Computer underground Digest Wed Mar 1, 1995 Volume 7 : Issue 17

Computer underground Digest Wed Mar 1, 1995 Volume 7 : Issue 17
ISSN 1004-042X

Editors: Jim Thomas and Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Semi-retiring Shadow Archivist: Stanton McCandlish
Correspondent Extra-ordinaire: David Smith
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Monster Editor: Loch Nesshrdlu

CONTENTS, #7.16 (Wed, Mar 1, 1995)

File 1--TWO-BBSCON Duesseldorf , Germany 8-11 February 1995
File 2--EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
File 3--ACLU cyber-liberties alert: Axe the Exon Bill!
File 4--Tired of S.314 Hysteria
File 5--Cu Digest Header Info (unchanged since 26 Feb, 1995)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

----------------------------------------------------------------------

Date: Sun, 19 Feb 1995 02:50:57 GMT
From: John Malathronas <[email protected]>
Subject: File 1--TWO-BBSCON Duesseldorf , Germany 8-11 February 1995

Copyright John Malathronas, sysop of SCROLL BBS - The London Community Board.

The first BBS conference in Europe, TWO BBSCON (TWO standing for Trans
World On-line) was the brainchild of Gerald Maier and Joerg
Steinhaeuser who came upon the idea 15 months ago in ONE BBSCON, a
regular feature in the US attracting delegates of the region of 4000
per year. Along with help and sponsorship by Galacticomm Inc, whose
product, the Major BBS is one of the big three BBS programs (along
with TBBS and Wildcat), the event finally took off in a rainy
Duesseldorf on 8-11 February 1995.

Although the event was publicised mainly on Boardwatch, a magazine
with very limited subscription-only circulation in Europe and on
Internet Usegroups, around 400 people attended the conference with
about 300 attending the last night gala dinner. In Germany, the event
was publicised in PC-Online - this and the fact that it was organised
in Germany, accounted for the fact that about 60% of the attendees was
German with another 20% American.. The exhibitors were also purely US
and Germany-based. However, delegates came from Eastern Europe
(Czechoslovakia, Hungary, Poland, Russia),Spain and Portugal, France,
the UK, Italy, Greece, Switzerland, Finland, Norway, Holland, Ireland,
Austria, Germany and the US. It was easy to distinguish the Europeans
from the Americans: the Americans wore suits and ties during the day
because they were either the speakers or were giving business
presentations; the Europeans were the ones who wore suits and ties in
the gala dinner, where the Americans came with open shirts or even
jeans. Let's hear it for the cultural differences.

So what of the conference itself : John Dvorak, contributor to PC
Magazine , Boardwatch , San Francisco Chronicle and author of 18
computer books was the conference keynote speaker. His theme was the
apparent paradox of fragmentation versus consolidation that he sees
prevalent in our society. On one hand, the Soviet Union disintegrates
down to the insurrection of Chechenya within Russia itself and on the
other the EU expands in what appears to the US increasingly as a
single market unit. In the Americas, Quebec and Mexican separatists
coexist with the new North American single market of Canada, Mexico
and the US. Drawing a parallel, he said that the giant on-line service
providers (Compuserve, America On-line, Delphi and Prodigy) coexist
simultaneously with 60000 *known* bulletin boards in the US. With
Microsoft and IBM entering the market now, there is likely to be a
huge shake-up at the top - and who's to say what happens at the bottom
? The issue, he said for the apparent paradox of trends is loss of
information control by government. Information is now free: even the
Chinese can not control the faxes into China or the mullahs of Iran
the images beamed on their rooftops by satellites. Information is also
unaffected by natural disasters as the LA and Kobe earthquakes showed
or by uprisings as the Russian 1991 coup also showed. His thesis is
that this freedom is a very dangerous development and that governments
will
try to regulate it.

The governments will try to regulate such flow by highlighting the
negative aspects , namely the free flow of lies and dis-information.
This is why we must also accept such negative aspects to keep
regulatory bodies out.We must also accept porno BBSs, Hacker BBSs,
Terrorist BBSs etc. - in the same way that other technological
inventions such as typography, telephony and TV having entered the
mainstream, were used reflecting the society they were in.

In short, the Dvorak thesis explains the fragmentation aspect of
society as the pressure exerted by the individual to escape big
government, and the trend in consolidation as the governmental
response to this.

The second keynote speaker was Ms Josee van den Berg from the IDC
Network Expertise Centre Europe in Amsterdam who put the European
market in perspective. The TELECOM business in Europe is worth 160bn
US$, the Computer Business 140bn US$ , the Publishing 100bn US$ and
Catalogue Shopping 50bn US$. All these industries are going to be
affected by Online Services. (I personally noticed catalogue shopping
by CD-ROM available through Dusseldorf newsagents. The cost of the
CD-ROM: 5DM same as a catalogue book.) In 1993 there were 12 million
PCs (estimated) in the 17 EU and EFTA countries , This should double
by 1998 to 25 million. The vast majority of those are Intel based 286s
running DOS. It is likely that the 386 will be bypassed altogether in
favour of 486s or Pentium PCs as the prices come down.

