurately, and, oh yes, recipients can also read it.
-
- Using the public global networks will provide other state legislative
- staff, legislators and federal legislators with fast, easy access to
- California legislation and statutes -- often used as models for other
- states.
-
- And, AB1624 can be used as a model -- by citizen-activists and
- legislators -- for other states willing to encourage open democratic
- processes.
-
- Finally, as far as I know*, this is the first time online advocacy and
- network-assisted citizen action was *instrumental* in structuring and
- obtaining the passage of legislation. (There have, however, been
- several instances where net-based action has *halted* undesired
- legislation or regulations -- re crypto prohibitions, modem taxes,
- etc.)
-
- It won't be the last!
-
- * - Please let me know if you know of other instances. (But, please phone;
- I'm backlogged over a thousand messages in my email <cringe, blush>.)
-
-
- ITS THE LAW!
-
- The final version of the bill states [hand-typed for the last time!;
- typos and bracketed notes are mine]:
-
- "(a) The Legislative Counsel shall, with the advice of the Assembly
- Committee on Rules and the Senate Committee on Rules, make all of the
- following information available to the public in electronic form:
- " (1) The legislative calendar, the schedule of legislative committee
- hearings, a list of matters pending on the floors of both houses of the
- Legislature, and a list of the committee of the Legislature and their
- members.
- " (2) The test of each bill introduced in each current legislative
- session, including each amended, enrolled [passed by the Legislature] and
- chaptered [signed or passed into law] form of each bill.
- " (3) The bill history of each bill introduced and amended in each
- current legislative session.
- " (4) The bill status of each bill introduced and amended in each
- current legislative session.
- " (5) All bill analyses prepared by legislative committees in connection
- with each bill in each current legislative session. [Bill analyses by the
- party caucuses are *not* included.]
- " (6) All vote information concerning each bill in each current \
- legislative session.
- " (7) Any veto message concerning a bill in each current legislative
- session.
- " (8) The California Codes. [the state's laws or statutes]
- " (9) The California Constitution [including enacted ballot initiatives]
- " (10) All statutes enacted on or after January 1, 1993.
- "(b) The information identified in subdivision (a) shall be made available
- to the public by means of access by way of the largest nonproprietary,
- nonprofit cooperative public computer network ... in one or more formats.
- ... Any person who accesses the information may access all or any part of
- the information. The information that is maintained in the legislative
- information system ... shall be made available in the shortest feasible
- time after the information is available in the [Legislature's internal]
- information system. The information that is not maintained in the
- information system shall be made available in the shortest feasible time
- after it is available to the Legislative Counsel.
- "... [public documentation of digital formats will be available, online]
- "(d) Personal information concerning a person who accesses the information
- may be maintained only for the purpose of providing service to that person.
- "(e) No fee or other charge may be imposed by the Legislative Counsel as
- a condition of accessing the information ... . ..."
-
- ------------------------------
-
- Date: Tue, 12 Oct 1993 14:28:59 -0700
- From: Jim Warren <jwarren@WELL.SF.CA.US>
- Subject: File 2--Thanks to The folks who made AB1624 possible
-
- ((MODERATORS' NOTE: Jim Warren graciously thanks all those who
- assisted in the enactment of California's AB1624, which expands the
- public's access to state government documents. But, Jim Warren was the
- primary force behind the legislation. Both the language of the law and
- the energy to push the Bill through are a credit to Jim's efforts.
- THANKS, JIM!!))
-
- ++++
-
- There are *lots* of folks who greatly assisted AB1624 to become law,
- but these are the crucial ones:
-
- Assembly Member Debra Bowen introduced the concepts embodied in this
- law. And, she did so on her own -- unlike most legislation, which is
- brought to legislators by outside special interests (i.e., no
- "sponsors").
-
- Bowen's Legislative Aide Mary Winkley road herd on this bill, provided
- Bowen with massive, *essential* input and guidance regarding the
- details of the bill as it whip-sawed its way through the contorted
- amendment and committee processes. Her assistance was especially
- crucial given that Bowen had never held elective office before this
- year.
-
- Mary is the one who fielded several thousand phone calls and about
- 1,500 faxes and letters, concerning this bill alone (on top of a
- dozen-or-so others for which she had key responsibility).
-
- She was there days, evenings, nights, dawns, weekends and holidays
- (I know; I often called her -- or she, me -- at night and on
- weekends!).
-
- Without Mary Winkley's *consumptive* efforts, AB1624 would not be
- law.
