**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.18 (June 25, 1990) ** **************************************************************************** MODERATORS: Jim Thomas (Sole moderator: Gordon Meyer on vacation) REPLY TO: TK0JUT2@NIU.bitnet COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. -------------------------------------------------------------------- DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. -------------------------------------------------------------------- protections. -------------------------------------------------------------------- File 1: Moderators' Comments File 2: From the Mailbag (3 items) File 3: Title 18 USC %Section% 1343 and comments (Mike Godwin) File 4: Have Federal Prosecutors gone too far? (Jim Thomas) File 5: FBI response to Rep. Don Edwards query of BBS Spying -------------------------------------------------------------------- *************************************************************** *** Computer Underground Digest Issue #1.18 / File 1 of 5 *** *************************************************************** MISC. ITEMS: --CUD and USENET: Chip Rosenthal is investigating the possiblity of setting up a group gateway into USENET for a newsgroup called alt.cud to stimulate debate and dialogue of issues. If all goes as planned, it will happen very soon. We will keep people posted. --SUBSCRIPTIONS: If you have requested to be added to the mailing list but have not received anything from us, keep trying and include several alternative addresses. Sometimes neither "reply" nor the addresses listed work. CuD is available hardcopy, and we will provide back issues to libraries or other archival sources at no cost. MAIL--We receive considerable mail, but we cannot print it all. We strongly encourage comments to be related to the general issues reflected here, and we will not print flames, insults, or general opinions unless there is some additional (and strong) redeeming value. We *STRONGLY* encourage law enforcement and others to submit comments or articles as a way of stimulating dialogue and understanding. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** CuD, Issue #1.18 / File 2 of 5 / Mailbag (3 items) *** *************************************************************** Date: Fri, 22 Jun 90 9:31:10 EDT From: Wes Morgan To: TK0JUT2%NIU.BITNET@UICVM.UIC.EDU Subject: Re: C-u-D, #1.17 Stephen Tihor writes: > >I am interested in ideas with low $ and personnel costs and which will avoid >triggering more vandalism or even unguided explorations. How about *guided* exploration? I would assume that a university with NYU's level of resources has PCs capable of running UNIX. Why not run a series of "Intro to UNIX" and "Intro to C" courses using UNIX PCs? Encourage exploration; after all, there's not much damage to be done with an isolated PC......and the accounts can stick around for months. >=========================================================================== mis@seiden.com(Mark Seiden) writes, in his commentary on the LoD case: >presumably there a precise legal definition of "traffic"? BKEHOE@widener also expressed concern about this issue later in this Digest. This comment applies to both articles. The use of "traffic" in this case has serious implications on ALL computer networks. Consider BITNET; if a user at TECMTYVM sends stolen information to UKCC, are the 12 intermediary site on the path implied accessories? I don't even want to *think* about the uucp network, where it can require passage through 15 or 20 sites to reach some nodes. Consider the frightening ease with which both BITNET and UNIX mail can be forged. Consider the CP TRANSFER command; a little reading should make its potential clear. The potential for monitoring network traffic is also large. The simple command "sm cmd ohstvma q psuvm q" will allow me to see the destination of every file travelling that link, one of BITNET's busiest. A number of products (LANalyzer, Sniffer) allow their users the ability to track, capture, and decode packets travelling on almost *any* network. It's a simple matter to track usage of any network; how soon before we see official "Sniffer Stations", driven by AI routines, watching and ana- lyzing our network usage constantly? >Are you still able/willing to make the entire archives available to, say, >counsel needing access for trial preparation? how about to someone who >will be testifying before Congress (who are holding hearings in mid-July on >this subject)? A related question: If a public document (i.e., PHRACK) is used as evidence in a closed trial, does that restrict distribution on ALL copies of that PUBLIC document? This seems somewhat akin to intro-ducing the Louisville Courier-Journal as evidence, expecting all the libraries to hastily pull the appropriate issues from the shelves. Are there any attorneys on this list who would offer an opinion in this matter? BKEHOE@widener writes, in his comments on the Neidorf