Computer underground Digest Thu Mar 6, 1997 Volume 9 : Issue 16

Computer underground Digest Thu Mar 6, 1997 Volume 9 : Issue 16
ISSN 1004-042X

Editor: Jim Thomas ([email protected])
News Editor: Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Field Agent Extraordinaire: David Smith
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #9.16 (Thu, Mar 6, 1997)

File 1--another CDA brief...
File 2--imapd and ipop3d hole (fwd)
File 3--Hacker Challenges Dark Side Book (fwd)
File 4--Hacking and international law
File 5--Bell-Atl NYNEX Mobile See's 70% Decrease In Fraud Losses
File 6--Higher & Deeper: John Seabrook's CSi book tour
File 7--Novell & Microsoft Win Piracy Suit with Final Frontier BBS
File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------
Date: Tue, 25 Feb 1997 21:10:21 -0600
From: Jon Lebkowsky <[email protected]>
Subject: File 1--another CDA brief...

FOR IMMEDIATE RELEASE

Jon Lebkowsky, an Austin-based Internet activist and author, and
SiteSpecific Inc., a New York City new media company, have filed a friend
of the court brief with the United States Supreme Court, supporting the
findings of the District Court in ACLU v. Reno, the Communications Decency
Act (CDA) case. "We believe the lower court was completely correct in
finding that the CDA was unconstitutional," Lebkowsky said.

In their brief, filed on their behalf by attorney Jamie Stecher of New York
City (212-355-4000), the parties argue that the Court has erred in recent
years by refusing to find that the printing press is the right "metaphor"
for electronic media such as the Internet. "The Court has always
proceeded by analogy in deciding how to regulate new media," Stecher
commented. "For example, in the last century, it held that the telephone
was like the telegraph--and by picking the right metaphor, it resolved the
legal questions before it. However, the Court went seriously astray last
June when it decided an important case pertaining to free speech on cable
television, Denver Area Coalition v. FCC, without specifying whether cable
is to be treated like broadcast, print media, or something else. It is hard
to see how you can specify *how* to regulate something without first
deciding *what* it is."

Lebkowsky agreed. "The Internet is entitled to the highest protection
available for any medium, and print has traditionally received the highest
protection. A holding that the Internet is analogous to print will help
resolve future legal and legislative disputes before they come to a boil,
i.e. any dispute over Internet censorship could then be resolved easily by
asking how we treat print media. If the CDA or any similar law would be
unconstitutional if applied to books and magazines, it shouldn't be
constitutional for the Net, either."

Jonathan Wallace, co-author of Sex, Laws and Cyberspace (Henry Holt, 1996)
and a plaintiff in ACLU v. Reno, welcomed the filing of the brief. "In the
book, we say that 'Cyberspace is a constellation of printing presses and
bookstores,'" Wallace noted. "This brief helps to address a gap in the
government's logic. Would you really treat Catcher in the Rye differently
between paper covers and in electronic format? That's what one Congressman
suggested, the day the CDA passed. Finding that the Internet is a form of
print media will forestall that possibility."

The Supreme Court will hear arguments in ACLU v. Reno on March 19th.

--
Jon Lebkowsky * [email protected] * www.well.com/~jonl
- Austin conference, Electric Minds (www.minds.com)
- Electronic Frontiers Forum, HotWired (www.hotwired.com/eff)
- Vice President, EFF-Austin (www.eff-austin.org)

------------------------------

Date: Mon, 3 Mar 1997 01:17:48 -0500 (EST)
From: "[email protected]" <[email protected]>
Subject: File 2--imapd and ipop3d hole (fwd)

Source -Noah

---------- Forwarded message ----------
Date--Sun, 2 Mar 1997 21:42:14 -0700
From--David Sacerdote <[email protected]>

Secure Networks Inc.

Security Advisory
March 2, 1997

Buffer Overflow in imapd and ipop3d

A vulnerability exists within Mark Crispin's mail server toolkit that will
allow arbitrary individuals to obtain root access to servers running
imapd and ipop3d. This vulnerability is present in both the POP3 and IMAP2bis
servers included in the PINE distribution, as well as the IMAP2bis and
IMAP4 servers included in Mr. Crispin's IMAP toolkit.

