****************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 1, Issue #1.00 (March 28, 1990) ** ****************************************************************** MODERATORS: Jim Thomas / Gordon Meyer REPLY TO: TK0JUT2@NIU.bitnet COMPUTER ˙UNDERGROUND ˙DIGEST is an open forum ˙dedicated ˙to ˙sharing information ˙among computerists and to the presentation and debate ˙of diverse views. -------------------------------------------------------------------- DISCLAIMER: ˙The views represented herein do not necessarily represent the ˙views ˙of ˙the moderators. ˙Contributors ˙assume ˙all responsibility for assuring that articles submitted do not violate copyright protections. -------------------------------------------------------------------- COMPUTER ˙UNDERGROUND ˙DIGEST was begun with the encouragement of ˙Pat Townson, ˙˙moderator ˙of ˙TELECOM DIGEST. ˙Pat received ˙far ˙to ˙many responses to the recent Legion of Doom indictments to print, ˙and many of the issues raised were, for reasons beyond Pat's control, unable to be printed. ˙This, ˙the initial issue of CuD (as in "stuff to ruminate over") ˙˙will ˙reprint ˙some of the initial responses to ˙provide ˙the background for those who missed the earlier discussions. Preliminary ˙interest ˙in ˙this forum has been ˙relatively ˙good. ˙˙We received ˙about 50 ˙inquiries in the first 12 ˙hours. ˙˙We ˙anticipate initial ˙problems ˙in ˙linking bitnet with usenet and ˙other ˙outlets. Doug ˙Davis (in Texas) ˙has thoughtfully volunteered to serve as a ˙go between Usenet and other links, ˙so, ˙by trial and error, we'll try to contact everybody who has expressed interest. We ˙will set line length at 78 ˙characters. ˙If there are problems ˙in reading this, let us know and we will shorten it. STATEMENT OF INTENT CuD ˙encourages ˙opinions on all topics from all perspective. ˙˙Other than ˙providing a context for an article if necessary, ˙the moderators *will not* ˙add commentary of agreement or disagreement. ˙We see ˙our role as one of facilitating debate, ˙although we will undoubtedly take part in discussions in separate articles. From ˙the ˙inquiries, ˙interest seems to gravitate around a number ˙of issues ˙related ˙to the "computer underground," ˙by which we mean ˙the social ˙world ˙of phreaks, ˙hackers, ˙and pirates. ˙Judging ˙from ˙the comments, we encourage contributions of the following nature: 1. Reasoned and thoughtful debates about economic, ethical, legal, and other issues related to the computer underground. 2. Verbatim printed newspaper or magazine articles containing relevant stories. ˙˙If ˙you ˙send a transcription of an article, ˙˙be ˙sure ˙it contains ˙the ˙source ˙*and* ˙the page numbers so ˙references ˙can ˙be checked. Also be sure that no copyright violations are infringed. 2 3. ˙˙Public ˙domain legal documents (affidavits, ˙indictments, ˙˙court records) ˙that pertain to relevant topics. ˙In the next issue we ˙will present documents from the Alcor (California) E-mail law suit. 4. ˙˙General ˙discussion ˙of news, ˙problems, ˙or ˙other ˙issues ˙that contributors feel should be aired. 5. ˙Unpublished academic papers, ˙"think pieces," ˙or research results are strongly encouraged. ˙These would presumably be long, and we would limit ˙˙the ˙size ˙to ˙about ˙1,500 ˙˙lines. ˙˙Those ˙appropriate ˙for distribution ˙would ˙be ˙sent as a single file and ˙so-marked ˙in ˙the header. Although ˙we ˙encourage debate, ˙we stress that ad hominem attacks ˙or personal ˙vituperations ˙will not be printed. ˙Although ˙we ˙encourage opinion, we suggest that these be well-reasoned and substantiated with facts, citations, or other "evidence" that would bolster claims. CuD ˙*is not* ˙a ˙preak/hacker forum, ˙and it is not a replacement for PHRACK ˙magazine. ˙˙However, ˙our initial model for this forum ˙is ˙a combination of PHRACK WORLD NEWS and CNN's Cross-Fire if moderated ˙by Emo Phillips. The first few issues are exploratory. ˙If there is continued interest, we ˙will ˙continue. ˙If not, ˙so it goes. ˙˙We ˙*strongly* ˙˙encourage suggestions and criticisms. -------------- In this issue: -------------- 1. Moderator's Introduction 2. Background of the LoD debates 3. Use of Aliases in the BBS world 4. LoD Indictment 5. Press Release Accompanying LoD indictment =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + =+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ =================================================== === Computer Underground Digest - File 1 of 5 === =================================================== Welcome to the first "issue" ˙of Computer Underground Digest. Jim and I thought it would appropriate if we both wrote a few words as a ˙sort of "hello" and introduction. I'll keep this brief for now as I believe the "good stuff" will be found in the other inclusions. However since this is the first of what could be several (or perhaps few) ˙issues it is ˙appropriate at this time to offer some thoughts, ˙more or less off the cuff, on the so-called "computer underground" (CU). Over ˙the past few years I've often been asked to justify the ˙use ˙of "computer ˙underground" ˙˙when ˙referring to ˙the ˙realm ˙of ˙hackers, phreakers, ˙˙and pirates. ˙Certainly the "computer" ˙part is ˙easy ˙to justify, ˙or at least accept as valid. No, it's the "underground" that has been criticized. Now I certainly don't claim to have invented the term, ˙˙in ˙fact ˙it is taken from the ˙vocabulary ˙of ˙the ˙p/hackers themselves. ˙˙However "underground" ˙does imply, ˙at least in ˙common 3 usage, ˙some characteristics that are not necessarily accurate. ˙Some of ˙these ˙are ˙organization, ˙criminality (or at ˙lest ˙marginality), unity, and purposiveness. Does the CU display these characteristics? Discussing each would take much more room than I intend to use today. ˙My M.A. ˙thesis of August 1989 ˙˙addressed ˙the ˙issues ˙of ˙organization ˙and ˙unity, ˙˙from ˙a sociological ˙viewpoint. ˙The articles included in this issue of ˙the Digest ˙address ˙all ˙of ˙the a fore ˙mentioned ˙issues ˙from ˙another viewpoint, ˙one formed largely by cultural outsiders. ˙The issue that faces ˙us now is who gets to define what the CU is all about? ˙˙Do ˙we rely ˙on ˙the ˙Federal Justice department to identify ˙and ˙label ˙the intent, ˙organization, ˙and purpose of the CU as conspirical? ˙Do ˙we rely on the media to define the CU as reckless and unlawful? ˙Do ˙we, as citizens, ˙trust those in power to make decisions that will forever impact ˙the ˙way our societal institutions of control ˙approach ˙those whose ˙application ˙of ˙technology