The Hacker Chronicles - A Tour of the Computer Underground

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker Chronicles - A…the Computer Underground / The Hacker Chronicles - A Tour of the Computer Underground (P-80 Systems).iso / miscpub2 / uxu-033.txt < prev next >

Wrap

Text File | 1992-09-26 | 124KB | 2,466 lines

### ### ### ### ### #### ### ### ### #### ### ### ##### ### ### ### ### ### ### ### ### ### ##### ### ### ########## ### ### ########## ### ### ### ### Underground eXperts United Presents... ####### ## ## ####### # # ####### ####### ####### ## ## ## ## ##### ## ## ## ## #### ## ## #### # # ## ## ####### ####### ## ## ## ## ##### ## ## ## ## ## ## ####### ####### # # ####### ####### ####### [ uXu Follow-Up #1 - Dr. Ripco & Ripco BBS ] [ By The Chief ] ____________________________________________________________________ ____________________________________________________________________ *** SPECIAL ISSUE *** uXu Follow-Up #1 - Dr. Ripco and Ripco BBS NOTE: Exerpts from various sources like CuD (Computer Underground Digest), Dr. Ripco, Bulletins and messages are in their genuine state. No changes or alterations of the materinal has been made. However, various sections that did not cover Dr. Ripco, Ripco BBS or Operation Sun Devil have been edited out and are marked with <ed> for your comfort and understanding. Also note that the views presented are individual, and do not necessarily represent the views of uXu, or the Computer Underground as a whole. This special issue starts with an in-depth view of Operation Sun Devil, to get you, the reader, to understand what really happened, and to explain the following special section about Ripco BBS and Dr. Ripco's views on what happened to him. Introduction As you might know, Dr. Ripco, the SysOp of ex-BBS Ripco (now Ripco ][) was a victim of the (still running?) Operation Sun Devil, conducted by the FBI which the 8th of May 1990 raged through the United States of America. Briefly, the Moderators of Computer Underground Digest described the initiation of the operation like this; <taken from Computer Underground Digest Vol.1, Issue #09 May 16, 1990> ----------------------------------start here----------------------------------- File 1: Moderators' Corner ---------- Operation Sun Devil ----------- Operation Sun Devil, another phase in the crackdown against the computer underground, was begun May 8 (See this issue, Files 3 and 4). At least 28 search warrants were served, and a number of arrests have resulted, although not all directly related to the May 8 operation. Judging from comments we have received, people are either quite angry about it or highly supportive of it. <ed> ------------------------------------end here----------------------------------- Computer Underground Digest is (known to me) the best source available when it comes to the CU and legal issues. News are presented from people around the world, and becomes very interesting discussion topics. Many people, ranging from attourneys to normal computer users express their views, discuss various subjects, and if possible, explain things hard to understand. CuD covered (and cover) Operation Sun Devil very thouroughly with press- releases from the papers as well as the Secret Service when it all started; <taken from Computer Underground Digest Vol.1, Issue #09 May 16, 1990> ---------------------------------start here------------------------------------ U.S. Department of Justice United States Attorney District of Arizona -------------------------------------------------------------------- 4000 United States Courthouse Phoenix, Arizona 82505 602-379-3011 /FTS/261-3011 PRESS RELEASE FOR IMMEDIATE RELEASE: CONTACT: Wendy Harnagel Wednesday, May 9, 1990 United States Attorney's Office (602) 379-3011 PHOENIX--Stephen M. McNamee, United States Attorney for the District of Arizona, Robert K. Corbin, Attorney General for the state of Arizona, and Henry R. Potosky, Acting Special Agent in Charge of the United States Secret Service Office in Phoenix, today announced that approximately twenty-seven search warrants were executed on Monday and Tuesday, May 7 and 8, 1990, in various cities across the nation by 150 Secret Service agents along with state and local law enforcement officials. The warrants were issued as a part of Operation Sundevil, which was a two year investigation into alleged illegal computer hacking activities. The United States Secret Service, in cooperation with the United States Attorney's Office, and the Attorney General for the State of Arizona, established an operation utilizing sophisticated investigative techniques, targeting computer hackers who were alleged to have trafficked in and abuse stolen credit card numbers, unauthorized long distance dialing codes, and who conduct unauthorized access and damage to computers. While the total amount of losses cannot be calculated at this time, it is (MORE) estimated that the losses may run into the millions of dollars. For example, the unauthorized accessing of long distance telephone cards have resulted in uncollectible charges. The same is true of the use of stolen credit card numbers. Individuals are able to utilize the charge accounts to purchase items for which no payment is made. Federal search warrants were executed in the following cities: Chicago, IL Cincinnati, OH Detroit, MI Los Angeles, CA Miami, FL Newark, NJ New York, NY Phoenix, AZ Pittsburgh, PA Plano, TX Richmond, VA San Diego, CA San Jose, CA Unlawful computer hacking imperils the health and welfare of individuals, corporations and government agencies in the United States who rely on computers and telephones to communicate. Technical and expert assistance was provided to the United States Secret Service by telecommunication companies including Pac Bel, AT&T, Bellcore, Bell South, MCI, U.S. Sprint, Mid-American, Southwestern Bell, NYNEX, U.S. West, and by the many corporate victims. All are to be commended for their efforts in researching intrusions and documenting losses. McNamee and Corbin expressed concern that the improper and alleged illegal use of computers may become the White Collar crime of the (MORE) 1990's. McNamee and Corbin reiterated that the state and federal government will vigorously pursue criminal violations of statutes under their jurisdiction. Three individuals were arrested yesterday in other jurisdictions on collateral or independent state charges. The investigations surrounding the activities of Operation Sundevil are continuing. The investigations are being conducted by agents of the United States Secret Service and Assistant United States Attorney Tim Holtzen, District of Arizona, and Assistant Arizona Attorney General Gail Thackery. END STORY ------------------------secret service press release--------------------------- Assistant Director Garry M. Jenkins' Prepared Remarks Operation Sun Devil Today, the Secret Service is sending a clear message to those computer hackers who have decided to violate the laws of this nation in the mistaken belief that they can successfully avoid detection by hiding behind the relative anonymity of their computer terminals. In 1984, Congress enacted the Comprehensive Crime Control Act which prohibits, among other things, credit card fraud and computer fraud. Since 1984, the Secret Service has been aggressively enforcing these laws and has made over 9,000 arrests nationwide. Recently we have witnessed an alarming number of young people who, for a variety of sociological and psychological reasons, have become attached to their computers and are exploiting thier potential in a criminal manner. Often, a progression of criminal activity occurs which involves telecommunications fraud (free long distance phone calls), unauthorized access to other computers (whether for profit, fascination, ego, or the intellectual challenge), credit card fraud (cash advances and unauthorized purchases of goods), and then move on to other destructive activities like computer viruses. Some computer abusers form close associations with other people having similar interests. Underground groups have been formed for the purpose of exchanging information relevant to their criminal activities. These groups often communicate with each other through message systems between computers called "bulletin boards." Operation Sun Devil was an investigation of potential computer fraud conducted over a two-year period with the use of sophisticated investigative techniques. This investigation exemplifies the commitment and extensive cooperation between federal, state and local law enforcement agencies and private governmental industries which have been targeted by computer criminals. While state and local law enforcement agencies successfully investigate and prosecute technological crimes in specific geographical locations, federal intervention is clearly called for when the nature of these crimes becomes interstate and international. (PAGE 1) On May 8, 1990, over 150 Special Agents of the United States Secret Service, teamed with numerous local and state law enforcement agencies, served over two dozen search warrants in approximately fifteen (15) cities across this nation. Several arrests and searches were made during the investigation to protect the public from impending dangers. In one situation, computer equipment was seized after unauthorized invasion into a hospital computer. Our experience shows that many computer hacker suspects are no longer misguide teenagers mischievously playing games with their computers in their bedrooms. Some are now high tech computer operators using computers to engage in unlawful conduct. The losses to the american public in this case are expected to be significant. The Secret Service takes computer crime very seriously, and we will continue to investigate aggressively those crimes which threaten our nation's businesses and government services. ------------------------------------end here----------------------------------- To compare these two releases in the search for information about the operation shows how much information the SS holds back. The paper release is (strangely enough) very informational, gives the locations, who participated, and even tried to explain WHY while The SS release is just the basic "it threatened our nation.." + a little history and also an attempt to class hackers as "misguided teenagers" or "high tech computer operators using computers to engage in unlawful conduct." I believe very little would have been said about this operation if it hadn't been for CuD and it's readers, as well as Dr. Ripco because he stood up and told his story (for the complete story on what happened, see 'Dr. Ripco Speaks Out' later on in this file). CuD published this information shortly after the "bust"; <taken from Computer Underground Digest Vol.1, Issue #09 May 16, 1990> -----------------------------------start here---------------------------------- -- Dr. Ripco's Final Words ------------- RIPCO ------------- Ripco was one of the boards that went down on May 8. It was probably the longest running decent board in the country. Judging from our knowledge of the users and the content of the logs, less than 3 percent of the callers claimed to be identified in illegal activity, and of those, we'd guess that at least half were faking it. Given the nature of undercover operations, which include "infiltrating" boards, we also assume some were law enforcement agents. Ripco had a number of message sections, all of which were lively, generally intelligent, and invariably interesting. Raiding Ripco seems to be throwing the baby out with the bath water by intimidating sysops willing to allow provocative discussions. We repeat: THE BULK OF RIPCO'S USERS WERE NOT IN ANY WAY INVOLVED IN *ANY* ILLEGAL ACTIVITY, but now names are in the hands of agents. We have seen from past experience what can happen when they start generating "lists." We can see some aggressive hot-shot prosecutor now, about to seek political office: "I HAVE IN MY HAND A LIST OF 200 SUBVERSIVE HACKER SCUM....!" In our view, this is no long a computer underground issue, but one of First Amendment protections. We reprint Dr. Ripco's final message left to his users: ****************************************************************** This is 528-5020. As you are probably aware, on May 8, the Secret Service conducted a series of raids across the country. Early news reports indicate these raids involved people and computers that could be connected with credit card and long distance toll fraud. Although no arrests or charges were made, Ripco BBS was confiscated on that morning. It's involvement at this time is unknown. Since it is unlikely that the system will ever return, I'd just l say goodbye, and thanks for your support for the last six and a half years. It's been interesting, to say the least. Talk to ya later. %Dr. Ricpo% *** END OF VOICE MESSAGE *** ------------------------------------end here----------------------------------- This was the start of many discussions around "hot" topics as the First Amendment rights, which hackers had been involved in this "claimed to be" credit card fraud/long distance code fraud operation. A lot of people raised well-founded questions like; <taken from Computer Underground Digest Vol.1, Issue #14 June 14, 1990> -----------------------------------start here---------------------------------- ------------------- The following is an anonymous submission. ------------------- Can someone answer the following? Operation Sun Devil is a two year investigation. If I'm counting right, including the number of federal and state officers involved in serving search warrants, at least 300 were involved in some capacity. Also, if I'm counting right, there have been only 9 arrests: 1) One guy in California who was arrested during a search on an unrelated charge (weapon's possession)(Doc Ripco?) 2) One guy in Chicago who was arrested during the search on an unrelated charge (weapons) 3) A woman in Pittsburgh (Electra?) 