Computer underground Digest Sun Sep 21, 1997 Volume 9 : Issue 70 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #9.70 (Sun, Sep 21, 1997) File 1--Possible story--Clinton / pager interception File 2--Anti-Spam Bills in Congress File 3--Spammers Sued In Michigan (Chip Cryderman) File 4--Cyber Promotions tossed offline (fwd) File 5--ALERT: Call Congress on 9/22 to Stop Big Brother!! File 6--Fwd: Designing Effective Action Alerts for the Internet File 7--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Sat, 20 Sep 1997 23:11:21 -0500 From: cudigest@SUN.SOCI.NIU.EDU (Cu Digest) Subject: File 1--Possible story--Clinton / pager interception ((MODERATORS' NOTE: The following post, along with additional related material, arrived a bit garbled, and the original header and some of the content was deleted. Apologies to the original poster)). ------- 19 September 1997 Source: David Wagner _________________________________________________ To--jya@pipeline.com From--David Wagner Subject--Possible story--Clinton / pager interception Date--Fri, 19 Sep 1997 13:28:23 -0700 (PDT) Hello-- I have a possible news story tip, and I thought you might be interested. A hacker today announced the interception of Pres. Clinton's pager messages (along with pager messages destined for staff, Secret Service agents, and other members of his entourage) during his recent trip to Philadelphia. This is coming as an embarassment to the administration's policy on communications privacy and encryption. The lengthy transcript of pager messagers was published on the Internet today to demonstrate that the pager infrastructure is highly insecure. (Apparently the Pres.'s entourage relies a lot on pagers for communications. There are messages from Hilary and Chelsea; a Secret Service scare; late-breaking basketball scores for the Pres.; staffers exchanging romantic notes; and other amusements.) This comes at quite an embarassing time for the administration, given their policy on encryption. Strong encryption is the one technology that could have protected Pres. Clinton's private pager messages, but the administration has been fighting against strong encryption. Top FBI officials have been giving many classified briefings to House members, asking them to ban all strong encryption in the US. These proposals are expected to reach the House floor soon, attached to the (originally pro-encryption) SAFE bill. An anonymous White House staffer was quoted as saying that it would be "an expensive and complicated proposition" to put encryption into pagers and cellphones. This quote is interesting, because it's the White House's crypto policies that have made it so complicated and expensive to add strong encryption -- the cellphone and pager industries have wanted to add strong encryption for privacy and security, but the administration has forcefully dissuaded them from doing so. Anyhow, the press release is at http://www.inch.com/~esoteric/pam_suggestion/formal.html The transcript of the pager messages (complete with basketball scores for the Pres, messages to call wifey, two phone calls from Chelsea --who got put on hold, staff romances, a Secret Service scare, etc.) is at http://www.inch.com/~esoteric/pam_suggestion/output.html Feel free to get in touch by email (daw@cs.berkeley.edu) or by phone (510-643-9435) with me if you'd like more information, quotes, or the like. ------------------------------ Date: Tue, 2 Sep 1997 15:51:59 GMT From: "ACLU Cyber-Liberties Update Owner"@newmedium.com Subject: File 2--Anti-Spam Bills in Congress Source - ACLU Cyber-Liberties Update, Tuesday, September 2, 1997 Unsolicited e-mail advertisement, or "spam," has few fans on the net. Court battles have been waged between service providers, such as AOL and Compuserve, and spam advertisers, including Cyber Promotions, over whether the thousands of messages sent to user e-mails can be blocked. Congress and several state legislatures have also stepped into the debate and have introduced some bills fraught with First Amendment problems because they ban commercial speech altogether or are content specific. Traditionally, commercial speech restrictions on telemarketing calls and unsolicited fax advertisements have passed First Amendment challenges but direct mail and door-to-door solicitations enjoy much greater protection. Given the Supreme Court decision in ACLU v. Reno, on-line messages should receive the same First Amendment protection given traditional print media, which includes commercial mailings. Thus, while netizens may laud efforts to curb spam, it is unclear whether some of the unsolicited commercial e-mail bills can pass constitutional muster. Even more troubling are the state spam bills which create different rules for each state that advertisers will have to follow. Under some state bills, if a spam message is sent or made available to a resident in one state, it could confer jurisdiction over the sender and could subject them to liability if they are in violation of local law. A federal judge recently ruled that state control or regulation of Internet communications violates the Commerce Clause of the Constitution. In the decision in ALA v. Pataki, which involved a challenge by the ACLU to a New York Internet decency law, federal district Judge Loretta Preska declared