In terms of availability of ISDN lines, France leads Europe with 100%
of its area available for ISDN. The UK has 95% availability (100% end
of 1995) and Germany 70% (because of the former East Germany) hoping
to reach 100% end of 1995. Italy and Spain aim for 70% coverage by
end of 1995. Note that 100% availability does not mean that everyone
has ISDN - only that everyone CAN have should they decide to have it
installed.

The percentage of home computers in households is estimated as France
21% (mainly because of Minitel installations), Germany 14%, Sweden
12%, Denmark 10% and UK 9%. This was an eye opener for the UK-based
delegates who thought that the UK is a European leader in home
computing. The average across the EU is 10% so the UK is about average
in percentage of home computers. In the US, the figure is 34%. If we
accept that the US shows the way we are looking for a tripling of the
home computer and online market in the next 3-4 years.

The third keynote speaker on Thursday was Esther Dyson, president of
EDventure Holdings, publisher of Release 1.0 and founder of the
Electronic Frontier Foundation, a sort of Civil Liberties Society for
the net. She shocked and stunned the audience with predictions that
soon all software would be free, and intellectual copyright will be
abolished because shareware does not pay and the way to make money is
via support, training and consultancy. Since, a lot of people in the
audience were programmers waiting to receive the Ziff-Davis European
shareware awards (awarded by PC Magazine on the gala night), there was
some heated discussions afterwards. Should then programmers provide
even more incomprehensible documentation ? Should they design-in bugs
? Esther Dyson gave away copies of her copyrighted newsletter in the
end.

The first day's afternoon was spent in Workshops. I went Nick Anis's
discussion on the Convergence of the BBS, Internet and Online
Information services, because Nick Anis is a wonderfully funny
speaker. He spoke about Phase II of the BBS market in the US when all
is connected to the Internet. He gave first a BBS history : from the
first Ward Christiansen BBS in Chicago in 1978 who produced a solenoid
specially to turn his floppy drive on when the phone rang to answer
his BBS, to 1985 when there were hundreds of BBSs in the US with only
2% used for profit, to 1992 when there were thousands, 85% with more
than one line and 10% offering Internet access. It is also estimated
that this increase in activity is taking place when only about 5% of
the PCs in the US have a modem .

Next I saw a demo of Microsoft Network (MSN), which comes integrated
with Windows 95 (in full demo throughout the conference) by Robert
Mitchnik, a former sysop, now working for Microsoft. Microsoft Network
will be a kind of McDonalds of the airwaves. It will be franchised
locally to sysops who will be able to run their forums under the
Microsoft umbrella. If someone wants to run a BBS for Belgian rock
fans - they can apply to Microsoft who was recruiting sysops (400 have
already been recruited) in the conference. Microsoft were in pains to
deny that they were competing with Internet providers or online
megaboards such as Compuserve - they were there to 'expand the market'
and to 'provide opportunities for sysops'. Their business model of
franchising the network along with their technical solution : click
from within Windows seamlessly dialling local Microsoft numbers may
actually work given the installed base of Windows 3.1. UUNet is
providing full Internet Access to MSN and Microsoft have taken a
minority equity position in the company. It will run in 23 languages
in 20 countries and by March 500 Forum sysops will have been trained
in Microsoft's HQ in Redmond, USA.

After Microsoft came IBM who pushed O/S Warp. The presentation was
made by Jonathan Fleet from IBM UK whose presentation was slick : he
started with a list of problems and then presented the solution to all
these problems which is Warp OS/2. He hit Microsoft where it hurts by
casually observing that such a system is available NOW, with 175
points-of presence for IBM already there and working, to be increased
to 400 by the end of 95. Warp is an impressive system for those who
have seen it and the pricing of IBM is very competitive. One does not
even have to run OS/2 to be on IBM's network - one must first buy the
product to register and then switch to Windows, say. All this and for
the company who, err. BUILT the Internet in the 60's and 70's for the
US Department of Defense as Jonathan reminded us. Certainly his talk
was better received than Microsoft's whose sheer size and monopoly
power seems to generate hostility - like it once did for IBM.

On for the second day which produced the best session with three
excellent speakers one after the other.