-
- The 1,500-or-so people who sent the faxes and letters to Bowen and to
- crucial committee members as the bill went through the legislative
- process.
- YOUR *ACTION* WAS ESSENTIAL.
-
- (When I first heard about the bill and talked to Winkley, she said
- it was dead -- they had not found any public support for it,.amd the
- Legislative Counsel's staff had said it would cost millions of dollars
- to implement.)
-
- [ And maybe me: "How I Spent My Summer Vacation." :-) <can't
- think of a much better way!>
- Most of all, I broadcast 32+ updates to you hundreds of folks who
- so-politely tolerated my un-terse-osity, and YOU made it happen via
- your support when and where it counted. (Also processed several
- thousand email messages.)
-
- I also showed 'em how they could do it for little or no cost via the
- Internet and a cheap file-server (detailed it in a 16-page
- implementation report), and detailed how the printed bills and their
- semantically-meaningful italics, underscoring and strike-thrus might
- be easily represented in ASCII text for dumb terminals. ]
-
-
- PLEASE THANK MARY AND DEBRA -- WELL-EARNED APPLAUSE, WORTH BOTH HANDS
- CLAPPING I have one final request of you: Please take the time to
- at least call, or possibly fax or write, and personally thank Mary
- Winkley and Debra Bowen for what they have done. They *deserve* to
- know we noticed; we care; we appreciate their consumptive efforts.
- Both are at: State Capitol, Room 3126, Sacramento CA 95814
- voice/916-445-8528, fax/916-327-2201
- Please, do it now. They deserve it!
-
- And, thank you all -- *so much* -- for your interest and efforts. It
- *is* possible for citizens to significantly impact government -- all
- it takes is time and effort. :-)
-
- ON TO THE NEXT PROJECT
-
- The next thing to do is get the Secretary of State to make
- already-required public campaign-contributor and financial-disclosure
- information from "serious" candidates available in the same way as
- AB1624 makes public legislative data and public laws available. Then
- we can cross-reference vote records to contributor information --
- making reform of the legislative process possible via a
- better-informed electorate.
-
- Like AB1624, this could be done at little or no cost to the
- tax-payers or the candidates. There is already movement on this
- project. More in a later message.
-
- (Who knows -- maybe we won't need incumbency guarantees such as
- campaign-spending limits, or tax-suckin' public campaign-funding to
- pay for candidates' teevee ads and massive junk-mail.)
-
- ------------------------------
-
- Date: Sun, 10 Oct 1993 17:42:00 -0700
- From: bjones@WEBER.UCSD.EDU(Bruce Jones)
- Subject: File 3--Response to Cohen in re ITAR & Export Regs
-
- In CuD 5.79, Fredrick B. Cohen <fc@JUPITER.SAIC.COM> writes:
-
- Let's unpack a bit of what Mr. Cohen has to say about ITAR
- export regulations and his experiences.
-
- >Your discussion seems very strange to me. I seem to think I have
- >heard it all before - about 3 years ago - when I got permission from
- >the government to export an RSA cryptosystem with no restriction on
- >key length or anything else.
- >
- >It took a few weeks (6-8 as I recall), but all I did was submit the
- >software to the government (in 12 copies or so), and request a ruling.
- >After a few call-backs, I got permission.
-
- Please note that the posting site for Mr. Cohen's message is
- the Science Applications International Corporation, a La Jolla
- California based think tank that has deep ties to the U.S. Gov't and
- does lots of work for the DoD. Given his ties to the DoD, it comes
- as small surprise that he was able to get export permission for his RSA
- cryptosystem.
-
- [Discussion of key generation deleted because it's not germane to
- my critique]
-
- >All of this is not to say that I think it is reasonable to prevent us
- >from doing as we please in this area, and I certainly wish I didn't
- >have to wait so long before distributing new versions overseas, but
- >why not just apply for export and see what happens? Maybe you'll get
- >permission and it will all be no problem.
-
- Why should a software manufacturer or a private citizen have to ask
- permission in the first place, from the DoD (operating under the
- guise of the Dept of Commerce) to export software that uses
- encryption algorithms freely available in the country to which the
- product is being exported?
-
- >IBM has been exporting DES for quite a few years according to sources
- >I have in EC who have seen IBM chips with DES on them in EC computers.
- >I believe they simply asked for permission and got it.
-
- Again, it's likely quite simple for someone who does business with
- the DoD and the U.S. Gov't to get permission to export.
-
- >I applaud the EFF for helping defend people in this area, but maybe if
- >they tried to work within the law in the first place, they would have
- >found it was easier to obey the law than break it.