that states are prohibited from regulating an interstate communication which merely passes through their borders. Judge Preska warned of the extreme danger that state regulation would pose to the Internet, rejecting the state's argument that the statute would even be effective in preventing so-called "indecency" from reaching minors. Hence, state spam bills will probably not withstand constitutional challenges.The decision in ALA v. Pataki is available at Below is a synopsis of the federal bills and the first state enacted law on spam from Nevada. The ACLU objected to an earlier, even broader version of the Nevada law before its enactment and is considering participating in a challenge to the law. The Nevada law, as enacted contains broad definitions of e-mail that may include advertisements on web sites and other on-line forums. Full text of the federal bills is available at Netizens Protection Act of 1997, Introduced May 22,1997 (H.R. 1748): Sponsored by Rep. Chris Smith (R-N.J.) would amend the Telephone Consumer Protection Act of 1991, ("TCPA") which regulates telemarketing and junk-faxes to include unsolicited e-mail advertisements. The bill would ban unsolicited e-mail and only permit the sending of commercial messages where there is a pre-existing relationship between the sender and recipient, or when the recipient has requested the information. The bill provides for hefty penalties for violations. Unsolicited Commercial Electronic Mail Choice Act of 1997, (S. 771): Sponsored by Sen. Frank Murkowski (R-AL) the bill would require senders to label content of a commercial e-mail message as an "advertisement" and to honor recipient "opt-out" requests within 48 hours, and put the burden of blocking spam on ISPs. Failure by ISPs to filter out messages would result in liability and steep penalties for providers, not spammers. Electronic Mailbox Protection Act of 1997, introduced June 11,1997 (S.875): Sponsored by Sen. Robert Torricelli (D-NJ) the bill would restrict the use of false e-mail addresses or domain names to avoid filtering by commercial advertisers. Spammers would also be required to honor recipient "opt-out" requests, and violators would be hit with civil penalties up to $5,000. Data Privacy Act of 1997, introduced July 31, 1997 (H.R. 2368): Sponsored by Rep. Tauzin the bill would create an industry working group to draft voluntary guidelines with incentives for advertisers who adopt them to: limit the collection and use, for commercial marketing purposes, of personally identifiable information obtained from individuals through any interactive computer service; require unsolicited e-mail advertisers to identify the sender, including a valid reply address; disclose when such information is gathered; provide a consumer opt-out provision; limit the display of social security numbers and prohibit the commercial marketing and use of medical information. Nevada Anti-Spam Law: Senate Bill 13 , enacted July 8, 1997 and goes into effect on July 1, 1998: Under the law, transmitting commercial advertisements in the form of e-mail may subject the sender to civil fines and provides that a recipient may enjoin the sender from such future conduct and may receive restitution. The law defines an advertisement as material that advertises for commercial purposes the availability or the quality of real property, goods or services; or is designed or intended to solicit a person to purchase real property, goods or services. The law also imposes liability upon Internet Service Providers since it applies to any party that causes to be transmitted commercial mail. The exception to the law permits sending commercial e-mail where: (a) The person has a preexisting business or personal relationship with the recipient; (b) The recipient has expressly consented to receive the item or (c) The advertisement is readily identifiable as promotional, or contains a statement providing that it is an advertisement, and clearly and conspicuously provides: (1) The legal name, complete street address and electronic mail address of the person transmitting the electronic mail; and (2) A notice that the recipient may decline to receive additional electronic mail that includes an advertisement from the person transmitting the electronic mail and the procedures for declining such electronic mail. The full text of the Nevada law is available at ------------------------------ Date: Fri, 5 Sep 1997 09:10:19 -0400 (EDT) From: editor@TELECOM-DIGEST.ORG Subject: File 3--Spammers Sued In Michigan (Chip Cryderman) Source - TELECOM Digest Volume 17 : Issue 233 (Editor: Patrick A. Townson) ((MODERATORS' NOTE: For those not familiar with Pat Townson's TELECOM DIGEST, it's an exceptional resource. From the header of TcD: "TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of public service systems and networks including Compuserve and America On Line. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. Subscriptions are available to qualified organizations and individual readers. Write and tell us how you qualify: * ptownson@massis.lcs.mit.edu * ======" )) ================== From--ccryderman@ccm.frontiercorp.com (Chip Cryderman) Date--Thu, 04 Sep 97 17:19:23 -0500 Pat, In today's {Detroit Free Press} there was an article about an ISP, RustNet, based in Livonia, MI. who has filed suit in US. District Court. US District Court Judge Paul Borman issued a restraining order against brothers, Benjamin & Randell Bawkon, owners of Bawkon Development Company, forbidding them from engaging in any spamming. Their computer records were sized by federal Marshals last Friday. RustNet President Steve Corso claims in his suit that the brothers sent out hundreds of thousands of e-mails in August falsely using RustNet's return address. According to the article, RustNet has been getting thousands of complaints and has even lost customers to these spams. I hope he takes them to the cleaners. I hope the case goes to court and RustNet gets their homes and cars and anything else they may have a value. Hell, maybe the brothers can start a tag team in prison. Chip Cryderman --- [TELECOM Digest Editor's Note: That's great! It really is good news in the fight against the insects and rodents who have infested the net over the past couple years. I hope if they have a victory in court it will serve as encouragement for other ISP's to use the same tactics. PAT] ------------------------------ Date: Sun, 21 Sep 1997 15:33:58 -0500 From: jthomas@VENUS.SOCI.NIU.EDU(Jim Thomas) Subject: File 4--Cyber Promotions tossed offline (fwd) Source - News Com at http://www.news.com/News/Item/0,4,14429,00.html?owv ............ Cyber Promotions tossed offline By Janet Kornblum September 19, 1997, 1:25 p.m. PT Cyber Promotions, antispammers' enemy No. 1 on the Net, has once again been dumped by its access provider. Backbone provider AGIS cut off Cyber Promotions Wednesday, and the company has been scrambling for another ISP since. It was unclear exactly why Cyber Promotions was cut off, but an employee who answered the phone at AGIS's main switchboard declined to comment beyond the following: "They were in violation of security, and that's as far as I can go with it." No one else at AGIS would comment, either, the employee added. ................. Wallace said today that Cyber Promotions found itself cut off from AGIS Wednesday and that it took two days to find other providers where the company could mount portions of its service. But some of its clients are still without service, he added. .................... "Ping-flood attacks observed originating from the West Coast into AGIS and directed to the Washington and Philadelphia routers severely degraded AGIS network performance to [an] unacceptable level...AGIS had no alternative but to shut off services to Cyber Promotions," reads a statement that Wallace put on his page. He alleged that the statement came from an AGIS engineer. .................... ------------------------------ Date: Thu, 18 Sep 1997 15:48:58 -0400 From: Jonah Seiger Subject: File 5--ALERT: Call Congress on 9/22 to Stop Big Brother!! Please forward where appropriate until September 28, 1997 This alert brought to you by The Voters Telecommunications Watch, The Center for Democracy & Technology, the Electronic Frontier Foundation, Wired Magazine, and Americans for Tax Reform STOP THE GOVERNMENT FROM BUILDING BIG BROTHER INTO THE INTERNET In 1948, George Orwell described a future world in which Big Brother peaked over the shoulder of every citizen -- watching every move and listening to every word. Now, in 1997, the FBI is pushing the United States Congress to pass legislation which would make George Orwell's frightening vision a reality. Next week the House Commerce Committee will meet to consider a proposal that would require all Americans to provide the government guaranteed access to their private online communications and business transactions. Taking a page out of Orwell's 1984, the FBI-spawned proposal would require that every part of the Internet -- from the software on your computer to the network provider that carries your messages around the net -- be jury-rigged to divulge your private conversations immediately on request by the FBI (see below). Unfortunately, this is not a work of fiction. The amendment, to be offered by Representatives Mike Oxley (R-OH) and Thomas Manton (D-NY), is a serious threat to your privacy and represents the first and final step in the construction of a National Surveillance Infrastructure. A vote is expected on September 25. The future of privacy and security in the information age is in the hands of the Commerce Committee, and they need to know that folks are watching and care about the outcome. On Monday September 22, please join thousands of Internet users all across the country as we call on Congress to stop big brother. With your help and support, we can ensure that George Orwell's 1984 does not become a reality. All the information you need is attached below. _____________________________________________________________ WHAT YOU CAN DO 1. ON MONDAY SEPTEMBER 22, pick up the phone and call as many of the four leading members of the Commerce committee as you can: Chairman Thomas Bliley (R-VA) (202) 225-2815 Ranking member John Dingell (D-MI) (202) 225-4071 Rep. Tauzin (R-LA) (202) 225-4031 Rep. Markey (D-MA) (202) 225-2836 2. Ask for the staffer that handles the encryption issue. 