4) Terminus in New Jersey 5) Anthony Nusall in Tucson 6) Craig Neidorf (for publishing phrack) 7) Robert Riggs (for E911 documents) 8) Adam Grant (Atlanta) 9) Frank Darden (Atlanata) The first four were busted in January, and the last four in the last month. So, of the 9, only 7 were busted on computer-related charges. Of the 7, the charges seem bogus at best, such as Craig Neidorf's, if the information I've read is even half accurate. Now, here's my question: If warrants are supposed to indicate a crime has been committed, shouldn't there be more arrests if there is such a crime wave out there? After all that time, all that investigation, all that hype---where's all the crooks?? I suppose the cops could say it takes time to collect evidence. But aren't they supposed to have evidence when they get the search warrants? How long can it possibly take to acquire evidence if the groundwork has already been laid and if cops supposedly know what they're looking for?? Am I missing something? Will other charges be like those reported against Craig--for publishing? If I havae phrack 24 and the E911 file, does that make me a crook? If I uploaded it to a board. Can that board be busted for receiving stolen information? Maybe I'm missing something, but is there something wrong here? Where is this giant conspiracy? Where is all the harm that's going on? I guess the cops would say they can't talk while an investigation is going on, but hasn't it been going on for years? Shouldn't they have something they can convey other than general notions of threats to national security, huge losses, major conspiracies, and the rest of their babble? Is there something wrong with this picture?? <je> ------------------------------------end here----------------------------------- This is just one of the, perhaps hundereds of questions, but I feel it covers the most interesting facts. Nothing major seemed to turn up from this major operation (for starters at least, we now know that it wasn't the end of it, like when this piece of news hit the 'net'; ----------------------------------start here----------------------------------- [Message]: 1 of 5 [When ]: 5/16/91 at 11:20 am [Subject]: Op Sundevil [To ]: All [From ]: XXXXXXXXXXXX (name withheld) From The Houston Chronicle -- 3/30/91 Operation Sun Devil An accuse computer hacker known as "Doc Savage" was arrested by Arizona authorities Friday [3/28/91] and charged with making unauthorized credit card purchases and stealing long distance telephone service, partly with the help of his computer. The arrest is the first in the 3 year old government crackdown on computer crime dubbed Operation Sun Devil. Baron Monroe Majette was arrested on three felony counts of fraudulent schemes and artifices and three counts of conspiracy, said Bill Fitzgerald, spokesman for the county attorney Mariscopa County Ariz. Majette faces a maximum sentance of 14 years on each charge if found guilty. He will appear in court April 5. The indictment described Majette as a "computer hacker" (a person who uses or accesses computer and communications services without authorization)" and said he used the online pseudonyms of Doc Savage and Samuel Savage. Majette was being held in lieu of $4,900 bail in the Maricopa County Jail, Fitzgerald said. The indictment charged that Majette and unnamed others: @ Placed long-distance conference calls on March 27 and March 28, 1990, running up bills totaling more than $4,000 on each call and charging them without permission to a Phoenix retail store. The calls included participants in Arizona, California, Texas, Nevada, Connecticut, Missouri, Georgia, New York, and North Carolina, the indictment charged. @ Obtained more than %50,000 in credit card purchases between Aug. 1, 1990 and May 9, 1990, by gaining unauthorized access to a credit record database, using the information there to obtain fraudulent credit cards and then making charges on the cards. @ Obtained more than $10,000 in credit card purchases between Oct 1,1990, and Oct. 26, 1990, by stealing credit cards and account information from mailboxes, and then billing charges to the cards. Operation Sun Devil is the code name for a nationwide group of investigations by the U.S. Secret Service and various state authorities. In March 1990, the Secret Service siezed 50,000 computer disks and dozens of computers in 28 raids. Critics of the operation have complained that some of the raids violated civil liberties, noting that (until Friday[3/28/91]) nooo charges had been filed. This viewpoint, along with law enforcement response, was at the center of the discussion this week in San Francisco at the First Conference on Computers, Freedom, and Privacy, which addressed the issue of civil rights in the information age. -----------------------------------end here------------------------------------ Doc Savage was the first to be charged as a result of Operation Sun Devil, almost three years after it's initiation. Probably, this had very little to do with what happened in May 1990. I believe the Secret Service and the FBI had to show some results, and chose Doc Savage as the person they could get the most out of. I don't know if that is the case, but it sure seems like it (to me). But that is not what this file is about. Let's return to Dr. Ripco and Ripco BBS, with some comments on the bust. <Taken from Computer Underground Digest Vol.1, Issue #11 May 29, 1990> ---------------------------------start here------------------------------------ File 4: Comment on Sun Devil Press Release and other related related views (numerous authors) <ed> Let's take an example. RipCo, a Chicago computer underground board, had 606 users when it was raided. A scan of RipCo's message logs over a six month period indicates that, at most, barely three percent of the callers could even remotely be classified as "illegal users," as defined by the posting of codez or other information of a questionable nature. Of these, about half of the message content was clearly erroneous or fraudulent, suggesting that the caller either made up the information or posted information so old as to be irrelevant. It is also possible that some of the postings were by law enforcement agents attempting to insinuate themselves into build credibility for themselves. On no-longer operative "hard-core" elite p/h boards, we have found that even on the higher access levels, a surprisingly small number of participants actually engaged in significant criminal activity of the type that would warrant an investigation. Yes, some CU types do commit illegal acts. And five years ago, perhaps more did. If the SS confined itself to prosecuting substantive crimes, we would not complain much. Currently, however, they are sweeping up the innocent by closing down boards, intimidating sysops of legitimate boards, creating a chilling effect for speech, and confiscating equipment of those unfortunate enough to be in the way. <ed> ------------------------------------end here----------------------------------- This message packs the problems together pretty well. It shows the mistakes people often make when speaking of the CU. There IS a need for people to "show" that they know this and that, and prove it too, but mostly what's posted is made up, or no longer working. Maybe five years ago, this operation would have been called for, but not after the CU cleaned itself up which it has today. There aren't boards where you find creditcards, calling- cards and other various illegalities anymore, or if there are, they are Very very VERY hard to find. I can say honestly that during my last Five years in the CU scene, I have yet to find such a board. Today, most CU boards only (as stated above) contain very intelligent discussions, files, mostly textfiles with news, laws and whatever the CU think people should know about. Today, such an operation is a major mistake. (Note: I do *NOT* Include Pirate BBSs in the term 'CU') We continue with an Update on the Ripco Case from CuD; <Taken from Computer Underground Digest Vol.1, Issue #26 Aug 2, 1990> ----------------------------------start here----------------------------------- Date: Mon, 30 Jul 90 22:54 CDT From: Moderators (TK0JUT1.cs.niu.edu) Subject: Update on RIPCO BBS and Dr. Ripco One forgotten victim in the Sundevil sweeps has been Dr. Ripco, sysop of RIPCO bbs, which was considered one of the top CU hangouts and text file boards in the country. Dr. Ripco's equipment, including numerous disks, several computers, and telecom equipment, was confiscated by Secret Service agents with a seizure warrant on May 8. Although no computer-related charges have been filed, no equipment has been returned. When we caught up with DR a few days ago, he explained that local (Chicago) police who accompanied federal agents on the seizures found several pistols in the storage building where the computer equipment was located. Under a Chicago ordinance, possession of weapons is a misdemeanor, and DR was cited for failure to register the weapons. The guns were new, never fired, and still in their box. If we caught the details correctly, he entered a guilty plea, they took away the guns, and he was given six months supervision and will not have a record. The Doc indicated that he himself did not participate much in the modem world, and one reason he has been silent is because he isn't fully aware of all the digests and e-mail connections that exist, and depends for his news on local media (good luck on that one, DR) and word-of-mouth from friends. He has not yet retained an attorney to re-acquire his equipment, because he believed it would be given back relatively soon. Now, nearly three months after the seizure, he is concerned. DR indicated that, unlike the experience of others, the SS was relatively polite, if ignorant about technical matters. Although wearing bullet proof vests, their guns were not drawn and they did not attempt to hassle him (despite some snide comments by one agent). He emphatically indicated that the searches and confiscations were not necessary, because if they had contacted him, he would have cooperated fully. The Doc claimed that, to his knowledge, little illegal activity occured on the board. He thought that perhaps some of his files might be considered "bad taste," but they were not in his judgment illegal. Public message logs from mid-1988 to May 7, 1990, support his claim. Despite some posturing, few of the over 600 users abused the board. In many ways, the situation is like that of Steve Jackson, whose equipment was confiscated and board shut down because of some vague notion of "possible wrong-doing." RIPCO seems to have been targeted in part because of its longevity and in part because it had one of the better text file collection in country. It was a gathering point for many of the most active computer underground types, and the number was reportedly blocked by at least one telecom LD server because of phreaks calling. If we are correct in our reasons for why RIPCO was shut down, it further indicates the chilling effect of Sundevil. Providing textfiles as a resource is not illegal, nor, to date, has the government claimed that Dr. Ripco in fact did anything illegal. Yet, his equipment is gone and the modem world lost a fine board. The moderators emphasize to those who think that RIPCO was nothing more than a phreak/hacker board that it provided some of the best chat we have seen. Discussions ranged from current events to sophisticated philosophical issues. Despite the usual number of dolts one might expect in a community of over 600, the users were generally well-informed, articulate, and stimulating. The closing of RIPCO is symbolic for two reasons. First, as one of the longest running CU boards, it served as a cultural meeting place. The CU community is transitory, with participants coming and going as their interest fades and is rekindled. RIPCO served as place to reunite old friends and meet new ones. Although most of the "elite" CU didn't frequent RIPCO regularly, they would often "stop in" just to check their e-mail or see what the latest text files were. Thus, RIPCO was functional for entering and maintaining contact with the CU community as a whole. It is also interesting to note that RIPCO had long suffered under a sort of "common knowledge" that it was highly "infested" with law enforcement agents. This assumption was fed both by it's longevity and openess to the public. When it was closed down, the general CU reaction was one of sorrow (because it was such a familiar part of the community) and confusion (because of its reputation for being legal and above board). There was also some question as to why the "feds" would shut down what was assumed to be a source of information they were using to obtain leads into the activity of the CU. There is a chance that Dr. Ripco might resume the board, and we encourage him to do so. RIPCO was an asset to the modem world and many of us miss it. Dr. Ripco's account of his experience will appear in CuD 1.27. -------------------------------------end here---------------------------------- The Moderators of CuD go more indepth here, and explain the asset Ripco was to the CU and gives us an update on the case. I was only on Ripco for a couple of weeks before it was "busted", so I can not tell you how good/bad it was or confirm what they write about the board, but I CAN say that from what I saw, the board seemed to be full of interesting discussions, not the basic discussions you see on every board today, but Intelligent, in-depth, learning discussions, and it was very popular too. I remember you had to set your modem to auto-dial, and if you were lucky, one hour later you would maybe be so lucky to actually get through. But it wasn't because it was known as an "illegal" board, no, it was because of the good discussions! For me, it was a place to learn, to understand things I wasn't very good at, or had no knowledge of, and I beleive most people felt the same way. It came as a complete surprise to me, to hear that it had been busted. Here below, Dr. Ripco tells the complete story, on what happened that day, the 8th of May 1990; <Taken from Computer Underground Digest Vol.1, Issue #27 Aug 9, 1990> -----------------------------------start here---------------------------------- Date: 7 August, 1990 From: . Ripco (Bruce ?) Subject: Dr. Ripco Speaks Out This document is being written to state my involvement with Operation Sundevil and the events that passed on May 8th of 1990. My name is Bruce Esquibel but most people in the modem world would know me better as Dr. Ripco, the sysop of the Ripco Bulletin Board in Chicago. Ripco operated since the winter of 1983 and preformed what I believe to be a good public service to the telecommunications world. Its label as a 'phreak and hacker' board was an incorrect statement which I lived with