Computer underground Digest Sun Apr 10, 1994 Volume 6 : Issue 31 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe (He's Baaaack) Acting Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Suspercollater: Shrdlu Nooseman CONTENTS, #6.31 (Apr 10, 1994) FIle 1--MIT Student Indicted for Internet "Piracy" (MIT account) FIle 2--MIT Student Indicted for Internet "Piracy" (AP account) FIle 3--Text of Indictment of MIT Sysop FIle 4--LaMacchia (MIT Student) Defense Atty Press Release FIle 5--DO NOT confuse MIT board with legit CYNOSURE BBS in MD FIle 6--FBI Erroneously Detains 2 "Suspects" at CFP '94 FIle 7--Phil Zimmeran Requests Info on PGP Uses Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 FTP: UNITED STATES: etext.archive.umich.edu (141.211.164.18) in /pub/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) nic.funet.fi ftp.warwick.ac.uk in pub/cud/ (United Kingdom) COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Fri, 9 Apr 1994 18:21:31 PDT From: Moderators Subject: File 1--MIT Student Indicted for Internet "Piracy" (MIT account) ((MODERATORS' NOTE: Thanks to a Well poster who made the following news item from the April 8 issue of the MIT student newspaper (THE TECH)). Student Indicted on Piracy Charges ((Documents relating to this story are available on our news bulletin board.)) By Josh Hartmann Contributing Editor Student Indicted on Piracy Charges A federal grand jury charged an MIT student yesterday on a felony charge for allegedly allowing the piracy of over $1 million in business and entertainment software using Athena workstations. David M. LaMacchia '95 was indicted on one count of conspiring to commit wire fraud, according to a statement from the U.S. Attorney's office in Boston. LaMacchia allegedly allowed the duplication of hundreds of copyrighted software packages between Nov. 21, 1993, and Jan. 5, 1994, using workstations on the Athena Computing Environment. "We became aware sometime in December that a computer was being used to distribute software," said Kenneth D. Campbell, director of the news office. "That information was turned over to Campus Police and the FBI. MIT personnel cooperated with the FBI in the investigation." The incident was discovered when an Athena-user in the Student Center cluster noticed that an unattended workstation next to him was behaving abnormally, making frequent disk accesses, according to James D. Bruce ScD '60, vice president for Information Systems. The user apparently reported the abnormal behavior to members of the Student Information Processing Board, who then proceeded to investigate the matter, according to a source familiar with the investigation. The SIPB members saw the status of the workstation and reported the incident to the Information Systems staff, the source said. SIPB itself was not part of the investigation, according to Jessie Stickgold-Sarah '96, the SIPB chairman. Attorneys for LaMacchia issued a swift denial of the charges late yesterday, saying LaMacchia was merely the provider of a service which others used to place and remove files. The statement called the indictment a test case to "decide whether current criminal law would penalize a [systems operator] who neither controls what is placed on the system nor profits one cent from any copyrighted software that others upload to and download from the system that he and others create and operate." Many of the people who accessed the pirated files over the Internet concealed their location by using an anonymous service in Finland, Bruce said. The Associated Press reported yesterday that LaMacchia advertised the server strictly by word-of-mouth to avoid detection. The AP quoted the indictment as saying that as many as 180 users accessed the server in one 16-hour period. DISCIPLINARY PROCESS UNDERWAY Within MIT, "there was a disciplinary action filed against [LaMacchia] sometime in January," Bruce said. These proceedings have been halted, he added. Another anonymous source said that the Office of the Dean for Undergraduate Education and Student Affairs had received a complaint in January, but had not decided whether the disciplinary action would be forwarded to the Committee on Discipline, handled by the Dean's Office, or dismissed outright. Dean for Undergraduate Education and Student Affairs Arthur C. Smith said last night that Institute disciplinary procedures are usually suspended when a student is charged with such a crime. However, Smith would not comment on the status of any disciplinary case underway. If LaMacchia were convicted, he would still be subject to the normal disciplinary measures within the Institute, Smith said. LOSSES OVER $1 MILLION Losses from the illegal software duplication are expected to surpass $1 million, according to the statement from the U.S. Attorney's office. "The pirating of business and entertainment software through clandestine computer bulletin boards is tremendously costly to software companies, and by