3. Say that you're calling to urge the Congressman to pass SAFE (HR695) without amendments. Specifically, say that you "OPPOSE THE OXLEY/MANTON BIG BROTHER AMENDMENT. Americans should not be required to give the government keys to the front door of their house, and they shouldn't be required to give the government the keys to unlock their private online communications." Other amendments may be proposed. Please urge the Congressman to pass SAFE "as is" and oppose any amendments. Feel free to use your own words though here are some points you might want to stress: - Oxley/Manton is a dramatic expansion of law enforcement power. It would give law enforcement "immediate" access to private online communications and business transactions without any notice or knowledge to the user. - Oxley/Manton is NOT A BALANCE BETWEEN PRIVACY INTERESTS AND LAW ENFORCEMENT CONCERNS, as some supporters have argued. It gives the FBI broad new power while stripping Americans of their Fourth Amendment right to be secure from unreasonable searches and seizures. - Oxley/Manton would give the Attorney General authority to dictate the design of Internet services and software to suit the needs of law enforcement. - Oxley/Manton would not stop crime. Strong encryption without "immediate access" features is available today at home and abroad. - Oxley/Manton would increase opportunities for cybercrime as criminal hackers attack vulnerabilities in the key recovery access system. 4. Let us know how it went! Go to one of the following web pages, depending on who you called, and tell us about the conversation. Rep. Bliley http://www.crypto.com/member/meet.cgi?membid=va07 Rep. Dingell http://www.crypto.com/member/meet.cgi?membid=mi16 Rep. Tauzin http://www.crypto.com/member/meet.cgi?membid=la03 Rep. Markey http://www.crypto.com/member/meet.cgi?membid=ma07 5. Forward this ALERT to your friends and colleagues. 6. Feel good about yourself! Know that you've stood up for privacy, and contacting Congress is more than most people take the time to do! ____________________________________________________________ BACKGROUND The House Commerce Committee is considering a bill known as the "Security and Freedom through Encryption Act" (HR 695, a.k.a. SAFE). SAFE would encourage the widespread availability of strong, easy-to-use encryption technologies in order to protect privacy and promote electronic commerce on the Internet. SAFE enjoys broad support from Internet users, civil liberties advocates, and over 250 members of Congress. Last week, the Commerce Committee delayed its vote on the SAFE bill in order to give the Committee more time to study the implications of the Oxley/Manton amendment, which would change SAFE to ban encryption which does not contain features that provide law enforcement with "immediate access" to the plain text of encrypted information, including private communications and business transactions (visit http://www.crypto.com/safe_bill/) The Oxley/Manton amendment would for the first time impose sweeping restrictions on the ability of American citizens to protect their privacy on US soil. Specifically, the amendment would: * PROHIBIT THE DOMESTIC MANUFACTURE AND SALE OF ENCRYPTION PRODUCTS OR SERVICES WHICH DO NOT PROVIDE INSTANT ACCESS FOR LAW ENFORCEMENT: The proposal would prohibit the manufacture, sale, import, or distribution within the United States of any encryption product unless it allows "immediate access" to the plain text of any user's messages or files without the user's knowledge. * GRANT BROAD NEW AUTHORITY FOR THE ATTORNEY GENERAL TO SET TECHNICAL STANDARDS FOR ENCRYPTION PRODUCTS: The proposal allows the Attorney General to set standards for what are and are not acceptable encryption products. The proposal's requirement of immediate access to plain text would seem to seriously limit the options available to encryption manufacturers seeking approval of their products. The amendment does not specify whether the immediate access "features" could be activated (or not) at the option of the purchaser or end user. Nonetheless, requiring that such a capability be installed in all domestic communications networks and encryption products is the equivalent of enabling a national surveillance infrastructure and asserts unprecedented control over the design of Internet software, hardware, and services. The amendment is analogous to the government requiring surveillance cameras in every new house built in the United States, which could be turned on remotely by the police if you were ever suspected of committing a crime. Worse yet, such "key escrow" or "key recovery" technologies pose significant risk to the security of the Internet -- providing new points of vulnerability for hackers, terrorists, and industrial spies to exploit. A recent study by 11 of the worlds leading cryptographers concluded that the large scale deployment of such technologies would be too complex and too insecure to meet the needs of an Information Age society (see http://www.crypto.com/key_study/) Despite widespread opposition from Internet users, civil liberties groups, privacy advocates, and the computer and communications industries, Oxley and Manton plan to push for this FBI spawned amendment at the Commerce Committee vote. If it is adopted, it would represent the first and final step in the development of a national surveillance infrastructure. ____________________________________________________________ ABOUT THIS ALERT This message was