First came Dr. Paul Weissenberg European Commissioner with a brief for
IT, certainly the first time BBSs and sysops came into contact with
someone from the European Commission. He explained that the
Commissioners try now to bring the Commission to the people and make
them understand how they work and are helping Europe. As an example he
cited the Pan European TGV project. There are designs on the table for
a fast train from Lisbon to Warsaw - beyond the EU. There are
proposals on teleworking and on a scheme to allow medical online
services to isolated areas of the EU, Scotland for instance, where the
first consultation with the doctor will be via videoconferencing
technology. He also appeared to agree with members of the audience who
wanted to take state telecomms to task; it was very difficult to allow
'liberalisation' or 'privatisation' of key state industries in some
countries because they were part of a national identity. Airlines (Air
France, Lufthansa) and state telecom companies fell under this
category. What the Commission was striving towards was removal of
state subsidies - something which national governments were better at
concealing in their budgets year-by-year. During question time the
animosity of the delegates against state telecom companies was much in
evidence. Ten years of a private BT has made UK residents forget what
it was like in the late seventies; it seems that the UK fares better
in the big telecomms industry's attitude towards the people it serves
than in other countries. The Portuguese Telecom was singled out for
criticism for abusing its monopoly and allegedly supplying free
modems for computer users to join its own online service with money
obtained from the EU.

The questions were so many, Dr Weissenberg had to move to another room
to continue answering them; still, delegates were commenting on the
fact that the Commission seems to be building a train TGV network
while the US were creating an information superhighway: one project
looks back to the 19th century while the other looks to the 21st. I
must say, if I wanted to travel from Lisbon to Warsaw, I would take
the plane.

Jack Rickard, editor of Boardwatch magazine, picked up the theme of
BBSs vs. the world with an upbeat message. A BBS is not technology,
not a phone line, but a place, he postulated. It's like a restaurant -
there are inherent problems in scaleability. Firstly - how many of us
will want to eat in a 20,000 seater ? Secondly, how will the owners be
able to find so many trained chefs *at once* ? MSN, IBM, Compuserve -
all can coexist alongside a local BBS. A local specialised BBS will
serve as an editor filtering out the noise from the information
overload and providing a place for a user to relax, chat and meet
like-minded people, a sense of 'belonging'. This is why Compuserve is
successful: it is like a common interface to many small villages ,
its forums. This is also why MSN may be successful - it is using the
franchise business model. None of these larger services, however, will
spell the deatch of the local specialised BBS.

Finally Dennis Hayes, the president of the modem manufacturers who
provided us with the de facto standard modem commands, gave an insight
into the future in probably the best speech of the conference. Firstly
he polled the audience. How many were using or supporting 2400 baud ?
Very few did. Most were working on 9600+ with a high number of ISDN
connections. The number of hands up on the ISDN front was 5 times as
high as in the US - this is because AT&T was broken up before a
standard and a cabling provision was set. ISDN line laying is
something that state telecom companies *do* do well. In the US states
such as Tennessee forced the telephone company by legislation to lay
cables. Others such as high tech California have some parts of even
San Francisco uncovered - and there are no plans for when ISDN will be
offered if at all. It seems ISDN availability is one area where Europe
is doing better than the US.

Dennis Hayes also spoke of the limitations inherent in modem speeds
via telephone lines. 28.8KB/s will probably be the practical limit.
The new standard being worked on, V34bis, will not go further than
34KB/s - compare that with a virtual doubling of the comms speed every
18 months since 1981 when the Hayes AT command set was published.

Voice and data simultaneous transmission in also something to hit our
desktops, although this again is an answer to some unasked question,
like multimedia. There are now two standards for 28.8K modems. The
DSBS standard (to which Hayes belongs) allows 8.8K for voice and 20K
for data; the AT&T standard splits 28.8K in two allowing bandwidth of
14.4 each for voice and 14.4 for data. The only application thought
about for this is telecommuting applications when the employee can
talk on the phone while simultaneously sending data. BBSs can also
benefit - one line can always be used as a personal phone, even though
it is connected to the BBS.

Finally, he reminded us that there is a new player in the field of
Telecomms, Computers, TV-Electronics and Multimedia : the Power
companies who are laying down fibre optic cable for power transmission
and realising that it can also be used for digital communications.
The emergence of a competitor to BT and Mercury in the UK, owned by a
power company is a pointer to that. Certainly the future will be
interesting.

I spent the rest of the conference attending various specialised
workshops. The presentations of Tim Stryker from Galacticomm (Major
BBS) and Phil Becker from eSoft were (probably on purpose) at the same
time so I went to see Phil Becker as I am a TBBS sysop. Certainly TWO
BBSCON showed the parting ways of the two big players in the BBS
arena. TBBS is producing the IPAD - a hardware platform to be
connected to your modems and computer to give you Internet access
management in hardware. MBBS on the other hand have tried to develop a
better BBS interface - they have produced a sexy client-server
interface in Visual Basic which is a marvel to behold. The problem
with the TBBS approach is that it is not there yet - since it is
hardware, it requires certification by the FCC, BT, and every phone
company in each country. It will also cost $6000-$7000 per unit in the
US. The problem with Galacticomm's approach is, surprise surprise,
that is not yet there but also that it is proprietary. This great VB
interface can only be used for MBBS. Would the users switch terminal
programs if they wanted to call another BBS ? Galacticomm seem to
have abandoned their belief in BBS RIP graphics and gone
wholeheartedly into the client server bandwagon. TBBS 2.3 on the other
hand comes with RIP built-in, beacuse it has become a graphics
standard for BBSs.