has out paced ˙our ˙conceptions ˙of private property and crime? Am I an advocate _for_ the computer underground? No, ˙I'm not "one of them" ˙and I don't speak for "them". ˙However I do think it is in the best interest of all if the "problem" of the CU is approached from the new ˙perspective it deserves. ˙If our society is to ultimately decide that CU activity is every bit as terrible as puppy-whipping then ˙that decision should be made, ˙not forced upon us by lawmakers (and others) who ˙are ˙assuming, ˙˙from the very beginning, ˙that ˙CU ˙activity ˙is threatening and criminal. To ˙this ˙end I hope that the CU Digest can ˙provide ˙information ˙and discussion ˙from ˙a ˙variety of perspectives. ˙˙The ˙assumptions ˙and changes in definitions are subtle but hopefully we can begin to get ˙a handle on many aspects of the CU. Gordon Meyer Internet: 72307.1502@compuserve.com 3/27/90 ===================================================================== Recent media depictions of phreaks, ˙hackers, and pirates have created an image of evil lads (is it *really* ˙a ˙male bastion?) ˙out to wreak havoc ˙on ˙society (the studies of Erdwin Pfuhl and ˙Ray ˙Michalowski, Dick Hollinger and Lonn Lanza-Kaduce, and Meyer and Thomas). Hollinger and ˙Lanza-Kaduce ˙have argued that one reason ˙that ˙Draconian ˙anti- computer ˙abuse ˙laws were passed in the past few years is because ˙of distorted images, ˙lack of understanding of the computer world, ˙and a lack ˙of a strong constituency to point out the potential ˙abuses ˙of restrictive legislation. We see CuD as an antidote to the current--yes, I will call them WITCH- HUNTS--of ˙law enforcement agents and media hysteria. ˙There is also a perceived need of commentators with some sympathy toward the ˙computer underground ˙to preface their comments with "I don't agree with ˙their behaviors, but. . ."! I see no need to adopt a defensive posture. All predatory ˙behavior ˙is wrong, ˙and that type of disclaimer should ˙be sufficient. ˙˙However, ˙it remains to be seen whether *all* ˙˙computer underground ˙activity is as predatory as the media and law enforcement agents ˙would ˙have ˙us ˙believe. ˙ Yes, ˙˙crimes ˙are ˙committed ˙with computers. ˙˙But, ˙crimes are also 4 committed with typewriters, ˙cars, fountain pens and--badges. Computer Underground ˙digest ˙will ˙attempt to provide an antidote ˙to ˙current beliefs ˙by ˙creating an open forum where they can be debated ˙by ˙all sides. Our intent, ˙as Gordon indicates, ˙is not to serve as apologists, ˙but rather ˙as ˙gadflies. ˙˙Technology is ˙changing ˙society ˙faster ˙than existing norms, ˙values, ˙beliefs, or laws, ˙can match, ˙and by airing issues ˙we hope to at least provide insights into the new ˙definitions of control, ˙authority, ˙privacy, and even resistance. ˙Data from our own ˙studies indicate that sysops of some BBSs have ˙been ˙exceedingly cautious ˙in putting up documents that are quite legal. ˙The sysop ˙of one of the world's largest legitimate BBSs has told us of the chilling effect ˙on freedom of speech that even a casual visit from the FBI can produce. ˙˙Our hope is to present facts, ˙stimulate debate, ˙and above all, ˙˙to create an awareness of the relationship between the computer underground, which is currently a stigmatized pastime, and the rest of society. We are not concerned with changing opinions, ˙but we do hope to ˙sharpen and clarify what, ˙to us, ˙are highly complex ˙issues ˙for which there is no simple solution. Jim Thomas Sociology/Criminal Justice Northern Illinois University DeKalb, IL 60115 (TK0JUT1@NIU.bitnet) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest - File 2 of 5 === =================================================== ----------------------------- The ˙following articles are reprinted from an issue of TELECOM ˙DIGEST that ˙appeared a few days ago. ˙Because further responses could not be reprinted, ˙˙we ˙present ˙them again to provide ˙the ˙background ˙that spawned CuD. ˙We have not added Professor Spafford's original ˙comment because Mike Godwin cites the bulk of it. ˙If we err in not doing ˙so, we apologize in advance, ˙but are guided here by space constraints and not malice. ----------------------------- Inside This Issue: Moderator: Patrick A. Townson Preface to Special Issue [TELECOM Moderator] Re: Legion of Doom Rebuttal to Moderator [Mike Godwin] Re: Legion of Doom Rebuttal to Moderator [Douglas Mason] Re: Legion of Doom Rebuttal to Moderator [Scott Edward Conrad] Re: Legion of Doom Rebuttal to Moderator [Gordon Burditt] ---------------------------------------------------------------------- Date: Sun, 25 Mar 90 11:45:32 CST >From: TELECOM Moderator Subject: Preface to Special Issue This issue is devoted to replies to Gene Spafford about the activities 5 of the Legion of Doom. ˙Like many controversial topics (Caller*ID ˙for one), ˙˙the ˙LoD ˙has the potential to use great ˙amounts ˙of ˙network resources ˙as the arguments go on. ˙Because Mr. ˙Spafford is a ˙highly respected member of the net community, the people who responded to his article here certainly deserve the courtesy of being heard, ˙but ˙with this selection of responses, we will discontinue further pros-and-cons messages on LoD, at least until the criminal proceedings are finished. Obviously, ˙˙*new* ˙information about LoD, ˙˙government ˙investigative activities, ˙etc is welcome, ˙but let's not rehash old stuff again and again. Patrick Townson ------------------------------ >From: ˙˙˙Mike ˙˙Godwin ˙˙˙ Subject: ˙˙Re: ˙Legion of Doom Rebuttal to Moderator Date: ˙22 ˙Mar 90 20:16:43 ˙˙˙˙˙˙˙˙˙˙GMT ˙˙˙˙˙˙˙˙Reply-To: ˙˙˙˙˙˙˙˙˙Mike ˙˙˙˙˙˙˙˙˙Godwin ˙˙˙˙Organization: ˙˙˙˙˙The University of Texas at Austin, Austin, Texas In article <5462@accuvax.nwu.edu> ˙Gene Spafford ˙ writes: >The ˙information I have available from various sources indicates that the investigation is continuing, others are likely to be charged, ˙and there ˙˙MAY ˙be ˙some ˙national ˙security ˙aspects ˙to ˙parts ˙of ˙the investigation that have yet to be disclosed. The ˙information that I have is that many innocent third ˙parties ˙are being trampled by the federal agents in their investigatory zeal. ˙The unnecessary ˙seizure ˙of equipment at Steve Jackson Games ˙in ˙Austin, Texas, is a notable example. In that case, ˙the Secret Service assumed that, ˙˙since ˙SJ Games employed a reformed computer hacker, ˙˙it ˙was likely ˙that ˙their company BBS (used for feedback ˙from ˙role-playing game ˙testers nationwide) ˙contained relevant evidence. ˙So, ˙˙the ˙SS seized ˙all ˙the company's computer