Technical Details
~~~~~~~~~~~~~~~~~
The vulnerable mail servers call a library routine to affect a
Unix "login", authenticating the user against it's password. A
stack overrun exists in this routine. In essence this will allow
any client with the ability to attempt a login to enter an overly
long username to cause arbitrary machine code to execute.

Both the POP and IMAP servers Mr. Crispin distributes discard
supervisory privileges sometime after this authentication phase.
Unfortunately, the overflow occurs before this happens, and the
vulnerability will thus allow an attacker superuser access.

The problematic routine is server_login(), which is in
"log_xxx.c" in the OS-dependent code tree of the server source
distribution. The problem occurs due to the routine's attempt to
allow a case insensitive match on the username, which it does by
copying the username provided to the routine into an automatic
variable in the routine's stack.

The username buffer is MAILTMPLEN long, which defaults to 1024
bytes. Unfortunately, the server's input buffer is greater than
this, allowing a remote client to feed the routine a username
greater than 1024 bytes. If the excess characters in this
username contain a valid virtual memory address, the routine will
overwrite it's stack frame when copying the username, causing the
return from the routine to jump to an unexpected location.

Interestingly, the buffer is converted to lowercase after being
copied. This provides a slight technical challenge, as the
machine code required to take over the server contains uppercase
characters. However, modifications to the "standard" stack
overrun exploit code to reverse the affects of this lowercasing
were trivial. On i386 4.4BSD, the VM address required to redirect
server_login()'s return need not contain uppercase
characters.

The flawed code reads:

long server_login (char *user, char *pass, int argc, char *argv[])
{
char tmp[MAILTMPLEN];
struct passwd *pw = getpwnam (user);
/* allow case-independent match */
if(!pw) pw = getpwnam (lcase (strcpy (tmp, user)));

<complete server login and return>
}

Impact
~~~~~~

Remote individuals, who do not have a valid username and password for
the mail server, can obtain root access to systems running a vulnerable
IMAP or POP server.

Vulnerable Systems
~~~~~~~~~~~~~~~~~~

Any system running Mark Crispin's POP or IMAP server, of a release
earlier than 4.1beta is vulnerable. To determine whether your system
is vulnerable, telnet to ports 109, 110, 143 and 220. If you see a banner
looking like:

* OK example.com IMAP2bis Service 7.8(92) at Mon, 3 Mar 1997 12:00:00
-0500 (EST)

or:

* OK example.com IMAP4 v10.00 server ready

or:

+OK example.com POP3 3.0(10) w/IMAP client (Report problems in this server
to [email protected]) at Mon, 3 Mar 1998 12:00:00 -0500 (EST)

Then your system is vulnerable. If you see "POP3 3.3" or "IMAP4rev1"
or later, your POP or IMAP server is not vulnerable.

POP servers not derived from Mark Crispin's code, including the somewhat
confusingly named "pop3d" from the University of California at Davis are
not vulnerable to the attack described in this advisory. Similarly,
the University of California at Berkeley popper, and derived POP servers,
including the Qualcomm popper, are not vulnerable to this attack.

Fix Information
~~~~~~~~~~~~~~~

As a temporary workaround, you can disable the POP and IMAP services
in /etc/inetd.conf, and then kill and restart inetd.

You can fix the problem in the source yourself, by changing the
server_login() function to read:

char tmp[MAILTMPLEN];
struct passwd *pw = getpwnam (user);

if(!pw) {
strncpy(tmp, user, MAILTMPLEN - 1);
pw = getpwnam(lcase(tmp));

Or, as a final option, you can switch to the IMAP 4.1 beta distribution,
which can be found at ftp://ftp.cac.washington.edu/mail/imap.tar.Z.