-
- Serious charges without foundation. Whom within the EFF has been
- accused of breaking the law?
-
- >Maybe if they apply now, they will end up with a no-case (assuming
- >they get permission).
-
- A dodge of the issue, which is not about whether or not one can get
- permission to do something specific, but whether or not the
- government has a right to require permission in the first place.
-
- One of the founding tenets of the Unites States of America is the
- idea that its citizens may do whatever they like, so long as their
- chosen activity is not proscribed by law and doesn't violate the
- rights of their neighbors. The opposite is ostensibly true for
- the government, which may only do what has been permitted it under
- the law. We live in a society where those distinctions apparently
- collapsed some time ago.
-
- Bruce Jones Department of Communication
- bjones@ucsd.edu/bitnet University of California, San Diego
- (619) 534-0417/4410 9500 Gilman Drive
- FAX (619) 534-7315 La Jolla, Ca. 92093-0503
-
- ------------------------------
-
- Date: Thu, 7 Oct 1993 17:49:40 +0800 (WST)
- From: Stephen Hardman <hardguy@GARION.IT.COM.AU>
- Subject: File 4--Space computer hacker gets bond.
-
- Thursday: Space computer hacker gets bond.
-
- MELBOURNE: A computer hacker who forced a 24-hour shutdown at US
- National Aeronautics and Space Administration base was sentenced
- yesterday to a year's jail but freed on a good behaviour bond and
- ordered to do 500 hours' unpaid community work.
-
- Nashon Even-Chaim, 22, of Caulfield, pleaded guilty to 15 charges of
- unlawful interference with computer data in 1990, including using the
- password "friend" to penetrate a NASA computer in Virginia.
-
- Even-Chaim also admitted interfering with a CSIRO computer in
- Melbourne, a private computer manufacturer's system in Texas and a US
- government computer laboratory in California.
-
- ------------------------------
-
- Date: Wed, 13 Oct 1993 17:31:14 -0400
- From: Christopher Davis <ckd@KEI.COM>
- Subject: File 5--all eff.org machines moving 10/15-10/18
-
- All eff.org machines will be disconnected and unavailable (due to
- moving from Cambridge, MA to Washington, DC) from approximately noon
- (EDT) Friday 15 October 1993 to approximately noon (EDT) Monday 18
- October 1993.
-
- This includes email to eff@eff.org, access to the archives on
- ftp.eff.org and gopher.eff.org, and mail-news gateways for
- comp.org.eff.* and alt.comp.acad-freedom.*.
-
- Mirrors of the archives should be available during the weekend.
-
- We apologize for any inconvenience.
-
- ------------------------------
-
- From: David Sobel <dsobel@WASHOFC.CPSR.ORG>
- Date: Tue, 12 Oct 1993 16:05:07 EST
- Subject: File 6--IGC Wins Public Interest Aw
-
- IGC Wins Public Interest Award
-
- Palo Alto, Calif., October 12, 1993 - Computer Professionals for
- Social Responsibility (CPSR), the national public interest
- organization based in Palo Alto, announced today that the Institute
- for Global Communications (IGC) has been named the winner of the 1993
- Norbert Wiener Award for Social and Professional Responsibility.
- Beginning in 1986, CPSR has presented this award each year to a
- distinguished individual who, through personal example, demonstrated a
- deep commitment to the socially responsible use of computing
- technology. In 1992, the CPSR Board expanded the nominations to
- include organizations. IGC is the first organizational recipient of
- this prestigious award.
-
- "The award is particularly appropriate this year because of the
- enormous interest in computer networks generated by the debate over
- the proposed National Information Infrastructure (NII)," said Stanford
- professor and CPSR Board president Eric Roberts. "IGC has worked
- diligently to use network technology to empower previously
- disenfranchised individuals and groups working for progressive change.
- CPSR has a strong commitment to making sure that everyone has access
- to the resources and empowerment that networks provide. IGC has been
- providing such access ever since it was founded in 1986."
-
- "We're honored to be recognized by CPSR and to be the Norbert Wiener
- Award recipient," says Geoff Sears, IGC's Executive Director. "Of
- course, this award honors not just IGC, but the efforts and
- accomplishments of all our network members, our entire network
- community."
-
- Sears will accept the Wiener award at CPSR's annual meeting banquet in
- Seattle, Washington, on Saturday, October 16th.
