home *** CD-ROM | disk | FTP | other *** search
-
- Computer underground Digest Sun Apr 6, 1997 Volume 9 : Issue 27
- ISSN 1004-042X
-
- Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
- News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
- Archivist: Brendan Kehoe
- Shadow Master: Stanton McCandlish
- Shadow-Archivists: Dan Carosone / Paul Southworth
- Ralph Sims / Jyrki Kuoppala
- Ian Dickinson
- Field Agent Extraordinaire: David Smith
- Cu Digest Homepage: http://www.soci.niu.edu/~cudigest
-
- CONTENTS, #9.27 (Sun, Apr 6, 1997)
-
- File 1-- OECD releases Crypto Guidlines
- File 2--OECD Guidlines Released
- File 3--The Zimmermann Telegram
- File 4--Moynihan Commission hoisted on petard of Penpal hoax
- File 5--Rep. Rick White to hold live online town hall meeting 4/10
- File 6--UPDATE: Computer Security Script Database
- File 7--Cu Digest Header Info (unchanged since 1 Apr, 1997)
-
- CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
- THE CONCLUDING FILE AT THE END OF EACH ISSUE.
-
- ---------------------------------------------------------------------
-
- Date: Thu, 3 Apr 1997 18:06:07 GMT
- From: "ACLU Cyber-Liberties Update Owner"@newmedium.com
- Subject: File 1-- OECD releases Crypto Guidlines
-
- * OECD releases Crypto Guidlines
-
- The Organization for Economic Cooperation and Development (OECD) last
- week announced its new Cryptography Policy Guidelines. Despite
- pressure from the U.S. government to adopt a U.S.backed key escrow/key
- recovery system, the leading industrial democracies took a stand that
- instead strongly suppots privacy rights, and rejects key escrow.
-
- International support for a market diven and voluntary system is a
- huge step, and one the ACLU fully supports. The Global Internet
- Liberty Coalition (GILC) and the ACLU held a conference in Paris in
- September during the OECD gathering which contributed to a favorable
- climate for the guidelines. Both the ACLU and GILC are appreciative of
- the steps the Organization has taken towards protecting privacy and
- urging removal of restrictions on cryptography.
-
-
-
- The Guidelines set out eight basic Principles for cryptography policy:
-
-
- 1.Cryptographic methods should be trustworthy in order to generate
- confidence in the use of information and communications systems.
-
- 2.Users should have a right to choose any cryptographic method,
- subject to applicable law.
-
- 3.Cryptographic methods should be developed in response to the needs,
- demands and responsibilities of individuals, businesses and
- governments.
-
- 4.Technical standards, criteria and protocols for cryptographic
- methods should be developed and promulgated at the national and
- international level.
-
- 5.The fundamental rights of individuals to privacy, including secrecy
- of communications and protection of personal data, should be respected
- in national cryptography policies and in the implementation and use of
- cryptographic methods.
-
- 6.National cryptography policies may allow lawful access to
- plaintext, or cryptographic keys, of encrypted data. These policies
- must respect the other principles contained in the guidelines to the
- greatest extent possible.
-
- 7.Whether established by contract or legislation, the liability
- ofindividuals and entities that offer cryptographic services or hold
- or access cryptographic keys should be clearly stated.
-
- 8.Governments should co-operate to co-ordinate cryptography policies.
- As part of this effort, governments should remove, or avoid creating
- in the name of cryptography policy, unjustified obstacles to trade.
-
-
-
- The full OECD policy can be found at:
-
- http://www.oecd.org/dsti/iccp/crypto_e.html
-
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- ACLU Cyber-Liberties Update Editor:
- Lisa Kamm (kamml@aclu.org)
- American Civil Liberties Union National Office
- 132 West 43rd Street
- New York, New York 10036
-
- To subscribe to the ACLU Cyber-Liberties Update, send a message
- to majordomo@aclu.org with "subscribe Cyber-Liberties" in the
- body of your message. To terminate your subscription, send a
- message to majordomo@aclu.org with "unsubscribe Cyber-Liberties"
- in the body.
-
- The Cyber-Liberties Update is archived at
- http://www.aclu.org/issues/cyber/updates.html
-
- For general information about the ACLU, write to info@aclu.org.