Additional Information
~~~~~~~~~~~~~~~~~~~~~~

If you have any questions about this advisory, feel free to contact me,
by sending mail to [email protected] If you wish to encrypt your
messages to me, feel free to use the following PGP public key.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzJ4qJAAAAEEAOgB7mooQ6NgzcUSIehKUufGsyojutC7phVXZ+p8FnHLLZNB
BLQEtj5kmfww2A2pR29q4rgPeqEUOjWPlLNdSLby3NI8yKz1AQSQLHAwIDXt/lku
8QXClaV6pNIaQSN8cnyyvjH6TYF778yZhYz0mwLqW6dU5whHtP93ojDw1UhtAAUR
tCtEYXZpZCBTYWNlcmRvdGUgPGRhdmlkc0BzaWxlbmNlLnNlY25ldC5jb20+
=LtL9
-----END PGP PUBLIC KEY BLOCK-----

Further information about the Interactive Mail Aaccess Protocol can be
found in RFCs 1731, 1732, 1733, 2060, 2061, 2062, 2086, 2087, 2088, and
2095. Further information about the Post Office Protocol can be found
in RFCs 1939 and 1957. Copies of RFCs can be found at
http://ds.internic.net/rfc/rfcXXXX.txt

For further information about Secure Networks Inc, including product
information, past advisories, and papers, see http://www.secnet.com

If you wish to obtain Secure Networks advisories via our mailing list,
please send mail to [email protected], with a single line
reading:
subscribe sni-advisories

Copyright
~~~~~~~~~

The contents of this advisory are Copyright (C) 1997 Secure Networks Inc,
and may be distributed freely provided that no fee is charged for
distribution, and that proper credit is given.

imapd and ipop3d fall under the following license:

Copyright 1997 by the University of Washington

Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted, provided
that the above copyright notice appears in all copies and that both the
above copyright notice and this permission notice appear in supporting
documentation, and that the name of the University of Washington not be
used in advertising or publicity pertaining to distribution of the software
without specific, written prior permission. This software is made
available "as is", and
THE UNIVERSITY OF WASHINGTON DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
WITH REGARD TO THIS SOFTWARE, INCLUDING WITHOUT LIMITATION ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND IN
NO EVENT SHALL THE UNIVERSITY OF WASHINGTON BE LIABLE FOR ANY SPECIAL,
INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, TORT
(INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF OR IN CONNECTION
WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

------------------------------

Date: Fri, 28 Feb 1997 17:13:03 -0600 (CST)
From: Computer underground Digest <[email protected]>
Subject: File 3--Hacker Challenges Dark Side Book (fwd)

((MODERATORS' NOTE: TELECOM Digest is an electronic journal
devoted mostly but not exclusively to telecommunications topics.
It is circulated anywhere there is email, in addition to various
telecom forums on a variety of public service systems and
networks including Compuserve and America On Line. It is also
gatewayed to Usenet where it appears as the moderated newsgroup
'comp.dcom.telecom'. Subscriptions are available to qualified
organizations and individual readers. Write and tell us how you
qualify:
* [email protected] *
======

TELECOM Digest Mon, 24 Feb 97 09:07:00 EST Volume 17 --Issue 51
Date--Mon, 24 Feb 1997 00:48:43 PST
[email protected] (Tad Cook)

Hacker challenges `dark side' book
By Simson Garfinkel

Special to the Mercury News

KEVIN Poulsen was one of the most talented "dark side hackers" ever to
phreak a phone call.

For more than two years, Poulsen lived the life of a fugitive as part
of the seedy Los Angeles underground. He made money by reprogramming
Pacific Bell's computers for pimps and escort services, re-activating
old telephone numbers and building a voice-mail network pairing
prostitutes with their johns.

And he cleaned up by messing with the phones used by Los Angeles radio
stations, rigging their call-in contests so that he would always win
the big bucks or the car.

But Poulsen got caught and he spent more than five years in jail.

Behind bars in 1993, Poulsen did what any phone phreak would do: He
picked up the pay phone and started making collect calls. But these
calls where different: they went to Jonathan Littman, a journalist in
Mill Valley who had just published a magazine article about Poulsen's
crimes and exploits and was about to write a book on the same topic.

Poulsen wanted to make sure that Littman got the story right. He felt
that Littman had made a lot of mistakes in the magazine article.

Today, Poulsen feels somewhat betrayed by the journalist to whom he
gave total access. After reading an advance copy of Littman's book,
Poulsen says Littman has twisted the truth in order to make a more
compelling story.

