Computer underground Digest Wed June 18, 1997 Volume 9 : Issue 47 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #9.47 (Wed, June 18, 1997) File 1--HACKERS SMASH U.S. GOVERNMENT ENCRYPTION STANDARD File 2--Hacker may have stolen JonBenet computer documents File 3--Mitnick gets 22 months File 4--Judge denies Mitnick computer access File 5-- Hacker Vows 'Terror' for Child Pornographers File 6--Trial Opens IN On-line Kidnapping Case File 7--Call for Open Global Net File 8--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Wed, 18 Jun 1997 18:55:12 -0700 (PDT) From: sameer Subject: File 1--HACKERS SMASH U.S. GOVERNMENT ENCRYPTION STANDARD Source - fight-censorship@vorlon.mit.edu C2Net Software, Inc. 1212 Broadway Oakland, CA 94612 510-986-8770 For Immediate Release HACKERS SMASH U.S. GOVERNMENT ENCRYPTION STANDARD Oakland, California (June 18, 1997)-The 56-bit DES encryption standard, long claimed "adequate" by the U.S. Government, was shattered yesterday using an ordinary Pentium personal computer operated by Michael K. Sanders, an employee of iNetZ, a Salt Lake City, Utah-based online commerce provider. Sanders was part of a loosely organized group of computer users responding to the "RSA $10,000 DES Challenge." The code-breaking group distributed computer software over the Internet for harnessing idle moments of computers around the world to perform a 'brute force' attack on the encrypted data. "That DES can be broken so quickly should send a chill through the heart of anyone relying on it for secure communications," said Sameer Parekh, one of the group's participants and president of C2Net Software, an Internet encryption provider headquartered in Oakland, California (http://www.c2.net/). "Unfortunately, most people today using the Internet assume the browser software is performing secure communications when an image of a lock or a key appears on the screen. Obviously, that is not true when the encryption scheme is 56-bit DES," he said. INetZ vice president Jon Gay said "We hope that this will encourage people to demand the highest available encryption security, such as the 128-bit security provided by C2Net's Stronghold product, rather than the weak 56-bit ciphers used in many other platforms." Many browser programs have been crippled to use an even weaker, 40-bit cipher, because that is the maximum encryption level the U.S. government has approved for export. "People located within the US can obtain more secure browser software, but that usually involves submitting an affidavit of eligibility, which many people have not done," said Parekh. "Strong encryption is not allowed to be exported from the U.S., making it harder for people and businesses in international locations to communicate securely," he explained. According to computer security expert Ian Goldberg, "This effort emphasizes that security systems based on 56-bit DES or "export-quality" cryptography are out-of-date, and should be phased out. Certainly no new systems should be designed with such weak encryption.'' Goldberg is a member of the University of California at Berkeley's ISAAC group, which discovered a serious security flaw in the popular Netscape Navigator web browser software. The 56-bit DES cipher was broken in 5 months, significantly faster than the hundreds of years thought to be required when DES was adopted as a national standard in 1977. The weakness of DES can be traced to its "key length," the number of binary digits (or "bits") used in its encryption algorithm. "Export grade" 40-bit encryption schemes can be broken in less than an hour, presenting serious security risks for companies seeking to protect sensitive information, especially those whose competitors might receive code-breaking assistance from foreign governments. According to Parekh, today's common desktop computers are tremendously more powerful than any computer that existed when DES was created. "Using inexpensive (under $1000) computers, the group was able to crack DES in a very short time," he noted. "Anyone with the resources and motivation to employ modern "massively parallel" supercomputers for the task can break 56-bit DES ciphers even faster, and those types of advanced technologies will soon be present in common desktop systems, providing the keys to DES to virtually everyone in just a few more years." 