indictment: > >2) Counts 3 and 4 were about as vague as anything I've read. From my >interpretation, the counts are charging them with conspiring to perform the >E911 "theft" via email. Does that then mean that if I were to write to >someone with a scheme to break into a system somewhere, that I could be >held accountable for my plans? Is the discussion of performing an illegal >act of and in itself illegal? Sure, if that break-in actually happens. You'd be liable under that wonderful "conspiracy" clause. If the fellow with whom you discussed the scheme subsequently discussed it with another individual, who actually committed the crime, you could certainly be tracked down and charged as a co-conspirator . This is the sort of thing that makes me wary when users ask for explanations of telnet/cu/ftp/et cetera.... I just point them at the manuals, so they can't attribute *ANYTHING* to me. >4) Finally, I must wonder how many more charges may be pulled up between >now and the time of the trial, if that gem about transmitting Phrack 22 was >so suddenly included. Will every Phrack be dug through for any "possibly" >illegal information? Certainly! You know that those lists of bbs numbers imply that Neidorf connected to EACH AND EVERY ONE of them, dispensing his ILLEGAL information! >If I were to write up a file based on the >information in Dave Curry's Unix Security paper, using language that >"incites devious activity" (a.k.a. encourages people to go searching for >holes in every available Unix system they can find), can I be held >accountable for providing that information? Well, how about this situation? I'm the de facto "security guru" for my site. Should I attempt break-ins of machines under my domain? Am I vio- lating the law? Am I liable, even though I have no malicious intent? Needless to say, I have stopped all such activity until these points are ironed out. >Well, that's enough for now...I'm interested in hearing other peoples' >opinions on all of this. I'm sure I'm not the only one out here who gets >mildly PO'd each time I hear about a new result of Operation Sun Devil (and >the associated fever). Well, I wonder if anyone's planning a "Introduction to Modern Computing" course for the judiciary. I still don't understand how people such as Neidorf, Riggs, and Rose can be tried by a "jury of their peers". I'd like to see the records of the _voir dire_ (jury selection) process. How many of the prospective jurors do you think will be able to truly under- stand the concepts involved? Would you care to explain password security to a 2nd grade teacher or bus driver? I mean no slight to these people, but their presence on a jury in a computer case is like asking me to serve on a jury for a case involving particle physics! For that matter, will the defense attorney have a chance to object to the definitions given various terms by the prosecutors in open court? Hardly. Wes Morgan -- The opinions expressed above are not those of UKECC unless so noted. Wes Morgan % %rutgers,rayssd,uunet%!ukma!ukecc!morgan +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Date: Fri, 22 Jun 90 16:22:22 EDT From: josephl@wb3ffv.ampr.org To: tk0jut2 ->->->->->->->->-> A NETWORKER'S JOURNAL ->->->->->->->->->->-> Vol. 5 June 22, 1990 No. 42 ALAN BECHTOLD PLANS MODEM USERS ASSOCIATION Alan Bechtold, president of BBS Press Service, has launched a new non-profit organization called the Modem User's Association of America that he says will be active in cases in which phone companies propose rates that affect telecomputerists. MUAA intends to be a clearing house for information of interest to users and operators of computer bulletin board systems. It also hopes to link local and regional modem user groups into a nationwide network and set up a lobbying effort in Washington to push for legislation favorable to modem users. Bechtold says that so far the greater interest has come from people in states currently affected by changes in phone company rates, including Indiana and Texas. The group's legal and lobbying support for the first year is being offered by a Washington, D.C., group, Bechtold said. For more information about the group, you may call 913/478-9239. -------------------------------------------------------------------- UNCLE SAM OFFERS SECURITY GUIDES Computer security guides, mandated by the Computer Security Act of 1987, are being distributed by the National Institute of Standards and Technology. They address viruses, data integrity and general system security. The guides are available from the Government Printing Office or directly from the NIST Computer Security Board. To check it out, make a modem call to 301/948-5717. Three of the guides cover security questions posed by executives, managers and users, while the fourth is intended to assist federal agencies in developing security training programs. U.S. SUPREME COURT PREPARES TO BEGIN ELECTRONIC TRANSCRIPTIONS Starting next month, the U.S. Supreme