-
- This year's annual meeting is a two-day conference entitled
- "Envisioning the Future: A National Forum on the National Information
- Infrastructure (NII)" that will bring together local, regional, and
- national decision makers to take a critical look at the social
- implications of the NII. The keynote speaker will be Bruce McConnell,
- Chief of Information Policy at the Office of Information and
- Regulatory Affairs in the Office of Management and Budget (OMB), who
- will present his views on the major NII issues now facing the
- administration. Other highlights of the meeting include Kit Galloway
- of Electronic Cafe International in Santa Monica, California, as the
- featured speaker at the banquet. Using videotapes and a live
- demonstration with CPSR chapters, Kit will present an innovative
- approach to electronic communication and discuss how the Electronic
- Cafe concept has been used.
-
- The Institute for Global Communications is a nonprofit computer
- networking organization dedicated to providing low-cost worldwide
- communication and information exchange pertaining to environmental
- preservation, human rights, sustainable development, peace, and social
- justice issues. IGC operates the PeaceNet, EcoNet, ConflictNet, and
- LaborNet computer networks. With a combined membership of 10,000
- individuals and organizations ranging in size and scope from United
- Nations Commissions to local elementary schools, IGC members
- contribute to more than 1200 conferences covering virtually every
- environmental and human rights topic.
-
- The Wiener Award was established in 1987 in memory of Norbert Wiener,
- the originator of the field of cybernetics and a pioneer in looking at
- the social and political consequences of computing. Author of the
- book, The Human Use of Human Beings, Wiener began pointing out the
- dangers of nuclear war and the role of scientists in developing more
- powerful weapons shortly after Hiroshima.
-
- Past recipients of the Wiener Award have been: Dave Parnas, 1987, in
- recognition of his courageous actions opposing the Strategic Defense
- Initiative; Joe Weizenbaum, 1988, for his pioneering work emphasizing
- the social context of computer science; Daniel McCracken, 1989, for
- his work organizing computer scientists against the Anti Ballistic
- Missiles deployment during the 1960s; Kristen Nygaard of Norway, 1990,
- for his work in participatory design; Severo Ornstein and Laura Gould,
- 1991, in recognition of their tireless energy guiding CPSR through
- its early years; and Barbara Simons, 1992, for her work on human
- rights, military funding, and the U.C. Berkeley reentry program for
- women and minorities.
-
- Founded in 1981, CPSR is a national, nonprofit, public-interest
- organization of computer scientists and other professionals concerned
- with the impact of computer technology on society. With offices in
- Palo Alto, California, and Washington, D.C., CPSR challenges the
- assumption that technology alone can solve political and social
- problems.
-
- For more information about CPSR, the annual meeting, or the awards
- banquet, call 415-322-3778 or send email to <cpsr@cpsr.org>.
-
- For more information about IGC, contact Sarah Hutchison, 415-442-0220
- x117, or send email to <sarah@igc.apc.org>.
-
- ------------------------------
-
- Date: Mon, 11 Oct 93 12:07:01
- From: bob.paddock@CIRCELLAR.COM
- Subject: File 7--Response to PGP Encryption Flap (RE:CuD 574)
-
- In Re CuD574: File 1--Phil Zimmerman Comments on Encryption Flap
-
- I'm posting this rather long message (sorry about the length,
- but I wanted it to be complete [as the copyright states that it must
- be for permitted redistribution]) with a couple of question in mind
- that I would like answered:
-
- 1) Why is one branch of the government trying to kill off PGP
- specifically, and possibly public key encryption in general. While an
- other branch (DARPA) is helping to promote its use (See below)?
-
- 2) Since DARPA is promoting the use of the PEM public key
- implementation, does this mean that it has a back door for "THEM"?
-
- 3) If you can get this public key program via anonymous FTP,
- that IS export controlled, whats the governments beef with Austin Code
- Works, and PGP's author? [Better get your copy now be for one side
- finds out what the other is doing! {Maybe some one could point this
- out to PGP's authors defence lawyer, humm?}]
-
- ============================================================================
- Received: from RSA.COM (CHIRALITY.RSA.COM)
- !RSA.COM!rsaref-administrator
- !RSA.COM!coni
-
- Subject--RSAREF VERS NUMBER
-
- The current version of RSAREF is v1.01. To receive RSAREF read below.
-
- RSAREF(TM):
- A Cryptographic Toolkit for Privacy-Enhanced Mail
-
- RSA Laboratories
- (A division of RSA Data Security, Inc.)