56-bit DES uses a 56-bit key, but most security experts today consider a minimum key length of 128 bits to be necessary for secure encryption. Mathematically, breaking a 56-bit cipher requires just 65,000 times more work than breaking a 40-bit cipher. Breaking a 128-bit cipher requires 4.7 trillion billion times as much work as one using 56 bits, providing considerable protection against brute-force attacks and technical progress. C2Net is the leading worldwide provider of uncompromised Internet security software. C2Net's encryption products are developed entirely outside the United States, allowing the firm to offer full-strength cryptography solutions for international communications and commerce. "Our products offer the highest levels of security available today. We refuse to sell weak products that might provide a false sense of security and create easy targets for foreign governments, criminals, and bored college students," said Parekh. "We also oppose so-called "key escrow" plans that would put everyone's cryptography keys in a few centralized locations where they can be stolen and sold to the highest bidder," he added. C2Net's products include the Stronghold secure web server and SafePassage Web Proxy, an enhancement that adds full-strength encryption to any security-crippled "export grade" web browser software. # # # Pentium is a registered trademark of Intel Corporation. Netscape and Netscape Navigator are registered trademarks of Netscape Communications Corporation Stronghold and SafePassage are trademarks of C2Net Software, Inc. ------------------------------ Date: Fri, 13 Jun 1997 20:03:14 -0400 From: "Evian S. Sim" Subject: File 2--Hacker may have stolen JonBenet computer documents By JENNIFER MEARS, The Associated Press Copyright 1997 The Associated Press BOULDER, Colo. (June 13, 1997 07:38 a.m. EDT) -- A computer hacker has infiltrated the system set aside for authorities investigating the slaying of JonBenet Ramsey, the latest blow to a heavily criticized inquiry. Boulder police spokeswoman Leslie Aaholm said the computer was "hacked" sometime early Saturday. The incident was announced by police Thursday. "We don't believe anything has been lost, but we don't know what, if anything, has been copied," said Detective John Eller, who is leading the investigation into the slaying of the 6-year-old girl nearly six months ago. The computer is in a room at the district attorney's office that police share with the prosecutor's investigators. The room apparently had not been broken into. Computer experts with the Colorado Bureau of Investigations were examining equipment to determine what had been done. ................ ------------------------------ Date: Wed, 18 Jun 1997 17:42:07 -0400 From: "Evian S. Sim" Subject: File 3--Mitnick gets 22 months Computer Hacker Mitnick to Get 22-Month Term Courts: In addition to sentence for cellular phone fraud and probation violation, former fugitive faces a 25-count federal indictment on software theft. Los Angeles Times (LT) TUESDAY June 17, 1997 By: JULIE TAMAKI; TIMES STAFF WRITER Edition: Valley Edition Section: Metro Page: 4 Pt. B Story Type: Full Run Word Count: 398 A federal judge indicated Monday that she plans to sentence famed computer hacker Kevin Mitnick to 22 months in prison for cellular phone fraud and violating his probation from an earlier computer crime conviction. The sentencing Monday is only a small part of Mitnick's legal problems. Still pending against him is a 25-count federal indictment accusing him of stealing millions of dollars in software during an elaborate hacking spree while he was a fugitive. A trial date in that case has yet to be set. U.S. District Judge Mariana R. Pfaelzer on Monday held off on formally sentencing Mitnick for a week in order to give her time to draft conditions for Mitnick's probation after he serves the prison term. Pfaelzer said she plans to sentence Mitnick to eight months on the cellular phone fraud charge and 14 months for violating his probation from a 1988 computer-hacking conviction, Assistant U.S. Atty. Christopher Painter said. The sentences will run consecutively. Mitnick faces the sentence for violating terms of his probation when he broke into Pac Bell voice mail computers in 1992 and used stolen passwords of Pac Bell security employees to listen to voice mail, Painter said. At the time, Mitnick was employed by Teltec Communications, which was under investigation by Pac Bell. Copyright (c) 1997, Times Mirror Company ------------------------------ Date: Wed, 18 Jun 1997 21:17:06 -0400 From: "Evian S. Sim" Subject: File 4--Judge denies Mitnick computer access JUDGE DENIES HACKER ACCESS TO COMPUTER Daily News of Los Angeles (LA) Tuesday, June 17, 1997 By: Anne Burke Daily News Staff Writer Edition: Valley Section: News Page: N3 Word Count: 564 San Fernando Valley hacker Kevin Mitnick wants to log on