home *** CD-ROM | disk | FTP | other *** search
-
- Computer underground Digest Thu Mar 6, 1997 Volume 9 : Issue 16
- ISSN 1004-042X
-
- Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
- News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
- Archivist: Brendan Kehoe
- Shadow Master: Stanton McCandlish
- Shadow-Archivists: Dan Carosone / Paul Southworth
- Field Agent Extraordinaire: David Smith
- Ralph Sims / Jyrki Kuoppala
- Ian Dickinson
- Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
-
- CONTENTS, #9.16 (Thu, Mar 6, 1997)
-
- File 1--another CDA brief...
- File 2--imapd and ipop3d hole (fwd)
- File 3--Hacker Challenges Dark Side Book (fwd)
- File 4--Hacking and international law
- File 5--Bell-Atl NYNEX Mobile See's 70% Decrease In Fraud Losses
- File 6--Higher & Deeper: John Seabrook's CSi book tour
- File 7--Novell & Microsoft Win Piracy Suit with Final Frontier BBS
- File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)
-
- CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
- THE CONCLUDING FILE AT THE END OF EACH ISSUE.
-
- ---------------------------------------------------------------------
- Date: Tue, 25 Feb 1997 21:10:21 -0600
- From: Jon Lebkowsky <jonl@onr.com>
- Subject: File 1--another CDA brief...
-
- FOR IMMEDIATE RELEASE
-
- Jon Lebkowsky, an Austin-based Internet activist and author, and
- SiteSpecific Inc., a New York City new media company, have filed a friend
- of the court brief with the United States Supreme Court, supporting the
- findings of the District Court in ACLU v. Reno, the Communications Decency
- Act (CDA) case. "We believe the lower court was completely correct in
- finding that the CDA was unconstitutional," Lebkowsky said.
-
- In their brief, filed on their behalf by attorney Jamie Stecher of New York
- City (212-355-4000), the parties argue that the Court has erred in recent
- years by refusing to find that the printing press is the right "metaphor"
- for electronic media such as the Internet. "The Court has always
- proceeded by analogy in deciding how to regulate new media," Stecher
- commented. "For example, in the last century, it held that the telephone
- was like the telegraph--and by picking the right metaphor, it resolved the
- legal questions before it. However, the Court went seriously astray last
- June when it decided an important case pertaining to free speech on cable
- television, Denver Area Coalition v. FCC, without specifying whether cable
- is to be treated like broadcast, print media, or something else. It is hard
- to see how you can specify *how* to regulate something without first
- deciding *what* it is."
-
- Lebkowsky agreed. "The Internet is entitled to the highest protection
- available for any medium, and print has traditionally received the highest
- protection. A holding that the Internet is analogous to print will help
- resolve future legal and legislative disputes before they come to a boil,
- i.e. any dispute over Internet censorship could then be resolved easily by
- asking how we treat print media. If the CDA or any similar law would be
- unconstitutional if applied to books and magazines, it shouldn't be
- constitutional for the Net, either."
-
- Jonathan Wallace, co-author of Sex, Laws and Cyberspace (Henry Holt, 1996)
- and a plaintiff in ACLU v. Reno, welcomed the filing of the brief. "In the
- book, we say that 'Cyberspace is a constellation of printing presses and
- bookstores,'" Wallace noted. "This brief helps to address a gap in the
- government's logic. Would you really treat Catcher in the Rye differently
- between paper covers and in electronic format? That's what one Congressman
- suggested, the day the CDA passed. Finding that the Internet is a form of
- print media will forestall that possibility."
-
- The Supreme Court will hear arguments in ACLU v. Reno on March 19th.
-
- --
- Jon Lebkowsky * jonl@onr.com * www.well.com/~jonl
- - Austin conference, Electric Minds (www.minds.com)
- - Electronic Frontiers Forum, HotWired (www.hotwired.com/eff)
- - Vice President, EFF-Austin (www.eff-austin.org)
-
- ------------------------------
-
- Date: Mon, 3 Mar 1997 01:17:48 -0500 (EST)
- From: "noah@enabled.com" <noah@enabled.com>
- Subject: File 2--imapd and ipop3d hole (fwd)
-
- Source -Noah
-
- ---------- Forwarded message ----------
- Date--Sun, 2 Mar 1997 21:42:14 -0700
- From--David Sacerdote <davids@SECNET.COM>
-
- Secure Networks Inc.
-
- Security Advisory
- March 2, 1997
-
-
- Buffer Overflow in imapd and ipop3d
-
- A vulnerability exists within Mark Crispin's mail server toolkit that will
- allow arbitrary individuals to obtain root access to servers running
- imapd and ipop3d. This vulnerability is present in both the POP3 and IMAP2bis
- servers included in the PINE distribution, as well as the IMAP2bis and
- IMAP4 servers included in Mr. Crispin's IMAP toolkit.