- PGP keys can be found at http://www.aclu.org/about/pgpkeys.html
-
- ------------------------------
-
- Date: Thu, 27 Mar 1997 16:53:07 -0500
- From: Dave Banisar <Banisar@EPIC.ORG>
- Subject: File 2--OECD Guidlines Released
-
- The OECD Cryptography Policy Guidelines were formally announced
- today, following an intensive year-long negotiation.
- EPIC will be posting a complete copy of the Guidelines at our
- web site [http://www.epic.org/] along with a detailed analysis.
-
- Journalists interested in a briefing should contact the Communications
- Division of the OECD. For further information and inquiries, please
- contact the Information, Computer and Communications Policy Division
- (fax (33) 01 45 24 93 32).
-
- General information about the OECD may be found at the OECD web site
- [http://www.oecd.org]. Specific information about the work of the OECD
- in the areas of security, privacy, intellectual property, and cryptography
- is available at http://www.oecd.org/dsti/iccp/legal/top-page.html. The
- OECD Privacy Principles are online at
- http://www.oecd.org/dsti/iccp/legal/priv-en.html
-
- Among the key outcomes:
-
- -- Recognition of commercial importance of cryptography. The Guidelines
- recognize that cryptography is an effective tool for the secure use
- of information technology by ensuring confidentiality, integrity and
- availability of data and providing authentication and non-repudiation
- mechanisms.
-
- -- Rejection of key escrow encryption. The US sought endorsement
- for government access to private keys. Initial drafts of the
- guidelines included this recommendation. The final draft does
- not. OECD countries rejected this approach.
-
- -- Endorsement of voluntary, market-driven development of crypto
- products. The OECD emphasized open, competitive markets to
- promote trade and commerce in new cryptographic methods.
-
- -- Endorsement of strong privacy safeguards. The OECD adopted one of
- strongest privacy principles found in any international agreement,
- including the obligation to apply the OECD privacy principles to
- crypto products and services. The OECD also noted favorably the
- development of anonymous payment schemes which would minimize the
- collection of personal data.
-
- -- Removal of Restriction on Cryptography. The OECD urged member
- countries to remove, and avoid creating, obstacles to trade
- based on cryptography policy. This guideline should lead to
- further liberalization of export control policies among the
- OECD member countries.
-
- EPIC will also provide briefings for organizations interested
- in the intent and application of the OECD Cryptography Guidelines.
-
- Marc Rotenberg
- Director, EPIC
- Member, OECD ad hoc Expert Panel on Cryptography Policy
-
-
- ----------------
-
- [http://www.oecd.org/news_and_events/release/nw97-24a.htm]\
- OECD News Release
-
- Paris, 27 March 1997
-
- OECD ADOPTS GUIDELINES FOR CRYPTOGRAPHY POLICY
-
- The OECD has adopted Guidelines for Cryptography Policy, setting out
- principles to guide countries in formulating their own policies and legislation
- relating to the use of cryptography.
-
- The Recommendation which came before the governing body of the OECD, the
- Council, on Thursday 27 March, is a non-binding agreement that identifies the
- basic issues that countries should consider in drawing up cryptography policies
- at the national and international level. The Recommendation culminates one
- year of intensive talks to draft the Guidelines.
-
- The need for Guidelines emerged from the explosive worldwide growth of
- information and communications networks and technologies and the
- requirement for effective protection of the data which is transmitted and
- stored
- on those systems. Cryptography is a fundamental tool in a comprehensive data
- security system. Cryptography can also ensure confidentiality and integrity of
- data and provide mechanisms for authentication and non-repudiation for use in
- electronic commerce.
-
- Governments want to encourage the use of cryptography for its data protection
- benefits and commercial applications, but they are challenged to draft
- cryptography policies which balance the various interest at stake, including
- privacy, law enforcement, national security, technology development and
- commerce. International consultation and co-operation must drive cryptography
- policy because of the inherently international nature of information and
- communications networks and the difficulties of defining and enforcing
- jurisdictional boundaries in the new global environment.
-
- The Guidelines are intended to promote the use of cryptography, to develop
- electronic commerce through a variety of commercial applications, to bolster
- user confidence in networks, and to provide for data security and privacy
- protection.
-
- Some OECD Member countries have already implemented policies and laws on
- cryptography, and many countries are still developing them. Failure to
- co-ordinate these national policies at the international level could introduce
- obstacles to the evolution of national and global information and
- communications networks and could impede international trade. OECD
- governments have recognised the importance of international co-operation, and
- the OECD has contributed by developing consensus on specific policy and
- regulatory issues related to cryptography and, more broadly, to information
- and communications networks and technologies.