equipment, ˙˙including ˙its ˙laser printer, all available copies of the company's new Cyberpunk game (set in ˙a ˙William ˙Gibson ˙future ˙involving ˙penetration ˙of ˙repressive corporate ˙computer systems), ˙and copies of Gordon Meyer's ˙dangerous academic ˙thesis, ˙˙in ˙which ˙the author ˙proposed ˙that ˙the ˙hacker underground ˙had been "criminalized" ˙in the public mind due to images created ˙by a few destructive individuals and by the ˙fairly ˙ignorant media. In ˙spite of this, ˙they assured Jackson and his lawyer ˙that ˙neither Jackson nor his company was the target of the investigation. (Jackson, who owes his livelihood to the copyright laws, ˙is an adamant opponent of piracy.) Apparently, ˙˙the federal agents were angered by the Cyberpunk ˙gaming manual, ˙which romanticized 21st-century computer "cowboys" ˙like Case in Gibson's novel NEUROMANCER. ˙They further conjectured that the game is a cookbook for hackers. Jackson's business is losing, ˙at his estimate, thousands of dollars a month ˙thanks ˙to ˙this seizure, ˙which was far ˙more ˙intrusive ˙than necessary ˙(why ˙take ˙the hardware at all?), ˙˙and ˙which ˙seemed ˙to demonstrate the agents' willingness to find evildoings everywhere. The 6 Federal ˙Tort Claims Act bars tort recovery based on ˙law-enforcement- related seizures of property, I note in passing. >Now maybe there are one or two people on the law enforcement side who >are ˙a little over-zealous (but not the few I talk with on ˙a ˙regular >basis). Yeah, maybe one or two. >For ˙someone ˙to ˙be indicted requires that ˙sufficient ˙evidence ˙be >collected to convince a grand jury -- ˙a ˙group of 23 (24? ˙I ˙forget >exactly) ˙average people -- that the evidence shows a high probability >that the crimes were committed. The ˙notion that grand juries are any kind of screening mechanism ˙for prosecutions, ˙while correct in theory, has long been discredited. ˙In general, ˙˙not ˙even prosecutors pretend that the theory ˙is ˙accurate anymore. ˙˙In ˙law school, ˙one of the first things you're taught ˙in criminal-procedure ˙courses ˙is that grand juries ˙are ˙not ˙screening mechanisms at all. (It is so rare for a grand jury to fail to follow a prosecutor's ˙recommendation ˙to indict that when it does ˙happen ˙the grand ˙jury is known as a "rogue grand jury.") ˙The basic function ˙of grand juries at the federal level is INVESTIGATORY -- ˙the ˙grand-jury subpoena power is used to compel suspects' and witnesses' presence and testimony prior to actual prosecution. >Search ˙warrants require probable cause and the action of judges ˙who >will not sign imprecise and poorly targeted warrants. Ha! Dream on. >Material ˙seized under warrant can be forced to be returned by ˙legal >action ˙if the grounds for the warrant are shown to be false, ˙so ˙the >people who lost things have legal remedy if they are innocent. Guess who pays for pursuing the legal remedy in most cases. (Hint: it's not the government.) Now guess how long such proceedings can take. >The ˙system has a lot of checks on it, ˙and it requires convincing ˙a >lot of people along the way that there is significant evidence to take >the next step. The ˙system ˙does ˙have ˙checks ˙in ˙it, ˙˙but ˙they ˙are ˙neither ˙as comprehensive nor as reliable as you seem to think. >If these guys were alleged mafioso instead of electronic ˙terrorists, >would you still be claiming it was a witch hunt? Possibly. ˙There have been periods in this country in which it was not very pleasant to be involved in a criminal investigation if your ˙name ended in a vowel. >Conspiracy, ˙fraud, theft, violations of the computer fraud and abuse >act, maybe the ECPA, possession of unauthorized access codes, et. al. >are not ˙to ˙be ˙taken ˙lightly, ˙and not to ˙be ˙dismissed ˙as ˙some >"vendetta" by law enforcement. I ˙don't think anyone is proposing that the investigation ˙of ˙genuine 7 statutory violations is necessarily a vendetta. In fact, I don't think this ˙is the case even in the Jolnet sting. ˙But lack of understanding on ˙the ˙part ˙of the federal officials involved, ˙˙plus ˙the ˙general expansion ˙of federal law-enforcement officials powers in the '70s and '80s, ˙mean that life can be pretty miserable for you if you even KNOW someone who MIGHT be the target of an investigation. There ˙are civil-rights and civil-liberties issues here that have ˙yet to ˙be addressed. ˙And they probably won't even be raised so ˙long ˙as everyone ˙acts ˙on the assumption that all hackers are ˙criminals ˙and vandals and need to be squashed, at whatever cost. Before ˙you jump to conclusions about my motivations in posting ˙this, let me point out the following: 1) I'm against computer crime and believe it should be prosecuted. 2) ˙˙I'm ˙nor ˙now, ˙nor have I ever been, ˙a ˙˙"hacker." ˙˙(The ˙only substantive programming I've ever done was in dBase II, by the way.) 3) Even though (1) and (2) are true, I am disturbed, on principle, ˙at the ˙conduct of at least some of the federal investigations now ˙going on. ˙˙I ˙know several people who've taken their systems out of ˙public access just because they can't risk the seizure of their equipment (as evidence or for any other reason). ˙If you're a Usenet site, ˙you ˙may receive ˙megabytes ˙of new data every day, ˙but you ˙have ˙no ˙common- carrier ˙protection in the event that someone puts illegal information onto the Net and thence into your system. And ˙(3) ˙˙is only one of the issues that has yet to be ˙addressed ˙by policymakers. >Realize that the Feds involved are prohibited from disclosing elements >of their evidence and investigation precisely to protect the rights of >the defendants. They're also secretive by nature. Much has been withheld that does not implicate ˙defendants' ˙˙rights (e.g., ˙the basis for ˙Secret ˙Service jurisdiction in this case). >If you base your perceptions of this whole mess on just what has been >rumored ˙and ˙reported ˙by ˙those close to ˙the ˙defendants ˙(or ˙from >potential ˙defendants), ˙˙then ˙you are going to get ˙a ˙very ˙biased, >inaccurate picture of the situation. Even ˙if ˙you screen out the self-serving stuff that ˙defendants ˙(and non-defendants) ˙have been saying, ˙you still get a disturbing picture of the unbridled scope of federal law-enforcement power. In ˙addition, ˙˙we ˙can't ˙fall into the ˙still-fashionable ˙Ed ˙Meese mentality: ˙˙"If they're innocent they don't have to worry about being indicted." This is simply not true. >Only after the whole mess comes to trial will we all be able to get a >more ˙complete picture, ˙and then some