-
-
- Technical Details
- ~~~~~~~~~~~~~~~~~
- The vulnerable mail servers call a library routine to affect a
- Unix "login", authenticating the user against it's password. A
- stack overrun exists in this routine. In essence this will allow
- any client with the ability to attempt a login to enter an overly
- long username to cause arbitrary machine code to execute.
-
- Both the POP and IMAP servers Mr. Crispin distributes discard
- supervisory privileges sometime after this authentication phase.
- Unfortunately, the overflow occurs before this happens, and the
- vulnerability will thus allow an attacker superuser access.
-
- The problematic routine is server_login(), which is in
- "log_xxx.c" in the OS-dependent code tree of the server source
- distribution. The problem occurs due to the routine's attempt to
- allow a case insensitive match on the username, which it does by
- copying the username provided to the routine into an automatic
- variable in the routine's stack.
-
- The username buffer is MAILTMPLEN long, which defaults to 1024
- bytes. Unfortunately, the server's input buffer is greater than
- this, allowing a remote client to feed the routine a username
- greater than 1024 bytes. If the excess characters in this
- username contain a valid virtual memory address, the routine will
- overwrite it's stack frame when copying the username, causing the
- return from the routine to jump to an unexpected location.
-
- Interestingly, the buffer is converted to lowercase after being
- copied. This provides a slight technical challenge, as the
- machine code required to take over the server contains uppercase
- characters. However, modifications to the "standard" stack
- overrun exploit code to reverse the affects of this lowercasing
- were trivial. On i386 4.4BSD, the VM address required to redirect
- server_login()'s return need not contain uppercase
- characters.
-
- The flawed code reads:
-
- long server_login (char *user, char *pass, int argc, char *argv[])
- {
- char tmp[MAILTMPLEN];
- struct passwd *pw = getpwnam (user);
- /* allow case-independent match */
- if(!pw) pw = getpwnam (lcase (strcpy (tmp, user)));
-
- <complete server login and return>
- }
-
-
- Impact
- ~~~~~~
-
- Remote individuals, who do not have a valid username and password for
- the mail server, can obtain root access to systems running a vulnerable
- IMAP or POP server.
-
-
- Vulnerable Systems
- ~~~~~~~~~~~~~~~~~~
-
- Any system running Mark Crispin's POP or IMAP server, of a release
- earlier than 4.1beta is vulnerable. To determine whether your system
- is vulnerable, telnet to ports 109, 110, 143 and 220. If you see a banner
- looking like:
-
- * OK example.com IMAP2bis Service 7.8(92) at Mon, 3 Mar 1997 12:00:00
- -0500 (EST)
-
- or:
-
- * OK example.com IMAP4 v10.00 server ready
-
- or:
-
- +OK example.com POP3 3.0(10) w/IMAP client (Report problems in this server
- to MRC@CAC.Washington.edu) at Mon, 3 Mar 1998 12:00:00 -0500 (EST)
-
- Then your system is vulnerable. If you see "POP3 3.3" or "IMAP4rev1"
- or later, your POP or IMAP server is not vulnerable.
-
- POP servers not derived from Mark Crispin's code, including the somewhat
- confusingly named "pop3d" from the University of California at Davis are
- not vulnerable to the attack described in this advisory. Similarly,
- the University of California at Berkeley popper, and derived POP servers,
- including the Qualcomm popper, are not vulnerable to this attack.
-
-
- Fix Information
- ~~~~~~~~~~~~~~~
-
- As a temporary workaround, you can disable the POP and IMAP services
- in /etc/inetd.conf, and then kill and restart inetd.
-
- You can fix the problem in the source yourself, by changing the
- server_login() function to read:
-
- char tmp[MAILTMPLEN];
- struct passwd *pw = getpwnam (user);
-
- if(!pw) {
- strncpy(tmp, user, MAILTMPLEN - 1);
- pw = getpwnam(lcase(tmp));
-
- Or, as a final option, you can switch to the IMAP 4.1 beta distribution,
- which can be found at ftp://ftp.cac.washington.edu/mail/imap.tar.Z.
-
-
- Additional Information
- ~~~~~~~~~~~~~~~~~~~~~~
-
- If you have any questions about this advisory, feel free to contact me,
- by sending mail to davids@secnet.com If you wish to encrypt your
- messages to me, feel free to use the following PGP public key.
