Computer underground Digest Wed Mar 16, 1995 Volume 7 : Issue 21 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Semi-retiring Shadow Archivist: Stanton McCandlish Correspondent Extra-ordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Monster Editor: Loch Nesshrdlu CONTENTS, #7.21 (Wed, Mar 16, 1995) File 1--CuD Listserv at UIUC having some problems File 2--Seizure of italian BBS - UPDATE File 3--(fwd) U. of Pittsburgh Netnews Policy (fwd) File 4--S. 314, Realism, Unanswered Questions File 5-- Dutch Hacker Arrested File 6--(fwd) Eyewitness account of 2/21 San Jose hearing, by C. Kaun File 7--Cu Digest Header Info (unchanged since 26 Feb, 1995) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. ---------------------------------------------------------------------- Date: Fri, 10 Mar 1995 15:24:43 (CST) From: CuD Moderators Subject: File 1--CuD Listserv at UIUC having some problems The UIUC Listserv is having some problems. People subscribing to CuD with standard internet addresses should be relatively unaffected. Those with BITNET addresses will likely not receive CuD this (or next) issue. Sorry for the inconvenience....... Jim and Gordon ------------------------------ Date: Wed, 15 Mar 1995 11:07:11 +0000 (CUT) From: Luc Pac Subject: File 2--Seizure of italian BBS - UPDATE Press Release 13 March 1995 BITS Against the Empire BBS, a node of the Italian Cybernet computer network), remains shut down due to police investigations. According to the authorities, the bulletin board's activities in pursuit of free communication and counter-information represent a danger to the democratic order. Ten days after police raids on the homes of a dozen activists, all hard copy materials, along with one of the computers seized, have been returned. The authorities remain in possession of the bulletin board computer itself, however, as well as all the floppy disks appropriated, in order that they might pursue a 'deeper analysis' of such electronic material. Clearly no-one has explained to them that hard disks and diskettes can be copied in a matter of minutes. Meanwhile, those facing prosecution, as well as the hundreds of users of the BITS Against the Empire BBS, must continue to wait as the police force's computer experts work to uncover not only the DOS 'copy' command, but also that very dangerous information - from publicly available electronic journals, articles and academic essays on the social use of new technology, to publicly accessible electronic discussion groups - which has inspired the charge of subversive association with terrorist intent (associazione eversiva con finalita' di terrorismo - art. 270 bis of the Italian penal code). BITS Against the Empire Labs Underground Research & Documentation Italy CyberNet 65:1400/1 (currently down) ECN 45:1917/2 Fidonet 2:333/412 (currently down) Internet lpaccagn@risc1.gelso.unitn.it ------------------------------ Date: Mon, 6 Mar 1995 01:27:49 -0600 (CST) From: David Smith Subject: File 3--(fwd) U. of Pittsburgh Netnews Policy (fwd) ---------- Forwarded message ---------- PITT ADOPTS NEW COMPUTER ACCESS POLICY PITTSBURGH, March 2 -- The University of Pittsburgh will establish a standing committee to help determine which of the more than 10,000 USENET news groups on the Internet will be carried on the University's computer network. This is one aspect of a new policy, approved by the University's senior administration, that was developed by the ad hoc committee formed to review the use of University computer resources to access, display, post or print materials that may have obscene or sexually explicit content. The policy addresses the need to provide appropriate protection for First Amendment rights, while, at the same time, adhering to federal and state statutes governing obscenity and sexually explicit material. The new standing committee, which will have faculty, staff and student members, will be charged with developing guidelines for use by the University's Computing and Information Services staff when making decisions about adding, deleting or retaining news groups. The guidelines will be content-neutral, except with respect to obscenity, or other speech not protected by the First Amendment. The committee will also formulate guidelines for separating the news groups into two categories: 1) those with content, as defined by state or federal law, that is likely to be obscene or sexually explicit and harmful to minors, and 2) those without such content. All authorized users under the age of 18 would be granted access only to the second group. The new policy also calls for the suspension of computing privileges as well as the possible imposition of additional sanctions upon anyone who is found to have employed University computer resources to use obscene or sexually explicit material in a way that violates University policies and guidelines. At the ad hoc committee's suggestion, the University will review its existing policies regarding "Computer Access and Use," "Sexual Harrassment," and "Computing Ethics and Guidelines" to make sure that they adequately deal with issues such as the display of obscene or sexually explicit materials on computer screens. # # # AD HOC COMMITTEE PROPOSAL Accepted as University Policy by Executive Staff January, 1995 For use until formally issued as a University policy. Our group has been charged with recommending a policy to ECAC regarding the use of University computer resources to access, display, post, and print materials which have possibly obscene and/or sexually explicit content. There exist both Federal and Pennsylvania statutes which govern obscene and/or sexually explicit material. Pitt is a state-related University, and, as such, must support and protect First Amendment rights. 