brought to you by the Center for Democracy and Technology (http://www.cdt.org), the Voters Telecommunications Watch (http://www.vtw.org/), the Electronic Frontier Foundation (http://www.eff.org/), Wired Magazine (http://www.wired.com/), and Americans for Tax Reform (http://www.atr.org/) who have joined together on this alert. ------------------------------ Date: Thu, 18 Sep 97 09:37:18 -0000 From: Gordon Meyer Subject: File 6--Fwd: Designing Effective Action Alerts for the Internet ---------------- Begin Forwarded Message ---------------- Date-- 09/18 2:34 AM From-- Phil Agre, pagre@weber.ucsd.edu Reply-To-- rre-maintainers@weber.ucsd.edu Designing Effective Action Alerts for the Internet Phil Agre Department of Communication University of California, San Diego La Jolla, California 92093-0503 USA pagre@ucsd.edu http://communication.ucsd.edu/pagre/ Version of 17 September 1997. Copyright 1997, all rights reserved. You are welcome to forward this article in electronic form to anyone for any non-commercial purpose. An action alert is a message that someone sends out to the net asking for a specific action to be taken on a current political issue. Well-designed action alerts are a powerful way to invite people to participate in the processes of a democracy. Having seen many action alerts in my twenty years on the Internet, I have tried to abstract some guidelines for people who wish to use them. Even if you do not plan to construct any action alerts yourself, I do not recommend that you forward anybody else's alerts unless they conform to at least the spirit of these guidelines. If I sometimes seem stern or didactic in my prescriptions, please forgive me. It's just that I've seen badly designed action alerts do an awful lot of damage. Although an Internet action alert should always be part of an issue campaign with a coherent strategy and clear goals, I won't discuss the larger strategic questions here. Instead, I will simply divide action alerts into two categories, single messages and structured campaigns. Single alerts are broadcast in the hope that they will propagate to the maximum possible number of sympathetic Internet users. Structured campaigns are typically conducted through mailing lists specially constructed for the purpose, and their intended audience may include either the whole Internet universe or a narrower group of already-mobilized partisans. Both types of action alerts are obviously modeled on things that have been happening on paper, through telephone trees, and lately via fax machines, for a long time. What computer networks do is make them a lot cheaper. A networked alert can travel far from its origin by being forwarded from friend to friend and list to list, without any additional cost being imposed on the original sender. This phenomenon of chain-forwarding is important, and it behooves the would-be author of an action alert, whether a single message or a whole campaign, to think through its consequences: (1) Establish authenticity. Bogus action alerts -- such as the notorious "modem tax" alert -- travel just as fast as real ones. Don't give alerts a bad name. Include clear information about the sponsoring organization and provide the reader with several ways of tracing back to you -- e-mail address, postal address, URL, phone number, etc. Including this contact information makes sense anyway -- you want people to join your movement, and this means establishing contact with you. One way to establish authenticity is by appending a digital signature, presumably using PGP. Few people will check the signature, though, and many people will remove the signature when they forward your message to others. So there's no substitute for clearly explaining who you are and giving people a way to reach you. (2) Put a date on it. Paper mail and faxes get thrown away quickly, but action alerts can travel through the Internet forever. Even if an alert seems to have faded away, it can sleep in someone's mailbox for months or years and then suddenly get a new life as the mailbox's owner forwards it to a new set of lists. Do not count on the message header to convey the date (or anything else); people who forward Internet messages frequently strip off the header. Even better, give your recommended action a clearly stated time-out date, e.g., "Take this action until February 17, 1998". If you think there will be follow-up actions, or if you want to convey that this is part of an ongoing campaign, say so. That way, people will contact you or look out for your next alert. (3) Include clear beginning and ending markers. You can't prevent people from modifying your alert as they pass it along. Fortunately, at least in my experience, this only happens accidentally, as extra commentary accumulates at the top and bottom of the message as it gets forwarded. So put a bold row of dashes or something similar at the top and bottom so extra stuff will look extra. That way it will be very clear what you and your credibility are standing behind. (4) Beware of second-hand alerts. Although it is uncommon for someone to modify the text of your alert, sometimes people will foolishly send out their own paraphrase of an alert, perhaps based on something they heard verbally. These second-hand alerts usually contain exaggerations and other