while in the lock up, but a judge said Monday she doesn't think that's such a good idea. "I have real apprehension about any situation where Mr. Mitnick is near a computer," U.S. District Court Judge Mariana Pfaelzer told the 33-year-old and his attorney. After all, Mitnick was in court Monday for sentencing on digital crimes he committed while leading the FBI on a manhunt through cyberspace and the nation. While Pfaelzer refused Mitnick access to a computer, she said she is going to give him something else - 22 months behind bars for violating his supervised release from prison on an earlier computer hacking conviction and illegally possessing telephone access codes. Mitnick is expected to be sentenced formally Monday, after the judge considers the terms of his supervised release. In custody since February 1995, Mitnick now faces a 25-count indictment charging him with a 2-1/2-year hacking spree from June 1992 to February 1995. Speaking Monday through his attorney in court, Mitnick said he now needs access to a computer for strictly legitimate reasons - helping to prepare his defense for the upcoming trial. Randolph said Mitnick is not a thief, but rather an electronic eavesdropper. The difference is that Mitnick never tries to profit, the attorney said. At Monday's sentencing, Mitnick got 14 months for violating his supervised release by breaking into Pacific Bell's computers and associating with an old buddy named Lewis De Payne, his co-defendant in the coming federal trial. He received eight more months for the cellular telephone fraud in North Carolina. ------------------------------ Date: Sun, 15 Jun 1997 14:17:01 -0700 (PDT) From: Jim Thomas Subject: File 5-- Hacker Vows 'Terror' for Child Pornographers Hacker Vows 'Terror' for Child Pornographers by Steve Silberman Source - WIRED News http://www.wired.com/news/culture/story/4437.html Copyright 1993-97 Wired Ventures, Inc. and affiliated companies After 17 years in the hacker underground, Christian Valor - well known among old-school hackers and phone phreaks as "Se7en" - was convinced that most of what gets written in the papers about computers and hacking is sensationalistic jive. For years, Valor says, he sneered at reports of the incidence of child pornography on the Net as "exaggerated/over-hyped/fearmongered/bullshit." Now making his living as a lecturer on computer security, Se7en claims he combed the Net for child pornography for eight weeks last year without finding a single image. That changed a couple of weeks ago, he says, when a JPEG mailed by an anonymous prankster sent him on an odyssey through a different kind of underground: IRC chat rooms with names like #littlegirlsex, ftp directories crammed with filenames like 6yoanal.jpg and 8&dad.jpg, and newsgroups like alt.binaries.pictures.erotica.pre-teen. The anonymous file, he says, contained a "very graphic" image of a girl "no older than 4 years old." On 8 June, Se7en vowed on a hacker's mailing list to deliver a dose of "genuine hacker terror" to those who upload and distribute such images on the Net. The debate over his methods has stirred up tough questions among his peers about civil liberties, property rights, and the ethics of vigilante justice. A declaration of war What Se7en tapped into, he says, was a "very paranoid" network of traders of preteen erotica. In his declaration of "public war" - posted to a mailing list devoted to an annual hacker's convention called DefCon - Se7en explains that the protocol on most child-porn servers is to upload selections from your own stash, in exchange for credits for more images. What he saw on those servers made him physically sick, he says. "For someone who took a virtual tour of the kiddie-porn world for only one day," he writes, "I had the opportunity to fully max out an Iomega 100-MB Zip disc." Se7en's plan to "eradicate" child-porn traders from the Net is "advocating malicious, destructive hacking against these people." He has enlisted the expertise of two fellow hackers for the first wave of attacks, which are under way. Se7en feels confident that legal authorities will look the other way when the victims of hacks are child pornographers - and he claims that a Secret Service agent told him so explicitly. Referring to a command to wipe out a hard drive by remote access, Se7en boasted, "Who are they going to run to? The police? 