1. We suggest that University of Pittsburgh Policies 10-02-05 (Computer Access and Use) and 07-06-04 (Sexual Harassment Policy), and CIS' "Computing Ethics and Guidelines," be reviewed by the University to make sure that they adequately deal with issues such as the display of obscene and/or sexually explicit materials on computer screens. 2. There are approximately 10,000 USENET news groups on the Internet, the vast majority of which do not deal with obscene and/or sexually explicit material. CIS resource limitations prevent us from carrying all of those groups, even if we would want to do so. While the topics discussed by a group are generally assumed to be well described by the group's name and statements about its purpose, a group is the electronic analogue of a large bulletin board with open access. Anyone may post anything he/she wishes on the board; thus obscene and/or sexually explicit material may well exist in news groups with innocuous titles. It is impossible to review the content of all groups Pitt carries, even if we wished to do so. We propose that the University form a standing committee, with faculty, staff, student, and Office of General Counsel representation, which will draft, review, and update guidelines, on the basis of which a CIS staff member will add, delete, and retain news groups on the CIS system. Except with respect to obscenity, or other speech not protected by the First Amendment, the guidelines will be content-neutral. CIS currently has a process for selecting news groups; our proposal broadens the group involved in setting the policies to be followed and enhances legal safeguards to the policy-making process. 3. We recommend that the standing committee mentioned in the paragraph above formulate guidelines, on the basis of which CIS will segregate news groups into two categories: (1) those with content which is likely to be obscene or sexually explicit and harmful to minors, as defined by Federal and State law, and (2) those without. Matriculated students, faculty, and staff, age 18 and older, would automatically be granted access to all news groups being carried. All those under age 18 would normally be granted access to only the second news group. We recommend the establishment of a process and a set of guidelines by which those persons could apply for access to the other set of news groups under appropriate circumstances. 4. Computing privileges may be suspended or other sanctions imposed upon anyone found to have used University resources to display, print, or circulate obscene material, where "obscene" is defined by Federal and State law; anyone who circulates, to persons under the age of 18, sexually explicit materials which are defined by law as being harmful to minors; and anyone found to have used University resources to use obscene and/or sexually explicit material in a way which violates University policies and guidelines. The standing committee mentioned above will make recommendations to CIS for suspension of computing privileges or other sanctions in each case involving faculty or staff members. In cases involving students, the existing Student Judiciary Board will have jurisdiction. In addition, as noted in the August 1993 "Computing Ethics and Guidelines," "... failure to adhere to these guidelines can result in the suspension of computing privileges and prosecution under Federal and State law, where applicable." The University will fully cooperate with all such prosecutions. ------------------------------ From: timk@WORLD.STD.COM(Tim King) Subject: File 4--S. 314, Realism, Unanswered Questions Date: Fri, 10 Mar 1995 13:19:13 -0500 (EST) Brad Hicks wrote: > If you want it to be legal for people to use [the Internet for > transmitting hard-core pornographic material in a manner which > would be illegal over a phone line under the existing law]... > well, then say so! To which Rhys Weatherley replied: > Very few free speech supporters, myself included, want that > kind of crap distributed on the Internet or anywhere... Um... Er... This does seem to be the point. The question is not whether anyone _wants_ it to happen. I'm sure that no one _wants_ it to happen. The question is whether or not "you want it to be legal." But, it appears, Brad thinks that the objections to S. 314 have been blown way out of proportion in an attempt to dodge the real issue. Now, far be it from me to assume to know Brad's thoughts and motives. Nevertheless, if I am correct in this interpretation, his assessment would seem to me to be a plausable one. There are several points that I have not yet seen addressed, but which appear to be intimately applicable to the debate. The first is that the current law seems to already apply to any service provider that makes obscene material avaiable over telephone lines. What differentiates any Internet provider or BBS operator from anyone else who "makes (directly or by recording device) any obscene [telephone] communication for commercial purposes to any person?" Now we can discuss whether or not the current law is appropriate for modern computer-based communication, but it still seems that Sen. Exon's bill would have negligible effect on