factual inaccuracies, and as a result they can easily be used to discredit your alert. If you become aware of inaccurate variants of your alert, you should immediately notify relevant mailing lists of the existence of these second-hand alerts. Explain clearly what the facts are and aren't, implore the community not to propagate the misleading variants, and provide pointers to accurate information including a copy of your own alert. This action has two virtues: first, it may help to suppress the mistaken reports; and second, it positions you (accurately, I hope) as a responsible person who cares about the truth. (5) Think about whether you want the alert to propagate at all. If your alerts concern highly sensitive matters, for example the status of specifically named political prisoners, then you will probably want to know precisely who is getting your notices, and how, and in what context. If so, include a prominent notice forbidding the alert's recipients from forwarding it. (6) Make it self-contained. Don't presuppose that your readers will have any context beyond what they'll get on the news. Your alert will probably be read by people who have never heard of you or your cause. So define your terms, avoid references to previous messages on your mailing list, and provide lots of background, or at least some simple instructions for getting useful background materials. In fact, you might consider making the e-mailed alert relatively short and include the URL for a Web page that provides the full details. Your most important audience consists of people who are sympathetic to your cause and want to learn more about it before they can take action. Write your alert with that type of reader in mind, not the complete insider or the apathetic stranger. (7) Ask your reader to take a simple, clearly defined, rationally chosen action. For example, you might ask people to call their representatives and express a certain view on an issue. In this case, you should provide a way to find that representative's name and number, and explain how to conduct the conversation: what to say, how to answer certain likely questions, and so on. The purpose of such a script is not to impose your thinking but to help people to learn a skill that might otherwise be intimidating. Decide whether to ask for e-mail messages (which can be huge in number but near-zero in effect), written letters (which will be fewer but more effective), or phone calls (which fall in between). Consider other options as well: perhaps the sole purpose of your alert is to solicit contacts from a small number of committed activists, or to gather information, or to start a mailing list to organize further actions. (8) Make it easy to understand. It is absolutely crucial to begin with a good, clear headline that summarizes the issue and the recommended action. Use plain language, not jargon. Check your spelling. Use short sentences and simple grammar. Choose words that will be understood worldwide, not just in your own country or culture. Solicit comments on a draft before sending it out. (9) Get your facts straight! Your message will circle the earth, so double-check. Errors can be disastrous. Even a small mistake can make it easy for your opponents to dismiss your alerts -- and Internet alerts in general -- as "rumors". Once you do discover a mistake, it will be impossible to issue a correction -- the correction will probably not get forwarded everyplace that the original message did. (10) Start a movement, not a panic. Include a phrase like "post where appropriate" toward the beginning so that people aren't encouraged to send your alert to mailing lists where it doesn't belong. Do not say "forward this to everyone you know". Do not overstate. Do not plead. Do not say "Please Act NOW!!!". Do not rant about the urgency of telling everyone in the world about your issue. You're not trying to address "everyone"; you're trying to address a targeted group of people who care about the issue. And if the issue really is time-critical then just explain why, in sober language. Do not get obsessed with the immediate situation at hand. Your message may help avoid some short-term calamity, but it should also contribute to a much longer-term process of building a social movement. Maintaining a sense of that larger context will help you and your readers from becoming dispirited in the event that you lose the immediate battle. (11) Tell the whole story. Most people have never heard of your issue, and they need facts to evaluate it. Facts, facts, facts. For example, if you think that someone has been unjustly convicted of a crime, don't just give one or two facts to support that view; most people will simply assume they are getting half the truth. If your opponents have circulated their own arguments, you'll need to rebut them, and if they have framed the facts in a misleading way then you'll need to explain why. On the other hand, you need to write concisely. Even if you're focused on the actions, good explanations count more. After all, one of the benefits of your action alert -- maybe the principal one -- is that it informs people about the issue. Even if they don't act today, your readers will be more aware of the issue in the future, provided that you don't insult their intelligence