****************************************************************************
>C O M P U T E R U N D E R G R O U N D<
>D I G E S T<
*** Volume 1, Issue #1.09 (May 16, 1990) **
****************************************************************************
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.
--------------------------------------------------------------------
DISCLAIMER: The views represented herein do not necessarily represent the
views of the moderators. Contributors assume all responsibility
for assuring that articles submitted do not violate copyright
protections.
--------------------------------------------------------------------
In This Issue:
File 1: Moderators' Corner (news and notes)
File 2: From the Mail Bag (Richard Duffy)
File 3: Operation Sun Devil: Press Release
File 4: Operation Sun Devil: Secret Service Statement
File 5: News Excerpts about Operation Sun Devil
File 6: Software Publishers Association Update
--------------------------------------------------------------------
In this file:
-- Operation Sun Devil
-- FTP (Clarification)
-- Dr. Ripco's Final Words
---------------------------------------------------------------
----------
Operation Sun Devil
-----------
Operation Sun Devil, another phase in the crackdown against the computer
underground, was begun May 8 (See this issue, Files 3 and 4). At least 28
search warrants were served, and a number of arrests have resulted,
although not all directly related to the May 8 operation. Judging from
comments we have received, people are either quite angry about it or highly
supportive of it. We will give our own views in File #3, but we urge you to
send reasoned opinions on either side.
One of the best commentaries of the entire crackdown can be in Emmanuel
Goldstein's articles in 2600 MAGAZINE (May 15, 1990). People can contact
2600/M at:
[email protected] OR
2600 EDITORIAL DEPARTMENT
P.O. BOX 99,
MIDDLE ISLAND, NY 11953
We will have an expanded article on Sun Devil in CuD #1.10
------------
FTP SITE
------------
DATE: FRI, 11 MAY 90 06:38 EDT
FROM: <KRAUSER@SNYSYRV1>
SUBJECT: FTP SITE (FILE TRANSFER PERSON)
TO: TK0JUT2
OK EVERYONE. THE "FTP" SIGHT IS REALLY REFERRING TO A FILE TRANSFER PERSON
WHICH IS ME. TO REQUEST A FILE SEND MESSAGE CONTAINING THE FOLLOWING
INFORMATION:
1. YOUR NETWORK ADDRESS
2. WHAT FILES YOU WANT (GIVE ME AN EXACT IDEA IE. ISSUES 1-12 OF PHRACK)
AFTER RECEIVING YOUR REQUEST, I WILL SEND YOU A MESSAGE THAT I HAVE
RECEIVED YOUR REQUEST. THIS WILL SERVE TWO PURPOSES, THE FIRST TO LET YOU
KNOW THAT I RECEIVED YOUR REQUEST AND TO LET ME MAKE SURE THAT THE FILES
WILL GET TO YOU.
YOU SHOULD RECEIVE THE FILES WITHIN A 48 HOURS TIME PERIOD AND ALL PAST
REQUESTS WILL BE SENT THIS WEEKEND. AT THIS TIME I HAVE ALL OF PHRACK
(EXCEPT ISSUE 24 AND WE WON'T WANT TO SEND THAT ONE NOW WOUDLD WE), LOD
TECH JOURNALS, AND P/HUN. I WILL BE RECEIVING THE REST OF THE ATI AND
PIRATE ARTICLES SOON. ALSO IF YOU HAVE A LIST OF FILES THAT
YOU WOULD LIKE TO SHARE WITH EVERYONE, INCLUDE THAT LIST WITH YOUR REQUEST.
HOPEFULLY THIS METHOD OF FILE TRANSFER WILL ONLY BE FOR A WHILE SINCE I AM
IN THE MIDST OF HUNTING DOWN A FTP SITE.
Ripco was one of the boards that went down on May 8. It was probably the
longest running decent board in the country. Judging from our knowledge of
the users and the content of the logs, less than 3 percent of the callers
claimed to be identified in illegal activity, and of those, we'd guess that
at least half were faking it. Given the nature of undercover operations,
which include "infiltrating" boards, we also assume some were law
enforcement agents. Ripco had a number of message sections, all of which
were lively, generally intelligent, and invariably interesting. Raiding
Ripco seems to be throwing the baby out with the bath water by intimidating
sysops willing to allow provocative discussions. We repeat: THE BULK OF
RIPCO'S USERS WERE NOT IN ANY WAY INVOLVED IN *ANY* ILLEGAL ACTIVITY, but
now names are in the hands of agents. We have seen from past experience
what can happen when they start generating "lists." We can see some
aggressive hot-shot prosecutor now, about to seek political office: "I HAVE
IN MY HAND A LIST OF 200 SUBVERSIVE HACKER SCUM....!" In our view, this is
no long a computer underground issue, but one of First Amendment
protections.