extension to their employees and to the economy," said U.S. Attorney Donald K. Stern. "We need to respond to the culture that no one is hurt by these thefts and that there is nothing wrong with pirating software." A list obtained by The Tech revealed that MS-DOS games dominated the server. Among the business software, however, were Aldus Pagemaker 5.0 for Windows, Microsoft Word for Windows 6.0, a beta (pre-release) copy of a forthcoming operating system by Microsoft code-named Chicago, WordPerfect 6.0 for both DOS and Windows, a beta copy of Microsoft 5.0, and Aldus PhotoStyler 2.0. If found guilty LaMacchia could conceivably be the subject of a civil suit by the software vendors, Bruce said. "It would be entirely possible for a vendor to make a case that it suffered monetary damages," he said. "I would think there is some reason [LaMacchia] could be sued." Bruce said he thought the Institute's liability would be limited because of Athena rules prohibiting duplication of copyrighted software. LaMacchia did not return telephone calls last night. Copyright 1994 by The Tech. All rights reserved. This story was published on Friday, April 8, 1994. Volume 114, Number 19 The story began on page 1 and jumped to page 13. This article may be freely distributed electronically, provided it is distributed in its entirety and includes this notice, but may not be reprinted without the express written permission of The Tech. Write to archive@the-tech.mit.edu for additional details. ------------------------------ Date: Fri, 9 Apr 1994 18:21:31 PDT From: Anonymous Subject: File 2--MIT Student Indicted for Internet "Piracy" (AP account) ((You might be interested the following AP item. Following an investigation by the FBI, David LaMacchia, an MIT student, was indicted April 7, 1994)). MIT Student indicted for "Internet Piracy" >From the Associated Press BOSTON--A federal grand jury indicted an MIT student Thursday on charges he ran a computer bulletin board that allowed people to copy more than $1 million worth of copyrighted software for free. David LaMacchia, 10, a junior at the Massachusetts Institute of Technology, was indicted on one felony count of conspiring to commit wire fraud, said U.S. Atty. Donald Stern. LaMacchia, of Rockville, Md., used the computer aliases "John gaunt" and "Grimjack," to operate the bulletin board at MIT from Nov. 21 to Dec. 21, 1993, and from Jan. 3 to Jan. 5, the indictment said. The bulletin board, named Cynosure, allowed people on MIT's computer network to copy business and entertainment software, the indictment said. Since MIT's system is part of the Internet, a super-network using telephone lines to link educational, military, and commercial computer networks around the world, Internet users also were able to illegally copy the software, Stern said. As many as 180 people used the illegal software library over one 16-hour period, downloading hundreds of copyrighted commercial programs, the indictment said. ------------------------------ Date: Fri, 8 Apr 1994 04:09:47 GMT From: jgull@world.std.com (jason n gull) Subject: File 3--Text of Indictment of MIT Sysop I thought this might be of interest to many. A federal grand jury in Boston returned an indictment this afternoon, charging a 20-year-old MIT student and sysop with conspiracy. The indictment alleges the student, David Lamacchia, created and maintained a BBS/FSP site on the internet, on which pirated software was exchanged. ====================================================== UNITED STATES DISTRICT COURT DISTRICT OF MASSACHUSETTS UNITED STATES OF AMERICA | CRIMINAL NO. 94-10092RGS | VIOLATION: | 18 U.S.C. Sect. 371 - Conspiracy US v. DAVID LAMACCHIA _INDICTMENT_ _COUNT ONE_: 18 U.S.C. S 371 - Conspiracy The Grand Jury charges that: 1. From on or about November 21, 1993, to on or about January 5, 1994, at Cambridge, in the District of Massachusetts, and elsewhere, DAVID LAMACCHIA defendant herein, did knowingly and intentionally combine, conspire, confederate, and agree with other persons unknown to the Grand Jury, to commit offenses against the United States, that is, to devise and execute a scheme and artifice to defraud, and, for the purpose of. executing and attempting to execute such scheme, to transmit and cause to be transmitted in interstate commerce, by wire communication, writings, signs, signals, pictures, and sounds for the purpose of executing such scheme and artifice, in violation of Title 18, United States Code, section 1343. _PERSONS AND ENTITIES_ 2. At all times material to this Indictment, the Massachusetts Institute of Technology (MIT) was an educational institution located on Memorial Drive, in Cambridge, Massachusetts. 