Computer underground Digest Sun Mar 29, 1998 Volume 10 : Issue 20 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.20 (Sun, Mar 29, 1998) File 1--Wanted ASAP: Expert witness for Mitnick trial File 2--Hotmail.com sues spammers (presss release) File 3--X-Stop lawsuit File 4--Ban on Internet Porn Leads to Suit File 5--Re: Brian Milburn (Cu Digest #10.17 Sun 8 Mar 98) File 6--[Cyberpatrol PR] Demo for OECD in Paris File 7--"The Air We Breathe" (Islands in the Clickstream 21 Mar '98) File 8--Cu Digest Header Info (unchanged since 7 March, 1998) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Sun, 22 Mar 1998 19:33:00 -0500 From: "Evian S. Sim" Subject: Subject: File 1--Wanted ASAP: Expert witness for Mitnick trial Computer Expert Witness Needed *Immediately*. A computer expert is needed immediately to testify as an expert witness in an ongoing criminal matter in Federal District Court in Los Angeles. Kevin Mitnick is seeking a highly credentialed expert in computer security, telecommunications, system and network administration to testify in this highly publicized computer "hacking" case. This will be a groundbreaking case and is expected to attract significant media coverage. Testimony will be required as early as March 30, 1998 in Los Angeles, California. Further testimony will be needed at trial, later this year. Expert witness fees will be paid by the federal court. Qualified candidates must have an advanced degree and be knowledgeable in DOS, Windows, SunOS, VAX/VMS, and Internet operations. Experience with cellular telephone networks is a plus. Previous expert testimony and/or publication are preferred. Qualified candidates please contact Mr. Mitnick though his appointed defense counsel, Donald C. Randolph, Esq. at (310) 395-7900. ------------------------------ Date: Sun, 22 Mar 1998 16:09:20 -0600 From: jthomas@SUN.SOCI.NIU.EDU(Jim Thomas) Subject: Subject: File 2--Hotmail.com sues spammers (presss release) Hotmail Takes the Offensive Against Spammers LEADING FREE WEB-BASED E-MAIL PROVIDER TAKES AGGRESSIVE LEGAL ACTION www.hotmail.com Sunnyvale, CA - January 26, 1998- Hotmail (www.hotmail.com), the world's largest Web-based e-mail service with 10 million active accounts, today announced that it has filed suit in federal court against eight organizations. The suit alleges that the offenders forged Hotmail's "hotmail.com" domain name into the return addresses of unsolicited commercial and offensive e-mail messages that wrongfully identified Hotmail as the originating service. Hotmail has a strict anti-spam policy that begins with the Hotmail Terms of Service. These terms - which prohibit members from various abuses of the service, including the transmission of spam and offensive material - are strictly enforced by Hotmail's customer service operation. Hotmail also is a leading participant in numerous anti-spam efforts, including the Center for Democracy & Technology's monthly ad-hoc meetings in Washington, DC, advising the FTC on the issue. Hotmail is also a top-ten contributor to the "spam-L" mailing list - an active and well respected anti-spam community. Hotmail has implemented a number of site-wide technical measures designed to make it extremely difficult to send spam from a Hotmail account. Where these efforts have practically eliminated Hotmail-originated spam, it is possible to create e-mail messages outside of the Hotmail system and insert an "@hotmail.com" e-mail address in the header, making it appear to have been sent by a Hotmail member. This practice is widespread and is a problem for many large ISPs and e-mail providers. Such forged return addresses (found in the header of the e-mail message) disguise the originator's identity and redirect the angry response to the unknowing service provider. "The transmission of spam is a practice widely condemned in the Internet community and is of significant concern to Hotmail," said Randy Delucchi, director of customer support for Hotmail. "We will continue to pursue those whom we believe deceitfully hide behind Hotmail's trusted brand and name, and hold them responsible under federal laws." In its complaint, Hotmail notes that deceptive practices of spammers damage its reputation and business. Hotmail alleges trademark infringement and dilution, unfair competition, violations of the federal Computer Fraud and Abuse Act, as well as fraud and libel. The suit seeks unspecified compensatory and punitive damages against each of the eight defendants, named below: Van$ Money Pie; ALS Enterprises, Inc.; LCGM, Inc.; Christopher Moss d/b/a Genesis Network; Claremont Holdings Ltd.; Consumer Connections (Charlotte, N. Carolina); Palmer & Associates (San Diego, Calif.); and Financial Research Group (El Cajon, Calif.). The action, filed in United States District Court for the Northern District of California, San Jose Division, also asks the court for a preliminary and permanent injunction against the spammers. About Hotmail Hotmail, a wholly owned subsidiary of Microsoft, is the world's leading provider of globally accessible free Web-based electronic mail. Hotmail's service was recently named on PC Computing's coveted "A