many service providers. Secondly, how does the current law apply to pay-services, like singles lines, that provide PRIVATE messaging facilities? I've never actually used such a service, but my understanding is that they allow users to leave voice messages for other users. Now, when one user leaves an obscene message for another user, is the service provider deemed responsible? Or does someone really listen to every message left by every user before forwarding it to its destination voice mailbox? However the law applies, we can still discuss whether or not it is appropriate. But it seems to me that any requirements that can reasonably be made relating to private voice-mail messages can reasonably pertain to private email as well. Furthermore, the current law gives seemingly special protection to "common carriers." It is my understanding, however, that network operators, Internet providers, and BBS operators do not fall into this category. If so, isn't this point of more paramount concern? In other words, if this bill is going to be considered by congress, shouldn't it at least include provisions to restrict the liability of telecommunications services for data that they did not publish? I would be most grateful if someone could enlighten me with informed answers to these questions. ------------------------------ Date: Tue, 14 Mar 1995 18:25:21 EST From: "Rob Slade, Social Convener to the Net" VIRETHIC Viral Morality: A Call for Discussion "Computer ethics" has been an ongoing study in the technical world. On the one hand is the study of the ethical, moral, or proper use of computers. On the other, is the study of computer crime and vandalism. Lately, I have noted a rather desperate interest in courses or training in computer ethics, as well as an increase in the frequency and depth of discussions regarding the ethics of virus writing. I would like to address this latter topic, specifically. One problem with current discussions and literature regarding the ethics of virus writing and distribution is the lack of dialogue between two opposing camps. This paper is not intended to present any final answer, nor to add to the literature in the field, but to open the field for comment. My purpose in writing this is to provide an initial overview and to elicit feedback from any and all concerned with the topic. For those of traditional moral stance, the current situation is discouraging. Peter Denning's "Computers Under Attack" (cf. BKDENING.RVW) has a very thorough survey of the field, but it provides little in the way of answers or hope. Deborah Johnson's work "Computer Ethics" (cf. BKCMPETH.RVW) is pre-eminent in the field, but serves only to clarify the problem. Sarah Gordon's interviews with computer students show responses typical of almost all such studies. The base attitude appears to be, "If I find it interesting, and I can do it, why do you say I shouldn't?" The proponents of security-breaking activities often question the traditional ethical position by asking, "Where's the harm?" This query is directly relevant to discussions of the morality of virus writing. I should begin by defining two generally opposed groups in this area. First is the "antivirus", or "AV", research community. Many, though not all, of the members of this group would be involved in producing antiviral software. All would study viral programs with a view to eliminating viral programs in the normal computing environment. They take a rather paranoid, and almost obsessive, position with regard to the sharing and distribution of viral code. (They would rejoin this last by pointing out that it isn't paranoia if someone is *really* out to get you.) The AV community is not really opposed to the writing of viral programs. It is seen as a trivial, and therefore pointless, exercise; but not necessarily evil, in itself. The communication of viral program code is also a normal professional and academic activity, as long as it is limited, done for a stated purpose, and the recipients are known. It is the unregulated exchange of virus code and source, providing open access to anyone with a computer and a modem, that is upsetting. The opposing group is therefore described as the virus exchange community, or "vx" for short. (This designation was first used by Sarah Gordon.) For the purposes of this paper, therefore, references to "virus writing", "virus exchange" or "vx" will mean the uncontrolled or unregulated exchange or provision of access to virus source and object code. (This does not necessarily mean deliberate distribution of infected programs by such means as infecting a legitimate program and then posting it, without warning, to a bulletin board system. "Trojanizing" of normal software or malicious invasion of systems is certainly happening in some areas, but it is not needed in the current computing situation. While there is debate over the relative contribution of "natural spread" and virus exchange to the current virus problem, it is known that code made available only as openly published material does eventually infect machines in the normal computing environment. The term vx does not, therefore, require any imputation of sinister motives or hidden activity for the purposes of this discussion.) There are some grey areas between these two poles. Some people have both written antiviral software *and* contributed to viral spread. Given, however, that one could expect a continuum of opinion, those in the middle are