3. At all times material to this Indictment, defendant DAVID LAMACCHIA was a student enrolled in and resident at MIT. 4. At all times material to this Indictment, MIT had a connection to the Internet, an international collection of electronic networks linking educational, military, and commercial computers around the world. _CONSPIRACY AND SCHEME TO DEFRAUD_ 5. It was part of the scheme and conspiracy that defendant DAVID LAMACCHIA, using the computer aliases "JOHN GAUNT" and "GRIMJACK," set up, participated in setting up, and, from on or about November 21, 1993, to on or about December 21, 1993, and from on or about January 3, 1994 to on or about January 5, 1994, operated and participated in the operation of a computer bulletin board system named "CYNOSURE" to permit and facilitate, on an international scale, the illegal copying and distribution of copyrighted software, without payment of software licensing fees or the software purchase price to the manufacturers and vendors of the copyrighted software 6. It was further part of the conspiracy and scheme to defraud that defendant DAVID LAMACCHIA operated, and participated in the operation of, "CYNOSURE" on two computer work stations owned and operated by MIT, located at Cambridge in the District of Massachusetts. The two work stations were designated "CYNOSURE I" and "CYNOSURE II." In addition, a third MIT computer was utilized for back-up files and other purposes associated with running CYNOSURE. 7. A computer bulletin board system ("BBS") consists essentially of a personal computer on which is installed a computer program which permits persons all over the world, using their own computers and telephone lines, to obtain access to the BBS computer. Persons thereby obtaining access to the computer BBS may post files and messages to the board ("upload"), and may read and copy files and messages ("download") to their own computer. The messages that may be uploaded or downloaded can consist of virtually any type of data or information, including other software programs. The CYNOSURE BBS was accessible worldwide via the Internet. 8. In using the MIT work stations for the purpose of running a computer BBS to pirate and distribute copyrighted software, LAMACCHIA exceeded his authority, as an MIT student, to access and use the MIT computer system and its connection to the Internet. 9. It was further part of the conspiracy and scheme to defraud that the defendant, using the computer aliases "JOHN GAUNT" and "GRIMJACK," communicated to other persons the Internet address (or "site") for the CYNOSURE BBS to permit them to send, by means of interstate and foreign wire communication, files and messages to the BBS and to avail themselves of the opportunity to copy and cause to be transmitted by means of interstate and foreign wire communication, computer files stored on the BBS. The users of the CYNOSURE BBS often hid their identities by using an Internet address located in Finland which afforded an anonymous forwarding service. 10. It was further part of the conspiracy and scheme for users to "upload" computer files into the CYNOSURE BBS in order to create a library of software that could be accessible to other users who, without paying a purchase price or licensing fee, could unlawfully download copyrighted software to their own computer systems. Files downloaded to an anonymous Finnish Internet address service would then be surreptitiously forwarded to the user's own computer system. 11. It was further part of the conspiracy and scheme to defraud to circulate the CYNOSURE BBS address to a trusted network of computer users in order to protect the BBS from detection, and to communicate with BBS users by posting "README" files on the BBS. In these communications, which users would access through interstate telephone communication between their computers and the MIT server upon which the CYNOSURE BBS was resident, the defendant: advised users to check the CYNOSURE I index before uploading files so as not to duplicate existing files; requested particular copyrighted software; and cautioned against over-publication of the Internet site address for the bulletin board in order to reduce the risk of detection by the "net.cops," i.e., systems administrators and network security personnel. 12. In fact, however, as defendant knew, the site address for the CYNOSURE BBS was disseminated widely and indiscriminately over public electronic networks, and as defendant knew or reasonably could have foreseen, traffic into and out of the CYNOSURE BBS for the purpose of unlawfully copying copyrighted software quickly became enormous. For example, approximately 180 computers contacted the BBS over a single 16-hour period of time it was in operation, downloading hundreds of computer software files containing copyrighted commercial programs during that same period. 13. As a result of the conspiracy and scheme to defraud, losses from the illegal distribution of the pirated software are estimated to exceed one million dollars during the period the CYNOSURE BBS was in operation. 