'They hacked my kiddie-porn server and rm -rf'd my computer!' Right." Se7en claims to have already "taken down" a "major player" - an employee of Southwestern Bell who Se7en says was "posting ads all over the place." Se7en told Wired News that he covertly watched the man's activities for days, gathering evidence that he emailed to the president of Southwestern Bell. Pseudonymous remailers like hotmail.com and juno.com, Se7en insists, provide no security blanket for traders against hackers uncovering their true identities by cracking server logs. Se7en admits the process of gaining access to the logs is time consuming, however. Even with three hackers on the case, it "can take two or three days. We don't want to hit the wrong person." A couple of days after submitting message headers and logs to the president and network administrators of Southwestern Bell, Se7en says, he got a letter saying the employee was "no longer on the payroll." The hacker search for acceptance Se7en's declaration of war received support on the original mailing list. "I am all for freedom of speech/expression," wrote one poster, "but there are some things that are just wrong.... I feel a certain moral obligation to the human race to do my part in cleaning up the evil." Federal crackdowns targeting child pornographers are ineffective, many argued. In April, FBI director Louis Freeh testified to the Senate that the bureau operation dubbed "Innocent Images" had gathered the names of nearly 4,000 suspected child-porn traffickers into its database. Freeh admitted, however, that only 83 of those cases resulted in convictions. (The Washington Times reports that there have also been two suicides.) The director's plan? Ask for more federal money to fight the "dark side of the Internet" - US$10 million. Pitching in to assist the Feds just isn't the hacker way. As one poster to the DefCon list put it, "The government can't enforce laws on the Internet. We all know that. We can enforce laws on the Internet. We all know that too." The DefCon list was not a unanimous chorus of praise for Se7en's plan to give the pornographers a taste of hacker terror, however. The most vocal dissenter has been Declan McCullagh, Washington correspondent for the Netly News. McCullagh is an outspoken champion of constitutional rights, and a former hacker himself. He says he was disturbed by hackers on the list affirming the validity of laws against child porn that he condemns as blatantly unconstitutional. "Few people seem to realize that the long-standing federal child-porn law outlawed pictures of dancing girls wearing leotards," McCullagh wrote - alluding to the conviction of Stephen Knox, a graduate student sentenced to five years in prison for possession of three videotapes of young girls in bathing suits. The camera, the US attorney general pointed out, lingered on the girls' genitals, though they remained clothed. "The sexual implications of certain modes of dress, posture, or movement may readily put the genitals on exhibition in a lascivious manner, without revealing them in a nude display," the Feds argued - and won. It's decisions like Knox v. US, and a law criminalizing completely synthetic digital images "presented as" child porn, McCullagh says, that are making the definition of child pornography unacceptably broad: a "thought crime." The menace of child porn is being exploited by "censor-happy" legislators to "rein in this unruly cyberspace," McCullagh says. The rush to revile child porn on the DefCon list, McCullagh told Wired News, reminded him of the "loyalty oaths" of the McCarthy era. "These are hackers in need of social acceptance," he says. "They've been marginalized for so long, they want to be embraced for stamping out a social evil." McCullagh knows his position is a difficult one to put across to an audience of hackers. In arguing that hackers respect the property rights of pornographers, and ponder the constitutionality of the laws they're affirming, McCullagh says, "I'm trying to convince hackers to respect the rule of law, when hacking systems is the opposite of that." But McCullagh is not alone. As the debate over Se7en's declaration spread to the cypherpunks mailing list and alt.cypherpunks - frequented by an older crowd than the DefCon list - others expressed similar reservations over Se7en's plan. "Basically, we're talking about a Dirty Harry attitude," one network technician/cypherpunk told Wired News. Though he senses "real feeling" behind Se7en's battle cry, he feels that the best way to deal with pornographers is to "turn the police loose on them." Another participant in the discussion says that while he condemns child porn as "terrible, intrinsically a crime against innocence," he questions the effectiveness of Se7en's strategy. "Killing their computer isn't going to do anything," he says, cautioning