Court's decisions and supporting options will be electronically transmitted to computer networks operated by 12 court-approved organizations as part of its new "Project Hermes," a 2-year experiment. Writing in CompuServe's Online Today electronic publication this week, James Moran notes that of the organizations directly receiving the Court transmissions, one is a non-commercial, non-profit, consortium made up of Case Western Reserve University, EDUCOM, and the National Public Telecomputing Network. EDUCOM later will transmit the opinions to Internet and BITNET for general distribution, as well as to NPTN which will distribute copies to affiliated community computer systems. Says Moran, "When the Supreme Court is ready to release an opinion, a computer at the Supreme Court Building in Washington will simultaneously open 12 telephone lines and transmit copies to the 12 primary information distributors. Subsequently, the distributors will make the Court's decisions available to other interested parties." For more information, send your name, organization or firm, address, city, state, and zip, to Project Hermes, CWRU Community Telecomputing Lab, 319 Wickenden Building, Cleveland, OH 44106. * * * A NETWORKER'S JOURNAL is a weekly feature by Charles Bowen%ment -------------------------------------------------------------------- To: tk0jut2 Subject: Re: Update: Alcor Life Extension Email Litigation Date: Sat, 23-Jun-90 12:08:07 PDT Update on the progress in the Alcor/email case as of June, 1990: by H. Keith Henson A suit under section 2707 of U.S.C. title 18 (the Electronic Communications Privacy Act) against a number of individuals in the Riverside, California Coroner's office, the District Attorney's office, and the Riverside police department was filed Jan. 11, 1990, one day short of the statutory limit. There were fifteen plaintiffs out of roughly fifty people who had email on the Alcor system. For those of you who are not familiar with the case, the coroner removed a number of computers from Alcor in connection with an investigation into the cryonic suspension of Dora Kent in December, 1987. The defendants moved in March for a dismissal of the case, arguing that 1) the warrant for the computer was enough to take any email found within it, and 2) that even if the defendants had made "technical" errors in confiscating the email, they should be protected because they acted in "good faith." Our lawyer opposed the motion, arguing that the warrant originally used was itself defective, even for taking the computers. This is something Alcor had never done, because (I think) people can only object to a warrant after charges have been filed, and for all the accusations the coroner and DA made in the press (which included murder, drugs, theft, and building code violations), no charges have been filed in this case in the last two and a half years. The federal judge assigned to the case denied the motion after hearing oral arguments in May. Based on the comments of the judge from the bench, it seems that he agrees that the plaintiffs have a case, namely that taking email requires a warrant for the email, or the persons doing so will face at least civil liability. So far the legal bill stands at over $10,000. Suggestions as to organizations or individuals who might be interested in helping foot the bills would be welcome. (Donations would be returnable if we won the case and the county has to pay our legal bills as required in section 2707.) The text of the legal filings (40k, three files) have been posted to CuD. If you can't get CuD, they are available by email from hkhenson@cup.portal.com =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** CuD, Issue #1.18 / File 3 of 5 /Title 18 USC Sect 1343 *** *************************************************************** %We asked Mike Godwin to forward a copy of Title 18 USC %section% 1343 because it is the basis of eight of the 11 counts (the other 3 allege violations of section 2314). ------------------------------------------------------------------ 18 USC 1343: Sec. 1343. Fraud by wire, radio, or television Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire, radio, or television communication in interstate or foreign commerce, any writings, signs, signals, pic- tures, or sounds for the purpose of executing such scheme or artifice, shall be fined not more than $1000 or imprisoned not more than five years, or both. [Ed. note: This statute was modelled on the mail-fraud statute, 18 USC 1341:] Sec. 1341. Frauds and swindles Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, or to sell, dispose of, loan, exchange, alter, give away, distrib- ute, supply, or furnish or procure for unlawful use any counterfeit or spurious coin, obligation, securi- ty, or other article, or anything represented to be or intimated or held out to be such counterfeit or spurious article, for the purpose of executing such scheme or artifice or attempting so to