remarkably few. Either you are for virus exchange, or against it. One other, separate, group should be noted. Viral programs are often cited as an example of "artificial life", and the research community in that field, both professional and amateur, have a legitimate interest in viral programming. Work in the a-life field, however, does not justify unregulated code and source exchange. For one thing, current viral programs "in the wild" (those which are to be found in normal home and business computers, as opposed to those which exist only in a research or laboratory environment) have only the most tenuous claim to artificial life. Common viral programs are simplistic snippets of code without anything like the complexity of the simplest known natural life forms. In addition, those who really do work in the artificial life area will be well aware that it does carry possible dangers, and that research should be subject to controls similar to those imposed on biological and genetic study. The most common argument for virus-writing tends to boil down to, "You can't stop me." Many promote virus writing on the grounds of freedom of speech, a rather curious position in light of the incoherence of the arguments. (The most vocal of these tend to be Americans, who frequently cite "First Amendment Rights". This refers to the first amendment to the U.S. Constitution, which Americans tend to see as some universal law, rather than an arbitrary political document, however desirable.) Rights, though, carry with them a weight of responsibility. As is often quoted, your "right" to swing your fist ceases at the end of my nose. You have a "right" to free speech--so long as you are responsible and do not perpetrate fraud. You have a "right" to study whatever you like--so long as you are responsible enough not to carry out experiments in poison with human subjects. No PC is an island--at least, not where viral programs are concerned. Therefore, your "right" to study, write and distribute viral programs carries the responsibility to ensure that your creations do not--ever--run on machines where they are not authorized. One of the most confusing aspects of the "exchange/no exchange" debate is the concept of the "good" virus. There is nothing inherently evil in the concept of reproduction. (Dangerous, yes.) In fact, the very earliest experiment with self-reproducing programs was the Xerox Worm of Shoch and Hupp. This was designed to spawn "segments" of the central program on other machines in the network, thus bringing the power of many processors to bear on a single problem. Thus, in theory, viral programming could represent the same level of advanced technology in software that parallel processing represents in hardware. That's the theory. And it is promoted by no less eminent a researcher than Dr. Fred Cohen, who did seminal work on the security-breaking class of viral programs in a thesis, in 1984, and dissertation, in 1986. Unfortunately, the theory founders on some rather hard facts. There are three questions to ask of a new, inherently dangerous, technology. Has it a useful application? Can it fulfil that application better than current technologies? And, can the danger, either inherently, or effectively, be controlled? To date, no one has answered those three questions. While a variety of uses have been proposed for viral programs, there are none which are not effectively being done by other means. No viral programs have, indeed, been seen to be as effective as normal systems. Operating system upgrades could not guarantee universal coverage. Network management tasks could not promise reliable feedback. Automated utilities would confuse novice level users, who never run utilities anyway. The most useful function is still that proposed by Shoch and Hupp--and their programs were not, strictly speaking, viral. (Vesselin Bontchev's examination of this question is the most detailed to date, and is required reading for all who want to join the debate. His proposals, while demonstrating good ideas for safety and control, are still primarily an advanced automated distribution system. The necessity for viral functions in this regard is still unproven.) Those in the vx camp will point to two current viral programs which, they say, do have useful functions. One of these programs produces compressed executable files, thus saving disk space, while the other performs encryption on files. However, both of these functions are provided by other programs--from which, indeed, code was stolen for those two "good" virals. Neither of the viral programs are as easy to use or control as the original programs, and both have bugs which must place them firmly in the malware grouping, for nuisance value, if nothing else. Currently, therefore, the utility of viral programs is very much unproven. This would, though, mean only that they are neutral, were it not for the lack of any demonstrable control. Methods of control have been discussed primarily by Fred Cohen, but even he remains unconvincing. The mechanisms generally are limited to environmental checks which can either fail, or be easily cut out of the program. Some have proposed "hunter" virals, to go after programs which "turn rogue", but a program which is corrupted will behave in unpredictable ways and a hunter program would likely consume a lot of resources, fail, or (most likely) both. (Cohen frequently cites viral "programs which have been running since 1986 with no