14. On or about November 24, 1993, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created a "README" file on the CYNOSURE BBS which stated, Welcome to the Cynosure FSP site. The site currently has about 150 megs of space, so go ahead and upload. Let's get this site going! New files should be uploaded in a new directory under /dos/files. -- GrimJack, your sysop. 15. On or about December 4, 1993, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created, and participated in creating, a "README" file on the CYNOSURE BBS which stated, Welcome to the Cynosure I FSP site. This site has a total of 193 megs of space. This is a download-only site. If you want to upload (please do!) on Cynosure II at 18.187.0.75 port 2433. -- gJ (a.k.a. Gaunt, Mongoose Maintainers "FSP" refers to "file service protocol." It is used to facilitate a large volume of file activity without causing the system to "crash." 16. On or about December 9, 1993, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created a "README" file on the CYNOSURE BBS which stated: "Use this directory for sending private pgp-encoded messages to other users. -- John Gaunt" 17. On or about December 14, 1993, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created a file on the CYNOSURE BBS called "reqs.from.gaunt" which stated: If anyone has this stuff, I'd appreciate it. Sim City 2000 Excel 5.0 (Windoze) WordPerfect 6.0 (Windoze) And if you run a site, drop me a line in the to_sysop directory. I'm also interested in cool sites people use, trading other info, etc. Thanks . . . -- John Gaunt, sysop. 18. On or about December 21, 1993, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created a "README" file on the CYNOSURE BBS which stated, Cynosure II is currently acting as the upload site, and we're periodically moving stuff to Cynosure I and deleting old stuff there. Before you upload, make sure you're not putting something up that's already on Cynosure I. Check there at 18.187.0.76 port 2433 to make sure, or look at the Cynosure I index for a possibly-out-of-date version. ***URGENT*** This is the second time I've caught some luser publicizing the site address on #fsp over IRC. And since I don't use it that much, I don't even want to think about how much of this goes on. Think you guys: this is what leads to a site getting purged, especially when you go around spitting out site address to whomever (especially since I was warned that two of those online at the time might have been net.cops). If you're tempted to give out the site: DON'T DO IT. If this keeps happening that two things will happen (1) this site will close and (2) its new incarnation will be private. So think about it, ok? ***Flame off Writing is back on for the meantime. It will probably go off sometime tonight, since I'll be out of town. I "may" put it back on while I'm gone . . . I'll see how things work out. -- John Gaunt Mongoose Maintainers. "IRC" refers to the Internet Relay Chat, which functions like an electronic CB radio over the Internet, permitting numerous users to "listen in" to a "channel" simultaneously. 19. On or about January 4, 1994, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA and others whom he aided and abetted rebooted the CYNOSURE BBS, i.e., reloaded the bulletin board software, to permit access over the Internet. 20. On or about January 4, 1994, at Cambridge, in the District of Massachusetts, defendant DAVID LAMACCHIA created and participated in creating a file on the CYNOSURE BBS, stating: Welcome to Cynosure I. Cynosure II is currently down. Cynosure I is temporarily up. CYNOSURE IS MOVING!!! Read on. . . . Well, if you've waited this long we thank you for being a dedicated user throughout our hiatus. While we were gone the site was wiped clean. Everything on this machine and all our off-line backups was lost. This is disappointing. While it may not be the result of being found by the net.cops, I still believe the site was too public. Lusers were distributing the address freely over IRC and to people they didn't trust. Usually, the result of this for a site is for that site to move and go private, so it doesn't happen again. I'm going to try something else. Cynosure is one of the last public sites, so I'm going to keep it that way: if we're forced to go down again because of lamers, I will probably have to go private. So, hopefully, with controlled distribution of the new address, this won't happen. The move will happen soon. Distribution of the new address will be limited at first, unlike last time. Mongoose and I are currently hacking a new loction that will (1) be more secure and (2) handle a lot of the problems the site currently has (if you don't know about it, don't worry). Anyway, thanks again for sticking with us. Again, I'm only leaving Cynosure I up while we move. It's better than nothing. See you all on the net. -- John Gaunt Mongoose Maintainers All in violation of Title 18, United States Code, Section 371. A TRUE BILL _xxxxxsignedxxxxx_ Foreman of the Grand Jury Jeanne Kempthorne [signed] Assistant United States Attorney DISTRICT OF MASSACHUSETTS; April 