today. (12) Don't just preach to the converted. When you are very caught up in your cause, it is easy to send out a message in the language you use when discussing the issue with your fellow campaigners. Often this language is a shorthand that doesn't really explain anything to an outsider. If you really care about your issue, you'll take the time to find language that is suitable for a much broader audience. This can take practice. (13) Avoid polemics. Your readers should not have to feel they are being hectored to go along with something from the pure righteousness of it. Some people seem to associate non-polemical language with deference, as if they were being made to bow at the feet of the king. This is not so. You will not succeed unless you assume that your readers are reasonable people who are willing to act if they are provided with good reasons. (14) Make it easy to read. Use a simple, clear layout with lots of white space. Break up long paragraphs and use bullets and section headings to avoid visual monotony. If your organization plans to send out action alerts regularly, use a distinctive design so that everyone can recognize your "brand name" instantly. Use only plain ASCII characters, which are the common denominator among Internet character sets. Just to make sure, do not use a MIME-compliant mail program to send the message; use a minimal program such as Berkeley mail. MIME is great, but not everybody uses it and you don't want your recipients getting distracted from your message by weird control codes. Format the message in 72 columns or even fewer; otherwise it is likely to get wrapped around or otherwise mutilated as people forward it around the net. (15) DO NOT use a chain-letter petition. A chain-letter petition is an action alert that includes a list of names at the end, inviting people to add their own name, send in the petition if their name is the 30th or 60th or etc, and in any case forward the resulting alert-plus-signature-list to everyone they know. This idea sounds great on the surface, but it really doesn't work. The problem is that most of the signatures will never reach their destination, since the chain will fizzle out before reaching the next multiple of 30 (or whatever) in length. What's even worse, a small proportion of the signatures will be received in the legislator's office many times, thus annoying the staff and persuading them that they're dealing with an incompetent movement that can never hold them accountable. (16) Urge people to inform you of their actions. If you are calling on people to telephone a legislator's office, for example, you should provide an e-mail address and invite them to send you a brief message. Explain that you'll use these messages to count the number of callers your alert has generated, and that this information will be invaluable when you speak with the legislator's staffers later on. (17) Don't overdo it. Action alerts might become as unwelcome as direct-mail advertising. Postpone that day by picking your fights and including some useful, thought-provoking information in your alert message. If you're running a sustained campaign, set up your own list. Then send out a single message that calls for some action and include an advertisement for your new list. If you must send out multiple alerts on the same issue, make sure each one is easily distinguishable from the others and provides fresh, useful information. (18) Do a post-mortem. When the campaign is over, try to derive some lessons for others to use. Even if you're burned out, take a minute right away while the experience is still fresh in mind. What problems did you have? What mistakes did you make? What unexpected connections did you make? Who did you reach and why? Which mailing lists was your alert forwarded to, and which of these forwardings actually caused people to take action? Good guesses are useful too. (19) Don't mistake e-mail for organizing. An action alert is not an organization. If you want to build a lasting political movement, at some point you'll have to gather people together. The Internet is a useful tool for organizing, but it's just one tool and one medium among many that you will need, and you should evaluate it largely in terms of its contribution to larger organizing goals. Do the people you reach through Internet alerts move up into more active positions in your movement? Do you draw them into conferences, talk to them by phone, meet them in person, become accountable to them to provide specific information and answer questions? If not, why do you keep reaching out to them? (20) Encourage good practices. The Internet is a democratic medium that provides us all with the time and space to do the right thing. So let's use the Internet in a positive way and encourage others to do the same. You can help by passing these guidelines along to others who might benefit from them (including people who have sent out badly designed alerts), and refrain from propagating alerts that do not conform to them. Remember, forwarding a badly designed action alert actually harms the cause that it is supposed to support. Modeling thoughtf ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File 7--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #9.70 ************************************