-
- -----BEGIN PGP PUBLIC KEY BLOCK-----
- Version: 2.6.2
-
- mQCNAzJ4qJAAAAEEAOgB7mooQ6NgzcUSIehKUufGsyojutC7phVXZ+p8FnHLLZNB
- BLQEtj5kmfww2A2pR29q4rgPeqEUOjWPlLNdSLby3NI8yKz1AQSQLHAwIDXt/lku
- 8QXClaV6pNIaQSN8cnyyvjH6TYF778yZhYz0mwLqW6dU5whHtP93ojDw1UhtAAUR
- tCtEYXZpZCBTYWNlcmRvdGUgPGRhdmlkc0BzaWxlbmNlLnNlY25ldC5jb20+
- =LtL9
- -----END PGP PUBLIC KEY BLOCK-----
-
- Further information about the Interactive Mail Aaccess Protocol can be
- found in RFCs 1731, 1732, 1733, 2060, 2061, 2062, 2086, 2087, 2088, and
- 2095. Further information about the Post Office Protocol can be found
- in RFCs 1939 and 1957. Copies of RFCs can be found at
- http://ds.internic.net/rfc/rfcXXXX.txt
-
- For further information about Secure Networks Inc, including product
- information, past advisories, and papers, see http://www.secnet.com
-
- If you wish to obtain Secure Networks advisories via our mailing list,
- please send mail to sni-advisories-request@secnet.com, with a single line
- reading:
- subscribe sni-advisories
-
-
- Copyright
- ~~~~~~~~~
-
- The contents of this advisory are Copyright (C) 1997 Secure Networks Inc,
- and may be distributed freely provided that no fee is charged for
- distribution, and that proper credit is given.
-
- imapd and ipop3d fall under the following license:
-
- Copyright 1997 by the University of Washington
-
- Permission to use, copy, modify, and distribute this software and its
- documentation for any purpose and without fee is hereby granted, provided
- that the above copyright notice appears in all copies and that both the
- above copyright notice and this permission notice appear in supporting
- documentation, and that the name of the University of Washington not be
- used in advertising or publicity pertaining to distribution of the software
- without specific, written prior permission. This software is made
- available "as is", and
- THE UNIVERSITY OF WASHINGTON DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
- WITH REGARD TO THIS SOFTWARE, INCLUDING WITHOUT LIMITATION ALL IMPLIED
- WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND IN
- NO EVENT SHALL THE UNIVERSITY OF WASHINGTON BE LIABLE FOR ANY SPECIAL,
- INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, TORT
- (INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- ------------------------------
-
- Date: Fri, 28 Feb 1997 17:13:03 -0600 (CST)
- From: Computer underground Digest <cudigest@SUN.SOCI.NIU.EDU>
- Subject: File 3--Hacker Challenges Dark Side Book (fwd)
-
- ((MODERATORS' NOTE: TELECOM Digest is an electronic journal
- devoted mostly but not exclusively to telecommunications topics.
- It is circulated anywhere there is email, in addition to various
- telecom forums on a variety of public service systems and
- networks including Compuserve and America On Line. It is also
- gatewayed to Usenet where it appears as the moderated newsgroup
- 'comp.dcom.telecom'. Subscriptions are available to qualified
- organizations and individual readers. Write and tell us how you
- qualify:
- * ptownson@massis.lcs.mit.edu *
- ======
-
- TELECOM Digest Mon, 24 Feb 97 09:07:00 EST Volume 17 --Issue 51
- Date--Mon, 24 Feb 1997 00:48:43 PST
- From--tad@ssc.com (Tad Cook)
-
- Hacker challenges `dark side' book
- By Simson Garfinkel
-
- Special to the Mercury News
-
- KEVIN Poulsen was one of the most talented "dark side hackers" ever to
- phreak a phone call.
-
- For more than two years, Poulsen lived the life of a fugitive as part
- of the seedy Los Angeles underground. He made money by reprogramming
- Pacific Bell's computers for pimps and escort services, re-activating
- old telephone numbers and building a voice-mail network pairing
- prostitutes with their johns.
-
- And he cleaned up by messing with the phones used by Los Angeles radio
- stations, rigging their call-in contests so that he would always win
- the big bucks or the car.
-
- But Poulsen got caught and he spent more than five years in jail.
-
- Behind bars in 1993, Poulsen did what any phone phreak would do: He
- picked up the pay phone and started making collect calls. But these
- calls where different: they went to Jonathan Littman, a journalist in
- Mill Valley who had just published a magazine article about Poulsen's
- crimes and exploits and was about to write a book on the same topic.
-
- Poulsen wanted to make sure that Littman got the story right. He felt
- that Littman had made a lot of mistakes in the magazine article.
-
- Today, Poulsen feels somewhat betrayed by the journalist to whom he
- gave total access. After reading an advance copy of Littman's book,
- Poulsen says Littman has twisted the truth in order to make a more
- compelling story.
-
- "Most of my complaints about Littman's book are small things," said
- Poulsen, who is on parole and living in Sherman Oaks, a Los Angeles
- suburb. "He has major events right but then he changes the meaning of
- them by changing minor events and making up quotes."
-
- Littman stands by his work.