- October 4, 1993
-
- This document copyright (C) 1993 RSA Laboratories, a division of RSA
- Data Security, Inc. License is granted to reproduce, copy, post, or
- distribute in any manner, provided this document is kept intact and
- no modifications, deletions, or additions are made.
-
-
- WHAT IS IT?
-
- RSAREF is a cryptographic toolkit designed to facilitate rapid
- deployment of Internet Privacy-Enhanced Mail (PEM) implementations.
- RSAREF represents the fruits of RSA Data Security's commitment to the
- U.S. Department of Defense's Advanced Research Projects Agency
- (DARPA) to provide free cryptographic source code in support of a PEM
- standard. Just recently, PEM became an Internet proposed standard.
-
- Part of RSA's commitment to DARPA was to authorize Trusted
- Information Systems of Glenwood, MD, to distribute a full PEM
- implementation based on RSAREF. That implementation is now available
- via anonymous FTP to 'ftp.tis.com'.
-
- RSAREF supports the following PEM-specified algorithms:
-
- o RSA encryption and key generation, as defined by RSA
- Laboratories' Public-Key Cryptography Standards (PKCS)
-
- o MD2 and MD5 message digests
-
- o DES (Data Encryption Standard) in cipher-block chaining mode
-
- RSAREF is written in the C programming language as a library that can
- be called from an application program. A simple PEM implementation
- can be built directly on top of RSAREF, together with message parsing
- and formatting routines and certificate-management routines. RSAREF
- is distributed with a demonstration program that shows how one might
- build such an implementation.
-
- The name "RSAREF" means "RSA reference." RSA Laboratories intends
- RSAREF to serve as a portable, educational, reference implementation
- of cryptography.
-
-
- WHAT YOU CAN (AND CANNOT) DO WITH RSAREF
-
- The RSAREF license agreement gives legal terms and conditions. Here's
- the layman's interpretation, for information only and with no legal
- weight:
-
- 1. You can use RSAREF in personal, non-commercial applications,
- as long as you follow the interface described in the RSAREF
- documentation. You can't use RSAREF in any commercial
- (moneymaking) manner of any type, nor can you use it to
- provide services of any kind to any other party. For
- information on commercial licenses of RSAREF-compatible
- products, please contact RSA Data Security. (Special
- arrangements are available for educational institutions and
- non-profit organizations.)
-
- 2. You can give others RSAREF and programs that interface to
- RSAREF, under the same terms and conditions as your RSAREF
- license.
-
- 3. You can modify RSAREF as required to port it to other
- operating systems and compilers, or to improve its
- performance, as long as you give a copy of the results to
- RSA Laboratories. Other changes require written consent.
-
- 4. You can't send RSAREF outside the United States or Canada, or
- give it to anyone who is not a U.S. or Canadian citizen and
- doesn't have a U.S. "green card." (These are U.S. State and
- Commerce Department requirements, because RSA and DES are
- export-controlled technologies.)
-
-
- HOW TO GET IT
-
- To obtain RSAREF, read the RSAREF license agreement and return a copy
- of the following paragraph by electronic mail to
- <rsaref-administrator@rsa.com>. If your electronic mail address is
- located in Canada, please send your full name and mailing address;
- we'll need it to complete a Department of State export declaration.
-
- I acknowledge that I have read the RSAREF Program License
- Agreement and understand and agree to be bound by its terms and
- conditions, including without limitation its restrictions on
- foreign reshipment of the Program and information related to the
- Program. The electronic mail address to which I am requesting
- that the program be transmitted is located in the United States
- of America or Canada and I am a United States citizen, a Canadian
- citizen, or a permanent resident of the United States. The RSAREF
- Program License Agreement is the complete and exclusive agreement
- between RSA Laboratories and me relating to the Program, and
- supersedes any proposal or prior agreement, oral or written, and
- any other communications between RSA Laboratories and me relating
- to the Program.
-
- RSAREF is distributed by electronic mail in UNIX(TM) "uuencoded" TAR
- format. When you receive it, store the contents of the message in a
- file, and run your operating system's "uudecode" and TAR programs.
- For example, suppose you store the contents of your message in the
- file 'contents'. You would run the commands:
-
- uudecode contents # produces rsaref.tar
- tar xvf rsaref.tar
-
- You can also get a "uuencoded" PKZIP(TM) version of RSAREF. Just ask
- for the ZIP file when you return the acknowledgement.