We reprint Dr. Ripco's final message left to his users:
******************************************************************
This is 528-5020.
As you are probably aware, on May 8, the Secret Service conducted a series
of raids across the country. Early news reports indicate these raids
involved people and computers that could be connected with credit card and
long distance toll fraud. Although no arrests or charges were made, Ripco
BBS was confiscated on that morning. It's involvement at this time is
unknown. Since it is unlikely that the system will ever return, I'd just l
say goodbye, and thanks for your support for the last six and a half years.
It's been interesting, to say the least.
Talk to ya later.
%Dr. Ricpo%
*** END OF VOICE MESSAGE ***
--------------------------------------------------------------------
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
To: tk0jut2
Subject: passwordless account argument in alt.security
Date: Sun, 13 May 90 02:54:18 -0500
From: Richard Duffy <[email protected]>
There is currently a thought-provoking, ongoing argument raging in the
Usenet group alt.security, concerning a user at St. Olaf College who
deliberately maintains a null password on one of his accounts there. That
newsgroup has been engaged in a detailed, continuing discussion of Unix
security issues, especially concerning policies about user passwords
(forcing users to change them regularly, forcing them to choose from a
software-generated list of choices, etc. etc.) and the associated ideas
about the general need for security measures. The user in question, Peter
Seebach, takes the provocative but firmly held position that Unix is so
insecure anyway that there's not even a point in having passwords for user
accounts. He advertised in this highly public forum (Usenet) the fact that
his own account lacks one, and a major flame-war has ensued, partly
precipitated by the fact that someone, possibly a reader of his public
admission, promptly logged in to Peter's account and gave it a password,
thus temporarily locking him out of his own account.
The resulting verbiage has a lot of the usual puerile, vindictive,
posturing qualities associated with Usenet flame-wars, but in spite of all
that, some interesting points about "hackers," privacy, ethics and trust
are beginning to make themselves discernible through all the noise. I
highly recommend it to those of you with Usenet access, for a little
mind-bending on some issues you might have thought you were already
completely decided on. It's also rather entertaining!
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
U.S. Department of Justice
United States Attorney
District of Arizona
--------------------------------------------------------------------
4000 United States Courthouse
Phoenix, Arizona 82505
602-379-3011 /FTS/261-3011
PRESS RELEASE
FOR IMMEDIATE RELEASE: CONTACT: Wendy Harnagel
Wednesday, May 9, 1990 United States Attorney's Office
(602) 379-3011
PHOENIX--Stephen M. McNamee, United States Attorney for the District of
Arizona, Robert K. Corbin, Attorney General for the state of Arizona, and
Henry R. Potosky, Acting Special Agent in Charge of the United States
Secret Service Office in Phoenix, today announced that approximately
twenty-seven search warrants were executed on Monday and Tuesday, May 7 and
8, 1990, in various cities across the nation by 150 Secret Service agents
along with state and local law enforcement officials. The warrants were
issued as a part of Operation Sundevil, which was a two year investigation
into alleged illegal computer hacking activities.
The United States Secret Service, in cooperation with the United States
Attorney's Office, and the Attorney General for the State of Arizona,
established an operation utilizing sophisticated investigative techniques,
targeting computer hackers who were alleged to have trafficked in and abuse
stolen credit card numbers, unauthorized long distance dialing codes, and
who conduct unauthorized access and damage to computers. While the total
amount of losses cannot be calculated at this time, it is
(MORE)
estimated that the losses may run into the millions of dollars. For
example, the unauthorized accessing of long distance telephone cards have
resulted in uncollectible charges. The same is true of the use of stolen
credit card numbers. Individuals are able to utilize the charge accounts to
purchase items for which no payment is made.
Federal search warrants were executed in the following cities:
Chicago, IL
Cincinnati, OH
Detroit, MI
Los Angeles, CA
Miami, FL
Newark, NJ
New York, NY
Phoenix, AZ
Pittsburgh, PA
Plano, TX
Richmond, VA
San Diego, CA
San Jose, CA
Unlawful computer hacking imperils the health and welfare of individuals,
corporations and government agencies in the United States who rely on
computers and telephones to communicate.
Technical and expert assistance was provided to the United States Secret
Service by telecommunication companies including Pac Bel, AT&T, Bellcore,
Bell South, MCI, U.S. Sprint, Mid-American, Southwestern Bell, NYNEX, U.S.