that the vigilante approach could be taken up by others. "What happens if you have somebody who doesn't like abortion? At what point are you supposed to be enforcing your personal beliefs?" Raising the paranoia level Se7en's loathing for aficionados of newsgroups like alt.sex.pedophilia.swaps runs deeper than "belief." "I myself was abused when I was a kid," Se7en told Wired News. "Luckily, I wasn't a victim of child pornography, but I know what these kids are going through." With just a few hackers working independently to crack server logs, sniff IP addresses, and sound the alarm to network administrators, he says, "We can take out one or two people a week ... and get the paranoia level up," so that "casual traders" will be frightened away from IRC rooms like "#100%preteensexfuckpics." It's not JPEGs of clothed ballerinas that raise his ire, Se7en says. It's "the 4-year-olds being raped, the 6-year-old forced to have oral sex with cum running down themselves." Such images, Se7en admits, are very rare - even in online spaces dedicated to trading sexual imagery of children. "I know what I'm doing is wrong. I'm trampling on the rights of these guys," he says. "But somewhere in the chain, someone is putting these images on paper before they get uploaded. Your freedom ends when you start hurting other people." Copyright 1993-97 Wired Ventures, Inc. and affiliated companies ------------------------------ Date: Tue, 10 Jun 1997 22:15:08 -0500 From: jthomas@SUN.SOCI.NIU.EDU(Jim Thomas) Subject: File 6--Trial Opens IN On-line Kidnapping Case Date: Tuesday, June 10, 1997 Source: By Graeme Zielinski, Tribune Staff Writer. Copyright Chicago Tribune TRIAL OPENS IN ON-LINE KIDNAPPING CASE Opening statements are expected Tuesday in the federal trial of a Florida man accused of using the Internet to seduce and kidnap a troubled Chicago-area boy. Defense attorneys for Richard Romero are expected to argue that the boy, then 13, was merely running away from his Mt. Prospect home when he left with Romero in March 1996 on a bus bound for Florida. But U.S. attorneys charge that Romero planned to molest the boy before his plans were thwarted when the pair was intercepted at a bus stop in Louisville. ................. Prosecutors say Romero first made contact with the boy in the summer of 1995 in an America Online electronic "chat room," where typed dialogue is displayed. Prosecutors say that Romero, posing as a 15-year-old boy named "Kyle" from Iowa, exchanged messages about UFOs and space creatures with the Mt. Prospect boy. Months later, Romero took over the correspondence upon the advice of "Kyle," prosecutors allege. Romero is charged with persuading the boy, now 14, to come to his Florida home, where prosecutors say they discovered sexually explicit pictures of young boys and a wooden "altar box" that Romero, a Brazilian native, allegedly intended to use in sex acts. ................ ------------------------------ Date: Wed, 11 Jun 1997 07:14:54 From: Richard Thieme Subject: File 7--Call for Open Global Net STOP THE INTERNET COUP Assn. for Interactive Media demands an end to the hostile takeover of the Internet by the International Ad Hoc Committee Defend your Internet rights by opposing the gTLD-MoU, the Internet Society, and IANA Washington, D.C. (July 11, 1997) The stability of the Internet is being threatened by an attempted takeover by a group from Geneva known as the International Ad Hoc Committee (IAHC). Internet-based business and user have been taken unawares by a power grab orchestrated by a technical group with no legal authority. The Association for Interactive Media and the Open Internet Congress have called for everyone in the Internet community to oppose this move. Takeover plans are detailed in a recent memorandum by IAHC regarding issues related to assigning domain names to Internet users. IAHC was assigned to meet to discuss the possibility of making more domain names available. When they released their final report, called the Generic Top Level Domain Memorandum of Understanding (gTLD-MoU), it actually contained the structure for a world government for the Internet. The leaders of the IAHC, including the Internet Society and the Internet Assigned Numbers Authority, have installed themselves as leaders of this government. Businesses are being pushed to sign the gTLD-MoU in a global effort by IAHC. This document is disguised as an innocent standards agreement regarding domain names. It is actually a treaty that it actually assigns permanent control over the Internet to six tightly controlled, non-representative organizations. There