most of the time. Some content of the system was in fact dealing with that subject but I have always felt most of the information especially in the form of general files was nothing more than second hand news, traveling board to board. Neither the board or myself ever supported or was associated with formed hacker groups like the LOD or TKOS. In the years Ripco operated there were members from these groups at one time or another but only to establish accounts and rarely touched base or communicated with other users. The system was quite popular with it peaking at 701 users and averaging around 600 active at any one time. Daily it took in about 50 calls with this figure waxing and waning with the social seasonal changes of school schedules and holidays. The majority enjoyed the freedom of expression the system provided, not to figure out how to make a free phone call. Most of the activity was on the main message board which could be accessed by anyone, even those without validated accounts. The rest of the message bases Ripco had were more specialized in their subject matter but not too much more than what is found on other boards. Ripco's greatest claim to fame in my opinion was the general files. It seemed to attract new users like flies to honey. I don't think the reason for this was quality but in fact quantity. There was over 2500 of them, divided into 23 sections. Like the message bases only a minority of the files could be put into the hack/phreak class. Ripco operated with a bit of mystery to it. My personal involvement on the board was next to nill. Unlike other operators who rule their boards like a god, I decided long ago to let the people do what they wanted without getting in the way and give them the freedom to stand on their own two feet. This didn't mean the system was total anarchy, in fact many complimented on how well the system was structured. This unusual concept let some to believe the whole system was a setup and I was accused on several occasions of being a FBI sting board or associated with some kind of law enforcement. Adding to this was some argument over where the bbs was actually located. A few adventurous individuals attempted to track it down through the CNA bureau and ended up at a vacant storefront. The real explanation is a long story but it comes down to multiple screw-ups by Illinois Bell more than any deceptive practices on my part. This of course doesn't happen in real life thus the only people that can get a phone number for a fictitious address are 'feds'. At least now I can put that rumor to rest. On May 8th I was awakened at my home at 6:30a m by several Secret Service agents with a warrant for computers and telecommunications equipment. They also had a second warrant issued to the address where Ripco operated out of. Although there are better ways to start the day, this did not come as a real surprise to me. Since 1987 when Shadow Hawk made the papers with his $2.3 million software theft charges it occured to me that as more and more people are caught, if they even were remotly connected to Ripco, eventually something would turn up on my end. This could be considered the reasoning of a mad man but I have always felt that there was no illegal activity going on within the system and could defend it no matter how petty it was taken apart. To put it another way, Ripco's bark had a hell of a reputation but no bite. This was probably and still is true depending how you look at it. The warrants issued were only (!?!) seizure warrants issued to the addresses. There were no names on them and I was not arrested or charged by the Secret Service. This provided me some relief but since I didn't get to sleep till 4am that morning it was probably a lack of reasoning on my part. There were at least 5 agents that came to the house, but I think they had a few more around back in case of an escape attempt. Three of them stayed while two others drove me to the other location. The only question they asked before I left was it would be easier if I gave the location of any computers I had there to which the reply was 'none.' This later proved true since no items were taken, but they did spend about an hour looking through everything. I wish to point out that this was not a scene that would make good television. They didn't break down any doors, no one I observed had a gun drawn and overall they were pleasant in their mannerisms. This is not being said in defense of them but I always have been curious about the stories passed around where swat teams come down on a 16 year old for running a few MCI numbers. One interesting side note to you electronic phreaks out there is their radios, which probably use Motorolas digital voice protection circuitry trip every car alarm in the neighborhood when keyed. Several of the agents said this was normal and wished they didn't have this side effect. As I traveled with the agents to the other location I started to think what they were about to see and if anything was there that needed a fast explanation. The only thing that occured to me was three handguns I kept for personal protection. I informed the driver of this fact and he radioed ahead to let them know. He said matters like that isn't their concern but added they have to check with local law enforcement to see if I was in violation of city or state laws. When we arrived there was a sizable crowd waiting. Besides 5 or 6 more SS agents, there were a few others in suit and tie (the SS dresses casual) and at least one Chicago police car with a couple officers. The agents that escorted me there led me to a woman probably in her mid or late 20's. She apparently was the one in charge and gave me instructions on how we were going to enter the building. Before unlocking the front door she asked several times if any boobytraps were set either for them or the computers. I found this questioning amusing but was the only one smiling of the group. Unlocking the front door led to questions about where the guns were located and instructions on how to find them. I brought up the fact the alarm system had to be turned off and after a few attempts she managed to deactivate it. A different agent was sent in and recovered the weapons. As we entered the main room I was told not to touch anything but to point out the computer the board was run off of, which I did. The woman then introduced herself as Barbara and informed me of what I already knew, they were there to carry out a warrant and that it would probably take a while. She handed me a piece of paper which was the actual warrant and as I looked it over, a paragraph stated it was issued based on an attached affidavit, specifically pages 26-39 by a special agent Lawson. Asking where the attached affidavit was brought the reply "it was a closed document, I didn't have any rights to see it" and added 'its an on-going investigation'. I was then informed by her that I was not under arrest nor charged but they had to read the Miranda rights to me since any questions I answered could be used against me. Another agent said they did have questions but I did not have to answer them, could answer them with a lawyer present or even have a lawyer present and not answer them. He also pointed out that I could stop answering the questions at any time so I figured I'd agree to answer them since there wasn't all that much to hide anyway. Although an attempt was made to get comfortable within the building, the main area is full of junk collected over the years and the limited seating made things a bit crowded. We eventually ended up out back outside where the questioning took place. From this point on Barbara made few other comments and the bulk of the questions were handled by another young agent named Tim. The questions started with an apology by Tim saying there was someone who requested specific questions to be asked for a case study or something along those lines. He said they were fairly simple but was required to ask them. These questions were general in nature and read off a xerox sheet, mostly a list of phrases that were looking for definitions. What is a phreaker, hacker, know what a virus is, have you ever written or distributed one, etc. After this opening round of Q & A, he announced we were going on to more specific questions involving myself and the bulletin board. I don't really remember most of the questions but the subject dealt with my awareness that both credit card and long distance access codes were being passed through the system and what was on the hidden boards that normally wasn't part of standard access, and who had access to them. My answer to these led into the system maintenance and how I handled it. As far as the question about the codes went, I replied no I was not aware of that and he point out they had printouts proving they were. Of course it crossed my mind that if they already had soild proof, why bother to ask the questions. I wish to publicly state that this type of information was posted from time to time but I did not lie to the question. Regular users of the board were aware that long ago I made clear the system policy on this matter. Long distance codes along with credit card information was not allowed to exist on the system. I felt that any specific information left that could lead to direct fraud was not welcome and would be removed and persons who repeated violating this themselves would be removed from the system also. To clarify the phrase 'specific information' to the readers of this file I wish to explain my position on how I considered board policy on messages. It is no secret that many of the posts of board 5 (fone phun) either solicited for the need of or said they had and would share such information. I never considered this wrongful for a number of reasons. The primary one would be most people on there were blowing smoke as far as really knowing anything either fraudulent or important. Few people outside the bbs community realize that in many areas both status and ego are wrongfully important factors to others within the modem society. Many people who wish to raise their status will often come up with outlandish claims in an attempt to convince others he or she is an expert on one matter or another. Any attempt to suppress this act I felt would of damaged Ripco's open door policy since people do have to start somewhere and eventually learn their peers will catch on fast if someone is pulling a bluff. Thus this type of activity was tolerated but the line was crossed if anyone attempted to really do it. For example if a message contained something like 'just dial 1-800-555-1212 and punch in 123456 at the tone', the entire message was removed or in more cases re-edited especially if other parts were about non-related matters. Returning to the questioning, the above was explained as such but not as a whole. If in fact they did have printouts of such activity, I suggested an explanation which covered the maintenance aspect of the board. Basically Ripco operated itself with my chores limited to validating new users and updating the general files. Once every morning the messages left since my last check-in were read. The removal/re-edit if needed was applied at this time. Considering this occured daily around noon, a message posted let's say at 3:00pm the preceding day was in existence for nearly 21 hours before it got my approval or disapproval. Thus I pointed out that in theory they could have a printout of something but if checked the following day, it should have been removed. This was not second questioned by them and they seemed content with it. As far as the hidden boards went, there were two as most of the system users knew but were not really active. Board 9 to the best memory serves me was completely non-existant. Although it was used in the past for various things, after one of many hard drives crashes it bit the big one and was not in service. The message file required to use it was not there and I believe there was even a line in the program that reset the security bit of people that did have access in the past so they couldn't accidently enter causing a 'file not found' error. Board 10 was active but fewer than 6 people could claim to access it. Originally it was set up when an attempt was made on my part to collect a few bucks to keep the system running back in 1985. It contained few messages and would only gain 5 or 6 more a year. Questioning from this point on was more broad in nature, jumping from subject to subject. Items like the anarchy files which were made up in part of bomb construction articles were deemed 'wrong' by them and I defended by saying such information could be gathered from numerous public sources. They still insisted it was 'wrong' and shouldn't have been made available. One fact that arose well into our chat is that it became obvious that besides Tim who seemed to know little besides a few buzzwords, none of those here really had an understanding of computers or much else as far as a technical background went. Another agent even admitted later that they were only here to serve the warrant, as far as what was really going on with the investigation and who or what was involved, they didn't know. Any questions I attempted to ask them were generally not answered and the ultimate question of 'why me?' was given the reply 'catch the evening news, this is happening right now all over the country, should make some good headlines.' Even the simple question of what's next, where does the stuff end up needed a short conference among them and they decided on the following: after its boxed up downtown, it's shipped to Washington to a department called 'diagnostics'. Tim appeared to be the only one with knowledge of this because one of the other agents asked him 'who runs that?'