7, 1994, at 4:01 p.m. Returned into the District Court by the Grand Jurors and filed. _xxxxxsignedxxxxx_ Deputy Clerk ------------------------------ Date: Sat, 10 Apr 1994 23:51:32 PDT From: Moderators Subject: File 4--LaMacchia (MIT Student) Defense Atty Press Release ((MODERATORS' NOTE: We had not received permission to publish the following press release from LaMacchia's attorneys from the poster on a public access system by CuD press time. Because it's a public document, and because of its importance, we assume that permission would be granted pro forma)). _Response of Defense Counsel to the_ _United States Attorney's Indictment of David LaMacchia_ Sadly, the United States Attorney for Massachusetts, Donald K. Stern, has chosen in this case to attempt to exert control over the use of the Internet and computer communication by an inappropriate use of *criminal* law. It is almost always inappropriate to use criminal prosecution, as opposed to legislative deliberation, to mold the law in new and gray areas, as this area most certainly is. It requires a stretching and bending of existing criminal statutes never meant to be employed as the U.S. Attorney seeks to employ them, which is precisely why, rather than prosecuting an individual, he or the Department of Justice should be asking Congress to determine, clearly and unequivocally, what conduct is criminal and what conduct is not. An indictment is particularly inappropriate in this case. In indicting David LaMacchia, a 20-year-old junior at M.I.T., the U. S. Attorney and his staff are trying to brand as a computer systems operator (a so-called "SYSOP" in computer jargon) as a criminal, for what *other* people place on, and take off of, a computer system that the SYSOP creates and maintains but does not control. It is not at all clear that a SYSOP who neither controls what is placed on the system nor profits one cent from any copyrighted software that others upload to and download from the system (that he and others create and operate) has committed *any* crime. In short, this case raises the hotly disputed question of whether the operator of a "common carrier" may be held criminally responsible for the manner in which others use his communications system. Obviously, the people who run the telephone company and who publish newspapers should be watching this case carefully, lest they find themselves criminally responsible for misuses of their communications media and systems. The United States Attorney is quoted in _The Boston Globe_ of April 8, 1994, as saying that the role played by young LaMacchia in this case demonstrates an "intent to illegally distribute" software placed on and taken off the system by others, and that this "takes this far beyond the bounds of the First Amendment." On the other hand, Harvard Law School Prof. Laurence H. Tribe, widely acknowledged to be the foremost constitutional scholar of our time, is quoted in the same edition of the _Globe_ as describing this prosecution as an "excessive" use of "the criminal justice system to police the outer boundaries of property in these gray areas, where it can't be alleged that someone is deliberately profiting." We believe that the outcome of this case will vindicate the view of Prof. Tribe rather than the less educated view of U.S. Attorney Stern and his assistants. If the government wishes to outlaw the activities in which David LaMacchia is alleged to have engaged, it should ask Congress to pass a statute clearly making such conduct criminal. We frankly believe that the Department of Justice would have trouble convincing Congress to do so, because of the troubling statutory, constitutional, and policy problems involved. So, instead, the U. S. Attorney will use this to case as a vehicle to try to convince the federal courts to make David LaMacchia into a felon by stretching and mangling the meaning of certain existing criminal laws. David LaMacchia's conduct was not in violation of the criminal law, and we are confident that the courts will agree with us. It is unfortunate that this young man -- among the best and the brightest that our society produces -- will have to suffer while this process goes forward. Given the explosion of violent crime and other criminal pathologies in our society, one would think that the U. S. Attorney's staff of lawyers and FBI agents would have better things to do with their time and the taxpayers' money than to imitate guppies, the fish that devour their own young. We and our client hope to have much more to say about this case and its implications at that point in time when we are able to say more. Meanwhile, we ask that David LaMacchia be accorded the presumption of innocence to which our Constitution and laws entitle him. We ask that all citizens concerned with liberty and fair play follow this case closely and then, at the end, ask some hard questions about the motives and judgment of the prosecutors who have brought this