From 2600 magazine volume 7, number 1 SPRING

To Subscribe:

         2600, PO BOX 752, Middle Island, NY 11953-0752

         $18 individual, $45 corporate yearly subscription rates



FOR YOUR PROTECTION



   A year ago, we told the stories of Kevin Mitnick and Herbert Zinn, two

hackers who had been sent to prison.  It was then, and still is today, a

very disturbing chain of events: mischief makers and explorers imprisoned

for playing with the wrong toys and for asking too many questions.  We said

at the time that it was important for all hackers to stand up to such gross

injustices.  After all, they  couldn't lock us all up.

   It now appears that such an endeavor may indeed be on the agendas of some

very powerful U.S. governmental agencies.  And even more frightening is the

realization that these agencies don't particularly care who or what gets

swept up along with the hackers, as long as all of the hackers get swept up.

 Apparently, we're considered even more of a threat than we had previously

supposed.

   In retrospect, this doesn't come as a great of surprise.  In fact, it now

seems to make all too much sense.  You no longer have to be paranoid or of a

particular political mindset to point to the many parallels that we've all

been witnesses to.  Censorship, clampdowns, "voluntary" urine tests, lie

detectors, handwriting analysis, surveillance cameras, exaggerated crises

that invariably lead to curtailed freedoms.... All of this together with the

overall view that if you're innocent, you've got nothing to hide.  And all

made so much more effective through the magic of high tech.  Who would you

target as the biggest potential roadblock if not the people who understand

the technology at work?  It appears the biggest threats to the system are

those capable of manipulating it.

   What we're about to tell you is frightening, plain and simple.  You don't

have to be a hacker to understand this.  The words and ideas are easily

translatable to any time and any culture.



CRACKDOWN

   "We can now expect a crackdown...I just hope that I can pull through this

on and that I can pull though this one and that my friends can also.  THis

is the time to watch yourself.  No matter what you are into.... Aparently

the government has seen the last straw in their point of view.... I think

they are going after all the 'teachers'...and so that is where their

energies will be put: to stop all hackers, and stop people before they can

become threats."

   This was one of the reactions on a computer bulletin board to a series of

raids on hackers, raids that had started in 1989 and spread rapidly into

early 1990.  Atlanta, St. Louis, and New York were major target in what was

then an undertermined investigation.

   This in itself wouldn't have been especially alarming, since raids on

hackers can almost be defined as commonplace.  But this one was different.

For the very first time, a hacker newsletter had also been shut down.

   PHRACK was an electronic newsletter published out of St. Louis and

distributed worldwide.  It dealt iwht hacker and phone phreak matters and

could be found on nearly all hacker bulletin boards.  While dealing with

sensitive material, the editors were very careful not to publish anything

illegal (credit card numbers, passwords, Sprint codes, etc.)  We described

"Phrack World News" (a regular column of PHRACK) in our summer 1989 edition

as "a must-read for many hackers."  In many ways PHRACK resembled 2600, with

the exception of being sent via electronic mail instead of U.S. Mail.  That

distinction would prove to be PHRACK's undoing.

   It now turns out that all incoming and outgoing electronic mail used by

PHRACK was being monitored by the authorities.  Every piece of mail going in

and every piece of mail coming out.  These were not pirated mailboxes that

were being used by a couple of hackers.  These had been obtained legally

through the school the two PHRACK editors were attending.  Privacy on such

mailboxes, through not guaranteed, could always be assumed.  Never again.

   It's fairly obvious that none of this would have happened, none of this

COULD have happened had PHRACK been a non-electronic magazine.  A printed

magazine would not be intimidated into giving up its mailing list as PHRACK

was.  Had a printed magazine been shut down in this fashion after hacing all

of their mail opened and read, even the most thick-headed sensationalist

media types would have caught on: hey, isn't that a violation of the First

Amendment?

   Those media people who understood what was happening and saw the

implications were very quickly drowned out in the hysteria that followed.

Indictments were being handed out. Publisher/editor Craig Neidorf, known in

the hacker world as Knight Lightning, was hit with a seven count indictment

accusing him of participating in a scheme to steal information about the

enhanced 911 system and were interfering with emergency telephone calls to

the police.  One newspaper report said there were no indications that anyone

had died or been injured as a result of the intrusions.  What a relief.  Too

bad it wasn'y true.