Certainly MBBS had a much higher profile during the conference. There
were four terminals using MBBS software connected to EU-Net and the
World Wide Web for users to browse. They were the sponsors of the gala
dinner. Tim Stryker was a founder member of TWO BBSCON. TBBS and eSoft
on the other hand, shared a stand with Boardwatch and kept quiet.

Galacticomm's client server VB approach seems to be in direct
competition with Durand Communications' GENESYS and Mindwire products.
These are VB-based client server database applications working with
Microsoft Access and BBS technology to produce online search and
retrieval of picture databases. Two applications that have been
implemented include a database of Supermodels and one for Real estate
agents in Santa Barbara, California, where details and pictures of
models and houses are kept on line and queried respectively. This
should be in direct conflict with Galacticomm, although the solutions
seem more bespoke- business oriented than what MBBS has to offer. What
excited the delegates was a new compression technique Durand used,
called ART which is 50% better than JPEG, does not utilise fractal
techniques and provides thumbnail images of the order of 1K per image.

The main event was the gala dinner, where veal was eaten in abundance
- since it is called Kalbfleisch, most Brits ate it without feeling
guilty - and deals and friendships forged. Modem manufacturers with
sysop deals were in demand - US Robotics had a deal available but not
for UK-based sysops unlike Hayes or Supra.

Then there were the Ziff-Davis European shareware awards where
separate awards were given to German, UK and French shareware authors
in games, utilities and 'other' sections. Demonstrations of the awards
were given in real time over a big screen, surprisingly with no
glitches. The overall winner from all three sections was Denis Bertin
from Logiciels Graphiques Vincent, a DTP Corel-like program but with
fantastic capabilities and great ease of use. (French entries, by the
way, were the most impressive of all).

Other events in the gala dinner included a quiz show by Nick Anis
where sysops were asked questions and won prizes. The audience prize
for best answer went to a sysop from Spain who, having been asked how
many bits there are in a byte answered : 'Depends on the phone
company'.

So, in conclusion : was TWO BBSCON a success ? Certainly the
organisers think so, since they will be offering a second exhibition
in May '96 in Munich. Certainly a good time was had by all, including
myself, who picked up advice for running my board (SCROLL - the
London-based board) not least from the very helpful Scots from ALMAC
BBS which is a cross between Compuserve and Demon - at very
competitive prices. Let's hope they will expand south of the border.

The only regret was the under-representation from the UK, but
advertising and marketing may have played its role. Still, there are
very few boards I know of in the UK, compared with Germany, where they
are approaching 3000, or even Holland. This is an area we still have
to catch up on.

John Malathronas can be reached at [email protected]

------------------------------

Date: Tue, 21 Feb 1995 23:16:46 -0500 (EST)
From: Stanton McCandlish <[email protected]>
Subject: File 2--EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS

EFF SUES TO OVERTURN CRYPTOGRAPHY RESTRICTIONS
First Amendment Protects Information about Privacy Technologies

February 21, 1995
San Mateo, California

In a move aimed at expanding the growth and spread of privacy and
security technologies, the Electronic Frontier Foundation is sponsoring a
federal lawsuit filed today seeking to bar the government from restricting
publication of cryptographic documents and software. EFF argues that
the export-control laws, both on their face and as applied to users of
cryptographic materials, are unconstitutional.

Cryptography, defined as "the science and study of secret writing,"
concerns the ways in which communications and data can be encoded to
prevent disclosure of their contents through eavesdropping or message
interception. Although the science of cryptography is very old, the
desktop-computer revolution has made it possible for cryptographic
techniques to become widely used and accessible to nonexperts.

EFF believes that cryptography is central to the preservation of
privacy and security in an increasingly computerized and networked
world. Many of the privacy and security violations alleged in the
Kevin Mitnick case, such as the theft of credit card numbers, the
reading of other peoples' electronic mail, and the hijacking of other
peoples' computer accounts, could have been prevented by widespread
deployment of this technology. The U.S. government has opposed such
deployment, fearing that its citizens will be private and secure from
the government as well as from other vandals.

The plaintiff in the suit is a graduate student in Mathematics at the
University of California at Berkeley named Dan Bernstein. Bernstein
developed an encryption equation, or algorithm, and wishes to publish the
algorithm, a mathematical paper that describes and explains the algorithm,
and a computer program that runs the algorithm. Bernstein also
wishes to discuss these items at mathematical conferences and other open,
public meetings.