ill effects" and speaks of a VCE (viral computing environment). There are two points to be noted here. One is that Cohen has not yet described his viral programs in anything like the detail he put into his earlier work, so there can be no independent assessment of his claims. The second point is that the very term, VCE, implies that a viral computing environment is substantially different, and should be kept separate, from the "normal" computing environment as it is currently known. A VCE may very well be a powerful entity, but it is still an unknown and unproven concept.) Computer viral programs have an inherent danger: that of reproduction and spread. If you study explosives, and pass along that knowledge, you also have to pass along the materials before there is any risk of a blast. Even then, the materials do not multiply themselves: when exhausted, another supply must be found. The same is *not* true of viral programs. These entities are *designed* to reproduce. And, unlike the study of dangerous animals, or even germ warfare, viral programs are built to reproduce, multiply and spread without the aid of a skilled, or even aware, operator. If you are careless with a deadly animal or weapon, it is still only a single danger in a localized area. If you are careless with a computer virus, it can spread world-wide. We do not use computers because they are smart. Computers *aren't* smart. Sometimes we use them because they can do calculations very quickly, but even this is only a special case of the real value of computers. Computers always do the same thing in the same way. They are repeatable. They are, in this manner, reliable. Even a computer error can be useful to us--so long as it always happens the same way. Consider, then, the computer virus. In order to reproduce without the informed assistance of the user, the virus must be, in the computer sense, transparent. It must operate without alerting the operator, or interfering with the operator's interaction with the computer. If the virus even posts a notice ("Hi! I am infecting object X!"), it has a nuisance value and is, therefore, not good. (Vesselin Bontchev notes that even such a notice, by possibly delaying a process, may have grave consequences far beyond annoyance.) If, however, the virus does *not* notify the operator, then the operator is not aware of some additional code in the machine. This extra code will have an unknown, and inherently unknowable, effect on the computer. The operations of the computer are, therefore, no longer repeatable. This is a Bad Thing (TM). Some will protest that I have overblown the danger of both the notification messages and the possibility of conflicts. The point that I am trying to make is that you cannot predict the harm which may arise from interference either with the operator or the programs. Software is digital, and is subject to catastrophic collapse without prior warning. For those without a background in computer risk assessment, an excellent overview for the non-professional is found in Lauren Wiener's "Digital Woes" (cf. BKDGTLWO.RVW). An intriguing compilation of the types of things that can go wrong is to be found in Peter Neumann's "Computer Related Risks" (cf. BKCMRLRS.RVW). At the very least, as Sarah Gordon points out, the virus is an autonomous agent, making decisions and carrying out activities according to it's own internal constructs and the intention of its programmer. This is very likely not in correspondence with your own intention, and is therefore an invasion of privacy. A number of virus writers will object that their creations simply are not harmful. Not only is it impossible to guarantee that your virus will not conflict with existing systems, you also cannot guarantee that a given system will not conflict with your virus. Almost all file infecting viral programs will interfere with applications which have an internal integrity checksum or a non-standard loader, and will cause those applications to fail. (An example of this is that Windows programs infected with DOS viral programs always fail to load.) The "Ohio" virus (a prior version of Den Zuk) was not intended to carry any destructive payload, but an unusual interaction with a certain network operating system caused fatal disk corruption. Since both Ohio and Den Zuk are examples of the often proposed "virus hunter virus", it should be clear that the concept of using a viral program to hunt down and disinfect other viral programs is not a good one. Historically, and statistically, virus exchange people have been careless and incompetent programmers. Remember that we are talking vx, here, and those viral programs which have been released into the wild. There may be, carefully hidden in the desk of a virus writer, the "perfect" and harmless virus. If so, we haven't seen it yet. The majority have obvious bugs, sloppy coding and derivative programming. Less than one percent are interesting for *any* reason; only a handful have unique styles of algorithms. And even these last have programming pathologies. There are two other reasons often given to justify virus exchange. The first is generally described as experimentation and education. The second is described as antiviral research, or, more commonly, assessment of antiviral programs. These arguments *do* have some validity, and should be examined. Ultimately, though, the reality fails to support the claim. The call for experimentation is somewhat tied to the