   In actuality there have been very grievous injuries suffered as a result

of these intrusions.  The intrusions we're referring to are those of the

government and the media.  The injuries have been suffered by the defendants

who will have great difficulty resuming normal lives even if all of this is

forgotten tomorrow.

   And if it's not forgotten, Craig Neidorf could go to jail for more than

30 years and be fined $122,000.  And for what?  Let's look at the

indictment:

   "It was... part of the scheme that defendant Neidorf, utilizing a

computer at the Univerity of Missouri in Columbia, Missouri would and did

receive a copy of the stolen E911 text file from defendant [Robert J.] Riggs

[located in Atlanta and known in the hacker world as Prophet] through the

Lockport [illinois] computer bulletin board system through the use of an

interstate computer data network.

   "It was further part of the scheme that defendant Neidorf would and did

edit and retype the E911 Practice text file at the request of the defendant

Riggs in order to conceal the source of the E911 Practice text file and to

prepare it for publication in a computer hacker newsletter.

   "It was further part of the scheme that defendant Neidorf would and did

transfer the stolen E911 Practice text file through the use of an interstate

computer bulletin board system used by defendant Riggs in Lockport,

Illinois.

   "It was further part of the scheme that the defendants Riggs and Neidorf

would publish information to other computer hackers which could be used to

gain unauthorized access to emergency 911 computer systems in the United

States and thereby disrupt or halt 911 service in portions of the United

States."

   Basically, Neidorf is being charged with receiving a stolen document.

There is nothing anywhere in the indictment that even suggests he entered

any computer illegally.  So his crimes are receiving, editing and

transmitting.

   Now what is contained in this document?  Information about how to gain

unauthorized access to, disrupt, or halt 911 service?  Hardly.  The document

(erroneously referred to as "911 software" by the media which caused all

kinds of misunderstandings) is quoted in PHRACK Volume 2, Number 24 and

makes for one of the dullest articles ever to appear in the newsletter.

According to the indictment, the value of this 20k document is $79,449.

   Shortly after the indictments were handed down, a member of the Legion of

Doom known as Erik Bloodaxe issued a public statement.  "[A group of three

hackers] ended up pulling files off [a Southern Bell system] for them to

look at.  This is usually standard procedure: you get on a system, look

around for interesting text, buffer it, and maybe print it our for

posterity.  No member of LOD has ever (to my knowledge) broken into another

system and used any information gained from it for personal gain of any

kind...with the exception of maybe a big boost in his reputation around the

underground.  [A hacker] took the documentation to the system and wrote a

file about it.  There are acutally two files, one is an overview, the other

is a glossary.  The information is hardly something anyone could possibly

gain anything from except knowledge about how a certain aspect of the

telephone company works."

   He went on to say that Neidorf would have had no way of knowing whether

or not the file contained proprietory information.

   Prosecutors refused to say how hackers could benefit from the

information, nor would they cite a motive or reveal any actual damage.  In

addition, it's widely speculated that much of this information is readily

avialable as reference material.

   In all of the indictments, the Legion of Doom is defined as "a closely

knit group of computer hackers involved in:  a) disrupting

telecommunications by entering computerized telephone switches and changing

the routing on the circuits of the computerized switches;  b) stealing

proprietary computer source code and information from companies and

individuals that owned the code and information;  c) stealing and modifying

credit information on individuals maintained in credit bureau computers;

d) fraudulently obtaining money and property from companies by altering the

computerized information used by the companies;  e) disseminating

information with respect to their methods of attacking computers to other

ocmputer hackers in an effort to avoid the focus of law enforcement agencies

and telecommunication security experts."

   Ironically, since the Legion of Doom isn't a closely knit group, it's

unlikely that anyone will be able to defend the group's name against these

charges -- any defendants will naturally be preoccupied with their own

defenses.  (Incidently, Neirdorf was not a part of the Legion of Doom, nor

was PHRACK a publication of LOD, as has been reported.)