List" as the best in Web Communications, was given CNET's highest ratings in all categories for free e-mail, and received critical acclaim from PC Magazine's John C. Dvorak. Because Hotmail's award-winning service is hosted entirely on the Internet, e-mail is now available at any Web terminal. Hotmail is a password-protected, feature-rich e-mail system that also offers advanced capabilities including: instant mail delivery, MIME and UUEncoded file attachments; personal address books; spell checking; filtering and embedded hyper-links. Because Hotmail is Web-based, users can send, view and navigate entire Web pages within a Hotmail message. In addition, your Hotmail address is permanent. Whether you change ISPs, jobs, or move out of the country, you can always access a Hotmail account from Web connected devices. Advertising banners similar to those seen on other Web sites support Hotmail. Hotmail is also a leading advocate of anti-spam measures in the e-mail industry. To sign up, simply set your Web browser to http://www.hotmail.com. ------------------------------ Date: Tue, 10 Feb 1998 10:02:15 -0600 (CST) From: John McAnally Subject: Subject: File 3--X-Stop lawsuit From Edupage: SUIT CHALLENGES USE OF FILTERING SOFTWARE IN PUBLIC LIBRARY The American Civil Liberties Union and a columnist for the San Francisco Examiner are among eight plaintiffs challenging the constitutionality of a decision by a library in Loudon County, Virginia, to use filtering software to block certain Internet sites from its publicly available computers. The X-Stop software, which is intended to screen out obscene material or sexually explicit language, is blocking sites that include some mainstream newspapers, a Methodist church, a university women's association, and a safe-sex page for teenagers. An ACLU attorney says: "We should hold libraries to the higher standards of the First Amendment. You simply can't block books that are constitutionally protected." The chair of the library's board says: "The library has the right to choose the material in its library. We could become the financers of pornography." (AP 8 Feb 98) ------------------------------ Date: Tue, 24 Mar 1998 13:40:03 +0100 From: Anonymous Subject: Subject: File 4--Ban on Internet Porn Leads to Suit Source - fight-censorship@vorlon.mit.edu > Los Angeles Times > Saturday, March 21, 1998 > > > Libraries' Ban on Internet Porn Sparks Lawsuit > > Courts: Libertarian Party says county system's rules violate 1st > Amendment. Patrons are required to sign a form promising not to view > sex sites. > > By SCOTT HADLY, Times Staff Writer > > Free speech advocates in Ventura County are knocking heads with > county officials over an attempt to keep Internet surfers away > from pornography at public libraries. > Ventura County's library system requires users of branch > computer terminals to sign a form promising they will not view > sexually explicit material. But such a requirement is > unconstitutional, says the Libertarian Party of Ventura County in > a lawsuit filed March 3. > The restrictions violate the 1st Amendment rights of library > patrons, said attorney William John Weilbacher. > "This isn't about the merits of pornography," said > Weilbacher, who filed the suit. "It's about the government having > no business saying what you can and cannot look at." > The suit is one of many that have sprouted up across the > nation that pit civil libertarians against public libraries that > attempt to keep smut off their public-access terminals. > Public libraries in Kern County in February ended a policy of > using software filters to block access to sexually explicit > Internet sites after threats of a lawsuit by the American Civil > Liberties Union. > A similar case is now pending in Orange County, and in > Virginia a library agency vowed to fight all the way to the > Supreme Court a challenge to its policy of blocking access to > pornography. > While many filters effectively block out pornography, they > also can block out sites that have information on such things as > AIDS and breast cancer, opponents argue. > Last year the American Library Assn. adopted a resolution > condemning the use of filter programs to block constitutionally > protected speech. > Weilbacher said even though the Ventura library system does > not have a computer filtering system, the rules that require > patrons to sign a form saying they will not access certain sites > is going too far. > "The general rule is that the government is not allowed to > regulate speech," he said. "It's perfectly fine to regulate > unlawful speech like child pornography, but they're crossing the > threshold by restricting adults from viewing what is legal." > Eleven members of the Libertarian Party of Ventura County are > listed as plaintiffs on the case, including Andrea Nagy, who > recently attempted to open the county's first club to dispense > medicinal marijuana. [...] ------------------------------ Date: Mon, 9 Mar 1998 12:45:56 +0000 From: Benjamin Kaiser Subject: Subject: File 5--Re: Brian Milburn (Cu Digest #10.17 Sun 8 Mar 98) Several people have expressed an interest in finding out what