people may be surprised at ˙the >scope and nature of what is involved. Ah, just the way the Oliver North trial cleared things up? (I ˙know that's a bit unfair, ˙but it expresses my feeling that ˙we're 8 better off relying on the press, flawed as it is, than waiting for the feds ˙to tell us what it's good for us to know at the time they ˙think it's good for us to know it.) In sum, the *complaint* has been this: "Look ˙at ˙the way the feds are losing their cool over this! ˙Lots ˙of folks are being harmed, and lots of rights are being violated!" The *response* of those whose justifiable opposition to computer crime has ˙blinded ˙them ˙to the rights, ˙due-process, ˙and ˙justice ˙issues involved has been something like this: "They're ˙the ˙government. ˙They wouldn't be doing this stuff if ˙they weren't a good reason for it." I have no trouble with Gene Spafford's skepticism about the complaint; please understand, ˙however, why I insist on being skeptical about the response. Mike Godwin, UT Law School mnemonic@ccwf.cc.utexas.edu mnemonic@walt.cc.utexas.edu (512) 346-4190 |"Neither am I anyone; I have dreamt the world as | you dreamt your work, my Shakespeare, and among | the forms in my dream are you, who like myself | are many and no one." --Borges ------------------------------ >From: Douglas Mason Subject: Re: Legion of Doom Rebuttal to Moderator Reply-To: douglas@ddsw1.MCS.COM (Douglas Mason) Organization: ddsw1.MCS.COM Contributor, Mundelein, IL Date: Thu, 22 Mar 90 12:49:29 GMT I ˙don't think that there is anyone out there saying that ˙what ˙those guys ˙did was right in any way, ˙shape or form. ˙Granted, ˙there ˙are people ˙out there that are probably saying to themselves ˙"These ˙guys were ˙just trying to show what capitalistic pigs the government is and now they are being stomped on for exposing ... " You get the idea. I ˙think (from the 60 ˙or so messages that I received in the last ˙few days) ˙that the general opinion seems to be "Yes, ˙these guys are very much in the wrong, BUT did their case deserve as much media hype as it has received?" Just ˙the other day a group of people murdered a tax ˙collector ˙here. The papers made it out to be a joke and a "get back at the government" type of thing. I personally couldn't see the funny side of a 27 ˙year old getting killed. ˙Anyway, ˙the article was towards the back of the paper ˙(ie: ˙˙not ˙page ˙one material) ˙and ˙was ˙gone ˙and ˙forgotten immediately after. The infamous "LOD" ˙busts, on the other hand, ˙seem to be springing up again and again. 9 Something ˙else ˙I noticed about the whole affair and LOD ˙in ˙general (before the big ordeal): A large chunk of the respect and whatnot over the ˙group (in the hacker circles) ˙seemed to be because LOD did ˙very little ˙˙"broadcasting" ˙˙˙of ˙the ˙information ˙they ˙came ˙up ˙˙with collectively. On the other hand, ˙if I had been "wired for sound" ˙by some agency in the past, the LOD affair would have been over with much sooner, as all members seemed to be more than willing to give out information on CBI, Trans Union, SBDN, SCCS, ESACS, LMOS, ˙Cosmos [insert favorite acrynom here] when they were approached individually. Last time I visited one of the infamous LOD people, ˙he showed me ˙how he could monitor phone lines remotely. Sounds like complete BS and it is a worn out subject as to if it can really be done, ˙but he ran some Bell ˙telco ˙software ˙and it allowed him to enter the number ˙of ˙any phone ˙number that was serviced by his local CO (I believe) ˙and ˙then enter a callback number. ˙While I stood there not believing him, ˙the other phone rang, ˙and sure enough, it was "testing for audio quality" on ˙another ˙line. ˙˙He ˙told me the acronym for ˙the ˙name ˙of ˙this software, ˙˙but it slips my mind, ˙as I no longer have any interest in that type of stuff. Point is that these guys were pretty trusting. If the feds wanted to get them, they could have done it long ago. My ˙guess is that by this point they have MORE than enough evidence to prosecute ˙these guys. ˙There is absolutely no doubt in my mind about that. Douglas T. Mason | douglas@ddsw1.UUCP or dtmason@m-net | ------------------------------ Date: Thu, 22 Mar 90 13:20:10 CST >From: Scott Edward Conrad Subject: Re: Legion of Doom Rebuttal to Moderator Because I happened to start researching a paper on law applied to ˙computer hacking, ˙I ˙have been following the LoD bust with ˙great interest. ˙˙Recently, ˙someone mentioned that they didn't think these alleged perpetrators (sp?) ˙deserved 31 ˙years. ˙Where did this number come from? According to the Computer Fraud and Abuse Act of 1984, ˙˙there seem to be 3 areas covered: ˙(see also Computer/Law Journal, ˙Vol. ˙6, 1986) 1) ˙˙It is a felony to access a computer without authorization to ˙obtain ˙classified ˙US military or foreign policy ˙info ˙with ˙the intent or reason to believe that such info will be used to harm the US or to benefit a foreign nation. 2) ˙˙˙It ˙is ˙a ˙misdemeanor ˙to ˙access ˙a ˙computer ˙without authorization to obtain financial or credit info that is protected ˙by federal financial privacy laws. 3) It is a misdemeanor to access a federal government computer without authorization and thereby use, ˙modify, ˙destroy, ˙or disclose any information therein. 10 (3) ˙seems the most applicable. Where I am confused is whether or not the 911 code is considered government property. If it is, ˙does this make Bell South, a federal government computer? What exactly are the LoD being tried for? ˙(or has there ˙been charges filed against them, or is the SS still gathering info?) Please send any thoughts to me. Scott Conrad sec0770@cec2.wustl.edu ------------------------------ >From: Gordon Burditt Subject: Re: Legion of Doom Rebuttal to Moderator Date: 24 Mar 90 10:21:24 GMT In article <5462@accuvax.nwu.edu> ˙Gene Spafford ˙ writes: >that ˙the crimes were committed. ˙Search warrants ˙require ˙probable >cause ˙and the action of judges who will not sign imprecise and poorly >targeted warrants. ˙Material seized under warrant can be forced to be >returned ˙by legal action if the grounds for the warrant are shown ˙to >be false, ˙so the people who lost things have legal remedy if they are >innocent. I ˙don't ˙believe ˙it. ˙It certainly doesn't work that way ˙for ˙non- computer crimes. ˙Let's suppose I am a homeowner, ˙and a burglar rips off ˙my TV set. ˙I ˙surprise him, ˙and he shoots me with my own ˙gun. Later ˙he is caught with the TV and the gun in his apartment. ˙Can ˙I get my TV set back before the trial? No. How about the gun (assuming it's legal for me to have it)? ˙No. ˙Does anyone seriously think I'm guilty of stealing my own TV or shooting myself with my own gun? ˙˙(I got ˙lucky ˙and ˙had a priest, ˙two off-duty cops, ˙and the ˙mayor ˙as witnesses). No. Does anyone think the TV and gun aren't mine? (They have ˙my name engraved, ˙and I have receipts.) ˙No, ˙but ˙it ˙doesn't matter. Do you really think that the operator of any BBS seized because it was used by crooks to exchange long-distance access codes is going to ˙get his system back any time soon, ˙even if the Feds are convinced of ˙his innocence ˙and ˙active cooperation? ˙Even if the ˙active ˙cooperation started ˙before ˙there were any access codes on the system, ˙˙and ˙the crooks ˙were ˙deliberately ˙led ˙to this system as ˙part ˙of ˙a ˙sting operation? ˙No, it's evidence, ˙and it will probably be released long after ˙anyone convicted has served his sentence, ˙and only ˙after ˙the owner ˙has ˙spent more in legal fees than the system is worth ˙at ˙the time of its return. I ˙doubt ˙also that the Feds are going to be helpful to a ˙non-suspect BBS operator, and give him a copy of his own data, ˙(They took all the backups) ˙sanitized to remove anything illegal. Nope, all those disks with ˙his tax records (which had nothing to do with the BBS) ˙on ˙them will have to be manually reconstructed, even if he can borrow a system somewhere. 11 Gordon L. Burditt sneaky.lonestar.org!gordon ------------------------------ End of TELECOM Digest Special: LoD Rebuttals ****************************** =================================================== === Computer Underground Digest - File 3 of 5 === =================================================== There ˙has been some debate about the use of "handles" ˙(or "aliases") in ˙˙the ˙BBS ˙world. ˙˙A ˙˙few ˙commentators ˙have ˙questioned ˙their appropriateness, ˙˙and there seems to be a tendency for government law enforcement ˙agents ˙to ˙interpret the use of handles ˙as ˙a ˙sign ˙of "conspiracy" or "hiding intents." The ˙use ˙of ˙handles to disguise identity has a ˙long ˙and ˙honorable tradition in the U.S. It was Publius, after all (the "handle" of those notorious ˙subversives ˙and ˙18th century deviants ˙John ˙Jay, ˙˙James Madison, ˙and Alexander Hamilton) who wrote THE FEDERALIST PAPERS, the basis of our Constitution. In the BBS world, ˙handles provide not only a sense of anonymity, ˙but serve also as a symbolic identity. ˙In a current research project, ˙we find ˙that ˙for serious BBS hobbyists, ˙handles encapsulate ˙an ˙ethos reflected by a fictional (usually science fiction) ˙hero, ˙a ˙literary genre, music or media characters, or public figures. ˙Handles connote particular cultural meanings, ˙and these meanings can be "read off" as a ˙short ˙hand ˙summary of the character, ˙˙interests, ˙˙or ˙political ideology of the user. The anonymity provided by handles serves several purposes. First, ˙it allows the user, ˙for better or worse, ˙a ˙sense of freedom to express ideas ˙that ˙might ˙otherwise subject him/her ˙to ˙ridicule. ˙˙Second, analysis ˙of BBS message logs suggests that women, ˙especially, ˙˙feel freer ˙to participate in discussions without fear of gender games that might ˙occur ˙in face-to-face interaction. ˙Third, ˙˙concealing ˙one's identity ˙provides limited freedom from kooks, ˙merchandise hucksters, and ˙other snoopers. ˙In a society in which making, ˙maintaining, ˙and disseminating lists is common place, ˙protecting one's identity hardly seems unreasonable. There is a fourth reason why handles are increasingly necessary. ˙˙As Gordon Meyer cogently suggested in his recent comment, prosecutors are not ˙unwilling ˙to ˙confiscate e-mail, ˙BBS message ˙logs, ˙˙or ˙other "evidence" ˙of identity. ˙These, ˙in turn, ˙are easily used to ˙obtain information on innocent parties. To those who have continually argued, or who actually believe, the federal agents "know what they're doing," or are too "professional" ˙to abuse their powers, I ˙remind you of the witch hunts against "subversives" ˙who opposed the Viet Nam ˙war, ˙the FBI's COINTEL-PRO, ˙˙and other gross abuses of power ˙in recent years. Attorney ˙Gerry ˙Spence ˙is currently defending Friends of ˙the ˙Earth against ˙a ˙"set-up" ˙by federal agents that, ˙unfortunately ˙for ˙the agents, was captured on tape. It was, after all, the FBI who attempted to ˙coerce Martin Luther King to commit suicide! ˙There is ˙voluminous literature, ˙including the Church Committee's Report in the 1970s, and other ˙research (including my own) ˙that documents these ˙abuses. ˙˙In 12 short, despite protections, our enforcement agents have a rather sorry record of following the law to enforce the law (see the corpus of Gary Marx's work for further documentation). Especially at a time when laws related to computer technology are vague, inconsistent, occasionally Draconian, and not yet tested in court, and when ˙one's computer system can be confiscated on mere suspicion, ˙and when ˙a ˙BBS can be threatened by the FBI or Secret ˙Service ˙(as ˙the sysop of the world's largest BBS was) merely for posting LICIT hacker- type text files, ˙a ˙chilling affect occurs that stifles not only free speech, ˙˙but ˙free revelation of identity. ˙I ˙used my real name ˙in corresponding with the PHRACK folk at the University of Missouri, ˙and my name, documents, and other information--none illicit--is now in the hands ˙of ˙federal ˙prosecutors. ˙Call it ˙paranoia, ˙˙but ˙from ˙past experiences with federal agents, ˙I ˙have no confidence that they will abide by rules of honor in using this information. There are two ironies associated with the use of handles. First, those who ˙use them are generally sufficiently open to either ˙self-identity when sufficient trust has been built, or to provide enough identifying information ˙that ˙identities can be determined. ˙Second, ˙˙and ˙more important, ˙˙in a "free" ˙society built around open and ˙unconstrained information flow, ˙forces operate to restrict openness. Therefore, ˙to be ˙open ˙requires concealment. ˙Rather than grip about ˙the ˙use ˙of handles, ˙doesn't it make more sense to examine the factors that impel their use? Jim Thomas Sociology/Criminal Justice Northern Illinois University DeKalb, IL (60115) (815) 753-6438 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest / File 4 of 5 === =================================================== ----------------- We obtained the Chicago indictment of two Legion of Doom members ˙from a contributor. ˙It originally was printed in PIRATE magazine. ˙We have checked