-
- The Guidelines set out eight basic Principles for cryptography policy:
-
- 1.Cryptographic methods should be trustworthy in order to generate
- confidence in the use of information and communications systems.
-
- 2.Users should have a right to choose any cryptographic method, subject
- to applicable law.
-
- 3.Cryptographic methods should be developed in response to the needs,
- demands and responsibilities of individuals, businesses and
- governments.
-
- 4.Technical standards, criteria and protocols for cryptographic methods
- should be developed and promulgated at the national and international
- level.
-
- 5.The fundamental rights of individuals to privacy, including secrecy of
- communications and protection of personal data, should be respected
- in national cryptography policies and in the implementation and use of
- cryptographic methods.
-
- 6.National cryptography policies may allow lawful access to plaintext, or
- cryptographic keys, of encrypted data. These policies must respect the
- other principles contained in the guidelines to the greatest extent
- possible.
-
- 7.Whether established by contract or legislation, the liability of
- individuals and entities that offer cryptographic services or hold or
- access cryptographic keys should be clearly stated.
-
- 8.Governments should co-operate to co-ordinate cryptography policies.
- As part of this effort, governments should remove, or avoid creating in
- the name of cryptography policy, unjustified obstacles to trade.
-
- The Guidelines advise that the eight elements should be taken as a whole in an
- effort to balance the various interests at stake. These Principles are
- designed to
- assist decision-makers in the public and private sectors in developing and
- implementing coherent national and international policies for the effective use
- of cryptography. Member countries should establish new, or amend existing,
- policies to reflect them. Any national controls on use of cryptography should
- be stated clearly and be publicly available.
-
- Drafting of the Guidelines for Cryptography Policy began in early 1996, when
- the OECD formed an Ad hoc Group of Experts under the chairmanship of Mr.
- Norman Reaburn of the Attorney-General's Department of Australia. More
- than 100 representatives from OECD Member countries participated, including
- government officials from commerce, industry, telecommunications and
- foreign ministries, law enforcement and security agencies, privacy and data
- protection commissions, as well as representatives of private sector. The
- Business and Industry Advisory Committee to the OECD was involved and
- experts on privacy, data protection and consumer protection also participated.
-
- The policy recommendations in the Guidelines are primarily aimed at
- governments, but it is anticipated that they will be widely read and
- followed by
- both the public and private sectors. Governments will now engage in further
- consultation to co-ordinate and co-operate on the implementation of the
- Guidelines. In the future, the Guidelines could form a basis for agreements on
- specific issues related to international cryptography policy. The
- Guidelines will
- soon be published as an OECD document for broad distribution to promote
- awareness and public discussion of the issues and policies related to
- cryptography.
-
- ------------------------------
-
- Date: Thu, 3 Apr 1997 00:21:30 -0500 (EST)
- From: ptownson@MASSIS.LCS.MIT.EDU(TELECOM Digest Editor)
- Subject: File 3--The Zimmermann Telegram
-
- ((MODERATORS' NOTE: For those not familiar with Pat Townson's
- TELECOM DIGEST, it's a an exceptional resource. From the header
- of TcD:
- "TELECOM Digest is an electronic journal devoted mostly but
- not exclusively to telecommunications topics. It is
- circulated anywhere there is email, in addition to various
- telecom forums on a variety of public service systems and
- networks including Compuserve and America On Line. It is also
- gatewayed to Usenet where it appears as the moderated
- newsgroup 'comp.dcom.telecom'. Subscriptions are available to
- qualified organizations and individual readers. Write and tell
- us how you qualify:
- * ptownson@massis.lcs.mit.edu * ======" ))
-
- SOURCE: TELECOM Digest Thu, 3 Apr 97 00:21:00 EST Volume 17 : Issue 81
-
- Begin forwarded message:
-
- Date--Mon, 31 Mar 1997 13:04:45 -0800 (PST)
- From--Phil Agre <pagre@weber.ucsd.edu>
- Subject--The Zimmermann Telegram
-
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- This message was forwarded through the Red Rock Eater News Service (RRE).
- Send any replies to the original author, listed in the From: field below.