do, places in any post office or authorized depository for mail matter, any matter or thing whatever to be sent or delivered by the Postal Service, or takes or receives therefrom, any such matter or thing, or knowingly causes to be delivered by mail according to the direction thereon, or at the place at which it is directed to be delivered by the person to whom it is addressed, any such matter or thing, shall be fined not more than $1,000 or imprisoned not more than five years, or both. ------------------------ Please note the breadth of the statutes. They're primarily designed to enable federal jurisdiction in larger-scale crimes, since almost everybody committing a crime ultimately ends up using the mails or the phone system or both. Are there any limits to federal jurisdiction at all? Maybe, but they're pretty tenuous. The leading cases delimiting mail fraud (and, by extension, wire fraud) are: Parr v. U.S., 363 U.S. 370 (1960) U.S. v. Maze, 414 U.S. 395 (1974) U.S. v. Tarnopol, 561 F.2d 466 (3d Circuit 1977) Schmuck v. U.S., 109 S.Ct. 1443 (1989) Maze is a particularly useful discussion. Not only is then-Justice Rehnquist's majority opinion instructive on the (possible) limits of mail fraud, but then-Chief Justice Burger's dissent is helpful in understanding the tactical significance of mail-fraud counts--it explains how and why such counts are so often included in federal prosecutions of NEW types of crime. --Mike =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** CuD, Issue #1.18 / File 4 of 5 / Is this Free Speech? *** *************************************************************** Mike Godwin's summary of Title 18 USC %section% 1343 raises a curious point. Count two of Craig Neidorf's new indictment charges that the: ....defendant herein, for the purposes of executing the aforesaid scheme did knowingly transmit and cause to be transmitted by means of a wire and radio communication in interstate commerce from Columbia, Missouri to Lockport, Illinois certain signs, signals and sounds, namely: a data transfer of Phrack World News announcing the beginning of the "Phoenix Project"; In violation of Title 18, United States Code, Section 1343 One wonders what such a document could contain that it would subject the offender to up to five years in prison and up to a $1,000 fine. Surely it must contain some dangerous information to warrant a separate count. We took a look at this file, and here it is, reprinted directly from the original: -------------------------------------------------------------------- ==Phrack Inc.== Volume Two, Issue 19, Phile #7 of 8 PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN >>>>>=-* Phrack World News *-=<<<<< PWN PWN Issue XVIV/1 PWN PWN PWN PWN Created by Knight Lightning PWN PWN Written and compiled by Knight Lightning PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN From The Creators Of Phrack Incorporated... The Phoenix Project >>>>>>>>>>>>>>>>>>> -=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Just what is "The Phoenix Project?" Definition: Phoenix (fe/niks), n. A unique mythical bird of great beauty fabled to live 500 or 600 years, to burn itself to death, and to rise from its ashes in the freshness of youth, and live through another life cycle. Project (proj/ekt), n. Something that is contemplated, devised, or planned. A large or major undertaking. A long term assignment. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Why is "The Phoenix Project?" On June 1, 1987 Metal Shop Private went down seemingly forever with no possible return in sight, but the ideals and the community that formed the famous center of learning lived on. On June 19-21, 1987 the phreak/hack world experienced SummerCon'87, an event that brought much of the community together whether physically appearing at the convention or in spirit. On July 22, 1987 the phreak/hack community was devastated by a nationwide attack from all forms of security and law enforcement agencies...thus setting in motion the end of the community as we knew it. Despite the events of July 22, 1987, PartyCon'87 was held on schedule on July 26-28, 1987 as the apparent final gathering of the continent's last remaining free hackers, unknown to them the world they sought to protect was already obliterated. As of August 1, 1987 all of the original members and staff of the Metal Shop Triad and Phrack Inc. had decided to bail out in the hopes that they could return one day when all would be as before... THAT DAY HAS COME... A new millennium is beginning and it all starts on July 22, 1988. How fitting that the One year anniversary of the destruction of the phreak/hack community should coincidentally serve as the day of its rebirth. Announcing SummerCon '88 in (where else would you expect) St. Louis, Missouri! Knowledge is the key to the future and it is FREE. The telecommunications and security industries can no longer withhold the right to learn, the right to explore, or the right to have knowledge. The new age is here and with the use of every *LEGAL* means available, the youth of today will be able to teach the youth of tomorrow. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SummerCon'88 is a celebration of a new beginning. Preparations are currently underway to make this year's convention twice as fun as last year's and the greater the turnout the greater the convention shall be. No one is directly excluded from the festivities and the practice of passing illegal information is not a part of this convention (contrary to the opinions of the San Francisco Examiner, and they weren't even at the last one). Anyone interested in appearing at this year's convention should leave mail to Crimson Death immediately so we can better plan the convention for the correct amount of participants. The hotel rooms purchased for SummerCon'88 are for the specified use of invited guests and no one else. Any security consultants or members of law enforcement agencies that wish to attend should contact the organizing committee as soon as possible to obtain an invitation to the actual convention itself. Sorry for the short notice this year... :Knight Lightning "The Future Is Forever" -=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- That's it. This file provides a few standard dictionary definitions, announces a past and forthcoming conference, and invites security personnel to attend. Yet, the meanings proferred by the indictment suggest this announcement reflects something far more insidious, something criminal, and something in dire need of prosecution. The issues are not whether the file reflects poor judgment or a vocabulary that some find inappropriate. Our increasing worry is this: Is this file so dangerous that its publication warrants an indictment that subjects a young defendant to up to five years in prison? Does this file, by any reasonable standard, meet the good faith standards for prosecution outlined in Section 1343? The more we follow the Secret Service activities and U.S. Attorney William J. Cook's handling of the trial, the more we question the motives and procedures of the investigators and prosecutors. If those who abuse the computer system violate the trust of other computer users, as argued by prosecutors, then those who would seem to abuse the fundamental law of the land by apparently violating First and Fourth Amendment rights and by seemingly abusing federal statutes to obtain a prosecution violate something even more sacred: THE SPIRIT OF JUSTICE AND THE RULE OF LAW! Those convicted of violating a federal statute face serious consequences. Those who abuse federal statutes can enhance careers. Is the statute being abused? Have we read the law, the indictment, and the file correctly? How do others read it? Yes, there are other charges against Craig Neidorf. But, again, as we read both the indictment and the law, there is a curious twist of language that distorts his behavior and translates it into something quite different than it was. We do not argue that accessing other computers is acceptable, and we do not claim that any person has a "right" to access information surreptitiously. However, this isn't the point. If this file constitutes a "crime," then it would seem to strike at the heart of freedom of speech. Computer technology is changing the way we communicate. The Constitutional protections (or lack of them) decided now will shape the status of electronic communication in the coming decades. We do not see this as a "hacking" issue, but as an issue the will affect all computerists who communicate across the wired for many years. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= *************************************************************** *** CuD, Issue #1.18 / File 5 of 5 / *** *************************************************************** In CuD 1.05, we reprinted FOIA information from Marc Rotenberg of CPSR (Computer Professionals for Social Responsibility, 1025 Connecticut Avenue, NW (Suite 1015), Washington, D.C. (20036) - (202) 775-1588)). Marc provided a copy of a response by the FBI to U.S. Representative Don Edwards (chair, House Subcommittee on Civil and Constitutional Rights on the Judiciary). Mr. Edwards submitted a list of questions to the FBI asking about surveillance of BBSs. We reprint with permission and thanks. -------------------------------------------------------------------- DEPARTMENT OF TREASURY UNITED STATES SECRET SERVICE WASHINGTON, DC 20223 APR 30 1990 The Honorable Don Edwards Chairman Subcommittee on Civil and Constitutional Rights Committee on the Judiciary House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: Thank you for your letter of April 3, 1990, concerning your committee's interest in computer fraud. We welcome the opportunity to discuss this issue with your committee and I hope the following responses adequately answer your questions. Question 1: Please describe the Secret Service's