this transcription against the original for accuracy. ------------------ UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION ) UNITED STATES OF AMERICA ) ) v. ) No. ______________________ ) Violations: Title 18, United ROBERT J. RIGGS, also known ) States Code, Sections as Robert Johnson, also ) 1030(a)(6)(A) and 2314 13 known as Prophet, and ) CRAIG NEIDORF, also known ) as Knight Lightning ) COUNT ONE The SPECIAL APRIL 1987 GRAND JURY charges: PROPERTY INVOLVED 1. ˙At all times relevant herein, ˙enhanced 911 ˙(E911) ˙was ˙the national computerized telephone service program for handling emergency calls to the police, ˙fire, ˙ambulance and emergency services in ˙most municipalities in the United States. ˙Dialing 911 ˙provided the public immediate ˙access ˙to a municipality's Public Safety ˙Answering ˙Point (PSAP) ˙through the use of computerized all routing. ˙The E911 ˙system also ˙automatically provided the recipient of an emergency ˙call ˙with the ˙telephone ˙number ˙and location identification of ˙the ˙emergency caller. 2. At all times relevant herein, the Bell South Telephone Company and its subsidiaries ("Bell South") provided telephone services in the nine state area including Alabama, ˙Mississippi, ˙Georgia, ˙Tennessee, Kentucky, Louisiana %sic%, North Carolina, South Carolina and Florida. 3. ˙At all times relevant herein, ˙the E911 ˙system of Bell South was ˙described in the text of a computerized file program known as the Bell South Standard Practice 660-225-104SV Control Office - 1 - Administration of Enhanced 911 ˙Services for Special and Major Account Centers date March, ˙1988 ˙("E911 Practice"). The E911 ˙Practice was a highly ˙proprietary and closely held computerized text file ˙belonging to the Bell South Telephone Company and stored on the company's ˙AIMSX computer ˙in ˙Atlanta, ˙˙Georgia. ˙The E911 ˙˙Practice ˙described ˙the computerized ˙control and maintainence %sic% ˙of the E911 ˙system ˙and carried ˙warning notices that it was not to be disclosed outside ˙Bell South or any of its subsidiaries except under written agreement. COMPUTER HACKERS 4. ˙˙At ˙all ˙times ˙relevant ˙herein, ˙˙computer ˙hackers ˙˙were individuals ˙involved with the unauthorized access of computer systems by various means. 5. ˙At all times relevant herein, the Legion of Doom (LOD) ˙was a closely knit group of computer hackers involved in: a. Disrupting telecommunications by entering computerized telephone switches and changing the routing on the circuits of the computerized switches. b. Stealing proprietary computer source code and information from companies and individuals that owned the code and information. c. Stealing and modifying credit information on individuals maintained in credit bureau computers. - 2 - 14 d. Fraudulently obtaining money and property from companies by altering the computerized information used by the companies. e. Disseminating information with respect to their methods of attacking computers to other computer hackers in an effort to avoid the focus of law enforcement agencies and telecommunication security experts. 6. ˙˙At ˙all times relevant herein ROBERT J. ˙˙RIGGS, ˙˙defendant herein, was a member of the LOD. 7. ˙At all times relevant herein CRAIG NEIDORF, defendant herein, was a publisher and editor of a computer hacker newsletter %sic% known as "PHRACK." 8. ˙˙At ˙all times relevant herein, ˙a ˙˙public ˙access ˙computer bulletin ˙board system (BBS) ˙was located in Lockport, ˙Illinois which provided ˙computer storage space and electronic mail services ˙to ˙its users. ˙˙The ˙Lockport ˙BBS was also used by ˙computer ˙hackers ˙as ˙a location ˙for ˙exchanging and developing software tools ˙for ˙computer intrusion, ˙˙and for receiving and distributing hacker ˙tutorials ˙and other information. E-MAIL 9. ˙˙At all times relevant herein electronic mail (e-mail) ˙was a computerized ˙method ˙for ˙sending communications ˙and ˙files ˙between individual computers on various computer networks. Persons who sent or received ˙e-mail were identified by an e-mail address, ˙similar ˙to ˙a postal address. Although a person may have more than - 3 - one e-mail address, ˙each e-mail address identified a person uniquely. The message header of an e-mail message identified both the sender and recipient ˙of the e-mail message and the date the was ˙%sic% ˙˙message sent. 10. ˙Beginning in or about September, 1988, ˙the exact date begin unknown ˙to the Grand Jury, ˙and continuing until the return ˙date ˙of this ˙indictment, ˙at Lockport, ˙in the Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants herein, together with others known and unknown to the Grand Jury, ˙devised and intended to devise and participated in a scheme and artifice ˙to defraud and to obtain money and other things of value ˙by means ˙of ˙false and fraudulent pretenses and ˙representations, ˙˙well knowing at the time that such pretenses, ˙representations and promises were false when made. OBJECT OF FRAUD SCHEME 11. The object of the fraud scheme was to steal the E911 Practice 15 text ˙file ˙from the computers of Bell South Telephone Company ˙though %sic% ˙˙the use of false and fraudulent pretenses and ˙representations and to conceal all indications that the text file had been stolen; and to ˙thereafter ˙publish the information about the E911 ˙Practice ˙text file in a hacker publication for dissemination. - 4 - OPERATION OF FRAUD SCHEME 12. ˙˙It was part of the fraud scheme that the defendant ˙NEIDORF would and did advise the defendant RIGGS that he had assembled a group of ˙˙computer ˙hackers ˙for ˙the ˙purpose ˙of ˙distributing ˙˙computer information. 13. ˙˙It was further part of the scheme that the defendant ˙RIGGS would and did steal sensitive proprietary Bell South information files including the E911 ˙Practice text file by gaining remote ˙unauthorized access to computers of the Bell South Telephone Company. 14. ˙˙It was further part of the scheme that the defendant ˙RIGGS would and did disguise and conceal the theft of the E911 Practice text file ˙from Bell South Telephone Company by removing all indications of his unauthorized access into Bell South computers and by using account codes of legitimate Bell South users to disguise his authorized use of the Bell South computer. 15. ˙˙It was further part of the scheme that RIGGS would and ˙did transfer in interstate commerce a stolen E911 ˙Practice text file from Atlanta, ˙˙Georgia ˙to ˙Lockport, ˙˙Illinois through ˙the ˙use ˙of ˙an interstate computer data network. 