Cybersitter blocks. I recently did a paper on blocking software, and found the following file. The first part is a list of words or thoughts that Cybersitter deems inappropriate for children, and removes from all text transmitted or recieved while the program is active. It is followed by a list of domains that Cybersitter forbids access to. These include pornographic sites, sites that advocate alternative lifestyles, sites that criticise Cybersitter, or blocking software in general, and quite a few universities and ISP's that had a few pages, somewhere on their servers, that were deemed inappropriate. I have no idea how up to date this file is. I found it several months ago at http://atropos.c2.net/~sameer/cybersitter.txt Date: Wed, 25 Mar 1998 15:15:36 -0800 (PST) From: "Carl M. Kadie" Subject: Subject: File 6--[Cyberpatrol PR] Demo for OECD in Paris Source - fight-censorship@vorlon.mit.edu [A press release that may be of interest to FC. - Carl Disclaimer: I speak for myself, not EFF, not my employer, not the Learning Co. PARIS, March 25 The Learning Company, Inc. (NYSE: TLC), today demonstrated its Internet filtering software, "Cyber Patrol," at an international forum of policymakers examining Internet content and the role of regulation. The educational forum, attended by official delegates to the Organization for Economic Cooperation and Development (OECD), follows two years of investigation by the OECD's Committee for Information, Computer and Communication Policy into how countries are dealing with content in the new online medium. "We are honored to have been invited to represent the filtering industry at this forum," said Susan Getgood, director of corporate communications for The Learning Company. "We plan to demonstrate how Internet filtering technology provides users with the ability to effectively manage the content they access over the Internet better than any national law ever could." Governments around the globe have been grappling with whether or not to attempt to regulate content on the Internet, including material that is pornographic, violent or otherwise objectionable to some audiences. The forum today precedes a meeting on Thursday by OECD delegates, who are expected to discuss whether additional work is required to finish compiling an "inventory" of how member states are addressing Internet content. Some OECD member states have pushed for the creation of guidelines for countries to follow in drafting regulations on Internet content. The United States, after the failure last year of the Communications Decency Act, now supports a policy of self-regulation and empowerment of individual computer users designed to encourage the free flow of information. This allows the Internet to achieve its full potential as an economic and educational tool. "Our role is to demonstrate for delegates the best, state-of-the-art and most widely used filtering technology," Ms. Getgood said, adding that "Cyber Patrol" is available over the Internet to users in all the countries represented at the OECD. The OECD Forum: Internet Content Self-Regulation included 18 speakers on four panels from companies and organizations such as the Associazione Italiana Internet Providers, the Australian Information Industries Association, Telecom Service Association of Japan, Groupe Bull of France, Sympatico/Medialinx of Canada, AT&T and IBM of the United States. "Cyber Patrol" is the most international of the leading U.S. filtering software products. It is available in multiple languages and can be downloaded over the Internet from anywhere in the world. This spring, The Learning Company will introduce localized, retail versions of "Cyber Patrol" software in France, the Netherlands and the United Kingdom, with Spanish and German language retail versions to follow later in the year. A Japanese language version is already available through a distributor in Japan. In addition, "Cyber Patrol" is available in French and German to European subscribers accessing the Internet over CompuServe, and is offered by a growing number of telecommunications companies, such as British Telecom and New Zealand Telecom, that provide Internet access. Ms. Getgood noted that in addition to being the filtering software most widely-used by families and schools wishing to manage children's access to the Internet, a growing number of businesses throughout Europe are using network versions of "Cyber Patrol" to manage employee access to the Internet. "Cyber Patrol" allows parents to tailor access to the Internet to each individual child according to age and maturity. The software filters Internet content based on a proprietary list of sites compiled over more than two years by a team of teachers and parents who have researched more than five million sites on the World Wide Web. This list, called the CyberNOT list, contains more than 50,000 sites deemed inappropriate because of nudity, violence, hate speech, graphic and shocking images, and material that encourages the inappropriate use of drugs and alcohol. "Cyber Patrol" software also contains a list of kid-friendly sites that parents can use for younger children as a