"Most of my complaints about Littman's book are small things," said
Poulsen, who is on parole and living in Sherman Oaks, a Los Angeles
suburb. "He has major events right but then he changes the meaning of
them by changing minor events and making up quotes."

Littman stands by his work.

The book, "The Watchman: The Twisted Life and Crimes of Serial Hacker
Kevin Poulsen," is due to be published next month by Little, Brown and
Co. It's an insider's look at the world of a criminal computer hacker,
one of the most detailed yet published.

"He was one of the first to hack the Internet and get busted for it,"
said Littman, referring to Poulsen's 1984 arrest for breaking into
university computers on the ARPAnet, predecessor to today's Internet.

"They decided not to prosecute him because he was 17" when he was
arrested, Littman said. Instead, Poulsen was hired by a Silicon Valley
defense contractor. "It was every hacker's dream -- to commit a crime
and instead of going to jail, to get a job with what was a top think
tank and defense contractor," Littman said.

Soon, however, Poulsen was back to his old tricks -- with a vengeance,
according to the book. He started physically breaking into Pacific
Bell offices, stealing manuals and writing down passwords. Much of
what he found went into a storage locker. But Poulsen couldn't handle
his finances, and got behind in his rent. When the locker company
broke open Poulsen's lock his stash was discovered and a trap was
laid. As the FBI closed in, Poulsen left town, a fugitive on the run.

Guilty plea

He was caught June 21, 1991, and spent nearly three years in pre-trial
detention. On June 14, 1994, in federal court in Southern California,
he pleaded guilty to seven counts of computer fraud, interception of
wire communications, mail fraud, money laundering and obstruction of
justice. He was then transferred to Northern California to face a
spying charge, based on his possession of material the government
called classified. He pleaded guilty to fraud, possession of
unauthorized access devices and fraudulent use of a Social Security
number, and was released June 4, last year.

The Watchman is Littman's second book on the computer hacker
underground. His first, "The Fugitive Game," followed the exploits of
hacker Kevin Mitnick, who was on the run and eventually caught by
computer security expert Tsutomu Shimomura and New York Times reporter
John Markoff. Shimomura and Markoff wrote their own book describing
the chase, and they both objected to Littman's version of the events.

For his part, Poulsen seems most angry about the implication of the
new book's title -- that he was somehow obsessed with eavesdropping
and largely acted alone.

Only two wiretaps

In the book, Littman has Poulsen listening to dozens of conversations
-- even wiretapping the telephones of people trying to sell used
equipment through newspaper classified ads, to see if they are being
honest with their prices.

Poulsen insists that he wiretapped the telephones of only two people:
another hacker who was also an FBI informant and his high-school
girlfriend.

"He also reports that I obsessively followed the details of every
escort date, including details of the tricks," Poulsen says, among
other complaints. "He made that up. Totally made that up."

Littman denies making up quotes, and insists that everything in the
book was told to him by one of the participants.

"I've written a book about a very complicated story about
controversial people who had very different versions of what
happened," Littman said. "I've done the best I can to view them
objectively. Somebody else might view them differently, and the
participants obviously have a subjective perspective. My views are in
the book."

But Poulsen says that Littman's fundamental premise is flawed. "John
had a problem in writing this book," Poulsen said. "He wanted to sell
it as the troubled loner-hacker-stalker guy. The problem is I had five
co-defendants and it is hard to portray someone as a troubled loner
when you have five other people making it happen."

Not a loner

Ron Austin, Poulsen's friend and co-conspirator, agrees. "Littman has
to write an interesting book, I guess," he said. "He downplays the
role of a lot of people, but I think that's because he is writing a
book about Kevin. My role is downplayed." Austin also said the role of
Justin Petersen, a hard-rocking hacker and co-conspirator is
underplayed.

Austin, also on parole, said he is concerned that the controversy
regarding Littman's portrayal of Poulsen might obscure some of the
more important issues raised by Littman's book: That the FBI engaged
in widespread wiretapping of foreign consulates in the San Francisco
area, the FBI's apparent hiring of an informant to commit illegal acts
on the agency's behalf, and that the FBI's apparent ability to decrypt
files on Poulsen's computer that had been encrypted with the
U.S. government's Data Encryption Standard, a popular data-scrambling
algorithm.