- You are welcome to send the message along to others but please do not use
- the "redirect" command. For information on RRE, including instructions
- for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-
- From-- Dave Del Torto [SMTP--ddt@pgp.com]
- Sent-- Monday, March 31, 1997 12--00 PM
- To-- telegram-request@pgp.com
- Subject-- The Zimmermann Telegram
-
-
- Ladies, Gentlemen & Cryptographers,
-
- I'm pleased to announce the imminent release of the premier issue of
- the new "Zimmermann Telegram" newsletter. The Zimmermann Telegram will
- be a regularly-published, paper-based, English-language technical
- update newsletter from PGP's engineering staff, and will cover a
- variety of cryptographic and other lighthearted topics which we may
- otherwise be restricted from discussing via electronic media. The
- newsletter will be sent, in compliance with US law, by regular postal
- mail to anyone interested in technical information about PGP --
- anywhere in the world.
-
- If you are now developing PGP-related freeware, shareware, commercial or
- academic cryptographic software, or you plan in future to become a
- registered PGP Developer or PGP World Partner (those programs are currently
- under construction and will be formally announced later) or if you are just
- interested in technical information about cryptography, we think you'll
- enjoy reading our newsletter.
-
- In the premier issue, along with important updates regarding changes
- to the PGP packet format, CRC security problems and new extensions to
- the PGP key format which are not available through any other medium,
- you'll learn about the significance of the "Zimmermann Telegram"
- name. Meanwhile, visit this page:
- <http://www.nara.gov/nara/digital/teaching/zimmermann/zimmerma.html>.
-
- Scheduled to be mailed imminently, the premier issue will be sent free
- to anyone who provides us with a postal mail address. After that,
- regular subscriptions will require a modest fee (to be announced) to
- cover our mailing costs, but we've committed to offering a limited
- number of free one-year subscriptions to interested members of the
- cryptography community. To request your free subscription, please
- send email to me at:
-
- <mailto:telegram-request@pgp.com?subject=first_issue_free_subscription_req>
-
- In the body of your request, please include the form below (items
- between the cut-lines ONLY, and preferably PGP-signed), and replace
- the lines with your complete postal mail address info as
- indicated. We'll put an HTML subscription form on our website, but for
- the premier issue, we're managing the subscription process via
- email. Thank you for your patience as we deploy rapidly. :)
-
- ............................. form begins here .............................
- The Zimmermann Telegram
- PGP's Technical Newsletter
-
- - Premier Issue & One-Year Free Subscription Request -
-
- Subscription Information (Premier Issue):
-
- name (optional, but appreciated)
- title (optional)
- organization/dept (optional, as appropriate)
- street address
- mailstop (optional)
- city/state/province
- zip-/postal-code
- country
-
- Free Subscription Category: (please [x] only one)
-
- [ ] academic
- [ ] public library
- [ ] media maven
- [ ] human-rights/privacy activist
- [ ] corporate security
- [ ] impoverished cypherpunk
- [ ] software analyst
- [ ] law enforcement
- [ ] freedom-fighter
- [ ] intelligence agency
- [ ] freeware developer
-
- .............................. form ends here ..............................
-
- Privacy Lock: If you are concerned about the privacy of your personal
- information when sent over unsecured public networks, please feel free
- to encrypt your subscription request to my key, which can be found at:
- <http://swissnet.ai.mit.edu:11371/pks/lookup?op=index&search=0x4AAF00E5>.
- Pretty Good Privacy Inc will take all reasonable precautions to
- protect this information and will not use it for any other purpose
- without first asking your permission. Also, PGP will not sell or give
- the information to another entity and will store the list securely
- between mailings.
-
- Please feel free to circulate/forward this message (with
- PGP-signature) among your friends and colleagues (remember: the free
- subscription offer expires on 30 April 1997). We look forward to your
- comments on The Zimmermann Telegram and thank you for your continued
- support of PGP.
-
-
- dave
-
-
- Dave Del Torto +1.415.524.6231 tel
- Senior Technical Evangelist +1.415.572.1932 fax
- Pretty Good Privacy, Inc. http://www.pgp.com web
- X-PGP header key
-
-
- ........................ "The Zimmermann Telegram" ........................
- Copyright (c) 1997 Pretty Good Privacy, Inc. All Rights Reserved. PGP and
- Pretty Good Privacy are registered trademarks of Pretty Good Privacy, Inc.