West, and by the many corporate victims. All are to be commended for their
efforts in researching intrusions and documenting losses.
McNamee and Corbin expressed concern that the improper and alleged illegal
use of computers may become the White Collar crime of the
(MORE)
1990's. McNamee and Corbin reiterated that the state and federal government
will vigorously pursue criminal violations of statutes under their
jurisdiction. Three individuals were arrested yesterday in other
jurisdictions on collateral or independent state charges. The
investigations surrounding the activities of Operation Sundevil are
continuing.
The investigations are being conducted by agents of the United States
Secret Service and Assistant United States Attorney Tim Holtzen, District
of Arizona, and Assistant Arizona Attorney General Gail Thackery.
END STORY
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Assistant Director Garry M. Jenkins' Prepared Remarks
Operation Sun Devil
Today, the Secret Service is sending a clear message to those computer
hackers who have decided to violate the laws of this nation in the mistaken
belief that they can successfully avoid detection by hiding behind the
relative anonymity of their computer terminals.
In 1984, Congress enacted the Comprehensive Crime Control Act which
prohibits, among other things, credit card fraud and computer fraud. Since
1984, the Secret Service has been aggressively enforcing these laws and has
made over 9,000 arrests nationwide.
Recently we have witnessed an alarming number of young people who, for a
variety of sociological and psychological reasons, have become attached to
their computers and are exploiting thier potential in a criminal manner.
Often, a progression of criminal activity occurs which involves
telecommunications fraud (free long distance phone calls), unauthorized
access to other computers (whether for profit, fascination, ego, or the
intellectual challenge), credit card fraud (cash advances and unauthorized
purchases of goods), and then move on to other destructive activities like
computer viruses.
Some computer abusers form close associations with other people having
similar interests. Underground groups have been formed for the purpose of
exchanging information relevant to their criminal activities. These groups
often communicate with each other through message systems between computers
called "bulletin boards."
Operation Sun Devil was an investigation of potential computer fraud
conducted over a two-year period with the use of sophisticated
investigative techniques.
This investigation exemplifies the commitment and extensive cooperation
between federal, state and local law enforcement agencies and private
governmental industries which have been targeted by computer criminals.
While state and local law enforcement agencies successfully investigate and
prosecute technological crimes in specific geographical locations, federal
intervention is clearly called for when the nature of these crimes becomes
interstate and international.
(PAGE 1)
On May 8, 1990, over 150 Special Agents of the United States Secret
Service, teamed with numerous local and state law enforcement agencies,
served over two dozen search warrants in approximately fifteen (15) cities
across this nation.
Several arrests and searches were made during the investigation to protect
the public from impending dangers. In one situation, computer equipment
was seized after unauthorized invasion into a hospital computer.
Our experience shows that many computer hacker suspects are no longer
misguide teenagers mischievously playing games with their computers in
their bedrooms. Some are now high tech computer operators using computers
to engage in unlawful conduct.
The losses to the american public in this case are expected to be
significant. The Secret Service takes computer crime very seriously, and
we will continue to investigate aggressively those crimes which threaten
our nation's businesses and government services.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
These excerpts from media sources on operation Sun Devil were
sent by various contributors.
*************************************************************************
Probe Focuses on Entry, Theft by Computers
(From: CHICAGO TRIBUNE, May 10, 1990: p. I-6)
PHOENIX--An interstate probe of computer invasions has uncovered losses
that may reach millions of dollars and could be "just the tip of the
iceberg," federal law enforcement officials said Wednesday.
The investigation is focused on illegal entry into computer systems and
unauthorized use of credit-card numbers and long-distance codes, said Garry
Jenkins, assistant Secret Service director for investigations.
No arrests for computer crime resulted, however, when 27 search warrants
were served in 12 cities, including Chicago, by 150 Secret Service agents
and police on Tuesday, officials said.
In Chicago, federal agents seized computers and information disks at a
business and a private home, said Tim McCarthey, chief of the Secret
Service's criminal enforcement division in Chicago. Nationwide, some 40
computers and 23,000 disks of computer information were seized.
Secret Service officials declined to release an specifics, including the
number of people targeted, saying the two-year investigation, code-named
"Operation Sun Devil," is continuing.
"The losses that we estimate on this may run to the millions of dollars,"
said Stephen McNamee, U.S. Atty. for Arizona.
Much of the alleged loss stems from unpaid telephone and computer access
charges, officials said.
They said it was possible that computer hackers had obtained goods or cash
through use of unauthorized credit cards, but could not cite any instance
of it.