prosecution. * * * * * Harvey A. Silverglate Silverglate & Good 89 Broad Street, 14th flr Boston, MA 02110-3511 Tel (617) 542-6663 Fax (617) 451-6971 Internet:has@world.std.com David Duncan Zalkind, Rodriguez, Lunt & Duncan 65A Atlantic Avenue Boston, MA 02110 Tel (617) 742-6020 Fax (617) 742-3269 Counsel for David LaMacchia Dated: April 8, 1994 ------------------------------ Date: 10 Apr 1994 20:05:23 GMT From: dig@clark.net (Douglas I. Granzow) Subject: File 5--DO NOT confuse MIT board with legit CYNOSURE BBS in MD On Thursday, April 7, 1994, David LaMacchia, 20, of Rockville, MD, was indicted on wire fraud charges for the operation of an FSP site at MIT, which distributed commercial software. The site was called "Cynosure". I'm posting this because I run a BBS called Cynosure Online, and I want to immediately clear up any confusion over his systems and my system. Cynosure Online is not connected with Cynosure I/II in any way. Cynosure Online has been in operation since January 28, 1987, and has never allowed software piracy. The BBS started using "Cynosure" in its name around September of 1992. Previously, it was called "The II Sysops BBS", and was the offical BBS for a bi-monthly newsletter (called "II Sysops") for operators of Apple II based bulletin board systems. The name Cynosure was selected for its uniqueness. The BBS has moved from the Apple II based ProLine software to a multi-line version of Wildcat, running on a 486 computer. The BBS has offered its users Internet email and Usenet news since it began using the ProLine software in 1991. Anyone with any questions concerning Cynosure Online should contact me at dig@cynosure.clark.net. Douglas Granzow, sysop of Cynosure Online (410-781-6271), Eldersburg, MD dig@cynosure.clark.net ------------------------------ Date: 31 Mar 94 07:39:22 CST From: sean@sdg.dra.com Subject: File 6--FBI Erroneously Detains 2 "Suspects" at CFP '94 ((MODERATORS' NOTE: The FBI detained two participants of the CFP '94 conference in March. The following is a summary by an attendee, Sean Harp. In the second incident, described below, the FBI was looking for an "Agent Steal," the handle of a suspected felon. They in fact did apprehend "Agent Steele," but the wrong one--Robert Steele, the target and a conference attendee, could draw from his CIA background to claim the sobriquet. He indicates that the FBI was looking for a youngish male with a wooden leg. When a naked middle-aged man answered the FBI's knock on the hotel door first claiming "room service," and then "FBI," it took, he said, about 60 seconds to clarify the error. Our account of the "Agent Steal" incident differs a bit from the account presented below, but the essentials--an FBI goof and obvious attendance and perhaps monitoring of the conference seem clear)). Within a 24 hour period at the Computers, Freedom and Privacy '94 conference the FBI "detained" (arrested) two people the FBI thought were fugitives. In both cases they turned out to be the wrong person, and released. First case. At the conference banquet on Thursday evening Jim Settle, a FBI agent, and a young person happened to be seated at the same table. The person's real name (on his conference badge) happened to be an alias that had been used by Kevin Mitnick in the past. The name seemed familar to Jim Settle, who ran an National Crime Information Center (NCIC) check, and came up with the arrest warrant for Kevin Mitnick. There was also, apparently, a poor quality picture and physical description that could be claimed matched the person at the conference. "Multiple" FBI agents confirmed that the description matched the person at the conference. The FBI obtained a subpena for the hotel records. At 6am, the FBI entered the hotel room where the person was staying with several friends (who informed the agents the person was not Kevin Mitnick) and took the person to the Chicago FBI field office. He was fingerprinted, and the prints were FAXed to Washington, D.C. for comparison. It turns out there isn't a qualified fingerprint analyst at the local Chicago FBI office. About 30 minutes later, the report comes back that the fingerprints don't match. The FBI apologized to the person, and returned him to the hotel. At lunch on Friday, the chair of CFP'94 mentions the mistaken identity "arrest." On Saturday, New York Times reporter Peter Lewis mentioned mistaken arrest in his story on the CFP'94 conference on the front page of the NYT business section. Jim Settle mentioned, since this person's physical description and real name matches an alias used by Kevin Mitnick, this could happen to that person again if he is ever stopped by the police (traffic ticket, whatever) and they run an NCIC check. He suggested that the person contact him at the FBI - National Computer Crime Section (Jim's phone is in the conference attendee list) and he'll tell the person how to quickly verify to the police he isn't Kevin Mitnick. Second case A 5 foot 