argument for a "good" virus. Current viral technology may be crude and ridiculous, but how can it be improved if there isn't any work or sharing of results? Quite true. The vx community, however, have obviously not read or noted any programming journals or texts. Discussions of programming and algorithms are supported by well-annotated code fragments. You don't present a whole program to discuss a specific function any more than you send an entire car with a manual on auto repair. You certainly don't use encoded or "DEBUG script" object code: that has no explanatory value at all. And I have yet to see, in the vx materials, any discussion of legitimate and positive uses for viral technology, any discussion of control technology, or any discussion directed at ensuring that viral programs do not create conflicts. In regard to education, it is true that a study of viral programs is related to a knowledge of operating system internals, as well as assembly language programming. However, viral study *requires* such knowledge, rather than providing it. Giving someone a virus and expecting them to learn from it is akin to "teaching" a surgeon by handing him a scalpel and pointing at a patient. Even the vx "old guard" are beginning to realize this. Viral programs use normal computer functions. If you understand computers, a virus is trivial. If you don't, well ... As far as virus exchange tutorials go, well, let me put it this way. I am a teacher. Many of you will also know that I review technical books on a daily basis. Some are great, enough are good, many are bad and some are just plain awful. Only a few are worse, in terms of tutorial effectiveness, than vx "zines" (electronic periodicals). Recently, someone who makes his living pushing virus source code promoted a collection of viral programs by suggesting you could test antiviral programs with it. This, superficially, sounds like a good idea--if you don't know what *real* software testing is like. What do we know about the quality of this "zoo" (set of virus samples)? What do we know about the structure, organization, documentation and so forth? How many duplicates are there? Of course, we *do* want duplicates in some cases; we want every possible variation on polymorphs. (For Tremor, that works out to almost six billion files.) But then, this collection was on a CD-ROM. What a pity. The most successful viral programs are boot sector infectors, and you need to have real, infected disks to truly test for them. At a minimum, you'd want all seven "common" disk formats, in both system and non-system versions. That's fourteen disks--for *each* BSI. For all the length of this piece, it is still only an overview. And, for all it's length, it probably hasn't convinced anyone. Ethics education (it used to be called "values education"), in whatever form and however presented, has very little to show that it works. There are various theories and models of moral training, the most sophisticated probably being Lawrence Kohlberg's "Moral Development" schema. All, though, basically boil down to sitting around talking about ethical dilemmas. They may develop debating skills and rhetorical sophistry, but there is no evidence to suggest that any of these programs leads to any significant change in behaviour. While Kohlberg's model of moral development has the most detailed construction, its utility is questionable. His system is not so much one of values education as of values measurement. It is, therefore, a guideline for evaluating other ethical training methods rather than a means of instruction and change. Moral development is a six stage structure, assessing the type of reasoning which goes into ethical choices. The stages range from "fear of punishment" to "internal ethical principles". There is great difficulty, however, in determining the "stage" of a given individual. Most ethical discussions will be judged as having reasoning at all of stages three, four and five. This entire document, for example, could be dismissed as being level one reasoning since it mentions the possibility of the danger of virus distribution and could therefore be seen as a "fear of punishment" (negative consequences) on my part. On the other hand, most of Kohlberg's proponents dismiss level six, since even a psychopath could be said to be acting from internal principles. Kohlberg, himself, has stated that he does not know if anyone consistently acts from stage six reasoning. Probably the major reason for this is that modern society has no fundamental moral foundation. The most widely cited (and Johnson gives an excellent critique of it) is utilitarianism--"the greatest good for the greatest number". Leaving aside the difficulties of assessing such a measure, utilitarianism, along with all the other modern "humanistic" philosophies, has nothing to support itself. Why is "the greatest good for the greatest number" to be chosen over "what *I* want"? An alternative is deontology; ethical principles derived from the concept of duty. (Ironically, this philosophy, while arguably superior to utilitarianism, is limited to Kohlberg's stage four almost by definition.) Again, however, there is no underpinning to the concept of duty, itself. Ironically, the much maligned "Judeo-Christian Ethic" did have such a foundation for moral standards--God. The theistic universe may yet have the last laugh over the mechanical universe of B. F. Skinner's "Beyond Freedom and Dignity". Maybe Jesus *is* the answer--or there may be no answer. Bibliography Bontchev, "Are `Good' Viruses Still a Bad Idea?", Proceedings of the EICAR '94 Conference, pp.25-47, also ftp://ftp.informatik.uni-hamburg.de/pub/virus/texts/viruses/goodvir.zip Clarkson, "Windows Hothouse", 1994, 0-201-62669-1, U$34.95/C$44.95 - lots of artificial life fun with Visual C++ Cohen, "It's Alive!", 1994, 0-471-00860-5, U$39.95 - an intriguing, provoking and practical exploration of computer programs as "artificial life", but somewhat narrow Denning, ed., "Computers Under Attack", 1990, 0-201-53067-8 - collection of essays roughly related to security, also "the net" Ermann/Williams/Gutierrez, "Computers, ethics and society" - textbook for computer ethics course: not great Gordon, "Technologically Enabled Crime", 1994 Forester/Morrison, "Computer Ethics", 1994, 0-262-56073-9 - lots of great stories, but short on analytical depth Johnson, "Computer Ethics", 1994, 0-13-290339-3 - the basic work in the field, thorough coverage and good discussion starter Levy, "Artificial Life", 1992, 0-679-73489-8, U$13.00/C$17.00 - an interesting wander through fields studying artificial life but no strong points Neumann, "Computer-Related Risks", 1994, 0-201-55805-X, U$24.75 - exhaustive examples from the RISKS-FORUM Digest of potential technological perils Slade, "Robert Slade's Guide to Computer Viruses", 1994, 0-387-94311-0/3-540-94311-0, U$29.95 - chapter seven looks at the computer virus and society Thro, "Artificial Life Explorer's Kit", 1993, 0-672-30301-9, U$24.95/C$31.95 - good fun, but little analysis Wiener, "Digital Woes", 1993, 0-201-62609-8, U$22.95/C$29.95 - excellent introduction to the risks of software (A fuller bibliography on values education readings is available for those demonstrating a willingness to put some effort into it, since, frankly, it's a really disappointing field. Sarah Gordon's "Generic Virus Writer" paper has significant resources here.) copyright Robert M. Slade, 1995 Permission is granted to post this file, in full, on any system. ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733 Author "Robert Slade's Guide to Computer Viruses" (US contact 1-800-SPRINGER) ------------------------------ Date: Thu, 9 Mar 95 12:52:26 MST From: Chris McDonald Subject: File 5-- Dutch Hacker Arrested --------------Original message---------------- UTRECHT, THE NETHERLANDS, 1995 MAR 6 (NB) -- A Dutch student has become the first person to be convicted of computer hacking in the Netherlands. Ronald Oosteveen, a 22 year old Utrecht computer science student, was handed down a six month suspended sentence by magistrates last week, and was fined around $3,200 Oosteveen was accused of breaking into university, corporate and government computers, following his arrested in March, 1993, just three weeks after new Dutch anti-hacking legislation came into force. Oosteveen was caught in the act of trying to hack into the computer lines of a technical university in Delft near The Hague. He is also thought to have been responsible for previous hacking attacks which occurred before the new legislation came into force. In court, prosecutors said that he was challenged by university staff monitoring the computers, and police traced Oosteveen back to his home. There, police found computer disks with evidence that he had gained unauthorized access into the computer systems of several companies and government offices in the Netherlands, Norway, and Iceland. Handing down its verdict, the court said computers were vital to a modern society and it was "essential that information networks not be violated." ------------------------------ Date: Sat, 25 Feb 1995 21:10:26 -0600 (CST) From: David Smith Subject: File 6--(fwd) Eyewitness account of 2/21 San Jose hearing, by C. Kaun ---------- Forwarded message ---------- [Reposted from misc.legal.computing] From--ckaun@deimos.ads.com (Carl Kaun) Subject--Religious Technology vs. Netcom-On-Line Date--22 Feb 1995 23:38:17 GMT Apologies if this turns out to be a duplicate post. It was supposed to go out yesterday, but I think there were problems. I attended the hearing described below. I did not take notes at the hearing, and not being a lawyer, do not fully understand the nature of the legal comments. Still, my recollections may have some benefit, and are provided in that event. Question marks indicate where I did not hear or cannot recall clearly what was said, or where I have a question. Perhaps someone with legal background can answer some of these. Where I am adding commentary should be clear from the use of the first person, or by other qualifications. Full rights to reproduce or reuse in any form are granted. ============ C-95-20091: Religious Technology vs. Netcom-on-Line, Judge Ronald Whyte presiding -- 2/21/95 hearing at Federal Court in San Jose (10:00-11:00) Plaintiffs: Attys McShane, Small, Korbin, others whose names I didn't catch (5 total). Defendants: Atty for Netcom and associate, Atty for Klemesrud (operator of BBoard), Dennis Erlich The purpose of the hearing was to show cause re. a preliminary injunction (same as temporary restraining order or 'TRO'?). Judge Whyte had initial concerns about whether the scope of the seizure order was exceeded. He asked what material (on a list provided by plaintiff, allegedly an inventory of materials taken in the seizure) was trade secret, and what was copyrighted. Plaintiffs could not identify which was what, and were given until Feb 24th