The problem is that the government currently treats cryptographic software
as if it were a physical weapon and highly regulates its dissemination. Any
individual or company who wants to export such software -- or to publish
on the Internet any "technical data" such as papers describing encryption
software or algorithms -- must first obtain a license from the State
Department. Under the terms of this license, each recipient of the licensed
software or information must be tracked and reported to the government.
Penalties can be pretty stiff -- ten years in jail, a million dollar
criminal fine, plus civil fines. This legal scheme effectively prevents
individuals from engaging in otherwise legal communications about encryption.

The lawsuit challenges the export-control scheme as an ``impermissible
prior restraint on speech, in violation of the First Amendment.''
Software and its associated documentation, the plaintiff contends, are
published, not manufactured; they are Constitutionally protected works of
human-to-human communication, like a movie, a book, or a telephone
conversation. These communications cannot be suppressed by the government
except under very narrow conditions -- conditions that are not met by the
vague and overbroad export-control laws. In denying people the right to
publish such information freely, these laws, regulations, and procedures
unconstitutionally abridge the right to speak, to publish, to associate
with others, and to engage in academic inquiry and study. They also have
the effect of restricting the availability of a means for individuals to
protect their privacy, which is also a Constitutionally protected interest.

More specifically, the current export control process:

* allows bureaucrats to restrict publication without ever going to court;

* provides too few procedural safeguards for First Amendment rights;

* requires publishers to register with the government, creating in
effect a "licensed press";

* disallows general publication by requiring recipients to be
individually identified;

* is sufficiently vague that ordinary people cannot know what conduct
is allowed and what conduct is prohibited;

* is overbroad because it prohibits conduct that is clearly protected
(such as speaking to foreigners within the United States);

* is applied overbroadly, by prohibiting export of software that
contains no cryptography, on the theory that cryptography could be added
to it later;

* egregiously violates the First Amendment by prohibiting private
speech on cryptography because the government wishes its own opinions
on cryptography to guide the public instead; and

* exceeds the authority granted by Congress in the export control laws
in many ways, as well as exceeding the authority granted by the
Constitution.

If this suit is successful in its challenge of the export-control laws, it
will clear the way for cryptographic software to be treated like any other
kind of software. This will allow companies such as Microsoft, Apple,
IBM, and Sun to build high-quality security and privacy protection into
their operating systems. It will also allow computer and network users,
including those who use the Internet, much more freedom to build and
exchange their own solutions to these problems, such as the freely
available PGP encryption program. And it will enable the next generation
of Internet protocols to come with built-in cryptographic security and
privacy, replacing a sagging part of today's Internet infrastructure.

Lead attorney on the case is Cindy Cohn, of McGlashan and Sarrail in San
Mateo, CA, who is offering her services pro-bono. Major assistance has
been provided by Shari Steele, EFF staff; John Gilmore, EFF Board; and Lee
Tien, counsel to John Gilmore. EFF is organizing and supporting the case
and paying the expenses.

Civil Action No. C95-0582-MHP was filed today in Federal District
Court for the Northern District of California. EFF anticipates that
the case will take several years to win. If the past is any guide,
the government will use every trick and every procedural delaying
tactic available to avoid having a court look at the real issues.
Nevertheless, EFF remains firmly committed to this long term project.
We are confident that, once a court examines the issues on the merits,
the government will be shown to be violating the Constitution, and
that its attempts to restrict both freedom of speech and privacy will
be shown to have no place in an open society.

Full text of the lawsuit and other paperwork filed in the case is available
from the EFF's online archives. The exhibits which contain cryptographic
information are not available online, because making them publicly available
on the Internet could be considered an illegal export until the law is struck
down. We are still uploading some of the documents, including the main
complaint, so please try again later if what you want isn't there yet. See:

http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/
ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/
gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export/Bernstein_case

Press contact: Shari Steele, EFF: [email protected], +1 202 861 7700.

For further reading, we suggest:

The Government's Classification of Private Ideas: Hearings Before a
Subcomm. of the House Comm. on Government Operations, 96th Cong., 2d
Sess. (1980)

John Harmon, Assistant Attorney General, Office of Legal Counsel,
Department of Justice, Memorandum to Dr. Frank Press, Science Advisor to
the President, Re: Constitutionality Under the First Amendment of ITAR
Restrictions on Public Cryptography (May 11, 1978). [Included in the
above Hearings; also online as http://www.eff.org/pub/EFF/Policy/Crypto/
ITAR_export/ITAR_FOIA/itar_hr_govop_hearing.transcript].