-
- RSAREF includes about 60 files organized into the following
- subdirectories:
-
- doc documentation on RSAREF and RDEMO
- install makefiles for various operating systems
- rdemo RDEMO demonstration program
- source RSAREF source code and include files
- test test scripts for RDEMO
-
- RSAREF is also available via anonymous FTP to 'rsa.com'. Along with
- RSAREF you can get RIPEM, Mark Riordan's RSAREF-based privacy-enhanced
- mail application, and an Emacs command interface to RIPEM. See the
- file 'README' in the FTP directory 'rsaref' for more information.
-
-
- USERS' GROUP
-
- RSA Laboratories maintains the electronic-mail users' group
- <rsaref-users@rsa.com> for discussion of RSAREF applications, bug
- fixes, etc. To join the users' group, send electronic mail to
- <rsaref-users-request@rsa.com>.
-
-
- REGISTRATION
-
- RSAREF users who register with RSA Laboratories are entitled to free
- RSAREF upgrades and bug fixes as soon as they become available and a
- 50% discount on selected RSA Data Security products. To register,
- send your name, address, and telephone number to
- <rsaref-registration@rsa.com>.
-
-
- INNOVATION PRIZES
-
- RSA Laboratories will award cash prizes for the best applications
- built on RSAREF. If you'd like to submit an application, want to be
- on the review panel, or would like more details, please send
- electronic mail to <rsaref-prizes@rsa.com>. Applications are due
- December 31, 1993, and awards will be announced March 31, 1994. First
- prize is $5000, second prize is $2000, and there are five prizes of
- $1000. First prize in 1992's content went to Mark Riordan for RIPEM.
-
-
- PUBLIC-KEY CERTIFICATION
-
- RSA Data Security offers public-key certification services conforming
- to forthcoming PEM standards. For more information, please send
- electronic mail to <pem-info@rsa.com>.
-
-
- PKCS: PUBLIC-KEY CRYPTOGRAPHY STANDARDS
-
- To obtain copies of RSA Laboratories' Public-Key Cryptography
- Standards (PKCS), send electronic mail to <pkcs-info@rsa.com>.
-
-
- OTHER QUESTIONS
-
- If you have questions on RSAREF software, licenses, export
- restrictions, or other RSA Laboratories offerings, send electronic
- mail to <rsaref-administrator@rsa.com>.
-
-
- AUTHORS
-
- RSAREF was written by the staff of RSA Laboratories with assistance
- from RSA Data Security's software engineers. The DES code is based on
- an implementation that Justin Reyneri did at Stanford University. Jim
- Hwang of Stanford wrote parts of the arithmetic code under contract
- to RSA Laboratories.
-
-
- ABOUT RSA LABORATORIES
-
- RSA Laboratories is the research and development division of RSA Data
- Security, Inc., the company founded by the inventors of the RSA
- public-key cryptosystem. RSA Laboratories reviews, designs and
- implements secure and efficient cryptosystems of all kinds. Its
- clients include government agencies, telecommunications companies,
- computer manufacturers, software developers, cable TV broadcasters,
- interactive video manufacturers, and satellite broadcast companies,
- among others.
-
- RSA Laboratories draws upon the talents of the following people:
-
- Len Adleman, distinguished associate - Ph.D., University of
- California, Berkeley; Henry Salvatori professor of computer
- science at University of Southern California; co-inventor of
- RSA public-key cryptosystem; co-founder of RSA Data Security, Inc.
-
- Martin Hellman, distinguished associate - Ph.D., Stanford University;
- professor of electrical engineering at Stanford University;
- co-inventor of public-key cryptography, exponential key exchange;
- IEEE fellow; IEEE Centennial Medal recipient
-
- Burt Kaliski, chief scientist - Ph.D., MIT; former visiting assistant
- professor at Rochester Institute of Technology; author of Public-Key
- Cryptography Standards; general chair of CRYPTO '91
-
- Cetin Koc, associate - Ph.D., University of California, Santa
- Barbara; assistant professor at Oregon State University
-
- Ron Rivest, distinguished associate - Ph.D., Stanford University;
- professor of computer science at MIT; co-inventor of RSA public-key
- cryptosystem; co-founder of RSA Data Security, Inc.; member of
- National Academy of Engineering; director of International
- Association for Cryptologic Research; program co-chair of ASIACRYPT
- '91
-
- Matt Robshaw, research scientist - Ph.D., University of London
-
- RSA Laboratories seeks the talents of other people as well. If you're
- interested, please write or call.
-
- ADDRESSES
-
- RSA Laboratories RSA Data Security, Inc.