6 inch tall brown/black long hair person was mistaken for a 6 foot 5 inch tall blond hair fugitive called "Agent Steal." Once again, "multiple" agents made the identification. I don't remember anyone mentioning when the FBI first suspected this person was Agent Steal. In this case the FBI didn't know what room the person was staying in, so the agents waited for over two hours on a couch by the elevators in the hotel. This person was stopped when he got off the elevator, told a story about looking like a suspect in the World Trade Center bombing, and asked to show the FBI agents his leg. As I heard the explanation, Agent Steal has a steel or artificial leg. Since this person didn't have an steel or artificial leg, he was released. The person who was stopped estimated he was detained about 15 minutes. ------------------------------ Date: Sat, 9 Apr 1994 21:18:54 CDT From: Alan Westrope Subject: File 7--Phil Zimmeran Requests Info on PGP Uses ((MODERATORS' NOTE: The following has circulated during the past few weeks over the Nets. We lost the original source(s) who sent it over, so thanks to all of ya who did. The author is Alan Westrope (see address below). Although he wasn't the one who posted this to us, we put his address in the "From:" line to facilitate responses)). To all PGP users: We've all heard arguments raised by the law enforcement and intelligence communities that PGP and other encryption technology can be used by criminals to hide their activities. This line of reasoning is being used to justify Government key escrow systems like Clipper, and to clamp down on encryption technology like PGP. It would be helpful to come up with real-world examples of how PGP has been used for good constructive purposes. Journalists sometimes ask me for examples of positive uses for PGP. But most of my fan mail from PGP users do not tell me what they are using it for. If you have any stories about how PGP is used for good purposes, I'd like to see them. Not just disaffected paranoid libertarians embracing it for the theoretical benefits for a free society. We need to be able to cite examples of real people using PGP for good ends. Human rights activists using it are a great example. But it doesn't have to be in the Nobel-Prize winning catagory of human endeavor (although that would be nice). It could just be any positive upbeat application that normal people can relate to in a positive way, so I can tell reporters about it. I'd like to hear (actually, see some email) from real people who are actually using PGP for good things. It could be for helping others, like protecting HIV patient records, or keeping psychological counseling records. Or conducting good wholesome business that must remain confidential. Or lawyers using it to maintain confidential records and communications with their clients. Or, it could be for your own personal life, but for wholesome upbeat uses, like sending love letters (you don't have to supply any actual love letters), or keeping your diary. For those that don't know what PGP is: Pretty Good Privacy (PGP) is a free software program that encrypts email using public key cryptography, allowing you to communicate securely with people you've never met, without the prior exchange of keys over secure channels. PGP has become the worldwide de facto standard for email encryption. It's available on many Internet FTP sites and BBS systems. Please send me some email (to prz@acm.org), with the subject line "Positive uses for PGP", so that I can quickly sort it out from the rest of my email. If it's a really good story, I may want to use it, so let me know if I can and if I can give reporters the information. You might not get a reply-- it depends on how much mail I get or how busy I am when you send it. There is no prize for the best story, but for what it's worth, I'll sign the public key of the person who submits the best story by Monday, April 11th. But keep sending stories after that date if you've got them. This notice can be copied and reposted on any newsgroup or mailing list that is likely to be familiar with PGP. Philip Zimmermann prz@acm.org =================================================================== As I recall, the in-person validators sometimes use PGP to authenticate their messages to Andrew, and there's a text file somewhere on Nyx containing instructions for this procedure. If I'm correct, could some kind soul tell me the name of this file so I can pass the info along to Phil? Alternatively, if someone familiar with the process wants to send email to Phil, go for it! (Please post a reply here if you do this, so he doesn't get duplicate messages about it. Some luser posted an April Fool's message about him being arrested, resulting in a torrent of phone calls and email, which he's probably still plowing through...) Thanks, Alan Westrope ------------------------------ End of Computer Underground Digest #6.31 ************************************