. Tim explained to him that it was part of the SS and was started a couple years ago. The other agent just shrugged his shoulders. To put some people fears to rest, there wasn't much else going on. I expected they were going to ask me about certain individuals or if I knew anything else going on, but they didn't. Even subjects like PHRACK and the LOD were only touched upon, no specific questions were asked or answered. They seemed pleased to find a catalog printout of the general file section with the PHRACK issues but considering anyone with a valid account had access to the actual files, this didn't seem to make sense to me. After a couple hours of this with many lulls in the questioning they asked if I would sign a statement saying basically everything I said was true and I did because it was. The only other thing they wanted in the statement was that I was in fact the operator and did make an attempt to keep the board clean on a daily basis. Makes me wonder now what that could be twisted into later down the line. In all they were here for about 6 hours. In that time I learned little on what was going on. One of the agents said there were 2 representatives from AT&T present but didn't know why, saying they just had instructions to pick them up this morning before they came and got me. My gut feeling was the code/credit card numbers that much of the conversation was based on. Drawing to the end they informed me the warrant was completed, led me back inside after taking a few snapshots of your truly and handed me a receipt of what they took. Annoying in the first place them being there, the first thing that caught my eye was both my personal Macintoshes were on the list along with the related hardware including a 940 meg worm drive and laser printer. Laser printer? Maybe if you could pick it up and throw it at someone it could be considered a lethal weapon but what else? Ripco operated on an Apple //e and had no connections to the macs besides being near them which apparently is the way they determined what stayed and what went. My guess is that after examining the rats nest of wiring that existed around the 3 computers, they figured anything plugged into the power strip must have been tied in with each other somehow. An IBM 386 clone and an Apple //gs sat on the floor only a couple feet away but were untouched. Other items taken included a 1955 Western Electric model D500 phone, any personal phone books including a copy of the Chicago White Pages and several pictures and cartoons I had hanging on the wall. This also included a picture of a hooker spread eagle from a bachelor party and a picture of Charles Manson clipped from some tabloid because it bore a resemblance to me. All disks if not in a sealed box (probably around 3000) were also taken along with paperwork found in various areas. These items were only listed as 'misc.' and not broken down on the receipt. I was cut loose only momentarily since an officer from the Chicago Police Department replaced the many people running in and out during the morning hours. He asked if the guns turned over to him were registered with the city, which they weren't because you can't, so I was charged with a misdemeanor, failure to register a firearm. A slight explanation about this: back when Jane Byrne was mayor, she wanted to outlaw handguns altogether. Some suburbs of Chicago tried this and met with resistance from the NRA and feared long court battles. So they offered an a grace period to get people who already had them to register them, but at a cut off date, handguns could no longer be registered. Thus anyone getting caught with a handgun after this did not face an illegal weapons charge, only the failure to register even though someone who registered prior is safe. It ends up going to court, having the weapons destroyed and getting 6 months supervision with no conviction on the books. This was the outcome of that situation. At least that story had an ending. As far as what is going between me and the Secret Service, I don't really know or have a clue. At this writing it has been nearly 3 months and I haven't heard a word from them. Everything is just speculation on my part since it seems the matter is being kept under wraps. Even the names of the others involved on that day were not released. I don't know if those other people were system operators or users. One agent said you'll probably hear from us in 6-8 months while another was not so optimistic and said it would probably take years adding later that it's a good chance I'll be in my 50's, married with children before I knew what happened. In the time shortly after the seizure I talked to several lawyers to at least get some opinions on what to do next. Without being charged it seems very little can be done. My only options are 1) sit back and relax, wait till they do something or 2) file a lawsuit to get the stuff back. All the attorneys brought up the suit idea but only one suggested it wasn't really a good way to go. Based on what they took as far as value goes, the preliminary costs would be about half with it approaching double if it has to go to court and heard in front of a jury. It appears the best outcome is to get the stuff back, you can't claim damages or get your court fees back when it comes to the federal government. One point I want to make clear is under a seizure warrant, all material taken is forfeited to the government. It doesn't seem like a situation where they have to give it back after examination. They have according to what little I could find on the subject, 5 years from the date of the warrant to set up an indictment. Even if no indictment is made, they don't necessarily have to return it. It can either be used for internal use or put up at auction. There was an article in Unix Today where an agent seemed to indicate the material is returned but I haven't found any support of this policy. My opinion on all of this is basic. The government came in, took my personal property to determine if there was any wrong doing somewhere. It seems like a case of being guilty and proving yourself innocent. Or in another light, them thinking there was wrong doing and getting the stuff to make sure. Either way its just not right. Although I have no desire to battle this in court on my own, it seems to be there should have been a charge for something, even if it was minor, with other stuff being added later if needed. At least it would beat this nazi/gestapo tactic of secrecy. Is Ripco's involvement with credit cards and access codes the real basis? Does the distribution of PHRACK play a part in it? What if they were investigating someone on the board and felt there was information that would help them? Did they ever think of knocking on the door first? If it was someone else they were after, should I be the one getting penalized? Does the first amendment come into play at all? Even though I am free to open another board at this time if I choose, why isn't a newspapers printing press taken when a reporter refuses to name his sources about a sensitive story? I don't have the answer to any of these questions. Even if I did, they might be the wrong questions in the first place. One opinion put forth by several people is that putting the board out of business could be all they wanted. Its possible if any one piece of information contained within Ripco was used in assisting someone to commit a crime, it could be all they needed. Maybe they looked at Ripco as a pain in the ass since the beginning but couldn't get rid of it any other way. In closing I'd like to point out that this is not a black and white issue reguardless of anyone's opinion. There were many who hated the board, thought it was trash and would of liked to see it removed for good. Well they got their wish but consider the circumstances of what happened. No reason given, none to offer. Think about that next time you sign on to your favorite system and see a message about someone selling a used computer or hard drive. If that item is by chance stolen merchandise, can the operator lose his computer because it aided someone to fence? Based on what happened to me up to this point, its only one step away. I am not a hacker, phreaker, have anything to do with credit cards or manufactured explosives. Until the weapons charge I never had been arrested and even my driving record has been clean since 1978. 1984 arrived a bit late but there is no doubt to me its here. Thanks again to everyone that supported the board and there is always the possibility another Ripco will appear. You just never know. -------------------------------------end here---------------------------------- A long and complicated story, or perhaps, a complete file on how the feds worked on this case. I don't think I have anything to add to what Dr. Ripco wrote. It is accurate, and well written. It also gives all the facts you might want from the bust. Here's the next update on the Ripco Case from CuD; <Taken from Computer Underground Digest Vol.2 Issue #00 aug 25, 1990> ------------------------------------start here--------------------------------- Date: August 24, 1990 From: Moderators Subject: Moderators' Corner LEN ROSE/DR. RIPCO UPDATES +++++++++++++++++++ Len Rose / Dr. Ripco Updates +++++++++++++++++++ Progress is often slow, and there is little to report about the Len Rose and Dr. Ripco situations. Although the cases are unrelated, both raise similar issues about law enforcement handling of alleged computer abuse. Dr. Ripco still remains uncharged, his equipment remains unreturned. Len Rose still faces trial in February. But, the EFF is currently looking into both cases to see what legal issues they raise. --------------------------------------end here--------------------------------- Not much to say, only state that it is sad to see that Dr. Ripco still hadn't got his equipment back, and perhaps a light with EFF looking into the case. Suddenly Dr. Ripco started Ripco ][, and CuD reported about the event; <Taken from Computer Underground Digest Vol.2, Issue #02 Sept 9, 1990> -------------------------------------start here-------------------------------- Date: September 8, 1990 From: Moderators Subject: RIPCO BBS Back on-Line Good news for computerists: **RIPCO BBS IS BACK UP**!! Ripco went down on May 8 in the Sun Devil raids, and Dr. Ripco's equipment, software, logs, and even manuals for his software, were seized. He was apparently the only victim of a "seizure warrant," *not just a search warrant*, which is usually served *after* an arrest or indictment. Perhaps a lawyer could send us the distinction and clarify the significance. Dr. Ripco has not been indicted, and to our knowledge there is no evidence that he knowingly participated in any illegal act on his board. It is still unclear why his board was targeted. Perhaps it was longevity (over six years), perhaps because some of the users were nationally well known, or perhaps because of the text file collection, which to our knowledge were all public information. The Doc met with representatives from EFF in late August and early September. The meetings were informational and centered on the type of files users posted, the nature of the messages, and other general information to determine whether there are sufficient Constitutional issues to warrant further steps. Ripco's number is the same--(312)528-2020, and he is hoping that previous users can upload the numerous g-philes lost in the confiscation. -------------------------------------end here---------------------------------- Ripco ][ is a fact. It can not, today, be compared with the old Ripco, but it is growing strong, and the "busy" messages from my modem is more frequent every day. The discussions also grows, but I believe, never to the standard which the old board had. Today there are more BBSs in the world than there are people calling them. Most of them are the standard board, which means you can call your local board to get the same messages, files or whatever you're after, as on a board in another country, but Ripco ][ is not one of them. I am calling from Sweden (yes, legally) to a few boards around the world, boards that are different than the average, boards that stand out in the crowd. I wouldn't waste time or money on calling boards in other countries that I can find within a few miles from here. Ripco ][ is special, it has the "feeling" and you can't forget that This board and it's SysOp have been through a great deal. The feeling I notice the most about Ripco ][ on other boards, is that it is (still the same rumors) crowded with Feds, the line is traced, Dr. Ripco is not just a SysOp, there are informants on it, and so on. People can not forget that it was "busted" once. The FBI have, with what they did, ruined the reputation of the board, and it's SysOp and they still haven't returned his equipment. The confiscation of the equipment and that the board was taken down was a great loss to the CU, maybe a greater loss than people imagine. The CU also lost a steady ground to stand upon, and with it, a lot of the ethics that went with it. What people don't realize, is that the Serious CU people have ethics, they have rules, and they don't break them, no matter what. The CU had very strong ethics from the beginning, they didn't crash systems, they didn't steal information and they didn't spread viruses and trojan horses. Today, as stated above, there are but a few serious and true ones left, that still regard these ethics to be true and follow them, and they have to keep a low profile because of the rest, the ones without ethics or rules, those who crash, steal and destroy. I'm not blaming the whole "fall" of the serious CU on the confiscation of Ripco, but it did contribute to it. If the CU had had the reputation it had a couple of years ago today, there would be less people without rules or ethics. During the time Ripco was gone from the BBS world, numerous of other "claimed to be" CU boards popped up, and with them, those without ethics or the knowledge, maybe experience, about the CU. People that had begun to learn on boards like Ripco had to find new boards to call when the old had been busted, taken away, or confiscated. They mixed with those without any experience at all, and I believe, we all know the result of this today. Hackers have a very bad reputation. Hackers steal, hackers crash and hackers spread viruses they say. Those who had the knowledge and experience went back into their "known" circles, and left the unexperienced unexperienced. Operation SunDevil took away its basic foundations and schools. It was boards like Ripco that kept the CU keeping its rules, ethics, and teached its users to follow them and how the CU worked. Here's an easy question for you: What happens to society if you take away its schools? Anarchy is the answer, people without education. Lets take a look at what other people have said about Ripco and its Sysop. Here's an example; <Taken from Computer Underground Digest Vol.2, Issue #18 Dec 28, 1990> ---------------------------------start