THE HUNT INTENSIFIES

   After learning of the PHRACK electronic mail surveillance, one of the

system operators of The Phoenix Project, a computer bulletin board in

Austin, Texas, decided to take action to protect the privacy of his users.

"I will be adding a secure encryption routine into the e-mail in the next 2

weeks - I haven't decided exactly how to implement it, but it'll let two

people exchange mail encrypted by a password only known to the two of

them....Anyway, I do not think I am due to be busted...I don't do anything

but run a board.  Still, there is that possibility.  I assume that my lines

are all tapped until proven otherwise.  There is some question to the wisdom

of leaving the board up at all, but I have personally phoned several

government investigators and invited them to join us here on the board.  If

I begin to feel that the board is putting me in any kind of danger, I'll

pull it downwith no notice - I hope everyone understands.  It looks like

it's sweeps-time again for the feds.  Let's hope all of us are still around

in 6 months to talk about it."

   The new security was never implemented.  The Pheonix Project was seized

within days.

   And the clampdown intensified still further.  On March 1, the offices of

Steve Jackson Games, a publishing company in Austin, were raided by the

Secret Service.  According to the Associated Press, the home of the managing

editor was also searched.  The police and Secret Service seized books,

manuals, computers, technical equipment, and other documents.  Agents also

seized the final draft of a science fiction game written by the company.

According to the AUSTIN AMERICAN-STATESMAN, the authorities were trying to

determine whether the game was being used as a handbook for computer crime.

   Callers to the Illuminati bulletin board (run by Steve Jackson Games),

received the following message:

   "Before the start of work on March 1, Steve Jackson Games was visited by

agents of the United States Secret Service.  They searched the building

thoroughly, tore open several boxes in the warehouse, broke a few locks, and

damaged a couple of filing cabinets (which we would gladly have let them

examine, had the let us into the building), answered the phone

discourteously at best, and confiscated some computer equipment, including

the computer that the BBS was running on at the time.

   "So far we have not received a clear explanation of what the Secret

Service was looking fo, what they expected to find, or much of anything

else.  We are fairly certain that Steve Jackson Games is not the target of

whatever investigation is being conducted; in any case, we have done nothing

illegal and have nothing whatsoever to hide.  However, the equipment that

was seized is apparently considered to be evidence in whatever they're

investigating, so we aren't likely to get it back any time soon.  It could

be a month, it could be never.

   "To minimize the possibility that this system will be confiscated as

well, we have set it up to display this bulletin, and that's all.  There is

no message base at present.  We apologize for the inconvenience, and we wish

we dared to do more than this."

   Apparently, one of the system operators of the The Pheonix Project was

also affiliated with Steve Jackson Games.  And that was all the authorities

needed.

   Raids continued throughout the country with reports of more than a dozen

bulletin boards being shut down.  In Atlanta, the papers reported that three

local LOD hackers faced 40 years in prison and a $2 million fine.

   Another statement from a Legion of Doom member (The Mentor, also a system

operator of The Pheonix Project) attempted to explain the situation:

   "LOD was formed to bring together the best minds from the computer

underground - not to do any damage or for personal profit, but to share

experiences and discuss computing.  The group has always maintained the

highest ethical standards....On many occasions, we have acted to prevent

abuse of systems....I have known the people involved in this 911 case for

many years, and there was absolutely no intent to interfere with or molest

the 911 system in any manner.  While we have occasionally entered a computer

that we weren't supposed to bein, it is grounds for expulsion from the group

and social ostracism to do any damage to a system or to attempt to commit

fraud for personal profit.

   "The biggest crime that has been committed is that of curiousity....We

have been instrumental in closing many security holes in the past, and had

hoped to continue to do so in hte future.  The list of computer security

people who count us as allies is long, but must remain anonymous.  If any of

them choose to identify themselves, we would appreciate the support."



AND THE PLOT THICKENS

   Meanwhile, in Lockport, Illinois, a strange talke was unfolding.  The

public UNIX system known as JOLNET that had been used to transmit the 911

files had also been seized.  What's particularly odd here is that, according

to the electronic newsletter TELECOM DIGEST, the system operator, Rich

Andrews, had been cooperating with federal authorities for over a year.