The FBI office in Los Angeles declined to comment on the Poulsen
case. A representative of the FBI's Washington office said, "We
normally do not comment on books that are coming out until we have had
an opportunity to review the book."

As a condition of his plea bargain, Poulsen is prohibited from
discussing FBI wiretaps.

Littman said he feels "lucky as a writer to have been able to spend
some time with Poulsen and these other characters in the story."

"One thing about Poulsen is he really had a very highly developed
ethical model that he believed in," Littman said. "He found it
challenged by his circumstances and the people he associated with. I
found it fascinating to see how he resolved this age-old computer
hacker ethic with a changing world."

------------------------------

Date: Wed, 26 Feb 1997 13:12:42 +0100 (MET)
From: Felipe Rodriquez <[email protected]>
Subject: File 4--Hacking and international law

Hi,

I thought you'd be interested in this message I got:

>From--"Ivo Skoric" <[email protected]>

Problem:
Last week three teenage high school students from Zadar, Croatia,
hacked into some Pentagon secret files (Anderson nuclear facility being
the one among claimed by DoD). Just for fun, as hackers do. Croatia is
still in its early years of cyberspace: government did not yet realize the
powers of the Net, and those who are, are young mischievous political
moderates. Students' teacher, their parents, their school, their town -
they are all very proud of their children exceptional computer prowess.
School's message board boldly displays a mock flier offering Pentagon
secrets at discount. Price is set after Pentagon came forward claiming
that this was not an innocent "no damage done" hacking: they say that
there is approximately half a million dollars damage done, and they sent
their lawyers to Croatia to collect. The kids, their parents, their school
or even their town can't pay that sum. Here in the U.S. Pentagon
downplays the event and the abundance of American free media stays
silent. Nevertheless, they requested through Interpol that Croatian
police seize the hardware from teenage hackers, if not outright arrest
them - although hacking into computers is not illegal in Croatia (and
hackers unpunished broke into Croatian DoD several times). They were
not arrested, but their equipment was seized.

Question:
Can the U.S. enforce its law abroad? Are non-U.S. citizen mandated to
follow the U.S. law in their own countries of origin?

Evaluation:
If the U.S. is allowed it's law abroad, becoming the world district
attorney (the natural development from its previous title - the world
policeman), then other countries are already in a quasi-colonial position.
If a U.S. citizen broke some Croatian law in the U.S. in a way to cause
damage to some Croatian government institution, American media might
remind us of how Croatian government is essentially an undemocratic,
authoritarian structure, who, lets hint, might have deserved the intrusion.
This sends a signal around the world that each country sovereignty is
limited by the laws of the only remaining superpower. However, if the
U.S. is not allowed to enforce it's law abroad in such situations like this
one, then every hacker in every corner of the world will go for that
highest prize: the U.S. military and intelligence computers.

Solutions:
a) The U.S. can take Croatia as the 51st state, making its citizens
liable for breaking an American law. Also, with the same living
standard, people of Croatia might be more receptive to American
law.
b) The U.S. may launch a TOCHL, a TOEFL like Test Of
Computer Hacking Language, to be administered at embassies
and consulates. The INS would then unconditionally give green
cards to those who placed in the top 3% every year (that might be
also better for the U.S. economy than the immigration lottery
which often brings over people who don't know what to do with
their prize). After a few years this would male all the top world
hackers answer to American law.
c) The U.S. may forgive them one or two war criminals at The
Hague if Croats let them have the damn kids.
d) Pentagon may promise Croatian President to keep him in power
until he dies of his lymph nodes cancer (for which he is already
occasionally treated at American military hospitals), if he pays
the proposed fee of half million.
e) The U.S. government may propose and host (I bet this idea is
already circulating) an international convention to impose it's
cyber-cop policies on others by threatening them with techno-sanctions
should they not abide - yet this may backfire to the
host.