here------------------------------------ From file - Trade Secrets: When are they bad? by The Dark Adept <ed> I would also like to thank Dr. Ripco since it was his BBS that first connected me to Underground when I was a mere pup of 15, 6 years ago. I have yet to see a BBS that compares in quality in all my years down here. <ed> -----------------------------------end here------------------------------------ I would have included more exerpts if I had been clever enough to capture them when reading them, but I think this one is a good example, and I think it speaks for itself. Ripco was one of the best (if not The best) underground board, not just for its files, discussions or its SysOp, but for its atmosphere. It was really a special board to its users. But what or who brought all of this upon Dr. Ripco and the BBS? The answer came as a surprise to many (if not all) of us; an informant. From what I know, this is the only known case where an informant have been used by the FBI in a hacker/CU operation. The informant, 'The Dictator' was a sysop of an 'claimed- to-be' underground BBS called 'The Dark Side' in Phoenix, Arizona. The BBS was a FBI Sting board, but The Dictator also called other underground boards, captured messages and gave to the FBI. CuD devoted a complete issue about the informant, showing captured messages from The Dictator, how he tried to frame his users by asking questions about illegal things. It is very interesting, so here's the complete CuD issue; <Taken from Computer Underground Digest Vol.3, Issue #02 Jan 16, 1991> ------------------------------------start here--------------------------------- In Liam O'Flaherty's 1925 novel "The Informer," Gypo Nolan betrays a friend to the police for 20 pounds. Few of the characters are particularly noble or sympathetic, but O'Flaherty manages to show the complexity of human frailty, moral quandry, brutality and compassion, as Gypo ultimately dies a pathetic death seeking redemption for his betrayal. Only with sadness do we present this first of several special issues on federally created and rewarded betrayal, deceit, and informants in the CU. We draw here from several public documents, including the seizure warrant served on RIPCO BBS. We also use phone logs that we and others have collected, copies of telephone bills and logs that corroborate certain numbers, eye witness accounts, interviews, and other information that establishes beyond doubt that the U.S. Secret Service, in cooperation with the Arizona State's Attorney's Office, used a PAID INFORMANT to establish a sting board and to capture message logs from a variety of BBSs and turn them over to state and federal agents. The primary hard evidence for establishing both the existence and the identity of the informant was obtained by Glen Roberts, the publisher of FULL DISCLOSURE, an interesting hard-copy magazine, and Bill Vajk, a freelance writer and researcher who is active on the nets. The full text should be on the CuD archive/ftp sites in a few weeks. As those who have been following the Dr. RIPCO saga recall, the warrant authorizing the search and seizure of his equipment was sealed, and the best efforts of attorneys and others failed to obtain a copy by requesting it through official channels. Delays, denials, confusion, and apparent misinformation seemed to stymie all formal requests. So, Bill and Glen took the case number (90-M-187), trucked on down to the federal court on S. Dearborn in Chicago, and went to work. They requested several case files adjacent to the desired one (90-M-186, 90-M-188, etc) on the assumption that the precise one they sought was likely to be among them. It was. So, they plunked their coins into the zerox machine, duplicated the documents, and shared them with the world. For those who have not yet seen it, FULL DISCLOSURE is a newspaper that covers topics that are not regularly covered in detail in the general media. A significant focus is on privacy, electronic surveillance, and related topics. Articles include coverage of the National Technical Investigators Association annual conference, the latest in video surveillance equipment, the JBR tape recorder and much more. A sample issue is available free, or subscriptions are $18 for 12 issues. FULL DISCLOSURE, Box 903-C, Libertyville, Illinois 60048. In coming issues, FULL DISCLOSURE will include stories on the government's paranoia in the RIPCO case, as reflect in the seizure warrant (available ftp in about 7-10 days). CuD will focus primarily on the ethical, ideological, and other implications of creating a paid informant class for crimes that, while unacceptable, are arguably far "cleaner" than officially purchased deception. *************************************************************** ** TRACING THE STINGBOARD: THE DICTATOR AND THE DARK SIDE ** ************************************************ In piecing the public information available on the Secret Service documents together with other sources, the Secret Service STING BBS, if the number they provide is correct, accessed THE DARK SIDE in Phoenix, Arizona. A self-proclaimed "hacker" known as THE DICTATOR identified himself publicly as the sysop of the Dark Side. The Dictator introduced himself to others as %name deleted% or as "%deleted%," and responded to "%deleted%" in various forms of Electronic mail. The search affidavit signed by Special Agent G. Kirt Lawson of the Secret Service (header indicating Maricopa County) acknowledges several facts: 1. The U.S. Secret Service, in response to complaints of telephone fraud, initiated an investigation into access abuses. The investigation described in this document specified the rationale for searching/seizing RIPCO BBS. The raid occured on May 8, 1990 in concert with other raids across the country. The Secret Service announced to the media through press conferences and releases that it was OPERATION SUN DEVIL. 2. The Secret Service, working out of Phoenix, established an undercover BBS in Sept., 1988. The sysop was a "VOLUNTEER PAID CONFIDENTIAL INFORMANT." 3. The informant was providing information *BOTH* to the Secret Service and the Arizona Attorney General's office at least in 1989 and 1990, and the Secret Service participated in STATE searchs. 4. The code number and address of the informant is provided, and he is linked directly to the number of the BBS identified in the document as the undercover sting board. 5. The Informant provided information taken from logs, conversations, and other sources to the Secret Service. The following sections of the affidavit detail this more fully: The CuD crew did not type in this version of the documents, and there may be typographical or other minor errors. We reproduce it here as we received it. +++++++++++++BEGIN SECTIONS OF AFFIDAVIT++++++++++++++++++++ BACKGROUND OF THE INVESTIGATION 14. Over the past several years, the U.S. Secret Service has received and increasing number of complaints from long distance carriers, credit card companies, credit reporting bureaus, and other victims of crimes committed by computer hackers, phone phreaks, and computer bulletin board users and operators (see Definitions section), which have resulted in substantial financial losses and business disruption to the victims. Because the persons committing these crimes use aliases or "handles", mail drops under false names, and other means to disguise themselves, they have been extremely difficult to catch. They also conspire with many others to exchange information such as stolen long distance carrier authorization codes, credit card numbers, and technical information relating to the unauthorized invasion of computer systems and voice mail messaging computers, often across state or national borders, making the investigation of a typical conspiracy extremely complex. Many of these persons are juveniles or young adults, associate electronically only with others they trust or who have "proven" themselves by committing crimes in order to gain the trust of the group, and use characteristic "hacker jargon." By storing and trading information through a network of BBS's, the hackers increase the number of individuals attacking or defrauding a particular victim, and therefore increase the financial loss suffered by the victim. 15. For all of the above reasons, the U.S. Secret Service established a computer crime investigation project in the Phoenix field office, utilizing an undercover computer bulletin board. The purpose of the undercover BBS was to provide a medium of communication for persons engaged in criminal offenses to exchange information with each other and with the sysop (CI 404-235) about their criminal activities. The bulletin board began operating on September 1, 1988 at 11:11 p.p., Mountain Standard Time, was located at 11459 No. 28th Drive, Apt. 2131, Phoenix, Arizona, and was accessed through telephone number (602) 789-9269. It was originally installed on a Commodore personal computer, but on January 13, 1989 was reconfigured to operate on an Amiga 2000 personal computer. 16. The system was operated by CI 404-235, a volunteer paid confidential informant to the U.S. Secret Service. CI 404-235 was facing no criminal charges. Over the past eighteen months, information by CI 404-235 (see paragraph 16) has consistently proved to be accurate and reliable. The Arizona Attorney General's office executed six search warrants related to affiant's investigation in 1989 and 1990 (affiant participated in three of these). Evidence obtained in those searches corroborated information previously given to affiant or to George Mehnert, Special Agent of the Arizona Attorney General's office by CI 404-235. In over a dozen instances, CI 404-235's information was verified through other independent sources, or in interviews with suspects, or by means of a dialed number recorder (pen register). One arrest in New York has been made as a result of CI 404-235's warning of planned burglary which did occur at a NYNEX (New York regional Bell operating company) office. Throughout this investigation, CI 404-235 has documented the information provided to the affiant by means of computer printouts obtained from the undercover BBS and from suspect systems, and consensual tape recordings of voice conversations or voice-mail messages. 17. Because many of the criminal bulletin board systems require that a new person seeking access to the telephone code or credit card sections contribute stolen card information to demonstrate "good faith," when asked to do so, CI 404-235 has "posted," (left on the system in a message) Sprint, MidAmerican or ComSystems authorization codes given to affiant by investigators at these companies for that purpose. +++++++++++++++++++END SECTIONS OF AFFIDAVIT+++++++++++++++++ Drawing from the above information, the following suggests that The Dark Side, The Dictator, and a person identifying as %name deleted% are the sting board, the sysop, and the informant, respectively. 1. We have obtained telephone billings and computer telephone logs for December, 1988 and through mid-1989 indicating that when one called (602) 789-9269, The Dark Side BBS was accessed. This suggests that the sting number and The Dark Side were one and the same. 2. A person identifying himself as "The Dictator" called a number of boards in 1988-1990 (among them The Central Office, The Phoenix Project, Hackers' Den, Ripco, and others) and through 1990 continued to call such boards as Atlantis, Ripco, Face-to-Face, BlitzKrieg, and others. In public and private messages on these boards, The Dictator would typically include in his signature both his name and his association with The Dark Side BBS: ++++ BEGIN EXAMPLE HERE +++++ From ->THE DICTATOR (#156) Date ->01/12/90 11:08:00 PM Hey %name deleted%...whats up? Ask KL to give me a call and let me in on the details, (602-225-8581), or he can leave me mail on Jolnet. I'd rather him call me, instead of having that message pass through the Jolnet system. Any ways... Ifits in Louie again this year, Im sure I can make it...let him know..thanks. The Dictator The Dark Side BBS +++++++++++End Example ++++++++++++++ The reference to "Louie" is to summercon. The telephone number listed above was left on a public BBS (in a different message) in the general message section by The Dictator in a public request for another user to call him. It is also the number that others have given us independently as one he gave them for voice contact. Hence, the number appears directly and unequivocally linked to The Dictator. Attempts to contact him through that number, however, reach a machine, and the person who responds to that machine has, for several months, refused to return calls collect or otherwise. Even after allegations of his apparent role in the video tapes of Summercon '88 surfaced, the dictator made no effort to hide his connection to The Dark Side. He left the following in response to several callers bickering among themselves over a Chicago BBS also known as "The Dark Side." He makes it clear the two are separate entities: ++++ BEGIN EXAMPLE HERE +++++ %logged circa Sept 25, 1990% From: THE DICTATOR Read: 27 times [1 Reply] Subject: The Dark Side What area code is "The Dark Side BBS" that you two are refering to? That isnt the old "Dark Side Of The Moon" BBS is it? Just curious. I used to run The Dark Side in 602, and its just a bit odd seeing the name pop up with someone else as the SYSOP.. heheh The Dictator /s shit +++++++++++End Example ++++++++++++++ The Dictator of The Dark Side and the above messages as also linked to the Secret Service informant by the nature of the logs he provided to them. We will continue to provide details of the substance of the documents in coming issues. However, messages printed in the Secret Service document allude to private e-mail sent to "CI 404-235," and these can be traced to The Dictator as the recipient by examining existing e-mail logs retained or acquired by others. The Craig Neidorf trial led to the revelation that the Secret Service had video-taped parts of Summercon '88 in St. Louis surrepticiously. One participant at Summercon who also viewed the tapes indicated that the tape captured the events in The Dictator's room from an adjoining room. If true, it indicated that advance cooperation and preparation were necessary between the participant-informant and the tapers. Why is it necessary to reveal the identity of the informant? We