Andrews found the files on his system nearly two years ago, forwarded them

to AT&T, and was subsequently contacted by the authorities.  He cooperated

fully.  Why, then, was his system seized as well?  Andrews claimed it was

all part of the investigation, but added, "One way to get [hackers] is by

shutting down the sites they use to distribute stuff."

   The JOLNET raid caused outrage in the bulletin board world, particularly

among administrators and users of public UNIX systems.

   Cliff Figallo, system administrator for The Well, a public UNIX system in

California, voiced his concern.  "The assumption that federal agents can

seize a system owner's equipment as evidence in spite of the owner's lack of

proven involvement in the alleged illegal activities (and regardless of the

possibility that the system is part of the owner's livelihood) is scary to

me and should be to anyone responsible for running a system such as this."

   Here is a sampling of some of the comments seen around the country after

the JOLNET seizure:

   -> "As administrator for ZYGOT, should I start reading my users' mail to

make sure they aren't saying anything naughty?  Should I snoop through all

the files to make sure everyone is being good?  This whole affair is rather

chilling."



   -> "From what I have noted with respect to JOLNET, there was a serious

crime committed there -- by the the [federal authorities].  If they busted a

system with email on it, the Electronic Communication Privacy Act comes into

play.  Everyone who had email dated less than 180 days old on the system is

entitled to sue each of the people involved in the seizure for at least

$1,000 plus legal fees and court costs.  Unless, of course, the

[authorities] did it by the book, and got warrants to interfere with the

email of all who had accounts on the systems.  If they did, there are strict

limits on how long they have to inform the users."



   -> "Intimidation, threats, disruption of work and school, 'hit lists',

and serious legal charges are all part of the tactics being used in this

'witch-hunt.'  That ought to indicate that perhaps the use of pseudonyms

wasn't such a bad idea after all."



   -> "There are civil rights and civil liberties issues here that have yet

to be addressed.  And they probably won't even be raised so long as everyone

acts on the assumption that all hackers are criminals and vandals and need

to be squashed, at whatever cost...

   "I am disturbed, on principle, at the conduct of at least some of the

federal investigations now going on.  I know several people who've taken

their systems out of public access just because they can't risk the seizure

of their equipment (as evidence or for any other reason).  If you're a

Usenet site, you may receive megabytes of new data every day, but you have

no common carrier protection in the event that someone put illegal

information onto the net and thence into your system."



INCREASED RESTRICTIONS

   But despite the outpourings of concern for what had happened, many system

administrators band bulletin board operators felt compelled to tighten the

control of their systems and to make free speech a little more difficult,

for their own protection.

   Bill Kuykendall, system admininstrator for The Point, a public UNIX

system in Chicago, made the following announcement to the users of his

system:

   "Today, there is no law or precendent which affords me...the same legal

rights that other common carriers have against prosecution should some other

party (you) use my property (The Point) for illegal activities.  That

worries me....

   "I fully intend to explore the legal questions raised here.  In my

opinion, the rights to free assembly and free speech would be threatened if

the owners of public meeting places were charged with the  responcibility of

plicing all conversations held in the hallways and lavatories of their

facilities for references to illegal activities.

   "Under such laws, all privately owned meeting places would be forced out

of existence, and the right to meet and speak freely would vanish with them.

 The common sense of this reasoning has not yet been applied to electronic

meeting places by the legislature.  This issue must be forced, or electronic

bulletin boards will cease to exist.

   "In the meantime, I intend to continue to operate The Point with as

little risk to myself as possible.  Therefore, I am implementing a few new

policies:

   "No user will be allowed to post any message, public or private, until

his name and address has been adequately verified.  Most users in the

metropolitan Chicago area have already been validated through the telephone

number directory service provided by Illinois Bell.  Those of you who

received validation notices stating that your information had not been

checked due to a lack of time on my part will now have to wait until I get

time before being allowed to post.

   "Out of state addresses cannot be validated in the manner above....The

short term solution for users outside the Chicago area is to find a system

closer tohome than The Point.

   "Some of the planned enhancements to The Point are simply not going to

happen until the legal issues are resolved.  There will be no shell access

and no file upload/download facility for now.

   "My apologies to all who feel inconvenienced by these policies, but under

the circumstances, I think your complaints would be most effective if made

to your state and federal legislators.  Please do so!"