- Permission is granted to the reader to reproduce and distribute exact
- copies of this document, in physical or electronic form, on a
- non-commercial basis (i.e., at no direct or indirect charge). This document
- has been made available in hard copy on a subscription basis and is
- available in public libraries in the United States. Accordingly, and solely
- for purposes of U.S. Export Control laws and regulations (but not copyright
- or other intellectual property laws), this document is considered in the
- "public domain." The information in this document is of an exploratory or
- experimental nature. As such, it is subject to change without notice and is
- provided "AS IS." No guarantee is made that it is free of errors or that it
- will meet your requirements. While we welcome your feedback on this
- document, we are unable to provide any technical support for its contents.
- ............................................................................
-
- -----BEGIN PGP SIGNATURE-----
- Version: PGPmail 5.0 beta
- Charset: noconv
-
- iQCVAwUBM0ANsaHBOF9KrwDlAQG0bAQA17mtcxR860pFRPPdcw4LYL1pEecEoTXW
- tzBCq0M84aKgv9qamZQeOkyHaxXkHGgyChaHwlsea3Q46avFvJrJfHysz/YGrvy1
- qIIDrEQCqVU6emLuOvziiNLefNcj0qv2YLAfLuSy78sCTfOtfmX6IrXf7D3PDwhP
- oICHxH1iR4E=
- =gI03
- -----END PGP SIGNATURE-----
-
- ------------------------------
-
- Date: Thu, 3 Apr 1997 23:09:10 -0600 (CST)
- From: Crypt Newsletter <crypt@sun.soci.niu.edu>
- Subject: File 4--Moynihan Commission hoisted on petard of Penpal hoax
-
- From the pages of Crypt Newsletter:
-
- April 3, 1997
-
- Pasadena, CA -- In an astonishing gaffe, government intelligence
- experts writing for the Moynihan Commission's recent "Report . . . on
- Protecting and Reducing Government Secrecy" reveal they've been
- hooked on one of the Internet's ubiquitous e-mail computer virus hoaxes
- known as "Penpal Greetings"!
-
- In a boldly displayed boxed-out quote in a part of the report
- entitled "Information Age Insecurity" authors of the report
- proclaim:
-
- "Friendly Greetings?
-
- "One company whose officials met with the Commission warned its
- employees against reading an e-mail entitled Penpal Greetings.
- Although the message appeared to be a friendly letter, it
- contained a virus that could infect the hard drive and destroy all
- data present. The virus was self-replicating, which meant that
- once the message was read, it would automatically forward itself
- to any e-mail address stored in the recipients in-box."
-
- The Penpal joke is one in half-a-dozen or so permutations spun
- off the well-known GoodTimes e-mail virus hoax. Variations on
- GoodTimes have appeared at a steady rate over the past couple
- years. Real computer security experts -- as opposed to the
- Moynihan commission's -- now occasionally worry in the press that
- they spend more time clearing up confusion created by such
- tricks than destroying actual computer viruses.
-
- The report's authors come from what is known as "the Moynihan
- commission," a group of heavy Congressional and intelligence
- agency hitters tasked with critiquing and assessing the Byzantine
- maze of classification and secrecy regulation currently embraced by
- the U.S. government.
-
- Among the commission's members are its chairman, Daniel Moynihan;
- vice-chairman Larry Combest, Jesse Helms, ex-CIA director John
- Deutch and Martin Faga, a former head of the super-secret, spy
- satellite-flying National Reconnaissance Office.
-
- The part of the report dealing with "Information Age Insecurity"
- merits much more comment. But in light of the report's contamination by
- the Penpal virus hoax, two paragraphs from the March 4 treatise become
- unintentionally hilarious:
-
- "Traditionally, computer security focuses on containing the effects of
- malicious users or malicious programs. As programs become more complex,
- an additional threat arises: _malicious data_ [Crypt Newsletter emphasis
- added] . . . In general, the outlook is depressing: as the economic
- incentives increase, these vulnerabilities are likely to be
- exploited more frequently.
-
- ---W. Olin Sibert, 19th National Information Systems Security
- Conference (October 1996)"
-
- And,
-
- "Inspector General offices, with few exceptions, lack the personnel,
- skills, and resources to address and oversee information systems
- security within their respective agencies. The President cannot turn to
- an Information General and ask how U.S. investments in information
- technology are being protected from the latest viruses, terrorists, or
- hackers."
-
- Got that right, sirs.