In addition to misuse of credit cards and phone lines the hackers are
believed to have gained access to computers that store medical and
financial histories, officials said.
Under new computer crime laws, the Secret Service has jurisdiction to
investigate allegations of electronic fraud through the use of access
devices such as credit-card numbers and long-distance codes.
Defendants convicted of unauthorized use of such devices can be sentenced
up to 10 years in prison if they commit fraud of more than $,100.
A similar investigation supervised by federal prosecutors in Chicago has
resulted in several indictments.
********************************************************************
AT&T NEWS BRIEFS via Consultant's Liason Program
Wednesday, May 9, 1990
HACKER WHACKER -- The Secret Service is conducting a coast-to-coast
investigation into the unauthorized use of credit-card numbers and
long-distance dialing as well as illegal entry into computer systems
by hackers, according to sources. ... AP ... Authorities fanned out
with search warrants in fourteen cities Tuesday in an investigation of
a large nationwide computer hacker operation. Officials of the Secret
Service, U.S. Attorney's Office and Arizona Attorney General's office
scheduled a news conference Wednesday to release details of the
operation.
UPI, 5/8 ... A Long Island [NY] teen, caught up in [the investigation],
dubbed Operation Sun Devil, has been charged ... with computer
tampering and computer trespass. State Police, who said [Daniel
Brennan, 17], was apparently trying to set up a surreptitious
messaging system using the [computer system of a Massachusetts firm]
and 800 numbers, raided his home Monday along with security officials
of AT&T. ... [A State Police official] said that in tracing phone
calls made by Brennan ... AT&T security people found that he was
regularly calling one of the prime targets of the Sun Devil probe, a
.. hacker who goes by the handle "Acid Phreak." ... New York
Newsday, p. 31.
****************************************************************************
[from risks 9.90]
------------------------------
Date: Tue, 8 May 90 09:46:06 -0700
From: "David G. Novick" <[email protected]>
Subject: %Hacker' alters phone services
The Spring, 1990, issue of Visions, the Oregon Graduate Institute's
quarterly magazine, has an interesting article on a man who broke into
telephone computers, creating the kinds of disruptions that have been
discussed lately on RISKS. The programmer, named Corey Lindsly, lives
in Portland, OR. He was eventually arrested and pled guilty to a
felony count of stealing long-distance phone service.
Here is an excerpt.
Confessions of a Computer Hacker
by Michael Rose
Visions (Oregon Graduate Institute quarterly magazine)
Spring, 1990
..
Perhaps the most disturbing part of Lindsly's adventures was his
penetration of AT&T Switching Control Center Systems. These sensitive
computers support long distance telephone service. System
administrators for 17 of these computers spent over 520 hours mopping
up Lindsly's damages.
According to [AT&T New Jersey manager of corporate security Allen]
Thompson, Lindsly could have "severely disrupted" the nations's
telephone service.
Lindsly, however, bristles at the suggestion of his doing potentially
dangerous stunts. Anything beyond harmless pranks is "beneath the
hacker ethic and uncouth," he says.
He does admit to disconnecting phones, changing billing status, and
adding custom calling features. He also likes to convert residential
lines to coin class service, so when the unwitting homeowner picked up
his phone, a recorded voice would tell him to deposit 25 cents.
"Swapping people's phone numbers ... now that was great trick," he
recalls, with obvious amusement. "You would have your next door
neighbor's number and he would have yours, and people would call you
and and ask for your neighbor, and vice versa, and everyone's getting
totally confused."
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
"Feds Pull Plug On Hackers" (James K. Huggins)
<...other articles removed...>
--rjc
------------------------------
Date: Fri, 11 May 90 12:26:08 -0400
From: James K. Huggins <[email protected]>
Subject: "Feds Pull Plug On Hackers": Newspaper Article
>EXCERPTED From The Detroit News, Thursday, May 10, 1990, Section B, p.1:
FEDS PULL PLUG ON HACKERS
Computer-fraud raid hits two homes in Michigan
By Joel J. Smith, Detroit News Staff Writer
Secret Service agents got a big surprise when they raided a Jackson-area
home as part of an investigation of a nationwide computer credit card and
telephone fraud scheme. They found a manual that details how almost
anybody can use a computer to steal. It also describes how to avoid
detection by federal agents. On Wednesday, James G. Huse, Jr., special
agent in charge of the Secret Service office in Detroit, said the manual
was discovered when his agents and Michigan State Police detectives broke
into a home in Clark Lake, near Jackson, on Tuesday. Agents, who also
raided a home in Temperance, Mich., near the Ohio border, confiscated
thousands of dollars in computer equipment suspected of being used by
computer buffs -- known as hackers -- in the scheme.