16. ˙It was further part of the scheme that defendant RIGGS would and ˙did ˙store ˙the stolen E911 ˙Practice text ˙file ˙on ˙a ˙computer bulletin board system in Lockport, Illinois. 17. ˙˙It was further part of the scheme that ˙defendant ˙NEIDORF, utilizing ˙a ˙computer ˙at ˙the University of ˙Missouri ˙in ˙Columbia, Missouri would and did receive a copy of the stolen E911 text file - 5 - from ˙defendant ˙RIGGS through the Lockport ˙computer ˙bulletin ˙board system through the use of an interstate computer data network. 18. ˙˙It ˙was further part of the scheme that ˙defendant ˙NEIDORF would ˙and ˙did ˙edit and retype the E911 ˙Practice text file ˙at ˙the request ˙of the defendant RIGGS in order to conceal the source of ˙the E911 ˙˙Practice ˙text ˙file ˙and to prepare it for ˙publication ˙in ˙a computer hacker newsletter. 19. ˙˙It ˙was further part of the scheme that ˙defendant ˙NEIDORF would and did transfer the stolen E911 ˙Practice text file through the use of an interstate computer bulletin board system used by ˙defendant RIGGS in Lockport, Illinois. 20. ˙It was further part of the scheme that the defendants ˙RIGGS and ˙NEIDORF would publish information to other computer hackers which could ˙be used to gain unauthorized access to emergency 911 ˙˙computer systems in the United States and thereby disrupt or halt 911 ˙˙service 16 in portions of the United States. 22. It was further a part of the scheme that the defendants would and ˙˙did ˙misrepresent, ˙˙conceal, ˙˙and ˙hide, ˙˙and ˙cause ˙to ˙˙be misrepresented, ˙˙concealed and hidden the purposes of ane %sic% ˙˙the acts ˙done in furtherance of the fraud scheme, ˙and would and did ˙use coded language and other means to avoid detection and apprehension - 6 - by ˙law ˙enforcement authorities and to otherwise provide security ˙to the members of the fraud scheme. 23. ˙In or about December, ˙1988, ˙at Lockport, ˙in the ˙Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, defendant herein, ˙for the purpose of executing the aforesaid ˙scheme, did ˙knowingly transmit and cause to be transmitted by means of a wire communication ˙in ˙interstate ˙commerce certain ˙signs, ˙˙signals ˙and sounds, ˙˙namely: ˙a ˙data transfer of a E911 ˙Practice text file from Decatur, Georgia to Lockport, Illinois. In violation of Title 18, United States Code, Section 1343. - 7 - COUNT TWO The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The ˙Grand Jury realleges and incorporates by reference ˙the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. ˙On or about January 23, ˙1989, ˙at Lockport, ˙in the Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the ˙defendants herein, ˙for the purposes of executing ˙the ˙aforesaid scheme ˙did knowingly transmit and cause to be transmitted by means of a wire communication in interstate commerce certain signs, signals and sounds, ˙˙namely: ˙a ˙data transfer of a E911 ˙Practice text file from Decatur, ˙˙Georgia to Lockport, ˙Illinois, ˙an edited and retyped E911 Practice text file from Columbia, Missouri, to Lockport, Illinois. In violation of Title 18, United States Code, Section 1343. - 8 - COUNT THREE 17 The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The ˙Grand Jury realleges and incorporates by reference ˙the allegations of paragraphs 1 through 22 of Count One of this indictment as though fully set forth herein. 2. ˙˙In or about December, ˙1988, ˙at Lockport, ˙in the ˙Northern District of Illinois, Easter Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants ˙herein, ˙˙did ˙transport and cause to ˙be ˙transported ˙in interstate commerce from Decatur, ˙Georgia, to Lockport, ˙Illinois, ˙a computerized text file with a value of $5,000 or more, namely: A Bell South Standard Practice (BSP) 660-225-104SV- Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers dated March, 1988; valued at approximately $79,449.00 the ˙defendants ˙then and there knowing the same to have been ˙stolen, converted, and taken by fraud; In violation of Title 18, United States Code, Section 2314. - 9 - COUNT FOUR The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The ˙Grand Jury realleges and incorporates by reference ˙the allegations of paragraphs 1 through 22 of Count one of this Indictment as though fully set forth herein. 2. ˙On or about January 23, ˙1989, ˙at Lockport, ˙in the Northern District of Illinois, Eastern Division, and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, defendants ˙herein, ˙˙did ˙transport and cause to ˙be ˙transported ˙in interstate commerce from Columbia, Missouri, to Lockport, Illinois, ˙a computerized textfile with a value of $5,000 or more, namely: An edited Bell South Standard Practice (BSP) 660-225- 104SV- Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centers dated March, 1988; valued at approximately $79,449.00. the defendants, ˙then and there knowing the same to have been ˙stolen, converted, and taken by fraud; 18 In violation of Title 18, United States Code, Section 2314. - 10 - COUNT FIVE The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The Grand Jury realleges and incorporates by ˙reference ˙the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. ˙˙On or about December, ˙1988, ˙at Lockport, ˙in the ˙Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the ˙˙defendants ˙herein, ˙˙knowingly ˙and ˙with ˙intent ˙to ˙defraud, trafficked ˙in ˙information through which a computer may ˙be ˙accessed without ˙˙authorization ˙and ˙by ˙such ˙conduct ˙affected ˙˙interstate commerce; In violation of Title 18, United States Code, Section 1030(a)(6)(A). - 11 - COUNT SIX The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The Grand Jury realleges and incorporates by ˙reference ˙the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. ˙˙In or about January, ˙1989, ˙at Lockport, ˙in ˙the ˙Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the ˙defendants ˙herein, ˙˙knowingly ˙and ˙with ˙intend ˙to ˙˙defraud, trafficked ˙in ˙information through which a computer may ˙be ˙accessed without ˙˙authorization ˙and ˙by ˙such ˙conduct ˙affected ˙˙interstate commerce; In ˙˙violation ˙of ˙Title ˙18, ˙˙United ˙States ˙Code, ˙˙˙Section 1030(a)(6)(A). - 12 - COUNT SEVEN 19 The SPECIAL APRIL 1987 GRAND JURY further charges: 1. ˙˙The ˙Grand Jury realleges and incorporates by reference ˙the allegations of paragraphs 1 through 22 of Count One of this Indictment as though fully set forth herein. 