------------------------------

Date: Mon, 3 Mar 1997 18:16:14 -0500 (EST)
From: "[email protected]" <[email protected]>
Subject: File 5--Bell-Atl NYNEX Mobile See's 70% Decrease In Fraud Losses

From -Noah

---------- Forwarded message ----------
Date--Mon, 3 Mar 1997 17:17:22 -0500
From--Bell Atlantic <[email protected]>
Thanks To High-Tech Solutions

NEWS RELEASE *********************************************************
******************************************* BELL ATLANTIC NYNEX MOBILE

FOR IMMEDIATE RELEASE CONTACT:
March 3, 1997 Maggie Aloia Rohr (908)306-7757
[email protected]

BELL ATLANTIC NYNEX MOBILE SEES 70% DECREASE IN FRAUD LOSSES
THANKS TO HIGH-TECH SOLUTIONS

Aggressive Work with Law Enforcement Nets More Than 390 Arrests

CTIA WIRELESS '97 SAN FRANCISCO -- The implementation of
Authentication and RF Fingerprinting technology has led to significant
decreases in cellular fraud for Bell Atlantic NYNEX Mobile. Since May
of 1996, when the company led the industry in launching Authentication
service, Bell Atlantic NYNEX Mobile has seen an overall fraud decrease
of 70 percent month over month; specifically, a 74 percent decrease in
home fraud and a 57 percent decrease in roaming fraud.

In addition, Bell Atlantic NYNEX Mobile works with law enforcement
agencies to pursue and prosecute cloners and distributors of cloned
phones and equipment. Last year, the company's efforts netted more
than 390 arrests, and the recovery of more than 110,000 stolen
cellular phone number/serial number combinations. The company also
assists in prosecuting cellular thieves to the fullest extent of the
law. One case resulted in a six year federal jail sentence and more
than $97,000 in ordered restitution to Bell Atlantic NYNEX Mobile and
other carriers.

"While we are extremely encouraged by the decreases we've seen, we
cannot eliminate fraud on our own, especially roaming fraud," said
Nick Arcuri, vice president-fraud control. "We are actively
encouraging our roaming partners to join us in the fight by exchanging
fraud information and by implementing solutions such as networking of
authentication and RF Fingerprinting systems."

Bell Atlantic NYNEX Mobile's aggressive fraud prevention plan is based
on a three-pronged approach -- prevention, detection, and prosecution.

Fraud prevention centers around implementing network solutions to stop
fraud before it affects the customer. Authentication and RF
Fingerprinting technology deployments are the cornerstones of this
approach. Since last May, the company has rolled out Authentication
and RF Fingerprinting technology in all its major markets. Nearly
two million Bell Atlantic NYNEX Mobile customers are protected by
Authentication and RF Fingerprinting when in the Bell Atlantic NYNEX
Mobile footprint or when roaming in markets where the company has
interconnected its fraud protection services with other carriers.

The second approach to fighting cellular fraud is early detection.
The company's in-house fraud task force uses sophisticated
fraud-detection software to alert customers and shut down cloners
quickly.

Lastly, Bell Atlantic NYNEX Mobile aggressively pursues cellular
cloners and dealers of stolen equipment. The company provides
training, support, and assistance to local, state, and federal law
enforcement officials and employs private investigation firms to
jointly combat the problem.

Bell Atlantic NYNEX Mobile is the largest wireless service provider on
the East Coast and the second largest in the United States. The
company owns and operates the most extensive network in the east,
covering 111,000 square miles, and the largest chain of wireless
retail outlets offering a full range of wireless personal
communications services, including voice, data and paging. Based in
Bedminster, NJ, Bell Atlantic NYNEX Mobile has 4.4 million customers
and 6,500 employees in the Northeast, mid-Atlantic, Southeast, and,
through a separate subsidiary, in the Southwest. The company was
formed in July, 1995, by combining the cellular operations of Bell
Atlantic Mobile and NYNEX Mobile.

------------------------------

Date: Thu, 13 Feb 1997 20:24:42 -0600 (CST)
From: Crypt Newsletter <[email protected]>
Subject: File 6--Higher & Deeper: John Seabrook's CSi book tour

To set the right stage for the following bit of news on author and New
Yorker reporter John Seabrook, it's necessary for Crypt News to steal
outright from Eric Alterman's description of the pundit Morton Kondracke
in "Sound & Fury," an analysis of the Beltway political punditocracy.
Alterman likened Kondracke disparagingly to Ayn Rand's Lancelot Clokey,
a social critic in "The Fountainhead" whose literary celebrity was purely
the creation of the people he worked for.