restricted "cyber playground." These educational and entertaining sites comprise the CyberYES list. Both lists are constantly updated. Parents can add or delete individual sites to customize the list to a family's own values and beliefs. Parents also can choose to filter using a system known as PICS. PICS systems in use today include rating systems that support self-labeling by Web site owners and independent, third-party labeling bureaus. "Cyber Patrol" does more than simply control access to the Web. Families can control the amount of time each week children spend surfing the Net and select which hours each day a child is allowed online. Parents can control participation in chat rooms, while a feature called ChatGard allows families to protect their children from inadvertently divulging personal information to strangers online. In the United States, "Cyber Patrol" is the parental control technology offered by America Online, CompuServe, Prodigy, AT&T, Ameritech, GTE and dozens of individual Internet Service Providers. In the U.S. Supreme Court's decision on the Communications Decency Act, "Cyber Patrol" was cited by the court as a way of protecting children that did not infringe on Americans' right of free speech. Since the court's decision, the software has grown in popularity and sophistication. The OECD, founded in 1960, includes Austria, Australia, Belgium, Canada, Denmark, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Japan, Luxembourg, the Netherlands, New Zealand, Norway, Portugal, Spain, Sweden, Switzerland, Turkey, the United Kingdom and the United States. The Learning Company, Inc. develops, publishes and markets a family of premium software brands that educate across every age, from young children to adults. The company's products are sold in more than 23,000 retail stores in North America and through multiple distribution channels including school sales, online, direct marketing and OEM. The company also develops, publishes and distributes products internationally through subsidiaries in France, Germany, the United Kingdom, Holland and Japan, and with distributors throughout Europe, Latin America and the Pacific Rim. The Paris headquarters of The Learning Company, TLC Edusoft, are located at 132, boulevard Camelinat, 92247 Malakoff, telephone 33 1 46 73 05 55; fax: 33 1 46 73 05 65. The company's corporate headquarters are located at One Athenaeum Street, Cambridge, Mass. 02142; telephone 617-494-1200; fax 617-494-1219. The corporate Web site is located at www.learningco.com, and Customer Service can be reached at 617-494-5700. NOTE: All trademarks and registered trademarks are properties of their respective holders. ------------------------------ Date: Mon, 23 Mar 1998 14:25:07 -0600 From: Richard Thieme Subject: Subject: File 7--"The Air We Breathe" (Islands in the Clickstream 21 Mar '98) Islands in the Clickstream: The Air We Breathe Nothing is harder to see than what we believe so deeply we don't know we believe it. That's why a frontal assault on our core beliefs is always doomed. Our minds think they themselves are under assault, rather than the beliefs they have adopted, and defenses go into gear to rationalize, minimize, or deny what they're hearing. Or else the anomalous data creates so much cognitive dissonance that our minds just plain shut down. The degree to which technologies of communication, surveillance and control have insinuated themselves into our everyday lives is striking. Here in Wisconsin, a bill just sailed through the legislature that expanded the state's authority to collect health care information. The bill allows the Office of Health Care Information to collect and publish financial and other data from doctors and health care providers in addition to data gathered from hospitals and ambulatory surgery centers. Remarkable to those concerned about "function creep" was the lack of concern on the part of the public. Everyone pretty much lined up on behalf of "efficiency and safety," the two horsemen of the apocalypse of privacy rights. The legislative committee was "stacked" on behalf of the measure and the public was informed after the fact, the bill having been called suddenly the night before the vote was scheduled. This is a holographic slice of a bigger picture. The technologies of linkage and the power of those who profit from using them are the true weapons of information warfare. That war is fought not with lasers and satellites patrolling the "high ground" of earth orbit, but in the trenches of our daily lives. Because the consequences of ubiquitous linkage are often invisible, the average person - with limited time and mental resources - is unaware that the hidden infrastructure of a global political economy is being built out of the mundane data of their lives. When I recently pressed a career officer in the intelligence community about practices that alarmed me, he maintained that those practices were illegal, hence nonexistent. After a few drinks, however, he acknowledged that many intelligence agents find it easier to ask forgiveness than permission and act accordingly. That all-too-human reality is why we will pay