   These restrictions ere echoed on other large systems, while a number of

smaller hacker bulletin boards disappeared altogether.  We've been told by

some in the hacker world that this is only a phase, that the hacker boards

will be back and that users will once again be able to speak without having

their words and identities "registered."  But there's also a nagging

suspicion, the feeling that something is very different now.  A publication

has been shut down.  Hundreds, if not thousands, of names have been seized

from mailing lists and will, no doubt, be investigated.  THe facts in the

911 story have been twisted and misrepresented beyond recognition, thanks to

ignorance and sensationalism.  People and organizations that have had

contact with any of the suspects are open to to investigation themselves.

And, around the country, computer operators and users are becoming more

paranoid and less willing to allow free speech. In the face of all this, the

belief that democracy will triumph in the end seems hopelessly naive.  Yet,

it's something we dare not sope believing in.  Mere faith in the system,

however, is not enough.

   We hope that someday we'll be able to laugh at the absurdities of today.

But, for now, let's concentrate on the facts and make sure they stay in the

forefront.



   -> Were there break-ins involving the E911 system?  If so, the entire

story must be revealed.  How did the hackers get in?  What did they have

access to?  What could they have done?  WHat did they actually do?  Any

security holes that were revealed should already have been closed.  If there

are more, who do they still exist?  Could the original holes have been

closed earlier and, if so, why weren't they?  Any hacker who caused damage

to the system should be held accountable.  Period.  Almost every hacker

around seems to agree with this.  So what is the problem?  The glaring fact

that there doesn't appear to have been any actual damage.  Just the usual

assortment of gaping security hole that never seem to get fixed.  Shoddiness

in design is something that shouldn't be overlooked in a system as important

as E911.  Yet that aspect of the case is being side-stepped.  Putting the

blame on the hackers for finding the flaws is another way of saying the

flaws should remain undetected.



   -> Under no circumstances should the PHRACK newsletter or any of its

editors be held as criminals for printing material leaked to them.  Every

publication of any value has had documents given to them that were not

originally intended for public consumption.  That's how news stories are

made.  Shutting down PHRACK sends a very ominous message to publishers and

editors across the nation.



   -> Finally, the privacy of computer users must be respected by the

government.  It's ironic that hackers are portrayed as the ones who break

into systems, read private mail, and screw up innocent people.  Yet it's the

federal authorities who seem to have carte blanche in that department.  Just

what did the Secret Service do on these computer systems?  What did they

gain access to?  Whose mail did they read?  And what allowed them to do

this?



TAKE EXCEPTION

   It's very easy to throw up your hands and sya it's all too much.  But the

facts indicate to us that we've come face to face with a very critical

moment in history.  What comes out of this could be a trend-setting

precedent, not only for computer users, but for the free press and every

citizen of the United States.  Complacency at this stage will be most

detrimental.

   We also realize that one of the quickest ways of losing credibility is to

be shrill and conspiracy-minded.  We hope we're not coming across in this

way because we truly believe there is a significant threat here.  If PHRACK

is successfully shut down and its editors sent to prison for writing an

article, 2600 could easily be next.  And so could scores of other

publications whose existence ruffles some feathers.  We cannot allow this to

happen.

   In the past, we've called for people to spread the word on various

issues.  More times than not, the results have been felt.  Never has it been

more important than now.  To be silent at this stage is to accept a very

grim and dark future.

















X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X



 Another file downloaded from:                               NIRVANAnet(tm)



 & the Temple of the Screaming Electron   Jeff Hunter          510-935-5845

 Rat Head                                 Ratsnatcher          510-524-3649

 Burn This Flag                           Zardoz               408-363-9766

 realitycheck                             Poindexter Fortran   415-567-7043

 Lies Unlimited                           Mick Freen           415-583-4102



   Specializing in conversations, obscure information, high explosives,

       arcane knowledge, political extremism, diversive sexuality,

       insane speculation, and wild rumours. ALL-TEXT BBS SYSTEMS.



  Full access for first-time callers.  We don't want to know who you are,

   where you live, or what your phone number is. We are not Big Brother.



                          "Raw Data for Raw Nerves"



X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X