-
- --------------------
-
- Notes: Other authors of the commission report include Maurice
- Sonnenberg; John Podesta, a White House Deputy Chief of Staff and
- also, apparently, a visiting professor at Georgetown
- University's Cyberlaw Center; Ellen Hume, a former reporter for the
- Wall Street Journal; and Alison Fortier, a former National Security
- Council staffer and current Rockwell International employee.
-
- ---------------------
-
- George Smith, Editor
- Crypt Newsletter
- http://www.soci.niu.edu/~crypt
- "In cyberspace, all news is local."
-
- ------------------------------
-
- Date: Thu, 3 Apr 1997 23:31:55 -0500 (EST)
- From: Shabbir Safdar <shabbir@democracy.net>
- Subject: File 5--Rep. Rick White to hold live online town hall meeting 4/10
-
- Source - fight-censorship@vorlon.mit.edu
-
- Government Without Walls
- Update No.3 http:/www.democracy.net/ April 3 1997
- JOIN INTERNET CAUCUS-CO FOUNDER REP. RICK WHITE (R-WA) LIVE ONLINE!
-
- Representative Rick White (R-WA), co-founder of the Congressional Internet
- Caucus and leader on Internet policy issues, will be the guest at
- democracy.net's first live, interactive 'town hall meeting' on Thursday
- April 10 at 8:30 pm ET (5:30 pm PST).
-
- The town hall meeting, moderated by Wired Magazine's Todd Lappin, will be
- completely virtual. The discussion will be cybercast live via RealAudio,
- and listeners can join a simultaneous interactive chat discussion and pose
- questions to Rep. White.
-
- This is a unique opportunity for Internet users to discuss current Internet
- issues, including efforts to reform US Encryption policy, the future of the
- Communications Decency Act, the activities of the Congressional Internet
- Caucus, and others.
-
- Details on the event, including instructions on how you can submit questions
- in advance, are attached below.
-
- ___________________________________________________________
- INSTRUCTIONS ON HOW TO PARTICIPATE
-
- * Interactive Town Hall Meeting with Rep. Rick White (R-WA) *
-
- DATE: Thursday, April 10, 1997
- TIME: 5:30 pm PST / 8:30 pm EST
- LOCATION: http://www.democracy.net
-
- In advance of the town hall meeting, please visit http://www.democracy.net
- and fill out the form to ask Rep. White a question. We will collect the
- questions and forward them to the moderator on the day of the event, and
- will make every effort to ensure that questions from constituents are asked
- first.
-
- 1. Attend and ask Rep. White a question!
-
- Please mark this date in your calendar: Thursday April 10, 5:30PM PST
- at http://democracy.net/
-
- 2. Get your friends and co-workers to join the discussion
-
- Members of Congress love to hear from their constituents. If you have
- friends that live in the district, please forward this invitation and
- encourage them to attend.
-
- __________________________________________________________
- BACKGROUND
-
- Congressman Rick White, 43, is serving his second term representing the
- people of the First Congressional District of Washington state, which
- includes parts of Seattle, Redmond, and surrounding areas.
-
- In 1995, White gained national attention through his work on the
- Internet and high-technology issues. He was one of a handful of members
- selected to develop the final Telecommunications Act of 1996. As the
- founder of the Congressional Internet Caucus, he has worked to educate
- members of Congress about the Internet and to create a more open,
- participatory government through the use of technology.
-
- Additional Information can be found at the following locations:
-
- * Rep. Rick White's Home Page -- http://www.house.gov/white/
- * democracy.net Page -- http://www.democracy.net/
-
- ______________________________________________________________
- UPCOMING EVENTS
-
- Representative Anna Eshoo (D-CA), Internet policy leader from Silicon
- Valley, will be the guest at democracy.net's interactive 'town hall meeting'
- on Wednesday April 16 at 8:30 pm ET (5:30 pm PST).
-
- Visit http://www.democracy.net for more details.
-
- _________________________________________________________________
- ABOUT DEMOCRACY.NET
-
- The democracy.net is a joint project of the Center for Democracy and
- Technology (CDT) and the Voters Telecommunications Watch (VTW) to explore
- ways of enhancing citizen participation in the democratic process via
- the Internet.
-
- To this end, democracy.net will host live, interactive cybercasts of
- Congressional Hearings and online town hall meetings with key policy makers.