in the future for every time we refuse to speak or act in the present on behalf of the privacy that secures our freedoms. Without secure boundaries, there are no individuals =85 and no individual rights. The primacy of the collective, a by-product of the transforming power of information technology, is paradoxically entering mainstream thinking as a priority through the political action of those who believe they are supporting a conservative, business-friendly agenda. It's as if the entire world is joining NATO, justifying Cold War behaviors by invoking the Evil Enemy. But unlike the Cold War, when there was at least another camp, the "other side" now means people anywhere who oppose the converging self-interested policies of the military-industrial-information complex. And now for something completely different. Children's toys are often an early warning system in which the future first becomes visible. "Sound Bites" is the name of a new technology recently introduced at the annual Toy Fair in New York. A person inserts a lollipop in a Sound Bites holder, and when they bite into it, sound vibrations travel through their teeth to the inner ear where they are heard as normal sounds. This magical effect lets snackers hear music (guitars, drums, or sax), special effects, or voices. The notion of slipping advertisements, propaganda, or suggestions into our meals is so outrageous I expect it to be adopted without a murmur. One imagines voices coming into our heads from every artifact. Deserts in the company cafeteria, basketballs as we dribble down the court, even sex toys will all have something to say. Everything will be a means for communication =85 as indeed, everything already is, but today those messages are still mostly implicit, while these songs and jingles will be as explicit and close to our noses as bumper stickers. And now for something even more different. A hobby in which I have indulged myself for years is the investigation of UFO phenomena. It's an interesting puzzle, requiring cross-referencing texts in the public record with the confidences of mostly plain people, as well as intelligence agents, air force officers, and airline pilots. Like most amateur investigators, I find that ninety per cent plus of what I read or hear can be explained or discarded, but - again, like most - the remaining accounts are pretty compelling. Yet what interests me as much as the data is the widespread ridicule that greets even the most reasonable statements about the phenomena, e.g. it is worthy of investigation, if only as a psychological or sociological phenomena. One hesitates even to mention this interest because of that predictable response. Such ridicule apparently became official policy around 1953. Before that, for five years (1947-1952), UFO phenomena was taken seriously by governments in public and private. An early head of Project Blue Book stated that behind the Pentagon's closed doors, the argument was not about the reality of the phenomenon, but whether its origins were Russian or extraterrestrial. A widespread wave of sightings in 1952 became the point of departure for a policy of debunking. Air force fighter pilots and commercial airline pilots alike have told me how they and their colleagues learned quickly not to risk their careers or reputations by making a report or going public with details of an encounter. Indifference to the erosion of privacy rights =85 candy that sings to our brains =85 a policy of public ridicule that discredits innocent people. It is easier than ever to engage in sleight-of-hand, manufacture a consensus, and manipulate dissent. Yet the truth too is boosted by technology. Truth too sings to our brains, and the linkage technologies that magnify the fictions we seem to need to sleep easily in our beds will disseminate as well the truths that fuel our hunger for knowledge and our passion to be free. ********************************************************************** Islands in the Clickstream is a weekly column written by Richard Thieme exploring social and cultural dimensions of computer technology. Comments are welcome. Feel free to pass along columns for personal use, retaining this signature file. If interested in (1) publishing columns online or in print, (2) giving a free subscription as a gift, or (3) distributing Islands to employees or over a network, email for details. To subscribe to Islands in the Clickstream, send email to rthieme@thiemeworks.com with the words "subscribe islands" in the body of the message. To unsubscribe, email with "unsubscribe islands" in the body of the message. Richard Thieme is a professional speaker, consultant, and writer focused on the impact of computer technology on individuals and organizations. Islands in the Clickstream (c) Richard Thieme, 1998. All rights reserved. ThiemeWorks on the Web: http://www.thiemeworks.com ThiemeWorks P. O. Box 17737 Milwaukee WI 53217-0737 414.351.2321 ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: Subject: File 8--Cu Digest Header Info (unchanged since 7 March, 1998) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.20 ************************************