-
- The book, "The Watchman: The Twisted Life and Crimes of Serial Hacker
- Kevin Poulsen," is due to be published next month by Little, Brown and
- Co. It's an insider's look at the world of a criminal computer hacker,
- one of the most detailed yet published.
-
- "He was one of the first to hack the Internet and get busted for it,"
- said Littman, referring to Poulsen's 1984 arrest for breaking into
- university computers on the ARPAnet, predecessor to today's Internet.
-
- "They decided not to prosecute him because he was 17" when he was
- arrested, Littman said. Instead, Poulsen was hired by a Silicon Valley
- defense contractor. "It was every hacker's dream -- to commit a crime
- and instead of going to jail, to get a job with what was a top think
- tank and defense contractor," Littman said.
-
- Soon, however, Poulsen was back to his old tricks -- with a vengeance,
- according to the book. He started physically breaking into Pacific
- Bell offices, stealing manuals and writing down passwords. Much of
- what he found went into a storage locker. But Poulsen couldn't handle
- his finances, and got behind in his rent. When the locker company
- broke open Poulsen's lock his stash was discovered and a trap was
- laid. As the FBI closed in, Poulsen left town, a fugitive on the run.
-
- Guilty plea
-
- He was caught June 21, 1991, and spent nearly three years in pre-trial
- detention. On June 14, 1994, in federal court in Southern California,
- he pleaded guilty to seven counts of computer fraud, interception of
- wire communications, mail fraud, money laundering and obstruction of
- justice. He was then transferred to Northern California to face a
- spying charge, based on his possession of material the government
- called classified. He pleaded guilty to fraud, possession of
- unauthorized access devices and fraudulent use of a Social Security
- number, and was released June 4, last year.
-
- The Watchman is Littman's second book on the computer hacker
- underground. His first, "The Fugitive Game," followed the exploits of
- hacker Kevin Mitnick, who was on the run and eventually caught by
- computer security expert Tsutomu Shimomura and New York Times reporter
- John Markoff. Shimomura and Markoff wrote their own book describing
- the chase, and they both objected to Littman's version of the events.
-
- For his part, Poulsen seems most angry about the implication of the
- new book's title -- that he was somehow obsessed with eavesdropping
- and largely acted alone.
-
- Only two wiretaps
-
- In the book, Littman has Poulsen listening to dozens of conversations
- -- even wiretapping the telephones of people trying to sell used
- equipment through newspaper classified ads, to see if they are being
- honest with their prices.
-
- Poulsen insists that he wiretapped the telephones of only two people:
- another hacker who was also an FBI informant and his high-school
- girlfriend.
-
- "He also reports that I obsessively followed the details of every
- escort date, including details of the tricks," Poulsen says, among
- other complaints. "He made that up. Totally made that up."
-
- Littman denies making up quotes, and insists that everything in the
- book was told to him by one of the participants.
-
- "I've written a book about a very complicated story about
- controversial people who had very different versions of what
- happened," Littman said. "I've done the best I can to view them
- objectively. Somebody else might view them differently, and the
- participants obviously have a subjective perspective. My views are in
- the book."
-
- But Poulsen says that Littman's fundamental premise is flawed. "John
- had a problem in writing this book," Poulsen said. "He wanted to sell
- it as the troubled loner-hacker-stalker guy. The problem is I had five
- co-defendants and it is hard to portray someone as a troubled loner
- when you have five other people making it happen."
-
- Not a loner
-
- Ron Austin, Poulsen's friend and co-conspirator, agrees. "Littman has
- to write an interesting book, I guess," he said. "He downplays the
- role of a lot of people, but I think that's because he is writing a
- book about Kevin. My role is downplayed." Austin also said the role of
- Justin Petersen, a hard-rocking hacker and co-conspirator is
- underplayed.
-
- Austin, also on parole, said he is concerned that the controversy
- regarding Littman's portrayal of Poulsen might obscure some of the
- more important issues raised by Littman's book: That the FBI engaged
- in widespread wiretapping of foreign consulates in the San Francisco
- area, the FBI's apparent hiring of an informant to commit illegal acts
- on the agency's behalf, and that the FBI's apparent ability to decrypt
- files on Poulsen's computer that had been encrypted with the
- U.S. government's Data Encryption Standard, a popular data-scrambling
- algorithm.
-
- The FBI office in Los Angeles declined to comment on the Poulsen
- case. A representative of the FBI's Washington office said, "We
- normally do not comment on books that are coming out until we have had
- an opportunity to review the book."
-
- As a condition of his plea bargain, Poulsen is prohibited from
- discussing FBI wiretaps.
-
- Littman said he feels "lucky as a writer to have been able to spend
- some time with Poulsen and these other characters in the story."