The raids were part of a national computer fraud investigation called
Operation Sundevil in which 150 agents simultaneously executed 28 search
warrants in 16 U.S. cities. Forty-two computer systems and 23,000 computer
disks were seized across the country. The nationwide network reportedly
has bilked phone companies of $50 million. Huse said the Secret Service
has evidence that computers in both of the Michigan homes were used to
obtain merchandise with illegally obtained credit card numbers. He said
long-distance telephone calls from the homes also were billed to
unsuspecting third parties.
There were no arrests, because it was not known exactly who was using the
computers at the homes. Huse also said there was no evidence that the
suspects were working together. Rather, they probably were sharing
information someone had put into a national computer "bulletin board".
*****************************************************************************
"Computer Hacker Ring with a Bay Area Link"
(From: San Francisco Chronical, May 9, 1990: A-30)
The Secret Service yesterday searched as many as 29 locations in 13 cities,
including the family home of an 18-year-old San Jose State University
student, in an investigation of alleged fraud by computer hackers, law
enforcement sources said.
The 6 a.m. search on Balderstone Drive in San Jose sought computer
equipment allegedly used to "deal in pirate software and electronic fraud,"
San Jose police Seargeant Richard Saito said in a prepared statement.
The nationwide investigation, code-named "Operation Sun Devil," concerns
the unauthorized use of credit card numbers and long-distance dialing codes
as well as illegal entry into computer systems by hackers, said sources.
Saito said the probe centered on the "Billionaire Boys Cub computer
bulletin board" based in Phoenix. A press conference on the probe is
scheduled today in Phoenix.
The investigation in Phoenix is also focusing on incidents in which
copmputer hackers allegedly changed computerized records at hospitals and
police 911-emergency lines, according to one source.
The San Jose suspect was identified as Frank Fazzio Jr., whom neighors said
was a graduate of Pioneer High School and lives at home with his younger
sister and parents. Neither he nor his family could be reached for comment.
"I've never thought him capable of that sort of thing," said one neighbor
in the block-long stret located in the Almaden Valley section of south San
Jose.
Warrants were obtained by the Secret Service to conduct the search in San
Jose, as well as in Chicago; Cincinnati; Detroit; Los Angeles; Miami;
Newark, N.J.; New York City; Pittsburgh; Richmond, Va.; Plano Texas; and
San Diego.
Under new computer crime laws, the Secret Service has jurisdiction to
investigate allegations of electronic fraud through the use of access
devices such as credit card numbers and codes that long-distance companies
issue to indivdual callers. Defendants convicted of unauthorized use of
such "access devaices" can be sentenced to 10 years in prison if they
commit fraud of more than $1,000.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
In CuD 1.05 I discussed the Software Publisher's Association (SPA)
toll-free piracy hot line and the less than informative response my call
recieved. As an addendum here is some information culled from "PC
Computing" March 1990, Page 80.
Software Manufacturers Tempt Illegal Users to Change Their Evil Ways
This brief article, written by Christine Triano, discusses "amnesty"
programs offered by XTree, XyQuest, and Unison World where users could
"register" pirated copies of XTree Pro, Xywrite, and Printmaster Plus
(respectively) and recieve legitimate versions at a reduced cost. XTree
reports that 5000 people took them up on their SAFE (Software Amnesty Fore
Everyone) offer, but the other companies have so far declined to comment on
the success of thier programs.
Also discussed is the SPA's auditing process where the SPA asks companies
that are suspected of being users of pirated warez to let the Association
examine hard drives and software purchase records, in return for strict
confidentiality of the outcome. The corporation then purchases legitimate
copies of all the pirated programs found, and "contributes" an equal amount
to the SPA's Copyright Protection Fund. Thus the software gets purchased,
the SPA's coffers are lined, and the corporation stays out of court. To
date "more than half a dozen" audits have been conducted.
The article concludes with a short paragraph concerning the toll-free
piracy hotline:
"The SPA has also set up a toll-free piracy hot line (800-388-PIR8).
According to SPA director Ken Wasch, the hot line receives 15 serious calls
a week. Who finks? The majority of callers are unhappy or former employees
serving up their own version of just desserts."
Final Note: Perhaps the "Ken" I spoke to at the SPA is Ken Wasch, the
director of the organization. If so, I wonder if he considered my call
about a pirate BBS to be "serious"?
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