Alexander, Preserving High-Tech Secrets: National Security Controls on
University Research and Teaching, 15 Law & Policy in Int'l Business 173
(1983)

Cheh, Government Control of Private Ideas-Striking a Balance Between
Scientific Freedom and National Security, 23 Jurimetrics J. 1 (1982)

Funk, National Security Controls on the Dissemination of Privately
Generated Scientific Information, 30 U.C.L.A. L. Rev. 405 (1982)

Pierce, Public Cryptography, Arms Export Controls, and the First
Amendment: A Need for Legislation, 17 Cornell Int'l L. J. 197 (1984)

Rindskopf and Brown, Jr., Scientific and Technological Information and
the Exigencies of Our Period, 26 Wm. & Mary L. Rev. 909 (1985)

Ramirez, The Balance of Interests Between National Security Controls and
First Amendment Interests in Academic Freedom, 13 J. Coll. & U. Law 179
(1986)

Shinn, The First Amendment and the Export Laws: Free Speech on
Scientific and Technical Matters, 58 Geo. W. L. Rev. 368 (1990)

Neuborne and Shapiro, The Nylon Curtain: America's National Border and
the Free Flow of Ideas, 26 Wm. & Mary L. Rev. 719 (1985)

Greenstein, National Security Controls on Scientific Information, 23
Jurimetrics J. 50 (1982)

Sullivan and Bader, The Application of Export Control Laws to Scientific
Research at Universities, 9 J. Coll. & U. Law 451 (1982)

Wilson, National Security Control of Technological Information, 25
Jurimetrics J. 109 (1985)

Kahn, The Codebreakers: The Story of Secret Writing. New York:
Macmillan (1967) [Great background on cryptography
and its history.]

Relyea, Silencing Science: national security controls and scientific
communication, Congressional Research Service. Norwood, NJ:
Ablex Publishing Corp. (1994)

John Gilmore, Crypto Export Control Archives, online at
http://www.cygnus.com/~gnu/export.html

EFF Crypto Export Control Archives, online at
ftp.eff.org, /pub/EFF/Policy/Crypto/ITAR_export/
gopher.eff.org, 1/EFF/Policy/Crypto/ITAR_export
http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/

--
<A HREF="http://www.eff.org/~mech/"> Stanton McCandlish
</A><HR><A HREF="mailto:[email protected]"> [email protected]
</A><P><A HREF="http://www.eff.org/"> Electronic Frontier Foundation
</A><P><A HREF="http://www.eff.org/1.html"> Online Services Mgr. </A>

------------------------------

From: ACLU Information <[email protected]>
Date: Thu, 23 Feb 1995 10:48:53 -0500
Subject: File 3--ACLU cyber-liberties alert: Axe the Exon Bill!

**ACLU CYBER-LIBERTIES ALERT**

FIGHT ONLINE CENSORSHIP!

AXE THE EXON BILL!

The American Civil Liberties Union urges you to contact the members of
the U.S. Senate Commerce Committee and your own Senators to ask them
to oppose the efforts to turn online communications into the most
heavily censored form of American media.

In a clumsy effort to purge sexual expression from the Internet and other
online networks, the self-described "Communications Decency Act of 1995"
(S.314, introduced by Senator Exon on 2/2/95) would make ALL
telecommunications service providers liable for every message, file, or
other content carried on their networks. Senator Exon is planning to
attach the bill to Senator Pressler's new telecommunications legislation,
which is targeted for action in early March.

The Exon proposal would severely restrict the flow of online information by
requiring service providers to act as private censors of e-mail messages,
public forums, mailing lists, and archives to avoid criminal liability.
The ACLU believes that online users should be the only censors of the
content of the information they receive.

**The Exon proposal broadens existing law by subjecting service providers,
as well as the individuals who actually send messages, to criminal
liability for any "obscene, lewd, lascivious, filthy, or indecent" message
transmitted over their networks.**

If enacted into law, this vague and overly broad legislation could have the
following draconian effects:

* The Exon proposal would prohibit communications with sexual content
through private e-mail between consenting adults, and would inhibit people
from making comments that might or might not be prohibited.

* Under the Exon proposal, service providers would pay up to $100,000 or
spend up to 2 years in jail for prohibited content produced by subscribers
on other networks, over which they had no control.

* The Exon proposal would expand current restrictions on telephone access
by minors to dial-a-porn services to include online access to indecent
material, requiring service providers to purge "indecent" material from
public bulletin boards and discussion groups to avoid accidental viewing by
a minor.

In effect, online providers would be forced to offer to adults only that
content that is "suitable for minors."

S. 314 is nearly identical to an amendment Senator Exon successfully
attached to last year's Senate version of the telecommunications law
overhaul. Last year's bill died for unrelated reasons, but the Senate
Commerce Committee is determined to pass new telecommunications legislation
this year that could easily include the Exon proposal.

The ACLU opposes the restrictions on speech imposed by this legislation
because they violate the First Amendment's guarantee of free expression.
Forcing carriers to pre-screen content violates the Constitution and
threatens the free and robust expression that is the promise of the Net.
The Constitution requires that any abridgement of speech use the least
restrictive means available -- the language of the Exon proposal is clearly
the most restrictive because it sweeps broadly against a wide array of
protected material involving sexual expression.