value privacy and we have no wish to embarrass those who may be coerced into performing unnatural acts for the government. However, if the Secret Service are correct, their informant was a willing volunteer who was paid for his services. Those who find betraying alike the innocent and guilty indiscriminantly for monetary gain are as ethically bankrupt as those who buy the service. Our abridged dictionary doesn't contain the term for those who get paid for performing unnatural acts, but it will come to us eventually. The informant was on a number of boards, and because he reported *FOR MONETARY GAIN*, we cannot be sure how many innocent people had their logs passed on, how these logs may have been edited or interpreted by law enforcement, or what uses were made of the information once acquired. The strangely creative interpretations and cavalier disregard of "reality" by federal prosecutors and some Secret Service agents are too troublesome to allow presumption of good-faith use. We STRONGLY URGE all persons who have been or currently are on a board with The Dictator to search their logs and consider filing a Freedom of Information Act request (see concluding file). ******************************************************************** ** THE DARK SIDE BBS: A SNAPSHOT ** ******************************************************************** For those who wonder what kind of board The Dark Side was, it appears from reports and logs and other sources that it was not well maintained, had 8 message bases with few messages, and the discussion was fairly general: +++++++++++++++++++++++++++ From: <deleted> Subject: The Dark Side BBS Log-In Screen Date: Sat, 12 Jan 91 14:19:25 EST Is this helpful? It was captured in March of '89. I think there were 8 message sections, but the only ones of any interest were 1 (general), 2 (security) and 3 (Da Elites). There were a couple of funny things about the board. It seemed to be up and down a lot, and the sysop never seemed to know how to run it. He was always having problems with the simplest things. He was defensive and always seemed worried about narcs. He didn't have many elite users and the ones listed didn't contribute. There weren't many new messages whenever I checked, and from the logs I'm sending, I only counted less than 10 posters over a two week period. Really lame. Guess the rest of us just logged on and logged off. There was a rumor he was busted in Arizona and turned informant and that he was living next to the secret service in summercon '88. Oh. I didn't edit anything out, so please take out the names if you use this. To make it official, I got this off The Dark Side BBS at telephone number 602-789-9269 in March of 1989. I swear it's all true and virgin and blah blah blah. ----begin Dark Side capture--- ** 300/1200/2400 Baud ** You are now connected to The Dark Side BBS The Information Capital Of The World! SYSOP - The Dictator Disclaimer : Any unauthorized access attempts may constitute a violation of 1986 federal computer crime laws, punishable by both civil and criminal remedies. The information made available on this BBS is for informational and educational uses only. I am not responsible for any misuse or criminal acts from this information. It is the responsibility solely by the user and we assume no liability for any actions of the user. With use of system password you hereby agree to the terms of this contract and shall be held liable for any misuse of said contained information and may expose you to both civil and criminal penalties under law. Any unauthorized or misuse of valid logon and passwords constitute both civil and criminal violations, punishable under law. Your name: xxxxxx Password: ##### You are caller #xxx Logged at xx:xx xx on xx-Mar-89 Last call : xx-xx-89 Access : xxxxxxxxxxxxx Privilege : 10 Time limit: 60 D/U ratio : Disabled High msg : xxx Calls : xx Messages : xx Downloads : x Uploads : xx Checking for messages... (identifying msgs deleted) These message(s) have been marked for your retrieval System contains xxx msgs (1-2xx) Remember: That the SYSOP, (Thats me), has the right to review everything on this system! I like the idea of covering my butt in all cases... If you dont agree with the idea of my reviewing everything then you should hang up now. If you do agree with this, then at the next prompt, type 'Y'. N:No; Hang up Y:I agree with the terms Do You Agree With The Terms Of The Disclaimer? <Y/N> y 13-Mar-89 02:01 AM Subj: PAY ATTENTION! From: Sysop To: All Ok guys and gals...listen up.. Ive been informed that there is a strong possiblility that The Sorcer (sp) who runs the code line is a narc. This has not been confirmed, but it has not been denied. Please beaware of it and be careful. There have been a few busts recently, so be aware of your surroundings and be careful of everything your doing..ok, guys? Perhaps you will respect my security measures here on the system. Id like to think that we can all trust each other here..if you have any questions, suggestions, comments, ect...let me know. Thanks guys. Take care. Let me know what you know so we can stay one step ahead of the competition. (grin) (REply Quit ?): ---End of intro to DARK SIDE BBS--- %moderators' comment: We agree there is a style to the sysop's participation that seems probing. It is always possible that his supervisors provided him with questions or other strategies to begin various types of discussions or to lead topics in a particular direction. As we obtain more logs, we will look for patterns. ****************************************************************** ** A RE-EXAMINATION OF THE SECRET SERVICE "STING BOARD" CLAIMS ** ****************************************************************** In CuD 1.18 (file 5), we reprinted the response from the Secret Service, signed by John R. Simpson, Director, to Rep. Don Edwards (Chair of the House Subcommitee on Civil and Constitutional Rights), dated April 30, 1990. Mr. Edwards submitted a list of questions to the SS asking about surveillance of BBSs. Parts of it seem especially relevant to the issue of informants. ++++++++++++++++++++++++++++++++++++++++++++ DEPARTMENT OF TREASURY UNITED STATES SECRET SERVICE WASHINGTON, DC 20223 APR 30 1990 The Honorable Don Edwards Chairman Subcommittee on Civil and Constitutional Rights Committee on the Judiciary House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: Thank you for your letter of April 3, 1990, concerning your committee's interest in computer fraud. We welcome the opportunity to discuss this issue with your committee and I hope the following responses adequately answer your questions. %First question and response omitted--see CuD 1.18 File #5% Question 2: Has the Secret Service ever monitored any computer bulletin boards or networks? Please describe the procedures for initiating such monitoring, and list those computer bulletin boards or networks monitored by the Secret Service since January 1988. Response: Yes, we have occasionally monitored computer bulletin boards. The monitoring occurred after we received complaints concerning criminal activity on a particular computer bulletin board. The computer bulletin boards were monitored as part of an official investigation and in accordance with the directives of the Electronic Communications Privacy Act of 1986 (Title 18 USC 2510) The procedures used to monitor computer bulletin boards during an official investigation have involved either the use of an informant (under the direct supervision of the investigating agent) or an agent operating in an undercover capacity. In either case, the informant or agent had received authorization from the computer bulletin board's owner/operator to access the system. We do not keep records of the bulletin boards which we have monitored but can provide information concerning a particular board if we are given the name of the board. %Question 3 omitted% Question 4: Has the Secret Service or someone acting under its direction ever created a computer bulletin board or network that was offered to the public? Please describe any such bulletin board or networks. Response: No, the U. S. Secret Service has not created a computer bulletin board nor a network which was offered to members of the public. We have created an undercover bulletin board which was offered to a select number of individuals who had demonstrated an interest in conducting criminal activities. This was done with the guidance of the U.S. Attorney's office and was consistent with the Electronic Communications Privacy Act. %Question 5 omitted% (end Secret Service Response) +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ The SS response refers to only a single sting/undercover board, and because the identify of the Dark Side was revealed as a sting board by the SS, we conclude that the board referred to below and The Dark Side are the same. We also suggest that this response is less than forthcoming, perhaps even deceptive, for at least two reasons: 1. Prosecutors can nitpick over legal nuances of the meaning of the following: "The procedures used to monitor computer bulletin boards during an official investigation have involved either the use of an informant (under the direct supervision of the investigating agent) or an agent operating in an undercover capacity. In either case, the informant or agent had received authorization from the computer bulletin board's owner/operator to access the system." To mere layfolk unlettered in law, the language implies that the sysop of a surveilled system allowed access with knowledge that the surveillor was an agent or informant. If a sysop does not know that he/she has given access to a potential agitator or provocateur, then the spirit of the law seems compromised. According to Dr Ripco, some users in the past did identify themselves as affiliated with law enforcement. The Dictator was not one of these. A second claim in the SS response is less ambiguous. The Director writes: "No, the U. S. Secret Service has not created a computer bulletin board nor a network which was offered to members of the public. We have created an undercover bulletin board which was offered to a select number of individuals who had demonstrated an interest in conducting criminal activities. This was done with the guidance of the U.S. Attorney's office and was consistent with the Electronic Communications Privacy Act." Now, we could quibble about what constitutes the "general public." But this statement by The Director of the Secret Service does not correspond to several facts. First, and most offensive, is the claim that The Dark Side "AS OFFERED TO A SELECT GROUP OF INDIVIDUALS WHO HAD DEMONSTRATED AN INTEREST IN CONDUCTING CRIMINAL ACTIVITIES." This is simply not true! The Dark Side was explicitly advertised on other quasi-public boards, including The Central Office, and was found in the BBS lists of other boards. In PHRACK #20 (file 12), there is a two line advertisement reading: "The Dictator is looking for users to call his bulletin board," and it provides the number as (602) 789-9269. The Dictator also left the following message on The Phoenix Project (which, despite it's reputation was open and readily accessible): --Begin Phoenix Project Message--- > >13/100: the dark side >Name: The Dictator #115 >Date: 10:42 pm Fri Nov 04, 1988 > >attention: > the dark side bbs is up and running...any user that wishes to become >a part of history...please call..this is yet another hard working system >that wishes to make its mark in computer history. > > give us a call.. > > the dictator > >dark side bbs 602-789-9864 > >summer con '88 members given imddiate access The number given is different from the one later identified in SS documents as the sting board number. Perhaps it was typo, or perhaps it was and it was presumably changed shortly after this message was left. An anonymous sysop of a board in the Midwest told CuD that the Dictator personally left the number of The Dark Side on the BBS, and recalls at least one public message in which The Dictator left a public message requesting people call it. This BBS in question was a quasi-open board in that--as most boards, including public ones--after a preliminary log-in, virtually everybody who seemed "non-loony" was validated. The point is that The Dictator was ACTIVELY SOLICITING CALLERS OPENLY, and not simply inviting a "select few" to call the board who "demonstrated an interest in conducting criminal activities." One user who documents participation on The Dark Side from shortly after it's inception states that The Dictator encouraged him to tell his friends to call The Dark Side and, at one time shortly after it "went up after being down" actually "seemed desperate for new users." According to information from several DARK SIDE users and logs they have provided from The Dictator on his own system and on others, The Dictator took an active role in generating message topics. According to one source, The Dictator would rarely provide information, but would attempt to generate seemingly innocent topics that might, in retrospect, provide the kind of "documentary evidence" (especially if take out of context) that could lead to suspicion or to searches. The following were provided as examples of "typical" ways that a discussion topic might be generated. We observed from the responses to these notes (that we deleted), that the innocent question would elicit a technical or potentially incriminating answer of the type used prejudicially in the sentencing memorandum of the Atlanta Three, or of the type used to justify the raid on Steve Jackson Games. The lesson we take from the following is that the Secret Service, through the use of an informant, seems to have *ELICITED* statements that could be used as evidence. ++++ BEGIN SELECTED SYSOP QUOTES FROM 1989 +++++ Msg: #192 Sec: 7 - Security 24-Feb-89 10:13 PM Subj: ATTENTION From: Sysop To: All Ok guys...heres the scoop... Since the incarsaration of one AZ KID, The Dark Side BBS has engaged PARANIOA MODE.. If you didnt read in the previous post, the AZ KID was served with a search warrent a few days ago for some local and otherwise federal phreaking. This board will remain in paranioa mode until the developments of the AZ KID come into play. Lets just say that there are a few things that the AZ KID could suggest that would/could be hazardous to this boards health. SO, please keep the posts to a .... ahem .... legal sence. Thank you... As updates to this situation come into play, you will be updated. For those of you who may have experience in these circumstances, please leave me mail...as much info that I can gather in this pressing situation the more I can help my upcoming ulcer. Thanks <Grin> Msg: #251 Sec: 1 - General 09-Mar-89 02:06 AM Subj: Ok Now what From: Sysop To: All Ok people... Suggestion time. Im looking for a few trustworthy people that want to help me out with the system to help it grow... I need as many suggestions as possible. We have really been growing in the past couple of weeks, and I am gaing multiple sources of info to boost the integrity of this system. Help me out here people, I cant do it on my own...Leave me E-Mail TD Msg: #248 Sec: 8 - Da Elites 09-Mar-89 01:53 AM Subj: #243 - divertors From: Sysop To: (Name Deleted) Interesting concept! However, I am not too familair with divertors...There are a lot of concepts I understand and what not, however...lemme see if I can put this into words... What about open divertors? It is true that divertors work like call forwarding, however, is it theoridcally (sp) possible to find an open divertor and have it dial your line? In high school just for the fun of it, we bought a DTMF chip from our local Rat Shack store and basically built a call forwarding system that we could attach to any ones line (if need be) to then have the DTMF chip call to any number needed. It worked well...primitive, but well... TD Msg: #247 Sec: 1 - General 09-Mar-89 01:48 AM Subj: #244 - alala From: Sysop To: (Name deleted) Who makes the most popular PBX system? The reason for asking is for curiosity sake. There are a lot of different features within a PBX..... , TD Msg: #235 Sec: 8 - Da Elites 06-Mar-89 05:18 PM Subj: Radius's (R) From: Sysop To: all What can anyone tell us about radius's? This is a subject area that I admitt I am no good at! TD Msg: #234 Sec: 8 - Da Elites 06-Mar-89 05:17 PM Subj: divertors (R) From: Sysop To: all What can any one tell us about diverters?? Discussion time! Reply(s) #243 Msg: #228 Sec: 7 - Security 06-Mar-89 12:36 AM Subj: Ummmmm From: Sysop To: All Ok guys...lemme ask a general question here that seems to have me a bit confused... About a week or so ago, AZ KID had a search warrent served on his house, and they took in possession several tapes, tape player, ect, ect.. However, he has not been arrested or charged with ANY kind of a crime. He still does not have his confiscated equipment back, so I am thinking that they think they have something on him... My question is, should he be charged by now?? Its got me a bit concerned. I thought usually they would have charged him with a crime, or let it go by now....Unless of course he "plea bargined"... I dont know..Ive talked to him, but he "doesnt know whats going on" So...What do you guys think,eh?? Msg: #227 Sec: 7 - Security 05-Mar-89 01:38 AM Subj: CNA (R) From: Sysop To: All We all know that CNA gives you the Customer Name and Address if you have the number, is there a department that has the Number if you have the Name, or address, or something of that sort??? TD Msg: #225 Sec: 1 - General 05-Mar-89 01:34 AM Subj: #211 - Text files From: Sysop To: (Name deleted) Any kind of text file that you see fit to better this system. Its the users that make the system. This BBS will work on a diplomatic system. (And Ill have thelast word..har har har) Once youve been voice validated, Im sure youll understand what text files will be benificail to this system TD +++ END SYSOP QUOTES +++ The tenor and content of these and other messages by the sysop suggest that the SS's operative was not passive or particularly selective, and may have generated the kinds of evidence for which he was being paid by his leading questions. If The Dictator was indeed operating under the "direct supervision" of a field investigator, then it would seem that the SS knew full well that the information it supplied to Rep. Edwards was, at best, misleading: Recruiting users was for The Dark Side was hardly "selective," but quite open, and those who called stood a chance of being drawn into discussion initiated by the sysop, a paid informant of the secret service, who turned the logged files over to them. It would seem that either the SS has little control over its operatives (which suggests incompetency) or that it knows full well what its operatives do and choses to redefine reality in self-serving ways. Either way, the responses by the SS to Rep. Edwards should be re-examined and those who were involved in the undercover investigation held accountable. ******************************************************** ** WHAT'S THE POINT? ** ******************************************************** When the federal government uses *paid* informants, nobody wins. Officially sanctioned deception and betrayal, as Gary Marx argued in his book "Undercover: Police Surveillance in America," is generally far more detrimental to public order in the long run than whatever "crimes" the deception targets. When federal agencies set up sting boards and use informants to gather, even generate, diverse information that is in turn given to agents as potential "evidence" of wrong doing, there can be problems. In the 1960s and 1970s, we have seen through various class action suits, congressional hearings, FOIA requests, and other inquiries, how abuse of information by those who collected it resulted in lost employment opportunities and other uncool consequences. In the past year, we have also seen the misuse of information in indictments, sentencing memorandums, and especially in several search affidavits and seizure warrants. Most of us are concerned if agencies collect information on us against our knowledge, because the potential for harm can be subtle. Many readers of CuD have called a variety of bulletin boards considerated to be "underground." When an agency such as the Secret Service sets up a STING board and PAYS an informant to capture logs, those of us who call these boards have reason to be concerned with how our **LEGAL, LEGITIMATE** posts may be interpreted and used by agents. When we recall that one sysop was liked to a fraud conspiracy because of a two line comment that kermit is a 7-bit protocol used primarily on mainframes, our confidence in agents' interpretive competence diminishes. Our intent has not been to embarrass The Dictator. If it were, we would include the name he uses when socializing with others. IT WOULD ALSO BE TOTALLY REPREHENSIBLE IF OTHERS WERE TO ENGAGE IN HARASSMENT OR OTHER RESPONSE AGAINST HIM! The CU has increasingly been united by principles of justice, and to engage in unjust acts because we feel others have done the same to us violates those principles we are working toward. Calls to the "voice number" The Dictator has left on at least one public post on a public board, and given to others, have gone not received a response. Messages left to him on BBSs have also not generated contact. We continue to invite him to contact us and give his side of the story. There are generally shades of grey in even the darkest images, and if he contacts us we promise either a fair and impartial story, or, he can write his own version and we will publish it unedited. We also remind readers that the issue IS NOT an individual. At stake in all this is the issue of privacy and police power as we enter the 21st century. When laws cannot keep up with technology, the consequences may be ill-considered strategies for monitoring and punishing alleged wrong-doers. As Gary Marx reminds us in his book "Undercover" (p. 233): In a democratic society, covert police tactics, along with many of the other surveillance techniques, offer us a queasy ethical and moral paradox. The choice between anarchy and repression is not a happy one, wherever the balance is struck. We are caught on the horns of a moral dilemma. In Machiavelli's words: %Never% let any state ever believe that it can always adopt safe policies...we never try to escape one difficulty without running into another; but prudence consists in knowing how to recognize the nature of the difficulties and how to choose the least bad as good." Sometimes undercover tactics will be the least bad. Used with great care, they may be a necessary evil. The challenge is to prevent them from becoming an intolerable one. -----------------------------------end here------------------------------------ We reprint the complete issue, because it is too important to be omitted and by not "cutting" out sections, or editing out 'non-Ripco' parts, you get the complete story, compact and complete. A CuD Classic. After this issue, many questions were asked about using an informant, how legal it is, and what to do about it, but it thinned out when nothing really happened. Dr. Ripco still hadn't gotten his equipment back, and Ripco ][ was up and running. Small requests from readers of CuD about updates on the case and answers from the Moderators was all that could be said/read. <Taken from Computer Underground Digest Vol.3, Issue #11 Apr 4, 1991> ----------------------------------start here----------------------------------- ++++++++++++ Case Updates ++++++++++++ >>RIPCO: The Ripco case has not been forgotten. Counsel for Dr. Ripco is holding strategies close to the vest, and because the seizure of the BBS is alleged by the Secret Service to be part of an on-going investigation, things move even more slowly. CuD filed an FOIA request to the Secret Service for information on Ripco, and the response was: With regard to Ripco, we regret to inform you that we cannot comply. according to the Freedom of Information Act, there are no records or documents available to you. Persuant to 5 U.S.C. 552 (b) (7) (A), this file is being exempted since disclosure could reasonably be expected to interfere with enforcement proceedings. The citation of the above exemption is not to be construed as the only exemption which may be available under the Freedom of Information Act. The original search affidavit for the search on May 7, 1990, cites "CI 404-235," a "volunteer, paid" Secret Service informant, as the primary source of the goverment's information. "CI 404-235" was also the informant responsible for providing information that led to the raid on RIPCO. In CuD 3.02, we reported that the Secret Service indicated that this informant ran a sting board that we identified as THE DARK SIDE (run by a sysop known as THE DICTATOR who continues to call boards around the country. -----------------------------------end here------------------------------------ The last we heard about Ripco BBS and Dr. Ripco from CuD was in Vol.3, Issue #14 April 26, 1991 which said that "...no charges have been filed against him[Dr. Ripco]." and that "He remains in limbo, his equipment has not been returned, and he still does not know why." Until now, nothing more has been said about this case, and that's how we got the idea to make a compillation about Ripco from the beginning to this date (December 1991) with this following extra update. This information was written to me [The Chief] during an E-Mail discussion by Dr. Ripco. He also gave me permission to use the information to write this file. Dr. Ripco 'Interview' November 1991 Reprinted with permission ----------------------------------- Edited parts marked with <ed> Question : Do you think the Secret Service is monitoring your board? --------------------------------------------------------------------- Dr. Ripco : <ed> ...no there hasn't been anymore digging by the s.s. since the original bust as far as i can tell. right now i'm pretty sure they don't know what to do next with this matter. everything seems stalled as far as i can tell. Question : Are you worried about having been investigated by them[The SS]? --------------------------------------------------------------------------- Dr. Ripco : i'm not sure if there is anything to really worry about as far as being investigated by them. from the copies of the legal papers we turned up they only used the informant for all the investigations. no taps, DNR's or surveillence. the only things they looked into (as far as i was concerned) was the phone records as far as proving i owned the line and a request to have them turned off the day of the seizure. there is no indication they did a mud report which would of listed everyone i was calling nor was there anything to show the building or myself was being watched. Question : How about getting your equipment back? -------------------------------------------------- Dr. Ripco : i'm pretty sure they put all their eggs in one basket and relied on the reports the informant was passing along, which is the big mistake overall. i'm pretty confident now this matter would be weak for them to bring to court or set up an indictment. the big question is if the stuff will ever be returned at all or at least before it becomes obsolete. Question : What can we do to prevent this from happening again? ---------------------------------------------------------------- Dr. Ripco : all we can do is keep showing the stupidity of the government in this matter and hope it doesn't happen again on that scale. ----------------------------------------------------------------------------- [Here we compare the confiscation of Ripco BBS with a similar case in Sweden] [where the equipment of an Underground BBS was confiscated, but the SysOp ] [wasn't charged for anything or arrested. The equipment is still confiscated] ----------------------------------------------------------------------------- Question : About different levels of punishment for different hacker-"crimes" Today there's only one level and no difference between a normal hacker and someone who crash systems. ------------------------------------------------------------------------------ Dr. Ripco : well i guess both the governments[Swedish and U.S.] are on the wrong track. i agree with you that the degree of the crime should have some bearing on what should be done. i don't know much about sweden but its seems it has the same odd quirks as here. <ed> ...its almost that they don't think about what is really going on, just pass the panic along. Question : How did it start over there[In the U.S.]