process for investigating computer related crimes under Title 18, United States Code, Section 1030 and any other related statutes. Response: The process by which the Secret Service investigates computer related crimes is similar to the methods we use to investigate other types of criminal investigations. Most of the investigative techniques are the same; surveillances, record checks, witness and suspect interviews, etc. the primary difference is we had to develop resources to assist in the collection and review of computer evidence. To provide our agents with this expertise, the secret service developed a computer fraud investigation course which, as of this date, has trained approximately 150 agents in the proper methods for conducting a computer fraud investigation. Additionally, we established a computer Diagnostics center, staffed with computer professional, to review evidence on computer systems. Referals of computer related criminal investigations occur in much the same manner as any other case. A victim sustains a loss and reports the crime, or, a computer related crime is discovered during the course of another investigation. In the investigations we do select, it is not our intention to attempt to supplant local or state law enforcement. We provide enforcement in those cases that are interstate or international in nature and for one reason or another are beyond the capability of state and local law enforcement agencies. When computer related crimes are referred by the various affected industries to the local field offices, the Special Agent in Charge (SAIC) determines which cases will be investigated based on a variety of criteria. Each SAIC must consider the economic impact of each case, the prosecutive guidelines of the United States Attorney, and the investigative resources available in the office to investigate the case . In response to the other portion of your question, the other primary statute we use to investigate computer related crimes is Title 18, United States Code, Section 1029 ( Access Device Fraud). This service has primary jurisdiction in those cases which are initiated outside a bank and do not involve organized crime, terrorism, or foreign counterintelligence (traditional responsibilities of the FBI). The term "access device" encompasses credit cards, debit cards, automatic teller machines (ATM) cards, personal identification numbers (PIN's) used to activate ATM machines, credit or debit card account numbers, long distance telephone access codes, computer passwords and logon sequences, and among other things the computer chips in cellular car phones which assign billing. Additionally, this Service has primary jurisdiction in cases involving electronic fund transfers by consumer (individuals) under Title 15, U. S. code, section 169n (Electronic Fund Transfer Act). This could involve any scheme designed to defraud EFT systems used by the public, such as pay by phone systems, home banking, direct deposit, automatic payments, and violations concerning automatic teller machines. If the violations can be construed to be a violation of the banking laws by bank employee, the FBI would have primary jurisdiction. There are many other statutes which have been used to prosecute computer criminals but it is within the purview of the U.S. Attorney to determine which statute will be used to prosecute an individual. Question 2: Has the Secret Service ever monitored any computer bulletin boards or networks? Please describe the procedures for initiating such monitoring, and list those computer bulletin boards or networks monitored by the Secret Service since January 1988. Response: Yes, we have occasionally monitored computer bulletin boards. The monitoring occurred after we received complaints concerning criminal activity on a particular computer bulletin board. The computer bulletin boards were monitored as part of an official investigation and in accordance with the directives of the Electronic Communications Privacy Act of 1986 (Title 18 USC 2510) The procedures used to monitor computer bulletin boards during an official investigation have involved either the use of an informant (under the direct supervision of the investigating agent) or an agent operating in an undercover capacity. In either case, the informant or agent had received authorization from the computer bulletin board's owner/operator to access the system. We do not keep records of the bulletin boards which we have monitored but can provide information concerning a particular board if we are given the name of the board. Question 3: Has the Secret Service or someone acting its direction ever opened an account on a computer bulletin board or network? Please describe the procedures for opening such an account and list those bulletin boards or networks on which such accounts have been opened since January 1988. Response: Yes, the U.S. Secret Service has on many occasions, during the course of a criminal