2. ˙˙In or about February, ˙1989, ˙at Lockport, ˙in the ˙Northern District of Illinois, Eastern Division and elsewhere, ROBERT J. RIGGS, also known as Robert Johnson, also known as Prophet, and CRAIG NEIDORF, also known as Knight Lightning, the ˙defendants ˙herein, ˙˙knowingly ˙and ˙with ˙intent ˙to ˙˙defraud, trafficked ˙in ˙information through which a computer may ˙be ˙accessed without ˙˙authorization ˙and ˙by ˙such ˙conduct ˙affected ˙˙interstate commerce; In ˙˙violation ˙of ˙Title ˙18, ˙˙United ˙States ˙Code, ˙˙˙Section 1030(a)(6)(A). A TRUE BILL: ________________________________ F O R E P E R S O N ________________________________ UNITED STATES ATTORNEY - 13 - =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= =================================================== === Computer Underground Digest - File 5 of 5 === =================================================== ------------ This press release was attached to the indictment. We reprint it here to ˙present the federal side of the case. ˙It originally appeared ˙in PIRATE ˙Magazine. ˙˙We have checked the text against the original ˙for accuracy. ----------------- INFORMATION RELEASE FROM: U.S. Department of Justice DATE: February 6, 1990 20 IRA H. RAPHAELSON, United States Attorney for the Northern District of Illinois, ˙and PATRICK T. ˙McDONNELL, ˙Special Agent In Charge of ˙the United ˙States ˙Secret ˙Service ˙in ˙Chicago, ˙˙today ˙announced ˙˙the indictment of Robert J. ˙Riggs, 20, of %address deleted%, and Craig M. Neidorf, 19 %address deleted%, on charges that between December, ˙1988 and February, ˙1989 they entered into a scheme to steal and publish to other ˙hackers highly proprietary and sensitive information about ˙the operation of Bell South's Enhanced 911 emergency communication system. The ˙seven count indictment charges Riggs and Neidorf with ˙Interstate Transportation ˙of Stolen Property, ˙Wire Fraud and Violations of ˙the Computer Fraud and Abuse Act of 1986. Specifically, the indictment charges that Riggs, also known as "Robert Johnson" ˙˙and ˙"The ˙Prophet", ˙stole a copy of Bell ˙South's ˙highly proprietary ˙and ˙closely held computer program ˙that ˙controlled ˙and maintained ˙the ˙E911 ˙˙system. ˙Bell South's ˙E911 ˙˙system ˙controls emergency calls to the police, fire, ˙ambulance and emergency services in ˙municipalities ˙of ˙the nine state region served ˙by ˙Bell ˙South; Alabama, ˙Mississippi, Georgia, Tennessee, Kentucky, Louisiana, ˙North Carolina, South Carolina, and Florida. The indictment alleges that in December 1988 Riggs stole the E911 data valued at $79,449.00 ˙by using a ˙computer ˙outside the telephone company to call into the ˙telephone company computer in which the computer file was stored. The indictment charges ˙that ˙Riggs ˙then transferred the E911 ˙data ˙to ˙a ˙computer bulletin board in Lockport, Illinois from which Neidorf, also known as "Knight ˙Lightning", ˙˙down loaded it for publication ˙in ˙a ˙computer hacker ˙publication ˙known as "PHRACK." ˙The indictment ˙charges ˙that Riggs ˙was a member of a closely knit group of computer hackers ˙known as ˙the Legion of Doom whose members are involved in numerous ˙illegal activities including: *Disrupting telephone service by entering the telephone companies switches (which are computers) and changing the routing of telephone calls. *Stealing computer data from individuals and companies. *Stealing and modifying individual credit histories. *Fraudulently obtaining money and property from companies by altering information in their computers. *Disseminating information about attacking computers to other computer hackers in an effort to shift the focus of law enforcement agencies to those other hackers and away from the Legion of Doom. The ˙indictment charges that as part of their fraud scheme ˙Riggs ˙and Neidorf ˙disclosed the stolen information %reportedly PHRACK #24-eds.% about ˙the ˙operation ˙of the enhanced 911 ˙system to ˙other ˙computer hackers ˙so ˙that ˙they could unlawfully access the E911 ˙˙system ˙and potentially disrupt or halt other 911 service in the United States. If ˙convicted ˙on all counts of the indictment Riggs faces ˙a ˙maximum possible ˙prison sentence of 32 ˙years and a maximum possible fine ˙of $222,000.00; ˙and Neidorf faces a maximum possible prison sentence ˙of 31 years and a maximum possible fine $122,000.000. In announcing the return of the indictment, ˙Mr. Raphaelson noted that the ˙allegations of the indictment have far reaching implications ˙for the health and welfare of individuals in the United States who rely on their telephones as a lifeline to the outside world. ˙Mr. ˙Raphaelson stated, "People who invade our telecommunications and related computer systems for profit or personal amusement create immediate and ˙serious 21 consequences for the public at large. ˙No one should be made to suffer loss ˙of ˙life ˙or ˙severe injury as a ˙result ˙of ˙hackers ˙who ˙have compromised ˙emergency networks. ˙The telecommunications industry ˙and law ˙enforcement community have become attentive to these ˙crimes ˙and those who choose to use their intelligence and talent to disrupt these vital networks will find themselves vigorously prosecuted." Raphaelson ˙stated ˙that ˙the indictment in Chicago ˙and ˙a ˙companion indictment ˙in ˙Atlanta ˙are ˙the ˙initial ˙results ˙of ˙a ˙year ˙long investigation ˙by ˙agents ˙of ˙the United ˙States ˙Secret ˙Service ˙in Chicago, ˙Atlanta, Indianapolis, New York, St. ˙Louis and Kansas City. Raphaelson further noted that pursuant to Court Orders, ˙technical and expert ˙assistance was provided to the United States Secret Service by telecommunication companies including Bell South and its subsidiaries, Southwestern ˙Bell, ˙˙NYNEX ˙(New York), ˙˙and ˙Bellcore. ˙˙Raphaelson particularly ˙praised ˙the ˙actions of Bell South ˙for ˙its ˙proactive position in bringing their intrusion problems to the attention of ˙law enforcement officials and for its formation of an Intrusion Task Force to ˙analyze ˙and respond to the intrusions noted in ˙the ˙Chicago ˙and Atlanta indictments. Assistant ˙United ˙States ˙Attorney William J. ˙Cook, ˙who ˙heads ˙the Computer ˙Fraud ˙and ˙Abuse Task Force, ˙and Assistant ˙United ˙States Attorney ˙Colleen D. ˙Coughlin presented the case to the federal grand jury ˙and will be trying the case in the United States District ˙Court in Chicago. Members ˙of ˙the ˙public are reminded that the indictment ˙is ˙only ˙a charge and is not evidence of guilt. ˙The defendants are entitled to a fair ˙trial at which time it will be the government's burden to ˙prove their guilt beyond a reasonable doubt. *** END *** =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+==+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= !