? ----------------------------------------------------- Dr. Ripco : the mess here was started by two u.s. assistant attorneys who came up with the abstract of computer crime. the picture they painted is completely wrong but the damage is already done. there has already occured what should of been minor events turn into major actions which really screws up peoples lives. Question : About the legalities and computer crime[In the U.S.]. ----------------------------------------------------------------- Dr. Ripco : although any type of computer crime is still a crime, around here they automatically add in the rico stuff and try to make it look like a conspiracy and a variation of racketeering. thus for what is usually a minor offense turns into a felony case that drains the subject just trying to defend himself on charges that shouldn't of been brought up in the first place. Question : Can Ripco ][ reach the same level as Ripco once did? ---------------------------------------------------------------- Dr. Ripco : well all i can do is keep plugging away, the original ripco was made out to be a cornerstone in the "computer underground" but natually no one around here thinks that. if anything, the way things are now here isn't all that different than the seized one. Question : What about the EFF trying to change things and help? ---------------------------------------------------------------- Dr. Ripco : i really don't know if anything can be done either to change things. the legal groups set up here are doing their best but i really get the feeling it isn't going to go anywhere. its not that they aren't trying their best, its the odds against the whole thing thats the problem. Question : Can we do something to change the public's view of hackers/the CU? ------------------------------------------------------------------------------ Dr. Ripco : the feds in charge here (although they have seem to be disappearing lately) constantly feed the public at large misleading and incorrect information to sway things to their side and justify the actions. the woman who used to be in charge of the mess i'm involved in stated something like an estimate $3 billion is lost to computer fraud in the u.s. every year. even if that figure is true, most of the real people involved with computers said that probably 70 to 80% of that is internal losses not hacking. but natually the feds downplay that and put ye old hackers as the cause of the entire loss. even that d.e.a. watts line that was broken into was overblown. the estimated losses based on what mci or whoever the provider was indicates the line must of been used 24 hours a day, 7 days a week for 2 years to even come close to the figure. i think the point i'm trying to make is that everyone on the "inside" (us i suppose) knows that there is a degree to everything that goes on in the telecom world but how is that explained to john q. public against these numbers they keep tossing around? they are the authoritive powers that are expected to know what going on and although the public has less and less trust in what the government says, this matter is kinda closed knit only having a effect on a minority of the overall public. so trying to convice a public that isn't really interested in the subject is where i think it isn't going to go anywhere for the mean time based on what the government keeps saying what THEY think is going on. Question : So what can we do when we can't get through to the general public? ------------------------------------------------------------------------------ Dr. Ripco : i guess winning the little legal battles, one at a time might have a pay off sooner or later so i just don't see a good clean cut right now at solving this problem in one swoop. Question : I think it will be better in a few years, now that we have EFF and other organisations working to help us[hackers]. How about you? ------------------------------------------------------------------------------- Dr. Ripco : i'd say you are looking on the bright side of things if in fact what you say about things being better in a couple years is true. i think the actions here in the u.s. by the feds damaged things that'll never go back to normal. sort of losing your virginity if ya know what i mean. Question : About this interview not being interesting. ------------------------------------------------------- Dr. Ripco : <ed> ...there just isn't much to say about it overall. see technically, i wasn't arrested, charged, indicted or anything else like that. the original ripco bbs along with other non-related items were simply seized by the u.s. secret service for reasons that are still not clear. Question : But don't you think people are interested? ------------------------------------------------------ Dr. Ripco : since nothing happened to me personally, i'm really no different than anyone else right now, i can run this board, move, leave the country or do anything else as i please. this is where my beef is rather than an accused man really being innocent pleading his case. it's one thing for the government to conduct an investigation to find/locate/arrest criminals. it's another thing to go on a witch hunt, sweep a possible trouble spot, grab everything and hope enough turns up to make a case. Question : But why do you think they confiscated your equipment and not charge you with anything? ------------------------------------------------------------------------ Dr. Ripco : logically reasoning things out comes to two possible conclusions (others may apply but these are the best guess)... #1: they thought or had reason to think i was some sort of computer criminal and by seizing my computers would provide the missing link (if any) to formally charge me. -or- #2: they may have known that i in fact had no criminal actions but the bbs could provide them with worthwhile information since it was veiwed as a nest, breeding hackers to the outside world. gaining full access to it would give them some kind of door to the "underground". i really don't know on either. #1 doesn't make a whole lot of sense because after talking upon hours with people who are knowledgeable in seizures, the makeup, the actions, etc. it appears i should of been arrested and charged within days of the seizure. more normal is to seize the possible evidence, arrest to "hold" the subject for 72 hours while the evidence was examined, then file the proper charges. #2 seems to apply more becuase i AM clean, always have been. kinda stupid to operate a menace to society (their veiw, not mine) if the operator is a big time card, phreak and hacker all rolled into one. wouldn't you agree? the actions behind #2 is what pisses me off. Question : But how could they confiscate your equipment if #2 is the truth? ---------------------------------------------------------------------------- Dr. Ripco : here we have a situation where a bbs and freedom of speech come head to head. the bbs itself does not commit illegal actions, we didn't even have codes posted in years. the operator is just that, an operator, no outside activites to link what he does in his free time to what activities goes on with the board. now enters the secret service with a profile, a written document which describes the makeup of a hacker bbs, how things are hidden or altered from the public in an attempt to deceive the "real" activity going on beneath the surface. they conclude ripco fits the profile and voila, ripco gets seized. Question : What can you do about it? ------------------------------------- Dr. Ripco : i don't have any recourse. i'm not an accused man who has his day in court coming. i can't do anything to challenge this. all i can do is file a suit against the government to have the stuff returned. estimated cost? at least 3 to 4 times the value of the equipment taken. get reimbursted for the legal fees? can't do that. will following through and winning the suit help in the scheme of things? no... winning will be that only, a win, does not set a precedent because the suit would be on the actions of the investigation, not the merits of the investigation itself. so where does that leave me? sitting here. like the attorneys said, sit and wait. either they'll (the feds) attempt an indictment and we can fight then or the statue of limitations will run out and we win(?) by default. by then the hardware will be so out of date the only value of it will be to collectors of ancient computers. its almost unbelievable to think i would be better off being charged with something from the start. i know this is getting a bit long but one more fact that was presented to me is they could charge me with something else non- related to what they were after in the first place. they took 3 computer systems and somewhere between 2 and 3 thousand disks i accumulated over the last 10-11 years. anything they find on those disks that could lead to a conclusion that a crime was commited, could in fact be presented as evidence to other charges. another words as an example, they come in expecting to catch a carder, hacker or phreak but all that surfaces is a couple poision pen letters threating the president or some other public offical. justify the investigation... no problem. go for it. Question : What's the bottom line here? ---------------------------------------- Dr. Ripco : the bottom line is to get people to imagine wherever they are sitting, in their home or apartment, the government acting in the welfare of the public kicks your door down and takes everything you own only because you are under suspiction of doing something wrong, they don't know exactly but after everything is seized, they'll figure something out. can anyone really be 100% clean? isn't judgement day supposed to happen when you get to the pearly gates? i don't care where you live, that isn't right and shouldn't be done but that's where i'm at and welcome to it. Question : Then it is the legal system that has to be changed. --------------------------------------------------------------- Dr. Ripco : <ed> ...my complaint isn't with the why's of the investigation but the how's of it. if the government showed anything to reenforce the idea that a proper investigation has taken place, i'd probably be sitting waving a flag and say i'm glad i was part of something that will bring criminals to justice. the problem is as i see it, the government, the people doing the supposed investigation and the means they are using are the real crime. we involved are the ones that are going to take the fall to cover themselves up. Question : Is it ok to use this information in an upcoming file from uXu about you[Dr. Ripco] and Ripco BBS? ------------------------------------------------------------------------- Dr. Ripco : yeah, no problem. if there's something about the feds fishing expedition that might be of interest, by all means pass the story around. keep in mind i'm not the only one either, according to the press release the s.s. gave out after the sweep there was 27 warrants issued that day in 13 u.s. cities. i'm not really sure if that means there are 26 other people besides me because i was actually served with 2 seizure warrants. Question : So what's the deal with the 26 other people? -------------------------------------------------------- Dr. Ripco : i can safely say the others are probably in the same boat although we have no idea who they are. up to this point i'm the only one to come forward publicly and requests to the government for just the names have been turned down. actually the government has turned down all the requests which is part of the matter that pisses me off. i have a feeling if the others were able to be contacted, you would probably find similar stories to mine. this to me is logical, if i'm the only one kicking and screaming it doesn't carry very far, if were able to become a collective group it might cause them some real greif. the feds keeping us apart from each other is in their best interest. Question : What do you think of the informant, The Dictator? ------------------------------------------------------------- Dr. Ripco : <ed> ...personally i think the informant (who is still calling here) didn't just inform as his job should of been. it seemed to me from his activities it comes closer to what we call entrapment. but that's just my opinion fer now. Question : How about legal issues? Can this file be used as "evidence" against you in any way, or help the Feds? ----------------------------------------------------------------------- Dr. Ripco : my attorney [though] asked that i shouldn't pass along some things which favor our legal side so i can't really go into what things we turned up and the contents but keeping the general nature of it is no problem. as he put it, another thing that favors the feds in this case is the fact that no arrest or charge has been brought forth yet. this leaves the end open to them and me screaming bloodly murder/anti government retoric might push them to do something just to bust my balls. -------------------- [End Of "Interview"] -------------------- So, this is how it is today with Dr. Ripco, and the confiscated equipment. If something happens, either way, we will write about it. Many thanks to Dr. Ripco for letting me use the information, and beeing helpful in every way possible, showing me where to find useful things to make this file and for putting up with a lot of dumb questions. Without his help, this update wouldn't been possible. Thanks also to CuD, The best source for news in the Computer Underground. (Thank god you're FTP-able! :-)) It would have been a tough job, gathering information about Operation SunDevil and updates on Ripco BBS without it. ----------------- [CuD Information] ----------------- Moderators: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Issues of CuD can be found in the Usenet alt.society.cu-digest news group, on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM, on Genie, on the PC-EXEC BBS at (414) 789-4210, and by anonymous ftp from ftp.cs.widener.edu (147.31.254.20), chsun1.spc.uchicago.edu, and dagon.acc.stolaf.edu. To use the U. of Chicago email server, send mail with the subject "help" (without the quotes) to archive-server@chsun1.spc.uchicago.edu. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. Some authors do copyright their material, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. _______________________________________________________________________ _______________________________________________________________________ Downloaded From P-80 International Information Systems 304-744-2253 12yrs+