-
- "One thing about Poulsen is he really had a very highly developed
- ethical model that he believed in," Littman said. "He found it
- challenged by his circumstances and the people he associated with. I
- found it fascinating to see how he resolved this age-old computer
- hacker ethic with a changing world."
-
- ------------------------------
-
- Date: Wed, 26 Feb 1997 13:12:42 +0100 (MET)
- From: Felipe Rodriquez <felipe@xs4all.nl>
- Subject: File 4--Hacking and international law
-
- Hi,
-
- I thought you'd be interested in this message I got:
-
- >From--"Ivo Skoric" <iskoric@igc.apc.org>
-
- Problem:
- Last week three teenage high school students from Zadar, Croatia,
- hacked into some Pentagon secret files (Anderson nuclear facility being
- the one among claimed by DoD). Just for fun, as hackers do. Croatia is
- still in its early years of cyberspace: government did not yet realize the
- powers of the Net, and those who are, are young mischievous political
- moderates. Students' teacher, their parents, their school, their town -
- they are all very proud of their children exceptional computer prowess.
- School's message board boldly displays a mock flier offering Pentagon
- secrets at discount. Price is set after Pentagon came forward claiming
- that this was not an innocent "no damage done" hacking: they say that
- there is approximately half a million dollars damage done, and they sent
- their lawyers to Croatia to collect. The kids, their parents, their school
- or even their town can't pay that sum. Here in the U.S. Pentagon
- downplays the event and the abundance of American free media stays
- silent. Nevertheless, they requested through Interpol that Croatian
- police seize the hardware from teenage hackers, if not outright arrest
- them - although hacking into computers is not illegal in Croatia (and
- hackers unpunished broke into Croatian DoD several times). They were
- not arrested, but their equipment was seized.
-
- Question:
- Can the U.S. enforce its law abroad? Are non-U.S. citizen mandated to
- follow the U.S. law in their own countries of origin?
-
- Evaluation:
- If the U.S. is allowed it's law abroad, becoming the world district
- attorney (the natural development from its previous title - the world
- policeman), then other countries are already in a quasi-colonial position.
- If a U.S. citizen broke some Croatian law in the U.S. in a way to cause
- damage to some Croatian government institution, American media might
- remind us of how Croatian government is essentially an undemocratic,
- authoritarian structure, who, lets hint, might have deserved the intrusion.
- This sends a signal around the world that each country sovereignty is
- limited by the laws of the only remaining superpower. However, if the
- U.S. is not allowed to enforce it's law abroad in such situations like this
- one, then every hacker in every corner of the world will go for that
- highest prize: the U.S. military and intelligence computers.
-
- Solutions:
- a) The U.S. can take Croatia as the 51st state, making its citizens
- liable for breaking an American law. Also, with the same living
- standard, people of Croatia might be more receptive to American
- law.
- b) The U.S. may launch a TOCHL, a TOEFL like Test Of
- Computer Hacking Language, to be administered at embassies
- and consulates. The INS would then unconditionally give green
- cards to those who placed in the top 3% every year (that might be
- also better for the U.S. economy than the immigration lottery
- which often brings over people who don't know what to do with
- their prize). After a few years this would male all the top world
- hackers answer to American law.
- c) The U.S. may forgive them one or two war criminals at The
- Hague if Croats let them have the damn kids.
- d) Pentagon may promise Croatian President to keep him in power
- until he dies of his lymph nodes cancer (for which he is already
- occasionally treated at American military hospitals), if he pays
- the proposed fee of half million.
- e) The U.S. government may propose and host (I bet this idea is
- already circulating) an international convention to impose it's
- cyber-cop policies on others by threatening them with techno-sanctions
- should they not abide - yet this may backfire to the
- host.
-
- ------------------------------
-
- Date: Mon, 3 Mar 1997 18:16:14 -0500 (EST)
- From: "noah@enabled.com" <noah@enabled.com>
- Subject: File 5--Bell-Atl NYNEX Mobile See's 70% Decrease In Fraud Losses
-
- From -Noah
-
- ---------- Forwarded message ----------
- Date--Mon, 3 Mar 1997 17:17:22 -0500
- From--Bell Atlantic <pressrelease@ba.com>
- Thanks To High-Tech Solutions
-
- NEWS RELEASE *********************************************************
- ******************************************* BELL ATLANTIC NYNEX MOBILE
-
- FOR IMMEDIATE RELEASE CONTACT:
- March 3, 1997 Maggie Aloia Rohr (908)306-7757
- maloia@mobile.bam.com
-
-
- BELL ATLANTIC NYNEX MOBILE SEES 70% DECREASE IN FRAUD LOSSES
- THANKS TO HIGH-TECH SOLUTIONS
-
- Aggressive Work with Law Enforcement Nets More Than 390 Arrests
-
-
- CTIA WIRELESS '97 SAN FRANCISCO -- The implementation of
- Authentication and RF Fingerprinting technology has led to significant
- decreases in cellular fraud for Bell Atlantic NYNEX Mobile. Since May
- of 1996, when the company led the industry in launching Authentication
- service, Bell Atlantic NYNEX Mobile has seen an overall fraud decrease
- of 70 percent month over month; specifically, a 74 percent decrease in
- home fraud and a 57 percent decrease in roaming fraud.