- 100 Marine Parkway 100 Marine Parkway
- Redwood City, CA 94065 Redwood City, CA 94065
-
- (415) 595-7703 (415) 595-8782
- (415) 595-4126 (fax) (415) 595-1873 (fax)
-
- PKCS, RSAREF and RSA Laboratories are trademarks of RSA Data
- Security, Inc. All other company names and trademarks are not.
- +--------------------------------------------------------
- RSA LABORATORIES
- PROGRAM LICENSE AGREEMENT
-
- Version 1.02
- January 21, 1993
-
- RSA LABORATORIES, A DIVISION OF RSA DATA SECURITY, INC. ("RSA")
- GRANTS YOU A LICENSE AS FOLLOWS TO THE "RSAREF" PROGRAM:
-
- 1. LICENSE. RSA grants you a non-exclusive, non-transferable,
- perpetual (subject to the conditions of Section 8) license for
- the "RSAREF" program (the "Program") and its associated
- documentation, subject to all of the following terms and
- conditions:
-
- a. to use the Program on any computer;
-
- b. to make copies of the Program for back-up purposes;
-
- c. to modify the Program in any manner for porting or
- performance improvement purposes (subject to Section 2)
- or to incorporate the Program into other computer programs
- for your own personal or internal use, provided that you
- provide RSA with a copy of any such modification or
- Application Program by electronic mail, and grant RSA a
- perpetual, royalty-free license to use and distribute such
- modifications and Application Programs on the terms set
- forth in this Agreement.
-
- d. to copy and distribute the Program and Application Programs
- in accordance with the limitations set forth in Section 2.
-
- "Application Programs" are programs which incorporate all or any
- portion of the Program in any form. The restrictions imposed on
- Application Programs in this Agreement shall not apply to any
- software which, through the mere aggregation on distribution media,
- is co-located or stored with the Program.
-
- 2. LIMITATIONS ON LICENSE.
-
- a. RSA owns the Program and its associated documentation and
- all copyrights therein. You may only use, copy, modify and
- distribute the Program as expressly provided for in this
- Agreement. You must reproduce and include this Agreement,
- RSA's copyright notices and disclaimer of warranty on any
- copy and its associated documentation.
-
- b. The Program and all Application Programs are to be used only
- for non-commercial purposes. However, media costs associated
- with the distribution of the Program or Application Programs
- may be recovered.
-
- c. The Program, if modified, must carry prominent notices
- stating that changes have been made, and the dates of any
- such changes.
-
- d. Prior permission from RSA in writing is required for any
- modifications that access the Program through ways other
- than the published Program interface or for modifications
- to the Program interface. RSA will grant all reasonable
- requests for permission to make such modifications.
-
- 3. NO RSA OBLIGATION. You are solely responsible for all of your
- costs and expenses incurred in connection with the distribution
- of the Program or any Application Program hereunder, and RSA
- shall have no liability, obligation or responsibility therefor.
- RSA shall have no obligation to provide maintenance, support,
- upgrades or new releases to you or to any distributee of the
- Program or any Application Program.
-
- 4. NO WARRANTY OF PERFORMANCE. THE PROGRAM AND ITS ASSOCIATED
- DOCUMENTATION ARE LICENSED "AS IS" WITHOUT WARRANTY AS TO THEIR
- PERFORMANCE, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR
- PURPOSE. THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF
- THE PROGRAM IS ASSUMED BY YOU AND YOUR DISTRIBUTEES. SHOULD THE
- PROGRAM PROVE DEFECTIVE, YOU AND YOUR DISTRIBUTEES (AND NOT RSA)
- ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR OR
- CORRECTION.