Like Morton Kondracke, John Seabrook is another Lancelot Clokey --
cyberspace's. In the past, he's been memorable for overwrought features
in New Yorker magazine on swapping e-mail with Bill Gates and being
flamed by David Sternlight. The latter incident apparently so unnerved
Seabrook, he momentarily believed he'd been attacked by a computer
virus.

Like Lancelot Clokey, John Seabrook is an author -- "Deeper: My Two-Year
Odyssey in Cyberspace" (Simon & Schuster). In the months to come you can
expect Seabrook's book, like Clokey's "The Gallant Gallstone," to be
praised to the heavens by critics who assuredly know better. Soon
thousands and thousands of copies of "Deeper" will sell and the name
"Seabrook" will be on the lips of all the wired kingdom's digerati. Like
Clokey, Seabrook will believe his reviews, lose all perspective (actually,
he's already in this phase if the following interview is an indicator),
and live the life of the brilliant social critic and public philosopher
when in reality he's done "nothing more outstanding than sleeping, eating
and chatting with neighbors."

On the p.r. junket for "Deeper," Seabrook came to CompuServe this week
and talked on-line for about an hour in front of an audience of
five -- six or seven if you count his mother plus the handler from People
magazine, the outlet sponsoring the conference. It didn't matter that
there weren't many real questions, Seabrook had answers: cliches as quips,
contradictory statements, whizz-bang "hey-even-I-coulda-thought-of-that"
pronouncements and some clowning.

Here then, a sampling of Seabrook quote from the interview --

To no one in particular:

"Pop culture is a weird thing."

On why the Net is sometimes "nasty:"

"There is a nasty side to lots of people, but some people do a
better job of keeping it civilized -- which is good. On-line lowers
the curtain of civilization. But sometimes it's good to be nasty.
It gets the nastiness out that would otherwise be used in the real
world."

On the ["mountain men and pioneers"] of the Internet:

"They [the mountain men] are going to have to figure out how to get
along. The frontier is over. Now it's the next phase. It's more like
the town than the frontier now. The mountain men are probably feeling
a little blue."

On journalism and reporting from the Internet:

"If I had to do my reporting work on the Net, I'd be fucked. [But not
_too fucked_ for the New Yorker gig and book tour. -- Crypt News] I never
use the Net for information gathering -- it's lousy for that. The public
library in NYC is much better."

On Bill Gates and how the jig's up for the master of Microsoft:

"It's amazing Gates caught onto the Net at all. He is about one man alone
with his machine, not connectivity. He's faking it now -- I don't think
he's [going to] survive for long."

And then, contradicting himself in the same breath, how Gates will
conquer Netscape:

". . . as to Netscape, I think it will end up like Apple. Microsoft has
already successfully copied Netscape, just as it did Apple. It will
slowly market it out of business."

The next one is quite original. Wouldn't you want to read a book by
an author who had this to say about America On-Line in early 1997:

"AOL sucks!"

Again on Bill Gates, the one-time subject of a lengthy Seabrook/New Yorker
treatise:

"I don't exchange e-mail with him. I don't have that much to say to him,
I guess. If I really wanted to talk to him, I'd e-mail him, but I doubt
he'd e-mail me back. Fuck him."

On the Internet, again, this time parroting the People magazine handler
who asked if the Internet was a "giant time sink:"

"The Net is a giant time sink."

On what he's writing about now:

"Now I am writing a story about a young would-be rock star."

And on writing about the Net, again:

"Actually I don't think I'll be writing about computers or the Net
again for awhile, maybe never. I feel like I said everything I
have to say . . . or what I haven't, I'll say on the book tour
gigs."

Near the end, Seabrook's handler asked how his book could do well
in a time when Net books are classed as "failed" because they're Net books
(Nope, I'm not making this up.) The answer, of course, was Seabrook's
Net book is _different_ because it's not really a Net book:

["Deeper"] is sort of different though. It's not really about the Net,
it's about one man's experience of the Net. It's more of a memoir of Net
use than a book about the Net."