-
- In addition, Bell Atlantic NYNEX Mobile works with law enforcement
- agencies to pursue and prosecute cloners and distributors of cloned
- phones and equipment. Last year, the company's efforts netted more
- than 390 arrests, and the recovery of more than 110,000 stolen
- cellular phone number/serial number combinations. The company also
- assists in prosecuting cellular thieves to the fullest extent of the
- law. One case resulted in a six year federal jail sentence and more
- than $97,000 in ordered restitution to Bell Atlantic NYNEX Mobile and
- other carriers.
-
- "While we are extremely encouraged by the decreases we've seen, we
- cannot eliminate fraud on our own, especially roaming fraud," said
- Nick Arcuri, vice president-fraud control. "We are actively
- encouraging our roaming partners to join us in the fight by exchanging
- fraud information and by implementing solutions such as networking of
- authentication and RF Fingerprinting systems."
-
- Bell Atlantic NYNEX Mobile's aggressive fraud prevention plan is based
- on a three-pronged approach -- prevention, detection, and prosecution.
-
- Fraud prevention centers around implementing network solutions to stop
- fraud before it affects the customer. Authentication and RF
- Fingerprinting technology deployments are the cornerstones of this
- approach. Since last May, the company has rolled out Authentication
- and RF Fingerprinting technology in all its major markets. Nearly
- two million Bell Atlantic NYNEX Mobile customers are protected by
- Authentication and RF Fingerprinting when in the Bell Atlantic NYNEX
- Mobile footprint or when roaming in markets where the company has
- interconnected its fraud protection services with other carriers.
-
- The second approach to fighting cellular fraud is early detection.
- The company's in-house fraud task force uses sophisticated
- fraud-detection software to alert customers and shut down cloners
- quickly.
-
- Lastly, Bell Atlantic NYNEX Mobile aggressively pursues cellular
- cloners and dealers of stolen equipment. The company provides
- training, support, and assistance to local, state, and federal law
- enforcement officials and employs private investigation firms to
- jointly combat the problem.
-
- Bell Atlantic NYNEX Mobile is the largest wireless service provider on
- the East Coast and the second largest in the United States. The
- company owns and operates the most extensive network in the east,
- covering 111,000 square miles, and the largest chain of wireless
- retail outlets offering a full range of wireless personal
- communications services, including voice, data and paging. Based in
- Bedminster, NJ, Bell Atlantic NYNEX Mobile has 4.4 million customers
- and 6,500 employees in the Northeast, mid-Atlantic, Southeast, and,
- through a separate subsidiary, in the Southwest. The company was
- formed in July, 1995, by combining the cellular operations of Bell
- Atlantic Mobile and NYNEX Mobile.
-
- ------------------------------
-
- Date: Thu, 13 Feb 1997 20:24:42 -0600 (CST)
- From: Crypt Newsletter <crypt@sun.soci.niu.edu>
- Subject: File 6--Higher & Deeper: John Seabrook's CSi book tour
-
- To set the right stage for the following bit of news on author and New
- Yorker reporter John Seabrook, it's necessary for Crypt News to steal
- outright from Eric Alterman's description of the pundit Morton Kondracke
- in "Sound & Fury," an analysis of the Beltway political punditocracy.
- Alterman likened Kondracke disparagingly to Ayn Rand's Lancelot Clokey,
- a social critic in "The Fountainhead" whose literary celebrity was purely
- the creation of the people he worked for.
-
- Like Morton Kondracke, John Seabrook is another Lancelot Clokey --
- cyberspace's. In the past, he's been memorable for overwrought features
- in New Yorker magazine on swapping e-mail with Bill Gates and being
- flamed by David Sternlight. The latter incident apparently so unnerved
- Seabrook, he momentarily believed he'd been attacked by a computer
- virus.
-
- Like Lancelot Clokey, John Seabrook is an author -- "Deeper: My Two-Year
- Odyssey in Cyberspace" (Simon & Schuster). In the months to come you can
- expect Seabrook's book, like Clokey's "The Gallant Gallstone," to be
- praised to the heavens by critics who assuredly know better. Soon
- thousands and thousands of copies of "Deeper" will sell and the name
- "Seabrook" will be on the lips of all the wired kingdom's digerati. Like
- Clokey, Seabrook will believe his reviews, lose all perspective (actually,
- he's already in this phase if the following interview is an indicator),
- and live the life of the brilliant social critic and public philosopher
- when in reality he's done "nothing more outstanding than sleeping, eating
- and chatting with neighbors."