-
- 5. LIMITATION OF LIABILITY. EXCEPT AS EXPRESSLY PROVIDED FOR IN
- SECTION 6 HEREINUNDER, NEITHER RSA NOR ANY OTHER PERSON WHO HAS
- BEEN INVOLVED IN THE CREATION, PRODUCTION, OR DELIVERY OF THE
- PROGRAM SHALL BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR ANY
- DIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, EVEN IF RSA HAS BEEN
- ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-
- 6. PATENT INFRINGEMENT OBLIGATION. Subject to the limitations set
- forth below, RSA, at its own expense, shall: (i) defend, or at
- its option settle, any claim, suit or proceeding against you on
- the basis of infringement of any United States patent in the
- field of cryptography by the unmodified Program; and (ii) pay any
- final judgment or settlement entered against you on such issue in
- any such suit or proceeding defended by RSA. The obligations of
- RSA under this Section 6 are subject to: (i) RSA's having sole
- control of the defense of any such claim, suit or proceeding;
- (ii) your notifying RSA promptly in writing of each such clai proceeding
- against you on
- the basis of infringement of any United States patent in the
- field of cryptography by the unmodified Program; and (ii) pay any
- final judgment or settlement entered against you on such issue in
- any such suit or proceeding defended by RSA. The obligations of
- RSA under this Section 6 are subject to: (i) RSA's having sole
- control of the defense of any such claim, suit or proceeding;
- (ii) your notifying RSA promptly in writing of each such clai proceeding
- against you on
- the basis of infringement of any United States patent in the
- field of cryptography by the unmodified Program; and (ii) pay any
- final judgment or settlement entered against you on such issue in
- any such suit or proceeding defended by RSA. The obligations of
- RSA under this Section 6 are subject to: (i) RSA's having sole
- control of the defense of any such claim, suit or proceeding;
- (ii) your notifying RSA promptly in writing of each such claim,
- suit or proceeding and giving RSA authority to proceed y United States
- patent in the
- field of cryptography by the unmodified Program; and (ii) pay any
- final judgment or settlement entered against you on such issue in
- any such suit or proceeding defended by RSA. The obligations of
- RSA under this Section 6 are subject to: (i) RSA's having sole
- control of the defense of any such claim, suit or proceeding;
- (ii) your notifying RSA promptly in writing of each such claim,
- suit or proceeding and giving RSA authority to proceed as stated
- in this Section 6; and (iii) your giving RSA all information
- known to you relating to such claim, suit or proceeding and
- cooperating with RSA to defend any such claim, suit or
- proceeding. RSA shall have no obligation under this Section 6
- with respect to any claim to the extent it is based upon (a) use
- of the Program as modified by any person other than RSA or use of
- any Application Program, where use of the unmodified Program
- would not constitute an infringement, or (b) use of the Program
- in a manner other than that permitted by this Agreement. THIS
- SECTION 6 SETS FORTH RSA'S ENTIRE OBLIGATION AND YOUR EXCLUSIVE
- REMEDIES CONCERNING CLAIMS FOR PROPRIETARY RIGHTS INFRINGEMENT.
-
- NOTE: Portions of the Program practice methods described in and
- subject to U.S. Patents Nos. 4,200,770, 4,218,582 and 4,405,829,
- and all foreign counterparts and equivalents, issued to Leland
- Stanford Jr. University and to Massachusetts Institute of
- Technology. Such patents are licensed to RSA by Public Key
- Partners of Sunnyvale, California, the holder of exclusive
- licensing rights. This Agreement does not grant or convey any
- interest whatsoever in such patents.
-
- 7. RSAREF is a non-commercial publication of cryptographic
- techniques. Portions of RSAREF have been published in the
- International Security Handbook and the August 1992 issue of Dr.
- Dobb's Journal. Privacy applications developed with RSAREF may be
- subject to export controls. If you are located in the United States
- and develop such applications, you are advised to consult with the
- State Department's Office of Defense Trade Controls.
-
- 8. TERM. The license granted hereunder is effective until
- terminated. You may terminate it at any time by destroying the
- Program and its associated documentation. The termination of your
- license will not result in the termination of the licenses of any
- distributees who have received rights to the Program through you
- so long as they are in compliance with the provisions of this
- license.
-
- 9. GENERAL
-
- a. This Agreement shall be governed by the laws of the State of
- California.
-
- b. Address all correspondence regarding this license to RSA's
- electronic mail address <rsaref-administrator@rsa.com>, or
- to
-
- RSA Laboratories
- ATTN: RSAREF Administrator
- 100 Marine Parkway, Suite 500
- Redwood City, CA 94065
-
- ------------------------------
-
- Date: Wed, 13 Oct 1993 18:22:13 CDT
- From: CuD Moderators <cudigest@mindvox.phantom.com>
- Subject: File 8--Elansky/Hartford bbs Hearings - Case Continues
-
- HEARINGS CONTINUE IN BOMB-RECIPES CASE
- Oct. 13, Page B-11, The Hartford Courant
-
- Michael Elansky, a 22-year-old West Hartford man accused of
- possessing bomb recipes on his computer bulletin board, will remain in
- jail pending further hearings on his case.
-
- A 90-minute pretrial hearing in closed chambers Tuesday in Hartford
- Superior Court produced no resolution in the case. Another hearing is
- scheduled next Tuesday.
-
- ((remainder, summarizing the case, deleted))
-
- ------------------------------
-
- End of Computer Underground Digest #5.80
- ************************************
-
-