are no provisions for elections, representation, or input from consumers, business, and governments. Make no mistake If you sign the gTLD-MoU, you will give up all of your rights to have any say on the structure and management of the internet forever. said Andy Sernovitz, president of the Association for Interactive Media. A group of selfappointed autocrats have declared themselves rulers of the Internet without regard to international law, the stability of the Internet, and the rights of you and your organization. The Open Internet Congress (OIC) was founded to fight for an open process that guarantees that all of the Internet's stakeholders have a fair and representative voice in its management and operations. OIC has called for an Internet Constitutional Convention to develop the representative process. An organizational meeting will be held July 9, 1997 in Washington, D.C., and is open to all. Founded in 1993, the Association for Interactive Media is the most diverse coalition of organizational users of the Internet, with over 300 members. AIM's mission is to support the efforts of leaders from for-profit and non-profit organizations seeking to serve the public through interactive media. With the ability to form partnerships and friendships among a wide variety of organizations, AIM bridges the gaps between groups working in dozens of different fields to ensure the successful future of new media. ### IMPORTANT FACTS Who is staging this coup, and how do they plan on pulling it off? The gTLD-MoU gives permanent control of the Internet to: Internet Society, Internet Assigned Numbers Authority, Internet Architecture Board, International Telecommunications Union, World Intellectual Property Organization, and International Trademark Association. They have already declared control. They have created an organization to take control, appointed themselves leaders of it, and have begun issuing technical orders to Internet server operators. They have publicly declared that they do not need the support of governments, consumers, and businesses because "the committee says it has direct control of the computers that run the Net's addressing system." (CNET, 5/2/97) What happens to the Internet if they succeed? The Internet is likely to break apart on October 15, 1997. That is the date that the coup leaders intend to re-route the Internet to be under their control against the advice of those who keep things running smoothly today. When they rip the essential root servers off the Internet backbone, the entire system may begin to fragment. Your email will be returned and your Web site visitors will be turned away. These organizations have refused to recognize the validity of the registries that ensure that traffic is successfully delivered to ".com", ".org", and ".net" addresses. Serious concern has arisen over the possibility of malicious viruses and "Trojan Horses" being hidden in the software that runs the Internet. What happens to me and my business if they succeed? You are likely to lose access to reliable Internet communications. Control of your trademarks on the Internet will be given up. You will be forced to submit to binding decisions made by a "challenge panel" in Geneva created and run by this group. If you lose, you will not be able to use your trademark in your domain name someone else will. You will never have a voice in the governance of the Internet. You will not be able to effectively defend yourself, your organization, and your rights against future moves by these aggressors. What should I do? Do not sign the gTLD-MOU! Sign up with the Open Internet Congress to secure your place in the decision-making process. Contact the OIC immediately to get involved. Help us gather support from governments, consumers, and businesses. Distribute this document to all of your email lists as soon as possible. _________________________ For More Information: Contact the Open Internet Congress: 202-408-0008 or oic@interactivehq.org Visit the web site: http://www.interactivehq.org/oic Subscribe to the news list: email the words "subscribe oic" in the body of a message to buddy@lists.interactivehq.org Richard Thieme ThiemeWorks ... professional speaking and business consulting: ThiemeWorks P. O. Box 17737 the impact of computer technology Milwaukee Wisconsin on people in organizations: 53217-0737 helping people stay flexible voice: 414.351.2321 and effective during times of accelerated change. ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File 8--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #9.04 ************************************