George Smith
Crypt Newsletter

------------------------------

Date: Mon, 24 Feb 1997 08:38:59 -0800
From: [email protected]
Subject: File 7--Novell & Microsoft Win Piracy Suit with Final Frontier BBS

((MODERATORS' NOTE: The first few lines of the header were
garbled. We apologize to the poster(s) who sent the following))

FOR IMMEDIATE RELEASE --- February 24, 1997

Novell and Microsoft Win Ruling in Lawsuit With the Final
Frontier BBS

OREM, Utah * February 24, 1997 * Novell, Inc. and Microsoft
announced they have received a crucial ruling in their lawsuit against
The Final Frontier Bulletin Board System (BBS). The United States
Bankruptcy Court for the District of Arizona ruled that the system
operator for The Final Frontier is responsible for damages to the
software companies.

Microsoft and Novell first became aware that The Final Frontier was
dealing in illegal software when investigators were able to log onto the
board using an alias and download the illegal software. Further
investigation revealed that The Final Frontier was a member of two
groups specializing in illegal software. The two groups, Nokturnal
Trading Alliance (NTA) and Rise in Superior Couriering (RISC) are well
known in the BBS world.

Investigators from Novell and Microsoft were able to verify 146 improper
downloads in a very short period of time. The Bankruptcy Court awarded
$73,000.00 to Microsoft and Novell based upon the number of illegal
downloads of each company's software. In its ruling the court stated,
*The economic reality is that any amount awarded is the functional
equivalent of an economic death sentence to this debtor.....if the debtor's
financial circumstances were better or the violations had been for profit,
the award would have been larger*.

Harrison Colter, attorney for Novell, stated * The judges words *economic
death sentence' send a very powerful message. I hope others get the
message so that they do not suffer the same fate for their illegal
activities.*

*Although we are competitors in the marketplace, the damaging effects
of software piracy greatly harm both of our companies and ultimately the
entire software industry and its consumers,* commented Jim Lowe,
Microsoft Corporate Attorney. *Neither Microsoft nor Novell will stand by
while bulletin boards illegally offer our products to download.*

Novell has established an anti-piracy group and telephone hot line for
reporting illegal use of Novell software or making related inquiries. Call
1-800-PIRATES (800-747-2837) or send e-mail to [email protected].

Consumers with questions about the legitimacy of Microsoft products
should call the Microsoft Anti-piracy Hotline at 1-800-RU-LEGIT or e-mail
[email protected]. To receive more information about software
piracy, call the Business Software Alliance (BSA) Anti-piracy Hotline at
1-888-NO-PIRACY or e-mail [email protected].

Founded in 1983, Novell (NASDAQ: NOVL) is the world's leading
provider of network software. The company offers a wide range of
network solutions for distributed network, Internet, intranet and
small-business markets. Novell education and technical support
programs are the most comprehensive in the network computing
industry. Information about Novell's complete range of products and
services can be accessed on the World Wide Web at
http://www.novell.com.

Founded in 1975, Microsoft (NASDAQ: *MSFT*) is the worldwide leader
in software for personal computers. The company offers a wide range
of products and services for business and personal use, each designed
with a mission of making it easier and more enjoyable for people to take
advantage of the full power of personal computing every day.
###

Novell is a trademark of Novell, Inc.
Microsoft is a trademark of Microsoft, Inc.

Microsoft Contact:
Karen Porter
Phone: (206) 936-5992
Fax (206) 936-7412
Internet: [email protected]

Novell Contact:
Steve Kirk
Phone: (801) 228-8801
Fax (801) 228-8875
Internet: [email protected]

------------------------------

Date: Thu, 15 Dec 1996 22:51:01 CST
From: CuD Moderators <[email protected]>
Subject: File 8--Cu Digest Header Info (unchanged since 13 Dec, 1996)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

SUBSCRIBE CU-DIGEST
Send the message to: [email protected]

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to [email protected]
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (860)-585-9638.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
In ITALY: ZERO! BBS: +39-11-6507540
In LUXEMBOURG: ComNet BBS: +352-466893

UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.

------------------------------

End of Computer Underground Digest #9.16
************************************