Stop the information superhighway from becoming the most censored segment
of communications media!

ACT NOW:

Urge members of the Senate Committee on Commerce, Science, and
Transportation:

*To oppose the Exon proposal, or any Senate or House variation.

*To drop the Exon proposal BEFORE it goes to the Senate floor.

*To hold full hearings on the Exon proposal and to review it thoroughly
before it goes to the Senate floor.

*To reject any effort to attach the Exon proposal to the Senate
telecommunications legislation.

THE EXON PROPOSAL COULD BE LAW WITHIN WEEKS IF WE DON'T ACT TODAY.

Send your letter by e-mail, fax, or snail mail to:

Senator Larry Pressler, S.D.
Chairman, Committee on Commerce, Science, and Transportation
SR-254 Russell Senate Office Building
Washington, DC 20510-6125
(202) 224-5842 (phone)
(202) 224-1630 (fax)
e-mail: [email protected]

To maximize the impact of your letter, you should also write to the members
of the Senate Commerce Committee and to your own Senators.

A sample letter is attached.

Majority Members of the Senate Commerce Committee

Senator Bob Packwood, Ore.
SR-259 Russell Senate Office Building
Washington, DC 20510-3702
(202) 224-5244 (phone)
(202) 228-3576 (fax)

Senator Ted Stevens, Alaska
SH-522 Hart Senate Office Building
Washington, DC 20510-0201
(202) 224-3004 (phone)
(202) 224-1044 (fax)

Senator John McCain, Ariz.
SR-111 Russell Senate Office Building
Washington, DC 20510-0303
(202) 224-2235 (phone)
(202) 228-2862 (fax)

Senator Conrad Burns, Mont.
SD-183 Dirksen Senate Office Building
Washington, DC 20510-2603
(202) 224-2644 (phone)
(202) 224-8594 (fax)

Senator Slade Gorton, Wash.
SH-730 Hart Senate Office Building
Washington, DC 20510-4701
(202) 224-3441 (phone)
(202) 224-9393 (fax)
e-mail: [email protected]

Senator Trent Lott, Miss.
SR-487 Russell Senate Office Building
Washington, DC 20510-2403
(202) 224-6253 (phone)
(202) 224-2262 (fax)

Senator Kay Bailey Hutchison, Tex.
SH-703 Hart Senate Office Building
Washington, DC 20510-4303
(202) 224-5922 (phone)
(202) 224-0776 (fax)
e-mail: [email protected]

Senator Olympia J. Snowe, Maine
SR-174 Russell Senate Office Building
Washington, DC 20510-1903
(202) 224-5344 (phone)
(202) 224-6853 (fax)

Senator John Ashcroft, Mo.
SH-705 Hart Senate Office Building
Washington, DC 20510-2504
(202) 224-6154 (phone)
(202) 224-7615 (fax)

Minority Members of the Senate Commerce Committee

Senator Ernest F. Hollings, S.C.
SR-125 Russell Senate Office Building
Washington, DC 20510-4002
(202) 224-6121 (phone)
(202) 224-4293 (fax)

Senator Daniel K. Inouye, Hawaii
SH-772 Hart Senate Office Building
Washington, DC 20510-1102
(202) 224-3934 (phone)
(202) 224-6747 (fax)

Senator Wendell H. Ford, Ky.
SR-173A Russell Senate Office Building
Washington, DC 20510-1701
(202) 224-4343 (phone)
(202) 224-0046 (fax)
e-mail: [email protected]

Senator J. James Exon, Neb.
SH-528 Hart Senate Office Building
Washington, DC 20510-2702
(202) 224-4224 (phone)
(202) 224-5213 (fax)

Senator John D. (Jay) Rockefeller IV, W. Va.
SH-109 Hart Senate Office Building
Washington, DC 20510-4802
(202) 224-6472 (phone)
(202) 224-1689 (fax)

Senator John F. Kerry, Mass.
SR-421 Russell Senate Office Building
Washington, DC 20510-2102
(202) 224-2742 (phone)
(202) 224-8525 (fax)

Senator John B. Breaux, La
SH-516 Hart Senate Office Building
Washington, DC 20510-1803
(202) 224-4623 (phone)
(202) 224-2435 (fax)

Senator Richard H. Bryan, Nev.
SR-364 Russell Senate Office Building
Washington, DC 20510-2804
(202) 224-6244 (phone)
(202) 224-1867 (fax)

Senator Byron L. Dorgan, N.D.
SH-713 Hart Senate Office Building
Washington, DC 20510-3405
(202) 224-2551 (phone)
(202) 224-1193 (fax)

You can also write or fax your own Senator at:

The Honorable ______________________
U.S. Senate
Washington, D.C. 20510

Senate directories including fax numbers may be found at:

gopher://ftp.senate.gov:70
gopher://una.hh.lib.umich.edu:70/0/socsci/polscilaw/uslegi

Additional information about the ACLU's position on this issue and others
affecting civil liberties online and elsewhere may be found at:

gopher:\\aclu.org:6601
OR request our FAQ at [email protected]

-----------------------------------------------cut
here----------------------------------------------------------

SAMPLE LETTER

Dear Senator _______:

I am writing to urge you to oppose the restrictions on speech that would be
imposed by the legislation introduced by Senator Exon, known as the
Communications Decency Act of 1995, S.314, introduced on 2/2/95. The Exon
proposal would severely restrict the flow of online information by
requiring service providers to act as private censors of e-mail messages,
public forums, mailing lists, and archives to avoid criminal liability. I
believe that online users should be the only censors of the content of the
messages they receive.

I urge you to:

*Oppose the Exon proposal, or any Senate or House variation.

*Drop the Exon proposal BEFORE it goes to the Senate floor.

*Hold full hearings on the Exon proposal and review it thoroughly before
it goes to the Senate floor.

*Reject any effort to attach the Exon proposal to the Senate
telecommunications legislation.

Sincerely,

[name]
--
ACLU Free Reading Room | American Civil Liberties Union
gopher://aclu.org:6601 | 132 W. 43rd Street, NY, NY 10036
mailto:[email protected]| "Eternal vigilance is the
ftp://ftp.pipeline.com | price of liberty"

------------------------------

Date: Wed, 01 Mar 1995 15:08:19 -0600
From: /G=Brad/S=Hicks/[email protected]
Subject: File 4--Tired of S.314 Hysteria

Am I the only person tired of being spammed about S.314, or just the
first one to complain about it? Do I have to read seven to ten copies
of this in every newsgroup, even areas as obscure as
alt.games.whitewolf? All this, on top of the maybe twenty or thirty
copies I've gotten as e-mail?

Can there possibly be anyone on the planet with an e-mail address who
=doesn't= know about S.314?

Now, that being said, I finally read one of the marked up copies of
the current law, showing the changes that S.314 would make. And
having read them, I am convinced that every single analysis I have
read is either mistaken, exaggerated, or an outright lie.

It's right there in the text. The section that everybody is scared
of, the one that makes telecommunications vendors responsible for any
obscenity or threats that swim in their bitstreams, is prefaced with
"Whosoever KNOWINGLY ...." (Emphasis added.)

That's right. They left in the word "knowingly." Which means that if
somebody uses your BBS, or your email service, or your anonymous
remailer to send someone an invitation to be the star in a
pornographic snuff film, and you don't know about it, you're not in
violation of the Exon bill.

The easily alarmed might worry that some court will say that you
=could= have known, and therefore =should= have known. But that's not
up to prosecutors, that's up to juries. When witnesses testify as to
how many kilobytes or megabytes flow through your system per night, no
jury is going to say that you should have read it all. If you present
evidence that you couldn't have known, because those bits were all
encrypted and people didn't tell you what was in them, nobody's going
to rule that you =could= have known, let alone =should= have.

So. What do the people who oppose S.314 =and who understand it=
REALLY want? The only reason I see to oppose S.314 is if you =want=
BBS sysops and telephone sex vendors to be immune to obscenity and
harrassment laws.

If you want it to be legal for people to use email, or web pages, or
improvised FidoNets or whatever to send around JPGs of perverts raping
6 year olds, or detailed descriptions of rape/murder/torture fantasies
with people's real names for the victims, or GIFs of people having sex
involving excrement, carving knives, and/or animals ... well, then say
so!

Because if that's what you want, then I agree with you 100%. As the
late great Justice Hugo Black said, "I am a plain and simple man. I
believe that when the Constitution says, 'no laws,' it MEANS 'no
laws.'" Of course, there's no way that the American people will
permit this. However, that's not, in my opinion, a moral reason to
lie about the contents of a proposed law, and stir up a net.lynch.mob.

------------------------------

------------------------------

Date: Sun, 26 Feb 1995 22:51:01 CDT
From: CuD Moderators <[email protected]>
Subject: File 5--Cu Digest Header Info (unchanged since 26 Feb, 1995)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message: SUB CUDIGEST your name
Send it to [email protected] or [email protected]
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message: UNSUB <your name>
Send it to [email protected] or [email protected]
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
In ITALY: Bits against the Empire BBS: +39-464-435189
In LUXEMBOURG: ComNet BBS: +352-466893

UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/cud/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD
ftp://www.rcac.tdi.co.jp/pub/mirror/CuD

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu:80/~cudigest

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.

------------------------------

End of Computer Underground Digest #7.17
************************************