investigation, opened accounts on computer bulletin boards or networks. The procedure for opening an account involves asking the system administrator/operator for permission to access to the system. Generally, the system administrator/operator will grant everyone immediate access to the computer bulletin board but only for lower level of the system. The common "pirate" computer bulletin boards associated with most of computer crimes have many different level in their systems. The first level is generally available to the public and does not contain any information relation to criminal activity. Only after a person has demonstrated unique computer skills, been referred by a known "hacker," or provided stolen long-distance telephone access codes or stolen credit card account information, will the system administrator/operator permit a person to access the higher levels of the bulletin board system which contains the information on the criminal activity. As previously reported in our answer for Question 2, we do not keep records of the computer bulletin boards on which we have established accounts. Question 4: Has the Secret Service or someone acting under its direction ever created a computer bulletin board or network that was offered to the public? Please describe any such bulletin board or networks. Response: No, the U. S. Secret Service has not created a computer bulletin board nor a network which was offered to members of the public. We have created an undercover bulletin board which was offered to a select number of individuals who had demonstrated an interest in conducting criminal activities. This was done with the guidance of the U.S. Attorney's office and was consistent with the Electronic Communications Privacy Act. Question 5: Has the Secret Service ever collected, reviewed or "downloaded" transmissions or information from any computer network or bulletin board? What procedures does the Secret Service have for obtaining information from computer bulletin boards or networks? Please list the occasions where information has been obtained since January 1988, including the identity of the bulletin boards or networks, the type of information obtained, and how that information was obtained (was it downloaded, for example). Response: Yes, during the course of several investigations, the U. S. Secret Service has "down loaded" information from computer bulletin boards. A review of information gained in this manner (in an undercover capacity after being granted access to the system by it's system administrator) is performed in order to determine whether or not that bulletin board is being used to traffic in unauthorized access codes or to gather other information of a criminal intelligence nature. At all times, our methods are in keeping with the procedures as outlined in the Electronic Communications Privacy Act (ECPA). If a commercial network was suspected of containing information concerning a criminal activity, we would obtain the proper court order to obtain this information in keeping with the ECPA. The U. S. Secret Service does not maintain a record of the bulletin boards we have accessed. Question 6: Does the Secret Service employ, or is it considering employing, any system or program that could automatically review the contents of a computer file, scan the file for key items, phrases or data elements, and flag them or recommend further investigative action? If so, what is the status of any such system. Please describe this system and research being conducted to develop it. Response: The Secret Service has pioneered the concept of a Computer Diagnostic Center (CDC) to facilitate the review and evaluation of electronically stored information. To streamline the tedious task of reviewing thousands of files per investigation, we have gathered both hardware and software tools to assist our search of files for specific information or characteristics. Almost all of these products are commercially developed products and are available to the public. It is conceivable that an artificial intelligence process may someday be developed and have application to this law enforcement function but we are unaware if such a system is being developed. The process of evaluating the information and making recommendations for further investigative action is currently a manual one at our CDC. We process thousands of computer disks annually as well as review evidence contained in other types of storage devices (tapes, hard drives, etc.). We are constantly seeking ways to enhance our investigative mission. The development of high tech resources like the CDC saved investigative manhours and assist in the detection of criminal activity. Again, thank you for your interest. Should you have any further questions, we will be happy to address them. Sincerely, /s/ John R. Simpson, Director =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END CuD, #1.18 + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= !