-
- On the p.r. junket for "Deeper," Seabrook came to CompuServe this week
- and talked on-line for about an hour in front of an audience of
- five -- six or seven if you count his mother plus the handler from People
- magazine, the outlet sponsoring the conference. It didn't matter that
- there weren't many real questions, Seabrook had answers: cliches as quips,
- contradictory statements, whizz-bang "hey-even-I-coulda-thought-of-that"
- pronouncements and some clowning.
-
- Here then, a sampling of Seabrook quote from the interview --
-
- To no one in particular:
-
- "Pop culture is a weird thing."
-
- On why the Net is sometimes "nasty:"
-
- "There is a nasty side to lots of people, but some people do a
- better job of keeping it civilized -- which is good. On-line lowers
- the curtain of civilization. But sometimes it's good to be nasty.
- It gets the nastiness out that would otherwise be used in the real
- world."
-
- On the ["mountain men and pioneers"] of the Internet:
-
- "They [the mountain men] are going to have to figure out how to get
- along. The frontier is over. Now it's the next phase. It's more like
- the town than the frontier now. The mountain men are probably feeling
- a little blue."
-
- On journalism and reporting from the Internet:
-
- "If I had to do my reporting work on the Net, I'd be fucked. [But not
- _too fucked_ for the New Yorker gig and book tour. -- Crypt News] I never
- use the Net for information gathering -- it's lousy for that. The public
- library in NYC is much better."
-
- On Bill Gates and how the jig's up for the master of Microsoft:
-
- "It's amazing Gates caught onto the Net at all. He is about one man alone
- with his machine, not connectivity. He's faking it now -- I don't think
- he's [going to] survive for long."
-
- And then, contradicting himself in the same breath, how Gates will
- conquer Netscape:
-
- ". . . as to Netscape, I think it will end up like Apple. Microsoft has
- already successfully copied Netscape, just as it did Apple. It will
- slowly market it out of business."
-
- The next one is quite original. Wouldn't you want to read a book by
- an author who had this to say about America On-Line in early 1997:
-
- "AOL sucks!"
-
- Again on Bill Gates, the one-time subject of a lengthy Seabrook/New Yorker
- treatise:
-
- "I don't exchange e-mail with him. I don't have that much to say to him,
- I guess. If I really wanted to talk to him, I'd e-mail him, but I doubt
- he'd e-mail me back. Fuck him."
-
- On the Internet, again, this time parroting the People magazine handler
- who asked if the Internet was a "giant time sink:"
-
- "The Net is a giant time sink."
-
- On what he's writing about now:
-
- "Now I am writing a story about a young would-be rock star."
-
- And on writing about the Net, again:
-
- "Actually I don't think I'll be writing about computers or the Net
- again for awhile, maybe never. I feel like I said everything I
- have to say . . . or what I haven't, I'll say on the book tour
- gigs."
-
- Near the end, Seabrook's handler asked how his book could do well
- in a time when Net books are classed as "failed" because they're Net books
- (Nope, I'm not making this up.) The answer, of course, was Seabrook's
- Net book is _different_ because it's not really a Net book:
-
- ["Deeper"] is sort of different though. It's not really about the Net,
- it's about one man's experience of the Net. It's more of a memoir of Net
- use than a book about the Net."
-
-
- George Smith
- Crypt Newsletter
-
- ------------------------------
-
- Date: Mon, 24 Feb 1997 08:38:59 -0800
- From: unknown@garbled.header
- Subject: File 7--Novell & Microsoft Win Piracy Suit with Final Frontier BBS
-
- ((MODERATORS' NOTE: The first few lines of the header were
- garbled. We apologize to the poster(s) who sent the following))
-
-
- FOR IMMEDIATE RELEASE --- February 24, 1997
-
- Novell and Microsoft Win Ruling in Lawsuit With the Final
- Frontier BBS
-
- OREM, Utah * February 24, 1997 * Novell, Inc. and Microsoft
- announced they have received a crucial ruling in their lawsuit against
- The Final Frontier Bulletin Board System (BBS). The United States
- Bankruptcy Court for the District of Arizona ruled that the system
- operator for The Final Frontier is responsible for damages to the
- software companies.
-
- Microsoft and Novell first became aware that The Final Frontier was
- dealing in illegal software when investigators were able to log onto the
- board using an alias and download the illegal software. Further
- investigation revealed that The Final Frontier was a member of two
- groups specializing in illegal software. The two groups, Nokturnal
- Trading Alliance (NTA) and Rise in Superior Couriering (RISC) are well
- known in the BBS world.