to provide that identification. There was some discussion about sealing exhibits (presumably documents containing trade secrets), but no materials to be sealed were identified. Small made initial remarks, talking about the execution of the seizure order and items taken. He said that Netcom could "write a program to identify publications from sites (purportedly) publishing copyrighted materials, to enable a more in-depth review of these". Plaintiff did not seem to make many points with Judge Whyte. Erlich provided a statement to the court, and made additional comments to the effect that: (1) materials in his possession were obtained legally, being provided by various mechanisms including given or loaned by others (presumably obtained legally by them?), being purchased, or obtained as part of being a minister in the Church of Scientology. He called the judge's attention particularly to documents identified as being hardcopies in this regard. (2) no materials were identified to him as trade secrets. (3) postings to internet were made in form of commentary or satire (the word 'satire' was a significant element in comments during the early parts of the hearing), and were paragraphs or at most a couple of pages, and constituted fair use of the materials. (4) his use of the materials was not for monetary profit or gain (inferring that it was therefore beyond the scope of copyright law?). (5) (execution of?) the seizure order violated his 1st and 4th Amendment rights, making him the aggrieved party, on which basis he was entering suit (against the Church of Scientology and individuals involved in the seizure). (6) he was not permitted to monitor removal of materials, nor was he provided an inventory of items taken, except as a single unsigned page, and that because the materials were deleted, he has no way to verify what was claimed to have been seized (had in fact been in his possession?) (7) he had indicated his willingness to cease publication of and delete from his files any copyrighted or trade secret materials, and had requested plaintiff provide a means to identify/verify these, which plaintiff had not done. The Attorney for Klemesrud submitted a brief to the court, and in commment cited various precedent why Klemesrud should not be included in the suit; and indicated the impact of requiring Klemesrud to comply with what plaintiff wanted would be to shut down the B-board, thereby removing access to Internet for some 500 users. The Attorney for Netcom submitted a brief to the court, and in comment merely indicated Netcom's role as essentially a common carrier, with no control over content, and having no more liability than a bookseller would have. Somewhere along the line, attorneys for both Netcom and Klemesrud indicated they were filing motions for dismissal. Small tried to argue why they should not be dismissed with some sort of analogy about how a private toll booth operator should deny highway access to a particular car that had been described to the operator. I hope the judge thought it as ridiculous as I did. In subsequent comment, the attorney for Netcom made what I thought the neatest point of the day. He pointed out that plaintiff could not there in the court identify what was or was not copyrighted from a list of materials in his possession, yet plaintiff was asking Netcom to make that same determination nearly instantaneously on a very great volume of material. The only alternative to this would be to block access to individuals, for which there is absolutely no precedent. Late in the hearing, Small tried to make some point about how Erlich had initially cooperated with the seizure, but later on tried to block it "when he had called the press and guzzled some beer". You had to be there! Such inappropos slander attempts come across almost as CoS signature. He also tried to express outrage that Erlich had a scanner and was copying whole documents into his computer (even if it could be established what was being scanned, aren't backup copies of copyrighted materials allowed under various conditions?). Judge Whyte released Netcom and Klemesrud from the injunction/TRO "without prejudice" (??), and indicated he would replace the TRO against Erlich with a more carefully worded one. A further hearing with Erlich, etc. will occur on March 3rd. This might "take place by telephone, to alleviate travel costs" (aren't hearings like this supposed to be public, and doesn't a telephone conference preclude that?) ==== I was not impressed by any crispness in the arguments, e.g. to establish any standards or boundaries (perhaps it is too early for this). Indeed, I have seen clearer commmenting on the net. One thing kind of surprised me -- I would have thought the court would take possession of the purportedly copyrighted materials to insure there was no tampering with "the evidence", especially given CoS' reputation. This was not done, nor was there any suggestion made to do so. ------------------------------ Date: Sun, 26 Feb 1995 22:51:01 CDT From: CuD Moderators Subject: File 7--Cu Digest Header Info (unchanged since 26 Feb, 1995) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: Bits against the Empire BBS: +39-464-435189 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD ftp://www.rcac.tdi.co.jp/pub/mirror/CuD The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu:80/~cudigest COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #7.21 ************************************