-
- democracy.net is made possible through the generous support of WebActive,
- Public Access Networks, the Democracy Network, and DIGEX Internet. More
- information about the project and its sponsors can be found at
- http://www.democracy.net/about/
-
- To receive democracy.net announcements automatically, please visit our
- signup form at http://www.democracy.net/
-
- ------------------------------
-
- Date: Mon, 24 Mar 1997 15:40:06 -0600 (CST)
- From: "Scott A. Davis" <sdavis@fc.net>
- Subject: File 6--UPDATE: Computer Security Script Database
-
- The following is an update to a message posted to CU Digest in recent weeks.
-
- The Banzai Institute - Computer Security Scripts and Software Database
- has been a tremendous success. We currently have over 200 scripts and
- programs that can be used to test the security on several types of
- systems in many different ways. As a result of the recent success, we
- have decided to lower the price of a subscription to this database.
-
- OLD SUBSCRIPTION $40.00 per month
-
- NEW SUBSCRIPTION $25.00 per quarter
- $50.00 per six months, etc...
-
- We at the Banzai Institute believe that site security is a very important
- concern. It is for this reason that we have decided to offer this service.
- The idea being that the only way to truly know how secure your site is, is
- to hack that site like any other hacker would. We believe that this
- database will be very useful in securing your site. It makes no sense to
- pay thousands of dollars for a limited program to check for a limited
- number of security holes. We provide the user with a continually growing
- list of bug exploits that include and go beyond those provided by most
- security auditing software. We do NOT condone the use of this information
- for illegal or illegitimate use. The database currently contains Sendmail
- Bugs And Holes, ICMP Bombs, Sniffer Programs, Keytrap Software, Process
- Manipulators, Password Crackers, Spoofers, Login and Process Monitors,
- Many root Access Utilities, rdist Tools, passwd file tools, tty Utilities,
- rexd, yp, etc... Exploits, Packet Re-Routers plus Much, Much More!
-
- If you are interested, please visit http://www.banzai-institute.org
-
- If you have any questions, please e-mail webmaster@banzau-institute.org
-
- ------------------------------
-
- Date: Thu, 15 Dec 1996 22:51:01 CST
- From: CuD Moderators <cudigest@sun.soci.niu.edu>
- Subject: File 7--Cu Digest Header Info (unchanged since 1 Apr, 1997)
-
- Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
- available at no cost electronically.
-
- CuD is available as a Usenet newsgroup: comp.society.cu-digest
-
- Or, to subscribe, send post with this in the "Subject:: line:
-
- SUBSCRIBE CU-DIGEST
- Send the message to: cu-digest-request@weber.ucsd.edu
-
- DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
-
- The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
- or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
- 60115, USA.
-
- To UNSUB, send a one-line message: UNSUB CU-DIGEST
- Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU
- (NOTE: The address you unsub must correspond to your From: line)
-
- Issues of CuD can also be found in the Usenet comp.society.cu-digest
- news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
- LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
- libraries and in the VIRUS/SECURITY library; from America Online in
- the PC Telecom forum under "computing newsletters;"
- On Delphi in the General Discussion database of the Internet SIG;
- on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
- and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
- CuD is also available via Fidonet File Request from
- 1:11/70; unlisted nodes and points welcome.
-
- In ITALY: ZERO! BBS: +39-11-6507540
- In LUXEMBOURG: ComNet BBS: +352-466893
-
- UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
- Web-accessible from: http://www.etext.org/CuD/CuD/
- ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
- aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
- world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
- wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
- EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
- ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
-
-
- The most recent issues of CuD can be obtained from the
- Cu Digest WWW site at:
- URL: http://www.soci.niu.edu/~cudigest/
-
- COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
- information among computerists and to the presentation and debate of
- diverse views. CuD material may be reprinted for non-profit as long
- as the source is cited. Authors hold a presumptive copyright, and
- they should be contacted for reprint permission. It is assumed that
- non-personal mail to the moderators may be reprinted unless otherwise
- specified. Readers are encouraged to submit reasoned articles
- relating to computer culture and communication. Articles are
- preferred to short responses. Please avoid quoting previous posts
- unless absolutely necessary.
-
- DISCLAIMER: The views represented herein do not necessarily represent
- the views of the moderators. Digest contributors assume all
- responsibility for ensuring that articles submitted do not
- violate copyright protections.
-
- ------------------------------
-
- End of Computer Underground Digest #9.27
- ************************************
-
-
-