-
- Investigators from Novell and Microsoft were able to verify 146 improper
- downloads in a very short period of time. The Bankruptcy Court awarded
- $73,000.00 to Microsoft and Novell based upon the number of illegal
- downloads of each company's software. In its ruling the court stated,
- *The economic reality is that any amount awarded is the functional
- equivalent of an economic death sentence to this debtor.....if the debtor's
- financial circumstances were better or the violations had been for profit,
- the award would have been larger*.
-
- Harrison Colter, attorney for Novell, stated * The judges words *economic
- death sentence' send a very powerful message. I hope others get the
- message so that they do not suffer the same fate for their illegal
- activities.*
-
- *Although we are competitors in the marketplace, the damaging effects
- of software piracy greatly harm both of our companies and ultimately the
- entire software industry and its consumers,* commented Jim Lowe,
- Microsoft Corporate Attorney. *Neither Microsoft nor Novell will stand by
- while bulletin boards illegally offer our products to download.*
-
- Novell has established an anti-piracy group and telephone hot line for
- reporting illegal use of Novell software or making related inquiries. Call
- 1-800-PIRATES (800-747-2837) or send e-mail to pirates@novell.com.
-
- Consumers with questions about the legitimacy of Microsoft products
- should call the Microsoft Anti-piracy Hotline at 1-800-RU-LEGIT or e-mail
- piracy@microsoft.com. To receive more information about software
- piracy, call the Business Software Alliance (BSA) Anti-piracy Hotline at
- 1-888-NO-PIRACY or e-mail software@bsa.org.
-
- Founded in 1983, Novell (NASDAQ: NOVL) is the world's leading
- provider of network software. The company offers a wide range of
- network solutions for distributed network, Internet, intranet and
- small-business markets. Novell education and technical support
- programs are the most comprehensive in the network computing
- industry. Information about Novell's complete range of products and
- services can be accessed on the World Wide Web at
- http://www.novell.com.
-
- Founded in 1975, Microsoft (NASDAQ: *MSFT*) is the worldwide leader
- in software for personal computers. The company offers a wide range
- of products and services for business and personal use, each designed
- with a mission of making it easier and more enjoyable for people to take
- advantage of the full power of personal computing every day.
- ###
-
- Novell is a trademark of Novell, Inc.
- Microsoft is a trademark of Microsoft, Inc.
-
- Microsoft Contact:
- Karen Porter
- Phone: (206) 936-5992
- Fax (206) 936-7412
- Internet: karenpor@microsoft.com
-
- Novell Contact:
- Steve Kirk
- Phone: (801) 228-8801
- Fax (801) 228-8875
- Internet: skirk@novell.com
-
- ------------------------------
-
- Date: Thu, 15 Dec 1996 22:51:01 CST
- From: CuD Moderators <cudigest@sun.soci.niu.edu>
- Subject: File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)
-
- Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
- available at no cost electronically.
-
- CuD is available as a Usenet newsgroup: comp.society.cu-digest
-
- Or, to subscribe, send post with this in the "Subject:: line:
-
- SUBSCRIBE CU-DIGEST
- Send the message to: cu-digest-request@weber.ucsd.edu
-
- DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
-
- The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
- or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
- 60115, USA.
-
- To UNSUB, send a one-line message: UNSUB CU-DIGEST
- Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU
- (NOTE: The address you unsub must correspond to your From: line)
-
- Issues of CuD can also be found in the Usenet comp.society.cu-digest
- news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
- LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
- libraries and in the VIRUS/SECURITY library; from America Online in
- the PC Telecom forum under "computing newsletters;"
- On Delphi in the General Discussion database of the Internet SIG;
- on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
- and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
- CuD is also available via Fidonet File Request from
- 1:11/70; unlisted nodes and points welcome.
-
- EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
- In ITALY: ZERO! BBS: +39-11-6507540
- In LUXEMBOURG: ComNet BBS: +352-466893
-
- UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
- ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
- aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
- world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
- wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
- EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
- ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
-
-
- The most recent issues of CuD can be obtained from the
- Cu Digest WWW site at:
- URL: http://www.soci.niu.edu/~cudigest/
-
- COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
- information among computerists and to the presentation and debate of
- diverse views. CuD material may be reprinted for non-profit as long
- as the source is cited. Authors hold a presumptive copyright, and
- they should be contacted for reprint permission. It is assumed that
- non-personal mail to the moderators may be reprinted unless otherwise
- specified. Readers are encouraged to submit reasoned articles
- relating to computer culture and communication. Articles are
- preferred to short responses. Please avoid quoting previous posts
- unless absolutely necessary.
-
- DISCLAIMER: The views represented herein do not necessarily represent
- the views of the moderators. Digest contributors assume all
- responsibility for ensuring that articles submitted do not
- violate copyright protections.
-
- ------------------------------
-
- End of Computer Underground Digest #9.16
- ************************************
-
-
-